last executing test programs:

2.004216371s ago: executing program 2 (id=5490):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000660000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='net_dev_start_xmit\x00', r0}, 0x18)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000000000007b8af8ff00000007020000f8ffffffb703000008000000b704000000000000850000005900000095000000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0xfffffffffffffd2a, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r2}, 0x0, &(0x7f0000000040)}, 0x20)
io_setup(0x14d, &(0x7f0000000380))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
flock(r3, 0x5)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
flock(r4, 0x1)
flock(r4, 0x2)
dup3(r4, r3, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000180)='net/ipv6_route\x00')
preadv(r5, &(0x7f0000000140)=[{&(0x7f00000001c0)=""/4096, 0x1000}], 0x1, 0x96, 0x0)
eventfd(0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000a00)={{0x1, 0x1, 0x18, r1, {0x9}}, './file0\x00'})
openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000cc0), 0x0, 0x0)
openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000e40), 0x100, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002ec0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e01f3440cee51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cad32b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337602d3e5a815232f5e16c1b30c3a6abc85018e5ff2c91018afc9ffc2cc788bee1b47683db012469398685211dfbbae3e2ed0a50e7393bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d300006aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7af22e30d46a9d26d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977fb536a9caab37d9ac4cfc1c7b400000000000007ffc826b956ba859ac8e3c177b91bd7d5e41ff83ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d000069a16203a967c1bbe09315c29877a308bcc87dc3addb08142bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8240000e3428d2129369ee1b85af9ffffff0d0df414b315f651c8412392191fa83ee830548f11be359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92000000000f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb74d4ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905de328c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a978ee56c83a3466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342e0eaf6f330e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea95ec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf81700cd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be3827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f969369de47422604e2fc5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293b6c833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b612272d40f522d8c98c879aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbe71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd46dbd61627a2e0a74b5e6aefb7eee403502734137ff47a57f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a125e3af1130d66a7b66837ae7e7123dde7404a067ad0a6a2d6bec9411b61cad4121be3c72ff3a04713042253d438e7becf8120de3895b8ce974958bde39cb8da3427a2e9e2de936431e67fed5ab5684db07de39083d8948cc4c8a2608100000000000000000000aecb8b0b7941088f971ce17427eec32a012295cc0cdd32955176b6ad5a4bb953e58ccfa9428f452cfb5a48a9fda26db3985c8be3c2f99827da074825b01c4a3a71fb59d5798100000000000000c76b05a45d2dd8c20d971e2f3e4369168f5cb83d6ff3a18733fec726034fbfa95624135bee374414b2c8c61f52357a520efd6a10aff244bc8a62ed367981fb4d5d77f7bc093958ff46527499957da4934cd4b370cf76f72dd05fa80cdfb68c836fd81be7a58532e041a87f9222f157610a4bcdc05b2a55308c8e7568b90f7a338557e816a16972aea79dff5becefa6f9c5ce6c58fb38da9e7532dc53cfdc2e789b76f7d32aca1bfea2aa62621b78dded30fc07171866bf3d552900000000a32dda61eeda1750e157c2d569b9d08f583c0ee28daec2e8bb85f3c8e91c4448096ee953def18dc73e55cb30f9cd069d8780b00eaba382f0c3ae391c30a5f1b0f36dd0c2193b791995d2890327a10d7abac76d1202f72e97f0105184d7aaaab8d3e29c9a8d263f076b55cf53c5bb9c0662a3d19a6722d7f83ae4331d3256f90af0857788b380ccc3b266c418e66d1d756d5df6423dd0cea67bc235d3776d22270fc19301ead09f156893e9"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r6, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03316844268cb89e14f0080047e0ffff00124000632f77fbac14fe16e000030a07080403fe80000020006558845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x24, 0x60000000}, 0x2c)

1.833173734s ago: executing program 1 (id=5494):
r0 = socket$inet6_dccp(0xa, 0x6, 0x0)
bind$inet6(r0, 0x0, 0x0) (async)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000002c0)=0x1) (async)
io_uring_enter(0xffffffffffffffff, 0x1046, 0xb6ed, 0x2, 0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_clone(0xc510c080, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000002c7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18) (async)
socketpair$unix(0x1, 0x2, 0x0, 0x0) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)=0x11) (async)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r4=>r3, {0x3}}, './file0\x00'})
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_KEY(r4, &(0x7f0000000380)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x3c, r5, 0x400, 0x70bd27, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x10000, 0x12}}}}, [@NL80211_ATTR_KEY_DATA_WEP40={0x9, 0x7, "78e080b8c8"}, @NL80211_ATTR_KEY_DEFAULT_MGMT={0x4}, @NL80211_ATTR_KEY_DATA_WEP40={0x9, 0x7, "c6d7bba474"}]}, 0x3c}, 0x1, 0x0, 0x0, 0x480d0}, 0x0)

1.820422354s ago: executing program 2 (id=5495):
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(0xffffffffffffffff, 0x0, 0x4040004)
socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
r0 = syz_io_uring_setup(0x5c2, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x20004, 0xfffffffc}, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000580)=<r2=>0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x54, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x7fff}]}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}]}, 0x54}}, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x18, 0x0, 0x0, 0x4, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x40, 0x1})
io_uring_enter(r0, 0x6e2, 0x3900, 0x1, 0x0, 0xe00)
rt_sigsuspend(&(0x7f00000002c0)={[0x225c17d03]}, 0x8)

1.646882487s ago: executing program 4 (id=5501):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0, 0x0, 0x7}, 0x18)
ioctl$MON_IOCX_GETX(0xffffffffffffffff, 0x4018920a, &(0x7f00000000c0)={&(0x7f0000000080), &(0x7f0000000140)=""/191, 0xbf})
r1 = socket$inet6(0xa, 0x2, 0x3a)
setsockopt$inet6_int(r1, 0x29, 0x4e, &(0x7f0000000040)=0x9, 0x4)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e24, 0x1, @dev={0xfe, 0x80, '\x00', 0x25}, 0x9}, 0x1c)
r2 = socket$inet6(0xa, 0x2, 0x3a)
setsockopt$inet6_int(r2, 0x29, 0x4e, &(0x7f0000000040)=0x9, 0x4)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0xa}, 0x1c)
syz_emit_ethernet(0x4a, &(0x7f0000000fc0)={@multicast, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x3c, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

1.551987968s ago: executing program 4 (id=5504):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r0, 0xffffffff80000903, 0x0, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'geneve0\x00', <r1=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfa69, 0x3ff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
sendto$packet(0xffffffffffffffff, &(0x7f0000000180)="0b032200e0ff25000200475400f6a13bb1000000080088f74803", 0x1a, 0x0, &(0x7f0000000140)={0x11, 0xc, r1, 0x1, 0x0, 0x6, @local}, 0x14)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x8)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
timerfd_create(0x7, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000840)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
modify_ldt$write(0x1, &(0x7f0000000080)={0x1000, 0x1000, 0xfffffffffffffffe}, 0x10)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
ptrace$setregs(0xd, r2, 0x930, &(0x7f0000000800))
ptrace$poke(0x21, r2, 0x0, 0x0)
ioctl$RNDGETENTCNT(r0, 0x80045200, &(0x7f0000000080))
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
syz_genetlink_get_family_id$smc(&(0x7f00000001c0), r0)
bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000180)='kfree\x00', 0xffffffffffffffff, 0x0, 0xa26}, 0x18)
syz_open_dev$tty20(0xc, 0x4, 0x0)

1.359283331s ago: executing program 4 (id=5506):
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_LOOPBACK(r1, 0x65, 0x3, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={0xffffffffffffffff, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r2=>0x0, 0x0, 0x0, 0x0, 0x1, 0x5, &(0x7f00000001c0)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0], <r3=>0x0, 0x9b, &(0x7f0000000340)=[{}, {}], 0x10, 0x10, &(0x7f0000000380), &(0x7f00000003c0), 0x8, 0xf7, 0x8, 0x8, &(0x7f0000000400)}}, 0x10)
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000780)={@cgroup, 0x1d, 0x0, 0x10000, &(0x7f0000000240)=[0x0], 0x1, 0x0, &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000740)=[0x0, 0x0], <r4=>0x0}, 0x40)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000007c0)={@ifindex=r2, 0xffffffffffffffff, 0x32, 0x10, 0x0, @void, @value, @void, @void, r4}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xb, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095", @ANYRESDEC=r0], &(0x7f00000005c0)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', r2, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r5, 0x0, 0x2000000000000000}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="0500000041000000060000000200000045000000", @ANYRES32=0x1, @ANYBLOB="13ed66dc659edec2dae047cd0678ee5ca436ad0871b5d104ec498d8c9f8d0544bcc849c1272a0fd849a88c1d7c6d4b27af7fcb410442db93f80fe7d58e9f236852950739f53eeacbf0a31353aefe7f0e424e", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000b40)={'\x00', 0x7ff, 0xfed, 0x8, 0xfffffffffffffffd, 0x59c, 0xffffffffffffffff})
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r6}, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00'}, 0x10)
ioctl$SG_BLKTRACETEARDOWN(r0, 0x1276, 0x0)

1.267776852s ago: executing program 4 (id=5508):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000b40)=@filter={'filter\x00', 0x4, 0x4, 0x4b8, 0xffffffff, 0x260, 0x260, 0xe8, 0xfeffffff, 0xffffffff, 0x3e8, 0x3e8, 0x3e8, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@dev={0xfe, 0x80, '\x00', 0x29}, @private2, [0xffffffff, 0xff000000, 0xff, 0xffffff00], [0xffffff00, 0xffffffff, 0xffffffff, 0xffffffff], 'hsr0\x00', 'sit0\x00', {}, {}, 0x87, 0x3, 0x4, 0x5}, 0x2f2, 0xa8, 0xe8}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x5, {0x7}}}}, {{@ipv6={@private2, @empty, [], [0x0, 0x0, 0xff000000], 'sit0\x00', 'batadv_slave_1\x00'}, 0x0, 0x138, 0x178, 0x0, {}, [@common=@srh1={{0x90}, {0x21, 0x12, 0xbe, 0x7, 0x5aa9, @ipv4={'\x00', '\xff\xff', @empty}, @private1, @local, [0xff000000, 0xff000000, 0x0, 0xff], [0xffffff00, 0xff000000, 0xff], [0x0, 0xffffff, 0xffffff00, 0x7fffff7f], 0x3c80}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x5, {0x2000010}}}}, {{@uncond, 0x0, 0x160, 0x188, 0x0, {}, [@common=@unspec=@addrtype1={{0x28}, {0x21, 0x180, 0x5}}, @common=@srh1={{0x90}, {0x0, 0x0, 0x0, 0x3, 0x7, @private1={0xfc, 0x1, '\x00', 0x1}, @mcast1, @private1, [0x0, 0x0, 0xff, 0xff], [0x0, 0xffffff00], [0x0, 0xff000000], 0x843, 0x1400}}]}, @REJECT={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x518)
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r3, &(0x7f00000005c0), 0x10)
recvmmsg(r3, &(0x7f00000081c0)=[{{0x0, 0x0, &(0x7f0000001a00)=[{&(0x7f0000000180)=""/157, 0x9d}, {0x0}], 0x2}, 0x9}], 0x1, 0x10002, 0x0)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000004000000b705000008000000850000006a000000"], 0x0, 0xfffffffe, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={0xffffffffffffffff, 0x0, &(0x7f0000001700)=""/53}, 0x20)
r6 = fsopen(0x0, 0x0)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xc97c, 0x0, @perf_config_ext={0x0, 0x5}, 0x8, 0x8000, 0x409, 0x4, 0x0, 0x40, 0xfffe, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r7 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r8=>0x0}, &(0x7f0000cab000)=0xc)
r9 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x18)
r10 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000040)={'lo\x00', <r11=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000c00)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x8000000, 0x0, {0x0, 0x0, 0x0, r11, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x2c, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x3, 0x0, 0x0, 0x0, 0xc0000001}, {0x3, 0x0, 0xb, 0x0, 0x0, 0xffffffff}, 0x7, 0x10, 0x2000000}}]}}]}, 0x58}}, 0x0)
setuid(r8)
fsmount(r6, 0x0, 0x0)
setsockopt$XDP_UMEM_FILL_RING(r7, 0x11b, 0x5, &(0x7f0000000080)=0x11008, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="05000000010000008a000000c9e7000001000000", @ANYRES32, @ANYBLOB="000000000000000000e100"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\b\x00'/28], 0x48)
openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000000), 0x80402, 0x0)

1.264690422s ago: executing program 1 (id=5509):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffd}, 0x18)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x143082, 0x0)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x3, 0x800000000003}, 0x1100, 0x5dd8, 0x0, 0x5, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
close(0x3)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r2 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x2, @perf_config_ext={0xf60, 0x40ffffffff}, 0x1100, 0x5, 0x3a65, 0x5, 0x5, 0x5, 0xecaa, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b40)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a3000000000090003007379"], 0x7c}}, 0x80c4)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000180a0500000000000000000002000000300003802c00038014000100776732000000000000000000000000001400010076657468315f746f5f627269646765000900020073797a300000c1000000000000007a3000000000140000001100010000000000000000000300000a"], 0x84}, 0x1, 0x0, 0x0, 0x40000}, 0x20008000)
openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f00000005c0)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000086dd6000000000140600fc000000000000000000000000000000fe80000000000c4b7421d029d68a2a7741ec000000000000000000aa00004001d8b3f991f0229562259e39099787661e458621a4b7f6", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5002000090780000"], 0x0)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r5, 0x8933, &(0x7f00000001c0)={'wpan1\x00', <r7=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_KEY(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000700)={&(0x7f00000000c0)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="3f9d00000000000000001700000008000300", @ANYRES32=r7, @ANYBLOB="60003080050002000000000014000400403a050c5bae9c544ef2b6d713459a7a1c000180050002000000000008000400050000000800010002000000"], 0x7c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r8 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r8, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@empty, @in6=@dev, 0x2, 0x0, 0x0, 0x0, 0x2}, {0xffffffffffffffff, 0x0, 0x0, 0x0, 0xfffffffffffff4f7, 0xffffffffffffffff}, {}, 0x0, 0x0, 0x0, 0x1}, {{@in=@local, 0x4d6, 0x2b}, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x2}}, 0xe8)
r9 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)

1.129875664s ago: executing program 1 (id=5513):
r0 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000040)) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async, rerun: 32)
r2 = memfd_create(&(0x7f0000000bc0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F91 ^x\x85\x80[\xa3B\n#!\xc2R\xdd\xf4)\xba\x1e\xfb6U\xabc\xda\x9a)\xc3\x9a\x06\xc5\xccP)\xdf.\xa7-\x84\xdf8\xbf\xfc1^}B\xee\xccR/z\x1e\xe8\x1e\x99\x99\n\xf4u\xd4\xbd^L\xb2j\xda\xff\x1d\x10\xc8\xad\xbd_OI\xb1\xe8y\x003\a\x06\x92\x8e\n\x8b\xf3\xd4G\x85\xbd\x1a\x81+3\x99jq\xd1\xacK^\xef\xb6!8\xcd?\x1e\\\x16W2\xbd4$zn\xa9\x7f\x9dE\xaf\x0f\xdb\xe0\xfa\x10\xc3\xb2\xf8\x80\x8c\xec$\xda\xc0\x94y1\t\xc5`\xda\xca\xd1\xab:\x18\x10\x9b\xd0w', 0x0) (rerun: 32)
write$binfmt_misc(r2, &(0x7f0000000180)="e502", 0x2) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x9, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0x4, &(0x7f0000000840)=ANY=[@ANYRES16, @ANYRES16=r2], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000780)='mm_page_free\x00', r3}, 0x10) (async)
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000800)='./file0\x00', 0x0, &(0x7f0000000980)=ANY=[], 0x2, 0x699, &(0x7f0000000140)="$eJzs3V9rG9n9x/HPyLIte3+E5dcSQsifk6QLDk2VkbxxMCl01dHInlbSiBm52FBY0o29hMjZNkmh8c3WN/0D2yfQu970og+i0Ot9Fr0pLSztXaE3KnNmJEvRv3ijOLvN+2V2NTrznTnfmaPoy9iaIwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADle1XVLjupBc2fXTOZVo7AxZX26t0XdTBduzuxXcpL/VCjoQtp04Zsnq88n/7uuS+mzSyokDwUdvXP+3XvfyOd6209J6MvQaXf49PnRo/udzv6Tl4hd0Kl3/yYp11taycZkTNCW3wziMGhUtnwTxKHZ3Nhwb2/XYlML6n68F7f9hvEiP9cOI7Pm3TSlzc114xf3wp3mVrVS93uNd79Tdt0N84PldKAlFWNvO6jXg+aWjUlWJzF3zWc/TgP8SsOYg4ed/fVZR5IElV4mqDwrqOyWy6VSuVzauLN5567r5kca3ITj9mkkYu4vWnzNzOeNG5iDXFL//+pIdRXU1I52Zcb+eKoqUqjGhPWZXv1/77Y/td/B+t+r8hek72WrL8rW/yvpsyuT6v+EXIyM3WDcGmdC++l+Fm1GRk/1XEd6pPvqqKN9PZnDvo3M1bns5Qx+tuSrqUCxQgVqqGJbTNZitKkNbcjVh9pWTbGMagpUl69Ye4rVlm9fUZ4i+aqorVCRjNbk6aaMStrUptZl5KuoPYXaUVNbqqqif3e73QM9tOd9fUqO6gWVJgQsDwaVp+xpUv3/yafp6zSr/y71/22Vvg6W04fPp8UAXwHd7Pp/UG72ZldfX0YAAAAAAGDeHPvbd8f+7f6ypK5qQd1333RaAAAAAABgjhx1l3VJTnL9L+myHK7/AQAAAAD4X+PYe+wcSav2Q/3OyZ1QL/NLgIUzSBEAAAAAALwie+f/lSWpayetuCrnVNf/AAAAAADga+A3A3Ps53tz7HZ7f9bPSYpby86f/7msaNE5bu1+yzmsJGsqh1nMyCcA2rWLzrlsol77sCTJPvP8S07WWzYJZn/ewS8OZs3170QvJLC0MLiDCQk4Sc8b+eyZPtO1dJNr2TzzD45ysmvSXlZrQd0vemH9XkmVyrlc299t//zxw19IUf84Dx529osffdJ5YHM5TpqOD5OdfjqUTm78yTjJ5Zmdb8HeczHuiFdU63X522Zj1bH9ur3jX1DlMDfY0bQBOOnzV7qejtn11TR29ag/435y/IXk+EtFO2RDRx8tOidZlF488nEDMSGLgs3iRhpzY+2Gyn9Ll/ujkHMK316QysXRMRjKojyYxexz4fxr5FwMZGEfemsGzsV6ksVfkh1NyGL9dFmMjAgAvCkHuiz7LnRZdhLzfhUqZHW3Vx56b2pfqu7Mru4fDFf3Z7/vdu0GC1I++9vE1F4KSt7R1xxbh5bSQ8pfHPOO7mZ1paAJ7+juK1S3pK8/nXwHUpb2SBb/6Xa790q239+9UFX/MNTdSL9xvbyQnMLbzw5/aifAT3y8//H+43J5fcN933XvlLVoDyN7WBC1BwAwYvZ37MyMcN7XtTTi2oN/vJcuDVW8/+9/pKCoj/SJOnqgW72vELg6fq+rAx9DuJVetWrgqtWcf/ee/V664diSbk28qrO1dCC23I9dVG+T4Up9Erv+mkcBAICzdX1GHR5f/wtD9f+W1tKItYtjr7uHa3l2ddy/pJ8UW5qd/AfzPhsAALwd/OgLZ7X9ayeKgtaHpc3NUqW97Zso9H5ooqC65Zug2fYjb7vS3PJNKwrboRfWTSvSclD1YxPvtFph1Da1MDKtMA527Te/m+yr32O/UWm2Ay9u1f1K7BsvbLYrXttUg9gzrZ3v14N424/sxnHL94Ja4FXaQdg0cbgTeX7RmNj3BwKDqt9sB7UgWWyaVhQ0KtGe+VFY32n4purHXhS02mG6w15fQbMWRg2722K+O+7zAgAAvHWePj96dL/T2X/y4sJKcmmethxrQszowpKePk+uypOWfLaKOYIAAPiKOSngp9io8BoTAgAAAAAAAAAAAAAAAAAAAAAAI2bf0nfKhcVxNwtK/Zafncta9Eud3GI4sh9H807sNAu5027VuyXi6NHnU4JX+i290z8Yc3xmB/j3/5PesS1KW/Lz72tlyuC+joXvHqRndGJMsnLsquX+WOTn/88hWXj8xwmrut1ud/rmy8PncGnaAQ4v5CU9WXqFITj79yIAZ+u/AQAA//9b5DOa")
execveat(r2, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10) (async)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) (async, rerun: 32)
r4 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r6, 0x0, 0xe3b9}, 0x18)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e000000080000000000180003801400038010"], 0x44}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)=ANY=[@ANYBLOB="140000001000010000000000135528b8196a08e390d3000000000000000a2c0000000b0a01010000000000000000070000000900010073797a30000000000c0010400000000000000001140000001000010000000000000000000084000a"], 0x54}}, 0x0) (async)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000004400)='./file0\x00', 0x0, &(0x7f0000000080)={[{@usrquota}, {@noblock_validity}, {@bh}, {@dioread_lock}, {@debug}, {@inlinecrypt}]}, 0x8, 0x5fc, &(0x7f0000000c00)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHTQq2FkzBg4KCiFeRXvwHvEvv3kRQb56FKlJRUOnK7M62m2Q3XdPsTpr5fGCzz/PM7D7PdydP5pmZPDsBlNZ49iON2BVx51QSMdaybDQaC8fz9W7/du109kiiVnv91ySSvKy5fpI/b88zwxHx7dGIRyur6124cvXsdLXW8F7E/sVzF/cvXLm6b/7c9JnZM7Pnpw68cPDQ5ItTB6c2JM7t+fOx4689+fH7bz8/9111XxKH4+TguzOxIo6NMh7jcScPsbV8ICIOZYk2n8vDZguEUGqV/PdxMCIej7Go1HMNYzH/UaGNA3qqVomoASWV6P9QUs1xQPPYvrvj4JM9HpX0z60jjQOg1fEPNM6NxHD92Gjb7aTlyKhxbmPHBtSf1fHPtd2fZ49Ydh7iz7tbZ2AD6ulk6XpEPNEu/qTeth31SLP402XtSCJiMiKG8va98gBtSFrSvTgPs5b1xp9GxOH8OSs/us76x1fk+x0/AOV080i+I1/Kcvf2f9nYozn+iTbjn9E2+671KHr/13n819zfD9fPkacrxmHZmOVE+7ccXFnw04fHPu1Uf+v4L3tk9TfHgv1w63rE7hXxf5AFm49/sviTNts/W+XU4e7qePX7X451WlZ0/LUbEXvaHv/cG5VmqTWuT+6fm6/OTjZ+tq3j62/e+rJT/UXHn23/bR3ib9n+6crXZZ/JxS7r+OrEjXOdlo3eN/7056Gkcbw5lJe8M724eGkqYig5nq/SUn5g7bY012m+Rxb/3mfa9/9lv//Xl7/PSPNPZhcuvnH2dqdl69n+LReT79S6bEMnWfwz99/+q/p/VvZJl3X88eblpzotWyv+kQcJDAAAAAAAAEoorV+DTdKJu+k0nZhozJd9LLal1QsLi8/OXbh8fiZib/3/IQfT5pXusUY+yfJT+f/DNvMHVuSfi4idEfFZZaSenzh9oTpTdPAAAAAAAAAAAAAAAAAAAACwSWzP5/8371P9e6Ux/x8oiV7eYA7Y3PR/KK96/191iyegDOz/obz0fygv/R/KS/+H8tL/obz0fygv/R/KS/8HAAAAgC1p59M3f0wiYumlkfojM5QvMyMItrbBohsAFKZSdAOAwty99G+wD6XT1fj/r/zLAXvfHKAASbvC+uCgtnbnv9n2lQAAAAAAAAAAAABAD+zZ1Xn+v7nBsLWZ9gfl9QDz/311ADzkfPU/lJdjfOB+s/iHOy0w/x8AAAAAAAAAAAAA+ma0/kjSiXwu8Gik6cRExP8jYkcMJnPz1dnJiHgkIn6oDP4vy08V3WgAAAAAAAAAAAAAAAAAAADYYhauXD07Xa3OXmpN/L2qZGsnmndB7UNdL8d/fFUk/f9YRiKi8I3Ss8RAS0kSsZRt+U3RsEsLsTmaUU8U/IcJAAAAAAAAAAAAAAAAAABKqGXucXu7v+hziwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg/+7d/793iaJjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTv8GAAD//7V5QCw=") (async)
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1aca421, &(0x7f00000008c0)=ANY=[], 0xb, 0x0, &(0x7f0000000000))

1.075420815s ago: executing program 1 (id=5514):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r0, 0xffffffff80000903, 0x0, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'geneve0\x00', <r1=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfa69, 0x3ff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
sendto$packet(0xffffffffffffffff, &(0x7f0000000180)="0b032200e0ff25000200475400f6a13bb1000000080088f74803", 0x1a, 0x0, &(0x7f0000000140)={0x11, 0xc, r1, 0x1, 0x0, 0x6, @local}, 0x14)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x8)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
timerfd_create(0x7, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000840)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
modify_ldt$write(0x1, &(0x7f0000000080)={0x1000, 0x1000, 0xfffffffffffffffe}, 0x10)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
ptrace$setregs(0xd, r2, 0x930, &(0x7f0000000800))
ptrace$poke(0x21, r2, 0x0, 0x0)
ioctl$RNDGETENTCNT(r0, 0x80045200, &(0x7f0000000080))
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
syz_genetlink_get_family_id$smc(&(0x7f00000001c0), r0)
bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000180)='kfree\x00', 0xffffffffffffffff, 0x0, 0xa26}, 0x18)
syz_open_dev$tty20(0xc, 0x4, 0x0)

1.074588005s ago: executing program 0 (id=5515):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$tipc(r0, &(0x7f00000003c0)={&(0x7f0000000180), 0x10, 0x0, 0x0, 0x0, 0x0, 0x8010}, 0x0)
dup2(r1, r0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x21, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000004b00)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x5, 0x200040d1)
sendmsg$tipc(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000740)="1619a35e12e2ec8bd8b64446aec4567b55efc0229334cbd7e5df05b3597a77e18f9718bc24e1d9a5b6dc03379b405685321f453de34440f4d985f76362ba07f87f2839199d8e392a014509d8431d0f1b8c66b3788b8b932c7535e0bf73c24b79f083729e25dc996f6617ae7e47712290d310367833b96f18df84bfbc4b53098ac05e5709dbf706ce3e51239a140361eed44ac1257828d1597b236478bb4ac2", 0x9f}], 0x1, &(0x7f00000008c0)="ea0a923a6b6fa3b8591aa6e3c7cdea8fb41dddc60798fb842d22d7ff275ebe294d6ca30efd2181999ac8ef143acb7e00b05a7aca5b769e4a511d2a107e266798c2051a97f43bd620b52f3d7ee30ccf3166a6351794dd15257d7b6ad0b2a8d90778b92d330cf3b81b82b48f54354b6980f2f8a51991d7de5371b47cbd15dec95fe70e3889881c7d802c5513c49a672f8f3461c046f551d42901692715e307559d0f8bfdb1592532bb8c0d77b74bd91cb0d86c42d4", 0xb4, 0x1}, 0x4004000)

979.813016ms ago: executing program 0 (id=5516):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="1801000000001f00000000000000ea1f850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xec, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000001c0)='kmem_cache_free\x00', r0, 0x0, 0xfffffffffffffffe}, 0x18)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000300)="d8000000180081054e81f782db4cb904021d080006007c09e8fe55a10a0015000500142603600e1208000f0000000401a8000900080008400400027c9c000461c1d67f6f94001600cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0x12b}], 0x1}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x18)
statx(0xffffffffffffffff, &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x6000, 0x4, 0x0)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x360, &(0x7f0000000b00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPFhBXdm3ZPPWl5g0/trvB0omM/PszmQn5dm0m718+/MPKiVLK+kNiSaVRERErkSyEpVAxH+MuuWEhB3KSzO///j8+mYx6VWolfzGyzml1Nz8dx9+kvK7nU3LRfbdy99yv148ffHs5T8b75ctVbZUtdZQutqu/dzQt01D7ZatiqbUqmnolqHKVcuoe+3f+Nsxa3t7TaVXd2fTe3XDspRebaqK0VSNmmrUm0p/Ty9XlaZpajYtuEnxeG1Nzw8ZvDPiwWBM6vW8PiUiqZ6W4vFEBgQAACaqO/+POin9MPn/lswVCstryunczv9PXjhvzLx1Oufn/2eJfvn/Kz952+rI/53TiXb+X/POD0o35/9fyh3y/96M6HEZOv/PjmEwGM58oqcq0vHMyf/T/vvXdfTOyaJbIP8HAAAAAAAAAAAAAAAAAAAAAOBJcGXbGdu2M8Fj8NO+hMB/jgdp0PGfFpGkc/Rtjv9Dtr65JUn3wj3nGJuf7Rf3i96j3+FcREwx/ra7OWsjuPJIObLyvXngxx/sF6fclnxJyk68LElGsu56CsXb9sobheUl5fHjW5cppcPxOcnIU+H4b93V6cTnOuP9/SfkxYVQvCYZ+WFHamLKrhvZ3v+nS0q9/mahKz7l9hORX+79oAAAAAAAMGKaaul7/q5pg9q9bxnJl9yPiQxZlIz81f/8frHv+Xks81xs0rMHAAAAAOBxsJofV3SJGnW3YJr9CikZ2DSCQqyjJi4ifTsnumri1215KjTD244nId4dTP7rvL4KXtW7RAX/SOEMvNXk31FFhhtPMH+3JhJrNf1513lFDsVdAIfhpqjcIjzWPfh5p0L17bwwcDtH/kRaNcHHRokBr7Os9m4nes1KiPfU2JHhFsAzX3z9x+jeIK+e+ivgo5s7H5mGfSC3OShdBWcXvU3xsf/iAQAAAHDv2kl/UPNauDl8I5HwzXL4yz0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAACM0lq/06ypMeo4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/8W/AQAA//9/d/Qh")
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f0000000480)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, 0x0, 0x1)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x105042, 0x40)
write$cgroup_subtree(r5, &(0x7f0000000a40)=ANY=[], 0x32600)

947.299546ms ago: executing program 1 (id=5517):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r0, 0xffffffff80000903, 0x0, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'geneve0\x00', <r1=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfa69, 0x3ff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
sendto$packet(0xffffffffffffffff, &(0x7f0000000180)="0b032200e0ff25000200475400f6a13bb1000000080088f74803", 0x1a, 0x0, &(0x7f0000000140)={0x11, 0xc, r1, 0x1, 0x0, 0x6, @local}, 0x14)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x8)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
timerfd_create(0x7, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000840)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
modify_ldt$write(0x1, &(0x7f0000000080)={0x1000, 0x1000, 0xfffffffffffffffe}, 0x10)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
ptrace$setregs(0xd, r2, 0x930, &(0x7f0000000800))
ptrace$poke(0x21, r2, 0x0, 0x0)
ioctl$RNDGETENTCNT(r0, 0x80045200, &(0x7f0000000080))
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
syz_genetlink_get_family_id$smc(&(0x7f00000001c0), r0)
bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000180)='kfree\x00', 0xffffffffffffffff, 0x0, 0xa26}, 0x18)
syz_open_dev$tty20(0xc, 0x4, 0x0)

919.664507ms ago: executing program 2 (id=5519):
syz_read_part_table(0x60d, &(0x7f0000002200)="$eJzs3D9olHcYB/DvJbmcUTAdnFxqHDoJRXE0Q5XkqlgIp1IIDvYfIs0UIXDSw5Q4tBkUM0jHLlK4DhonYwYnRaFzEQeLkMGlYBepHXLl7l6SOyjF0oRS/HyGe353PDzf94F3/V34XxtIuTi1Kp3y/qd/298a3TzP50xzYvJ4q9VqnU5KOZtyxsq7l5MMpX9q9icZ7plz8/udq9/+9mG5+fTUq/fOPVgc2JhZyTtJdvU2Z+SvHqXyzzZlO9wafzi6cGW2erX9pdpYW/84uf1yorZycnFp+UT52Oft3y8nj4r+7osxkoup51K+zCdDbxz19eax1Jc/386vj194Um2sfdd8fnB9b3Xw7vkjr/etXrt/KJlrR0yl87JvGv6Xi/fkL/Tkz41dn15qHD1wZ8+Nw/V7j2svBn9vdRWR5a3JBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABge9xqf1yZrV6tj194Um2sffPzTx/dfjlRWzm5uLR8YvjYs6LvUVGHinox9VxKOclMZvJFZt88crrUmz/+cHRhI/+Pncnzg+t7q82754+8nly9dv9Qp6uUqXYZ2IqN+/XnN9bmxq5PLzWOHriz58bh+r3HtReD3b6ZSj7rrJuksvWPAQAAAAAAAAAAAAAAAAAAwFtuYvL4vqkPaqeTUs7uSPLrV51b9q3KyI/p3Lzv2l/UZ5Vkd5KbO7r/BdB8eurV8LkHi78Ul+LnU8l8kl0/rJxJ3t3IudwfW96czH/pzwAAAP//gTiR5w==")
creat(&(0x7f0000000200)='./bus\x00', 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb71, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r0}, 0x10)
mremap(&(0x7f00001d3000/0x4000)=nil, 0x4000, 0x2000, 0x3, &(0x7f00009ad000/0x2000)=nil)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_writev(r1, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0xbf, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r2 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r2, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x1200, 0x30, 0x3)
setsockopt$XDP_RX_RING(r2, 0x11b, 0x2, &(0x7f0000000040)=0x100068, 0x4)
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000080)=@req3={0x54c, 0x4, 0x3, 0x3, 0xc, 0x6, 0x7}, 0x1c)
recvfrom(r3, &(0x7f0000000040)=""/18, 0x12, 0x6667b9fe4a5fca0, 0x0, 0x0)
setsockopt$inet_udp_int(r3, 0x11, 0x1, &(0x7f0000000080)=0x6, 0x4)

795.470078ms ago: executing program 1 (id=5520):
openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x0, @perf_config_ext={0xf60, 0xffffffff}, 0x1100, 0x5dd8, 0x3a65, 0x5, 0x0, 0x1, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/resume', 0x169a82, 0x109)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r2 = mq_open(&(0x7f0000000380)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0x9, 0x0)
fcntl$setlease(r2, 0x400, 0x0)
mq_open(&(0x7f0000000b40)='eth0\x00\xdd\xad4=2k\xf1\x05\x9b\x91y\xe1;F\xa2\x8df\xe9\x04\x00\x00\x00\x00\x0078z=\x8f\xd5F\xa4AR\xc7\x9f.\xdc\xdb\"A\x16\xd8\x19\xf1lZ\xc8\x93\xda\xf2\xc9\xe8h[u8\xc6\xfa\x9ep\xbe\a\xe2\xf5\xa3Y\x9f\xe1\x04gM\x99K$\r\xf1G\xee\xe1\xbd\x1e\xdf\xe1\x9c\x19\xda\xd3\x94EL\xca\x88\x85Q\x02\xd9L\x90\xeb%/\xb1\xeb\x11uP7\x1f\xd9b\xebF\xf8\x88\xf0\xac.\x94\xfc\v\xb1W\xef~+n\xb1\x9b\x02n]xr\xb3\x80\xbc>\xe8XX\xe6\x12\xf3\xc9\xd5\xf8\xd1\x8d\xcb9\xbf\xb0(<\xeb\x92\x8a\x16\xb7\x11^\xb6\xb7n\xd5\xb5\x00[\xdf\x94\x00\r\x95\x17\xa1h\xf8\x00\x00\x00\"\xa0\x05\xcc^\x90c\xc9}\xb8\ny\xf4\xe1\xb4.\xa4\a\x05\xbb}\x91\xf4C\xf5O\xf1a\x12\b\x86\xa16\xbb}C\xc9\x1d\\\xedD\x14\xb1w\x1e\xa0\xc1E\xb5\xf8\xab\xfb\xd9\x93\xb8vJ\x85p\xb5n\x1b\xe4\xd5g\xae\xe4\xeb\xca\xae\x1bs\xd4\xf0\xc0\xdag\x19R4\xd4\xd4\x04\xfc\x04Zb\xf6\xba\xf8B\xf6YU\xcd\xf2\xdb\xb5\xa2\xda\xdf\x8dD\xef`\x13\x15$\xceq\xd7j\xd7\xe3V\xf2\xa2\x95\xcf\x18T\xf1\xb0\xf3\xf8O', 0x1, 0x0, 0x0)

687.32335ms ago: executing program 2 (id=5522):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = openat$sysfs(0xffffff9c, &(0x7f0000000040)='/sys/kernel/notes', 0x0, 0x100)
finit_module(r1, 0x0, 0x3)
fsetxattr$system_posix_acl(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)

669.19165ms ago: executing program 2 (id=5523):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
readlinkat(0xffffffffffffffff, 0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
creat(&(0x7f0000000200)='./bus\x00', 0x10)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r2 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r2, 0x0, 0x0, 0x1200, 0x30, 0x3)

647.305621ms ago: executing program 2 (id=5525):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff00000c00000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
capset(&(0x7f0000000380)={0x20080522}, &(0x7f0000000040)={0x200000, 0x40200003, 0x0, 0x6, 0x7})
setrlimit(0x40000000000008, &(0x7f0000000080)={0x0, 0x6})
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r3 = open(&(0x7f0000000340)='./file2\x00', 0x10b942, 0x8a)
socket$netlink(0x10, 0x3, 0x0)
splice(r3, &(0x7f0000000980)=0x200, r0, &(0x7f0000000400)=0x1, 0x3000000000000, 0xe)
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x12, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC=r0, @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x15, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$bt_hci_HCI_DATA_DIR(r4, 0x0, 0x1, &(0x7f0000000040)=0x8, 0x4)
sendmsg$ETHTOOL_MSG_PAUSE_GET(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
write$binfmt_script(r3, &(0x7f0000001880)={'#! ', './file0', [{}, {0x20, 'TEE\x00'}], 0xa, "c314130ad3fe77a5406f4bc96c9372f63639b82a9b884409b3ace2900fb45f28f6fc094858a5ca50771c1e46eefe8bf27d35fe52fffbf489843fd997468e739f351741f5211e38697f5a1b2c07fc5fd5297b659f6d3d4832730615469ca168ee4cfec80f0c09f0802675b5216cba9eb52cc25efd9a43d275c79e54889755d6e3c31c7fa4e36912feed94cf21499f4e09d1d1aa03bd53eb0e14b491ddfe9a305af4812e17baadd251a945a66e3835efc4e37f50b2033c67f9b913568ab6581cd42cc6f7355f621a9ea0a104fcb8c6d2cb1f3f36f5a380b4d736a3b6d06f397757f79dc98b7a06f0bb343dda167166bcdce420ffc629b6fcfde0e12b5f7fbeacbdd7e979940d0649f6ff710c896046d4f80190469aa391e879f92a68d5ad51539b7e4699498f43480d10890a82371a324ac8c30fdc3bb6a5c9bbee4dc1c266ef49a0eecb8463789d2d1654c49e479dea8fe94b36cdf51881e2e5096f8a696c88850d2784dbb2a785bc860c3945b7459402e32fe3ad9304f978a15a664417949060ee59b366d45296cd5a2f919a9769a8fe65ea1244ef378012e81def5a075c218290c903ab6cd7f5a793618a9b57b97fea7761d3229f7127c4a77567eb5de6c9cce92f0a036896f85f09b27c15b1352cc4c099d8756899454194f1ebdb104739e523dd245db6ece659bfc84cc432832123444558a6de02f9342f1f2831cb8e493e5dc76a60efa5b1be98262fd1f24a01e931f38f3486b1affd770f601cdffdd8aca0520ddb34483dfabf97c830487572273d2ade6f6c1155c4d4885bf7f07aed224da7151439cd35c1d9b6cc4ed7d30d89f24a441ed91f4ea616c68edb876476ada3fd5609cb6dbec15130d2db1edc62bebec5522063f7b13868689d49f9176d8affed773b535d547194c0a15543a2860d95edacb361c8dc1b0d33c7d8280b09de15a6df336327a1ff6d044af75667314afdf66971e8b50969ada8a8273cc0a8cbe84071e02b90f14e3a5c96d3a6fc9bf58e482ca4473a0bbffd5e3b136a8818f0e13f3ebcdf7b9832d66412357b5f510bb7cee1e1b0a1fbfa0e50a54b5e63dd15a5735d1354b154a37ad58d6066ba522dbdae796e9d579f6bd2efb1e52a0f1e2db02828ef97a1504f9e7c0c19e3b2c9f8ebd747b05be91f739d75683869c0cd6ac407b659765dcc8901af9ecd5ead56d1434c6e3fcb35cb15a305164b0c8391e4726bde522423164d172350ee215b5c773dea97fa9ab4e7b7ebba067f2d7278e105570fe163ab05c1c273ead4642b61354e0ec9b2f2f826105fe18163bb32ec27fc60710f2bfff5f26fd1d10e75139af22a4b73d54ce4098709dd8fb464dfec3f7282d11c196d729076e7ee5f6dd1c28cfacced04e4250993a9a1a1ae67365c8a4e42af00f7dd0866ef8ff8d27d13867edaf3842ef45f8d8050c5be19919ce2e2d4bb794eb8a5488f5c99ecfd04de4d54777995fd857b76fc18e1c1eb462f863c5cc8b2e10595b6a91e4f04621b57d3dfc7899d9088dce3e5408a581d611c97edd60f34fe9d4242de3bea399bbb8be311af1dad945b7091fca929e06a5ca7ebb498adac5ee57df4633cd2d709960e6cc2d701a06503d3208e5d783f30ebfa07fdc94bc6cc43d8aea64fb4ea4ef5a09ab50ce3c77bf3b870d94a1e6adb4f514eaedd6323038027b900c62b305837c8bbde71407e4b2f79a50cb9fdad5872ebc03eef81553f420aa55bb8dbb9ad91c79eab04c4a33513caa6dbf81330e777da5bc27a7207406139969d534af6e551ee44f277fbf510c9d3f91599b76721de86f19b24ba27e755965ffb849bbd1581c3e7e0d83e2c6203c20ef63804c028bdada93694e95ac08d76cab059afb468e8e2241585886df91c1055b40759626eea3447b41e06457c0b200eb94952c0d47db2274ebbb7f0e49f983d512fe13698fe98a189850c310146b0130cd2378a4624afd4a963121c4ab585e8c752edb80118b53b1ceafff037075422bf0a6a9222e2b5f3f3d411fb22b5634c4c1cb7ec540ec20a5fbcc23d3dd8c0427188e8ecc888a62391fb4ca3ef384b3d5c06dd773cdcc8ad2e4a5092a36e45c7bd2f09ebceb4ce63fe28867bf0f329c19115be5be62009a8a30313a606e1198b684ee3e79513d910a9d04425fa398849f57ed5aeb2173d154053e90a210fbec668e76bc5dc3578781be7988f73cb5f1d68d8134f21f46d025963a95a45d0765284dd26642ef98039a40382ed3ee5970a7352fa5d1c9f456c7358348964d724764543002be08170b222a8a23439dc99a15f7f086c51715f95fc093506a98ae8279aea1bdf3a764ced19021a09b67dbcac2ced9422d075abec307116f421df6c2e06165650d358ec9403a588907913eb3962496387f33f79a2c902090f9864f84288375552a8e0f2d4ba7c6a5799ad6abdeb9b68524870735abc3ea8aa886d2daf792fdde60d4a488a852feab595768ed325356f39d7c9bbcc2d49ef53bfc8a2d01045000c5187bbbfb587ca8f99bf51f3d587b8be37e66188ee0df447a522f2881021ae2ee57ad31b8680d1343a9ab5cb7f6694c438c8f5b7689c3cd8d17d70bad54491c1e1e89218071e06df6e0f76514b970e0ddc085542b3170bc34f787b345ebd48e0ae0ae337e36f4d455237d03a10fcab220966730cd7dcd08a8acf3b9426fa3c1dee15583f6d3a36970a6c99de5f9fab449de8208382025cdb972d476d05dba2fc0bb39ac171b9de0f10323520366079c53b07a0a1b209ea059c9a22a482b5093704a667c85d81f3edaf31a24971696dee5140817b59c7ae6c9d49c1768f2326af77f8441cbece5bf25f0d56f50266e7dfffc2866575851f22bde9994dde8fc7921c8dbcafa03e4411082214efecc832541a14921a7c77c408685a01c37cbe738146dd0af2833ab1e480f15f4f8eed98eb0aad280165d71275a37f6272fa89526378072bf3e0ef182ccbfb3f01d0939f78e2ea91361b1bc40cc0879bdf9f2f7fa320b519ff13f73c05fcd7c271b2336bfaf8eb20238acc796e5511fe38217bc1875782df8ff46f6b4355e9eda46c3a4a5d125b18b2a217957c6780be1dbc8604d93e1d21c58604f09bc02e37babf0039bf9c501f0e19a64242e635a97a64368b5947acbac249553e24e1353b81238a225ba8633b64d293879d7898583d348d49a8659d2e9b7e74d064e959f5ee642445f72523e4758ed4c27cd2cb3c5d0b59b7ba37eb568a0afd159935a823fc974116bbd1962f85b1a94edd7601649c26421bda350ce84d97e6cf5db5d217ed5fe511bcf1ba38c6312ce43951ada1d97e6cd4a6365338ae31508da8ec315387a769c32a2c34d3583dcf42d7f56dcb5047d0a0f1ff9da946bde6aa5ecb117a716658edb68a813d070d083fe227ef60d29361615075cb07a7a45c01b3090adc7e9fb640fa4f4c39482b31473dc1c5a4c2e8fefc2b46a5741fd0a8f6038bded10ab5ca93e0e29460d5dc91c73f143c62957808e0e7c97f87027d67eb957ab770b9760f5995c0bab8919e1ae0c8f31dca627c60a8107101a2a99f082a91091177b8dce0d2e6908520b09edb4f689131c7faca072050aabfe4562f6ce3d3ae08ec72bd851ef2c2d88c0994f502b133584da5b1a1791b61395f8d06a597fd0e184bd60693306c1bb688421445526ca67749a610859489b436d7f6958c1f4447a8a2a340664bd368bdb8ad3350724a92857f32166ffcdfb7e8e3739781e04bf90a5db8187a25bb0592b825be82ee12b9cdd5f630dada34949474c141beecbfd3873eefc02b4c6cfe9ecd6c7eb7d1a4336c7dd607f119b8017b401a38445e133801c774568876de15d8db903b95b4b78a27be7139356eb495fb9474cd1897c317d6ae15c8e402d8d3eaa311cff7d540a678f092353897b018a049ad01095e35b2e0c1379cc6beba6c8ab445c134859211c82f333ee0b91104b24aa7b58e771096c9ec86fa03c6bda1c9cefdfc71afca08578250a849de659e7c9ad65fd219e4e76fd97030d4fd227e9d9e31208d430f96665680634f3c950a495206b7e4aa3cc69c65adca567cb9ac98ab65ca5808f1108305aefcf72183bebf47c3aa49e9a7f2b68117732d2ace76e76e951de55e564d5ea783fa34555ac8eedf4f0c8ddfa4e5d0bb34dc4196ccefcc5ba5ed26f83e6d7460bd5b95d283bf364cfebc0b60bdd687f32540ca1b46ecd4d47de97a1c538104510e45f779767cbf1f9976e6f480c9059825ca27ecf836d303a27c0cfabfb277a941772a3578a4da91486ed1abdf4b82f68f487532e7fd52e875de494620fb56a3aa3598f10560e0aa85edb8371170e3d3e4fed2c19ca5658827397dce8b4cf95e648edbeb903c28cc4b64e8062a827911f96002df9f20560e39f03f9b0d01b1d155d1d8e46e2321473d3a4b1f4c200d1f32603636cd1b2afaf0e2064d3b6e8d9630b5eba7277990eedad2ae2bb7f9fcf5c3331be9e35b4bc9dbb8adfb1d00405b33b9ec488c07d574743ab4e36d6f9834ad172aa070115031f3955ffa861b2e77ccb970ca4a02c6c2f0310c6a3fe60f17a023a7683a4077e47f4f2f56f34356b90a943caad22ecf486bffc9c6155edebd6a896bb27f0834e4de1b65f9ad4d9efcc8ffa45c808daa94456069cbce47f1676a6dc4963316714710ff3f76df4cc859fe80622e34623e6c20b93c5c7f21c2cafa33ab7607dd3b70e51ba26fc2382f540c1a6c8756973ad95540d040e562fa0f274891b4be7ae03a9c433a28ada3720b4731f7b2f74069030f424e754deec3e96d1c8f9350f9d7660871bfdd31154f405d1319473a7f66d2af7e5916e4045a1491337ba849f0478eeb4c8279340f7c4d9e0c12818760f62228aed291e28cd9b08c07b60ec62aa50795027ec479d3c51898fd53c0aaba6357e8d83f9cc02381dc4223362a76e3ae2c8d483afe7ac3ebbe1498452a27fa873a8ec839d749a9c56d2d37bf0a20b99c6566515e2013740561b79fdec67a6de783f16cfb09de7e09d2d80a95704b4ce850826b59a73843a8afc2ff3f47556a6270041b5ffd4d663fee99c99ca81b0936bb559bd590de8473d110f1ad21f2c6fcd5e7cb0f2239c7d1541f340664bd2a9bdc56623b90f35d0b3c87517e0958990c28a86eee1a742f9a0153bc64deb04928dfe258896e70a3926e1e060d94f331a35c54c1a9d04e14e8343f30d5b6eda0078d0b2c4ce463de63bfa36d1f0be571bd93f2d353adfbad2075aea0ebb2a1de6e2f126849e093945e2f8265ec2532e871e341e021cae587f3f878ce3420dbd5b45339ef257b0a4ebab1912eca5da307d289fe3c74f1f877b8aff22f81288673c362f33cc456d78904f827197f4b12f62e11a01b35cb8faca8b279e2404ed7cb9edb18506682250cf5d58c48d5e073120fd9818fd6988e485b49d369687987cd4ee1bf33725240a31f4a82d6736ed7ea52a2bb1f62ebeebc41de5a7ba42c2a27abdaf04dc4bd70d7c39a53c39086f168bee03dc02e09d8e5c476a94be8b11fcae01c28e8e4cd663d889982b6eb9841eeb549991fb50990336e8ca1ca7d15712fa28877f6316b097d69f54eabb72b4d277a5dcedc6d32475eed8a083421de86c6ac59d62dfc00506db867a7a553e2f20be27e7261dd97ce567dcc4c11f93d1e0a4f7a5501be53e035c8510c92156ea042a764d29206097f64624be50cd7134eeb95bdd680b6a80175c557bb04b008887c95ec11c6cea6e3b13a9100dd284676b8fdc4131edfaf9f55c540b0cca2eb093b2287b358ec27a5a6e937f8c3724bc4213e9d22bc"}, 0x1011)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$igmp6(0xa, 0x3, 0x2)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x41, '\x00', 0x0, @fallback=0x6, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ffb, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='kmem_cache_free\x00', r8, 0x0, 0xad13}, 0x18)
mount$tmpfs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='mpol=prefer', @ANYRES64=r7, @ANYRES64=r8])
openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x515002, 0xc6)
setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x8, 0x3, 0x460, 0xf0, 0xffffffff, 0xffffffff, 0xf0, 0xffffffff, 0x390, 0xffffffff, 0xffffffff, 0x390, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00', {}, {}, 0x2f, 0x0, 0x3}, 0x0, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@local, 'nicvf0\x00', {0x3f66}}}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x3d}}, [0xffffffff], [], 'wg1\x00', 'gre0\x00', {}, {0xff}}, 0x0, 0x258, 0x2a0, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x563e4515, 0x0, 0x7, 0x3fc, 0x20}}}, @common=@inet=@hashlimit3={{0x158}, {'veth0_vlan\x00', {0x3, 0x0, 0x48, 0x0, 0x15ab, 0x1000, 0x6, 0x5}}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00', 0x2, 0x5, {0x6}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x4c0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x74000000, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="4c00000010004b0400f4ed00000000007a000000", @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800b00010062726964676500001c00028008000400000000000600060000000000060009"], 0x4c}}, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r9}, 0x10)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000001c0)={{r2}, &(0x7f0000000080), &(0x7f0000000180)='%ps    \x00'}, 0x20)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
sendmmsg$inet(r1, &(0x7f0000000780)=[{{&(0x7f0000000040)={0x2, 0x4e21, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aaffffffff0000000010000000000000000000000007"], 0x30}}], 0x1, 0x4008804)

631.473921ms ago: executing program 3 (id=5526):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r1, &(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @loopback}, 0x4}}, 0x2e)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0xa00008, &(0x7f0000000140)={[{@min_batch_time={'min_batch_time', 0x3d, 0xd}}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@noblock_validity}]}, 0x1, 0x7ad, &(0x7f00000007c0)="$eJzs3c9rG1ceAPDvyD/jZNdeWNjNngwLu4YQeZ31JruwsFn2sBQaCLTnJEZWTGrZCpYcYmNIQin00kNLD4XmknPTprdc++PaXvo39FAS0tYJTemhuIw0SmRbcpzEklL8+cBY782M9N533sybZ82gCWDfGk//5CIORwykydFsfhLZjOiPOFlf7+H6WiGdktjYeOW7pLbOg/W1QjS9J3Uwy/wxIj57I+JIbnu5lZXV+ZlSqbiU5SerCxcnKyurRy8szMwV54qLx6emp4+d+MeJ43sX6w9frh66+/b///rRyZ9e/8Ottz5P4mQcypY1x7FXxmM82yYD6Sbc5H97XViPJb2uAM8kPTT76kd5HI7R6NuhJf/T1ZoBAJ1yJSI2AIB9JnH+B4B9pvE9wIP1tUJjivr1nKs9/WKiS+79NyKG6/E3rm/Wl/TXr9l9NVy7DjryIKldI2lIImJsD8ofj4jrt8/cTKfo0HVIgFauXouIc2PjW/v/tIfbes/C0/rbLtYZ35LX/0H3fJKOf/65ffwXkcuO/+Ha363jn6EWx+6zePLxn7uzKTuwB4U2Scd//266t+1hU/yZsb4s95vamG8gOX+hVEz7tt9GxEQMDKX5qR3KmLj/8/12y5rHf9+/89oHafnp6+M1cnf6hza/Z3amOvM8MTe7dy3iT/2t4k8etX/SZvx7epdlvPSvN99vtyyNP423MW2Pv7M2bkT8pWX7P74PKtnx/sTJ2u4w2dgpWvj46/dG2pXf3P7Xb6clrRUa/wt0Q9r+IzvHP5Y0369Zefoyvrgx+mm7ZZvjP3MzLX9z/K33/8Hk1Vp6MJt3eaZaXZqKGExe3j7/2OP3NvKN9dP4J/7c+vjfaf9Pu6FzWXrjCTc/9t/99sNnj7+z0vhn0/ZPsiCe2P5Pn7j1cL6vXfm7a//pWmoim7O9/+vf9rm7reBzbTwAAAAAAAAAAAAAAAAAAAAAAAAA2KVcRByKJJd/lM7l8vn6M7x/HyO5UrlSPXK+vLw4G7VnZY/FQK7xU5ejTb+HOpX9Hn4jf2xL/u8R8buIeHfoQC2fL5RLs70OHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyB9s8/z/1zVCvawcAdMxwrysAAHSd8z8A7D9tzv+DrWcf6GhdAIDuqJ3/k/5eVwMA6CLf/wPA/uP8DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQIedPnUqnTZ+XF8rpPnZSyvL8+VLR2eLlfn8wnIhXygvXczPlctzpWK+UF5o+0FX6y+lcvnidCwuX56sFivVycrK6tmF8vJi9eyFhZm54tniQNciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDdq6yszs+USsUliZ0TV16IalzLmq3XW0PihUgMRUSnimjuJQ70pnMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+BX4JQAA//9qsh/Y")
bpf$PROG_LOAD(0x5, &(0x7f0000000e00)={0x11, 0xb, &(0x7f00000005c0)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4c, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000780)='cpuacct.usage_sys\x00', 0x275a, 0x0)
fsetxattr$security_capability(r2, &(0x7f0000000240), &(0x7f0000000280)=@v3={0x3000000, [{0xffffffff}]}, 0x18, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x800, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='kfree\x00', 0xffffffffffffffff, 0x0, 0x6}, 0x18)
syz_io_uring_setup(0x5c84, &(0x7f0000000f80)={0x0, 0x4211c, 0x400, 0x0, 0x3e6}, &(0x7f0000000540)=<r3=>0x0, 0x0)
syz_io_uring_submit(r3, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000700)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d0000008500000050000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0xe, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000680)={&(0x7f0000000340)='kfree\x00', r4}, 0x18)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
sendmsg$IEEE802154_LLSEC_ADD_DEV(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x4, 0x700000000000000}, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x58}}, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000000c0)={0x1, &(0x7f0000000200)=[{0x30, 0x0, 0x0, 0x4}]}, 0x10)
io_uring_enter(0xffffffffffffffff, 0x47bc, 0x0, 0x0, 0x0, 0x0)

446.578593ms ago: executing program 4 (id=5527):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
getrandom(0x0, 0x0, 0x2)

439.329594ms ago: executing program 3 (id=5528):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
getrandom(0x0, 0x0, 0x2) (fail_nth: 3)

408.735374ms ago: executing program 4 (id=5529):
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(0xffffffffffffffff, 0x0, 0x4040004)
socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
r0 = syz_io_uring_setup(0x5c2, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x20004, 0xfffffffc}, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000580)=<r2=>0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x54, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x7fff}]}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}]}, 0x54}}, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x18, 0x0, 0x0, 0x4, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x40, 0x1})
io_uring_enter(r0, 0x6e2, 0x3900, 0x1, 0x0, 0xe00)
rt_sigsuspend(&(0x7f00000002c0)={[0x225c17d03]}, 0x8)

323.988355ms ago: executing program 3 (id=5530):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000660000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='net_dev_start_xmit\x00', r0}, 0x18)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000000000007b8af8ff00000007020000f8ffffffb703000008000000b704000000000000850000005900000095000000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0xfffffffffffffd2a, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r2}, 0x0, &(0x7f0000000040)}, 0x20)
io_setup(0x14d, &(0x7f0000000380))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
flock(r3, 0x5)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
flock(r4, 0x1)
flock(r4, 0x2)
dup3(r4, r3, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000180)='net/ipv6_route\x00')
preadv(r5, &(0x7f0000000140)=[{&(0x7f00000001c0)=""/4096, 0x1000}], 0x1, 0x96, 0x0)
eventfd(0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000a00)={{0x1, 0x1, 0x18, r1, {0x9}}, './file0\x00'})
openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000cc0), 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002ec0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e01f3440cee51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cad32b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337602d3e5a815232f5e16c1b30c3a6abc85018e5ff2c91018afc9ffc2cc788bee1b47683db012469398685211dfbbae3e2ed0a50e7393bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d300006aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7af22e30d46a9d26d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977fb536a9caab37d9ac4cfc1c7b400000000000007ffc826b956ba859ac8e3c177b91bd7d5e41ff83ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d000069a16203a967c1bbe09315c29877a308bcc87dc3addb08142bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8240000e3428d2129369ee1b85af9ffffff0d0df414b315f651c8412392191fa83ee830548f11be359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92000000000f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb74d4ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905de328c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a978ee56c83a3466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342e0eaf6f330e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea95ec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf81700cd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be3827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f969369de47422604e2fc5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293b6c833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b612272d40f522d8c98c879aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbe71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd46dbd61627a2e0a74b5e6aefb7eee403502734137ff47a57f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a125e3af1130d66a7b66837ae7e7123dde7404a067ad0a6a2d6bec9411b61cad4121be3c72ff3a04713042253d438e7becf8120de3895b8ce974958bde39cb8da3427a2e9e2de936431e67fed5ab5684db07de39083d8948cc4c8a2608100000000000000000000aecb8b0b7941088f971ce17427eec32a012295cc0cdd32955176b6ad5a4bb953e58ccfa9428f452cfb5a48a9fda26db3985c8be3c2f99827da074825b01c4a3a71fb59d5798100000000000000c76b05a45d2dd8c20d971e2f3e4369168f5cb83d6ff3a18733fec726034fbfa95624135bee374414b2c8c61f52357a520efd6a10aff244bc8a62ed367981fb4d5d77f7bc093958ff46527499957da4934cd4b370cf76f72dd05fa80cdfb68c836fd81be7a58532e041a87f9222f157610a4bcdc05b2a55308c8e7568b90f7a338557e816a16972aea79dff5becefa6f9c5ce6c58fb38da9e7532dc53cfdc2e789b76f7d32aca1bfea2aa62621b78dded30fc07171866bf3d552900000000a32dda61eeda1750e157c2d569b9d08f583c0ee28daec2e8bb85f3c8e91c4448096ee953def18dc73e55cb30f9cd069d8780b00eaba382f0c3ae391c30a5f1b0f36dd0c2193b791995d2890327a10d7abac76d1202f72e97f0105184d7aaaab8d3e29c9a8d263f076b55cf53c5bb9c0662a3d19a6722d7f83ae4331d3256f90af0857788b380ccc3b266c418e66d1d756d5df6423dd0cea67bc235d3776d22270fc19301ead09f156893e9"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r6, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03316844268cb89e14f0080047e0ffff00124000632f77fbac14fe16e000030a07080403fe80000020006558845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x24, 0x60000000}, 0x2c)

168.722047ms ago: executing program 3 (id=5531):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
close_range(r2, r2, 0x0)

147.126327ms ago: executing program 0 (id=5532):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)

113.397718ms ago: executing program 0 (id=5533):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000000)={<r2=>0xffffffffffffffff}, 0x2, 0xc}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r1, &(0x7f0000000280)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0x7ff, @empty, 0x331}, {0xa, 0x4e20, 0x1ff, @dev={0xfe, 0x80, '\x00', 0x15}, 0x9}, r2, 0xb}}, 0x48)
write$RDMA_USER_CM_CMD_DESTROY_ID(r1, &(0x7f0000000380)={0x1, 0x10, 0xfa00, {&(0x7f0000000300), r2}}, 0x18)
socket$inet6_tcp(0xa, 0x1, 0x0)

112.819598ms ago: executing program 3 (id=5534):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
close_range(r2, r2, 0x0)

92.454888ms ago: executing program 0 (id=5535):
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
openat$selinux_policy(0xffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0a00000002000000090000000800000000000000", @ANYRES32, @ANYBLOB="000000000100"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x1e, 0xc, &(0x7f0000000ac0)=ANY=[@ANYRES16=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff8, @void, @value}, 0x94)
syncfs(r1)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000002c0)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10)
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000000f80)={'filter\x00', 0x7, 0x4, 0x3e8, 0x1f0, 0xe8, 0x300, 0x300, 0x1f0, 0x300, 0x4, 0x0, {[{{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x1000, 0xc0, 0x3}}}, {{@uncond, 0xc0, 0x108}, @unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x7, 'syz0\x00', {0x10000}}}}, {{@arp={@broadcast, @rand_addr=0x64010100, 0x0, 0x0, 0x5, 0xd, {@empty, {[0xff, 0x0, 0xff, 0xff, 0x0, 0xff]}}, {}, 0xfffa, 0x6, 0x7, 0x0, 0xb2, 0x6, 'veth1_to_bond\x00', 'wg0\x00', {}, {0xff}, 0x0, 0x210}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@multicast, @empty, @multicast1, @remote, 0xd, 0x1}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x438) (fail_nth: 3)

65.522459ms ago: executing program 3 (id=5536):
r0 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000080)=@filter={'filter\x00', 0xe, 0x4, 0x350, 0xffffffff, 0x0, 0x220, 0x220, 0xffffffff, 0xffffffff, 0x2b8, 0x2b8, 0x2b8, 0xffffffff, 0x4, &(0x7f0000000040), {[{{@ip={@dev={0xac, 0x14, 0x14, 0xa}, @multicast2, 0x0, 0xffffff00, 'xfrm0\x00', 'netpci0\x00', {0xff}, {}, 0x5e}, 0x0, 0xf0, 0x150, 0x0, {}, [@common=@set={{0x40}, {{0x2, [0x3, 0x2, 0x2, 0x3, 0x4, 0x2]}}}, @common=@set={{0x40}, {{0xffffffffffffffff, [0x8, 0x0, 0x0, 0x3, 0x1, 0x2], 0x6, 0x7}}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, 0xb, 0xb, [0x39, 0x30, 0x2, 0x9, 0x3f, 0x2d, 0x12, 0x26, 0xd, 0x21, 0xe, 0x18, 0x20, 0x1f, 0x12, 0x25], 0x1, 0x0, 0x7}}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x0, [0x4, 0x1, 0x2, 0x0, 0x0, 0x2], 0x1}, {0x4, [0x1, 0x0, 0x2, 0x1, 0x1, 0x4], 0x3, 0x1}}}}, {{@uncond, 0x0, 0x70, 0x98}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x1}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3b0)
sendto$inet(r0, &(0x7f0000000440)="afb759a95ecb1024c69b34dbf6cd34198e943683ec08a2e7d915fdd93ad907373562dfe0f6efe0681ea8e4aa83234c3c3e6a7bbf656c1ae6a6164029da38ba6af3ea80a99154cef212b47de819920a583dcdabe250ed89eadd5534a88de9c3f0d95bdc67cffad2245772b61c38928ee38381f8f2c5126accca40af98ead9bf1dbf0fc13013289418decf50c432ad17961d31dda00d68cc53c88d617eb2ea29aca0317cfbe3", 0xa5, 0x20040880, &(0x7f0000000500)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x32}}, 0x10)
r1 = openat(0xffffffffffffffff, &(0x7f0000000540)='./file0\x00', 0x7eff5801add3e9ba, 0x22)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000005c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_DEAUTHENTICATE(r0, &(0x7f0000000700)={&(0x7f0000000580), 0xc, &(0x7f00000006c0)={&(0x7f0000000600)={0xc4, 0x0, 0x200, 0x70bd2d, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IE={0x63, 0x2a, [@prep={0x83, 0x25, {{0x0, 0x1}, 0x1, 0x96, @broadcast, 0x2, @value, 0x5, 0x80, @device_b, 0x3}}, @preq={0x82, 0x36, {{0x1, 0x1, 0x0, 0x0, 0x1}, 0x3, 0x7, 0x80000000, @device_a, 0x28, @value=@device_b, 0x200, 0x7fff, 0x2, [{{0x1}, @device_b, 0x5}, {{0x1, 0x0, 0x1}, @device_a, 0xd05}]}}]}, @NL80211_ATTR_LOCAL_STATE_CHANGE={0x4}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x1}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0xfffd}, @NL80211_ATTR_LOCAL_STATE_CHANGE={0x4}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x1}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}]}, 0xc4}, 0x1, 0x0, 0x0, 0x40040}, 0x40080d1)
mount$9p_fd(0x0, &(0x7f0000000740)='./file0\x00', &(0x7f0000000780), 0xc0000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@noxattr}], [{@smackfsroot={'smackfsroot', 0x3d, '\x00'}}, {@defcontext={'defcontext', 0x3d, 'staff_u'}}, {@subj_user={'subj_user', 0x3d, 'netpci0\x00'}}, {@appraise}, {@audit}, {@smackfstransmute={'smackfstransmute', 0x3d, 'CLUSTERIP\x00'}}, {@seclabel}, {@fsname={'fsname', 0x3d, '-'}}, {@subj_user={'subj_user', 0x3d, ':'}}, {@hash}]}})
ioctl$VFAT_IOCTL_READDIR_SHORT(r0, 0x82307202, &(0x7f00000008c0)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
r3 = add_key$keyring(&(0x7f0000000bc0), &(0x7f0000000c00)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb)
request_key(&(0x7f0000000b00)='rxrpc\x00', &(0x7f0000000b40)={'syz', 0x1}, &(0x7f0000000b80)=',)%%#^-\x00', r3)
ioctl$F2FS_IOC_PRECACHE_EXTENTS(r1, 0xf50f, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000c80), r1)
sendmsg$NL80211_CMD_VENDOR(r0, &(0x7f0000000e80)={&(0x7f0000000c40)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000e40)={&(0x7f0000000cc0)={0x160, r4, 0x400, 0x70bd27, 0x25dfdbfc, {{}, {@val={0x8, 0x1, 0x70}, @void, @val={0xc, 0x99, {0x3, 0x8}}}}, [@NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0x7}, @NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0x6}, @NL80211_ATTR_VENDOR_DATA={0xe0, 0xc5, "67e8b1135aaaa7e5f27f93cba1a0877732d7742b82f5096c054a006eb24a4aa2ac711f86e55a131550b063c7ef2cb4e71cd1792a93e6005633f27cc6a34f8ac2573bb34256fc0401712ed52b32dbd93bc2e85d023a789c3f6ee82900911ff7d74e791ddcffac4fdd6641f07305a269603f353d6aa53070dcbd1ad3730f2a703272341130dc8ec8c582236b916a9616fbe8a6d13aa528e2035a335b56f402dffde7c01e3ffc5adba148e56db0609eb8fc5f98357b3abc24e7e5e5bf108a087b6d4a7573c82c77a675a680747027d80200a6d7ba1d155b7f9cfadad6ee"}, @NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0xfffffffd}, @NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0xc}, @NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0x8}, @NL80211_ATTR_VENDOR_DATA={0x2f, 0xc5, "ec54816951051279108c7b51e84b5f8383900aa9295e07c1834073eb1774bfe3851a1042013bd2d999b596"}]}, 0x160}, 0x1, 0x0, 0x0, 0x40}, 0x10)
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000ec0)={{{@in=@loopback, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0, <r6=>0x0}}, {{@in=@initdev}, 0x0, @in6=@private0}}, &(0x7f0000000fc0)=0xe8)
statx(r1, &(0x7f0000001000)='./file0\x00', 0x400, 0x200, &(0x7f0000001040)={0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0})
keyctl$chown(0x4, r3, r6, r7)
r8 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000001140)={0xffffffffffffffff, 0x1, 0x8}, 0xc)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000001540)={r1, 0x20, &(0x7f0000001500)={&(0x7f0000001400)=""/171, 0xab, <r9=>0x0, &(0x7f00000014c0)=""/9, 0x9}}, 0x10)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001600)={{r0, <r10=>0xffffffffffffffff}, &(0x7f0000001580), &(0x7f00000015c0)='%+9llu \x00'}, 0x20)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000001700)={0x14, 0x11, &(0x7f0000001180)=@framed={{0x18, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x6}, [@ldst={0x1, 0x2, 0x6, 0x0, 0x9, 0x8, 0x10}, @tail_call={{0x18, 0x2, 0x1, 0x0, r1}}, @map_val={0x18, 0x0, 0x2, 0x0, r1, 0x0, 0x0, 0x0, 0x398}, @map_val={0x18, 0x9, 0x2, 0x0, r8, 0x0, 0x0, 0x0, 0x7}, @map_idx={0x18, 0x1, 0x5, 0x0, 0xe}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0x8, 0x0, 0x0, 0x0, 0xa}]}, &(0x7f0000001240)='GPL\x00', 0x2, 0xcf, &(0x7f0000001280)=""/207, 0x41100, 0x32, '\x00', r5, @lirc_mode2, 0xffffffffffffffff, 0x8, &(0x7f0000001380)={0x9, 0x2}, 0x8, 0x10, &(0x7f00000013c0)={0x4, 0xa, 0xffff, 0xc8f}, 0x10, r9, 0xffffffffffffffff, 0x6, &(0x7f0000001640)=[0xffffffffffffffff, r0, r1, r1, r10], &(0x7f0000001680)=[{0x4, 0x3, 0xf, 0x4}, {0x2, 0x1, 0x4}, {0x2, 0x4, 0xf}, {0x2, 0x2, 0x10}, {0x3, 0x5, 0xc, 0xb}, {0x4, 0x3, 0x10, 0x4}], 0x10, 0x5, @void, @value}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001840)={{r8}, &(0x7f00000017c0), &(0x7f0000001800)='%+9llu \x00'}, 0x20)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$MON_IOCG_STATS(r1, 0x80089203, &(0x7f0000001880))
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f00000019c0)={&(0x7f00000018c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000001980)={&(0x7f0000001900)={0x44, 0x2, 0x3, 0x5, 0x0, 0x0, {0x3, 0x0, 0x1}, [@NFQA_CFG_MASK={0x8, 0x4, 0x1, 0x0, 0x2b}, @NFQA_CFG_CMD={0x8, 0x1, {0x1, 0x0, 0x26}}, @NFQA_CFG_MASK={0x8, 0x4, 0x1, 0x0, 0x1b}, @NFQA_CFG_FLAGS={0x8}, @NFQA_CFG_FLAGS={0x8, 0x5, 0x1, 0x0, 0x24}, @NFQA_CFG_FLAGS={0x8, 0x5, 0x1, 0x0, 0x20}]}, 0x44}}, 0x40400c0)
pwrite64(r1, &(0x7f0000001a00)="2c0f0b65fc12e29fb451525d169fb3fcb842c0ea916d0eefc1598768a61f79ea78f1516204358d0484e2b3c96115ec9a7f8d7bf49c8d722fc2dcfd7ec1bf098a3e24ef33b6f045f744f3bd4691e4dace8595a9d6718b6cfc08e682cb1b1297057d4c225d4546dea3c7582b9c9a6573212d68d7813558c0afb1e868dd2911743c8dc63f96952671a96882e0cc8d47914054e930450ef4b6de72268c472346656069d5df", 0xa3, 0x10)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000001ac0)={r1, r0, 0x0, r11}, 0x10)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000001bc0)={'syztnl0\x00', &(0x7f0000001b40)={'syztnl1\x00', <r12=>r5, 0x29, 0x7, 0x8, 0x7, 0x48, @dev={0xfe, 0x80, '\x00', 0x36}, @mcast1, 0xf710, 0x700, 0x937, 0x100}})
sendmsg$nl_route(r1, &(0x7f0000001cc0)={&(0x7f0000001b00)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000001c80)={&(0x7f0000001c00)=@ipv6_newaddrlabel={0x68, 0x48, 0x4, 0x70bd29, 0x25dfdbfe, {0xa, 0x0, 0x8, 0x0, r12, 0x3}, [@IFAL_LABEL={0x8, 0x2, 0x2}, @IFAL_ADDRESS={0x14, 0x1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @IFAL_ADDRESS={0x14, 0x1, @private0}, @IFAL_LABEL={0x8, 0x2, 0x4}, @IFAL_ADDRESS={0x14, 0x1, @mcast1}]}, 0x68}, 0x1, 0x0, 0x0, 0x44}, 0x8000)
getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000001d00)=@assoc_value, &(0x7f0000001d40)=0x8)

0s ago: executing program 0 (id=5537):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000080)="2e00000038000511d25a80698c63940d0124fc602f6e35400c000200001ec00037153e370a00018025581d00d1bd", 0x2e}], 0x1, 0x0, 0x0, 0x39c}, 0x0) (fail_nth: 4)

kernel console output (not intermixed with test programs):

[  240.142629][T13107] failed while handling packet from 1:16385
[  240.155233][T13107] failed while handling packet from 1:16385
[  240.161356][T13107] failed while handling packet from 1:16385
[  240.167491][T13107] failed while handling packet from 1:16385
[  240.173701][T13107] failed while handling packet from 1:16385
[  240.179697][T13107] failed while handling packet from 1:16385
[  240.185745][T13107] failed while handling packet from 1:16385
[  240.191824][T13107] failed while handling packet from 1:16385
[  240.200347][T13107] failed while handling packet from 1:16385
[  240.233908][T16258] 8021q: VLANs not supported on nlmon0
[  240.246028][T16246] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4292'.
[  240.258701][T13107] failed while handling packet from 1:16385
[  240.258726][T13107] failed while handling packet from 1:16385
[  240.286168][T13107] failed while handling packet from 1:16385
[  240.295805][T13107] failed while handling packet from 1:16385
[  240.302086][T13107] failed while handling packet from 1:16385
[  240.309452][T13107] failed while handling packet from 1:16385
[  240.316569][T13107] failed while handling packet from 1:16385
[  240.323240][T13107] failed while handling packet from 1:16385
[  240.329174][T13107] failed while handling packet from 1:16385
[  240.336145][T13107] failed while handling packet from 1:16385
[  240.343766][T13107] failed while handling packet from 1:16385
[  240.350049][T13107] failed while handling packet from 1:16385
[  240.356118][T13107] failed while handling packet from 1:16385
[  240.367830][T16265] vlan2: entered promiscuous mode
[  240.379108][T16265] bridge0: entered promiscuous mode
[  240.388264][T13107] failed while handling packet from 1:16385
[  240.388361][T13107] failed while handling packet from 1:16385
[  240.466729][T16269] loop4: detected capacity change from 0 to 8192
[  240.500360][T13107] failed while handling packet from 1:16385
[  240.501040][T16269]  loop4: p1 p3 p4
[  240.510825][T16269] loop4: p1 size 8452352 extends beyond EOD, truncated
[  240.519445][T13107] failed while handling packet from 1:16385
[  240.519510][T13107] failed while handling packet from 1:16385
[  240.526080][T13107] failed while handling packet from 1:16385
[  240.595074][T16269] loop4: p3 size 589824 extends beyond EOD, truncated
[  240.667534][T16273] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  240.715386][T13107] failed while handling packet from 1:16385
[  240.753945][T13107] failed while handling packet from 1:16385
[  240.805215][T13107] failed while handling packet from 1:16385
[  240.828982][T13107] failed while handling packet from 1:16385
[  240.835003][T13107] failed while handling packet from 1:16385
[  240.842336][T13107] failed while handling packet from 1:16385
[  240.847848][T16282] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  240.869510][T13107] failed while handling packet from 1:16385
[  240.869533][T13107] failed while handling packet from 1:16385
[  240.876467][T13107] failed while handling packet from 1:16385
[  240.890076][T13107] failed while handling packet from 1:16385
[  240.896568][T13107] failed while handling packet from 1:16385
[  240.898053][T16289] netlink: 'syz.1.4307': attribute type 21 has an invalid length.
[  240.902721][T13107] failed while handling packet from 1:16385
[  240.917341][T13107] failed while handling packet from 1:16385
[  240.923757][T13107] failed while handling packet from 1:16385
[  240.929971][T13107] failed while handling packet from 1:16385
[  240.936032][T13107] failed while handling packet from 1:16385
[  240.942176][T13107] failed while handling packet from 1:16385
[  240.948314][T13107] failed while handling packet from 1:16385
[  240.954630][T13107] failed while handling packet from 1:16385
[  240.960635][T13107] failed while handling packet from 1:16385
[  240.966871][T13107] failed while handling packet from 1:16385
[  240.986121][T13107] failed while handling packet from 1:16385
[  240.992544][T13107] failed while handling packet from 1:16385
[  240.998839][T13107] failed while handling packet from 1:16385
[  241.005196][T13107] failed while handling packet from 1:16385
[  241.011817][T13107] failed while handling packet from 1:16385
[  241.018612][T13107] failed while handling packet from 1:16385
[  241.030088][T13107] failed while handling packet from 1:16385
[  241.036350][T13107] failed while handling packet from 1:16385
[  241.042531][T13107] failed while handling packet from 1:16385
[  241.048519][T13107] failed while handling packet from 1:16385
[  241.054693][T13107] failed while handling packet from 1:16385
[  241.060797][T13107] failed while handling packet from 1:16385
[  241.066830][T13107] failed while handling packet from 1:16385
[  241.072928][T13107] failed while handling packet from 1:16385
[  241.087301][T13107] failed while handling packet from 1:16385
[  241.093530][T13107] failed while handling packet from 1:16385
[  241.112456][T13107] failed while handling packet from 1:16385
[  241.118499][T13107] failed while handling packet from 1:16385
[  241.147271][T13107] failed while handling packet from 1:16385
[  241.153655][T13107] failed while handling packet from 1:16385
[  241.159850][T13107] failed while handling packet from 1:16385
[  241.168080][T13107] failed while handling packet from 1:16385
[  241.176508][T13107] failed while handling packet from 1:16385
[  241.182773][T13107] failed while handling packet from 1:16385
[  241.188792][T13107] failed while handling packet from 1:16385
[  241.195015][T13107] failed while handling packet from 1:16385
[  241.201380][T13107] failed while handling packet from 1:16385
[  241.207728][T13107] failed while handling packet from 1:16385
[  241.221070][T16298] dummy0: entered promiscuous mode
[  241.232443][T16298] vlan2: entered promiscuous mode
[  241.238379][T13107] failed while handling packet from 1:16385
[  241.238401][T13107] failed while handling packet from 1:16385
[  241.244444][T13107] failed while handling packet from 1:16385
[  241.252159][T13107] failed while handling packet from 1:16385
[  241.261783][T13107] failed while handling packet from 1:16385
[  241.267853][T13107] failed while handling packet from 1:16385
[  241.274541][T13107] failed while handling packet from 1:16385
[  241.280552][T13107] failed while handling packet from 1:16385
[  241.286645][T13107] failed while handling packet from 1:16385
[  241.286657][T16301] loop3: detected capacity change from 0 to 2048
[  241.292626][T13107] failed while handling packet from 1:16385
[  241.292645][T13107] failed while handling packet from 1:16385
[  241.312236][T13107] failed while handling packet from 1:16385
[  241.318279][T13107] failed while handling packet from 1:16385
[  241.324312][T13107] failed while handling packet from 1:16385
[  241.330312][T13107] failed while handling packet from 1:16385
[  241.336648][T13107] failed while handling packet from 1:16385
[  241.364666][T16306] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  241.379171][T16301] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  241.379282][T13107] failed while handling packet from 1:16385
[  241.394749][T16301] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[  241.445948][T12695] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  241.467391][T16307] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  241.477584][T13107] failed while handling packet from 1:16385
[  241.477936][T13107] failed while handling packet from 1:16385
[  241.501688][T13107] failed while handling packet from 1:16385
[  241.517878][T13107] failed while handling packet from 1:16385
[  241.532774][T13107] failed while handling packet from 1:16385
[  241.538918][T13107] failed while handling packet from 1:16385
[  241.545785][T13107] failed while handling packet from 1:16385
[  241.552218][T13107] failed while handling packet from 1:16385
[  241.558398][T13107] failed while handling packet from 1:16385
[  241.564662][T13107] failed while handling packet from 1:16385
[  241.570808][T13107] failed while handling packet from 1:16385
[  241.572064][T16314] vlan2: entered promiscuous mode
[  241.576916][T13107] failed while handling packet from 1:16385
[  241.607949][T13107] failed while handling packet from 1:16385
[  241.617843][T13107] failed while handling packet from 1:16385
[  241.629351][T13107] failed while handling packet from 1:16385
[  241.638549][T16321] loop3: detected capacity change from 0 to 2048
[  241.642244][T13107] failed while handling packet from 1:16385
[  241.651119][T13107] failed while handling packet from 1:16385
[  241.657220][T13107] failed while handling packet from 1:16385
[  241.663350][T13107] failed while handling packet from 1:16385
[  241.669807][T13107] failed while handling packet from 1:16385
[  241.671110][T16321] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  241.675930][T13107] failed while handling packet from 1:16385
[  241.697353][T13107] failed while handling packet from 1:16385
[  241.703467][T13107] failed while handling packet from 1:16385
[  241.709488][T13107] failed while handling packet from 1:16385
[  241.717424][T13107] failed while handling packet from 1:16385
[  241.724017][T13107] failed while handling packet from 1:16385
[  241.739403][T13107] failed while handling packet from 1:16385
[  241.745675][T13107] failed while handling packet from 1:16385
[  241.751886][T13107] failed while handling packet from 1:16385
[  241.757922][T13107] failed while handling packet from 1:16385
[  241.764630][T12695] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  241.766227][T13107] failed while handling packet from 1:16385
[  241.779898][T13107] failed while handling packet from 1:16385
[  241.785874][T13107] failed while handling packet from 1:16385
[  241.791847][T13107] failed while handling packet from 1:16385
[  241.809306][T16332] loop3: detected capacity change from 0 to 2048
[  241.821935][T13107] failed while handling packet from 1:16385
[  241.821954][T13107] failed while handling packet from 1:16385
[  241.827873][T13107] failed while handling packet from 1:16385
[  241.834293][T13107] failed while handling packet from 1:16385
[  241.840366][T13107] failed while handling packet from 1:16385
[  241.846554][T13107] failed while handling packet from 1:16385
[  241.854168][T13107] failed while handling packet from 1:16385
[  241.860102][T13107] failed while handling packet from 1:16385
[  241.866594][T13107] failed while handling packet from 1:16385
[  241.873162][T13107] failed while handling packet from 1:16385
[  241.879109][T13107] failed while handling packet from 1:16385
[  242.011594][T16332]  loop3: p1 < > p4
[  242.087694][T16332] loop3: p4 size 8388608 extends beyond EOD, truncated
[  242.156669][T13107] failed while handling packet from 1:16385
[  242.157296][T13107] failed while handling packet from 1:16385
[  242.204674][T13107] failed while handling packet from 1:16385
[  242.251649][T13107] failed while handling packet from 1:16385
[  242.269175][T16342] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4321'.
[  242.280421][T13107] failed while handling packet from 1:16385
[  242.284227][T13107] failed while handling packet from 1:16385
[  242.297597][T13107] failed while handling packet from 1:16385
[  242.303699][T13107] failed while handling packet from 1:16385
[  242.309784][T13107] failed while handling packet from 1:16385
[  242.315857][T13107] failed while handling packet from 1:16385
[  242.321836][T13107] failed while handling packet from 1:16385
[  242.327795][T13107] failed while handling packet from 1:16385
[  242.333774][T13107] failed while handling packet from 1:16385
[  242.339741][T13107] failed while handling packet from 1:16385
[  242.351061][T13107] failed while handling packet from 1:16385
[  242.360184][T13107] failed while handling packet from 1:16385
[  242.372137][T13107] failed while handling packet from 1:16385
[  242.385271][T13107] failed while handling packet from 1:16385
[  242.395607][T13107] failed while handling packet from 1:16385
[  242.403782][T13107] failed while handling packet from 1:16385
[  242.405155][T16345] loop4: detected capacity change from 0 to 2048
[  242.412797][T13107] failed while handling packet from 1:16385
[  242.426370][T13107] failed while handling packet from 1:16385
[  242.437688][T13107] failed while handling packet from 1:16385
[  242.450924][T16349] loop3: detected capacity change from 0 to 512
[  242.463518][T13107] failed while handling packet from 1:16385
[  242.463548][T13107] failed while handling packet from 1:16384
[  242.467320][T16345] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  242.488724][T13107] failed while handling packet from 1:16384
[  242.488746][T13107] failed while handling packet from 1:16384
[  242.501562][T13107] failed while handling packet from 1:16384
[  242.507517][T13107] failed while handling packet from 1:16384
[  242.519489][T16349] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  242.533669][T13107] failed while handling packet from 1:16384
[  242.533690][T13107] failed while handling packet from 1:16384
[  242.533959][T16345] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, 
[  242.539635][T13107] failed while handling packet from 1:16384
[  242.539652][T13107] failed while handling packet from 1:16384
[  242.545576][T16345] block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[  242.560733][T16349] EXT4-fs (loop3): orphan cleanup on readonly fs
[  242.565758][T13107] failed while handling packet from 1:16384
[  242.581327][T13107] failed while handling packet from 1:16384
[  242.589455][T16349] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #16: comm syz.3.4325: corrupted inode contents
[  242.608584][T16349] EXT4-fs (loop3): Remounting filesystem read-only
[  242.615441][T16349] EXT4-fs (loop3): 1 truncate cleaned up
[  242.622284][   T12] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  242.632885][   T12] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  242.659844][T16362] vlan2: entered promiscuous mode
[  242.682126][   T12] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  242.709441][T16367] netlink: 'syz.2.4330': attribute type 21 has an invalid length.
[  242.770452][T16349] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  242.786574][T16349] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  242.818878][T13292] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  242.830560][T16375] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  242.914121][T16384] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  243.628381][T16410] netlink: 'syz.2.4345': attribute type 4 has an invalid length.
[  243.827634][T16428] loop4: detected capacity change from 0 to 2048
[  243.856159][T16428] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  243.910576][T16443] netlink: 'syz.2.4357': attribute type 4 has an invalid length.
[  243.971771][T13292] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  244.005015][T16450] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  244.084720][T16458] loop3: detected capacity change from 0 to 2048
[  244.116493][T16462] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  244.149227][T16458] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  244.265031][T16458] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[  244.315304][T12695] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  244.423894][T16479] netlink: 'syz.0.4370': attribute type 4 has an invalid length.
[  244.777090][T16489] loop3: detected capacity change from 0 to 8192
[  245.051507][T16489]  loop3: p1 p3 p4
[  245.055412][T16489] loop3: p1 size 8452352 extends beyond EOD, truncated
[  245.063536][T16489] loop3: p3 size 589824 extends beyond EOD, truncated
[  245.186266][T16498] vlan2: entered promiscuous mode
[  245.222662][T16500] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4376'.
[  245.276820][   T29] kauditd_printk_skb: 127 callbacks suppressed
[  245.276838][   T29] audit: type=1326 audit(1747128260.164:6271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16507 comm="syz.1.4378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff20eece969 code=0x7ffc0000
[  245.324825][   T29] audit: type=1326 audit(1747128260.164:6272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16507 comm="syz.1.4378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff20eece969 code=0x7ffc0000
[  245.348696][   T29] audit: type=1326 audit(1747128260.164:6273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16507 comm="syz.1.4378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff20eece969 code=0x7ffc0000
[  245.372545][   T29] audit: type=1326 audit(1747128260.164:6274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16507 comm="syz.1.4378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff20eece969 code=0x7ffc0000
[  245.396114][   T29] audit: type=1326 audit(1747128260.164:6275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16507 comm="syz.1.4378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=154 compat=0 ip=0x7ff20eece969 code=0x7ffc0000
[  245.419862][   T29] audit: type=1326 audit(1747128260.164:6276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16507 comm="syz.1.4378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff20eece969 code=0x7ffc0000
[  245.443519][   T29] audit: type=1326 audit(1747128260.164:6277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16507 comm="syz.1.4378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7ff20eece969 code=0x7ffc0000
[  245.467231][   T29] audit: type=1326 audit(1747128260.164:6278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16507 comm="syz.1.4378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff20eece969 code=0x7ffc0000
[  245.490870][   T29] audit: type=1326 audit(1747128260.164:6279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16507 comm="syz.1.4378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7ff20eece969 code=0x7ffc0000
[  245.514456][   T29] audit: type=1326 audit(1747128260.164:6280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16507 comm="syz.1.4378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff20eece969 code=0x7ffc0000
[  245.781296][T16542] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4389'.
[  245.913145][T16545] bridge0: entered promiscuous mode
[  245.934632][T16545] vlan2: entered promiscuous mode
[  246.159113][T16569] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  246.254215][T16573] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  246.474648][T16585] vlan2: entered promiscuous mode
[  246.526722][T16587] 8021q: VLANs not supported on nlmon0
[  246.935015][T16616] 8021q: VLANs not supported on nlmon0
[  247.221229][T16632] SELinux: ebitmap: truncated map
[  247.238612][T16632] SELinux: failed to load policy
[  247.397992][T16648] loop4: detected capacity change from 0 to 2048
[  247.455384][T16648] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  247.502173][T16648] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[  247.626500][T13292] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  247.711973][T16672] loop3: detected capacity change from 0 to 2048
[  247.873293][T16672] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  247.948819][T16682] SELinux: ebitmap: truncated map
[  247.980355][T16682] SELinux: failed to load policy
[  248.059578][T12695] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  248.165172][T16697] 8021q: VLANs not supported on nlmon0
[  248.181326][T16699] vlan2: entered promiscuous mode
[  248.219121][T16707] vlan2: entered promiscuous mode
[  248.224358][T16707] ip6gretap0: entered promiscuous mode
[  248.411218][T16725] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  248.521961][T16735] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  248.543545][T16740] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  248.628382][T16748] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  248.675072][T16753] vlan2: entered promiscuous mode
[  249.071725][T16762] SELinux: ebitmap: truncated map
[  249.087715][T16762] SELinux: failed to load policy
[  249.114364][T16765] netlink: 'syz.4.4473': attribute type 21 has an invalid length.
[  249.124521][T16765] loop4: detected capacity change from 0 to 128
[  249.219250][T16772] syz.4.4473: attempt to access beyond end of device
[  249.219250][T16772] loop4: rw=0, sector=2067, nr_sectors = 1 limit=128
[  249.422102][T16802] 8021q: VLANs not supported on vcan0
[  249.505866][T16811] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  249.569976][T16822] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  249.596257][T16824] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  249.661164][T16826] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  250.235416][T16860] netlink: 'syz.4.4507': attribute type 21 has an invalid length.
[  250.245417][T16860] loop4: detected capacity change from 0 to 128
[  250.305195][T16867] syz.4.4507: attempt to access beyond end of device
[  250.305195][T16867] loop4: rw=0, sector=2067, nr_sectors = 1 limit=128
[  250.411930][T16871] 8021q: VLANs not supported on vcan0
[  250.495291][   T29] kauditd_printk_skb: 182 callbacks suppressed
[  250.495309][   T29] audit: type=1326 audit(1747128265.384:6463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16885 comm="syz.3.4519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f54c9e969 code=0x7ffc0000
[  250.526256][   T29] audit: type=1326 audit(1747128265.384:6464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16885 comm="syz.3.4519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7f54c9e969 code=0x7ffc0000
[  250.550012][   T29] audit: type=1326 audit(1747128265.384:6465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16885 comm="syz.3.4519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f54c9e969 code=0x7ffc0000
[  250.573724][   T29] audit: type=1326 audit(1747128265.384:6466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16885 comm="syz.3.4519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f54c9e969 code=0x7ffc0000
[  250.573787][   T29] audit: type=1326 audit(1747128265.384:6467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16885 comm="syz.3.4519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7f54c9e969 code=0x7ffc0000
[  250.573813][   T29] audit: type=1326 audit(1747128265.384:6468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16885 comm="syz.3.4519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f54c9e969 code=0x7ffc0000
[  250.573884][   T29] audit: type=1326 audit(1747128265.384:6469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16885 comm="syz.3.4519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f7f54c9e969 code=0x7ffc0000
[  250.573908][   T29] audit: type=1326 audit(1747128265.384:6470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16885 comm="syz.3.4519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f54c9e969 code=0x7ffc0000
[  250.693842][   T29] audit: type=1326 audit(1747128265.384:6471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16885 comm="syz.3.4519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7f54c9e969 code=0x7ffc0000
[  250.717288][   T29] audit: type=1326 audit(1747128265.384:6472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16885 comm="syz.3.4519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f54c9e969 code=0x7ffc0000
[  251.185570][T16908] 8021q: VLANs not supported on vcan0
[  251.260127][T16910] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  251.364000][T16915] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  251.651972][T16948] 8021q: VLANs not supported on vcan0
[  251.751496][T16914] loop4: detected capacity change from 0 to 32768
[  251.861380][T16914]  loop4: p1 p3 < p5 p6 >
[  252.365224][T16966] bridge0: entered promiscuous mode
[  252.385388][T16966] vlan2: entered promiscuous mode
[  252.476624][T16978] vlan2: entered promiscuous mode
[  253.013130][T17025] vlan2: entered promiscuous mode
[  253.033117][T17023] SELinux: ebitmap: truncated map
[  253.038853][T17023] SELinux: failed to load policy
[  253.113300][T17029] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  253.207799][T17029] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  253.439573][T17048] vlan2: entered promiscuous mode
[  254.092530][T17073] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  254.231635][T17083] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  254.274389][T17089] netlink: 'syz.0.4588': attribute type 21 has an invalid length.
[  254.333387][T17091] 8021q: VLANs not supported on nlmon0
[  254.714457][T17122] 8021q: VLANs not supported on nlmon0
[  254.775820][T17125] 8021q: VLANs not supported on vcan0
[  254.835932][T17129] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  255.009527][T17137] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  255.147031][T17153] 8021q: VLANs not supported on nlmon0
[  255.464876][T17163] loop3: detected capacity change from 0 to 512
[  255.477960][T17166] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  255.504836][T17163] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  255.550744][T17163] EXT4-fs (loop3): orphan cleanup on readonly fs
[  255.559673][T17171] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  255.686500][T17163] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #16: comm syz.3.4616: corrupted inode contents
[  255.731774][T17163] EXT4-fs (loop3): Remounting filesystem read-only
[  255.739066][T17163] EXT4-fs (loop3): 1 truncate cleaned up
[  255.745651][T13097] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  255.756344][T13097] __quota_error: 203 callbacks suppressed
[  255.756359][T13097] Quota error (device loop3): write_blk: dquota write failed
[  255.769503][T13097] Quota error (device loop3): remove_free_dqentry: Can't write block (5) with free entries
[  255.779579][T13097] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  255.790404][T13097] Quota error (device loop3): write_blk: dquota write failed
[  255.797839][T13097] Quota error (device loop3): free_dqentry: Can't move quota data block (5) to free list
[  255.810959][T13097] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  255.821173][T13097] Quota error (device loop3): v2_write_file_info: Can't write info structure
[  255.830939][T13097] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  255.858127][T17163] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  255.903867][T17186] 8021q: VLANs not supported on nlmon0
[  255.921042][T17163] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  255.928291][   T29] audit: type=1326 audit(1747128270.814:6676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17187 comm="syz.4.4623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12ac20e969 code=0x7ffc0000
[  255.970562][   T29] audit: type=1326 audit(1747128270.844:6677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17187 comm="syz.4.4623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=219 compat=0 ip=0x7f12ac20e969 code=0x7ffc0000
[  255.994221][   T29] audit: type=1326 audit(1747128270.844:6678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17187 comm="syz.4.4623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12ac20e969 code=0x7ffc0000
[  256.127870][T17200] loop4: detected capacity change from 0 to 2048
[  256.372353][T17200]  loop4: p1 < > p4
[  256.383252][T17211] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  256.401409][T17200] loop4: p4 size 8388608 extends beyond EOD, truncated
[  256.446613][T17200] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4628'.
[  256.706309][   T29] audit: type=1326 audit(1747128271.584:6679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17219 comm="syz.4.4632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12ac20e969 code=0x7ffc0000
[  256.716270][T17214] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  256.745310][T17222] 8021q: VLANs not supported on nlmon0
[  256.758196][T17218] SELinux: ebitmap: truncated map
[  256.774176][T17218] SELinux: failed to load policy
[  257.007157][T17231] vlan2: entered promiscuous mode
[  257.344751][T17260] netlink: 'syz.0.4649': attribute type 4 has an invalid length.
[  257.705115][T17276] vlan2: entered promiscuous mode
[  257.756364][T17282] netlink: 'syz.4.4656': attribute type 4 has an invalid length.
[  257.822645][T17287] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  257.944535][T17293] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  258.028370][T17295] loop3: detected capacity change from 0 to 2048
[  258.090983][T17295]  loop3: p1 < > p4
[  258.095460][T17295] loop3: p4 size 8388608 extends beyond EOD, truncated
[  258.144921][T17295] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4660'.
[  258.299534][T17310] netlink: 'syz.1.4665': attribute type 21 has an invalid length.
[  258.704080][T17345] loop4: detected capacity change from 0 to 512
[  258.714437][T17342] vlan2: entered promiscuous mode
[  258.752726][T17345] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  258.762685][T17345] EXT4-fs (loop4): orphan cleanup on readonly fs
[  258.775891][T17345] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #16: comm syz.4.4676: corrupted inode contents
[  258.866404][T17345] EXT4-fs (loop4): Remounting filesystem read-only
[  258.873521][T17345] EXT4-fs (loop4): 1 truncate cleaned up
[  258.880870][   T12] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  258.891491][   T12] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  258.926346][T17360] SELinux: ebitmap: truncated map
[  258.935983][   T12] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  258.946859][T17360] SELinux: failed to load policy
[  258.971066][T17345] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  258.996474][T17345] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.294499][  T270] failed while handling packet from 1:16384
[  259.354928][T17407] loop3: detected capacity change from 0 to 512
[  259.436310][T17407] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  259.471722][T17407] EXT4-fs (loop3): orphan cleanup on readonly fs
[  259.530676][T17407] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #16: comm syz.3.4700: corrupted inode contents
[  259.633096][T17407] EXT4-fs (loop3): Remounting filesystem read-only
[  259.691758][T17407] EXT4-fs (loop3): 1 truncate cleaned up
[  259.697691][T13112] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  259.708305][T13112] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  259.770417][T13112] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  259.799358][T17407] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  259.853041][T17407] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.927636][T17450] 8021q: VLANs not supported on vcan0
[  259.999982][T17456] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  260.220698][T17468] 8021q: VLANs not supported on vcan0
[  260.233523][T17464] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  260.418969][T17487] 8021q: VLANs not supported on vcan0
[  260.776678][T17508] loop4: detected capacity change from 0 to 2048
[  260.840888][T17512] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4739'.
[  260.854872][T17508] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  260.920697][T17508] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[  260.941319][   T29] kauditd_printk_skb: 77 callbacks suppressed
[  260.941337][   T29] audit: type=1326 audit(1747128275.824:6745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17522 comm="syz.1.4742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff20eece969 code=0x7ffc0000
[  260.971068][   T29] audit: type=1326 audit(1747128275.834:6746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17522 comm="syz.1.4742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff20eece969 code=0x7ffc0000
[  260.994729][   T29] audit: type=1326 audit(1747128275.834:6747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17522 comm="syz.1.4742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7ff20eece969 code=0x7ffc0000
[  261.018377][   T29] audit: type=1326 audit(1747128275.834:6748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17522 comm="syz.1.4742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff20eece969 code=0x7ffc0000
[  261.042026][   T29] audit: type=1326 audit(1747128275.834:6749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17522 comm="syz.1.4742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff20eece969 code=0x7ffc0000
[  261.065901][   T29] audit: type=1326 audit(1747128275.834:6750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17522 comm="syz.1.4742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff20eece969 code=0x7ffc0000
[  261.090855][   T29] audit: type=1326 audit(1747128275.884:6751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17522 comm="syz.1.4742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff20eece969 code=0x7ffc0000
[  261.114501][   T29] audit: type=1326 audit(1747128275.884:6752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17522 comm="syz.1.4742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=154 compat=0 ip=0x7ff20eece969 code=0x7ffc0000
[  261.138102][   T29] audit: type=1326 audit(1747128275.934:6753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17524 comm="syz.3.4743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f54c9e969 code=0x7ffc0000
[  261.151751][T17529] 8021q: VLANs not supported on vcan0
[  261.161829][   T29] audit: type=1326 audit(1747128275.934:6754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17524 comm="syz.3.4743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f54c9e969 code=0x7ffc0000
[  261.232663][T13292] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  261.283365][T17534] 8021q: VLANs not supported on vcan0
[  261.355540][T17536] loop4: detected capacity change from 0 to 512
[  261.394786][T17536] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  261.403552][T17536] EXT4-fs (loop4): orphan cleanup on readonly fs
[  261.412852][T17536] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #16: comm syz.4.4747: corrupted inode contents
[  261.425606][T17536] EXT4-fs (loop4): Remounting filesystem read-only
[  261.432997][T17536] EXT4-fs (loop4): 1 truncate cleaned up
[  261.438996][   T41] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  261.449742][   T41] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  261.460975][   T41] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  261.498241][T17536] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  261.583745][T17549] loop3: detected capacity change from 0 to 8192
[  261.604944][T17536] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  261.620922][T17549]  loop3: p1 p3 p4
[  261.624837][T17549] loop3: p1 size 8452352 extends beyond EOD, truncated
[  261.632787][T17549] loop3: p3 size 589824 extends beyond EOD, truncated
[  262.014637][T17566] 8021q: VLANs not supported on vcan0
[  262.027596][T17557] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4753'.
[  262.168945][T17573] loop4: detected capacity change from 0 to 8192
[  262.318568][T17573]  loop4: p1 p3 p4
[  262.322477][T17573] loop4: p1 size 8452352 extends beyond EOD, truncated
[  262.355006][T17573] loop4: p3 size 589824 extends beyond EOD, truncated
[  262.357317][T17575] 8021q: VLANs not supported on vcan0
[  262.633277][T17588] vlan2: entered promiscuous mode
[  262.654009][T17591] vlan2: entered promiscuous mode
[  262.788648][T17610] netlink: 'syz.1.4772': attribute type 21 has an invalid length.
[  262.857485][T17618] 8021q: VLANs not supported on vcan0
[  262.898066][T17619] loop3: detected capacity change from 0 to 8192
[  262.940888][T17619]  loop3: p1 p3 p4
[  262.944924][T17619] loop3: p1 size 8452352 extends beyond EOD, truncated
[  262.952509][T17619] loop3: p3 size 589824 extends beyond EOD, truncated
[  263.039039][T17631] vlan2: entered promiscuous mode
[  263.115233][T17633] SELinux: ebitmap: truncated map
[  263.125103][T17633] SELinux: failed to load policy
[  263.286008][T17648] vlan2: entered promiscuous mode
[  263.375620][T17654] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  263.780034][T17661] loop3: detected capacity change from 0 to 512
[  263.821632][T17663] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7)
[  263.828348][T17663] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  263.835975][T17663] vhci_hcd vhci_hcd.0: Device attached
[  263.851084][T17658] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  263.875150][T17670] netlink: 'syz.0.4791': attribute type 4 has an invalid length.
[  263.907889][T17668] vhci_hcd: connection closed
[  263.908080][  T270] vhci_hcd: stop threads
[  263.917134][  T270] vhci_hcd: release socket
[  263.921688][  T270] vhci_hcd: disconnect device
[  263.944718][T17675] 8021q: VLANs not supported on vcan0
[  263.947866][T17661] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  263.959163][T17661] EXT4-fs (loop3): orphan cleanup on readonly fs
[  263.967862][T17661] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #16: comm syz.3.4789: corrupted inode contents
[  263.984835][T17661] EXT4-fs (loop3): Remounting filesystem read-only
[  264.014912][T17661] EXT4-fs (loop3): 1 truncate cleaned up
[  264.029224][T13112] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  264.039829][T13112] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  264.075210][T13112] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  264.090268][T17661] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  264.127152][T17682] SELinux: ebitmap: truncated map
[  264.133109][T17661] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  264.143702][T17682] SELinux: failed to load policy
[  264.299308][T17698] netlink: 'syz.3.4801': attribute type 21 has an invalid length.
[  264.310178][T17698] loop3: detected capacity change from 0 to 128
[  264.312917][T17695] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  264.370148][T17702] syz.3.4801: attempt to access beyond end of device
[  264.370148][T17702] loop3: rw=0, sector=2067, nr_sectors = 1 limit=128
[  264.410806][T17704] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  264.507471][T17717] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  264.555081][T17723] 8021q: VLANs not supported on vcan0
[  264.612168][T17724] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  264.667538][T17728] vlan2: entered promiscuous mode
[  264.838192][T17731] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  264.962136][T17732] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  265.140101][T17734] netlink: 'syz.4.4812': attribute type 4 has an invalid length.
[  265.195875][T17738] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[  265.202439][T17738] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  265.210315][T17738] vhci_hcd vhci_hcd.0: Device attached
[  265.219287][T17748] vhci_hcd: connection closed
[  265.219396][T13112] vhci_hcd: stop threads
[  265.228654][T13112] vhci_hcd: release socket
[  265.233161][T13112] vhci_hcd: disconnect device
[  265.376840][T17766] vlan2: entered promiscuous mode
[  265.413361][T17772] netlink: 'syz.3.4824': attribute type 21 has an invalid length.
[  265.426045][T17772] loop3: detected capacity change from 0 to 128
[  265.530617][T17775] syz.3.4824: attempt to access beyond end of device
[  265.530617][T17775] loop3: rw=0, sector=2067, nr_sectors = 1 limit=128
[  266.035643][T17780] loop4: detected capacity change from 0 to 8192
[  266.081165][T17780]  loop4: p1 p3 p4
[  266.084983][T17780] loop4: p1 size 8452352 extends beyond EOD, truncated
[  266.096854][T17785] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  266.106626][T17780] loop4: p3 size 589824 extends beyond EOD, truncated
[  266.253044][T17786] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  266.265291][T17797] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  266.297517][T17799] loop3: detected capacity change from 0 to 2048
[  266.313179][T17799] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  266.327008][T17799] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[  266.358812][T17803] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  266.369067][T12695] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.527317][T17807] loop4: detected capacity change from 0 to 2048
[  266.690879][T17807]  loop4: p1 < > p4
[  266.695360][T17807] loop4: p4 size 8388608 extends beyond EOD, truncated
[  266.717079][T17807] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4834'.
[  266.819289][   T29] kauditd_printk_skb: 207 callbacks suppressed
[  266.819305][   T29] audit: type=1326 audit(1747128281.704:6950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17817 comm="syz.4.4836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12ac20e969 code=0x7ffc0000
[  266.849366][   T29] audit: type=1326 audit(1747128281.704:6951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17817 comm="syz.4.4836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12ac20e969 code=0x7ffc0000
[  266.873017][   T29] audit: type=1326 audit(1747128281.704:6952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17817 comm="syz.4.4836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=219 compat=0 ip=0x7f12ac20e969 code=0x7ffc0000
[  266.896904][   T29] audit: type=1326 audit(1747128281.704:6953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17817 comm="syz.4.4836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12ac20e969 code=0x7ffc0000
[  266.920724][   T29] audit: type=1326 audit(1747128281.704:6954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17817 comm="syz.4.4836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12ac20e969 code=0x7ffc0000
[  266.969500][   T29] audit: type=1326 audit(1747128281.854:6955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17823 comm="syz.4.4838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12ac20e969 code=0x7ffc0000
[  266.993337][   T29] audit: type=1326 audit(1747128281.854:6956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17823 comm="syz.4.4838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12ac20e969 code=0x7ffc0000
[  267.016928][   T29] audit: type=1326 audit(1747128281.854:6957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17823 comm="syz.4.4838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7f12ac20e969 code=0x7ffc0000
[  267.040562][   T29] audit: type=1326 audit(1747128281.854:6958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17823 comm="syz.4.4838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12ac20e969 code=0x7ffc0000
[  267.064249][   T29] audit: type=1326 audit(1747128281.854:6959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17823 comm="syz.4.4838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f12ac20e969 code=0x7ffc0000
[  267.252542][T17845] vlan2: entered promiscuous mode
[  267.262885][T17843] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[  267.269574][T17843] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  267.272620][T17855] 8021q: VLANs not supported on vcan0
[  267.277241][T17843] vhci_hcd vhci_hcd.0: Device attached
[  267.297970][T17853] vhci_hcd: connection closed
[  267.298187][T13107] vhci_hcd: stop threads
[  267.307311][T13107] vhci_hcd: release socket
[  267.311862][T13107] vhci_hcd: disconnect device
[  267.338597][T17859] 8021q: VLANs not supported on nlmon0
[  267.694665][T17881] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  267.719783][T17883] loop4: detected capacity change from 0 to 2048
[  267.732223][T17883] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  267.748630][T17883] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[  267.778665][T17886] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  267.871713][T13292] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  268.011125][T17897] loop4: detected capacity change from 0 to 512
[  268.085703][T17897] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  268.125779][T17906] netlink: 'syz.1.4863': attribute type 21 has an invalid length.
[  268.188533][T17897] EXT4-fs (loop4): orphan cleanup on readonly fs
[  268.237380][T17897] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #16: comm syz.4.4860: corrupted inode contents
[  268.266603][T17892] loop3: detected capacity change from 0 to 32768
[  268.301241][T17897] EXT4-fs (loop4): Remounting filesystem read-only
[  268.321005][T17892]  loop3: p1 p3 < p5 p6 >
[  268.480783][T17897] EXT4-fs (loop4): 1 truncate cleaned up
[  268.486750][  T270] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  268.497389][  T270] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  268.514952][  T270] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  268.527160][T17897] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  268.540286][T17897] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  268.697602][T17916] loop3: detected capacity change from 0 to 8192
[  268.731402][T17916]  loop3: p1 p3 p4
[  268.735284][T17916] loop3: p1 size 8452352 extends beyond EOD, truncated
[  268.755412][T17916] loop3: p3 size 589824 extends beyond EOD, truncated
[  269.175010][T17945] 8021q: VLANs not supported on vcan0
[  269.679567][T17958] loop3: detected capacity change from 0 to 512
[  269.751464][T17958] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  269.759639][T17958] EXT4-fs (loop3): orphan cleanup on readonly fs
[  269.768705][T17958] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #16: comm syz.3.4880: corrupted inode contents
[  269.783255][T17958] EXT4-fs (loop3): Remounting filesystem read-only
[  269.790210][T17958] EXT4-fs (loop3): 1 truncate cleaned up
[  269.796266][T13097] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  269.806952][T13097] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  269.818024][T13097] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  269.829329][T17958] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  269.842601][T17958] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  271.781240][T18076] 8021q: VLANs not supported on vcan0
[  271.925731][   T29] kauditd_printk_skb: 336 callbacks suppressed
[  271.925749][   T29] audit: type=1326 audit(1747128286.814:7284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18077 comm="syz.4.4916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12ac20e969 code=0x7ffc0000
[  271.973591][T18080] netlink: 'syz.1.4918': attribute type 21 has an invalid length.
[  271.977799][   T29] audit: type=1326 audit(1747128286.814:7285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18077 comm="syz.4.4916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12ac20e969 code=0x7ffc0000
[  272.005101][   T29] audit: type=1326 audit(1747128286.824:7286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18077 comm="syz.4.4916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f12ac20e969 code=0x7ffc0000
[  272.029000][   T29] audit: type=1326 audit(1747128286.824:7287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18077 comm="syz.4.4916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12ac20e969 code=0x7ffc0000
[  272.053129][   T29] audit: type=1326 audit(1747128286.824:7288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18077 comm="syz.4.4916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f12ac20e969 code=0x7ffc0000
[  272.077419][   T29] audit: type=1326 audit(1747128286.824:7289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18077 comm="syz.4.4916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12ac20e969 code=0x7ffc0000
[  272.101227][   T29] audit: type=1326 audit(1747128286.824:7290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18077 comm="syz.4.4916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f12ac20e969 code=0x7ffc0000
[  272.104037][T18085] netlink: 'syz.4.4919': attribute type 21 has an invalid length.
[  272.124982][   T29] audit: type=1326 audit(1747128286.824:7291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18077 comm="syz.4.4916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12ac20e969 code=0x7ffc0000
[  272.125020][   T29] audit: type=1326 audit(1747128286.824:7292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18077 comm="syz.4.4916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f12ac20e969 code=0x7ffc0000
[  272.180161][   T29] audit: type=1326 audit(1747128286.824:7293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18077 comm="syz.4.4916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12ac20e969 code=0x7ffc0000
[  272.276145][T18085] loop4: detected capacity change from 0 to 128
[  272.359951][T18091] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4923'.
[  272.375496][T18095] syz.4.4919: attempt to access beyond end of device
[  272.375496][T18095] loop4: rw=0, sector=2067, nr_sectors = 1 limit=128
[  272.696986][T18082] loop3: detected capacity change from 0 to 32768
[  272.761328][T18082]  loop3: p1 p3 < p5 p6 >
[  272.814855][T18111] vlan2: entered promiscuous mode
[  273.175154][T18117] 8021q: VLANs not supported on vcan0
[  273.281447][T18119] 8021q: VLANs not supported on nlmon0
[  273.426434][T18127] loop4: detected capacity change from 0 to 512
[  273.477580][T18127] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  273.521968][T18127] EXT4-fs (loop4): orphan cleanup on readonly fs
[  273.537599][T18127] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #16: comm syz.4.4934: corrupted inode contents
[  273.550094][T18127] EXT4-fs (loop4): Remounting filesystem read-only
[  273.556855][T18127] EXT4-fs (loop4): 1 truncate cleaned up
[  273.582030][  T270] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  273.592603][  T270] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  273.610833][  T270] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  273.621494][T18127] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  273.651321][T18127] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  273.706576][T18142] netlink: 'syz.2.4940': attribute type 21 has an invalid length.
[  273.810574][T18149] loop4: detected capacity change from 0 to 512
[  273.854867][T18149] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  273.864588][T18149] EXT4-fs (loop4): orphan cleanup on readonly fs
[  273.874227][T18149] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #16: comm syz.4.4942: corrupted inode contents
[  273.899767][T18161] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  273.909344][T18157] 8021q: VLANs not supported on nlmon0
[  273.943030][T18149] EXT4-fs (loop4): Remounting filesystem read-only
[  273.953046][T18149] EXT4-fs (loop4): 1 truncate cleaned up
[  273.958957][   T12] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  273.969584][   T12] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  273.982021][   T12] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  273.993008][T18149] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  274.005953][T18149] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  274.042594][T18166] loop3: detected capacity change from 0 to 2048
[  274.065657][T18165] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  274.142140][T18166] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  274.205380][T18166] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[  274.270760][T12695] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  274.514395][T18199] 8021q: VLANs not supported on nlmon0
[  274.844880][T18216] loop4: detected capacity change from 0 to 2048
[  274.932376][T18216] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  275.019964][T18216] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[  275.161123][T13292] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  275.181424][T18246] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  275.415080][T18257] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  276.300896][T18278] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  276.316582][T18280] loop3: detected capacity change from 0 to 2048
[  276.406315][T18297] netlink: 'syz.0.4991': attribute type 21 has an invalid length.
[  276.415527][T18289] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  276.467188][T18280] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  276.535563][T18280] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[  276.575605][T18305] vlan2: entered promiscuous mode
[  276.708859][T18307] netlink: 'syz.1.4995': attribute type 21 has an invalid length.
[  276.740242][T12695] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  277.162781][   T29] kauditd_printk_skb: 272 callbacks suppressed
[  277.162799][   T29] audit: type=1326 audit(1747128292.054:7554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18314 comm="syz.3.4998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f54c9e969 code=0x7ffc0000
[  277.196778][   T29] audit: type=1326 audit(1747128292.054:7555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18314 comm="syz.3.4998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=219 compat=0 ip=0x7f7f54c9e969 code=0x7ffc0000
[  277.221019][   T29] audit: type=1326 audit(1747128292.054:7556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18314 comm="syz.3.4998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f54c9e969 code=0x7ffc0000
[  277.338054][   T29] audit: type=1326 audit(1747128292.194:7557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18325 comm="syz.3.5004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f54c9e969 code=0x7ffc0000
[  277.361771][   T29] audit: type=1326 audit(1747128292.194:7558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18325 comm="syz.3.5004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7f7f54c9e969 code=0x7ffc0000
[  277.385346][   T29] audit: type=1326 audit(1747128292.194:7559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18325 comm="syz.3.5004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f54c9e969 code=0x7ffc0000
[  277.408968][   T29] audit: type=1326 audit(1747128292.194:7560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18325 comm="syz.3.5004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7f54c9e969 code=0x7ffc0000
[  277.432625][   T29] audit: type=1326 audit(1747128292.194:7561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18325 comm="syz.3.5004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f54c9e969 code=0x7ffc0000
[  277.456769][   T29] audit: type=1326 audit(1747128292.194:7562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18325 comm="syz.3.5004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=154 compat=0 ip=0x7f7f54c9e969 code=0x7ffc0000
[  277.481047][   T29] audit: type=1326 audit(1747128292.194:7563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18325 comm="syz.3.5004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f54c9e969 code=0x7ffc0000
[  277.657738][T18343] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  277.744190][T18354] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  277.796507][T18349] loop3: detected capacity change from 0 to 8192
[  277.903047][T18349]  loop3: p1 p3 p4
[  277.923790][T18349] loop3: p1 size 8452352 extends beyond EOD, truncated
[  277.983903][T18349] loop3: p3 size 589824 extends beyond EOD, truncated
[  278.858756][T18396] vlan2: entered promiscuous mode
[  279.172445][T18413] 8021q: VLANs not supported on vcan0
[  279.180663][T18410] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5033'.
[  279.325855][T18421] 8021q: VLANs not supported on vcan0
[  279.702776][T18434] loop3: detected capacity change from 0 to 512
[  279.819847][T18445] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  279.831716][T18434] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  279.907103][T18434] EXT4-fs (loop3): orphan cleanup on readonly fs
[  279.945427][T18448] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  280.012275][T18434] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #16: comm syz.3.5042: corrupted inode contents
[  280.115709][T18434] EXT4-fs (loop3): Remounting filesystem read-only
[  280.129113][T18434] EXT4-fs (loop3): 1 truncate cleaned up
[  280.136181][  T270] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  280.146876][  T270] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  280.244968][  T270] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  280.284548][T18434] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  280.368342][T18434] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  280.725834][T18467] loop4: detected capacity change from 0 to 8192
[  280.879705][T18486] 8021q: VLANs not supported on vcan0
[  280.885522][T18467]  loop4: p1 p3 p4
[  280.891803][T18467] loop4: p1 size 8452352 extends beyond EOD, truncated
[  280.961250][T18467] loop4: p3 size 589824 extends beyond EOD, truncated
[  281.463499][T18513] loop3: detected capacity change from 0 to 512
[  281.504915][T18513] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  281.514763][T18513] EXT4-fs (loop3): orphan cleanup on readonly fs
[  281.534414][T18513] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #16: comm syz.3.5066: corrupted inode contents
[  281.571582][T18513] EXT4-fs (loop3): Remounting filesystem read-only
[  281.630810][T18513] EXT4-fs (loop3): 1 truncate cleaned up
[  281.641183][T13097] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  281.652236][T13097] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  281.711621][T13097] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  281.736493][T18524] netlink: 'syz.0.5068': attribute type 21 has an invalid length.
[  281.736652][T18513] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  281.772581][T18513] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  281.990486][T18531] vlan2: entered promiscuous mode
[  282.187880][   T29] kauditd_printk_skb: 222 callbacks suppressed
[  282.187897][   T29] audit: type=1326 audit(1747128297.074:7774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18542 comm="syz.1.5076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff20eece969 code=0x7ffc0000
[  282.251638][   T29] audit: type=1326 audit(1747128297.104:7775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18542 comm="syz.1.5076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff20eece969 code=0x7ffc0000
[  282.275829][   T29] audit: type=1326 audit(1747128297.104:7776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18542 comm="syz.1.5076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff20eece969 code=0x7ffc0000
[  282.299424][   T29] audit: type=1326 audit(1747128297.104:7777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18542 comm="syz.1.5076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff20eece969 code=0x7ffc0000
[  282.322897][   T29] audit: type=1326 audit(1747128297.114:7778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18542 comm="syz.1.5076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff20eece969 code=0x7ffc0000
[  282.346601][   T29] audit: type=1326 audit(1747128297.114:7779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18542 comm="syz.1.5076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff20eece969 code=0x7ffc0000
[  282.370112][   T29] audit: type=1326 audit(1747128297.124:7780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18542 comm="syz.1.5076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7ff20eece969 code=0x7ffc0000
[  282.393543][   T29] audit: type=1326 audit(1747128297.124:7781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18542 comm="syz.1.5076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff20eece969 code=0x7ffc0000
[  282.417091][   T29] audit: type=1326 audit(1747128297.124:7782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18542 comm="syz.1.5076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff20eece969 code=0x7ffc0000
[  282.440768][   T29] audit: type=1326 audit(1747128297.124:7783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18542 comm="syz.1.5076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff20eece969 code=0x7ffc0000
[  282.671990][T18559] loop4: detected capacity change from 0 to 2048
[  282.702956][T18564] 8021q: VLANs not supported on vcan0
[  282.741171][T18559]  loop4: p1 < > p4
[  282.746212][T18559] loop4: p4 size 8388608 extends beyond EOD, truncated
[  282.819330][T18572] 8021q: VLANs not supported on vcan0
[  282.835922][T18559] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5080'.
[  282.852934][T18575] vlan2: entered promiscuous mode
[  282.893585][T18578] netlink: 'syz.3.5090': attribute type 21 has an invalid length.
[  282.925811][T18578] loop3: detected capacity change from 0 to 128
[  283.028460][T18594] syz.3.5090: attempt to access beyond end of device
[  283.028460][T18594] loop3: rw=0, sector=2067, nr_sectors = 1 limit=128
[  283.060230][T18592] loop4: detected capacity change from 0 to 2048
[  283.225034][T18592] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  283.304948][T18592] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[  283.781178][T13292] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  284.102221][T18629] vlan2: entered promiscuous mode
[  284.140750][T18634] 8021q: VLANs not supported on vcan0
[  284.252275][T18642] netlink: 'syz.4.5110': attribute type 21 has an invalid length.
[  284.264176][T18642] loop4: detected capacity change from 0 to 128
[  284.324982][T18645] syz.4.5110: attempt to access beyond end of device
[  284.324982][T18645] loop4: rw=0, sector=2067, nr_sectors = 1 limit=128
[  284.469632][T18650] FAULT_INJECTION: forcing a failure.
[  284.469632][T18650] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  284.482840][T18650] CPU: 1 UID: 0 PID: 18650 Comm: syz.0.5113 Not tainted 6.15.0-rc6-syzkaller-00047-ge9565e23cd89 #0 PREEMPT(voluntary) 
[  284.482867][T18650] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  284.482958][T18650] Call Trace:
[  284.482966][T18650]  <TASK>
[  284.482973][T18650]  __dump_stack+0x1d/0x30
[  284.482995][T18650]  dump_stack_lvl+0xe8/0x140
[  284.483012][T18650]  dump_stack+0x15/0x1b
[  284.483039][T18650]  should_fail_ex+0x265/0x280
[  284.483213][T18650]  should_fail+0xb/0x20
[  284.483363][T18650]  should_fail_usercopy+0x1a/0x20
[  284.483385][T18650]  _copy_from_iter+0xcf/0xdd0
[  284.483463][T18650]  ? __build_skb_around+0x1a0/0x200
[  284.483498][T18650]  ? __alloc_skb+0x223/0x320
[  284.483525][T18650]  netlink_sendmsg+0x471/0x6b0
[  284.483544][T18650]  ? __pfx_netlink_sendmsg+0x10/0x10
[  284.483630][T18650]  __sock_sendmsg+0x142/0x180
[  284.483657][T18650]  ____sys_sendmsg+0x31e/0x4e0
[  284.483683][T18650]  ___sys_sendmsg+0x17b/0x1d0
[  284.483768][T18650]  __x64_sys_sendmsg+0xd4/0x160
[  284.483822][T18650]  x64_sys_call+0x2999/0x2fb0
[  284.483845][T18650]  do_syscall_64+0xd0/0x1a0
[  284.483866][T18650]  ? clear_bhb_loop+0x40/0x90
[  284.483995][T18650]  ? clear_bhb_loop+0x40/0x90
[  284.484082][T18650]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  284.484164][T18650] RIP: 0033:0x7f240224e969
[  284.484179][T18650] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  284.484260][T18650] RSP: 002b:00007f24008b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  284.484279][T18650] RAX: ffffffffffffffda RBX: 00007f2402475fa0 RCX: 00007f240224e969
[  284.484291][T18650] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  284.484305][T18650] RBP: 00007f24008b7090 R08: 0000000000000000 R09: 0000000000000000
[  284.484319][T18650] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  284.484333][T18650] R13: 0000000000000000 R14: 00007f2402475fa0 R15: 00007ffea531d898
[  284.484353][T18650]  </TASK>
[  284.492465][T18644] 8021q: VLANs not supported on vcan0
[  284.913250][T18662] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5116'.
[  285.202915][T18683] FAULT_INJECTION: forcing a failure.
[  285.202915][T18683] name failslab, interval 1, probability 0, space 0, times 0
[  285.215612][T18683] CPU: 0 UID: 0 PID: 18683 Comm: syz.4.5121 Not tainted 6.15.0-rc6-syzkaller-00047-ge9565e23cd89 #0 PREEMPT(voluntary) 
[  285.215640][T18683] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  285.215654][T18683] Call Trace:
[  285.215663][T18683]  <TASK>
[  285.215671][T18683]  __dump_stack+0x1d/0x30
[  285.215718][T18683]  dump_stack_lvl+0xe8/0x140
[  285.215741][T18683]  dump_stack+0x15/0x1b
[  285.215757][T18683]  should_fail_ex+0x265/0x280
[  285.215867][T18683]  should_failslab+0x8c/0xb0
[  285.215902][T18683]  kmem_cache_alloc_noprof+0x50/0x310
[  285.215919][T18683]  ? security_file_alloc+0x32/0x100
[  285.215949][T18683]  security_file_alloc+0x32/0x100
[  285.216039][T18683]  init_file+0x5c/0x1d0
[  285.216055][T18683]  alloc_empty_file+0x8b/0x200
[  285.216071][T18683]  alloc_file_pseudo+0xc6/0x160
[  285.216089][T18683]  __shmem_file_setup+0x1b9/0x1f0
[  285.216135][T18683]  shmem_file_setup+0x3b/0x50
[  285.216231][T18683]  __se_sys_memfd_create+0x2c3/0x590
[  285.216303][T18683]  __x64_sys_memfd_create+0x31/0x40
[  285.216363][T18683]  x64_sys_call+0x122f/0x2fb0
[  285.216382][T18683]  do_syscall_64+0xd0/0x1a0
[  285.216401][T18683]  ? clear_bhb_loop+0x40/0x90
[  285.216419][T18683]  ? clear_bhb_loop+0x40/0x90
[  285.216514][T18683]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  285.216532][T18683] RIP: 0033:0x7f12ac20e969
[  285.216545][T18683] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  285.216613][T18683] RSP: 002b:00007f12aa834d68 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  285.216630][T18683] RAX: ffffffffffffffda RBX: 000000000000104f RCX: 00007f12ac20e969
[  285.216651][T18683] RDX: 00007f12aa834dec RSI: 0000000000000000 RDI: 00007f12ac291444
[  285.216662][T18683] RBP: 0000200000001200 R08: 00007f12aa834b07 R09: 0000000000000000
[  285.216673][T18683] R10: 000000000000000a R11: 0000000000000202 R12: 0000000000000001
[  285.216683][T18683] R13: 00007f12aa834dec R14: 00007f12aa834df0 R15: 00007fffb418d6a8
[  285.216699][T18683]  </TASK>
[  286.448743][T18691] loop3: detected capacity change from 0 to 1024
[  286.487423][T18693] 8021q: VLANs not supported on vcan0
[  286.513690][T18691] EXT4-fs: Ignoring removed bh option
[  286.554554][T18691] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback.
[  286.628864][T18701] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5130'.
[  286.659186][T18711] netlink: 'syz.0.5135': attribute type 10 has an invalid length.
[  286.682431][T18711] team0: Device hsr_slave_0 failed to register rx_handler
[  286.731841][T12695] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[  286.777624][T18715] netlink: 'syz.1.5132': attribute type 21 has an invalid length.
[  286.816445][T18724] netlink: 32 bytes leftover after parsing attributes in process `syz.3.5138'.
[  286.964378][T18734] 8021q: VLANs not supported on vcan0
[  287.213766][T18713] loop4: detected capacity change from 0 to 32768
[  287.293705][T18713]  loop4: p1 p3 < p5 p6 >
[  287.339523][T18742] loop3: detected capacity change from 0 to 512
[  287.475448][   T29] kauditd_printk_skb: 328 callbacks suppressed
[  287.475466][   T29] audit: type=1326 audit(1747128302.364:8112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18748 comm="syz.2.5148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbea6fe969 code=0x7ffc0000
[  287.528098][T18742] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  287.588771][   T29] audit: type=1326 audit(1747128302.394:8113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18748 comm="syz.2.5148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fcbea6fe969 code=0x7ffc0000
[  287.612479][   T29] audit: type=1326 audit(1747128302.394:8114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18748 comm="syz.2.5148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbea6fe969 code=0x7ffc0000
[  287.636160][   T29] audit: type=1326 audit(1747128302.394:8115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18748 comm="syz.2.5148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fcbea6fe969 code=0x7ffc0000
[  287.660223][   T29] audit: type=1326 audit(1747128302.394:8116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18748 comm="syz.2.5148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbea6fe969 code=0x7ffc0000
[  287.683750][   T29] audit: type=1326 audit(1747128302.394:8117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18748 comm="syz.2.5148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcbea6fe969 code=0x7ffc0000
[  287.694875][T18742] ext4 filesystem being mounted at /365/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  287.707410][   T29] audit: type=1326 audit(1747128302.394:8118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18748 comm="syz.2.5148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbea6fe969 code=0x7ffc0000
[  287.707440][   T29] audit: type=1326 audit(1747128302.394:8119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18748 comm="syz.2.5148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcbea6fe969 code=0x7ffc0000
[  287.765512][   T29] audit: type=1326 audit(1747128302.394:8120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18748 comm="syz.2.5148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbea6fe969 code=0x7ffc0000
[  287.789199][   T29] audit: type=1326 audit(1747128302.394:8121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18748 comm="syz.2.5148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fcbea6fe969 code=0x7ffc0000
[  288.247854][T12695] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  288.359486][T18765] FAULT_INJECTION: forcing a failure.
[  288.359486][T18765] name failslab, interval 1, probability 0, space 0, times 0
[  288.372409][T18765] CPU: 0 UID: 0 PID: 18765 Comm: syz.1.5152 Not tainted 6.15.0-rc6-syzkaller-00047-ge9565e23cd89 #0 PREEMPT(voluntary) 
[  288.372437][T18765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  288.372454][T18765] Call Trace:
[  288.372462][T18765]  <TASK>
[  288.372471][T18765]  __dump_stack+0x1d/0x30
[  288.372497][T18765]  dump_stack_lvl+0xe8/0x140
[  288.372520][T18765]  dump_stack+0x15/0x1b
[  288.372540][T18765]  should_fail_ex+0x265/0x280
[  288.372577][T18765]  should_failslab+0x8c/0xb0
[  288.372700][T18765]  __kvmalloc_node_noprof+0x126/0x4d0
[  288.372761][T18765]  ? vmemdup_user+0x26/0xd0
[  288.372781][T18765]  ? should_fail_usercopy+0x1a/0x20
[  288.372811][T18765]  vmemdup_user+0x26/0xd0
[  288.372872][T18765]  path_setxattrat+0x1b6/0x310
[  288.372917][T18765]  __x64_sys_lsetxattr+0x71/0x90
[  288.372943][T18765]  x64_sys_call+0x1e36/0x2fb0
[  288.373025][T18765]  do_syscall_64+0xd0/0x1a0
[  288.373060][T18765]  ? clear_bhb_loop+0x40/0x90
[  288.373082][T18765]  ? clear_bhb_loop+0x40/0x90
[  288.373101][T18765]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  288.373120][T18765] RIP: 0033:0x7ff20eece969
[  288.373136][T18765] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  288.373152][T18765] RSP: 002b:00007ff20d537038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[  288.373244][T18765] RAX: ffffffffffffffda RBX: 00007ff20f0f5fa0 RCX: 00007ff20eece969
[  288.373259][T18765] RDX: 0000200000000840 RSI: 0000200000000700 RDI: 0000200000000680
[  288.373273][T18765] RBP: 00007ff20d537090 R08: 0000000000000001 R09: 0000000000000000
[  288.373286][T18765] R10: 000000000000002c R11: 0000000000000246 R12: 0000000000000001
[  288.373299][T18765] R13: 0000000000000000 R14: 00007ff20f0f5fa0 R15: 00007ffe055cf098
[  288.373318][T18765]  </TASK>
[  288.760606][T18769] SELinux:  Context system_u:object_r:iptables_initrc_exec_t:s0 is not valid (left unmapped).
[  289.173174][T18791] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  289.359587][T18799] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5163'.
[  289.425742][T18802] vlan2: entered promiscuous mode
[  289.997054][T18822] netlink: 36 bytes leftover after parsing attributes in process `syz.3.5170'.
[  290.142034][T18825] loop4: detected capacity change from 0 to 4096
[  290.212260][T18825] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  290.308700][T18838] vlan2: entered promiscuous mode
[  290.411073][T18845] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5173'.
[  290.424831][T18825] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  290.462444][T18836] 8021q: VLANs not supported on vcan0
[  290.499065][T18825] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5171'.
[  290.656382][T18852] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5171'.
[  290.666432][T18845] netlink: 36 bytes leftover after parsing attributes in process `syz.3.5173'.
[  291.178802][T18825] bridge_slave_1: left allmulticast mode
[  291.184904][T18825] bridge_slave_1: left promiscuous mode
[  291.190869][T18825] bridge0: port 2(bridge_slave_1) entered disabled state
[  291.211751][T18825] bridge_slave_0: left allmulticast mode
[  291.217539][T18825] bridge_slave_0: left promiscuous mode
[  291.223513][T18825] bridge0: port 1(bridge_slave_0) entered disabled state
[  291.231881][T18866] FAULT_INJECTION: forcing a failure.
[  291.231881][T18866] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  291.245482][T18866] CPU: 1 UID: 0 PID: 18866 Comm: syz.3.5182 Not tainted 6.15.0-rc6-syzkaller-00047-ge9565e23cd89 #0 PREEMPT(voluntary) 
[  291.245515][T18866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  291.245605][T18866] Call Trace:
[  291.245612][T18866]  <TASK>
[  291.245619][T18866]  __dump_stack+0x1d/0x30
[  291.245756][T18866]  dump_stack_lvl+0xe8/0x140
[  291.245774][T18866]  dump_stack+0x15/0x1b
[  291.245793][T18866]  should_fail_ex+0x265/0x280
[  291.245821][T18866]  should_fail+0xb/0x20
[  291.245873][T18866]  should_fail_usercopy+0x1a/0x20
[  291.245897][T18866]  _copy_from_user+0x1c/0xb0
[  291.245920][T18866]  inet6_ioctl+0xf1/0x190
[  291.245959][T18866]  sock_do_ioctl+0x70/0x220
[  291.246040][T18866]  sock_ioctl+0x41b/0x610
[  291.246075][T18866]  ? __pfx_sock_ioctl+0x10/0x10
[  291.246098][T18866]  __se_sys_ioctl+0xce/0x140
[  291.246125][T18866]  __x64_sys_ioctl+0x43/0x50
[  291.246149][T18866]  x64_sys_call+0x19a8/0x2fb0
[  291.246208][T18866]  do_syscall_64+0xd0/0x1a0
[  291.246235][T18866]  ? clear_bhb_loop+0x40/0x90
[  291.246325][T18866]  ? clear_bhb_loop+0x40/0x90
[  291.246380][T18866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  291.246404][T18866] RIP: 0033:0x7f7f54c9e969
[  291.246421][T18866] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  291.246438][T18866] RSP: 002b:00007f7f53307038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  291.246520][T18866] RAX: ffffffffffffffda RBX: 00007f7f54ec5fa0 RCX: 00007f7f54c9e969
[  291.246532][T18866] RDX: 0000200000000080 RSI: 000000000000890b RDI: 0000000000000004
[  291.246545][T18866] RBP: 00007f7f53307090 R08: 0000000000000000 R09: 0000000000000000
[  291.246558][T18866] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  291.246571][T18866] R13: 0000000000000000 R14: 00007f7f54ec5fa0 R15: 00007ffeb9d66e28
[  291.246591][T18866]  </TASK>
[  291.518639][T18852] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  291.529053][T18870] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5184'.
[  291.546581][T18870] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5184'.
[  291.555684][T18870] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5184'.
[  291.674075][T13292] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  291.800742][T18884] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5186'.
[  291.991441][T18892] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5191'.
[  292.001380][T18895] FAULT_INJECTION: forcing a failure.
[  292.001380][T18895] name failslab, interval 1, probability 0, space 0, times 0
[  292.014133][T18895] CPU: 1 UID: 0 PID: 18895 Comm: syz.2.5193 Not tainted 6.15.0-rc6-syzkaller-00047-ge9565e23cd89 #0 PREEMPT(voluntary) 
[  292.014230][T18895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  292.014321][T18895] Call Trace:
[  292.014328][T18895]  <TASK>
[  292.014335][T18895]  __dump_stack+0x1d/0x30
[  292.014356][T18895]  dump_stack_lvl+0xe8/0x140
[  292.014452][T18895]  dump_stack+0x15/0x1b
[  292.014467][T18895]  should_fail_ex+0x265/0x280
[  292.014525][T18895]  should_failslab+0x8c/0xb0
[  292.014560][T18895]  kmem_cache_alloc_noprof+0x50/0x310
[  292.014583][T18895]  ? getname_flags+0x80/0x3b0
[  292.014615][T18895]  getname_flags+0x80/0x3b0
[  292.014757][T18895]  __x64_sys_symlinkat+0x4d/0x70
[  292.014788][T18895]  x64_sys_call+0x1558/0x2fb0
[  292.014864][T18895]  do_syscall_64+0xd0/0x1a0
[  292.014955][T18895]  ? clear_bhb_loop+0x40/0x90
[  292.015011][T18895]  ? clear_bhb_loop+0x40/0x90
[  292.015032][T18895]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  292.015135][T18895] RIP: 0033:0x7fcbea6fe969
[  292.015153][T18895] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  292.015174][T18895] RSP: 002b:00007fcbe8d67038 EFLAGS: 00000246 ORIG_RAX: 000000000000010a
[  292.015258][T18895] RAX: ffffffffffffffda RBX: 00007fcbea925fa0 RCX: 00007fcbea6fe969
[  292.015273][T18895] RDX: 00002000000003c0 RSI: 0000000000000004 RDI: 0000200000000400
[  292.015288][T18895] RBP: 00007fcbe8d67090 R08: 0000000000000000 R09: 0000000000000000
[  292.015302][T18895] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  292.015314][T18895] R13: 0000000000000000 R14: 00007fcbea925fa0 R15: 00007ffe0b2b6b38
[  292.015330][T18895]  </TASK>
[  292.025126][T18896] vlan2: entered promiscuous mode
[  292.407278][T18907] 8021q: VLANs not supported on vcan0
[  292.452205][T18910] loop4: detected capacity change from 0 to 512
[  292.463946][T18910] journal_path: Non-blockdev passed as './bus'
[  292.470177][T18910] EXT4-fs: error: could not find journal device path
[  292.520368][   T29] kauditd_printk_skb: 236 callbacks suppressed
[  292.520386][   T29] audit: type=1326 audit(1747128307.404:8358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18887 comm="syz.3.5190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f54c9e969 code=0x7ffc0000
[  292.550307][   T29] audit: type=1326 audit(1747128307.404:8359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18887 comm="syz.3.5190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f54c9e969 code=0x7ffc0000
[  292.585307][   T29] audit: type=1400 audit(1747128307.464:8360): avc:  denied  { getopt } for  pid=18902 comm="syz.4.5196" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  292.863908][   T29] audit: type=1326 audit(1747128307.754:8361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18887 comm="syz.3.5190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7f54c9e969 code=0x7ffc0000
[  292.887780][   T29] audit: type=1326 audit(1747128307.754:8362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18887 comm="syz.3.5190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f54c9e969 code=0x7ffc0000
[  292.911470][   T29] audit: type=1326 audit(1747128307.754:8363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18887 comm="syz.3.5190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f54c9e969 code=0x7ffc0000
[  292.950163][T18927] loop4: detected capacity change from 0 to 2048
[  292.957711][   T29] audit: type=1326 audit(1747128307.834:8364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18887 comm="syz.3.5190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7f54c9e969 code=0x7ffc0000
[  292.981379][   T29] audit: type=1326 audit(1747128307.834:8365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18887 comm="syz.3.5190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f54c9e969 code=0x7ffc0000
[  293.005136][   T29] audit: type=1326 audit(1747128307.834:8366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18887 comm="syz.3.5190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f54c9e969 code=0x7ffc0000
[  293.017996][T18927] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  293.028692][   T29] audit: type=1326 audit(1747128307.834:8367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18887 comm="syz.3.5190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7f54c9e969 code=0x7ffc0000
[  293.056539][T18927] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[  293.120059][T13292] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  293.163694][T18942] FAULT_INJECTION: forcing a failure.
[  293.163694][T18942] name failslab, interval 1, probability 0, space 0, times 0
[  293.176434][T18942] CPU: 0 UID: 0 PID: 18942 Comm: syz.4.5206 Not tainted 6.15.0-rc6-syzkaller-00047-ge9565e23cd89 #0 PREEMPT(voluntary) 
[  293.176504][T18942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  293.176518][T18942] Call Trace:
[  293.176526][T18942]  <TASK>
[  293.176536][T18942]  __dump_stack+0x1d/0x30
[  293.176558][T18942]  dump_stack_lvl+0xe8/0x140
[  293.176576][T18942]  dump_stack+0x15/0x1b
[  293.176591][T18942]  should_fail_ex+0x265/0x280
[  293.176663][T18942]  should_failslab+0x8c/0xb0
[  293.176695][T18942]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  293.176885][T18942]  ? shmem_alloc_inode+0x34/0x50
[  293.176919][T18942]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  293.176987][T18942]  shmem_alloc_inode+0x34/0x50
[  293.177018][T18942]  alloc_inode+0x40/0x170
[  293.177047][T18942]  new_inode+0x1d/0xe0
[  293.177073][T18942]  shmem_get_inode+0x244/0x750
[  293.177203][T18942]  __shmem_file_setup+0x122/0x1f0
[  293.177225][T18942]  shmem_file_setup+0x3b/0x50
[  293.177247][T18942]  __se_sys_memfd_create+0x2c3/0x590
[  293.177277][T18942]  __x64_sys_memfd_create+0x31/0x40
[  293.177316][T18942]  x64_sys_call+0x122f/0x2fb0
[  293.177336][T18942]  do_syscall_64+0xd0/0x1a0
[  293.177357][T18942]  ? clear_bhb_loop+0x40/0x90
[  293.177375][T18942]  ? clear_bhb_loop+0x40/0x90
[  293.177394][T18942]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  293.177485][T18942] RIP: 0033:0x7f12ac20e969
[  293.177504][T18942] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  293.177579][T18942] RSP: 002b:00007f12aa876e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  293.177603][T18942] RAX: ffffffffffffffda RBX: 0000000000000438 RCX: 00007f12ac20e969
[  293.177618][T18942] RDX: 00007f12aa876ef0 RSI: 0000000000000000 RDI: 00007f12ac291444
[  293.177630][T18942] RBP: 0000200000000580 R08: 00007f12aa876bb7 R09: 00007f12aa876e40
[  293.177642][T18942] R10: 000000000000000a R11: 0000000000000202 R12: 00002000000001c0
[  293.177653][T18942] R13: 00007f12aa876ef0 R14: 00007f12aa876eb0 R15: 0000200000000480
[  293.177669][T18942]  </TASK>
[  293.408597][T18937] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[  293.415339][T18937] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  293.422915][T18937] vhci_hcd vhci_hcd.0: Device attached
[  293.438616][T18948] 8021q: VLANs not supported on vcan0
[  293.451931][T18937] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(5)
[  293.458525][T18937] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  293.466300][T18937] vhci_hcd vhci_hcd.0: Device attached
[  293.479834][T18937] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  293.489869][T18958] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  293.490600][T18937] vhci_hcd vhci_hcd.0: pdev(1) rhport(3) sockfd(9)
[  293.504838][T18937] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  293.512481][T18937] vhci_hcd vhci_hcd.0: Device attached
[  293.514388][T18958] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  293.520895][T18957] loop4: detected capacity change from 0 to 2048
[  293.539395][T18937] vhci_hcd vhci_hcd.0: pdev(1) rhport(4) sockfd(11)
[  293.546084][T18937] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  293.553903][T18937] vhci_hcd vhci_hcd.0: Device attached
[  293.560058][T18937] vhci_hcd vhci_hcd.0: pdev(1) rhport(5) sockfd(13)
[  293.566662][T18937] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  293.574287][T18937] vhci_hcd vhci_hcd.0: Device attached
[  293.580224][T18937] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  293.588928][T18937] vhci_hcd vhci_hcd.0: pdev(1) rhport(7) sockfd(17)
[  293.595534][T18937] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  293.600799][T18957]  loop4: p1 < > p4
[  293.603803][T18937] vhci_hcd vhci_hcd.0: Device attached
[  293.610916][ T3391] vhci_hcd: vhci_device speed not set
[  293.618499][T18957] loop4: p4 size 8388608 extends beyond EOD, truncated
[  293.661374][T18971] loop4: detected capacity change from 0 to 2048
[  293.670694][T18966] vhci_hcd: connection closed
[  293.670840][T18953] vhci_hcd: connection closed
[  293.670888][T13112] vhci_hcd: stop threads
[  293.675551][T18945] vhci_hcd: connection closed
[  293.680216][T13112] vhci_hcd: release socket
[  293.680227][T13112] vhci_hcd: disconnect device
[  293.680355][T18964] vhci_hcd: connection closed
[  293.684845][T18959] vhci_hcd: connection closed
[  293.689895][T18962] vhci_hcd: connection closed
[  293.693909][ T3391] usb 3-1: new full-speed USB device number 4 using vhci_hcd
[  293.700292][T13112] vhci_hcd: stop threads
[  293.703458][T18946] vhci_hcd: sendmsg failed!, ret=-32 for 48
[  293.707837][T13112] vhci_hcd: release socket
[  293.707852][T13112] vhci_hcd: disconnect device
[  293.709303][T18971] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  293.713657][T13112] vhci_hcd: stop threads
[  293.723084][T18971] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, 
[  293.724334][T13112] vhci_hcd: release socket
[  293.730229][T18971] block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[  293.734670][T13112] vhci_hcd: disconnect device
[  293.782041][T13112] vhci_hcd: stop threads
[  293.782880][T13292] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  293.786383][T13112] vhci_hcd: release socket
[  293.799724][T13112] vhci_hcd: disconnect device
[  293.804651][T13112] vhci_hcd: stop threads
[  293.808934][T13112] vhci_hcd: release socket
[  293.813422][T13112] vhci_hcd: disconnect device
[  293.818483][T13112] vhci_hcd: stop threads
[  293.822930][T13112] vhci_hcd: release socket
[  293.827377][T13112] vhci_hcd: disconnect device
[  294.945795][T19021] 8021q: VLANs not supported on vcan0
[  295.491266][T19056] __nla_validate_parse: 3 callbacks suppressed
[  295.491284][T19056] netlink: 830 bytes leftover after parsing attributes in process `syz.1.5241'.
[  295.794779][T19075] 8021q: VLANs not supported on nlmon0
[  295.817299][T19072] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5247'.
[  295.898317][T19081] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  295.991513][T19056] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  296.060182][T19056] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  296.466385][T19118] FAULT_INJECTION: forcing a failure.
[  296.466385][T19118] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  296.481113][T19118] CPU: 0 UID: 0 PID: 19118 Comm: syz.4.5264 Not tainted 6.15.0-rc6-syzkaller-00047-ge9565e23cd89 #0 PREEMPT(voluntary) 
[  296.481249][T19118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  296.481263][T19118] Call Trace:
[  296.481271][T19118]  <TASK>
[  296.481278][T19118]  __dump_stack+0x1d/0x30
[  296.481303][T19118]  dump_stack_lvl+0xe8/0x140
[  296.481322][T19118]  dump_stack+0x15/0x1b
[  296.481373][T19118]  should_fail_ex+0x265/0x280
[  296.481408][T19118]  should_fail+0xb/0x20
[  296.481434][T19118]  should_fail_usercopy+0x1a/0x20
[  296.481452][T19118]  strncpy_from_user+0x25/0x230
[  296.481519][T19118]  ? __kmalloc_cache_noprof+0x189/0x320
[  296.481573][T19118]  __se_sys_memfd_create+0x1ff/0x590
[  296.481603][T19118]  __x64_sys_memfd_create+0x31/0x40
[  296.481684][T19118]  x64_sys_call+0x122f/0x2fb0
[  296.481705][T19118]  do_syscall_64+0xd0/0x1a0
[  296.481800][T19118]  ? clear_bhb_loop+0x40/0x90
[  296.481820][T19118]  ? clear_bhb_loop+0x40/0x90
[  296.481838][T19118]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  296.481891][T19118] RIP: 0033:0x7f12ac20e969
[  296.481909][T19118] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  296.481930][T19118] RSP: 002b:00007f12aa876e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  296.482005][T19118] RAX: ffffffffffffffda RBX: 000000000000052f RCX: 00007f12ac20e969
[  296.482017][T19118] RDX: 00007f12aa876ef0 RSI: 0000000000000000 RDI: 00007f12ac291444
[  296.482034][T19118] RBP: 0000200000001e00 R08: 00007f12aa876bb7 R09: 00007f12aa876e40
[  296.482047][T19118] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000000
[  296.482090][T19118] R13: 00007f12aa876ef0 R14: 00007f12aa876eb0 R15: 0000200000000080
[  296.482160][T19118]  </TASK>
[  296.763730][T19121] FAULT_INJECTION: forcing a failure.
[  296.763730][T19121] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  296.777069][T19121] CPU: 0 UID: 0 PID: 19121 Comm: syz.4.5265 Not tainted 6.15.0-rc6-syzkaller-00047-ge9565e23cd89 #0 PREEMPT(voluntary) 
[  296.777096][T19121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  296.777155][T19121] Call Trace:
[  296.777163][T19121]  <TASK>
[  296.777171][T19121]  __dump_stack+0x1d/0x30
[  296.777191][T19121]  dump_stack_lvl+0xe8/0x140
[  296.777209][T19121]  dump_stack+0x15/0x1b
[  296.777225][T19121]  should_fail_ex+0x265/0x280
[  296.777259][T19121]  should_fail+0xb/0x20
[  296.777307][T19121]  should_fail_usercopy+0x1a/0x20
[  296.777342][T19121]  _copy_from_user+0x1c/0xb0
[  296.777365][T19121]  __sys_bind+0x106/0x2a0
[  296.777392][T19121]  __x64_sys_bind+0x3f/0x50
[  296.777494][T19121]  x64_sys_call+0x2086/0x2fb0
[  296.777514][T19121]  do_syscall_64+0xd0/0x1a0
[  296.777566][T19121]  ? clear_bhb_loop+0x40/0x90
[  296.777595][T19121]  ? clear_bhb_loop+0x40/0x90
[  296.777620][T19121]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  296.777643][T19121] RIP: 0033:0x7f12ac20e969
[  296.777658][T19121] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  296.777746][T19121] RSP: 002b:00007f12aa877038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  296.777765][T19121] RAX: ffffffffffffffda RBX: 00007f12ac435fa0 RCX: 00007f12ac20e969
[  296.777777][T19121] RDX: 0000000000000010 RSI: 0000200000000080 RDI: 0000000000000003
[  296.777789][T19121] RBP: 00007f12aa877090 R08: 0000000000000000 R09: 0000000000000000
[  296.777806][T19121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  296.777820][T19121] R13: 0000000000000000 R14: 00007f12ac435fa0 R15: 00007fffb418d6a8
[  296.777840][T19121]  </TASK>
[  297.143322][T19139] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  297.182725][T19143] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5274'.
[  297.206270][T19145] usb usb8: usbfs: process 19145 (syz.1.5275) did not claim interface 0 before use
[  297.218015][T19145] vhci_hcd: default hub control req: 010b v0000 i0000 l0
[  297.255796][T19148] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  297.294407][T19150] loop3: detected capacity change from 0 to 512
[  297.329499][T19152] netlink: 'syz.2.5277': attribute type 21 has an invalid length.
[  297.666316][T19150] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  297.674885][T19150] EXT4-fs (loop3): orphan cleanup on readonly fs
[  297.686042][T19150] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #16: comm syz.3.5276: corrupted inode contents
[  297.700935][T19150] EXT4-fs (loop3): Remounting filesystem read-only
[  297.707747][T19150] EXT4-fs (loop3): 1 truncate cleaned up
[  297.713604][T13107] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  297.724239][T13107] __quota_error: 217 callbacks suppressed
[  297.724255][T13107] Quota error (device loop3): write_blk: dquota write failed
[  297.737510][T13107] Quota error (device loop3): remove_free_dqentry: Can't write block (5) with free entries
[  297.747630][T13107] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  297.758215][T13107] Quota error (device loop3): write_blk: dquota write failed
[  297.765630][T13107] Quota error (device loop3): free_dqentry: Can't move quota data block (5) to free list
[  297.963181][T13107] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  297.973468][T13107] Quota error (device loop3): v2_write_file_info: Can't write info structure
[  298.009034][T13107] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  298.029873][T19150] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  298.042970][T19150] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  298.507266][T19208] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  298.530038][T19208] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  298.707842][T19221] netlink: 'syz.0.5300': attribute type 21 has an invalid length.
[  298.780636][ T3391] usb 3-1: enqueue for inactive port 0
[  298.794790][ T3391] usb 3-1: enqueue for inactive port 0
[  298.834651][T19211] loop4: detected capacity change from 0 to 32768
[  298.882421][ T3391] vhci_hcd: vhci_device speed not set
[  298.888545][T19211]  loop4: p1 p3 < p5 p6 >
[  299.004121][T19236] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  299.095602][T19241] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  299.241008][T19246] loop3: detected capacity change from 0 to 8192
[  299.254143][   T29] audit: type=1326 audit(1747128314.144:8585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19248 comm="syz.1.5309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff20eece969 code=0x7ffc0000
[  299.318163][T19246]  loop3: p1 p3 p4
[  299.319471][   T29] audit: type=1326 audit(1747128314.144:8586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19248 comm="syz.1.5309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff20eece969 code=0x7ffc0000
[  299.322106][T19246] loop3: p1 size 8452352 extends beyond EOD, 
[  299.345788][   T29] audit: type=1326 audit(1747128314.144:8587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19248 comm="syz.1.5309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7ff20eece969 code=0x7ffc0000
[  299.345849][   T29] audit: type=1326 audit(1747128314.174:8588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19248 comm="syz.1.5309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff20eece969 code=0x7ffc0000
[  299.351978][T19246] truncated
[  299.433312][T19246] loop3: p3 size 589824 extends beyond EOD, truncated
[  299.465311][T19249] vhci_hcd: default hub control req: 230b v0011 i0002 l0
[  299.896684][T19271] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  299.913255][T19274] loop4: detected capacity change from 0 to 2048
[  299.928916][T19271] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  299.967180][T19281] loop3: detected capacity change from 0 to 256
[  299.985526][T19274] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  300.074767][T19274] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[  300.170762][T13292] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  300.318280][T19307] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  300.431955][T19311] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  300.618032][T19319] 8021q: VLANs not supported on vcan0
[  301.013964][T19330] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  301.040719][T19330] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  301.262074][T19337] loop3: detected capacity change from 0 to 4096
[  301.550438][T19337] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  301.568332][T19337] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  301.588194][T12695] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  301.706443][T19349] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5342'.
[  302.206882][T19375] loop3: detected capacity change from 0 to 512
[  302.286689][T19375] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  302.342206][T19375] EXT4-fs (loop3): orphan cleanup on readonly fs
[  302.379344][T19380] 8021q: VLANs not supported on nlmon0
[  302.408854][T19375] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #16: comm syz.3.5350: corrupted inode contents
[  302.436500][T19375] EXT4-fs (loop3): Remounting filesystem read-only
[  302.443268][T19375] EXT4-fs (loop3): 1 truncate cleaned up
[  302.472368][  T270] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  302.483193][  T270] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  302.494372][  T270] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  302.517331][T19375] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  302.535599][T19375] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  302.643782][T19391] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  302.657919][T19391] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  302.732374][   T29] kauditd_printk_skb: 249 callbacks suppressed
[  302.732391][   T29] audit: type=1326 audit(1747128317.624:8832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19395 comm="syz.4.5357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12ac20e969 code=0x7ffc0000
[  302.734884][T19390] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5354'.
[  302.738758][   T29] audit: type=1326 audit(1747128317.624:8833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19395 comm="syz.4.5357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7f12ac20e969 code=0x7ffc0000
[  302.795347][   T29] audit: type=1326 audit(1747128317.624:8834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19395 comm="syz.4.5357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12ac20e969 code=0x7ffc0000
[  302.819029][   T29] audit: type=1326 audit(1747128317.624:8835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19395 comm="syz.4.5357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f12ac20e969 code=0x7ffc0000
[  302.819084][   T29] audit: type=1326 audit(1747128317.624:8836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19395 comm="syz.4.5357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12ac20e969 code=0x7ffc0000
[  302.866258][   T29] audit: type=1326 audit(1747128317.624:8837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19395 comm="syz.4.5357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7f12ac20e969 code=0x7ffc0000
[  302.889763][   T29] audit: type=1326 audit(1747128317.624:8838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19395 comm="syz.4.5357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12ac20e969 code=0x7ffc0000
[  302.913377][   T29] audit: type=1326 audit(1747128317.624:8839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19395 comm="syz.4.5357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7f12ac20e969 code=0x7ffc0000
[  302.937130][   T29] audit: type=1326 audit(1747128317.624:8840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19395 comm="syz.4.5357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12ac20e969 code=0x7ffc0000
[  302.960951][   T29] audit: type=1326 audit(1747128317.624:8841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19395 comm="syz.4.5357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7f12ac20e969 code=0x7ffc0000
[  302.985197][T19398] netlink: 36 bytes leftover after parsing attributes in process `syz.2.5354'.
[  303.054559][T19404] loop3: detected capacity change from 0 to 2048
[  303.110924][T19404]  loop3: p1 < > p4
[  303.115468][T19404] loop3: p4 size 8388608 extends beyond EOD, truncated
[  303.167292][T19406] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5361'.
[  303.250956][T19402] loop4: detected capacity change from 0 to 32768
[  303.261085][T19418] FAULT_INJECTION: forcing a failure.
[  303.261085][T19418] name failslab, interval 1, probability 0, space 0, times 0
[  303.273864][T19418] CPU: 0 UID: 0 PID: 19418 Comm: syz.2.5365 Not tainted 6.15.0-rc6-syzkaller-00047-ge9565e23cd89 #0 PREEMPT(voluntary) 
[  303.273894][T19418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  303.273905][T19418] Call Trace:
[  303.273912][T19418]  <TASK>
[  303.273955][T19418]  __dump_stack+0x1d/0x30
[  303.274034][T19418]  dump_stack_lvl+0xe8/0x140
[  303.274051][T19418]  dump_stack+0x15/0x1b
[  303.274068][T19418]  should_fail_ex+0x265/0x280
[  303.274100][T19418]  ? sctp_add_bind_addr+0x71/0x1e0
[  303.274143][T19418]  should_failslab+0x8c/0xb0
[  303.274174][T19418]  __kmalloc_cache_noprof+0x4c/0x320
[  303.274198][T19418]  sctp_add_bind_addr+0x71/0x1e0
[  303.274246][T19418]  sctp_copy_local_addr_list+0x199/0x220
[  303.274277][T19418]  sctp_copy_one_addr+0x7f/0x280
[  303.274304][T19418]  sctp_bind_addr_copy+0x79/0x290
[  303.274373][T19418]  sctp_assoc_set_bind_addr_from_ep+0xce/0xe0
[  303.274398][T19418]  sctp_connect_new_asoc+0x1c3/0x3a0
[  303.274421][T19418]  __sctp_connect+0x424/0x7a0
[  303.274511][T19418]  ? selinux_sctp_bind_connect+0x20d/0x250
[  303.274586][T19418]  sctp_getsockopt_connectx3+0x220/0x300
[  303.274682][T19418]  sctp_getsockopt+0x910/0xaa0
[  303.274711][T19418]  sock_common_getsockopt+0x60/0x70
[  303.274740][T19418]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  303.274778][T19418]  do_sock_getsockopt+0x200/0x240
[  303.274801][T19418]  __x64_sys_getsockopt+0x11e/0x1a0
[  303.274824][T19418]  x64_sys_call+0x12aa/0x2fb0
[  303.274846][T19418]  do_syscall_64+0xd0/0x1a0
[  303.274870][T19418]  ? clear_bhb_loop+0x40/0x90
[  303.274956][T19418]  ? clear_bhb_loop+0x40/0x90
[  303.274979][T19418]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  303.275064][T19418] RIP: 0033:0x7fcbea6fe969
[  303.275079][T19418] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  303.275095][T19418] RSP: 002b:00007fcbe8d67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  303.275116][T19418] RAX: ffffffffffffffda RBX: 00007fcbea925fa0 RCX: 00007fcbea6fe969
[  303.275196][T19418] RDX: 000000000000006f RSI: 0000000000000084 RDI: 0000000000000003
[  303.275207][T19418] RBP: 00007fcbe8d67090 R08: 0000200000000180 R09: 0000000000000000
[  303.275219][T19418] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000002
[  303.275254][T19418] R13: 0000000000000000 R14: 00007fcbea925fa0 R15: 00007ffe0b2b6b38
[  303.275318][T19418]  </TASK>
[  303.541620][T19402]  loop4: p1 p3 < p5 p6 >
[  303.849632][T19446] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  303.868918][T19446] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  304.208918][T19450] xt_CT: You must specify a L4 protocol and not use inversions on it
[  304.252243][T19458] loop3: detected capacity change from 0 to 32768
[  304.325169][T19458]  loop3: p1 p3 < p5 p6 >
[  304.457574][T19474] nfs4: Bad value for 'source'
[  304.466193][T19474] loop4: detected capacity change from 0 to 512
[  304.493314][T19483] xt_CT: You must specify a L4 protocol and not use inversions on it
[  304.649526][T19504] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  304.673390][T19508] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5392'.
[  304.685471][T19508] netlink: 36 bytes leftover after parsing attributes in process `syz.3.5392'.
[  304.695222][T19504] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  304.708220][T19511] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  304.760857][T19514] netlink: 'syz.3.5398': attribute type 21 has an invalid length.
[  304.771103][T19514] loop3: detected capacity change from 0 to 128
[  304.822702][T19515] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  304.848123][T19518] syz.3.5398: attempt to access beyond end of device
[  304.848123][T19518] loop3: rw=0, sector=2067, nr_sectors = 1 limit=128
[  305.086131][T19525] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5401'.
[  305.103713][T19525] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5401'.
[  305.246756][T19534] nfs4: Bad value for 'source'
[  305.452204][T19546] 8021q: VLANs not supported on caif0
[  305.534844][T19554] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5412'.
[  305.609443][T19557] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  305.679915][T19563] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  305.714049][T19563] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  305.724992][T19566] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  305.894475][T19576] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5421'.
[  306.060940][T19591] netlink: 'syz.2.5425': attribute type 21 has an invalid length.
[  306.486333][T19599] loop4: detected capacity change from 0 to 2048
[  306.514670][T19599] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  306.533319][T19599] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[  306.571879][T13292] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  306.605485][T19604] vlan2: entered promiscuous mode
[  306.795633][T19621] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  306.820171][T19625] __nla_validate_parse: 2 callbacks suppressed
[  306.820189][T19625] netlink: 44 bytes leftover after parsing attributes in process `syz.3.5438'.
[  306.821914][T19621] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  306.837327][T19625] loop3: detected capacity change from 0 to 2048
[  306.854741][T19623] 8021q: VLANs not supported on caif0
[  306.959788][T19633] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  306.991680][T19633] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  307.018025][T19633] netlink: 3 bytes leftover after parsing attributes in process `syz.2.5442'.
[  307.045976][T19633] 0ªX¹¦À: renamed from caif0
[  307.078841][T19633] 0ªX¹¦À: entered allmulticast mode
[  307.084390][T19633] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[  307.104673][T19644] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5444'.
[  307.117176][T19642] vlan2: entered promiscuous mode
[  307.134617][T19644] netlink: 36 bytes leftover after parsing attributes in process `syz.0.5444'.
[  307.270027][T19656] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  307.333579][T19657] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  307.380088][T19659] 8021q: VLANs not supported on caif0
[  307.388981][T19661] netlink: 'syz.4.5452': attribute type 21 has an invalid length.
[  307.412386][T19661] loop4: detected capacity change from 0 to 128
[  307.466553][T19663] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5453'.
[  307.472350][T19664] syz.4.5452: attempt to access beyond end of device
[  307.472350][T19664] loop4: rw=0, sector=2067, nr_sectors = 1 limit=128
[  307.494888][T19663] netlink: 36 bytes leftover after parsing attributes in process `syz.0.5453'.
[  307.692051][T19675] loop3: detected capacity change from 0 to 2048
[  307.720689][T19677] infiniband syz2: set active
[  307.725606][T19677] infiniband syz2: added veth0_to_bond
[  307.735080][T19677] RDS/IB: syz2: added
[  307.739085][T19677] smc: adding ib device syz2 with port count 1
[  307.745318][T19677] smc:    ib device syz2 port 1 has pnetid 
[  307.756048][T19675]  loop3: p1 < > p4
[  307.770643][T19675] loop3: p4 size 8388608 extends beyond EOD, truncated
[  307.854417][T19688] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  307.863716][T19688] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  307.883332][T19690] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  307.958822][T19691] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  307.989379][   T29] kauditd_printk_skb: 191 callbacks suppressed
[  307.989508][   T29] audit: type=1326 audit(1747128322.874:9033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19694 comm="syz.0.5465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f240224e969 code=0x7ffc0000
[  308.048311][   T29] audit: type=1326 audit(1747128322.914:9034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19694 comm="syz.0.5465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f240224e969 code=0x7ffc0000
[  308.071939][   T29] audit: type=1326 audit(1747128322.914:9035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19694 comm="syz.0.5465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7f240224e969 code=0x7ffc0000
[  308.095827][   T29] audit: type=1326 audit(1747128322.914:9036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19694 comm="syz.0.5465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f240224e969 code=0x7ffc0000
[  308.119384][   T29] audit: type=1326 audit(1747128322.914:9037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19694 comm="syz.0.5465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f240224e969 code=0x7ffc0000
[  308.143080][   T29] audit: type=1326 audit(1747128322.914:9038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19694 comm="syz.0.5465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f240224e969 code=0x7ffc0000
[  308.167079][   T29] audit: type=1326 audit(1747128322.914:9039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19694 comm="syz.0.5465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f240224e969 code=0x7ffc0000
[  308.190884][   T29] audit: type=1326 audit(1747128322.914:9040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19694 comm="syz.0.5465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=154 compat=0 ip=0x7f240224e969 code=0x7ffc0000
[  308.214430][   T29] audit: type=1326 audit(1747128322.914:9041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19694 comm="syz.0.5465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f240224e969 code=0x7ffc0000
[  308.238133][   T29] audit: type=1326 audit(1747128322.914:9042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19694 comm="syz.0.5465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f240224e969 code=0x7ffc0000
[  308.503291][T19702] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5468'.
[  308.521697][T19702] netlink: 36 bytes leftover after parsing attributes in process `syz.1.5468'.
[  308.713459][T19721] ip6gre1: entered allmulticast mode
[  308.842312][T19730] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  308.905843][T19733] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  308.974477][T19735] lo speed is unknown, defaulting to 1000
[  308.992540][T19735] lo speed is unknown, defaulting to 1000
[  309.009437][T19735] lo speed is unknown, defaulting to 1000
[  309.027695][T19735] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  309.177205][T19739] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5481'.
[  309.183306][T19735] lo speed is unknown, defaulting to 1000
[  309.200983][T19735] lo speed is unknown, defaulting to 1000
[  309.213059][T19739] netlink: 36 bytes leftover after parsing attributes in process `syz.1.5481'.
[  309.284246][T19735] lo speed is unknown, defaulting to 1000
[  309.292082][T19735] lo speed is unknown, defaulting to 1000
[  309.298271][T19735] lo speed is unknown, defaulting to 1000
[  309.453612][T19746] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  309.467991][T19746] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  309.665263][T19764] vlan2: entered promiscuous mode
[  309.698217][T19766] loop3: detected capacity change from 0 to 2048
[  309.729475][T19766] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  309.749739][T19760] lo speed is unknown, defaulting to 1000
[  309.762491][T19766] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[  309.876129][T12695] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  309.949114][T19775] can0: slcan on ttyS3.
[  309.955182][T19779] lo speed is unknown, defaulting to 1000
[  309.976465][T19788] 8021q: VLANs not supported on caif0
[  310.050160][T19800] FAULT_INJECTION: forcing a failure.
[  310.050160][T19800] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  310.063411][T19800] CPU: 0 UID: 0 PID: 19800 Comm: syz.3.5502 Not tainted 6.15.0-rc6-syzkaller-00047-ge9565e23cd89 #0 PREEMPT(voluntary) 
[  310.063441][T19800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  310.063454][T19800] Call Trace:
[  310.063487][T19800]  <TASK>
[  310.063496][T19800]  __dump_stack+0x1d/0x30
[  310.063519][T19800]  dump_stack_lvl+0xe8/0x140
[  310.063541][T19800]  dump_stack+0x15/0x1b
[  310.063559][T19800]  should_fail_ex+0x265/0x280
[  310.063609][T19800]  should_fail+0xb/0x20
[  310.063639][T19800]  should_fail_usercopy+0x1a/0x20
[  310.063698][T19800]  _copy_from_iter+0xcf/0xdd0
[  310.063720][T19800]  ? alloc_pages_mpol+0x202/0x250
[  310.063742][T19800]  copy_page_from_iter+0x15a/0x290
[  310.063839][T19800]  tun_get_user+0x5c7/0x24d0
[  310.063925][T19800]  ? ref_tracker_alloc+0x1f2/0x2f0
[  310.063976][T19800]  tun_chr_write_iter+0x15e/0x210
[  310.064050][T19800]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  310.064073][T19800]  vfs_write+0x49d/0x8d0
[  310.064193][T19800]  ksys_write+0xda/0x1a0
[  310.064215][T19800]  __x64_sys_write+0x40/0x50
[  310.064292][T19800]  x64_sys_call+0x2cdd/0x2fb0
[  310.064327][T19800]  do_syscall_64+0xd0/0x1a0
[  310.064351][T19800]  ? clear_bhb_loop+0x40/0x90
[  310.064440][T19800]  ? clear_bhb_loop+0x40/0x90
[  310.064461][T19800]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  310.064489][T19800] RIP: 0033:0x7f7f54c9d41f
[  310.064505][T19800] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  310.064605][T19800] RSP: 002b:00007f7f53307000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  310.064628][T19800] RAX: ffffffffffffffda RBX: 00007f7f54ec5fa0 RCX: 00007f7f54c9d41f
[  310.064643][T19800] RDX: 000000000000004a RSI: 0000200000000fc0 RDI: 00000000000000c8
[  310.064656][T19800] RBP: 00007f7f53307090 R08: 0000000000000000 R09: 0000000000000000
[  310.064669][T19800] R10: 000000000000004a R11: 0000000000000293 R12: 0000000000000001
[  310.064733][T19800] R13: 0000000000000000 R14: 00007f7f54ec5fa0 R15: 00007ffeb9d66e28
[  310.064751][T19800]  </TASK>
[  310.341087][T19774] can0 (unregistered): slcan off ttyS3.
[  310.368391][T19812] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  310.448052][T19816] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  310.459872][T19821] loop3: detected capacity change from 0 to 2048
[  310.515831][T19821]  loop3: p1 < > p4
[  310.540482][T19826] 8021q: VLANs not supported on caif0
[  310.551382][T19821] loop3: p4 size 8388608 extends beyond EOD, truncated
[  310.646122][T19839] netlink: 'syz.0.5516': attribute type 21 has an invalid length.
[  310.968993][T19856] Invalid ELF header magic: != ELF
[  311.054852][T19864] loop3: detected capacity change from 0 to 2048
[  311.069754][T19865] tmpfs: Bad value for 'mpol'
[  311.098935][T19864] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  311.123993][T19864] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[  311.214461][T12695] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  311.610570][T19862] ==================================================================
[  311.618719][T19862] BUG: KCSAN: data-race in mem_cgroup_flush_stats_ratelimited / tick_do_update_jiffies64
[  311.628555][T19862] 
[  311.630881][T19862] read-write to 0xffffffff868099c0 of 8 bytes by interrupt on cpu 1:
[  311.638949][T19862]  tick_do_update_jiffies64+0x113/0x1c0
[  311.644522][T19862]  tick_nohz_handler+0x7f/0x2d0
[  311.649380][T19862]  __hrtimer_run_queues+0x20f/0x5a0
[  311.654590][T19862]  hrtimer_interrupt+0x21a/0x460
[  311.659536][T19862]  __sysvec_apic_timer_interrupt+0x5c/0x1d0
[  311.665443][T19862]  sysvec_apic_timer_interrupt+0x6f/0x80
[  311.671097][T19862]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  311.677082][T19862]  __cond_resched+0x7c/0x90
[  311.681595][T19862]  mutex_lock+0xd/0x30
[  311.685667][T19862]  nf_getsockopt+0x31/0x1b0
[  311.690174][T19862]  ip_getsockopt+0x137/0x180
[  311.694865][T19862]  tcp_getsockopt+0xad/0xe0
[  311.699385][T19862]  sock_common_getsockopt+0x60/0x70
[  311.704594][T19862]  do_sock_getsockopt+0x200/0x240
[  311.709621][T19862]  __x64_sys_getsockopt+0x11e/0x1a0
[  311.714835][T19862]  x64_sys_call+0x12aa/0x2fb0
[  311.719545][T19862]  do_syscall_64+0xd0/0x1a0
[  311.724078][T19862]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  311.729996][T19862] 
[  311.732319][T19862] read to 0xffffffff868099c0 of 8 bytes by task 19862 on cpu 0:
[  311.739959][T19862]  mem_cgroup_flush_stats_ratelimited+0x29/0x70
[  311.746226][T19862]  count_shadow_nodes+0x6a/0x230
[  311.751280][T19862]  do_shrink_slab+0x60/0x680
[  311.755891][T19862]  shrink_slab+0x448/0x760
[  311.760330][T19862]  shrink_node+0x6c3/0x2110
[  311.764848][T19862]  do_try_to_free_pages+0x3f6/0xcd0
[  311.770320][T19862]  try_to_free_mem_cgroup_pages+0x1ab/0x410
[  311.776246][T19862]  try_charge_memcg+0x3ab/0x870
[  311.781110][T19862]  obj_cgroup_charge_pages+0xb7/0x1a0
[  311.786499][T19862]  __memcg_kmem_charge_page+0x9f/0x170
[  311.791973][T19862]  __alloc_frozen_pages_noprof+0x188/0x360
[  311.797881][T19862]  alloc_pages_mpol+0xb3/0x250
[  311.802651][T19862]  alloc_pages_noprof+0x90/0x130
[  311.807595][T19862]  __vmalloc_node_range_noprof+0x6a4/0xdf0
[  311.813430][T19862]  bpf_map_area_alloc+0xd3/0x100
[  311.818382][T19862]  queue_stack_map_alloc+0x7a/0xe0
[  311.823510][T19862]  map_create+0x840/0xb90
[  311.827946][T19862]  __sys_bpf+0x5ab/0x790
[  311.832214][T19862]  __x64_sys_bpf+0x41/0x50
[  311.836665][T19862]  x64_sys_call+0x2478/0x2fb0
[  311.841347][T19862]  do_syscall_64+0xd0/0x1a0
[  311.845861][T19862]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  311.851762][T19862] 
[  311.854086][T19862] value changed: 0x0000000100000453 -> 0x0000000100000454
[  311.861201][T19862] 
[  311.863529][T19862] Reported by Kernel Concurrency Sanitizer on:
[  311.869687][T19862] CPU: 0 UID: 0 PID: 19862 Comm: syz.2.5525 Not tainted 6.15.0-rc6-syzkaller-00047-ge9565e23cd89 #0 PREEMPT(voluntary) 
[  311.882370][T19862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  311.892436][T19862] ==================================================================
[  311.906100][T19891] FAULT_INJECTION: forcing a failure.
[  311.906100][T19891] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  311.919414][T19891] CPU: 0 UID: 0 PID: 19891 Comm: syz.0.5537 Not tainted 6.15.0-rc6-syzkaller-00047-ge9565e23cd89 #0 PREEMPT(voluntary) 
[  311.919446][T19891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  311.919460][T19891] Call Trace:
[  311.919468][T19891]  <TASK>
[  311.919477][T19891]  __dump_stack+0x1d/0x30
[  311.919572][T19891]  dump_stack_lvl+0xe8/0x140
[  311.919597][T19891]  dump_stack+0x15/0x1b
[  311.919615][T19891]  should_fail_ex+0x265/0x280
[  311.919684][T19891]  should_fail+0xb/0x20
[  311.919746][T19891]  should_fail_usercopy+0x1a/0x20
[  311.919766][T19891]  _copy_from_iter+0xcf/0xdd0
[  311.919783][T19891]  ? __build_skb_around+0x1a0/0x200
[  311.919826][T19891]  ? __alloc_skb+0x223/0x320
[  311.919882][T19891]  netlink_sendmsg+0x471/0x6b0
[  311.919900][T19891]  ? __pfx_netlink_sendmsg+0x10/0x10
[  311.919993][T19891]  __sock_sendmsg+0x142/0x180
[  311.920015][T19891]  ____sys_sendmsg+0x31e/0x4e0
[  311.920045][T19891]  ___sys_sendmsg+0x17b/0x1d0
[  311.920071][T19891]  __x64_sys_sendmsg+0xd4/0x160
[  311.920091][T19891]  x64_sys_call+0x2999/0x2fb0
[  311.920108][T19891]  do_syscall_64+0xd0/0x1a0
[  311.920129][T19891]  ? clear_bhb_loop+0x40/0x90
[  311.920194][T19891]  ? clear_bhb_loop+0x40/0x90
[  311.920249][T19891]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  311.920317][T19891] RIP: 0033:0x7f240224e969
[  311.920331][T19891] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  311.920347][T19891] RSP: 002b:00007f24008b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  311.920364][T19891] RAX: ffffffffffffffda RBX: 00007f2402475fa0 RCX: 00007f240224e969
[  311.920440][T19891] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000005
[  311.920451][T19891] RBP: 00007f24008b7090 R08: 0000000000000000 R09: 0000000000000000
[  311.920461][T19891] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  311.920472][T19891] R13: 0000000000000000 R14: 00007f2402475fa0 R15: 00007ffea531d898
[  311.920551][T19891]  </TASK>
[  311.933497][T19861] syz.2.5525 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  312.132788][T19861] CPU: 1 UID: 0 PID: 19861 Comm: syz.2.5525 Not tainted 6.15.0-rc6-syzkaller-00047-ge9565e23cd89 #0 PREEMPT(voluntary) 
[  312.132860][T19861] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  312.132874][T19861] Call Trace:
[  312.132884][T19861]  <TASK>
[  312.132893][T19861]  __dump_stack+0x1d/0x30
[  312.132931][T19861]  dump_stack_lvl+0xe8/0x140
[  312.132948][T19861]  dump_stack+0x15/0x1b
[  312.132963][T19861]  dump_header+0x81/0x220
[  312.132996][T19861]  oom_kill_process+0x334/0x3f0
[  312.133075][T19861]  out_of_memory+0x979/0xb80
[  312.133101][T19861]  ? css_next_descendant_pre+0x138/0x160
[  312.133126][T19861]  mem_cgroup_out_of_memory+0x13d/0x190
[  312.133196][T19861]  try_charge_memcg+0x5e2/0x870
[  312.133259][T19861]  charge_memcg+0x51/0xc0
[  312.133279][T19861]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  312.133307][T19861]  __read_swap_cache_async+0x1df/0x350
[  312.133373][T19861]  swap_cluster_readahead+0x376/0x3e0
[  312.133463][T19861]  swapin_readahead+0xde/0x6f0
[  312.133488][T19861]  ? __filemap_get_folio+0x49f/0x650
[  312.133513][T19861]  ? swap_cache_get_folio+0x77/0x200
[  312.133533][T19861]  do_swap_page+0x301/0x2460
[  312.133593][T19861]  ? save_fpregs_to_fpstate+0x100/0x160
[  312.133617][T19861]  ? _raw_spin_unlock+0x26/0x50
[  312.133640][T19861]  ? finish_task_switch+0xad/0x2b0
[  312.133665][T19861]  ? __pfx_default_wake_function+0x10/0x10
[  312.133753][T19861]  handle_mm_fault+0xb60/0x2ae0
[  312.133796][T19861]  ? mas_walk+0xf2/0x120
[  312.133820][T19861]  do_user_addr_fault+0x636/0x1090
[  312.133846][T19861]  ? switch_fpu_return+0xe/0x20
[  312.133926][T19861]  exc_page_fault+0x54/0xc0
[  312.133947][T19861]  asm_exc_page_fault+0x26/0x30
[  312.133969][T19861] RIP: 0033:0x7fcbea726790
[  312.133987][T19861] Code: 48 8b 3c 25 00 03 00 00 e8 1d 13 00 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 83 e7 02 74 0b c3 66 2e 0f 1f 84 00 00 00 00 00 <64> 48 8b 04 25 10 00 00 00 8b 90 08 03 00 00 48 8d b8 08 03 00 00
[  312.134021][T19861] RSP: 002b:00007ffe0b2b6c28 EFLAGS: 00010246
[  312.134044][T19861] RAX: 0000000000000000 RBX: 00007fcbea925fa0 RCX: 00007fcbea731225
[  312.134107][T19861] RDX: 00007ffe0b2b6c70 RSI: 0000000000000000 RDI: 0000000000000000
[  312.134122][T19861] RBP: 00007fcbea927ba0 R08: 0000000000000000 R09: 7fffffffffffffff
[  312.134136][T19861] R10: 0000000000000000 R11: 0000000000000293 R12: 000000000004c20d
[  312.134150][T19861] R13: 00007fcbea926080 R14: ffffffffffffffff R15: 00007ffe0b2b6db0
[  312.134171][T19861]  </TASK>
[  312.134219][T19861] memory: usage 157128kB, limit 307200kB, failcnt 2978
[  312.379542][T19861] memory+swap: usage 2192kB, limit 9007199254740988kB, failcnt 0
[  312.387346][T19861] kmem: usage 1464kB, limit 9007199254740988kB, failcnt 0
[  312.394507][T19861] Memory cgroup stats for /syz2:
[  312.395054][T19861] cache 0
[  312.402992][T19861] rss 24576
[  312.406139][T19861] shmem 0
[  312.409086][T19861] mapped_file 0
[  312.412589][T19861] dirty 0
[  312.415586][T19861] writeback 0
[  312.418967][T19861] workingset_refault_anon 91
[  312.423682][T19861] workingset_refault_file 2588
[  312.428466][T19861] swap 643072
[  312.431889][T19861] swapcached 12288
[  312.435621][T19861] pgpgin 964288
[  312.439113][T19861] pgpgout 964263
[  312.442726][T19861] pgfault 378262
[  312.446290][T19861] pgmajfault 77
[  312.449756][T19861] inactive_anon 0
[  312.453501][T19861] active_anon 24576
[  312.457317][T19861] inactive_file 77824
[  312.461347][T19861] active_file 0
[  312.464897][T19861] unevictable 0
[  312.468378][T19861] hierarchical_memory_limit 314572800
[  312.473843][T19861] hierarchical_memsw_limit 9223372036854771712
[  312.480002][T19861] total_cache 0
[  312.483501][T19861] total_rss 24576
[  312.487148][T19861] total_shmem 0
[  312.490638][T19861] total_mapped_file 0
[  312.494635][T19861] total_dirty 0
[  312.498115][T19861] total_writeback 0
[  312.502026][T19861] total_workingset_refault_anon 91
[  312.507168][T19861] total_workingset_refault_file 2588
[  312.512657][T19861] total_swap 643072
[  312.516497][T19861] total_swapcached 12288
[  312.520796][T19861] total_pgpgin 964288
[  312.525130][T19861] total_pgpgout 964263
[  312.529242][T19861] total_pgfault 378262
[  312.533357][T19861] total_pgmajfault 77
[  312.537347][T19861] total_inactive_anon 0
[  312.541542][T19861] total_active_anon 24576
[  312.545940][T19861] total_inactive_file 77824
[  312.550649][T19861] total_active_file 0
[  312.554639][T19861] total_unevictable 0
[  312.558682][T19861] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.5525,pid=19861,uid=0
[  312.573448][T19861] Memory cgroup out of memory: Killed process 19861 (syz.2.5525) total-vm:93748kB, anon-rss:936kB, file-rss:22440kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  312.596617][T19895] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  312.660362][T19896] sch_tbf: burst 3298 is lower than device lo mtu (65550) !