last executing test programs:

13.370281684s ago: executing program 2 (id=2080):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x48241, 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x3b, 0x1, 0x0, 0x0, 0x0, 0x89, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x2, @perf_bp={0x0, 0xa}, 0x0, 0x0, 0x2, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b708000000f1ff007b8af8ff00000000bfa2000000"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
mq_notify(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x3c, 0x2})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000780)=ANY=[], 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={0x0, r3, 0x0, 0xfffffffffffffffd}, 0x18)
r4 = socket$inet(0x2, 0x4000000000000001, 0x100)
bind$inet(r4, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000580)='kmem_cache_free\x00', r6}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x15, 0x0, 0x0)
recvmsg(r4, &(0x7f0000001500)={0x0, 0xa, &(0x7f0000002200)=[{&(0x7f00000035c0)=""/4106, 0x200045ca}], 0x1, 0x0, 0x46, 0x407006}, 0x104)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000140)={@val={0x800e}, @void, @eth={@broadcast, @local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x4, 0x0, @empty, @multicast1}, {0x0, 0x0, 0x14, 0x0, @opaque="6f841fcaf955c253e28c7ab3"}}}}}}, 0x3a)

12.483876467s ago: executing program 2 (id=2120):
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @loopback}}, 0x80, &(0x7f00000004c0)=[{0x0}, {0x0}], 0x2, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x0)

12.436379517s ago: executing program 2 (id=2122):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000140), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000400)=@gcm_128={{0x303, 0x38}, "be00", "00000c70423a000000000000ffff00", "ec69d337", "df02000000000ece"}, 0x28)

12.194109948s ago: executing program 2 (id=2139):
futex_waitv(&(0x7f0000001080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001100)={'nat\x00', 0x0, 0x0, 0x90, [], 0x2, 0x0, 0x0}, &(0x7f0000001180)=0x108)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r3=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)=ANY=[@ANYBLOB="5000000010000304000000040000000000000000", @ANYRES32=0x0, @ANYBLOB="05a00200000000002800128009000100766c616e00000000180002800c000200540a00001d000000060001000000000008000500", @ANYRES32=r3], 0x50}, 0x1, 0xba01}, 0x20)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = syz_clone(0x100200, &(0x7f00000002c0)="a79fb8abe2033f921984566f53e0dab475f9bc0043e9eea1c7e714a477db74772f77299b764618dec28c6a7a419ade15399b8be3e441b8d251ba21d9e405e3595dcb383440e0b2e485a5a6766f8bea9ec9d02ab84a17a31824e6385b9cd82f0f7c024d866ea6662d", 0x68, &(0x7f0000000340), &(0x7f0000000380), &(0x7f00000003c0)="55cce0089926e8603a6f119951e89f2f5d85963d6fc0b0e5f339322688849e3fb328a24da56af45560249855311e845885c270e78531afd52b0ee283d4baa6a92e0ec62ce074dd04f0bbb33189bbd75a230809b1e98a46ae45b5c7e2bc")
sendmsg$nl_route(r4, &(0x7f0000000900)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000008c0)={&(0x7f0000000840)=@ipv4_newaddr={0x78, 0x14, 0x200, 0x70bd2c, 0x25dfdbff, {0x2, 0x78, 0x18}, [@IFA_LOCAL={0x8, 0x2, @multicast1}, @IFA_RT_PRIORITY={0x8, 0x9, 0x6}, @IFA_RT_PRIORITY={0x8, 0x9, 0xfffffff9}, @IFA_BROADCAST={0x8, 0x4, @loopback}, @IFA_ADDRESS={0x8, 0x1, @loopback}, @IFA_LABEL={0x14, 0x3, 'geneve1\x00'}, @IFA_ADDRESS={0x8, 0x1, @remote}, @IFA_LABEL={0x14, 0x3, 'ipvlan0\x00'}, @IFA_FLAGS={0x8, 0x8, 0x1}]}, 0x78}, 0x1, 0x0, 0x0, 0x48814}, 0x1)
syz_open_procfs(r5, &(0x7f0000000440)='net/ip6_flowlabel\x00')
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)=ANY=[@ANYBLOB="50000000100003040000000000000000f2000000", @ANYRES32=0x0, @ANYBLOB="00000000000000002800128009000100766c616e0000000018000280060001"], 0x50}, 0x1, 0xba01}, 0x0)
r6 = socket(0x10, 0x3, 0x0)
write(r6, &(0x7f0000000000)="2400000011005f0414f9f40700090400810000000d0000000000000008000f0001000000", 0x24)
creat(&(0x7f00000000c0)='./file0\x00', 0xc9028ba210c11e88)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="1c00000015000100000000000000000001000000080001"], 0x1c}}, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$PPPIOCSMRU(0xffffffffffffffff, 0x40047452, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x2800800, &(0x7f0000000600)={[{@user_xattr}, {@data_err_abort}, {@resuid}, {@errors_remount}, {@discard}, {@nojournal_checksum}, {@stripe={'stripe', 0x3d, 0x5}}, {@noinit_itable}, {@nomblk_io_submit}, {@grpquota}, {@nogrpid}]}, 0x1, 0x54f, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbZdnamc8HbnvOvTc995t7v6fn5iQkgKE1kf0oRLwcEd8kEQfbto1GvnFibb/V+1dnsyWJRuPTv5JI8nWt/ZP89/688lJE/PZVxPHCxnZryysLpXI5Xczrk/XKpcna8sqJC5XSfDqfXpyemTn19sz0e+++M7BY3zj7z/ef3P7w1NdHV7/75e6hm0mcjgP5tvY4nsC19spETOTPyVicfmTHqQE0tpMk230A9GUkz/OxyPqAgzGSZz3w//dlRDSAIZXIfxhSrXFA695+QPfBz417H6zdAG2Mf3TttZHY07w32reaPHRnlN3vjg+g/ayNX/+8dTNbYnCvQwBs6dr1iDg5Orqx/0vy/q9/J3vY59E29H/w7NzOxj9vdhr/FNbHP9Fh/LO/Q+72Y+v8L9wdQDNdZeO/9zuOf9cnrcZH8toLzTHfWHL+QjnN+rYXI+JYjO3O6pvN55xavdPotq19/JctWfutsWB+HHdHdz/8mLlSvfQkMbe7dz3ilY7j32T9/Ccdzn/2fJztsY0j6a3Xum3bOv6nq/FTxOsdz/+DGa1k8/nJyeb1MNm6Kjb6+8aR37u1v93xZ+d/3+bxjyft87W1x2/jxz3/pt229Xv970o+a5Z35euulOr1xamIXcnHG9dPP3hsq97aP4v/2NHN+79O1//eiPi8x/hvHP751f7jf7qy+Oce6/w/fuHOR1/80K393s7/W83SsXxNL/1frwf4JM8dAAAAAAAA7DSFiDgQSaG4Xi4UisW193ccjn2FcrVWP36+unRxLpqflR2PsUJrpvtg2/shpvL3w7bq04/UZyLiUER8O7K3WS/OVstz2x08AAAAAAAAAAAAAAAAAAAA7BD7u3z+P/PHyHYfHfDU+cpvGF5b5v8gvukJ2JH8/4fhJf9heMl/GF7yH4aX/IfhJf9heMl/GF7yHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAbq7Jkz2dJYvX91NqvPXV5eWqhePjGX1haKlaXZ4mx18VJxvlqdL6fF2Wplq79XrlYvTU3H0pXJelqrT9aWV85VqksX6+cuVErz6bl07JlEBQAAAAAAAAAAAAAAAAAAAM+X2vLKQqlcThcVFPoqjO6Mw1AYcGG7eyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOC/AAAA///ktDiZ")
ioprio_set$pid(0x3, 0x0, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143342, 0x0)
sendfile(r8, r8, 0x0, 0x7a680000)
ioctl$KDSIGACCEPT(0xffffffffffffffff, 0x5607, 0x38)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0x301, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r8, &(0x7f00000005c0)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000540)={&(0x7f00000004c0)={0x20, 0x140d, 0x20, 0x70bd2c, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}, @RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x8086}, 0x1)
r10 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000140), r7)
sendmsg$IPVS_CMD_NEW_SERVICE(r9, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x6c, r10, 0x800, 0x70bd29, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x66f}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x4000002}, @IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e20}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x5}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x4}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@dev={0xac, 0x14, 0x14, 0x42}}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x5}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x53}]}, 0x6c}, 0x1, 0x0, 0x0, 0x40000}, 0x1)

11.6694703s ago: executing program 2 (id=2144):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x20000000000000f4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000002540)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000070700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081383409ed2912c811ae63f03212a5331c2a4ead000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

11.193925411s ago: executing program 2 (id=2170):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, 0x0}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
shmdt(0x0)

11.154178351s ago: executing program 32 (id=2170):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, 0x0}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
shmdt(0x0)

3.831123777s ago: executing program 3 (id=2369):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="060000000400000003002000050000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000a61a7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
readahead(0xffffffffffffffff, 0x0, 0xfffffffffffffffd)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
semop(0x0, &(0x7f00000000c0)=[{}], 0x1)

3.830338487s ago: executing program 3 (id=2370):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="160000000000000004000000fb"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000080000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
lsm_get_self_attr(0x64, 0x0, &(0x7f0000000080), 0x0)

3.809717527s ago: executing program 3 (id=2371):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
ftruncate(0xffffffffffffffff, 0xc17a)
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x2000042, &(0x7f0000000cc0)={[{@nombcache}, {@oldalloc}, {@inlinecrypt}, {@delalloc}, {@noload}, {@delalloc}, {@noload}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@lazytime}]}, 0x3, 0x4ea, &(0x7f00000006c0)="$eJzs3UtvG1sdAPD/OPa9yW3AuYVFqURb+lCKoE7S9BGxKK3EY1UJUfZpSJwoihNXidM2UQXuJwChCpBYsWKDxAdAQv0ICKkS7FiwAlWQ0gUbZDR+tI1jh+TWjdvk95NO58w59fz/x4/xnJlRHMCRdSYibkbEQERciIh8sz3TLFFtlPT/vdh6NJuWJGq1O/9MImm2tW/zWPNhqe9/N+KHyc64axubSzOlUnF1e/PmpcXlmYXiQnFlcnLi2tT1qatT43scSZLdrXc4Im586+XPf/Kb79z4w9cf/G36Hxd/lKZ1t9nfaRy90Bh6LgZbDdV3EaV/0vdNtj5CAAA+BOcj4nhEnI2Ir0Y+BmLXw2gAAADgA1T75vDHrSoAAABwOGXq98YmmULzft/hyGQKhcY9vF+MTzKl8lrla/Pl9ZW5xj20I5HLzC+WiuPNe4VHIpek6xP1+uv1y23rkxHxaUQ8yQ+l6/U+AAAA4GAca5v/v8w35v8AAADAIeNiPAAAABx+5v8AAABw+Jn/AwAAwKH2vdu301J7sfWo/jsAc/c31pfK9y/NFdeWCsvrs4XZ8uq9wkK5vFAqFgb+//ZK5fK9K7Gy/nCskl2rjK1tbE4vl9dXKtP13/WeLh4/gDEBAAAA2316+ulfkoiofmOoXlIfNftyfc0MeI8k2baGu1/pUyZAT+zhlP52Z9bfTSLAgWv/TgeODnN8IGlvaDswGOx2qPDH/cdyzAEAAP0x+iXX/+GoyvQ7AaBvftrvBIC+cS4ejq7c/u8ABA6ZHdf/2wx269jz9f9abV8JAQAAPTfcWFSjeS1wODKZQuHVZcFkfrFUHI+Iz0fEn/O5j9P1iT7mCwAAAAAAAAAAAAAAAAAAAAAAAAAfolotiRoAAABwqEVk/p40f/9rNH9+uP38wEfJf/L1ZUQ8+NWdXzycqVRWJ9L2f71qr/yy2X65H2cwAAAA4CjK7drbmqe35vEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Esvth7NtspBxn1+K4ZipFP8bAzWl4ORi4hP/p1E9o3HJREx0IP41ccRcaJT/CRNK0aaWbTHz0TEUJ/jH+tBfDjKnt6KiJudPn+ZOFNfdv78ZZvlbT2/Vf+Qd4zf2v8NdNn/fW6PMU4++91Y1/iPI05mO+9/WvGTLvHP7TH+3R9sbnbrq/06YrTj90+yLdZYZfne2NrG5qXF5ZmF4kJxZXJy4trU9amrU+Nj84ulYvPfjjF+9uXfV590HX+mvnwzfmucI40Mf9xt/Of3OP7/Pnu49YVGNbczfsTFc51f/xP1ZefnP31PXGh+D6T9o616tVF/06nf/ulUt9zS+HNdnv/G65+vdRv/xb0Nf8eYAYD+WtvYXJoplYqrB1A5e6V3G0wOKGeVLpXB9yONg658+6230zocfpvt/LVn40rnDJ27+rxjAgAAeu71QX+/MwEAAAAAAAAAAAAAAAAAAICj6zP98bDT+3tUe8xqf4YKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALCr/wUAAP//GpnIcw==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000040), 0x208e286)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f00000000c0)={'wpan0\x00', <r3=>0x0})
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), r2)
sendmsg$NL802154_CMD_SET_SEC_PARAMS(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="190927bd7000fcdbdf251500000008000300", @ANYRES32=r3, @ANYBLOB="180029800c00"], 0x34}, 0x1, 0x0, 0x0, 0x8001}, 0x64000010)
r6 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_ADDDEF(r4, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="60000005", @ANYRES16=r6, @ANYBLOB="000528bd7000fcdbdf250400000006000b0027000000080008006401010108000c000000000006000b000b00000006000b00390000000800070000000000080008006401010114000500fe880000000000000000000000000001"], 0x60}, 0x1, 0x0, 0x0, 0x4000001}, 0x1)

3.603403247s ago: executing program 3 (id=2376):
futex_waitv(&(0x7f0000001080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001100)={'nat\x00', 0x0, 0x0, 0x90, [], 0x2, 0x0, 0x0}, &(0x7f0000001180)=0x108)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r3=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)=ANY=[@ANYBLOB="5000000010000304000000040000000000000000", @ANYRES32=0x0, @ANYBLOB="05a00200000000002800128009000100766c616e00000000180002800c000200540a00001d000000060001000000000008000500", @ANYRES32=r3], 0x50}, 0x1, 0xba01}, 0x20)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = syz_clone(0x100200, &(0x7f00000002c0)="a79fb8abe2033f921984566f53e0dab475f9bc0043e9eea1c7e714a477db74772f77299b764618dec28c6a7a419ade15399b8be3e441b8d251ba21d9e405e3595dcb383440e0b2e485a5a6766f8bea9ec9d02ab84a17a31824e6385b9cd82f0f7c024d866ea6662d", 0x68, &(0x7f0000000340), &(0x7f0000000380), &(0x7f00000003c0)="55cce0089926e8603a6f119951e89f2f5d85963d6fc0b0e5f339322688849e3fb328a24da56af45560249855311e845885c270e78531afd52b0ee283d4baa6a92e0ec62ce074dd04f0bbb33189bbd75a230809b1e98a46ae45b5c7e2bc")
sendmsg$nl_route(r4, &(0x7f0000000900)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000008c0)={&(0x7f0000000840)=@ipv4_newaddr={0x78, 0x14, 0x200, 0x70bd2c, 0x25dfdbff, {0x2, 0x78, 0x18}, [@IFA_LOCAL={0x8, 0x2, @multicast1}, @IFA_RT_PRIORITY={0x8, 0x9, 0x6}, @IFA_RT_PRIORITY={0x8, 0x9, 0xfffffff9}, @IFA_BROADCAST={0x8, 0x4, @loopback}, @IFA_ADDRESS={0x8, 0x1, @loopback}, @IFA_LABEL={0x14, 0x3, 'geneve1\x00'}, @IFA_ADDRESS={0x8, 0x1, @remote}, @IFA_LABEL={0x14, 0x3, 'ipvlan0\x00'}, @IFA_FLAGS={0x8, 0x8, 0x1}]}, 0x78}, 0x1, 0x0, 0x0, 0x48814}, 0x1)
syz_open_procfs(r5, &(0x7f0000000440)='net/ip6_flowlabel\x00')
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)=ANY=[@ANYBLOB="50000000100003040000000000000000f2000000", @ANYRES32=0x0, @ANYBLOB="00000000000000002800128009000100766c616e0000000018000280060001"], 0x50}, 0x1, 0xba01}, 0x0)
r6 = socket(0x10, 0x3, 0x0)
write(r6, &(0x7f0000000000)="2400000011005f0414f9f40700090400810000000d0000000000000008000f0001000000", 0x24)
creat(&(0x7f00000000c0)='./file0\x00', 0xc9028ba210c11e88)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="1c00000015000100000000000000000001000000080001"], 0x1c}}, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$PPPIOCSMRU(0xffffffffffffffff, 0x40047452, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x2800800, &(0x7f0000000600)={[{@user_xattr}, {@data_err_abort}, {@resuid}, {@errors_remount}, {@discard}, {@nojournal_checksum}, {@stripe={'stripe', 0x3d, 0x5}}, {@noinit_itable}, {@nomblk_io_submit}, {@grpquota}, {@nogrpid}]}, 0x1, 0x54f, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbZdnamc8HbnvOvTc995t7v6fn5iQkgKE1kf0oRLwcEd8kEQfbto1GvnFibb/V+1dnsyWJRuPTv5JI8nWt/ZP89/688lJE/PZVxPHCxnZryysLpXI5Xczrk/XKpcna8sqJC5XSfDqfXpyemTn19sz0e+++M7BY3zj7z/ef3P7w1NdHV7/75e6hm0mcjgP5tvY4nsC19spETOTPyVicfmTHqQE0tpMk230A9GUkz/OxyPqAgzGSZz3w//dlRDSAIZXIfxhSrXFA695+QPfBz417H6zdAG2Mf3TttZHY07w32reaPHRnlN3vjg+g/ayNX/+8dTNbYnCvQwBs6dr1iDg5Orqx/0vy/q9/J3vY59E29H/w7NzOxj9vdhr/FNbHP9Fh/LO/Q+72Y+v8L9wdQDNdZeO/9zuOf9cnrcZH8toLzTHfWHL+QjnN+rYXI+JYjO3O6pvN55xavdPotq19/JctWfutsWB+HHdHdz/8mLlSvfQkMbe7dz3ilY7j32T9/Ccdzn/2fJztsY0j6a3Xum3bOv6nq/FTxOsdz/+DGa1k8/nJyeb1MNm6Kjb6+8aR37u1v93xZ+d/3+bxjyft87W1x2/jxz3/pt229Xv970o+a5Z35euulOr1xamIXcnHG9dPP3hsq97aP4v/2NHN+79O1//eiPi8x/hvHP751f7jf7qy+Oce6/w/fuHOR1/80K393s7/W83SsXxNL/1frwf4JM8dAAAAAAAA7DSFiDgQSaG4Xi4UisW193ccjn2FcrVWP36+unRxLpqflR2PsUJrpvtg2/shpvL3w7bq04/UZyLiUER8O7K3WS/OVstz2x08AAAAAAAAAAAAAAAAAAAA7BD7u3z+P/PHyHYfHfDU+cpvGF5b5v8gvukJ2JH8/4fhJf9heMl/GF7yH4aX/IfhJf9heMl/GF7yHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAbq7Jkz2dJYvX91NqvPXV5eWqhePjGX1haKlaXZ4mx18VJxvlqdL6fF2Wplq79XrlYvTU3H0pXJelqrT9aWV85VqksX6+cuVErz6bl07JlEBQAAAAAAAAAAAAAAAAAAAM+X2vLKQqlcThcVFPoqjO6Mw1AYcGG7eyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOC/AAAA///ktDiZ")
ioprio_set$pid(0x3, 0x0, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143342, 0x0)
sendfile(r8, r8, 0x0, 0x7a680000)
ioctl$KDSIGACCEPT(0xffffffffffffffff, 0x5607, 0x38)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0x301, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r8, &(0x7f00000005c0)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000540)={&(0x7f00000004c0)={0x20, 0x140d, 0x20, 0x70bd2c, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}, @RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x8086}, 0x1)
r10 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000140), r7)
sendmsg$IPVS_CMD_NEW_SERVICE(r9, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x6c, r10, 0x800, 0x70bd29, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x66f}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x4000002}, @IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e20}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x5}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x4}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@dev={0xac, 0x14, 0x14, 0x42}}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x5}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x53}]}, 0x6c}, 0x1, 0x0, 0x0, 0x40000}, 0x1)

3.257116888s ago: executing program 3 (id=2379):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0xe, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r2, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)={0x2c, r3, 0x301, 0x0, 0x3, {0x1c}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_vlan\x00'}]}]}, 0x2c}}, 0x40006) (fail_nth: 5)

2.82574916s ago: executing program 3 (id=2384):
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @loopback}}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000100)="a6", 0x1}, {0x0}], 0x2, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe342"], 0x10b8}, 0x0)

2.74435487s ago: executing program 33 (id=2384):
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @loopback}}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000100)="a6", 0x1}, {0x0}], 0x2, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe342"], 0x10b8}, 0x0)

1.720023764s ago: executing program 5 (id=2405):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="160000000000000004000000fb"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000800000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
lsm_get_self_attr(0x64, 0x0, &(0x7f0000000080), 0x0)

1.668524384s ago: executing program 5 (id=2406):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
faccessat2(0xffffffffffffffff, 0x0, 0x130, 0x1300) (fail_nth: 6)

1.354678765s ago: executing program 1 (id=2409):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f00000001c0), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
quotactl$Q_GETQUOTA(0xffffffff80000702, &(0x7f0000000440)=@loop={'/dev/loop', 0x0}, 0x0, 0x0) (fail_nth: 2)

1.094693816s ago: executing program 5 (id=2412):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000540)={{r0}, &(0x7f00000004c0), &(0x7f0000000500)='%-5lx  \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x5, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = openat$selinux_relabel(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
write$selinux_access(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="73797374656d5f753a6f626a6563745f723a7570647077645f657865635f742073797374656d5f753a73797374656d5f723afaffffffffff"], 0x56)

1.089088116s ago: executing program 5 (id=2413):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000e00)={0x11, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4c, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='kfree\x00', r0}, 0x18)
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0)
io_setup(0x1, &(0x7f00000000c0)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000000080)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000140)='-3', 0x2}])
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x880020, 0x0)
chdir(&(0x7f0000000240)='./file0\x00')
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000a9000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
r4 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r4, &(0x7f0000000040), 0x10)
listen(r4, 0x0)
r5 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r5, &(0x7f0000000080), 0x10)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x3d, 0x1, 0x0, 0x0, 0x0, 0x4, 0x62200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100000, 0x0, 0x0, 0x6, 0x3, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
mkdir(&(0x7f0000000000)='./file0\x00', 0x10c)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
setxattr$incfs_metadata(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380), 0x0, 0x0, 0x0)
removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='user.incfs.metadata\x00')
sendmmsg(r5, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="1b", 0x40000}], 0x1}}], 0x1, 0x24008094)
r6 = accept4$unix(r4, 0x0, 0x0, 0x0)
recvfrom$unix(r6, &(0x7f0000000140)=""/263, 0x40000, 0x0, 0x0, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x398, 0xd0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x2c8, 0xffffffff, 0xffffffff, 0x2c8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0={0xfc, 0x0, '\x00', 0xff}, @private1={0xfc, 0x1, '\x00', 0x1}, [0x0, 0x4000000], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@AUDIT={0x28, 'AUDIT\x00', 0x0, {0x2}}}, {{@uncond, 0x0, 0x1c8, 0x1f8, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x9, 0x4, 0x4, 0x1, 'syz1\x00', 0x2}}, @common=@inet=@socket1={{0x28}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0x0, 0x0, 0x0, 0x2}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x3f8)

1.015987986s ago: executing program 1 (id=2415):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000b40)='neigh_create\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001812", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000b40)='neigh_create\x00', r3}, 0x10)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xc6, 0x9}, 0x0, 0xc8, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000900)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r5, &(0x7f0000000680)={0x0, 0x0, 0x0}, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fed007907001175f37538e486dd6317ce2200102f00fe80000000000000875a65059ff57b00000000000000000000000000ac1414aa35f022eb"], 0xcfa4)
recvmsg$unix(r4, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r6=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r6, &(0x7f0000000000)=ANY=[], 0xfdef)
bpf$MAP_CREATE(0x0, 0x0, 0x0)

965.575066ms ago: executing program 1 (id=2416):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000002140)={'wg2\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000002300)=ANY=[@ANYBLOB="400006006800010000000000feffffff0a00000000000000060007000700000008000500", @ANYRES32=r1, @ANYBLOB="18000880140001"], 0x40}}, 0x0)

929.355827ms ago: executing program 5 (id=2418):
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x3b, 0x1, 0x0, 0x0, 0x0, 0x89, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x2, @perf_bp={0x0, 0xa}, 0x0, 0x0, 0x2, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r0 = socket$kcm(0x2, 0xa, 0x2)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b708000000f1ff007b8af8ff00000000bfa2000000"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
mq_notify(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x3c, 0x2})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000780)=ANY=[], 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={0x0, r3, 0x0, 0xfffffffffffffffd}, 0x18)
r4 = socket$inet(0x2, 0x4000000000000001, 0x100)
bind$inet(r4, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000580)='kmem_cache_free\x00', r6}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x15, 0x0, 0x0)
recvmsg(r4, &(0x7f0000001500)={0x0, 0xa, &(0x7f0000002200)=[{&(0x7f00000035c0)=""/4106, 0x200045ca}], 0x1, 0x0, 0x46, 0x407006}, 0x104)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local})
write$tun(0xffffffffffffffff, &(0x7f0000000140)={@val={0x800e}, @void, @eth={@broadcast, @local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x4, 0x0, @empty, @multicast1}, {0x0, 0x0, 0x14, 0x0, @opaque="6f841fcaf955c253e28c7ab3"}}}}}}, 0x3a)

882.911017ms ago: executing program 1 (id=2419):
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb79100a6c52d922ba2a05dd4242"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYRESOCT], 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x14e22, 0x0, @ipv4}, 0x1c)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
socket$inet6(0xa, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_emit_ethernet(0xd2, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
poll(0x0, 0x0, 0xe7f1)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCMIWAIT(r3, 0x545c, 0x0)
ioctl$TIOCVHANGUP(r3, 0x5437, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000100001000000000000000000000000220a58000000060a0b040000000000000000020000002c0004802800018007000100637400001c0002800800014000000002080002400000001605000300000000400900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000a"], 0x80}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/locks\x00', 0x0, 0x0)
pread64(r4, &(0x7f0000001440)=""/126, 0x7e, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)
preadv(0xffffffffffffffff, 0x0, 0x0, 0xfffffc00, 0x9)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

859.230857ms ago: executing program 0 (id=2420):
r0 = openat$selinux_create(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
pwrite64(r0, &(0x7f00000010c0)="3703c70f70e244b7878fedf0c0c6c2ff2f524255d61dbfb25921e3d3686454b93e5842722103c5c67b0da4173b9e63544ee1f32fc67080b7b83c0a3125", 0x3d, 0x2)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c80)={'caif0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x7, 0xb}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x14, 0x2, [@TCA_FQ_CODEL_DROP_BATCH_SIZE={0x8, 0x8, 0xfff}, @TCA_FQ_CODEL_QUANTUM={0x8, 0x6, 0x5}]}}]}, 0x48}}, 0x4000884)
pipe2$9p(&(0x7f0000001900), 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r4}, 0x18)
socket$inet6(0xa, 0x2, 0x0)
r5 = getpid()
set_mempolicy(0x3, &(0x7f0000000000)=0x1, 0x4)
shmctl$SHM_INFO(0x0, 0xe, &(0x7f0000000500)=""/46)
shmat(0x0, &(0x7f000029f000/0x4000)=nil, 0x6000)
syz_io_uring_setup(0xf3d, &(0x7f0000000680)={0x0, 0x1d, 0x10, 0x2, 0x80001ee}, &(0x7f0000000340)=<r6=>0x0, &(0x7f0000000540))
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x18, 0xc, &(0x7f0000000080)=ANY=[@ANYRESDEC=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000002c0)=ANY=[], 0x38}}, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYRES8=r5], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./bus\x00', 0x1008002, &(0x7f00000000c0)={[{@grpquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x88}}, {@resuid}, {@nouid32}, {@lazytime}, {@usrquota}, {@data_err_abort}, {@max_batch_time={'max_batch_time', 0x3d, 0x9}}]}, 0x1, 0x5d8, &(0x7f0000001200)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
r9 = open(&(0x7f0000000080)='./bus\x00', 0x84182, 0x0)
ftruncate(r9, 0x2007ffb)
preadv2(r9, &(0x7f0000000400)=[{&(0x7f0000002140)=""/4096, 0x1000}], 0x1, 0x0, 0x0, 0x9)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', r7, 0x0, 0x9}, 0x18)

789.958327ms ago: executing program 0 (id=2421):
r0 = open_tree(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0xff8d29b0d4b52cbd)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000ac0)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYRESDEC=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0xfffffffffffffffe}, 0x18)
syz_mount_image$vfat(&(0x7f0000000340), &(0x7f0000000980)='./file1\x00', 0x280809a, &(0x7f0000000f40)=ANY=[], 0xd, 0x2b2, &(0x7f00000006c0)="$eJzs3U9rY1UUAPDz0jR9OosUcaMIPtCFqzJ166ZRRhC7UiKoCw3ODEgSBqYQmArGruYTuPR7+BHcuPEbDLgV3E0XlSfvX/7ga402VXR+v9Xh3nfuPXm3TbLJeZ+/Mh3ffZDE2dMnkaZJdI7iKM6T2I9ONL6JbgAA/x/neR6/5mWY5JUNM7udGy0MALgx1ef/X/rgBwD+4z78+JP3B8fHdz7IsjRe6j+eDZOImD6eDav5wf34MiZxL25HPy4i8oUqfve94zvRzQr78fp0PhsWmdPPfqzXH/wSUeYfRj/22/MPs8pK/nw23I3nI4vB/d2m1H682J7/Zkt+DHvxxmsr9R9EP376Ih7EJO5GkbvM//owy97Jv3361afFNkV+0onhXnldKfcFCQAAAAAAAAAAAAAAAAAAAACA7TrIsqRq31P27ymG6v47Oxfl/EHW2F/vz1PlJ81CVX+gvOmWM8/ju6a/zu0sy/L6wmV+N17uerAAAAAAAAAAAAAAAAAAAAAAFE4ePbk1mkzuPTx5dDq+dtB0A2h+1v931zlaGXk1TsejncsX3Nt8r9VuA0WtV14c3W5s6ba0B2eLkeeKera+xV4sRj6KKmgOZqt7vfB2tejpeJTVU81NHo+SP9srbQ7u+9WpXly3sLz8k7jI1880XZS6ntXb0t3o3Wqd+i3P883Weevn6ozqkaRssbHZ7rt10PoCiyAtziJd/OMXUz9cvuClbxk7137TAQAAAAAAAAAAAAAAAAAAWi1/9NsyeXZlaufGigIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf9jy+f9NkEbE+sgfgnmdfNU1ddCLhyf/8ksEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgGfB7AAAA//8rlFqg")
r2 = open(&(0x7f0000000080)='./file0\x00', 0x40c5, 0x130)
r3 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x51)
write$9p(r2, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706", 0x200)
sendfile(r2, r3, 0x0, 0xe065)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000000380)={0x0, <r4=>0x0})
process_vm_readv(r4, &(0x7f0000000600)=[{&(0x7f0000000400)=""/129, 0x81}, {&(0x7f00000004c0)=""/112, 0x70}, {&(0x7f0000001600)=""/4096, 0x1000}, {&(0x7f0000000540)=""/190, 0xbe}, {&(0x7f00000009c0)=""/231, 0xe7}], 0x5, &(0x7f0000000180)=[{&(0x7f0000000000)=""/63, 0x3f}, {&(0x7f0000002600)=""/4096, 0x1000}], 0x2, 0x0)

732.034437ms ago: executing program 0 (id=2422):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000540)={{r0}, &(0x7f00000004c0), &(0x7f0000000500)='%-5lx  \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x5, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = openat$selinux_relabel(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
write$selinux_access(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="73797374656d5f753a6f626a6563745f723a7570647077645f657865635f742073797374656d5f753a73797374656d5f723afaffffffffff"], 0x56)

670.954767ms ago: executing program 0 (id=2423):
write$cgroup_type(0xffffffffffffffff, &(0x7f0000000180), 0x9)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000a00000000000000000007000000110000", @ANYRES32, @ANYBLOB="0000000000000000b708000000ffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @void, @value}, 0x94)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYRES32], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r2}, &(0x7f0000000800), &(0x7f0000000840)=r3}, 0x20)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x15, 0x0, 0x0, &(0x7f0000000580)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, 0x0, 0xfffffffffffffe6c, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x9b, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={0x0, r4}, 0x18)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6tnl0\x00', 0x200})
perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40a, 0x0, @perf_config_ext={0x9}, 0x104002, 0xa1b7, 0x0, 0x0, 0x6f00000000000, 0xffffffff, 0x0, 0x0, 0xffffbffe, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x89f1, &(0x7f0000000080))

634.079448ms ago: executing program 0 (id=2424):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e000000000000000400000001"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}, 0x50)

610.308308ms ago: executing program 0 (id=2425):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0x0, 0x7fc00101}]})
epoll_create1(0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000002280)={<r2=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r1, 0xc0182101, &(0x7f00000003c0)={r2, 0x8000000000000000})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000340)={<r3=>0x0})
r4 = socket$key(0xf, 0x3, 0x2)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f0000000000)={r3, 0x3, r4})
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000780), r0)
socket$inet_icmp(0x2, 0x2, 0x1)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r6, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r6, &(0x7f0000000080), 0x1c)
fcntl$dupfd(r6, 0x0, r6)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r6, 0x6, 0x14, &(0x7f0000000000)=0x1, 0x4)
recvmmsg(r6, &(0x7f0000000400)=[{{0x0, 0x0, 0x0}, 0x3}], 0x1, 0x20103, 0x0)
sendmsg$NL802154_CMD_SET_CCA_MODE(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="01002bbd7000ffdb58a30d00000008000100010000011efb69354809e5184a2033f3fe9ade345683767c45889822b1abb12a8ebcf7bb216a767fa3861e3c4a23fed48625a328123ef9840c9365b2f6efaa2c9b56262121cff7f6e2760daa1d6a218595518bfb139c1417dda1f2155a3d6306c634e9b13ebee00d3667c8a449c83a45dc556eff0c5ffc"], 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x14)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000100)={'netdevsim0\x00', &(0x7f0000000200)=@ethtool_channels={0x3c, 0x0, 0x6, 0x7, 0x0, 0x0, 0x0, 0x2}})
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000040), r8)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x14, r9, 0xbcaa9c0f86c3443d}, 0x14}}, 0x0)
sendmsg$NLBL_UNLABEL_C_STATICREMOVE(r0, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0x9c, r9, 0x200, 0x70bd26, 0x25dfdbfd, {}, [@NLBL_UNLABEL_A_ACPTFLG={0x5}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @empty}, @NLBL_UNLABEL_A_ACPTFLG={0x5}, @NLBL_UNLABEL_A_SECCTX={0x28, 0x7, 'system_u:object_r:hald_var_run_t:s0\x00'}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @mcast2}, @NLBL_UNLABEL_A_SECCTX={0x29, 0x7, 'system_u:object_r:apt_var_cache_t:s0\x00'}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @dev={0xac, 0x14, 0x14, 0x2e}}]}, 0x9c}, 0x1, 0x0, 0x0, 0x40000}, 0x40010)

316.414739ms ago: executing program 4 (id=2427):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x5, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001940)=@newtaction={0xe98, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0xe84, 0x1, [@m_pedit={0xe80, 0x1, 0x0, 0x0, {{0xa}, {0xe54, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe50, 0x2, {{{}, 0x97, 0x0, [{0x2}, {0x0, 0x0, 0xfffffffc}]}, [{0x3}, {}, {}, {}, {}, {0x448eade7}, {0x0, 0x0, 0x80000000}, {}, {0x20000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0xe2a}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {}, {}, {0x2}, {}, {0xfffffffc}, {0x0, 0xe}, {0x0, 0x0, 0x0, 0x8}, {}, {0x0, 0x4, 0x0, 0x0, 0x4}, {}, {}, {0x0, 0x0, 0x0, 0xfffffffc}, {}, {0x0, 0x0, 0x0, 0xb2d}, {0x0, 0x0, 0x0, 0x80}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0xfffffffe}, {}, {}, {}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0x4000000}, {}, {0x0, 0x0, 0x0, 0x0, 0x444cd0f4}, {}, {}, {}, {}, {0x0, 0x10}, {}, {}, {0x2, 0x0, 0x0, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xa9}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0x20000000, 0x0, 0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x10000}, {}, {}, {0x400, 0x0, 0x0, 0x3}, {}, {0x9}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffb}, {0x0, 0x0, 0x0, 0x0, 0x6}, {}, {}, {0x0, 0x0, 0x0, 0xff, 0xfffffffc}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xe10}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {0x0, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x2}, {}, {0x0, 0x400}, {0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff9}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xb}], [{}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x3, 0x1}, {}, {}, {}, {0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {}, {0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe98}}, 0x0)

275.968319ms ago: executing program 4 (id=2428):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000e00)={0x11, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4c, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='kfree\x00', r0}, 0x18)
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0)
io_setup(0x1, &(0x7f00000000c0)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000000080)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000140)='-3', 0x2}])
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x880020, 0x0)
chdir(&(0x7f0000000240)='./file0\x00')
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000a9000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
r4 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r4, &(0x7f0000000040), 0x10)
listen(r4, 0x0)
r5 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r5, &(0x7f0000000080), 0x10)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x3d, 0x1, 0x0, 0x0, 0x0, 0x4, 0x62200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100000, 0x0, 0x0, 0x6, 0x3, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
mkdir(&(0x7f0000000000)='./file0\x00', 0x10c)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
setxattr$incfs_metadata(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380), 0x0, 0x0, 0x0)
removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='user.incfs.metadata\x00')
sendmmsg(r5, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="1b", 0x40000}], 0x1}}], 0x1, 0x24008094)
r6 = accept4$unix(r4, 0x0, 0x0, 0x0)
recvfrom$unix(r6, &(0x7f0000000140)=""/263, 0x40000, 0x0, 0x0, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x398, 0xd0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x2c8, 0xffffffff, 0xffffffff, 0x2c8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0={0xfc, 0x0, '\x00', 0xff}, @private1={0xfc, 0x1, '\x00', 0x1}, [0x0, 0x4000000], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@AUDIT={0x28, 'AUDIT\x00', 0x0, {0x2}}}, {{@uncond, 0x0, 0x1c8, 0x1f8, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x9, 0x4, 0x4, 0x1, 'syz1\x00', 0x2}}, @common=@inet=@socket1={{0x28}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0x0, 0x0, 0x0, 0x2}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x3f8)

144.832599ms ago: executing program 4 (id=2429):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x8, 0x3032, 0xffffffffffffffff, 0x1000)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000400)={&(0x7f0000000700)=ANY=[@ANYBLOB="9feb01001800000000000000340000003400000002000000000000000500000d0000000601000900000007000000000000000300000004000000020008ef14aed57cc368"], &(0x7f0000000f40)=""/4096, 0x4e, 0x1000, 0x1, 0x0, 0x0, @void, @value}, 0x28)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000040)={0x0, r0}, 0x8)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x19, 0xc, 0x0, &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffc}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='kmem_cache_free\x00', r1}, 0x10)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000380)=0x14)

62.78061ms ago: executing program 4 (id=2430):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000002"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r2}, 0x10)
msync(&(0x7f0000952000/0x2000)=nil, 0x2000, 0xd) (async, rerun: 64)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000700)={{r0}, &(0x7f0000000680), &(0x7f00000006c0)=r1}, 0x20) (async, rerun: 64)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x3, 0x7, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000004e8100000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r3}, &(0x7f0000000080), &(0x7f0000000200)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10) (async)
syz_io_uring_setup(0x110, &(0x7f00000005c0)={0x0, 0xd7c8, 0x0, 0x10000}, &(0x7f0000000240)=<r5=>0x0, &(0x7f0000000040)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) (async)
syz_io_uring_submit(r5, r6, &(0x7f0000000180)=@IORING_OP_UNLINKAT={0x24, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}) (async)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) (async)
r8 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r9 = syz_genetlink_get_family_id$mptcp(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ANNOUNCE(r8, &(0x7f0000000640)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x34, r9, 0x4, 0x70bd2b, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x7f}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x7}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x800}]}, 0x34}, 0x1, 0x0, 0x0, 0x20005}, 0x80) (async, rerun: 32)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af0ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r7, @ANYBLOB="0000000000000000b703000010000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (rerun: 32)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

56.07932ms ago: executing program 1 (id=2431):
r0 = syz_io_uring_setup(0x24fd, &(0x7f00000003c0)={0x0, 0x20, 0x10100}, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_SENDMSG={0x9, 0x2, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000440)={&(0x7f0000000340)=@rxrpc=@in6={0x21, 0x2, 0x2, 0x1c, {0xa, 0x4e20, 0x2, @local, 0xd66b}}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000480)="10ab119b497ad23a1c1142ce24b27ffa12477294d5f95fbf8890c08a1c7a02944cf58f9e6725ddafac32a98ed3ec927d19a01a193c99058915996d97a79d6e364c97cd620d3e639b4374dae2de1c616415fbc228c3f6bbaacf237291ea1c763bc9f9405da6d699a83194b49c8848", 0x6e}], 0x1}, 0x0, 0x80840, 0x1})
io_uring_enter(r0, 0x1d2d, 0x0, 0x0, 0x0, 0x0)

43.81491ms ago: executing program 4 (id=2432):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="160000000000000004000000fb"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000800000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
lsm_get_self_attr(0x64, 0x0, &(0x7f0000000080), 0x0)

27.712029ms ago: executing program 5 (id=2433):
write$cgroup_type(0xffffffffffffffff, &(0x7f0000000180), 0x9)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000a00000000000000000007000000110000", @ANYRES32, @ANYBLOB="0000000000000000b708000000ffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @void, @value}, 0x94)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYRES32], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r2}, &(0x7f0000000800), &(0x7f0000000840)=r3}, 0x20)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x15, 0x0, 0x0, &(0x7f0000000580)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, 0x0, 0xfffffffffffffe6c, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x9b, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={0x0, r4}, 0x18)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6tnl0\x00', 0x200})
perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40a, 0x0, @perf_config_ext={0x9}, 0x104002, 0xa1b7, 0x0, 0x0, 0x6f00000000000, 0xffffffff, 0x0, 0x0, 0xffffbffe, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x89f1, &(0x7f0000000080))

579.47µs ago: executing program 1 (id=2434):
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x3, 0xf2, 0x6b, 0x96, 0x0, 0x96d, 0x2c, 0x5, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f00000003c0), 0x2}, 0x108801, 0x5, 0x3, 0x1, 0xa, 0xcb, 0x401, 0x0, 0xfffffffb, 0x0, 0x80}, 0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000740)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_config_ext={0x1, 0x20000000000}, 0x11138a, 0x800, 0x4, 0x5, 0x2, 0x40, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
timer_create(0xb, 0x0, &(0x7f00000000c0))
timer_delete(0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=<r1=>0x0, @ANYBLOB="000000000000ffff00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYRES16=r1], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000000)=ANY=[])
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff00000000000000", @ANYRES32=0x1, @ANYBLOB='\x00 \x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000000000568d487039147035b268fbdac27f0d4a0dd089d9ffa7dd69a44c1a626a263c9e8b26f88d7bf1821a95b1cf4d3d02b60cd41375c7b42278591e80183a3ce8ae88901fd753d1c737e5dee7f3174f2f0fe10e375a394d8c7e0c4f12dab01dcd0f290f1452146a6d9f945f"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095", @ANYRESDEC=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
r6 = syz_io_uring_setup(0x34ff, &(0x7f0000000340)={0x0, 0x0, 0x10100}, &(0x7f0000000240), &(0x7f0000000200))
syz_io_uring_setup(0x1f33, &(0x7f00000002c0)={0x0, 0xfffffffd, 0x80, 0x0, 0x0, 0x0, r3}, &(0x7f0000000040)=<r7=>0x0, &(0x7f0000000180)=<r8=>0x0)
syz_io_uring_submit(r7, r8, &(0x7f00000001c0)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f0000ffb000/0x4000)=nil, 0x4000, 0xd, 0x1})
io_uring_enter(r6, 0x184c, 0x0, 0x0, 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf0900000000000000010000b8ffffffb702000008000000b7030000000000a15b0000007100000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="021380ee02"], 0x10}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0xffffffffa0018000, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="020300090c00000000420b00000000000200130002000000000000000000001f0300060000000051020049e4f0000001c99a00000000000002000100002000100000000200000000030005"], 0x60}}, 0x0)
socket$key(0xf, 0x3, 0x2)
r9 = semget$private(0x0, 0x207, 0x0)
semtimedop(r9, &(0x7f0000000080)=[{0x0, 0x3}, {}], 0x1f4, 0x0)
semctl$SETALL(r9, 0x0, 0x11, &(0x7f0000000000)=[0x7fff])

0s ago: executing program 4 (id=2435):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r2 = gettid()
fsetxattr$trusted_overlay_redirect(r1, &(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x8, 0x1)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x8100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/sys/net/ipv4/vs/pmtu_disc\x00', 0x2, 0x0) (async)
r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/sys/net/ipv4/vs/pmtu_disc\x00', 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001ec0)={0x6, 0x2, &(0x7f0000001c00)=@raw=[@map_fd={0x18, 0x3, 0x1, 0x0, r3}], &(0x7f0000001c40)='syzkaller\x00', 0x9, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
process_vm_writev(r2, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) (async)
process_vm_writev(r2, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)

kernel console output (not intermixed with test programs):

ALL_64_after_hwframe+0x77/0x7f
[   44.563844][ T4516] RIP: 0033:0x7f746dbcfed9
[   44.563862][ T4516] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   44.563935][ T4516] RSP: 002b:00007f746c247058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   44.564034][ T4516] RAX: ffffffffffffffda RBX: 00007f746dd95fa0 RCX: 00007f746dbcfed9
[   44.564051][ T4516] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003
[   44.564065][ T4516] RBP: 00007f746c2470a0 R08: 0000000000000000 R09: 0000000000000000
[   44.564078][ T4516] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   44.564090][ T4516] R13: 0000000000000000 R14: 00007f746dd95fa0 R15: 00007ffcdf016578
[   44.564141][ T4516]  </TASK>
[   44.564912][ T4516] lo: default qdisc (pfifo_fast) fail, fallback to noqueue
[   44.569265][ T4516] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[   44.569304][ T4521] netlink: 40 bytes leftover after parsing attributes in process `syz.1.471'.
[   44.711118][ T4529] syzkaller0: entered promiscuous mode
[   44.988691][ T4529] syzkaller0: entered allmulticast mode
[   45.123969][ T4544] loop4: detected capacity change from 0 to 512
[   45.181367][ T4544] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.220783][ T4544] ext4 filesystem being mounted at /78/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   45.288891][ T3294] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.313619][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.326910][ T4567] 9pnet_fd: Insufficient options for proto=fd
[   45.387862][ T4566] syzkaller0: entered promiscuous mode
[   45.393551][ T4566] syzkaller0: entered allmulticast mode
[   45.406613][ T4571] netlink: 40 bytes leftover after parsing attributes in process `syz.1.493'.
[   45.541642][ T4589] netlink: 8 bytes leftover after parsing attributes in process `syz.1.498'.
[   45.599834][ T4593] loop1: detected capacity change from 0 to 164
[   45.687149][ T4602] FAULT_INJECTION: forcing a failure.
[   45.687149][ T4602] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   45.700407][ T4602] CPU: 0 UID: 0 PID: 4602 Comm: syz.2.505 Not tainted 6.13.0-rc2-syzkaller #0
[   45.709323][ T4602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   45.719392][ T4602] Call Trace:
[   45.722676][ T4602]  <TASK>
[   45.725614][ T4602]  dump_stack_lvl+0xf2/0x150
[   45.730268][ T4602]  dump_stack+0x15/0x1a
[   45.734452][ T4602]  should_fail_ex+0x223/0x230
[   45.739147][ T4602]  should_fail+0xb/0x10
[   45.743344][ T4602]  should_fail_usercopy+0x1a/0x20
[   45.748427][ T4602]  _copy_from_user+0x1e/0xb0
[   45.753032][ T4602]  copy_msghdr_from_user+0x54/0x2a0
[   45.758301][ T4602]  ? __fget_files+0x17c/0x1c0
[   45.763082][ T4602]  __sys_sendmsg+0x13e/0x230
[   45.767783][ T4602]  __x64_sys_sendmsg+0x46/0x50
[   45.772653][ T4602]  x64_sys_call+0x2734/0x2dc0
[   45.777378][ T4602]  do_syscall_64+0xc9/0x1c0
[   45.781919][ T4602]  ? clear_bhb_loop+0x55/0xb0
[   45.786683][ T4602]  ? clear_bhb_loop+0x55/0xb0
[   45.791365][ T4602]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   45.797275][ T4602] RIP: 0033:0x7f378993fed9
[   45.801699][ T4602] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   45.821320][ T4602] RSP: 002b:00007f3787fb7058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   45.829766][ T4602] RAX: ffffffffffffffda RBX: 00007f3789b05fa0 RCX: 00007f378993fed9
[   45.837739][ T4602] RDX: 0000000000000000 RSI: 0000000020000300 RDI: 0000000000000005
[   45.846358][ T4602] RBP: 00007f3787fb70a0 R08: 0000000000000000 R09: 0000000000000000
[   45.854360][ T4602] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   45.862405][ T4602] R13: 0000000000000000 R14: 00007f3789b05fa0 R15: 00007ffd39545af8
[   45.870400][ T4602]  </TASK>
[   45.978485][ T4610] syzkaller0: entered promiscuous mode
[   45.984104][ T4610] syzkaller0: entered allmulticast mode
[   46.330420][ T4646] syzkaller0: entered promiscuous mode
[   46.335949][ T4646] syzkaller0: entered allmulticast mode
[   46.402161][ T4653] 9pnet_fd: Insufficient options for proto=fd
[   46.442665][ T4657] loop3: detected capacity change from 0 to 512
[   46.449316][ T4657] EXT4-fs: Ignoring removed nomblk_io_submit option
[   46.471026][ T4657] EXT4-fs (loop3): blocks per group (35) and clusters per group (32768) inconsistent
[   46.561410][   T29] kauditd_printk_skb: 1019 callbacks suppressed
[   46.561428][   T29] audit: type=1326 audit(1733768815.461:3580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4664 comm="syz.1.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5ca2fed9 code=0x7ffc0000
[   46.622596][   T29] audit: type=1326 audit(1733768815.461:3581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4664 comm="syz.1.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=459 compat=0 ip=0x7f3d5ca2fed9 code=0x7ffc0000
[   46.645970][   T29] audit: type=1326 audit(1733768815.461:3582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4664 comm="syz.1.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5ca2fed9 code=0x7ffc0000
[   46.669635][   T29] audit: type=1326 audit(1733768815.471:3583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4664 comm="syz.1.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5ca2fed9 code=0x7ffc0000
[   46.699693][   T29] audit: type=1326 audit(1733768815.591:3584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4669 comm="syz.0.535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb83f7fed9 code=0x7ffc0000
[   46.723081][   T29] audit: type=1326 audit(1733768815.591:3585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4669 comm="syz.0.535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=244 compat=0 ip=0x7fcb83f7fed9 code=0x7ffc0000
[   46.746474][   T29] audit: type=1326 audit(1733768815.591:3586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4669 comm="syz.0.535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb83f7fed9 code=0x7ffc0000
[   46.769906][   T29] audit: type=1326 audit(1733768815.591:3587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4669 comm="syz.0.535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcb83f7fed9 code=0x7ffc0000
[   46.793270][   T29] audit: type=1326 audit(1733768815.591:3588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4669 comm="syz.0.535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb83f7fed9 code=0x7ffc0000
[   46.816713][   T29] audit: type=1326 audit(1733768815.591:3589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4669 comm="syz.0.535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcb83f7fed9 code=0x7ffc0000
[   46.820795][ T4675] loop2: detected capacity change from 0 to 512
[   46.875963][ T4675] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.537: corrupted in-inode xattr: invalid ea_ino
[   46.890039][ T4675] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz.2.537: couldn't read orphan inode 15 (err -117)
[   46.904320][ T4675] EXT4-fs (loop2): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   46.923020][ T4675] FAULT_INJECTION: forcing a failure.
[   46.923020][ T4675] name failslab, interval 1, probability 0, space 0, times 0
[   46.935784][ T4675] CPU: 1 UID: 0 PID: 4675 Comm: syz.2.537 Not tainted 6.13.0-rc2-syzkaller #0
[   46.944663][ T4675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   46.954748][ T4675] Call Trace:
[   46.958036][ T4675]  <TASK>
[   46.961052][ T4675]  dump_stack_lvl+0xf2/0x150
[   46.965712][ T4675]  dump_stack+0x15/0x1a
[   46.969965][ T4675]  should_fail_ex+0x223/0x230
[   46.974726][ T4675]  should_failslab+0x8f/0xb0
[   46.979344][ T4675]  __kmalloc_noprof+0xab/0x3f0
[   46.984137][ T4675]  ? ext4_xattr_block_set+0x233/0x1ca0
[   46.989655][ T4675]  ext4_xattr_block_set+0x233/0x1ca0
[   46.994962][ T4675]  ? ext4_xattr_set_entry+0xd98/0x1000
[   47.000473][ T4675]  ext4_xattr_set_handle+0x8ac/0xbf0
[   47.005871][ T4675]  ? sidtab_sid2str_get+0x106/0x140
[   47.011101][ T4675]  ext4_initxattrs+0x60/0xb0
[   47.015805][ T4675]  ? __pfx_ext4_initxattrs+0x10/0x10
[   47.021124][ T4675]  security_inode_init_security+0x257/0x330
[   47.027170][ T4675]  ext4_init_security+0x34/0x40
[   47.032080][ T4675]  __ext4_new_inode+0x203a/0x2230
[   47.037303][ T4675]  ext4_create+0x172/0x2f0
[   47.041744][ T4675]  ? __pfx_ext4_create+0x10/0x10
[   47.046702][ T4675]  path_openat+0xe92/0x1fa0
[   47.051309][ T4675]  do_filp_open+0x107/0x230
[   47.055885][ T4675]  do_sys_openat2+0xab/0x120
[   47.060579][ T4675]  __x64_sys_openat+0xf3/0x120
[   47.065375][ T4675]  x64_sys_call+0x2b30/0x2dc0
[   47.070083][ T4675]  do_syscall_64+0xc9/0x1c0
[   47.074666][ T4675]  ? clear_bhb_loop+0x55/0xb0
[   47.079386][ T4675]  ? clear_bhb_loop+0x55/0xb0
[   47.084085][ T4675]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   47.090023][ T4675] RIP: 0033:0x7f378993fed9
[   47.094449][ T4675] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   47.114142][ T4675] RSP: 002b:00007f3787fb7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   47.122576][ T4675] RAX: ffffffffffffffda RBX: 00007f3789b05fa0 RCX: 00007f378993fed9
[   47.130556][ T4675] RDX: 000000000000275a RSI: 0000000020000000 RDI: ffffffffffffff9c
[   47.138651][ T4675] RBP: 00007f3787fb70a0 R08: 0000000000000000 R09: 0000000000000000
[   47.146647][ T4675] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   47.154757][ T4675] R13: 0000000000000000 R14: 00007f3789b05fa0 R15: 00007ffd39545af8
[   47.162751][ T4675]  </TASK>
[   47.177274][ T4691] FAULT_INJECTION: forcing a failure.
[   47.177274][ T4691] name failslab, interval 1, probability 0, space 0, times 0
[   47.190047][ T4691] CPU: 0 UID: 0 PID: 4691 Comm: syz.1.542 Not tainted 6.13.0-rc2-syzkaller #0
[   47.195348][ T4690] syzkaller0: entered promiscuous mode
[   47.198976][ T4691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   47.204453][ T4690] syzkaller0: entered allmulticast mode
[   47.214527][ T4691] Call Trace:
[   47.214536][ T4691]  <TASK>
[   47.214545][ T4691]  dump_stack_lvl+0xf2/0x150
[   47.231018][ T4691]  dump_stack+0x15/0x1a
[   47.235352][ T4691]  should_fail_ex+0x223/0x230
[   47.240027][ T4691]  should_failslab+0x8f/0xb0
[   47.244656][ T4691]  __kmalloc_noprof+0xab/0x3f0
[   47.249418][ T4691]  ? kobject_get_path+0x85/0x160
[   47.254356][ T4691]  kobject_get_path+0x85/0x160
[   47.259159][ T4691]  input_devices_seq_show+0x36/0x460
[   47.264443][ T4691]  traverse+0x155/0x3c0
[   47.268599][ T4691]  seq_read_iter+0x854/0x930
[   47.273195][ T4691]  ? _parse_integer+0x27/0x30
[   47.278038][ T4691]  seq_read+0x1ed/0x230
[   47.282213][ T4691]  ? __pfx_seq_read+0x10/0x10
[   47.286890][ T4691]  proc_reg_read+0x13f/0x1d0
[   47.291544][ T4691]  vfs_readv+0x3e2/0x660
[   47.295808][ T4691]  ? __pfx_proc_reg_read+0x10/0x10
[   47.300962][ T4691]  __x64_sys_preadv+0xf4/0x1c0
[   47.305816][ T4691]  x64_sys_call+0x2680/0x2dc0
[   47.310549][ T4691]  do_syscall_64+0xc9/0x1c0
[   47.315132][ T4691]  ? clear_bhb_loop+0x55/0xb0
[   47.319870][ T4691]  ? clear_bhb_loop+0x55/0xb0
[   47.324554][ T4691]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   47.330481][ T4691] RIP: 0033:0x7f3d5ca2fed9
[   47.334957][ T4691] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   47.354611][ T4691] RSP: 002b:00007f3d5b0a7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[   47.363103][ T4691] RAX: ffffffffffffffda RBX: 00007f3d5cbf5fa0 RCX: 00007f3d5ca2fed9
[   47.371074][ T4691] RDX: 0000000000000001 RSI: 00000000200015c0 RDI: 0000000000000003
[   47.379050][ T4691] RBP: 00007f3d5b0a70a0 R08: 0000000000000067 R09: 0000000000000000
[   47.387060][ T4691] R10: 00000000000000f0 R11: 0000000000000246 R12: 0000000000000001
[   47.395084][ T4691] R13: 0000000000000000 R14: 00007f3d5cbf5fa0 R15: 00007ffcdf2a5038
[   47.403062][ T4691]  </TASK>
[   47.418044][ T3303] EXT4-fs (loop2): unmounting filesystem 00000007-0000-0000-0000-000000000000.
[   47.887090][ T4717] 9pnet_fd: Insufficient options for proto=fd
[   48.316723][ T4735] netlink: 16 bytes leftover after parsing attributes in process `syz.2.559'.
[   48.660910][ T4757] FAULT_INJECTION: forcing a failure.
[   48.660910][ T4757] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   48.674225][ T4757] CPU: 0 UID: 0 PID: 4757 Comm: syz.0.568 Not tainted 6.13.0-rc2-syzkaller #0
[   48.683101][ T4757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   48.693179][ T4757] Call Trace:
[   48.696484][ T4757]  <TASK>
[   48.699490][ T4757]  dump_stack_lvl+0xf2/0x150
[   48.704114][ T4757]  dump_stack+0x15/0x1a
[   48.708310][ T4757]  should_fail_ex+0x223/0x230
[   48.713052][ T4757]  should_fail_alloc_page+0xfd/0x110
[   48.718449][ T4757]  __alloc_pages_noprof+0x109/0x340
[   48.723738][ T4757]  alloc_pages_mpol_noprof+0xb1/0x1e0
[   48.729132][ T4757]  vma_alloc_folio_noprof+0x1a0/0x2f0
[   48.734531][ T4757]  do_wp_page+0x64b/0x2340
[   48.739032][ T4757]  ? __rcu_read_lock+0x36/0x50
[   48.743822][ T4757]  handle_mm_fault+0xc63/0x2ac0
[   48.748773][ T4757]  exc_page_fault+0x3b9/0x650
[   48.753528][ T4757]  asm_exc_page_fault+0x26/0x30
[   48.758415][ T4757] RIP: 0033:0x7fcb83e41b63
[   48.762898][ T4757] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c
[   48.782573][ T4757] RSP: 002b:00007fcb825f64c0 EFLAGS: 00010202
[   48.788659][ T4757] RAX: 0000000000000400 RBX: 00007fcb825f6560 RCX: 00007fcb7a1d7000
[   48.796719][ T4757] RDX: 00007fcb825f6700 RSI: 0000000000000011 RDI: 00007fcb825f6600
[   48.804741][ T4757] RBP: 00000000000000f9 R08: 000000000000000a R09: 00000000000003b7
[   48.812731][ T4757] R10: 00000000000003c8 R11: 00007fcb825f6560 R12: 0000000000000001
[   48.820723][ T4757] R13: 00007fcb84008720 R14: 0000000000000020 R15: 00007fcb825f6600
[   48.828735][ T4757]  </TASK>
[   48.831865][ T4757] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[   48.977848][ T4757] loop0: detected capacity change from 0 to 512
[   48.999276][ T4757] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   49.011144][ T4759] wireguard0: entered promiscuous mode
[   49.016636][ T4759] wireguard0: entered allmulticast mode
[   49.036748][ T4757] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   49.050479][ T4757] EXT4-fs (loop0): orphan cleanup on readonly fs
[   49.080647][ T4757] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.568: Invalid block bitmap block 0 in block_group 0
[   49.145115][ T4757] EXT4-fs (loop0): Remounting filesystem read-only
[   49.157352][ T4757] EXT4-fs (loop0): 1 orphan inode deleted
[   49.166646][ T4757] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   49.179379][ T4757] SELinux: (dev loop0, type ext4) getxattr errno 5
[   49.196630][ T4757] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.209107][ T4779] FAULT_INJECTION: forcing a failure.
[   49.209107][ T4779] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   49.222230][ T4779] CPU: 0 UID: 0 PID: 4779 Comm: syz.3.576 Not tainted 6.13.0-rc2-syzkaller #0
[   49.231108][ T4779] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   49.241184][ T4779] Call Trace:
[   49.244475][ T4779]  <TASK>
[   49.247416][ T4779]  dump_stack_lvl+0xf2/0x150
[   49.252040][ T4779]  dump_stack+0x15/0x1a
[   49.256250][ T4779]  should_fail_ex+0x223/0x230
[   49.260983][ T4779]  should_fail+0xb/0x10
[   49.265170][ T4779]  should_fail_usercopy+0x1a/0x20
[   49.270233][ T4779]  strncpy_from_user+0x25/0x210
[   49.275127][ T4779]  ? kmem_cache_alloc_noprof+0x18e/0x320
[   49.280849][ T4779]  ? getname_flags+0x81/0x3b0
[   49.285546][ T4779]  getname_flags+0xb0/0x3b0
[   49.290069][ T4779]  getname+0x17/0x20
[   49.293980][ T4779]  __x64_sys_execve+0x40/0x70
[   49.298696][ T4779]  x64_sys_call+0x1333/0x2dc0
[   49.303392][ T4779]  do_syscall_64+0xc9/0x1c0
[   49.307943][ T4779]  ? clear_bhb_loop+0x55/0xb0
[   49.312714][ T4779]  ? clear_bhb_loop+0x55/0xb0
[   49.317591][ T4779]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   49.323524][ T4779] RIP: 0033:0x7fe34162fed9
[   49.327942][ T4779] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   49.347558][ T4779] RSP: 002b:00007fe33fca7058 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[   49.356025][ T4779] RAX: ffffffffffffffda RBX: 00007fe3417f5fa0 RCX: 00007fe34162fed9
[   49.364049][ T4779] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   49.372023][ T4779] RBP: 00007fe33fca70a0 R08: 0000000000000000 R09: 0000000000000000
[   49.380001][ T4779] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   49.387979][ T4779] R13: 0000000000000000 R14: 00007fe3417f5fa0 R15: 00007ffc7a10c528
[   49.395960][ T4779]  </TASK>
[   49.506893][ T4796] 9pnet_fd: Insufficient options for proto=fd
[   49.509985][ T4795] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[   49.533790][ T4795] netlink: 5 bytes leftover after parsing attributes in process `syz.3.584'.
[   49.560659][ T4797] loop2: detected capacity change from 0 to 1024
[   49.576324][ T4797] EXT4-fs: Ignoring removed nobh option
[   49.581949][ T4797] EXT4-fs: Ignoring removed nomblk_io_submit option
[   49.595685][ T4797] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   49.624955][ T4797] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   49.642651][ T4797] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback.
[   49.813422][ T3303] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.944662][ T4832] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   49.958230][ T4832] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   50.023399][ T4843] netlink: 3 bytes leftover after parsing attributes in process `syz.2.597'.
[   50.032904][ T4843] 0ªX¹¦À: renamed from caif0
[   50.040388][ T4843] 0ªX¹¦À: entered allmulticast mode
[   50.045655][ T4843] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[   50.459179][ T4867] loop3: detected capacity change from 0 to 128
[   50.481653][ T4867] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   50.514058][ T4867] ext4 filesystem being mounted at /130/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   50.579118][ T3308] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   50.619149][ T4875] netlink: 8 bytes leftover after parsing attributes in process `syz.1.611'.
[   50.673813][ T4881] xt_CT: You must specify a L4 protocol and not use inversions on it
[   51.202104][ T4915] loop1: detected capacity change from 0 to 512
[   51.267464][ T4915] EXT4-fs error (device loop1): ext4_get_branch:178: inode #11: block 4294967295: comm syz.1.623: invalid block
[   51.313351][ T4915] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.623: invalid indirect mapped block 4294967295 (level 1)
[   51.388976][ T4915] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.623: invalid indirect mapped block 4294967295 (level 1)
[   51.403723][ T4915] EXT4-fs (loop1): 2 truncates cleaned up
[   51.409843][ T4915] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   51.426440][ T4921] FAULT_INJECTION: forcing a failure.
[   51.426440][ T4921] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   51.440315][ T4921] CPU: 1 UID: 0 PID: 4921 Comm: syz.3.629 Not tainted 6.13.0-rc2-syzkaller #0
[   51.449236][ T4921] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   51.459319][ T4921] Call Trace:
[   51.462600][ T4921]  <TASK>
[   51.465534][ T4921]  dump_stack_lvl+0xf2/0x150
[   51.470190][ T4921]  dump_stack+0x15/0x1a
[   51.474368][ T4921]  should_fail_ex+0x223/0x230
[   51.479104][ T4921]  should_fail+0xb/0x10
[   51.483369][ T4921]  should_fail_usercopy+0x1a/0x20
[   51.488476][ T4921]  _copy_from_user+0x1e/0xb0
[   51.493083][ T4921]  __se_sys_memfd_create+0x26b/0x5c0
[   51.498404][ T4921]  __x64_sys_memfd_create+0x31/0x40
[   51.503616][ T4921]  x64_sys_call+0x2d4c/0x2dc0
[   51.508418][ T4921]  do_syscall_64+0xc9/0x1c0
[   51.512945][ T4921]  ? clear_bhb_loop+0x55/0xb0
[   51.517703][ T4921]  ? clear_bhb_loop+0x55/0xb0
[   51.522418][ T4921]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   51.528392][ T4921] RIP: 0033:0x7fe34162fed9
[   51.532812][ T4921] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   51.552425][ T4921] RSP: 002b:00007fe33fca6e38 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   51.560866][ T4921] RAX: ffffffffffffffda RBX: 00000000000004de RCX: 00007fe34162fed9
[   51.568869][ T4921] RDX: 00007fe33fca6f10 RSI: 0000000000000000 RDI: 00007fe3416a461b
[   51.576903][ T4921] RBP: 0000000020000c40 R08: 00007fe33fca6bd7 R09: 00007fe33fca6e60
[   51.584878][ T4921] R10: 000000000000000a R11: 0000000000000202 R12: 0000000020000080
[   51.592849][ T4921] R13: 00007fe33fca6f10 R14: 00007fe33fca6ed0 R15: 0000000020000300
[   51.600881][ T4921]  </TASK>
[   51.629977][   T29] kauditd_printk_skb: 986 callbacks suppressed
[   51.629992][   T29] audit: type=1400 audit(1733768820.521:4574): avc:  denied  { bind } for  pid=4927 comm="syz.2.631" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   51.665226][   T29] audit: type=1400 audit(1733768820.561:4575): avc:  denied  { write } for  pid=4927 comm="syz.2.631" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   51.684583][   T29] audit: type=1400 audit(1733768820.561:4576): avc:  denied  { ioctl } for  pid=4932 comm="syz.4.632" path="socket:[8895]" dev="sockfs" ino=8895 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   51.692679][ T4937] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   51.708977][   T29] audit: type=1400 audit(1733768820.561:4577): avc:  denied  { bind } for  pid=4932 comm="syz.4.632" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   51.709007][   T29] audit: type=1400 audit(1733768820.561:4578): avc:  denied  { connect } for  pid=4932 comm="syz.4.632" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   51.721116][ T4937] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   51.766186][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.777488][ T4937] FAULT_INJECTION: forcing a failure.
[   51.777488][ T4937] name failslab, interval 1, probability 0, space 0, times 0
[   51.790331][ T4937] CPU: 0 UID: 0 PID: 4937 Comm: syz.3.635 Not tainted 6.13.0-rc2-syzkaller #0
[   51.799216][ T4937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   51.809282][ T4937] Call Trace:
[   51.812567][ T4937]  <TASK>
[   51.815504][ T4937]  dump_stack_lvl+0xf2/0x150
[   51.820122][ T4937]  dump_stack+0x15/0x1a
[   51.824365][ T4937]  should_fail_ex+0x223/0x230
[   51.829119][ T4937]  should_failslab+0x8f/0xb0
[   51.833771][ T4937]  __kmalloc_node_noprof+0xad/0x410
[   51.838993][ T4937]  ? __kvmalloc_node_noprof+0x72/0x170
[   51.844507][ T4937]  __kvmalloc_node_noprof+0x72/0x170
[   51.849815][ T4937]  xt_alloc_table_info+0x3d/0x80
[   51.854841][ T4937]  do_ipt_set_ctl+0x66f/0x8b0
[   51.859593][ T4937]  ? tcp_release_cb+0xfe/0x380
[   51.864380][ T4937]  nf_setsockopt+0x195/0x1b0
[   51.868986][ T4937]  ip_setsockopt+0xea/0x100
[   51.873632][ T4937]  ipv6_setsockopt+0xef/0x130
[   51.878375][ T4937]  tcp_setsockopt+0x93/0xb0
[   51.883003][ T4937]  sock_common_setsockopt+0x64/0x80
[   51.888251][ T4937]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   51.894220][ T4937]  __sys_setsockopt+0x187/0x200
[   51.899142][ T4937]  __x64_sys_setsockopt+0x66/0x80
[   51.904196][ T4937]  x64_sys_call+0x282e/0x2dc0
[   51.908882][ T4937]  do_syscall_64+0xc9/0x1c0
[   51.913390][ T4937]  ? clear_bhb_loop+0x55/0xb0
[   51.918126][ T4937]  ? clear_bhb_loop+0x55/0xb0
[   51.922812][ T4937]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   51.928783][ T4937] RIP: 0033:0x7fe34162fed9
[   51.933211][ T4937] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   51.952853][ T4937] RSP: 002b:00007fe33fca7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   51.961343][ T4937] RAX: ffffffffffffffda RBX: 00007fe3417f5fa0 RCX: 00007fe34162fed9
[   51.969320][ T4937] RDX: 0000000000000040 RSI: 0004000000000000 RDI: 0000000000000005
[   51.977295][ T4937] RBP: 00007fe33fca70a0 R08: 0000000000000248 R09: 0000000000000000
[   51.985266][ T4937] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001
[   51.993238][ T4937] R13: 0000000000000000 R14: 00007fe3417f5fa0 R15: 00007ffc7a10c528
[   52.001258][ T4937]  </TASK>
[   52.018838][   T29] audit: type=1400 audit(1733768820.901:4579): avc:  denied  { getopt } for  pid=4932 comm="syz.4.632" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   52.053871][   T29] audit: type=1326 audit(1733768820.951:4580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4942 comm="syz.1.634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5ca2fed9 code=0x7ffc0000
[   52.077333][   T29] audit: type=1326 audit(1733768820.951:4581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4942 comm="syz.1.634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5ca2fed9 code=0x7ffc0000
[   52.078457][ T4945] loop0: detected capacity change from 0 to 512
[   52.100811][   T29] audit: type=1326 audit(1733768820.951:4582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4942 comm="syz.1.634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=244 compat=0 ip=0x7f3d5ca2fed9 code=0x7ffc0000
[   52.128133][ T4945] EXT4-fs error (device loop0): ext4_orphan_get:1389: inode #15: comm syz.0.637: casefold flag without casefold feature
[   52.130512][   T29] audit: type=1326 audit(1733768820.951:4583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4942 comm="syz.1.634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5ca2fed9 code=0x7ffc0000
[   52.145383][ T4945] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.637: couldn't read orphan inode 15 (err -117)
[   52.179159][ T4945] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   52.209264][ T3294] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.334033][ T4962] bond0: entered promiscuous mode
[   52.339125][ T4962] bond_slave_0: entered promiscuous mode
[   52.344922][ T4962] bond_slave_1: entered promiscuous mode
[   52.477417][ T4964] loop0: detected capacity change from 0 to 512
[   52.507970][ T4964] EXT4-fs error (device loop0): ext4_orphan_get:1389: inode #15: comm syz.0.645: casefold flag without casefold feature
[   52.541729][ T4964] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.645: couldn't read orphan inode 15 (err -117)
[   52.589464][ T4971] loop2: detected capacity change from 0 to 1024
[   52.590061][ T4964] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   52.611733][ T4971] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=f04cc01c, mo2=0002]
[   52.623033][ T4971] System zones: 0-1, 3-36
[   52.628204][ T4971] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   52.663372][ T4971] ext4: Unknown parameter 'dat/dev/infiniband/rdma_cm'
[   52.667159][ T4964] FAULT_INJECTION: forcing a failure.
[   52.667159][ T4964] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   52.683256][ T4974] loop3: detected capacity change from 0 to 512
[   52.683468][ T4964] CPU: 0 UID: 0 PID: 4964 Comm: syz.0.645 Not tainted 6.13.0-rc2-syzkaller #0
[   52.698489][ T4964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   52.708596][ T4964] Call Trace:
[   52.711944][ T4964]  <TASK>
[   52.714930][ T4964]  dump_stack_lvl+0xf2/0x150
[   52.719543][ T4964]  dump_stack+0x15/0x1a
[   52.723776][ T4964]  should_fail_ex+0x223/0x230
[   52.728518][ T4964]  should_fail+0xb/0x10
[   52.732698][ T4964]  should_fail_usercopy+0x1a/0x20
[   52.737830][ T4964]  _copy_from_user+0x1e/0xb0
[   52.742432][ T4964]  do_vfs_ioctl+0xccc/0x1530
[   52.747145][ T4964]  ? __fget_files+0x17c/0x1c0
[   52.751965][ T4964]  __se_sys_ioctl+0x80/0x140
[   52.756584][ T4964]  __x64_sys_ioctl+0x43/0x50
[   52.761185][ T4964]  x64_sys_call+0x1690/0x2dc0
[   52.765870][ T4964]  do_syscall_64+0xc9/0x1c0
[   52.770377][ T4964]  ? clear_bhb_loop+0x55/0xb0
[   52.775115][ T4964]  ? clear_bhb_loop+0x55/0xb0
[   52.779794][ T4964]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.785714][ T4964] RIP: 0033:0x7fcb83f7fed9
[   52.790129][ T4964] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   52.809841][ T4964] RSP: 002b:00007fcb825f7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   52.818371][ T4964] RAX: ffffffffffffffda RBX: 00007fcb84145fa0 RCX: 00007fcb83f7fed9
[   52.826377][ T4964] RDX: 0000000020000b40 RSI: 0000000040305829 RDI: 0000000000000004
[   52.834369][ T4964] RBP: 00007fcb825f70a0 R08: 0000000000000000 R09: 0000000000000000
[   52.842346][ T4964] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   52.850346][ T4964] R13: 0000000000000000 R14: 00007fcb84145fa0 R15: 00007fff65b99e98
[   52.858373][ T4964]  </TASK>
[   52.874830][ T4971] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.648: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[   52.893487][ T4971] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.648: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[   52.920925][ T4974] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   52.922912][ T4971] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.648: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[   52.943836][ T4974] ext4 filesystem being mounted at /137/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   52.982414][ T3294] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.005933][ T3303] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.119619][ T4993] FAULT_INJECTION: forcing a failure.
[   53.119619][ T4993] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   53.132954][ T4993] CPU: 0 UID: 0 PID: 4993 Comm: syz.1.656 Not tainted 6.13.0-rc2-syzkaller #0
[   53.141823][ T4993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   53.151876][ T4993] Call Trace:
[   53.155148][ T4993]  <TASK>
[   53.158072][ T4993]  dump_stack_lvl+0xf2/0x150
[   53.162746][ T4993]  dump_stack+0x15/0x1a
[   53.166988][ T4993]  should_fail_ex+0x223/0x230
[   53.171680][ T4993]  should_fail_alloc_page+0xfd/0x110
[   53.176998][ T4993]  __alloc_pages_noprof+0x109/0x340
[   53.182259][ T4993]  alloc_pages_mpol_noprof+0xb1/0x1e0
[   53.187650][ T4993]  alloc_pages_noprof+0xe1/0x100
[   53.192622][ T4993]  __pmd_alloc+0x4b/0x420
[   53.197070][ T4993]  ? should_fail_ex+0x31/0x230
[   53.201857][ T4993]  handle_mm_fault+0x1a77/0x2ac0
[   53.206827][ T4993]  exc_page_fault+0x296/0x650
[   53.211538][ T4993]  asm_exc_page_fault+0x26/0x30
[   53.216463][ T4993] RIP: 0010:rep_movs_alternative+0x4a/0x70
[   53.222365][ T4993] Code: 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 <f3> a4 c3 cc cc cc cc 48 89 c8 48 c1 e9 03 83 e0 07 f3 48 a5 89 c1
[   53.242062][ T4993] RSP: 0018:ffffc9001211bc50 EFLAGS: 00050202
[   53.248182][ T4993] RAX: ffff88810344dcf8 RBX: 0000000020000000 RCX: 0000000000000060
[   53.256224][ T4993] RDX: 0000000000000001 RSI: 0000000020000000 RDI: ffffc9001211bcc0
[   53.264302][ T4993] RBP: 0000000000000000 R08: 0000000080000000 R09: 0000000000000000
[   53.272351][ T4993] R10: 0001c9001211bcc0 R11: 0001c9001211bd1f R12: 0000000020000000
[   53.280366][ T4993] R13: 0000000000000000 R14: ffffc9001211bcc0 R15: 0000000000000060
[   53.288436][ T4993]  _copy_from_user+0x73/0xb0
[   53.293062][ T4993]  do_ipt_set_ctl+0x423/0x8b0
[   53.297777][ T4993]  ? tcp_release_cb+0xfe/0x380
[   53.302695][ T4993]  nf_setsockopt+0x195/0x1b0
[   53.307311][ T4993]  ip_setsockopt+0xea/0x100
[   53.311911][ T4993]  ipv6_setsockopt+0xef/0x130
[   53.316618][ T4993]  tcp_setsockopt+0x93/0xb0
[   53.321215][ T4993]  sock_common_setsockopt+0x64/0x80
[   53.326499][ T4993]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   53.332430][ T4993]  __sys_setsockopt+0x187/0x200
[   53.337323][ T4993]  __x64_sys_setsockopt+0x66/0x80
[   53.342358][ T4993]  x64_sys_call+0x282e/0x2dc0
[   53.347092][ T4993]  do_syscall_64+0xc9/0x1c0
[   53.351602][ T4993]  ? clear_bhb_loop+0x55/0xb0
[   53.356284][ T4993]  ? clear_bhb_loop+0x55/0xb0
[   53.361038][ T4993]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   53.366968][ T4993] RIP: 0033:0x7f3d5ca2fed9
[   53.371416][ T4993] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   53.391092][ T4993] RSP: 002b:00007f3d5b0a7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   53.399528][ T4993] RAX: ffffffffffffffda RBX: 00007f3d5cbf5fa0 RCX: 00007f3d5ca2fed9
[   53.407580][ T4993] RDX: 0000000000000040 RSI: 0004000000000000 RDI: 0000000000000004
[   53.415589][ T4993] RBP: 00007f3d5b0a70a0 R08: 0000000000000248 R09: 0000000000000000
[   53.423563][ T4993] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001
[   53.431571][ T4993] R13: 0000000000000000 R14: 00007f3d5cbf5fa0 R15: 00007ffcdf2a5038
[   53.439610][ T4993]  </TASK>
[   53.443037][    C0] vxcan0: j1939_tp_rxtimer: 0xffff888117647400: rx timeout, send abort
[   53.451422][    C0] vxcan0: j1939_xtp_rx_abort_one: 0xffff888117647400: 0x40000: (3) A timeout occurred and this is the connection abort to close the session.
[   53.614711][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.624362][ T5009] ALSA: seq fatal error: cannot create timer (-22)
[   53.642406][ T5011] syz.2.663[5011] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   53.642471][ T5011] syz.2.663[5011] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   53.696465][ T5016] netlink: 132 bytes leftover after parsing attributes in process `syz.2.663'.
[   53.697090][ T5011] syz.2.663[5011] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   53.739006][ T5016] FAULT_INJECTION: forcing a failure.
[   53.739006][ T5016] name failslab, interval 1, probability 0, space 0, times 0
[   53.762997][ T5016] CPU: 0 UID: 0 PID: 5016 Comm: syz.2.663 Not tainted 6.13.0-rc2-syzkaller #0
[   53.771875][ T5016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   53.782009][ T5016] Call Trace:
[   53.785308][ T5016]  <TASK>
[   53.788296][ T5016]  dump_stack_lvl+0xf2/0x150
[   53.792979][ T5016]  dump_stack+0x15/0x1a
[   53.797238][ T5016]  should_fail_ex+0x223/0x230
[   53.802060][ T5016]  should_failslab+0x8f/0xb0
[   53.806756][ T5016]  __kmalloc_noprof+0xab/0x3f0
[   53.811607][ T5016]  ? pneigh_lookup+0x196/0x3d0
[   53.816446][ T5016]  pneigh_lookup+0x196/0x3d0
[   53.821077][ T5016]  neigh_add+0x4b4/0x8e0
[   53.825438][ T5016]  ? __pfx_neigh_add+0x10/0x10
[   53.830270][ T5016]  rtnetlink_rcv_msg+0x6aa/0x710
[   53.835221][ T5016]  ? ref_tracker_free+0x3a5/0x410
[   53.840334][ T5016]  ? __dev_queue_xmit+0x186/0x2090
[   53.845495][ T5016]  netlink_rcv_skb+0x12c/0x230
[   53.850281][ T5016]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   53.855785][ T5016]  rtnetlink_rcv+0x1c/0x30
[   53.860277][ T5016]  netlink_unicast+0x599/0x670
[   53.865059][ T5016]  netlink_sendmsg+0x5cc/0x6e0
[   53.869923][ T5016]  ? __pfx_netlink_sendmsg+0x10/0x10
[   53.875219][ T5016]  __sock_sendmsg+0x140/0x180
[   53.879930][ T5016]  ____sys_sendmsg+0x312/0x410
[   53.884709][ T5016]  __sys_sendmsg+0x19d/0x230
[   53.889320][ T5016]  __x64_sys_sendmsg+0x46/0x50
[   53.894109][ T5016]  x64_sys_call+0x2734/0x2dc0
[   53.898870][ T5016]  do_syscall_64+0xc9/0x1c0
[   53.903389][ T5016]  ? clear_bhb_loop+0x55/0xb0
[   53.908081][ T5016]  ? clear_bhb_loop+0x55/0xb0
[   53.912816][ T5016]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   53.918732][ T5016] RIP: 0033:0x7f378993fed9
[   53.923173][ T5016] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   53.942848][ T5016] RSP: 002b:00007f3787f96058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   53.951345][ T5016] RAX: ffffffffffffffda RBX: 00007f3789b06080 RCX: 00007f378993fed9
[   53.959323][ T5016] RDX: 0000000020000000 RSI: 0000000020000940 RDI: 0000000000000004
[   53.967294][ T5016] RBP: 00007f3787f960a0 R08: 0000000000000000 R09: 0000000000000000
[   53.975339][ T5016] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   53.983389][ T5016] R13: 0000000000000000 R14: 00007f3789b06080 R15: 00007ffd39545af8
[   53.991460][ T5016]  </TASK>
[   54.021333][ T5020] loop4: detected capacity change from 0 to 2048
[   54.102853][ T5020]  loop4: p3 < > p4 < >
[   54.107053][ T5020] loop4: partition table partially beyond EOD, truncated
[   54.127986][ T5020] loop4: p3 start 4284289 is beyond EOD, truncated
[   54.156492][ T2998]  loop4: p3 < > p4 < >
[   54.160730][ T2998] loop4: partition table partially beyond EOD, truncated
[   54.177989][ T2998] loop4: p3 start 4284289 is beyond EOD, truncated
[   54.188568][ T5013] syz.4.665[5013] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   54.236754][ T5013] netlink: 4 bytes leftover after parsing attributes in process `syz.4.665'.
[   54.256859][ T5013] netlink: 4 bytes leftover after parsing attributes in process `syz.4.665'.
[   54.300472][ T3286] udevd[3286]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[   54.390782][ T5046] netlink: 16 bytes leftover after parsing attributes in process `syz.2.676'.
[   54.399792][ T5013] netlink: 4 bytes leftover after parsing attributes in process `syz.4.665'.
[   54.429660][ T5046] netlink: 'syz.2.676': attribute type 3 has an invalid length.
[   54.510033][ T5062] dccp_invalid_packet: P.Data Offset(172) too large
[   54.845929][ T5085] loop0: detected capacity change from 0 to 512
[   54.872729][ T5085] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.691: invalid indirect mapped block 256 (level 2)
[   54.875080][ T5091] FAULT_INJECTION: forcing a failure.
[   54.875080][ T5091] name failslab, interval 1, probability 0, space 0, times 0
[   54.898782][ T5091] CPU: 1 UID: 0 PID: 5091 Comm: syz.2.693 Not tainted 6.13.0-rc2-syzkaller #0
[   54.907646][ T5091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   54.917716][ T5091] Call Trace:
[   54.920679][ T5085] EXT4-fs (loop0): 2 truncates cleaned up
[   54.920993][ T5091]  <TASK>
[   54.921005][ T5091]  dump_stack_lvl+0xf2/0x150
[   54.934253][ T5091]  dump_stack+0x15/0x1a
[   54.938661][ T5091]  should_fail_ex+0x223/0x230
[   54.943362][ T5091]  ? audit_log_d_path+0x96/0x250
[   54.947315][ T5085] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   54.948350][ T5091]  should_failslab+0x8f/0xb0
[   54.948401][ T5091]  __kmalloc_cache_noprof+0x4e/0x320
[   54.948427][ T5091]  audit_log_d_path+0x96/0x250
[   54.975647][ T5091]  ? __rcu_read_unlock+0x4e/0x70
[   54.980778][ T5091]  audit_log_d_path_exe+0x42/0x70
[   54.985952][ T5091]  audit_log_task+0x192/0x1c0
[   54.990671][ T5091]  audit_seccomp+0x68/0x130
[   54.995267][ T5091]  __seccomp_filter+0x6fa/0x1180
[   55.000230][ T5091]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   55.005913][ T5091]  ? vfs_write+0x596/0x920
[   55.010346][ T5091]  ? __schedule+0x6fa/0x930
[   55.014956][ T5091]  __secure_computing+0x9f/0x1c0
[   55.019940][ T5091]  syscall_trace_enter+0xd1/0x1f0
[   55.025002][ T5091]  do_syscall_64+0xaa/0x1c0
[   55.029705][ T5091]  ? clear_bhb_loop+0x55/0xb0
[   55.034400][ T5091]  ? clear_bhb_loop+0x55/0xb0
[   55.039095][ T5091]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   55.045085][ T5091] RIP: 0033:0x7f378993fed9
[   55.049499][ T5091] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   55.069123][ T5091] RSP: 002b:00007f3787fb7058 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae
[   55.077582][ T5091] RAX: ffffffffffffffda RBX: 00007f3789b05fa0 RCX: 00007f378993fed9
[   55.085558][ T5091] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[   55.093533][ T5091] RBP: 00007f3787fb70a0 R08: 0000000000000000 R09: 0000000000000000
[   55.101510][ T5091] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   55.109486][ T5091] R13: 0000000000000000 R14: 00007f3789b05fa0 R15: 00007ffd39545af8
[   55.117536][ T5091]  </TASK>
[   55.185283][ T3294] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.253088][ T5102] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   55.293898][ T5102] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   55.354368][ T5102] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   55.432407][ T5102] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   55.490978][ T5102] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   55.510569][ T5118] netlink: 'syz.2.704': attribute type 1 has an invalid length.
[   55.525579][ T5102] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   55.544198][ T5118] netlink: 4 bytes leftover after parsing attributes in process `syz.2.704'.
[   55.561017][ T5102] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   55.610041][ T5102] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   55.743381][ T5125] loop2: detected capacity change from 0 to 4096
[   55.756665][ T5125] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   55.927709][ T3303] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.009170][ T5149] netlink: 40 bytes leftover after parsing attributes in process `syz.2.717'.
[   56.023495][ T5147] netlink: 8 bytes leftover after parsing attributes in process `syz.3.716'.
[   56.253659][ T5180] netlink: 40 bytes leftover after parsing attributes in process `syz.4.730'.
[   56.703529][ T5212] netlink: 40 bytes leftover after parsing attributes in process `syz.3.744'.
[   56.753429][   T29] kauditd_printk_skb: 966 callbacks suppressed
[   56.753544][   T29] audit: type=1326 audit(1733768825.651:5550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5217 comm="syz.2.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f378993fed9 code=0x7ffc0000
[   56.783101][   T29] audit: type=1326 audit(1733768825.651:5551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5217 comm="syz.2.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f378993fed9 code=0x7ffc0000
[   56.806446][   T29] audit: type=1326 audit(1733768825.651:5552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5217 comm="syz.2.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f378993fed9 code=0x7ffc0000
[   56.829899][   T29] audit: type=1326 audit(1733768825.651:5553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5217 comm="syz.2.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f378993fed9 code=0x7ffc0000
[   56.853258][   T29] audit: type=1326 audit(1733768825.651:5554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5217 comm="syz.2.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f378993fed9 code=0x7ffc0000
[   56.894255][   T29] audit: type=1326 audit(1733768825.651:5555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5217 comm="syz.2.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f378993fed9 code=0x7ffc0000
[   56.917649][   T29] audit: type=1326 audit(1733768825.651:5556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5217 comm="syz.2.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f378993fed9 code=0x7ffc0000
[   56.941179][   T29] audit: type=1326 audit(1733768825.651:5557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5217 comm="syz.2.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f378993fed9 code=0x7ffc0000
[   56.964530][   T29] audit: type=1326 audit(1733768825.651:5558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5217 comm="syz.2.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f378993fed9 code=0x7ffc0000
[   56.987843][   T29] audit: type=1326 audit(1733768825.651:5559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5217 comm="syz.2.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=65 compat=0 ip=0x7f378993fed9 code=0x7ffc0000
[   57.151752][ T5238] netlink: 40 bytes leftover after parsing attributes in process `syz.2.757'.
[   57.380059][ T5273] netlink: 4 bytes leftover after parsing attributes in process `syz.0.773'.
[   57.451798][ T5268] loop1: detected capacity change from 0 to 8192
[   57.458859][ T5280] netlink: 40 bytes leftover after parsing attributes in process `syz.0.776'.
[   57.853378][ T5307] netlink: 40 bytes leftover after parsing attributes in process `syz.3.789'.
[   58.110014][ T5341] netlink: 40 bytes leftover after parsing attributes in process `syz.4.806'.
[   59.048654][ T5444] x_tables: duplicate underflow at hook 1
[   59.068375][ T5444] relay: one or more items not logged [item size (56) > sub-buffer size (10)]
[   59.195538][ T5450] loop2: detected capacity change from 0 to 512
[   59.213605][ T5450] EXT4-fs: Ignoring removed oldalloc option
[   59.232886][ T5450] EXT4-fs error (device loop2): ext4_xattr_block_get:596: inode #2: comm syz.2.856: corrupted xattr block 255: invalid header
[   59.287094][ T5450] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117
[   59.300220][ T5450] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   59.312786][ T5450] EXT4-fs error (device loop2): ext4_xattr_block_get:596: inode #2: comm syz.2.856: corrupted xattr block 255: invalid header
[   59.327069][ T5450] SELinux: (dev loop2, type ext4) getxattr errno 117
[   59.336135][ T5450] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   60.611861][ T5589] __nla_validate_parse: 8 callbacks suppressed
[   60.611880][ T5589] netlink: 40 bytes leftover after parsing attributes in process `syz.0.924'.
[   60.865818][ T5627] netlink: 40 bytes leftover after parsing attributes in process `syz.0.941'.
[   61.124869][ T5659] netlink: 40 bytes leftover after parsing attributes in process `syz.0.955'.
[   61.144185][ T5656] loop2: detected capacity change from 0 to 8192
[   61.393729][ T5685] netlink: 40 bytes leftover after parsing attributes in process `syz.1.969'.
[   61.517532][ T5697] netlink: 4 bytes leftover after parsing attributes in process `syz.1.975'.
[   61.662078][ T5718] netlink: 40 bytes leftover after parsing attributes in process `syz.2.984'.
[   61.843739][   T29] kauditd_printk_skb: 1423 callbacks suppressed
[   61.843804][   T29] audit: type=1326 audit(1733768830.741:6983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5742 comm="syz.4.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f746dbcfed9 code=0x7ffc0000
[   61.899140][   T29] audit: type=1326 audit(1733768830.771:6984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5742 comm="syz.4.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=244 compat=0 ip=0x7f746dbcfed9 code=0x7ffc0000
[   61.922496][   T29] audit: type=1326 audit(1733768830.771:6985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5742 comm="syz.4.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f746dbcfed9 code=0x7ffc0000
[   61.945982][   T29] audit: type=1326 audit(1733768830.771:6986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5742 comm="syz.4.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f746dbcfed9 code=0x7ffc0000
[   61.969451][   T29] audit: type=1326 audit(1733768830.771:6987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5742 comm="syz.4.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f746dbcfed9 code=0x7ffc0000
[   61.992918][   T29] audit: type=1326 audit(1733768830.771:6988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5742 comm="syz.4.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f746dbcfed9 code=0x7ffc0000
[   62.016332][   T29] audit: type=1326 audit(1733768830.771:6989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5742 comm="syz.4.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f746dbcfed9 code=0x7ffc0000
[   62.039741][   T29] audit: type=1326 audit(1733768830.771:6990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5742 comm="syz.4.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f746dbcfed9 code=0x7ffc0000
[   62.063106][   T29] audit: type=1326 audit(1733768830.771:6991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5742 comm="syz.4.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f746dbcfed9 code=0x7ffc0000
[   62.086437][   T29] audit: type=1326 audit(1733768830.771:6992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5742 comm="syz.4.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f746dbcfed9 code=0x7ffc0000
[   62.171900][ T5756] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1001'.
[   62.531849][ T5780] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1014'.
[   62.764589][ T5817] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1032'.
[   63.022340][ T5845] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1046'.
[   63.504295][ T5907] x_tables: duplicate underflow at hook 1
[   63.520766][ T5907] relay: one or more items not logged [item size (56) > sub-buffer size (10)]
[   65.375839][ T6120] x_tables: duplicate underflow at hook 1
[   65.386498][ T6120] relay: one or more items not logged [item size (56) > sub-buffer size (10)]
[   65.679748][ T6154] x_tables: duplicate underflow at hook 1
[   65.696013][ T6154] relay: one or more items not logged [item size (56) > sub-buffer size (10)]
[   65.786681][ T6169] __nla_validate_parse: 10 callbacks suppressed
[   65.786701][ T6169] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1203'.
[   65.988441][ T6196] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1216'.
[   66.270963][ T6227] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1231'.
[   66.405928][ T6246] loop1: detected capacity change from 0 to 512
[   66.427605][ T6246] EXT4-fs: Ignoring removed oldalloc option
[   66.455694][ T6246] EXT4-fs error (device loop1): ext4_xattr_block_get:596: inode #2: comm syz.1.1239: corrupted xattr block 255: invalid header
[   66.488059][ T6246] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117
[   66.498829][ T6246] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   66.511556][ T6246] EXT4-fs error (device loop1): ext4_xattr_block_get:596: inode #2: comm syz.1.1239: corrupted xattr block 255: invalid header
[   66.526083][ T6246] SELinux: (dev loop1, type ext4) getxattr errno 117
[   66.533361][ T6246] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.987084][   T29] kauditd_printk_skb: 1821 callbacks suppressed
[   66.987101][   T29] audit: type=1326 audit(1733768835.881:8814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6297 comm="syz.1.1264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5ca2fed9 code=0x7ffc0000
[   67.064870][   T29] audit: type=1326 audit(1733768835.911:8815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6297 comm="syz.1.1264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5ca2fed9 code=0x7ffc0000
[   67.088357][   T29] audit: type=1326 audit(1733768835.911:8816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6297 comm="syz.1.1264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5ca2fed9 code=0x7ffc0000
[   67.111855][   T29] audit: type=1326 audit(1733768835.911:8817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6297 comm="syz.1.1264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5ca2fed9 code=0x7ffc0000
[   67.135357][   T29] audit: type=1326 audit(1733768835.911:8818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6297 comm="syz.1.1264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3d5ca2fed9 code=0x7ffc0000
[   67.158950][   T29] audit: type=1326 audit(1733768835.911:8819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6297 comm="syz.1.1264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5ca2fed9 code=0x7ffc0000
[   67.182422][   T29] audit: type=1326 audit(1733768835.911:8820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6297 comm="syz.1.1264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5ca2fed9 code=0x7ffc0000
[   67.205851][   T29] audit: type=1326 audit(1733768835.911:8821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6297 comm="syz.1.1264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3d5ca2fed9 code=0x7ffc0000
[   67.229294][   T29] audit: type=1326 audit(1733768835.921:8822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6297 comm="syz.1.1264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5ca2fed9 code=0x7ffc0000
[   67.252780][   T29] audit: type=1326 audit(1733768835.921:8823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6297 comm="syz.1.1264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5ca2fed9 code=0x7ffc0000
[   67.657827][ T6361] loop1: detected capacity change from 0 to 512
[   67.682282][ T6361] EXT4-fs: Ignoring removed oldalloc option
[   67.704997][ T6361] EXT4-fs error (device loop1): ext4_xattr_block_get:596: inode #2: comm syz.1.1294: corrupted xattr block 255: invalid header
[   67.720137][ T6361] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117
[   67.739381][ T6361] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   67.751992][ T6361] EXT4-fs error (device loop1): ext4_xattr_block_get:596: inode #2: comm syz.1.1294: corrupted xattr block 255: invalid header
[   67.766296][ T6361] SELinux: (dev loop1, type ext4) getxattr errno 117
[   67.774620][ T6361] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.038489][ T6532] x_tables: duplicate underflow at hook 1
[   69.046249][ T6532] relay: one or more items not logged [item size (56) > sub-buffer size (10)]
[   69.342602][ T6573] x_tables: duplicate underflow at hook 1
[   69.349111][ T6573] relay: one or more items not logged [item size (56) > sub-buffer size (10)]
[   69.483843][ T6593] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1406'.
[   69.742724][ T6625] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1423'.
[   70.030453][ T6661] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1437'.
[   70.320556][ T6691] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1454'.
[   70.554751][ T6718] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1468'.
[   70.798514][ T6745] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1481'.
[   71.128604][ T6780] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   71.139178][ T6780] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   71.204489][ T6782] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1497'.
[   71.409207][ T6806] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1508'.
[   71.642900][ T6830] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1521'.
[   71.876193][ T6859] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1534'.
[   71.991197][   T29] kauditd_printk_skb: 1766 callbacks suppressed
[   71.991215][   T29] audit: type=1326 audit(1733768840.891:10590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6880 comm="syz.1.1540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5ca2fed9 code=0x7ffc0000
[   72.024004][ T6876] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   72.028287][   T29] audit: type=1326 audit(1733768840.891:10591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6880 comm="syz.1.1540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5ca2fed9 code=0x7ffc0000
[   72.055920][   T29] audit: type=1326 audit(1733768840.891:10592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6884 comm="syz.0.1543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb83f7fed9 code=0x7ffc0000
[   72.056612][ T6876] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   72.079420][   T29] audit: type=1326 audit(1733768840.891:10593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6884 comm="syz.0.1543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb83f7fed9 code=0x7ffc0000
[   72.110762][   T29] audit: type=1326 audit(1733768840.891:10594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6884 comm="syz.0.1543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcb83f7fed9 code=0x7ffc0000
[   72.134395][   T29] audit: type=1326 audit(1733768840.891:10595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6884 comm="syz.0.1543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb83f7fed9 code=0x7ffc0000
[   72.157933][   T29] audit: type=1326 audit(1733768840.891:10596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6884 comm="syz.0.1543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcb83f7fed9 code=0x7ffc0000
[   72.181500][   T29] audit: type=1326 audit(1733768840.891:10597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6884 comm="syz.0.1543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb83f7fed9 code=0x7ffc0000
[   72.205024][   T29] audit: type=1326 audit(1733768840.891:10598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6884 comm="syz.0.1543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcb83f7fed9 code=0x7ffc0000
[   72.228593][   T29] audit: type=1326 audit(1733768840.891:10599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6884 comm="syz.0.1543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb83f7fed9 code=0x7ffc0000
[   72.332509][ T6900] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1550'.
[   72.595381][ T6926] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1564'.
[   72.874019][ T6956] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1579'.
[   73.263939][ T6996] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1596'.
[   73.506122][ T7028] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1612'.
[   74.784884][ T7150] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   74.807945][ T7150] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   75.842400][ T7242] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   75.851331][ T7242] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   77.023398][   T29] kauditd_printk_skb: 1391 callbacks suppressed
[   77.023490][   T29] audit: type=1326 audit(1733768845.921:11991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7344 comm="syz.0.1763" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb83f7fed9 code=0x7ffc0000
[   77.053356][   T29] audit: type=1326 audit(1733768845.921:11992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7344 comm="syz.0.1763" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb83f7fed9 code=0x7ffc0000
[   77.119944][   T29] audit: type=1326 audit(1733768845.981:11993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7344 comm="syz.0.1763" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcb83f7fed9 code=0x7ffc0000
[   77.143591][   T29] audit: type=1326 audit(1733768845.981:11994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7344 comm="syz.0.1763" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb83f7fed9 code=0x7ffc0000
[   77.167211][   T29] audit: type=1326 audit(1733768845.981:11995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7344 comm="syz.0.1763" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb83f7fed9 code=0x7ffc0000
[   77.190846][   T29] audit: type=1326 audit(1733768845.981:11996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7344 comm="syz.0.1763" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcb83f7fed9 code=0x7ffc0000
[   77.214369][   T29] audit: type=1326 audit(1733768845.981:11997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7344 comm="syz.0.1763" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb83f7fed9 code=0x7ffc0000
[   77.237919][   T29] audit: type=1326 audit(1733768845.981:11998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7344 comm="syz.0.1763" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb83f7fed9 code=0x7ffc0000
[   77.261526][   T29] audit: type=1326 audit(1733768845.981:11999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7344 comm="syz.0.1763" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcb83f7fed9 code=0x7ffc0000
[   77.285053][   T29] audit: type=1326 audit(1733768845.981:12000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7344 comm="syz.0.1763" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb83f7fed9 code=0x7ffc0000
[   77.502202][ T7385] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1782'.
[   77.523180][ T7381] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   77.552792][ T7381] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   77.963066][ T7416] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1795'.
[   78.165675][ T7445] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1809'.
[   78.372989][ T7476] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1823'.
[   78.607999][ T7505] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1838'.
[   78.842569][ T7542] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1854'.
[   79.594209][ T7659] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   79.609583][ T7659] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   80.344253][ T7785] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   80.353058][ T7785] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   81.119968][ T7918] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   81.138537][ T7918] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   81.629365][ T7997] FAULT_INJECTION: forcing a failure.
[   81.629365][ T7997] name failslab, interval 1, probability 0, space 0, times 0
[   81.642149][ T7997] CPU: 0 UID: 0 PID: 7997 Comm: syz.3.2068 Not tainted 6.13.0-rc2-syzkaller #0
[   81.651176][ T7997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   81.655878][ T7998] syz.4.2069[7998] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   81.661237][ T7997] Call Trace:
[   81.661247][ T7997]  <TASK>
[   81.661256][ T7997]  dump_stack_lvl+0xf2/0x150
[   81.661300][ T7997]  dump_stack+0x15/0x1a
[   81.683055][ T7998] syz.4.2069[7998] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   81.683444][ T7997]  should_fail_ex+0x223/0x230
[   81.687671][ T7998] syz.4.2069[7998] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   81.698884][ T7997]  should_failslab+0x8f/0xb0
[   81.698929][ T7997]  __kmalloc_noprof+0xab/0x3f0
[   81.724233][ T7997]  ? kernfs_fop_write_iter+0xe1/0x2c0
[   81.729709][ T7997]  ? selinux_file_permission+0x22a/0x360
[   81.735356][ T7997]  kernfs_fop_write_iter+0xe1/0x2c0
[   81.740626][ T7997]  vfs_write+0x77f/0x920
[   81.744956][ T7997]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[   81.750808][ T7997]  ksys_write+0xe8/0x1b0
[   81.755098][ T7997]  __x64_sys_write+0x42/0x50
[   81.759703][ T7997]  x64_sys_call+0x287e/0x2dc0
[   81.764388][ T7997]  do_syscall_64+0xc9/0x1c0
[   81.768917][ T7997]  ? clear_bhb_loop+0x55/0xb0
[   81.773601][ T7997]  ? clear_bhb_loop+0x55/0xb0
[   81.778323][ T7997]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   81.784261][ T7997] RIP: 0033:0x7fe34162fed9
[   81.788680][ T7997] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   81.808336][ T7997] RSP: 002b:00007fe33fca7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   81.816824][ T7997] RAX: ffffffffffffffda RBX: 00007fe3417f5fa0 RCX: 00007fe34162fed9
[   81.824801][ T7997] RDX: 0000000000000012 RSI: 0000000020000000 RDI: 0000000000000003
[   81.832814][ T7997] RBP: 00007fe33fca70a0 R08: 0000000000000000 R09: 0000000000000000
[   81.840789][ T7997] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   81.848761][ T7997] R13: 0000000000000000 R14: 00007fe3417f5fa0 R15: 00007ffc7a10c528
[   81.856742][ T7997]  </TASK>
[   82.037497][   T29] kauditd_printk_skb: 1792 callbacks suppressed
[   82.037514][   T29] audit: type=1326 audit(1733768850.931:13793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8020 comm="syz.2.2080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f378993fed9 code=0x7ffc0000
[   82.121688][   T29] audit: type=1326 audit(1733768850.971:13794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8020 comm="syz.2.2080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=244 compat=0 ip=0x7f378993fed9 code=0x7ffc0000
[   82.145258][   T29] audit: type=1326 audit(1733768850.971:13795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8020 comm="syz.2.2080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f378993fed9 code=0x7ffc0000
[   82.169115][   T29] audit: type=1326 audit(1733768850.971:13796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8020 comm="syz.2.2080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f378993fed9 code=0x7ffc0000
[   82.192679][   T29] audit: type=1326 audit(1733768850.971:13797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8020 comm="syz.2.2080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f378993fed9 code=0x7ffc0000
[   82.216210][   T29] audit: type=1326 audit(1733768850.971:13798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8020 comm="syz.2.2080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f378993fed9 code=0x7ffc0000
[   82.239705][   T29] audit: type=1326 audit(1733768850.971:13799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8020 comm="syz.2.2080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f378993fed9 code=0x7ffc0000
[   82.263776][   T29] audit: type=1326 audit(1733768850.971:13800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8020 comm="syz.2.2080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f378993fed9 code=0x7ffc0000
[   82.287305][   T29] audit: type=1326 audit(1733768850.971:13801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8020 comm="syz.2.2080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f378993fed9 code=0x7ffc0000
[   82.310927][   T29] audit: type=1326 audit(1733768850.971:13802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8020 comm="syz.2.2080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f378993fed9 code=0x7ffc0000
[   82.368335][ T8031] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   82.385114][ T8031] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   83.138216][ T8144] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   83.147956][ T8144] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   83.217398][ T8160] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2139'.
[   83.245851][ T8160] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2139'.
[   83.269941][ T8160] bridge_slave_1: left allmulticast mode
[   83.275783][ T8160] bridge_slave_1: left promiscuous mode
[   83.281597][ T8160] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.292231][ T8160] bridge_slave_0: left allmulticast mode
[   83.297914][ T8160] bridge_slave_0: left promiscuous mode
[   83.303703][ T8160] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.332349][ T8166] loop2: detected capacity change from 0 to 1024
[   83.352368][ T8166] EXT4-fs: Ignoring removed nomblk_io_submit option
[   83.363703][ T8169] FAULT_INJECTION: forcing a failure.
[   83.363703][ T8169] name failslab, interval 1, probability 0, space 0, times 0
[   83.365054][ T8166] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   83.376420][ T8169] CPU: 1 UID: 0 PID: 8169 Comm: syz.1.2142 Not tainted 6.13.0-rc2-syzkaller #0
[   83.395288][ T8169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   83.405361][ T8169] Call Trace:
[   83.408675][ T8169]  <TASK>
[   83.411631][ T8169]  dump_stack_lvl+0xf2/0x150
[   83.416341][ T8169]  dump_stack+0x15/0x1a
[   83.420595][ T8169]  should_fail_ex+0x223/0x230
[   83.425292][ T8169]  ? shrinker_alloc+0x3b/0x5e0
[   83.430122][ T8169]  should_failslab+0x8f/0xb0
[   83.434775][ T8169]  __kmalloc_cache_noprof+0x4e/0x320
[   83.440083][ T8169]  shrinker_alloc+0x3b/0x5e0
[   83.444852][ T8169]  ? __tsan_unaligned_write8+0xe/0x180
[   83.450408][ T8169]  alloc_super+0x451/0x5a0
[   83.454863][ T8169]  ? __pfx_set_anon_super_fc+0x10/0x10
[   83.460349][ T8169]  sget_fc+0x259/0x670
[   83.464469][ T8169]  ? __pfx_set_anon_super_fc+0x10/0x10
[   83.470094][ T8169]  ? __pfx_mqueue_fill_super+0x10/0x10
[   83.475592][ T8169]  get_tree_nodev+0x28/0xf0
[   83.480125][ T8169]  mqueue_get_tree+0x6b/0x90
[   83.484755][ T8169]  vfs_get_tree+0x56/0x1e0
[   83.489422][ T8169]  fc_mount+0x16/0x70
[   83.493431][ T8169]  mq_init_ns+0x253/0x300
[   83.497876][ T8169]  copy_ipcs+0x218/0x3b0
[   83.502180][ T8169]  create_new_namespaces+0x135/0x430
[   83.507504][ T8169]  ? security_capable+0x81/0x90
[   83.512408][ T8169]  unshare_nsproxy_namespaces+0xe6/0x120
[   83.518230][ T8169]  ksys_unshare+0x3c9/0x6e0
[   83.522797][ T8169]  __x64_sys_unshare+0x1f/0x30
[   83.527677][ T8169]  x64_sys_call+0x1a3e/0x2dc0
[   83.532383][ T8169]  do_syscall_64+0xc9/0x1c0
[   83.536907][ T8169]  ? clear_bhb_loop+0x55/0xb0
[   83.541603][ T8169]  ? clear_bhb_loop+0x55/0xb0
[   83.546296][ T8169]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.552261][ T8169] RIP: 0033:0x7f3d5ca2fed9
[   83.556695][ T8169] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   83.576385][ T8169] RSP: 002b:00007f3d5b0a7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[   83.584959][ T8169] RAX: ffffffffffffffda RBX: 00007f3d5cbf5fa0 RCX: 00007f3d5ca2fed9
[   83.592949][ T8169] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000068040200
[   83.601009][ T8169] RBP: 00007f3d5b0a70a0 R08: 0000000000000000 R09: 0000000000000000
[   83.609025][ T8169] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   83.617018][ T8169] R13: 0000000000000000 R14: 00007f3d5cbf5fa0 R15: 00007ffcdf2a5038
[   83.625021][ T8169]  </TASK>
[   83.631033][ T8166] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   83.752619][ T8161] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.038380][ T8207] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   84.070231][ T8207] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   84.457337][ T8237] chnl_net:caif_netlink_parms(): no params data found
[   84.486833][ T8272] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2184'.
[   84.497366][ T8272] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2184'.
[   84.506430][ T8272] netem: unknown loss type 13
[   84.511165][ T8272] netem: change failed
[   84.566528][ T8237] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.573901][ T8237] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.583024][ T8237] bridge_slave_0: entered allmulticast mode
[   84.589569][ T8237] bridge_slave_0: entered promiscuous mode
[   84.600304][ T8237] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.607408][ T8237] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.615009][ T8237] bridge_slave_1: entered allmulticast mode
[   84.621564][ T8237] bridge_slave_1: entered promiscuous mode
[   84.663013][ T8237] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   84.677832][ T8237] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   84.726321][ T8237] team0: Port device team_slave_0 added
[   84.739054][ T8237] team0: Port device team_slave_1 added
[   84.775546][ T8237] batman_adv: batadv0: Adding interface: batadv_slave_0
[   84.782653][ T8237] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   84.808709][ T8237] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   84.862369][ T8298] FAULT_INJECTION: forcing a failure.
[   84.862369][ T8298] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   84.866739][ T8237] batman_adv: batadv0: Adding interface: batadv_slave_1
[   84.875597][ T8298] CPU: 1 UID: 0 PID: 8298 Comm: syz.0.2195 Not tainted 6.13.0-rc2-syzkaller #0
[   84.875628][ T8298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   84.882569][ T8237] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   84.891490][ T8298] Call Trace:
[   84.891499][ T8298]  <TASK>
[   84.901627][ T8237] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   84.927459][ T8298]  dump_stack_lvl+0xf2/0x150
[   84.927504][ T8298]  dump_stack+0x15/0x1a
[   84.953181][ T8298]  should_fail_ex+0x223/0x230
[   84.957959][ T8298]  should_fail+0xb/0x10
[   84.962142][ T8298]  should_fail_usercopy+0x1a/0x20
[   84.967274][ T8298]  _copy_from_user+0x1e/0xb0
[   84.971882][ T8298]  tls_setsockopt+0x80e/0xcb0
[   84.976609][ T8298]  sock_common_setsockopt+0x64/0x80
[   84.981875][ T8298]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   84.987805][ T8298]  __sys_setsockopt+0x187/0x200
[   84.992718][ T8298]  __x64_sys_setsockopt+0x66/0x80
[   84.997768][ T8298]  x64_sys_call+0x282e/0x2dc0
[   85.002524][ T8298]  do_syscall_64+0xc9/0x1c0
[   85.007171][ T8298]  ? clear_bhb_loop+0x55/0xb0
[   85.011870][ T8298]  ? clear_bhb_loop+0x55/0xb0
[   85.016581][ T8298]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.022551][ T8298] RIP: 0033:0x7fcb83f7fed9
[   85.026971][ T8298] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   85.046582][ T8298] RSP: 002b:00007fcb825f7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   85.055017][ T8298] RAX: ffffffffffffffda RBX: 00007fcb84145fa0 RCX: 00007fcb83f7fed9
[   85.062998][ T8298] RDX: 0000000000000002 RSI: 000000000000011a RDI: 0000000000000003
[   85.071017][ T8298] RBP: 00007fcb825f70a0 R08: 0000000000000028 R09: 0000000000000000
[   85.079035][ T8298] R10: 0000000020000400 R11: 0000000000000246 R12: 0000000000000001
[   85.087136][ T8298] R13: 0000000000000000 R14: 00007fcb84145fa0 R15: 00007fff65b99e98
[   85.095198][ T8298]  </TASK>
[   85.127139][ T8237] hsr_slave_0: entered promiscuous mode
[   85.142000][ T8237] hsr_slave_1: entered promiscuous mode
[   85.152231][ T8237] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   85.176826][ T8237] Cannot create hsr debugfs directory
[   85.215115][ T8306] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   85.236464][ T8306] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   85.398419][ T8237] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   85.439113][ T8237] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   85.450068][ T8237] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   85.472508][ T8237] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   85.557541][ T8237] 8021q: adding VLAN 0 to HW filter on device bond0
[   85.578752][ T8237] 8021q: adding VLAN 0 to HW filter on device team0
[   85.598064][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.605248][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[   85.618945][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.626147][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[   85.756076][ T8237] 8021q: adding VLAN 0 to HW filter on device batadv0
[   85.828312][ T8361] lo speed is unknown, defaulting to 1000
[   85.834765][ T8361] lo speed is unknown, defaulting to 1000
[   85.841204][ T8361] lo speed is unknown, defaulting to 1000
[   85.847391][ T8361] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   85.860134][ T8361] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[   85.883375][ T8361] lo speed is unknown, defaulting to 1000
[   85.903523][ T8361] lo speed is unknown, defaulting to 1000
[   85.915280][ T8361] lo speed is unknown, defaulting to 1000
[   85.928517][ T8361] lo speed is unknown, defaulting to 1000
[   85.952818][ T8361] lo speed is unknown, defaulting to 1000
[   85.966126][ T8361] lo speed is unknown, defaulting to 1000
[   86.035576][ T8237] veth0_vlan: entered promiscuous mode
[   86.064367][ T8237] veth1_vlan: entered promiscuous mode
[   86.085775][ T8237] veth0_macvtap: entered promiscuous mode
[   86.104103][ T8237] veth1_macvtap: entered promiscuous mode
[   86.125975][ T8237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   86.136480][ T8237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.146480][ T8237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   86.156999][ T8237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.166941][ T8237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   86.177409][ T8237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.188025][ T8237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   86.198472][ T8237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.208434][ T8237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   86.218886][ T8237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.232120][ T8237] batman_adv: batadv0: Interface activated: batadv_slave_0
[   86.243722][ T8237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   86.254342][ T8237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.264391][ T8237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   86.275026][ T8237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.284961][ T8237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   86.295483][ T8237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.305394][ T8237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   86.315832][ T8237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.325748][ T8237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   86.336314][ T8237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.349230][ T8237] batman_adv: batadv0: Interface activated: batadv_slave_1
[   86.359897][ T8237] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   86.368708][ T8237] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   86.377491][ T8237] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   86.386229][ T8237] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   86.588241][ T8419] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   86.616436][ T8419] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   86.647819][ T8422] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2242'.
[   87.075476][   T29] kauditd_printk_skb: 1192 callbacks suppressed
[   87.075492][   T29] audit: type=1326 audit(1733768855.971:14995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8477 comm="syz.4.2266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f746dbcfed9 code=0x7ffc0000
[   87.115436][   T29] audit: type=1326 audit(1733768856.011:14996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8477 comm="syz.4.2266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f746dbcfed9 code=0x7ffc0000
[   87.139009][   T29] audit: type=1326 audit(1733768856.011:14997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8477 comm="syz.4.2266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f746dbcfed9 code=0x7ffc0000
[   87.162964][   T29] audit: type=1326 audit(1733768856.011:14998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8477 comm="syz.4.2266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f746dbcfed9 code=0x7ffc0000
[   87.186561][   T29] audit: type=1326 audit(1733768856.011:14999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8477 comm="syz.4.2266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f746dbcfed9 code=0x7ffc0000
[   87.210165][   T29] audit: type=1326 audit(1733768856.011:15000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8477 comm="syz.4.2266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f746dbcfed9 code=0x7ffc0000
[   87.233714][   T29] audit: type=1326 audit(1733768856.011:15001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8477 comm="syz.4.2266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f746dbcfed9 code=0x7ffc0000
[   87.257314][   T29] audit: type=1326 audit(1733768856.011:15002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8477 comm="syz.4.2266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f746dbcfed9 code=0x7ffc0000
[   87.280902][   T29] audit: type=1326 audit(1733768856.011:15003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8477 comm="syz.4.2266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f746dbcfed9 code=0x7ffc0000
[   87.304596][   T29] audit: type=1326 audit(1733768856.011:15004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8477 comm="syz.4.2266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f746dbcfed9 code=0x7ffc0000
[   87.329950][ T8482] FAULT_INJECTION: forcing a failure.
[   87.329950][ T8482] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   87.343078][ T8482] CPU: 0 UID: 0 PID: 8482 Comm: syz.0.2268 Not tainted 6.13.0-rc2-syzkaller #0
[   87.352032][ T8482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   87.362093][ T8482] Call Trace:
[   87.365456][ T8482]  <TASK>
[   87.368508][ T8482]  dump_stack_lvl+0xf2/0x150
[   87.373166][ T8482]  dump_stack+0x15/0x1a
[   87.377355][ T8482]  should_fail_ex+0x223/0x230
[   87.382303][ T8482]  should_fail+0xb/0x10
[   87.386548][ T8482]  should_fail_usercopy+0x1a/0x20
[   87.391589][ T8482]  _copy_from_user+0x1e/0xb0
[   87.396265][ T8482]  move_addr_to_kernel+0x82/0x120
[   87.401363][ T8482]  copy_msghdr_from_user+0x271/0x2a0
[   87.406685][ T8482]  __sys_sendmmsg+0x1e8/0x4b0
[   87.411453][ T8482]  __x64_sys_sendmmsg+0x57/0x70
[   87.416323][ T8482]  x64_sys_call+0x29aa/0x2dc0
[   87.421028][ T8482]  do_syscall_64+0xc9/0x1c0
[   87.425543][ T8482]  ? clear_bhb_loop+0x55/0xb0
[   87.430235][ T8482]  ? clear_bhb_loop+0x55/0xb0
[   87.434971][ T8482]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.440892][ T8482] RIP: 0033:0x7fcb83f7fed9
[   87.445385][ T8482] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   87.465006][ T8482] RSP: 002b:00007fcb825f7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   87.473522][ T8482] RAX: ffffffffffffffda RBX: 00007fcb84145fa0 RCX: 00007fcb83f7fed9
[   87.481500][ T8482] RDX: 0000000000000001 RSI: 00000000200032c0 RDI: 0000000000000003
[   87.489478][ T8482] RBP: 00007fcb825f70a0 R08: 0000000000000000 R09: 0000000000000000
[   87.497457][ T8482] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   87.505429][ T8482] R13: 0000000000000000 R14: 00007fcb84145fa0 R15: 00007fff65b99e98
[   87.513416][ T8482]  </TASK>
[   87.519874][ T8488] loop4: detected capacity change from 0 to 128
[   87.526269][ T8486] geneve2: entered promiscuous mode
[   87.526288][ T8486] geneve2: entered allmulticast mode
[   87.659077][ T8503] vhci_hcd: invalid port number 32
[   87.716942][ T8508] loop4: detected capacity change from 0 to 2048
[   87.731777][ T8508] EXT4-fs (loop4): The Hurd can't support 64-bit file systems
[   87.809049][ T8524] syz.0.2281[8524] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   87.809122][ T8524] syz.0.2281[8524] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   87.838918][ T8526] FAULT_INJECTION: forcing a failure.
[   87.838918][ T8526] name failslab, interval 1, probability 0, space 0, times 0
[   87.842092][ T8524] syz.0.2281[8524] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   87.850422][ T8526] CPU: 1 UID: 0 PID: 8526 Comm: syz.5.2285 Not tainted 6.13.0-rc2-syzkaller #0
[   87.879807][ T8519] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2281'.
[   87.883155][ T8526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   87.883172][ T8526] Call Trace:
[   87.883179][ T8526]  <TASK>
[   87.883188][ T8526]  dump_stack_lvl+0xf2/0x150
[   87.883300][ T8526]  dump_stack+0x15/0x1a
[   87.917567][ T8526]  should_fail_ex+0x223/0x230
[   87.922268][ T8526]  should_failslab+0x8f/0xb0
[   87.926883][ T8526]  __kmalloc_noprof+0xab/0x3f0
[   87.931694][ T8526]  ? security_prepare_creds+0x53/0x120
[   87.937421][ T8526]  security_prepare_creds+0x53/0x120
[   87.942748][ T8526]  prepare_creds+0x346/0x480
[   87.947390][ T8526]  selinux_lsm_setattr+0x198/0x640
[   87.952628][ T8526]  selinux_setprocattr+0x4e/0x70
[   87.957675][ T8526]  security_setprocattr+0x198/0x1c0
[   87.962917][ T8526]  proc_pid_attr_write+0x1e7/0x220
[   87.968068][ T8526]  ? __pfx_proc_pid_attr_write+0x10/0x10
[   87.973741][ T8526]  vfs_write+0x281/0x920
[   87.978070][ T8526]  ? __fget_files+0x17c/0x1c0
[   87.982780][ T8526]  ksys_write+0xe8/0x1b0
[   87.987081][ T8526]  __x64_sys_write+0x42/0x50
[   87.991813][ T8526]  x64_sys_call+0x287e/0x2dc0
[   87.996529][ T8526]  do_syscall_64+0xc9/0x1c0
[   88.001495][ T8526]  ? clear_bhb_loop+0x55/0xb0
[   88.006255][ T8526]  ? clear_bhb_loop+0x55/0xb0
[   88.010937][ T8526]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.016897][ T8526] RIP: 0033:0x7f8efb52fed9
[   88.021325][ T8526] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   88.041044][ T8526] RSP: 002b:00007f8ef9ba7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   88.049515][ T8526] RAX: ffffffffffffffda RBX: 00007f8efb6f5fa0 RCX: 00007f8efb52fed9
[   88.057505][ T8526] RDX: 000000000000001d RSI: 0000000020000100 RDI: 0000000000000003
[   88.065599][ T8526] RBP: 00007f8ef9ba70a0 R08: 0000000000000000 R09: 0000000000000000
[   88.073595][ T8526] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   88.081622][ T8526] R13: 0000000000000000 R14: 00007f8efb6f5fa0 R15: 00007fff69c77e38
[   88.089611][ T8526]  </TASK>
[   88.195819][ T8535] loop4: detected capacity change from 0 to 512
[   88.366909][ T8551] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   88.369062][ T8552] mmap: syz.3.2292 (8552) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   88.386349][ T8551] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   88.741934][ T8579] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8579 comm=syz.1.2306
[   88.831528][ T8584] syzkaller0: entered promiscuous mode
[   88.837050][ T8584] syzkaller0: entered allmulticast mode
[   88.973322][ T8599] FAULT_INJECTION: forcing a failure.
[   88.973322][ T8599] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   88.986550][ T8599] CPU: 1 UID: 0 PID: 8599 Comm: syz.3.2312 Not tainted 6.13.0-rc2-syzkaller #0
[   88.995516][ T8599] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   89.005574][ T8599] Call Trace:
[   89.008900][ T8599]  <TASK>
[   89.011834][ T8599]  dump_stack_lvl+0xf2/0x150
[   89.016472][ T8599]  dump_stack+0x15/0x1a
[   89.020759][ T8599]  should_fail_ex+0x223/0x230
[   89.025531][ T8599]  should_fail+0xb/0x10
[   89.029861][ T8599]  should_fail_usercopy+0x1a/0x20
[   89.034922][ T8599]  _copy_to_user+0x20/0xa0
[   89.039443][ T8599]  simple_read_from_buffer+0xa0/0x110
[   89.044831][ T8599]  proc_fail_nth_read+0xf9/0x140
[   89.049855][ T8599]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   89.055505][ T8599]  vfs_read+0x1a2/0x700
[   89.059774][ T8599]  ? __rcu_read_unlock+0x4e/0x70
[   89.064789][ T8599]  ? __fget_files+0x17c/0x1c0
[   89.069493][ T8599]  ksys_read+0xe8/0x1b0
[   89.073693][ T8599]  __x64_sys_read+0x42/0x50
[   89.078204][ T8599]  x64_sys_call+0x2874/0x2dc0
[   89.082879][ T8599]  do_syscall_64+0xc9/0x1c0
[   89.087448][ T8599]  ? clear_bhb_loop+0x55/0xb0
[   89.092177][ T8599]  ? clear_bhb_loop+0x55/0xb0
[   89.096929][ T8599]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.102848][ T8599] RIP: 0033:0x7fe34162e8ec
[   89.107258][ T8599] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   89.126968][ T8599] RSP: 002b:00007fe33fc86050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   89.135416][ T8599] RAX: ffffffffffffffda RBX: 00007fe3417f6080 RCX: 00007fe34162e8ec
[   89.143455][ T8599] RDX: 000000000000000f RSI: 00007fe33fc860b0 RDI: 0000000000000006
[   89.151456][ T8599] RBP: 00007fe33fc860a0 R08: 0000000000000000 R09: 0000000000000000
[   89.159428][ T8599] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   89.167403][ T8599] R13: 0000000000000001 R14: 00007fe3417f6080 R15: 00007ffc7a10c528
[   89.175598][ T8599]  </TASK>
[   89.195482][ T8608] FAULT_INJECTION: forcing a failure.
[   89.195482][ T8608] name failslab, interval 1, probability 0, space 0, times 0
[   89.208165][ T8608] CPU: 1 UID: 0 PID: 8608 Comm: syz.4.2319 Not tainted 6.13.0-rc2-syzkaller #0
[   89.217118][ T8608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   89.227216][ T8608] Call Trace:
[   89.230582][ T8608]  <TASK>
[   89.230952][ T8614] loop3: detected capacity change from 0 to 512
[   89.233591][ T8608]  dump_stack_lvl+0xf2/0x150
[   89.244455][ T8608]  dump_stack+0x15/0x1a
[   89.248653][ T8608]  should_fail_ex+0x223/0x230
[   89.253429][ T8608]  should_failslab+0x8f/0xb0
[   89.258039][ T8608]  __kmalloc_noprof+0xab/0x3f0
[   89.262824][ T8608]  ? sock_kmalloc+0x83/0xc0
[   89.267397][ T8608]  sock_kmalloc+0x83/0xc0
[   89.271864][ T8608]  __ip_mc_join_group+0x1c0/0x2c0
[   89.277034][ T8608]  ip_mc_join_group+0x1f/0x30
[   89.281846][ T8608]  do_ip_setsockopt+0x1eee/0x2340
[   89.286909][ T8608]  ip_setsockopt+0x63/0x100
[   89.291447][ T8608]  udp_setsockopt+0x95/0xb0
[   89.295966][ T8608]  sock_common_setsockopt+0x64/0x80
[   89.301182][ T8608]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   89.307139][ T8608]  __sys_setsockopt+0x187/0x200
[   89.311998][ T8608]  __x64_sys_setsockopt+0x66/0x80
[   89.317030][ T8608]  x64_sys_call+0x282e/0x2dc0
[   89.321716][ T8608]  do_syscall_64+0xc9/0x1c0
[   89.326244][ T8608]  ? clear_bhb_loop+0x55/0xb0
[   89.331061][ T8608]  ? clear_bhb_loop+0x55/0xb0
[   89.335759][ T8608]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.341766][ T8608] RIP: 0033:0x7f746dbcfed9
[   89.346180][ T8608] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   89.365844][ T8608] RSP: 002b:00007f746c247058 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   89.374260][ T8608] RAX: ffffffffffffffda RBX: 00007f746dd95fa0 RCX: 00007f746dbcfed9
[   89.382384][ T8608] RDX: 0000000000000023 RSI: 0000000000000000 RDI: 0000000000000004
[   89.390357][ T8608] RBP: 00007f746c2470a0 R08: 0000000000000040 R09: 0000000000000000
[   89.398340][ T8608] R10: 0000000020000740 R11: 0000000000000246 R12: 0000000000000001
[   89.406316][ T8608] R13: 0000000000000000 R14: 00007f746dd95fa0 R15: 00007ffcdf016578
[   89.414310][ T8608]  </TASK>
[   89.452552][ T8614] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   89.487812][ T8614] ext4 filesystem being mounted at /473/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   89.551165][ T8638] loop1: detected capacity change from 0 to 128
[   89.603047][ T8638] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   89.624945][ T8638] ext4 filesystem being mounted at /454/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   89.709213][ T8638] netlink: 'syz.1.2330': attribute type 41 has an invalid length.
[   89.738021][ T8651] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2335'.
[   89.751878][ T3304] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   89.773352][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.793292][ T8664] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2335'.
[   89.820728][ T8664] bridge_slave_1: left allmulticast mode
[   89.826454][ T8664] bridge_slave_1: left promiscuous mode
[   89.832168][ T8664] bridge0: port 2(bridge_slave_1) entered disabled state
[   89.842233][ T8664] bridge_slave_0: left allmulticast mode
[   89.848227][ T8664] bridge_slave_0: left promiscuous mode
[   89.854110][ T8664] bridge0: port 1(bridge_slave_0) entered disabled state
[   89.867945][ T8669] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8669 comm=syz.3.2340
[   89.896976][ T8674] FAULT_INJECTION: forcing a failure.
[   89.896976][ T8674] name failslab, interval 1, probability 0, space 0, times 0
[   89.909655][ T8674] CPU: 1 UID: 0 PID: 8674 Comm: syz.1.2339 Not tainted 6.13.0-rc2-syzkaller #0
[   89.916928][ T8651] loop5: detected capacity change from 0 to 1024
[   89.918591][ T8674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   89.935026][ T8674] Call Trace:
[   89.935548][ T8651] EXT4-fs: Ignoring removed nomblk_io_submit option
[   89.938300][ T8674]  <TASK>
[   89.938311][ T8674]  dump_stack_lvl+0xf2/0x150
[   89.952524][ T8674]  dump_stack+0x15/0x1a
[   89.956752][ T8674]  should_fail_ex+0x223/0x230
[   89.961524][ T8674]  should_failslab+0x8f/0xb0
[   89.966134][ T8674]  kmem_cache_alloc_noprof+0x52/0x320
[   89.971517][ T8674]  ? skb_clone+0x154/0x1f0
[   89.975945][ T8674]  skb_clone+0x154/0x1f0
[   89.980267][ T8674]  __netlink_deliver_tap+0x2bd/0x4f0
[   89.985603][ T8674]  netlink_unicast+0x64a/0x670
[   89.990480][ T8674]  netlink_sendmsg+0x5cc/0x6e0
[   89.995270][ T8674]  ? __pfx_netlink_sendmsg+0x10/0x10
[   90.000716][ T8674]  __sock_sendmsg+0x140/0x180
[   90.005452][ T8674]  ____sys_sendmsg+0x312/0x410
[   90.010423][ T8674]  __sys_sendmsg+0x19d/0x230
[   90.015039][ T8674]  __x64_sys_sendmsg+0x46/0x50
[   90.019818][ T8674]  x64_sys_call+0x2734/0x2dc0
[   90.024521][ T8674]  do_syscall_64+0xc9/0x1c0
[   90.029130][ T8674]  ? clear_bhb_loop+0x55/0xb0
[   90.033873][ T8674]  ? clear_bhb_loop+0x55/0xb0
[   90.038562][ T8674]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.044480][ T8674] RIP: 0033:0x7f3d5ca2fed9
[   90.048904][ T8674] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   90.068620][ T8674] RSP: 002b:00007f3d5b0a7058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   90.077089][ T8674] RAX: ffffffffffffffda RBX: 00007f3d5cbf5fa0 RCX: 00007f3d5ca2fed9
[   90.085066][ T8674] RDX: 0000000000000000 RSI: 0000000020000600 RDI: 0000000000000003
[   90.093043][ T8674] RBP: 00007f3d5b0a70a0 R08: 0000000000000000 R09: 0000000000000000
[   90.101017][ T8674] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   90.109071][ T8674] R13: 0000000000000000 R14: 00007f3d5cbf5fa0 R15: 00007ffcdf2a5038
[   90.117055][ T8674]  </TASK>
[   90.148541][ T8674] netlink: 'syz.1.2339': attribute type 10 has an invalid length.
[   90.149909][ T8651] EXT4-fs (loop5): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   90.197661][ T8651] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   90.221716][ T8674] macvlan1: entered allmulticast mode
[   90.274411][ T8674] veth1_vlan: entered allmulticast mode
[   90.314926][ T8674] bond0: (slave macvlan1): Enslaving as an active interface with an up link
[   90.445984][ T8698] loop3: detected capacity change from 0 to 128
[   90.455587][ T8698] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[   90.463570][ T8698] FAT-fs (loop3): Filesystem has been set read-only
[   90.492830][ T8698] syz.3.2353: attempt to access beyond end of device
[   90.492830][ T8698] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128
[   90.513563][ T8702] netlink: 'syz.0.2350': attribute type 41 has an invalid length.
[   90.521505][ T8698] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[   90.529354][ T8698] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[   90.560417][ T8698] syz.3.2353: attempt to access beyond end of device
[   90.560417][ T8698] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[   90.601717][ T8698] syz.3.2353: attempt to access beyond end of device
[   90.601717][ T8698] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[   90.703006][ T8710] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   90.720898][ T8710] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   90.831764][ T8711] loop1: detected capacity change from 0 to 8192
[   90.891093][ T8711]  loop1: p1 p3 p4
[   90.894991][ T8711] loop1: p1 start 51379968 is beyond EOD, truncated
[   90.901646][ T8711] loop1: p3 size 15991040 extends beyond EOD, truncated
[   90.915983][ T8711] loop1: p4 start 16711680 is beyond EOD, truncated
[   90.932017][ T2998]  loop1: p1 p3 p4
[   90.935921][ T2998] loop1: p1 start 51379968 is beyond EOD, truncated
[   90.942562][ T2998] loop1: p3 size 15991040 extends beyond EOD, truncated
[   90.962588][ T2998] loop1: p4 start 16711680 is beyond EOD, truncated
[   91.173607][ T8721] netlink: 56 bytes leftover after parsing attributes in process `syz.0.2362'.
[   91.204033][ T8724] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2364'.
[   91.215604][ T8724] FAULT_INJECTION: forcing a failure.
[   91.215604][ T8724] name failslab, interval 1, probability 0, space 0, times 0
[   91.228274][ T8724] CPU: 1 UID: 0 PID: 8724 Comm: syz.0.2364 Not tainted 6.13.0-rc2-syzkaller #0
[   91.237286][ T8724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   91.247355][ T8724] Call Trace:
[   91.250692][ T8724]  <TASK>
[   91.253680][ T8724]  dump_stack_lvl+0xf2/0x150
[   91.258310][ T8724]  dump_stack+0x15/0x1a
[   91.262506][ T8724]  should_fail_ex+0x223/0x230
[   91.267207][ T8724]  should_failslab+0x8f/0xb0
[   91.271887][ T8724]  kmem_cache_alloc_node_noprof+0x59/0x320
[   91.277700][ T8724]  ? __alloc_skb+0x10b/0x310
[   91.282306][ T8724]  ? __rtnl_unlock+0x99/0xb0
[   91.287035][ T8724]  __alloc_skb+0x10b/0x310
[   91.291480][ T8724]  netlink_ack+0xef/0x4f0
[   91.295896][ T8724]  ? __dev_queue_xmit+0x186/0x2090
[   91.301093][ T8724]  netlink_rcv_skb+0x19c/0x230
[   91.305926][ T8724]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   91.311402][ T8724]  rtnetlink_rcv+0x1c/0x30
[   91.315882][ T8724]  netlink_unicast+0x599/0x670
[   91.320664][ T8724]  netlink_sendmsg+0x5cc/0x6e0
[   91.325503][ T8724]  ? __pfx_netlink_sendmsg+0x10/0x10
[   91.330803][ T8724]  __sock_sendmsg+0x140/0x180
[   91.335496][ T8724]  ____sys_sendmsg+0x312/0x410
[   91.340279][ T8724]  __sys_sendmsg+0x19d/0x230
[   91.344908][ T8724]  __x64_sys_sendmsg+0x46/0x50
[   91.349690][ T8724]  x64_sys_call+0x2734/0x2dc0
[   91.354394][ T8724]  do_syscall_64+0xc9/0x1c0
[   91.359042][ T8724]  ? clear_bhb_loop+0x55/0xb0
[   91.363740][ T8724]  ? clear_bhb_loop+0x55/0xb0
[   91.368492][ T8724]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.374483][ T8724] RIP: 0033:0x7fcb83f7fed9
[   91.378916][ T8724] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.398578][ T8724] RSP: 002b:00007fcb825f7058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   91.407009][ T8724] RAX: ffffffffffffffda RBX: 00007fcb84145fa0 RCX: 00007fcb83f7fed9
[   91.415024][ T8724] RDX: 0000000020000000 RSI: 0000000020000940 RDI: 0000000000000003
[   91.423054][ T8724] RBP: 00007fcb825f70a0 R08: 0000000000000000 R09: 0000000000000000
[   91.431105][ T8724] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   91.439098][ T8724] R13: 0000000000000000 R14: 00007fcb84145fa0 R15: 00007fff65b99e98
[   91.447147][ T8724]  </TASK>
[   91.587766][ T8741] loop3: detected capacity change from 0 to 128
[   91.605773][ T8237] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   91.610544][ T8741] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   91.640665][ T8741] ext4 filesystem being mounted at /484/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   91.747720][ T8741] netlink: 'syz.3.2371': attribute type 41 has an invalid length.
[   91.789672][ T3308] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   91.847831][ T8761] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2376'.
[   91.873509][ T8761] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2376'.
[   91.878464][ T8754] loop1: detected capacity change from 0 to 512
[   91.883934][ T8761] bridge_slave_1: left allmulticast mode
[   91.894600][ T8761] bridge_slave_1: left promiscuous mode
[   91.900354][ T8761] bridge0: port 2(bridge_slave_1) entered disabled state
[   91.910375][ T8761] bridge_slave_0: left allmulticast mode
[   91.912685][ T8754] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   91.916026][ T8761] bridge_slave_0: left promiscuous mode
[   91.916166][ T8761] bridge0: port 1(bridge_slave_0) entered disabled state
[   91.947903][ T8754] ext4 filesystem being mounted at /462/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   91.957439][ T8769] loop3: detected capacity change from 0 to 1024
[   91.972491][ T8769] EXT4-fs: Ignoring removed nomblk_io_submit option
[   91.988846][ T8769] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   92.001598][ T8754] netlink: 56 bytes leftover after parsing attributes in process `syz.1.2375'.
[   92.013831][ T8769] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   92.028006][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.165455][ T8764] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.290848][ T8778] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2380'.
[   92.306646][ T8778] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2380'.
[   92.379779][   T29] kauditd_printk_skb: 733 callbacks suppressed
[   92.379797][   T29] audit: type=1326 audit(1733768861.266:15736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8780 comm="syz.4.2381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f746dbcfed9 code=0x7ffc0000
[   92.388778][ T8783] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   92.412012][   T29] audit: type=1326 audit(1733768861.276:15737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8782 comm="syz.0.2382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb83f7fed9 code=0x7ffc0000
[   92.440827][ T8783] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   92.441524][   T29] audit: type=1326 audit(1733768861.276:15738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8782 comm="syz.0.2382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcb83f7fed9 code=0x7ffc0000
[   92.472676][   T29] audit: type=1326 audit(1733768861.276:15739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8782 comm="syz.0.2382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb83f7fed9 code=0x7ffc0000
[   92.472789][   T29] audit: type=1326 audit(1733768861.276:15740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8782 comm="syz.0.2382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fcb83f7fed9 code=0x7ffc0000
[   92.520241][   T29] audit: type=1326 audit(1733768861.276:15741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8782 comm="syz.0.2382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb83f7fed9 code=0x7ffc0000
[   92.544088][   T29] audit: type=1326 audit(1733768861.276:15742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8782 comm="syz.0.2382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb83f7fed9 code=0x7ffc0000
[   92.567736][   T29] audit: type=1326 audit(1733768861.276:15743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8782 comm="syz.0.2382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fcb83f7fed9 code=0x7ffc0000
[   92.591252][   T29] audit: type=1326 audit(1733768861.276:15744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8782 comm="syz.0.2382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb83f7fed9 code=0x7ffc0000
[   92.614958][   T29] audit: type=1326 audit(1733768861.276:15745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8782 comm="syz.0.2382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fcb83f7e840 code=0x7ffc0000
[   92.660793][   T36] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   92.698325][ T8790] loop5: detected capacity change from 0 to 512
[   92.757910][   T36] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   92.812035][   T36] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   92.850462][ T8807] netlink: 436 bytes leftover after parsing attributes in process `syz.1.2391'.
[   92.862937][   T36] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   92.896516][ T8807] netlink: 'syz.1.2391': attribute type 21 has an invalid length.
[   92.904861][ T8807] netlink: 'syz.1.2391': attribute type 6 has an invalid length.
[   92.927000][ T8794] lo speed is unknown, defaulting to 1000
[   93.096663][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   93.113279][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   93.122840][   T36] bond0 (unregistering): Released all slaves
[   93.141045][ T8826] netlink: 'syz.5.2398': attribute type 21 has an invalid length.
[   93.161762][ T8821] lo speed is unknown, defaulting to 1000
[   93.179209][   T36] hsr_slave_0: left promiscuous mode
[   93.195424][   T36] hsr_slave_1: left promiscuous mode
[   93.201382][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   93.208844][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[   93.217491][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   93.225114][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[   93.242870][   T36] veth1_macvtap: left promiscuous mode
[   93.248513][   T36] veth0_macvtap: left promiscuous mode
[   93.254098][   T36] veth1_vlan: left promiscuous mode
[   93.259390][   T36] veth0_vlan: left promiscuous mode
[   93.310568][ T8837] FAULT_INJECTION: forcing a failure.
[   93.310568][ T8837] name failslab, interval 1, probability 0, space 0, times 0
[   93.323307][ T8837] CPU: 0 UID: 0 PID: 8837 Comm: syz.5.2402 Not tainted 6.13.0-rc2-syzkaller #0
[   93.332402][ T8837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   93.342516][ T8837] Call Trace:
[   93.345837][ T8837]  <TASK>
[   93.348790][ T8837]  dump_stack_lvl+0xf2/0x150
[   93.353425][ T8837]  dump_stack+0x15/0x1a
[   93.357687][ T8837]  should_fail_ex+0x223/0x230
[   93.362386][ T8837]  should_failslab+0x8f/0xb0
[   93.367006][ T8837]  kmem_cache_alloc_noprof+0x52/0x320
[   93.372377][ T8837]  ? skb_clone+0x154/0x1f0
[   93.376823][ T8837]  skb_clone+0x154/0x1f0
[   93.381078][ T8837]  __netlink_deliver_tap+0x2bd/0x4f0
[   93.386382][ T8837]  netlink_unicast+0x64a/0x670
[   93.391148][ T8837]  netlink_sendmsg+0x5cc/0x6e0
[   93.395924][ T8837]  ? __pfx_netlink_sendmsg+0x10/0x10
[   93.401233][ T8837]  __sock_sendmsg+0x140/0x180
[   93.405916][ T8837]  ____sys_sendmsg+0x312/0x410
[   93.410702][ T8837]  __sys_sendmsg+0x19d/0x230
[   93.415314][ T8837]  __x64_sys_sendmsg+0x46/0x50
[   93.420084][ T8837]  x64_sys_call+0x2734/0x2dc0
[   93.424775][ T8837]  do_syscall_64+0xc9/0x1c0
[   93.429275][ T8837]  ? clear_bhb_loop+0x55/0xb0
[   93.433979][ T8837]  ? clear_bhb_loop+0x55/0xb0
[   93.438700][ T8837]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.444607][ T8837] RIP: 0033:0x7f8efb52fed9
[   93.449111][ T8837] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.468779][ T8837] RSP: 002b:00007f8ef9ba7058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   93.477210][ T8837] RAX: ffffffffffffffda RBX: 00007f8efb6f5fa0 RCX: 00007f8efb52fed9
[   93.485180][ T8837] RDX: 0000000004000000 RSI: 0000000020000000 RDI: 0000000000000004
[   93.493195][ T8837] RBP: 00007f8ef9ba70a0 R08: 0000000000000000 R09: 0000000000000000
[   93.501181][ T8837] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   93.509278][ T8837] R13: 0000000000000000 R14: 00007f8efb6f5fa0 R15: 00007fff69c77e38
[   93.517261][ T8837]  </TASK>
[   93.549389][   T36] team0 (unregistering): Port device team_slave_1 removed
[   93.558557][   T36] team0 (unregistering): Port device team_slave_0 removed
[   93.610004][ T8837] netlink: 'syz.5.2402': attribute type 21 has an invalid length.
[   93.733747][ T8794] chnl_net:caif_netlink_parms(): no params data found
[   93.757115][ T8855] FAULT_INJECTION: forcing a failure.
[   93.757115][ T8855] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   93.770266][ T8855] CPU: 1 UID: 0 PID: 8855 Comm: syz.5.2406 Not tainted 6.13.0-rc2-syzkaller #0
[   93.779276][ T8855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   93.789378][ T8855] Call Trace:
[   93.792667][ T8855]  <TASK>
[   93.795616][ T8855]  dump_stack_lvl+0xf2/0x150
[   93.800253][ T8855]  dump_stack+0x15/0x1a
[   93.804504][ T8855]  should_fail_ex+0x223/0x230
[   93.809270][ T8855]  should_fail+0xb/0x10
[   93.813516][ T8855]  should_fail_usercopy+0x1a/0x20
[   93.818711][ T8855]  strncpy_from_user+0x25/0x210
[   93.823601][ T8855]  ? rep_movs_alternative+0x22/0x70
[   93.828970][ T8855]  strncpy_from_user_nofault+0x66/0xe0
[   93.834652][ T8855]  bpf_probe_read_user_str+0x2a/0x70
[   93.840026][ T8855]  bpf_prog_cefca3c43e7d683a+0x3e/0x40
[   93.845511][ T8855]  bpf_trace_run3+0x198/0x1d0
[   93.850254][ T8855]  ? audit_log_end+0x1d0/0x1e0
[   93.855066][ T8855]  ? audit_log_end+0x1d0/0x1e0
[   93.859977][ T8855]  __traceiter_kmem_cache_free+0x33/0x50
[   93.865735][ T8855]  ? audit_log_end+0x1d0/0x1e0
[   93.870588][ T8855]  kmem_cache_free+0x237/0x2d0
[   93.875384][ T8855]  audit_log_end+0x1d0/0x1e0
[   93.880012][ T8855]  audit_seccomp+0x107/0x130
[   93.884665][ T8855]  __seccomp_filter+0x6fa/0x1180
[   93.889640][ T8855]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   93.895371][ T8855]  ? vfs_write+0x596/0x920
[   93.899811][ T8855]  ? __schedule+0x6fa/0x930
[   93.904436][ T8855]  __secure_computing+0x9f/0x1c0
[   93.909568][ T8855]  syscall_trace_enter+0xd1/0x1f0
[   93.914711][ T8855]  do_syscall_64+0xaa/0x1c0
[   93.919227][ T8855]  ? clear_bhb_loop+0x55/0xb0
[   93.923936][ T8855]  ? clear_bhb_loop+0x55/0xb0
[   93.928660][ T8855]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.934611][ T8855] RIP: 0033:0x7f8efb52fed9
[   93.939134][ T8855] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.958809][ T8855] RSP: 002b:00007f8ef9ba7058 EFLAGS: 00000246 ORIG_RAX: 00000000000001b7
[   93.967286][ T8855] RAX: ffffffffffffffda RBX: 00007f8efb6f5fa0 RCX: 00007f8efb52fed9
[   93.975274][ T8855] RDX: 0000000000000130 RSI: 0000000000000000 RDI: ffffffffffffffff
[   93.983263][ T8855] RBP: 00007f8ef9ba70a0 R08: 0000000000000000 R09: 0000000000000000
[   93.991255][ T8855] R10: 0000000000001300 R11: 0000000000000246 R12: 0000000000000001
[   93.999297][ T8855] R13: 0000000000000000 R14: 00007f8efb6f5fa0 R15: 00007fff69c77e38
[   94.007356][ T8855]  </TASK>
[   94.041586][ T8874] FAULT_INJECTION: forcing a failure.
[   94.041586][ T8874] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   94.054786][ T8874] CPU: 1 UID: 0 PID: 8874 Comm: syz.1.2409 Not tainted 6.13.0-rc2-syzkaller #0
[   94.063751][ T8874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   94.073938][ T8874] Call Trace:
[   94.077214][ T8874]  <TASK>
[   94.080141][ T8874]  dump_stack_lvl+0xf2/0x150
[   94.084792][ T8874]  dump_stack+0x15/0x1a
[   94.088970][ T8874]  should_fail_ex+0x223/0x230
[   94.093725][ T8874]  should_fail+0xb/0x10
[   94.097888][ T8874]  should_fail_usercopy+0x1a/0x20
[   94.102982][ T8874]  strncpy_from_user+0x25/0x210
[   94.107987][ T8874]  ? kmem_cache_alloc_noprof+0x18e/0x320
[   94.113681][ T8874]  ? getname_flags+0x81/0x3b0
[   94.118366][ T8874]  getname_flags+0xb0/0x3b0
[   94.122986][ T8874]  getname+0x17/0x20
[   94.126967][ T8874]  __se_sys_quotactl+0x15b/0x660
[   94.131950][ T8874]  __x64_sys_quotactl+0x55/0x70
[   94.136904][ T8874]  x64_sys_call+0x826/0x2dc0
[   94.141513][ T8874]  do_syscall_64+0xc9/0x1c0
[   94.146078][ T8874]  ? clear_bhb_loop+0x55/0xb0
[   94.150759][ T8874]  ? clear_bhb_loop+0x55/0xb0
[   94.155547][ T8874]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.161458][ T8874] RIP: 0033:0x7f3d5ca2fed9
[   94.165908][ T8874] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.185538][ T8874] RSP: 002b:00007f3d5b0a7058 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3
[   94.193974][ T8874] RAX: ffffffffffffffda RBX: 00007f3d5cbf5fa0 RCX: 00007f3d5ca2fed9
[   94.201952][ T8874] RDX: 0000000000000000 RSI: 0000000020000440 RDI: ffffffff80000702
[   94.209932][ T8874] RBP: 00007f3d5b0a70a0 R08: 0000000000000000 R09: 0000000000000000
[   94.217993][ T8874] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   94.226048][ T8874] R13: 0000000000000000 R14: 00007f3d5cbf5fa0 R15: 00007ffcdf2a5038
[   94.234042][ T8874]  </TASK>
[   94.256348][ T8876] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   94.283245][ T8876] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   94.325756][ T8794] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.333281][ T8794] bridge0: port 1(bridge_slave_0) entered disabled state
[   94.345479][ T8794] bridge_slave_0: entered allmulticast mode
[   94.357742][ T8884] x_tables: ip6_tables: socket match: used from hooks OUTPUT, but only valid from PREROUTING/INPUT
[   94.359189][ T8794] bridge_slave_0: entered promiscuous mode
[   94.361212][ T8794] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.383279][ T8794] bridge0: port 2(bridge_slave_1) entered disabled state
[   94.392796][ T8794] bridge_slave_1: entered allmulticast mode
[   94.399668][ T8794] bridge_slave_1: entered promiscuous mode
[   94.433618][ T8794] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   94.460512][ T8899] syz.0.2417[8899] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   94.460624][ T8899] syz.0.2417[8899] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   94.482776][ T8899] syz.0.2417[8899] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   94.504281][ T8794] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   94.545888][ T8794] team0: Port device team_slave_0 added
[   94.566227][ T8794] team0: Port device team_slave_1 added
[   94.610728][ T8794] batman_adv: batadv0: Adding interface: batadv_slave_0
[   94.617858][ T8794] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   94.643925][ T8794] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   94.671218][ T8794] batman_adv: batadv0: Adding interface: batadv_slave_1
[   94.678264][ T8794] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   94.704267][ T8794] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   94.738939][ T8794] hsr_slave_0: entered promiscuous mode
[   94.746631][ T8794] hsr_slave_1: entered promiscuous mode
[   94.753792][ T8794] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   94.763362][ T8794] Cannot create hsr debugfs directory
[   94.835647][ T8794] netdevsim netdevsim6 netdevsim0: renamed from eth0
[   94.845101][ T8794] netdevsim netdevsim6 netdevsim1: renamed from eth1
[   94.855059][ T8794] netdevsim netdevsim6 netdevsim2: renamed from eth2
[   94.865264][ T8794] netdevsim netdevsim6 netdevsim3: renamed from eth3
[   94.882210][ T8794] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.889312][ T8794] bridge0: port 2(bridge_slave_1) entered forwarding state
[   94.896701][ T8794] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.903796][ T8794] bridge0: port 1(bridge_slave_0) entered forwarding state
[   94.942027][ T8794] 8021q: adding VLAN 0 to HW filter on device bond0
[   94.953084][ T8794] 8021q: adding VLAN 0 to HW filter on device team0
[   94.960831][   T28] bridge0: port 1(bridge_slave_0) entered disabled state
[   94.968908][   T28] bridge0: port 2(bridge_slave_1) entered disabled state
[   95.000295][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.007399][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.020229][   T50] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.027333][   T50] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.075938][ T8794] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   95.137483][ T8963] x_tables: ip6_tables: socket match: used from hooks OUTPUT, but only valid from PREROUTING/INPUT
[   95.169072][ T8794] 8021q: adding VLAN 0 to HW filter on device batadv0
[   95.421300][ T8794] veth0_vlan: entered promiscuous mode
[   95.439101][ T9013] ==================================================================
[   95.446901][ T8794] veth1_vlan: entered promiscuous mode
[   95.447213][ T9013] BUG: KCSAN: data-race in _copy_from_iter / _copy_from_iter
[   95.460026][ T9013] 
[   95.462367][ T9013] write to 0xffff8881250c8000 of 4096 bytes by task 9012 on cpu 0:
[   95.470279][ T9013]  _copy_from_iter+0x133/0xd00
[   95.475074][ T9013]  copy_page_from_iter+0x14f/0x280
[   95.480212][ T9013]  process_vm_rw+0x59c/0x890
[   95.484830][ T9013]  __x64_sys_process_vm_writev+0x7a/0x90
[   95.485157][ T8794] veth0_macvtap: entered promiscuous mode
[   95.490470][ T9013]  x64_sys_call+0x2c48/0x2dc0
[   95.490498][ T9013]  do_syscall_64+0xc9/0x1c0
[   95.505386][ T9013]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.511303][ T9013] 
[   95.513629][ T9013] write to 0xffff8881250c8000 of 4096 bytes by task 9013 on cpu 1:
[   95.521526][ T9013]  _copy_from_iter+0x133/0xd00
[   95.526300][ T9013]  copy_page_from_iter+0x14f/0x280
[   95.531421][ T9013]  process_vm_rw+0x59c/0x890
[   95.536027][ T9013]  __x64_sys_process_vm_writev+0x7a/0x90
[   95.541674][ T9013]  x64_sys_call+0x2c48/0x2dc0
[   95.546357][ T9013]  do_syscall_64+0xc9/0x1c0
[   95.550863][ T9013]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.556778][ T9013] 
[   95.559098][ T9013] Reported by Kernel Concurrency Sanitizer on:
[   95.565242][ T9013] CPU: 1 UID: 0 PID: 9013 Comm: syz.4.2435 Not tainted 6.13.0-rc2-syzkaller #0
[   95.574184][ T9013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   95.584240][ T9013] ==================================================================
[   95.607865][ T8794] veth1_macvtap: entered promiscuous mode
[   95.620644][ T8794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   95.631236][ T8794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   95.641079][ T8794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   95.651615][ T8794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   95.661456][ T8794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   95.671925][ T8794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   95.681809][ T8794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   95.692678][ T8794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   95.702729][ T8794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   95.713227][ T8794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   95.724170][ T8794] batman_adv: batadv0: Interface activated: batadv_slave_0
[   95.741904][ T8794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   95.752547][ T8794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   95.762444][ T8794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   95.773007][ T8794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   95.782852][ T8794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   95.793315][ T8794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   95.803168][ T8794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   95.813661][ T8794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   95.823659][ T8794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   95.834127][ T8794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   95.844725][ T8794] batman_adv: batadv0: Interface activated: batadv_slave_1
[   95.853063][ T8794] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   95.861855][ T8794] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   95.870646][ T8794] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   95.879352][ T8794] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0