last executing test programs:

1m7.330463103s ago: executing program 0 (id=43):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
syz_mount_image$iso9660(&(0x7f0000000080), &(0x7f0000000540)='./bus\x00', 0x120c018, &(0x7f0000000180)={[{@check_relaxed}, {@map_normal}, {@nojoliet}, {@cruft}, {@uid}, {@dmode={'dmode', 0x3d, 0x1000}}, {@session={'session', 0x3d, 0x6}}, {@map_normal}]}, 0xff, 0x534, &(0x7f0000001000)="$eJzs3V9v09YbwPHHpf1R5SehaUwIVQUOZZOKVILjQFDEleecpAccO7Id1F6hirZTRQoTZdLam8EN26TtRXC7F7F3NO0lMNlOSkv+Af0TVH0/EZwT+8TnOWl0HrmNjwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIjl1Wy7ZIlvgvaKGs6rRWHz/dPuq/s2yM1DxYh+Raz0n8zOyuV80+Vv3u++lP63IPP5s3mZTYtZ2fv/pa/uX5ye6r1+RMCnYmd37+lap7PxYtKBnKAr54fva+jAxKFpug2tTByqaqVi316ux6pufB2vxoluKi/SbhJGatG7qUrValnp4mrYDho119e9jfduObZdUQ+KLe1GcRjcflCMvWXj+yZoZG3S3Wmbe+kH8aFJVKLdplKbW52N8rgBpI1KH9PIGdfIsR2nVHKcUuVu9e49257u22B/QPpaTP5Di8k6xtkbOJqpbv4XX4wE0pYVUQMfntQkklCaQ/Z39fL/d7f1yH4P5v9elr/8fvecZPn/av7s6rD8PySW03vsyK7syVNZk450ZENeTDyi0300REsgRmIJxUhT3GyL6m5RUpWKVMSWx7IsdYlFSV2M+KIlllWJJRGdfaI8iUSLK4mEEomSRfHkpigpSVWqUhYlWoqyKqG0JZCG1MTNjrIpW9n7XhZlDYtxv1Fp6DAKvc/dhjgjRkv+x9Ed6/wNHMW7Xv4HAAAAAABnlpX99j09/5+RK1mtbnxtTzosAAAAAABwjLK//M+nxUxauyIW5/8AAAAAAJw1VnaNnSUiBbmW1zbFyi6X4pcAAAAAAACcEdnf/6+mRbYGyjWx9pdL4fwfAAAAAIAz4rfha+y/O5/vaZ23/v5XomjGet1a+dbadtON7va5fO+5D4+Y1OesC92DZEUlL6anPT1vzeaN9hfB/KdbbI5b698aFMCrTwng4rT8IdfzNtfX83K9tyfvpVA3vi56oX+/JK57YSrRK8lPz7Z+lmz4vwfNC5ZsbnU2ik+ed9azWF6nR3m93V1AsW8dxRGxvMzWW8iuuRg44pnsQoxuv4W8X/vg+Kfyl099Qp9vZCFvs9Bd8bZwePyzaZ+l4rDRd6MoHXHkb+RG3ubG4o28GBCFMy4K52AUn/VefEQU5XFRlI8YBQBMyuaYLGT1J/7PmOU+L7vL0OxuiSWDZvTFvM3iXDaxTs8NmNHtcTO6fcTs9lffPZCG5di03z8/yKpv0xe87ev3XbeMfcdK38JzL7d/lEs7u3u3trbXZuSHjWeOU67Yd2z7riMz2TC6BbkHADDA+HvsjG1h3RlzVv31/lcKivJEnktH1mUpu9og+8bBwKMWDnwNYWnMWWshS5P5HV6WRpzV/S+7yqF3XGdk28MxlE/+BwEAwClaGJOHPyb/L4057z6cy0efHRcO3K0NAACcDB29sgrJr1YUmdbjUrVacpNlraLQe6giU2toZYJER96yGzS0akVhEnqhn1YemZqOVdxutcIoUfUwUq0wNivZnd9V99bvsW66QWK8uOVrN9bKC4PE9RJVM7GnWu3vfRMv6yh7cdzSnqkbz01MGKg4bEeeLioVa32goanpIDF1k1YD1YpM041W1aPQbze1qunYi0wrCfMD9voyQT2Mmtlhi5N+swEA+ELs7O49Xet0Nl6cYGXSYwQAAIeRpQEAAAAAAAAAAAAAAAAAAAAA+PKdxvV/VM54pbcU9JcSD5VjqIydOn458ckJwIn6LwAA//9HHk9e")
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r1}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)

1m7.244017944s ago: executing program 0 (id=47):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f0000000100)=0xfffffffb, 0x4)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x41}}]}, &(0x7f0000000340)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, 0x0, &(0x7f0000000000))

1m7.068486555s ago: executing program 0 (id=55):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa20000000000000702fdfff75651114ad677bad10000dd910a00"/65], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r1}, 0x10)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r2, 0x400, 0x0)
fsetxattr$trusted_overlay_redirect(r2, &(0x7f0000000040), 0x0, 0x0, 0x0)
pipe2(&(0x7f0000000000), 0x0)
r3 = mq_open(&(0x7f0000001140)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xd3\xa7\xd8J\xfd\x94#KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\xd8\x01YZy\xe6!\x89\x9c\xd1\xa6\x167\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa\xe0\x9d\x97Te\x81\x98L\xfe\x97+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xeb\x84\x99\xc6\x0f\xf1\xd5LD\xa87\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xb4\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*@v\xe7\xd1\xee\xb3\xc2\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xf2\x1e\xcd\v\xe5L\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3~$\xc0\xa5n\x9a W\xb1e\xcc<$\xdf\x15\f]\x15\xf5#G\xce\xaf\x88U\xfa\x80\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v\xb9\xdc\xd6\x87\x8f\xcd\xc1\xb05\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe1:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6\x8b\x18/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f:Z\xb8\xee;\xe3;\x8aPV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\t\x11\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\x8a\x82\x19\xb0\t\xac\x10\\\x8c\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\xca\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xad3\x91\xa5\xe6!\xcd\xa2\xa4\x14\x12\xf9\xbf\xa8b\xcec:\xd7\'\f\f\x957\xc9}\r\xa6\xaa\x0f\xca\x96\xeb', 0x42, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="01000000080000000400000021000000c1000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000170000000000000000000000c917b7b0a0006968c76b0cf7c5c5e3e98a719117519e30b2452974eae700d8517ce2f7c5d4e2988c24d391b587"], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280), &(0x7f0000000180)="2f8d96e20e4d91e11fa6a275c8e85c67751d90b6c673a7cea0c15c429920e15ac9c8d747cc7168c0ae2557cb6f74c71932b689e7ca97617963cfff445f", 0x3, r4}, 0x17)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000000100)={r4, &(0x7f00000000c0), 0x20000000}, 0x20)
mq_timedsend(r3, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r3, 0x0, 0x0, 0x6, 0x0)
mq_timedsend(r3, 0x0, 0x0, 0x0, 0x0)
mq_unlink(&(0x7f0000000000)='eth0\x00')
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x48)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1c, &(0x7f00000005c0)={@private2}, &(0x7f0000000600)=0x14)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x4, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000200000000000000000818110000", @ANYRES32=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/arp\x00')
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xd, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b704000000000000850000008e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xbc6d89933865ab6f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
preadv(r7, &(0x7f0000000040)=[{&(0x7f0000000200)=""/233, 0xe9}], 0x1, 0x0, 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000700)=@o_path={&(0x7f00000006c0)='./file0\x00', 0x0, 0x4000, r5}, 0x18)

1m7.028157695s ago: executing program 0 (id=56):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x10, &(0x7f0000000100)=ANY=[], 0xfc, 0x2dd, &(0x7f0000000500)="$eJzs3b+LI1UcAPDv5NdmzyKLaKEIN6CF1XJra7OrnCBupURQG4OXA0mWgxwEXeHWq660shT/DVs7Cyv/A8FWsLsrVkYmM7PJnJkzcps7WD6f4u5l3vu+9817j2yVbz5/7WRy604S9x/+Hv1+Eq3DOIxHSexFKyrfRicAgKvjUZbFX1lEdIvXycaRndb2sgIAtqn4+1943rkAAM/GR598+sHR8fHND9O0H68MHsyHSUScPJgPi/6j2/FlTGMcN2IQ5xHZhaL93vvHN6OT5vbijZOz+XBem//oz9hdxB/EIPbWxx+khTJ+GJH/341rkcbR7W411SBeWh//VhHeXYnfjWEv3nx9Jf/9GMRvX8SdmMatyGOX8fcO0vTd7PuH33yWL5PHJ60Y7izGLWXt/N+Xv6peX9/20QAAAAAAAAAAAAAAAAAAAAAAcIXtp2lSlO9Z1O/JH5X1d9rni/79tLJXr89TxF/UCy7qA2VRlug5y+KHqr7OjTRNs3LgMr4Tr3b8sAAAAAAAAAAAAAAAAAAAAADk7n59OhlNp+PZUzfak9G0qgZQfa1/s/B2RNSfHK6MuR6nk1G7ecKdzddarTaQ5/rEwdHpxCVsS9HoRkTTmPh5N8+nIfzHMt//v+jO8nA/jtPF/lQHc2nvK2+8+M5FhmnZVW3yZJT811r9GE2/yxs/rXb1YuM0kqT2ZHG20/EsW1yJ86x+pv2Gzexdwm7kd7T3wtquv7Ms22yet/8ozqg4wVkS1yJpvBuP3bGy0Xhb+v8+i1+aJ2z8yGg/7WcOAAAAAAAAAAAAAAAAAACwXv2L04+5/8TQ1taSAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBnbPn7/1WjHxH1J/XGvV/HZ2Vw45hloxezu8vVWs/rbQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDF/RMAAP//Kz1C7g==")
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x88)
write$selinux_attr(r0, &(0x7f0000000280)='system_u:object_r:smartcard_device_t:s0\x00', 0x28)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000001180)={0x0, 0x0, 0x0, 0x0, 0x1718, 0x0, 0x0, 0x0, 0x0, "ef359f413bb93852f7d6d1ce5d29c3ee5e5ca9000f7c41499dc2aac63a4b78c660e677df701908b9aaa3f6a00400", "036c47c6780820d1cbf7896de1fdcf335263bdbcef0100a197fce47ddfdd753abd9501ce721b6ae9b49600002a000000000000000000000000000018c900", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00"})
io_submit(0x0, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0xe7030003, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x4000000, 0x1000000}])

1m6.677015277s ago: executing program 0 (id=62):
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x3b, 0x1, 0x0, 0x0, 0x0, 0x89, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x2, @perf_bp={0x0, 0x2}, 0x0, 0x0, 0x2, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x1, 0xb, &(0x7f00000009c0)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x2001, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)

1m3.297082823s ago: executing program 0 (id=99):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
pipe2(&(0x7f0000000000)={0x0, <r1=>0x0}, 0x0)
r2 = socket(0x2c, 0x3, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="110000000400000004000000ff00000000000000", @ANYRES32, @ANYBLOB="000000000000ecfae30000c91af776a581000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/21], 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r3, &(0x7f0000000140), &(0x7f0000000080)=@udp6=r2}, 0x20)
close_range(r1, 0xffffffffffffffff, 0x0)

1m3.292483233s ago: executing program 32 (id=99):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
pipe2(&(0x7f0000000000)={0x0, <r1=>0x0}, 0x0)
r2 = socket(0x2c, 0x3, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="110000000400000004000000ff00000000000000", @ANYRES32, @ANYBLOB="000000000000ecfae30000c91af776a581000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/21], 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r3, &(0x7f0000000140), &(0x7f0000000080)=@udp6=r2}, 0x20)
close_range(r1, 0xffffffffffffffff, 0x0)

27.740924695s ago: executing program 4 (id=623):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r0}, 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
write$binfmt_elf64(r1, &(0x7f0000000400)=ANY=[@ANYBLOB="7f454c4600000000000000000000000003003e0000000000000000007c80000040000000000000000000000000f8"], 0x75)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x6040000)

27.656895875s ago: executing program 4 (id=626):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close(0xffffffffffffffff)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000780), 0xffffffffffffffff)
r2 = openat$rfkill(0xffffffffffffff9c, 0x0, 0x602, 0x0)
writev(r2, &(0x7f0000000440)=[{0x0}], 0x1)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_ro(r3, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)

27.474841776s ago: executing program 4 (id=630):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, 0x0, &(0x7f00000002c0)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000001040)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in=@broadcast, @in6=@remote}, {@in6=@remote, 0x0, 0x32}, @in6=@mcast1, {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0)

27.448019407s ago: executing program 4 (id=633):
r0 = bpf$MAP_CREATE(0x1900000000000000, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000700)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000a1f4ef7970c2a8d97b8af8ff00000000bfa2000000000000070200b7040000020000008500000082000000950000000000000070885efc3bcea16dc9707c9e7363f756ef02b6d6e903a873a14b2ad3160be3601ebe3543e81eea611af28a27cf8c5879f5c31f3ed1154e04c1d2ba45ce33f1aa0702b340306085d7ebc7315fbb458e1aaa61ecd507c2e434f420617a9622865f76746d38a8689d0e0a26ed0b37b7310779ab9cd197c9e977c06af97141b5b0ab27c4bd4ee389dc54363ff9a5e16c55e58dd72f4b9567b8cdfe231ce12aec60ddf5417202aa6c5694787db08619836ef0bf87014809bbb5aaa800"/257], &(0x7f0000000540)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xfb, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='hrtimer_init\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
close(0xffffffffffffffff)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="160000000000000004000000ff00000000000000", @ANYRES32=0x1, @ANYBLOB="0000002100000000f6a9c0bf8f381c893aac8e8500000000010c3edd47eaffdd70b9ff948e73ee306c410500bccd00"/57, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/27], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000700000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b0af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r3}, &(0x7f0000000280), &(0x7f0000000380)=r4}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r5}, 0x10)
syz_clone(0x630c0700, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='hrtimer_init\x00', r2}, 0x10)
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x181900, 0x0)
r7 = ioctl$LOOP_CTL_GET_FREE(r6, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r6, 0x4c81, r7)
syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000080)='./file1\x00', 0xc44, &(0x7f0000000740)=ANY=[], 0x2, 0x266, &(0x7f0000000480)="$eJzs3b9rFHkUAPC32c2vazYcBwfHwS0cB1eFJHB9juMOwgUVwyIRCW7MRkI2BAwEtEhiJVjZWFqmiwha2On/INjYiI2IlSkEC8lIMmF3YzbGlWRHks+nmce892a+3wkzky32u5d/XZifWVya3dx8HX19uSiMXt1KklwMRFfkI7UWAMBJ8iFJ4l2SynosAEBneP8DwOlz2Pu/O92c6/CwAIBj9O2f/+9OPnlZqY7+9RWlSW89fDHV/hgBgKM1MXnx/62nf/SPxaM7EQu3lsvL5XSb5v+ejbmoRTWGohgfI5K6NP5vbPzfodK2/ojywupu/+pyOb+3fziKMRBx4cz+/uFSam9/d/zQ3D8Sxfip9flHWvb3xJ+/N/UPRjGeXYnFqMXM9r8kTf0rw6XSP2fHP+vv3amL9Xymfx8AAAAAAAAAAAAAAAAAAAAAAE6mwVLdQNP6N7l6frBlfrX99YEa6/Pc3ukvxC+FuJnh1AEAAAAAAAAAAAAAAAAAAOC7sXT9xnylVqteqwfT5+d+3LvnsCDXIpXfPX47xzn64H2mZz8w2L4wx3iK3yKiseftsczi4Ub1+frUpYnsL2YHg2iZepD5wKa/UNMVETvBz/dGK49XXr3ZXxNrTfdyIb1vK7V029P8sCh1+OEEAAAAAAAAAAAAAAAAAACnTONrwAdVJJ0dEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABkoPH7/20HPfU9G/3pwQ4oTpP3M50nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACn26cAAAD//5yXqIk=")
syz_clone(0x4eb82100, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x26e1, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu\x00', 0x7a05, 0x1700)
write$cgroup_type(r8, &(0x7f0000000000), 0x180600)

26.134558953s ago: executing program 4 (id=660):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_TYPE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c0000000d0603000e0000000000000003000009050001"], 0x1c}, 0x1, 0x0, 0x0, 0x404c0}, 0x200000d0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
pipe(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write$binfmt_script(r2, 0x0, 0xb)
splice(r3, 0x0, r2, 0x0, 0x1000, 0x0)
write$binfmt_misc(r4, &(0x7f00000000c0), 0xfdef)
splice(r1, 0x0, r4, 0x0, 0x80, 0x0)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/resume', 0x141a82, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendfile(r5, r5, 0x0, 0x4)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000900)={&(0x7f0000000040)='kmem_cache_free\x00', r7, 0x0, 0xfffffffffffffffd}, 0x18)
socket$key(0xf, 0x3, 0x2)
r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='oom_score_adj\x00')
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]})
clock_gettime(0x0, 0x0)
pwritev(r8, &(0x7f0000000100)=[{&(0x7f0000000600)='0', 0x1}], 0x1, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00'}, 0x10)
unshare(0x6020400)
r9 = gettid()
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x800000000004, @tid=r9}, &(0x7f0000bbdffc)=<r10=>0x0)
timer_settime(r10, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe(&(0x7f0000000400)={<r11=>0xffffffffffffffff})
vmsplice(r11, &(0x7f00000001c0)=[{&(0x7f00000004c0)="7cd1f233f595b9483683fb7fcac2881731c46bffa49ed496fc644240945fc5df846ba39e38efc8aec53ef3336edc8b34345245ccb129039638ada63a724ef5a39687", 0x42}], 0x1, 0x0)
syz_emit_ethernet(0x86, &(0x7f0000000500)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3a}, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0xe, 0x1, 0x0, @rand_addr=0x64010100, @local}, @time_exceeded={0xb, 0x0, 0x0, 0x3, 0x2c, 0x0, {0x15, 0x4, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x89, 0x0, @private, @local, {[@cipso={0x86, 0x36, 0x0, [{0x6, 0x2}, {0x0, 0xa, "2189ea43a2149b84"}, {0x7, 0x12, "ffd11634eea26b0faffa0dea2e903528"}, {0x0, 0x9, "02a20948fd7406"}, {0x0, 0x9, "ccf0294e2a3bdb"}]}, @ssrr={0x89, 0x7, 0x6c, [@broadcast]}]}}, '\x00\x00\x00\x00\x00\x00\x00\x00'}}}}}, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)

24.896209739s ago: executing program 4 (id=683):
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x5452, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x2, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
perf_event_open(&(0x7f0000000400)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x82, 0xf20e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x63db, 0x6, 0x0, 0x0, 0x0, 0x0, 0x80}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

24.896007859s ago: executing program 33 (id=683):
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x5452, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x2, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
perf_event_open(&(0x7f0000000400)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x82, 0xf20e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x63db, 0x6, 0x0, 0x0, 0x0, 0x0, 0x80}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

2.891140796s ago: executing program 2 (id=1008):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0b00000007000000020000000400000005000000", @ANYRES32, @ANYBLOB="0000080000000000000000005ce90711350d0000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/27], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x7, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x141141, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000010c0)={{r2}, &(0x7f0000001040), &(0x7f0000001080)}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000000c0)={r2, 0x0, 0x0}, 0x20)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x8, 0x3, 0x4d0, 0x0, 0x25, 0x148, 0x340, 0x60, 0x438, 0x2a8, 0x2a8, 0x438, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'dvmrp1\x00', {0xff}}, 0x0, 0xd0, 0xf8, 0x0, {}, [@common=@unspec=@cgroup0={{0x28}, {0x4}}, @common=@unspec=@statistic={{0x38}}]}, @common=@unspec=@MARK={0x28, 'MARK\x00', 0x2, {0x9, 0x8001}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x530)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
rt_sigprocmask(0x0, &(0x7f0000000100)={[0xfffffffffffe]}, 0x0, 0x8)
r3 = gettid()
timer_create(0x2, &(0x7f0000000180)={0x0, 0x1e, 0x4, @tid=r3}, &(0x7f00000000c0))
timer_settime(0x0, 0x1, &(0x7f00000001c0)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000080)={[0xfffffffffffffffe]}, 0x8, 0x0)
readv(r4, &(0x7f0000000000)=[{&(0x7f0000002480)=""/231, 0xe7}], 0x1)

2.728831277s ago: executing program 2 (id=1010):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000850000000500000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r1, 0x84, 0xc, &(0x7f00000001c0), 0x4)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={<r2=>0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_STATUS(r1, 0x84, 0xe, &(0x7f0000000740)={<r3=>r2, 0x7fff, 0x3, 0x2, 0x26, 0x6, 0x87, 0x9, {r2, @in={{0x2, 0x4e23, @loopback}}, 0x6, 0x6, 0x4, 0x4, 0x10001}}, &(0x7f0000000280)=0xb0)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f00000004c0)={r3}, &(0x7f0000000240)=0xfe29)
openat$tun(0xffffffffffffff9c, 0x0, 0x1c1341, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70200001400ffd9b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
clock_settime(0x0, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010000000000fdffffff03000000400001802c0004001400010002000000ac14140f00000040000000001400020002000000ffffff0500000000000000000d0001007564703a73"], 0x54}}, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000080)='kfree\x00', r9}, 0x18)
r10 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r10, &(0x7f0000000100)="b8", 0xffe0, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)

2.273115399s ago: executing program 1 (id=1015):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000570000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_mount_image$iso9660(&(0x7f0000000080), &(0x7f0000000540)='./bus\x00', 0x120c018, &(0x7f0000000180)={[{@check_relaxed}, {@map_normal}, {@nojoliet}, {@cruft}, {@uid}, {@dmode={'dmode', 0x3d, 0x1000}}, {@session={'session', 0x3d, 0x6}}, {@map_normal}]}, 0xff, 0x534, &(0x7f0000001000)="$eJzs3V9v09YbwPHHpf1R5SehaUwIVQUOZZOKVILjQFDEleecpAccO7Id1F6hirZTRQoTZdLam8EN26TtRXC7F7F3NO0lMNlOSkv+Af0TVH0/EZwT+8TnOWl0HrmNjwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIjl1Wy7ZIlvgvaKGs6rRWHz/dPuq/s2yM1DxYh+Raz0n8zOyuV80+Vv3u++lP63IPP5s3mZTYtZ2fv/pa/uX5ye6r1+RMCnYmd37+lap7PxYtKBnKAr54fva+jAxKFpug2tTByqaqVi316ux6pufB2vxoluKi/SbhJGatG7qUrValnp4mrYDho119e9jfduObZdUQ+KLe1GcRjcflCMvWXj+yZoZG3S3Wmbe+kH8aFJVKLdplKbW52N8rgBpI1KH9PIGdfIsR2nVHKcUuVu9e49257u22B/QPpaTP5Di8k6xtkbOJqpbv4XX4wE0pYVUQMfntQkklCaQ/Z39fL/d7f1yH4P5v9elr/8fvecZPn/av7s6rD8PySW03vsyK7syVNZk450ZENeTDyi0300REsgRmIJxUhT3GyL6m5RUpWKVMSWx7IsdYlFSV2M+KIlllWJJRGdfaI8iUSLK4mEEomSRfHkpigpSVWqUhYlWoqyKqG0JZCG1MTNjrIpW9n7XhZlDYtxv1Fp6DAKvc/dhjgjRkv+x9Ed6/wNHMW7Xv4HAAAAAABnlpX99j09/5+RK1mtbnxtTzosAAAAAABwjLK//M+nxUxauyIW5/8AAAAAAJw1VnaNnSUiBbmW1zbFyi6X4pcAAAAAAACcEdnf/6+mRbYGyjWx9pdL4fwfAAAAAIAz4rfha+y/O5/vaZ23/v5XomjGet1a+dbadtON7va5fO+5D4+Y1OesC92DZEUlL6anPT1vzeaN9hfB/KdbbI5b698aFMCrTwng4rT8IdfzNtfX83K9tyfvpVA3vi56oX+/JK57YSrRK8lPz7Z+lmz4vwfNC5ZsbnU2ik+ed9azWF6nR3m93V1AsW8dxRGxvMzWW8iuuRg44pnsQoxuv4W8X/vg+Kfyl099Qp9vZCFvs9Bd8bZwePyzaZ+l4rDRd6MoHXHkb+RG3ubG4o28GBCFMy4K52AUn/VefEQU5XFRlI8YBQBMyuaYLGT1J/7PmOU+L7vL0OxuiSWDZvTFvM3iXDaxTs8NmNHtcTO6fcTs9lffPZCG5di03z8/yKpv0xe87ev3XbeMfcdK38JzL7d/lEs7u3u3trbXZuSHjWeOU67Yd2z7riMz2TC6BbkHADDA+HvsjG1h3RlzVv31/lcKivJEnktH1mUpu9og+8bBwKMWDnwNYWnMWWshS5P5HV6WRpzV/S+7yqF3XGdk28MxlE/+BwEAwClaGJOHPyb/L4057z6cy0efHRcO3K0NAACcDB29sgrJr1YUmdbjUrVacpNlraLQe6giU2toZYJER96yGzS0akVhEnqhn1YemZqOVdxutcIoUfUwUq0wNivZnd9V99bvsW66QWK8uOVrN9bKC4PE9RJVM7GnWu3vfRMv6yh7cdzSnqkbz01MGKg4bEeeLioVa32goanpIDF1k1YD1YpM041W1aPQbze1qunYi0wrCfMD9voyQT2Mmtlhi5N+swEA+ELs7O49Xet0Nl6cYGXSYwQAAIeRpQEAAAAAAAAAAAAAAAAAAAAA+PKdxvV/VM54pbcU9JcSD5VjqIydOn458ckJwIn6LwAA//9HHk9e")
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r1}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)

2.166845069s ago: executing program 2 (id=1017):
socket(0x1e, 0x4, 0x2)
r0 = syz_open_pts(0xffffffffffffffff, 0x2000)
ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x541c, &(0x7f0000000000))
socket$can_raw(0x1d, 0x3, 0x1)
r1 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r1, &(0x7f0000000100)="f257a8", 0x3, 0x1, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@\x00'/28], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001800)={&(0x7f0000000580)='kfree\x00', r3}, 0x9)
r4 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000280)=@ethtool_channels={0x3d, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1}})
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000000)=@ethtool_cmd={0x2c, 0x6, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}})
ioctl$sock_inet_SIOCSIFFLAGS(r4, 0x8914, &(0x7f0000000040)={'veth0_to_team\x00', 0x3fa1dc947ffe4b82})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x7c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f00000007c0)='skb_copy_datagram_iovec\x00', r5}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000001f40)={0x5, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x14, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdc8}, 0x0)
r6 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
setsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000080)=@int=0x8, 0x4)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r6, 0x84, 0x9, &(0x7f00000005c0)={0x0, @in6={{0xa, 0x4e20, 0x6, @mcast1, 0xf}}, 0x9, 0x0, 0x7, 0xc0c, 0x40, 0x2, 0xd6}, 0x9c)
r7 = fcntl$dupfd(r6, 0x0, r6)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000340)='kfree\x00'}, 0x10)
ioctl$SCSI_IOCTL_STOP_UNIT(r7, 0x6)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, 0x0, 0x0)

2.08131579s ago: executing program 1 (id=1018):
syz_genetlink_get_family_id$fou(&(0x7f0000005740), 0xffffffffffffffff)
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='oom_adj\x00')
socket$phonet_pipe(0x23, 0x5, 0x2)
socket$phonet_pipe(0x23, 0x5, 0x2)
socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x0, 0xc, &(0x7f0000000880)=ANY=[], 0x0, 0xc46, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000040)={<r1=>0x0, 0x4}, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000200)={r1, 0x82e}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x17, 0x0, 0x4)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000005000000020000000400000005"], 0x48)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000300)={0x500, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYRES16=r3, @ANYRESDEC, @ANYRESDEC, @ANYRESDEC, @ANYRESHEX=r2], 0x80}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x2000000000000122, &(0x7f0000000780)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r2, @ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000002c0)='kmem_cache_free\x00', r0, 0x0, 0xe0002}, 0x5d)
r4 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r4, &(0x7f0000000080)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c)
write$binfmt_script(r4, 0x0, 0x0)
sendmsg(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0x2}], 0x1, 0x0, 0x0, 0x2c}, 0x4)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000180)=@IORING_OP_TIMEOUT={0xb, 0x5, 0x0, 0x0, 0x2, &(0x7f0000000340), 0x1, 0x1})
r5 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r5, &(0x7f0000000400)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
r6 = socket$inet_dccp(0x2, 0x6, 0x0)
listen(r5, 0x5)
r7 = accept4$inet6(r5, 0x0, 0x0, 0x80000)
connect$inet(r6, &(0x7f0000000000)={0x2, 0x4e20, @dev}, 0x10)
sendmmsg(r6, &(0x7f0000002980), 0x400000000000239, 0x0)
close_range(r7, 0xffffffffffffffff, 0x0)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000140)='15', 0x2}], 0x8)

2.02302112s ago: executing program 2 (id=1019):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
readv(r1, &(0x7f0000002140)=[{&(0x7f00000014c0)=""/30, 0x1e}], 0x1)
socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r2}, 0x18)
r3 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
accept$inet6(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)

1.568511302s ago: executing program 6 (id=1023):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x28011, r1, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
ppoll(0x0, 0x0, &(0x7f0000000b40), 0x0, 0x0)

1.340378013s ago: executing program 6 (id=1027):
socket$key(0xf, 0x3, 0x2)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='oom_score_adj\x00')
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]})
clock_gettime(0x0, 0x0)
pwritev(r0, &(0x7f0000000100)=[{&(0x7f0000000600)='0', 0x1}], 0x1, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00'}, 0x10)
unshare(0x6020400)
r1 = gettid()
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe(&(0x7f00000002c0)={<r3=>0xffffffffffffffff})
madvise(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x13)
vmsplice(r3, &(0x7f00000001c0)=[{&(0x7f00000004c0)="7cd1f233f595b9483683fb7fcac2881731c46bffa49ed496fc644240945fc5df846ba39e38efc8aec53ef3336edc8b34345245ccb129039638ada63a724ef5a39687", 0x42}], 0x1, 0x0)

1.140776444s ago: executing program 1 (id=1030):
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000fd0f000002"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f9ffffffb703000000080000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r2, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x1018, 0xffffffffffffffff, {0x2}}, './file0\x00'})

1.133889324s ago: executing program 2 (id=1031):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r0, &(0x7f0000000400)=ANY=[], 0x118)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})

1.112597954s ago: executing program 5 (id=1032):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000780)='netfs_read\x00', r0, 0x0, 0x6}, 0xfffffffffffffe76)
r2 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
ioctl$SG_IO(r2, 0x2285, 0x0)
writev(r2, &(0x7f0000000400)=[{&(0x7f0000000000)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb010052f436dd2a", 0x2a}, {&(0x7f0000000740)="aa1d484e243103000000f7c08bfcd111fbdf23ea32db0e8f21d5bc27bd8063067a0689fff2a41cfbf0e9d85e447511703d", 0x31}], 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000095"], &(0x7f0000000440)='GPL\x00', 0x4, 0x99, &(0x7f0000000480)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x18)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000008c0)=ANY=[@ANYRESOCT=r1, @ANYBLOB, @ANYBLOB="00dd0f8fdb044f843a0000000000000000000800", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x17)
r4 = socket$inet(0xa, 0x1, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f00000002c0)=@mangle={'mangle\x00', 0x44, 0x6, 0x410, 0x238, 0x238, 0x238, 0x98, 0x98, 0x378, 0x378, 0x378, 0x378, 0x378, 0x6, 0x0, {[{{@ip={@loopback, @multicast1=0xe0007600, 0x0, 0x0, 'gre0\x00', 'ip6gre0\x00', {}, {}, 0x0, 0x0, 0x11}, 0x7a00, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0x0, 0x0, 'wg1\x00', 'nicvf0\x00', {}, {}, 0x11}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @local}}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'vlan1\x00', 'nr0\x00'}, 0x0, 0xb8, 0x100, 0x0, {}, [@common=@unspec=@limit={{0x48}, {0x0, 0x28, 0x0, 0x0, 0x0, 0x1}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@dev={0xfe, 0x80, '\x00', 0x18}, 'veth0_virt_wifi\x00', {0x7}}}}, {{@ip={@rand_addr, @private, 0xffffffff, 0xff, 'syzkaller0\x00', 'veth1_to_team\x00', {}, {0xff}}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @empty}}}, {{@ip={@empty, @empty, 0xff000000, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x4, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x470)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000dc0)={0x6, 0x6, &(0x7f00000007c0)=ANY=[@ANYBLOB="180100c8b8a98417b7390000000000000000000020b10bb3f95efedd74b400e7219dba00000018200000", @ANYRES32=r3, @ANYBLOB="000000000000000081000000000000009500000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000100)={0x2, 0x4e21, @local}, 0x10, &(0x7f0000000700)=[{&(0x7f0000000400)='F*', 0x2}], 0x1}, 0x4)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x84, 0x24, 0x0, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r6, 0xc020f509, &(0x7f0000000040)={<r7=>r6, 0xce5, 0x7fffffff, 0x7fffffffffffffff})
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020ff0600000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000020000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r7, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r8}, 0x10)
r9 = syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x109301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r9, 0x8108551b, &(0x7f0000002600)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f6"})
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
getsockname(0xffffffffffffffff, &(0x7f0000000140)=@hci, &(0x7f00000001c0)=0x80)
futex(0x0, 0x1, 0x0, 0x0, 0x0, 0x0)
ioctl$USBDEVFS_SUBMITURB(r9, 0x8038550a, &(0x7f0000000380)=@urb_type_bulk={0x3, {0x1, 0x1}, 0x3ff, 0x0, &(0x7f0000000340)='\x00', 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
socket$unix(0x1, 0x1, 0x0)
r10 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r10, &(0x7f0000003000), 0x6e)
listen(r10, 0x0)
socket$unix(0x1, 0x1, 0x0)

1.112337064s ago: executing program 1 (id=1033):
socket$key(0xf, 0x3, 0x2)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='oom_score_adj\x00')
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]})
clock_gettime(0x0, 0x0)
pwritev(r0, &(0x7f0000000100)=[{&(0x7f0000000600)='0', 0x1}], 0x1, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00'}, 0x10)
unshare(0x6020400)
r1 = gettid()
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe(&(0x7f00000002c0)={<r3=>0xffffffffffffffff})
vmsplice(r3, &(0x7f00000001c0)=[{&(0x7f00000004c0)="7cd1f233f595b9483683fb7fcac2881731c46bffa49ed496fc644240945fc5df846ba39e38efc8aec53ef3336edc8b34345245ccb129039638ada63a724ef5a39687", 0x42}], 0x1, 0x0)

1.060996344s ago: executing program 2 (id=1034):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0xc)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close(0xffffffffffffffff)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000780), 0xffffffffffffffff)
r4 = openat$rfkill(0xffffffffffffff9c, 0x0, 0x602, 0x0)
writev(r4, &(0x7f0000000440)=[{0x0}], 0x1)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_ro(r5, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)

1.060804815s ago: executing program 3 (id=1035):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xc, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="b40000000000000063113000000000008510000002000000850000000800000000000000000000110000000000000000"], &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$FAT_IOCTL_SET_ATTRIBUTES(r0, 0x40047211, &(0x7f00000005c0)=0x10)
close(r4)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xc8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
recvmsg$unix(r3, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r5=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r5, &(0x7f0000000300)=ANY=[@ANYBLOB="8fedcb7910009875f37538e486dd6317ce8102033200fe08000e40000200875a65969ff57b00000000000000000000000000ac1414aa"], 0xfdef)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x2, 0xc, 0x1400, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r7}, 0x10)
r8 = openat$selinux_relabel(0xffffffffffffff9c, &(0x7f0000001540), 0x2, 0x0)
write$selinux_access(r8, &(0x7f0000001580)={'system_u:object_r:etc_mail_t:s0', 0x20, '/sbin/dhclient'}, 0x44)

999.946475ms ago: executing program 3 (id=1036):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x34, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp={0x0, 0x3}, 0x22, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = open(&(0x7f00000001c0)='./file1\x00', 0x1cb27e, 0x0)
openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000f4)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x8e}, [@ldst={0x4}]}, &(0x7f0000000080)='GPL\x00', 0x4, 0x3e0, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x76, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r1 = gettid()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$int_in(r2, 0x5452, &(0x7f0000b28000)=0x3)
fcntl$setsig(r2, 0xa, 0x12)
poll(&(0x7f0000b2c000)=[{r3}], 0x2c, 0xffffffffffbffff8)
dup2(r2, r3)
fcntl$setown(r2, 0x8, r1)
r4 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000080)={'vxcan0\x00', <r5=>0x0})
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000410"], 0x50)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r7}, 0x10)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x4e, 0x1, 0x0, 0x0, 0x0, 0x210e, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x7fff, 0xaea}, 0x110104, 0x32, 0x0, 0x5, 0x0, 0xfffffffc, 0x4, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
munlockall()
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x10)
sendmsg$can_raw(r4, &(0x7f0000000000)={&(0x7f00000000c0)={0x1d, r5}, 0x10, &(0x7f0000000140)={&(0x7f0000000180)=@can={{0x0, 0x0, 0x1}, 0x0, 0x0, 0x4, 0x0, "1b2bc764c7ed2890"}, 0x10}, 0x2}, 0x0)
tkill(r1, 0x13)
ptrace$getenv(0x4201, r1, 0x6, &(0x7f0000000100))

935.186135ms ago: executing program 5 (id=1037):
bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0)
pipe2$watch_queue(&(0x7f0000000340), 0x80)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0xa, 0xeb6, 0x10000, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000400))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
ioctl$TUNSETOFFLOAD(r0, 0x400454c9, 0xba98575a95aeb70d)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x324)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="8500000080000000760000002000000027"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000000)={0x27}, 0x62)
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1e0000000000010400000600000000000000", @ANYRES32, @ANYBLOB="0300"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0400000001000000010000000b00"/28], 0x50)
socket(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_emit_ethernet(0x4e, &(0x7f0000000000)={@broadcast, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x18, 0x3a, 0x0, @remote, @loopback, {[], @mld={0x82, 0x0, 0x0, 0x9, 0xc036, @remote}}}}}}, 0x0)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x6, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
socket$inet6(0xa, 0x40000080806, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYRES64=r2], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
fsync(0xffffffffffffffff)

846.465116ms ago: executing program 3 (id=1038):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='kfree\x00', r0}, 0x10)
sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB="1cc25a00", @ANYRES16=0x0, @ANYBLOB="0100000000080000000012000000"], 0x1c}}, 0x0)
r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$selinux_load(r1, &(0x7f0000000340)={0xf97cff8c, 0x8}, 0x2000)

747.593506ms ago: executing program 3 (id=1039):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000570000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_mount_image$iso9660(&(0x7f0000000080), &(0x7f0000000540)='./bus\x00', 0x120c018, &(0x7f0000000180)={[{@check_relaxed}, {@map_normal}, {@nojoliet}, {@cruft}, {@uid}, {@dmode={'dmode', 0x3d, 0x1000}}, {@session={'session', 0x3d, 0x6}}, {@map_normal}]}, 0xff, 0x534, &(0x7f0000001000)="$eJzs3V9v09YbwPHHpf1R5SehaUwIVQUOZZOKVILjQFDEleecpAccO7Id1F6hirZTRQoTZdLam8EN26TtRXC7F7F3NO0lMNlOSkv+Af0TVH0/EZwT+8TnOWl0HrmNjwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIjl1Wy7ZIlvgvaKGs6rRWHz/dPuq/s2yM1DxYh+Raz0n8zOyuV80+Vv3u++lP63IPP5s3mZTYtZ2fv/pa/uX5ye6r1+RMCnYmd37+lap7PxYtKBnKAr54fva+jAxKFpug2tTByqaqVi316ux6pufB2vxoluKi/SbhJGatG7qUrValnp4mrYDho119e9jfduObZdUQ+KLe1GcRjcflCMvWXj+yZoZG3S3Wmbe+kH8aFJVKLdplKbW52N8rgBpI1KH9PIGdfIsR2nVHKcUuVu9e49257u22B/QPpaTP5Di8k6xtkbOJqpbv4XX4wE0pYVUQMfntQkklCaQ/Z39fL/d7f1yH4P5v9elr/8fvecZPn/av7s6rD8PySW03vsyK7syVNZk450ZENeTDyi0300REsgRmIJxUhT3GyL6m5RUpWKVMSWx7IsdYlFSV2M+KIlllWJJRGdfaI8iUSLK4mEEomSRfHkpigpSVWqUhYlWoqyKqG0JZCG1MTNjrIpW9n7XhZlDYtxv1Fp6DAKvc/dhjgjRkv+x9Ed6/wNHMW7Xv4HAAAAAABnlpX99j09/5+RK1mtbnxtTzosAAAAAABwjLK//M+nxUxauyIW5/8AAAAAAJw1VnaNnSUiBbmW1zbFyi6X4pcAAAAAAACcEdnf/6+mRbYGyjWx9pdL4fwfAAAAAIAz4rfha+y/O5/vaZ23/v5XomjGet1a+dbadtON7va5fO+5D4+Y1OesC92DZEUlL6anPT1vzeaN9hfB/KdbbI5b698aFMCrTwng4rT8IdfzNtfX83K9tyfvpVA3vi56oX+/JK57YSrRK8lPz7Z+lmz4vwfNC5ZsbnU2ik+ed9azWF6nR3m93V1AsW8dxRGxvMzWW8iuuRg44pnsQoxuv4W8X/vg+Kfyl099Qp9vZCFvs9Bd8bZwePyzaZ+l4rDRd6MoHXHkb+RG3ubG4o28GBCFMy4K52AUn/VefEQU5XFRlI8YBQBMyuaYLGT1J/7PmOU+L7vL0OxuiSWDZvTFvM3iXDaxTs8NmNHtcTO6fcTs9lffPZCG5di03z8/yKpv0xe87ev3XbeMfcdK38JzL7d/lEs7u3u3trbXZuSHjWeOU67Yd2z7riMz2TC6BbkHADDA+HvsjG1h3RlzVv31/lcKivJEnktH1mUpu9og+8bBwKMWDnwNYWnMWWshS5P5HV6WRpzV/S+7yqF3XGdk28MxlE/+BwEAwClaGJOHPyb/L4057z6cy0efHRcO3K0NAACcDB29sgrJr1YUmdbjUrVacpNlraLQe6giU2toZYJER96yGzS0akVhEnqhn1YemZqOVdxutcIoUfUwUq0wNivZnd9V99bvsW66QWK8uOVrN9bKC4PE9RJVM7GnWu3vfRMv6yh7cdzSnqkbz01MGKg4bEeeLioVa32goanpIDF1k1YD1YpM041W1aPQbze1qunYi0wrCfMD9voyQT2Mmtlhi5N+swEA+ELs7O49Xet0Nl6cYGXSYwQAAIeRpQEAAAAAAAAAAAAAAAAAAAAA+PKdxvV/VM54pbcU9JcSD5VjqIydOn458ckJwIn6LwAA//9HHk9e")
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r1}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)

611.584607ms ago: executing program 3 (id=1040):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0b00000007000000020000000400000005000000", @ANYRES32, @ANYBLOB="0000080000000000000000005ce90711350d0000", @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x7, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x141141, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000010c0)={{r2}, &(0x7f0000001040), &(0x7f0000001080)}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000000c0)={r2, 0x0, 0x0}, 0x20)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x8, 0x3, 0x4d0, 0x0, 0x25, 0x148, 0x340, 0x60, 0x438, 0x2a8, 0x2a8, 0x438, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'dvmrp1\x00', {0xff}}, 0x0, 0xd0, 0xf8, 0x0, {}, [@common=@unspec=@cgroup0={{0x28}, {0x4}}, @common=@unspec=@statistic={{0x38}}]}, @common=@unspec=@MARK={0x28, 'MARK\x00', 0x2, {0x9, 0x8001}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x530)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
rt_sigprocmask(0x0, &(0x7f0000000100)={[0xfffffffffffe]}, 0x0, 0x8)
r3 = gettid()
timer_create(0x2, &(0x7f0000000180)={0x0, 0x1e, 0x4, @tid=r3}, &(0x7f00000000c0))
timer_settime(0x0, 0x1, &(0x7f00000001c0)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000080)={[0xfffffffffffffffe]}, 0x8, 0x0)
readv(r4, &(0x7f0000000000)=[{&(0x7f0000002480)=""/231, 0xe7}], 0x1)

487.591487ms ago: executing program 3 (id=1041):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
readv(r1, &(0x7f0000002140)=[{&(0x7f00000014c0)=""/30, 0x1e}], 0x1)
socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r2}, 0x18)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
accept$inet6(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)

440.406857ms ago: executing program 6 (id=1042):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = syz_io_uring_setup(0x10e, &(0x7f00000000c0)={0x0, 0xfffffffe, 0x0, 0x1, 0x53}, &(0x7f0000000240)=<r3=>0x0, &(0x7f0000000300)=<r4=>0x0)
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r6, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x4}, 0x1c)
connect$pppl2tp(r5, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r6, 0x8, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x32)
writev(r5, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x180204}], 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, &(0x7f0000000140)={'veth1_to_team\x00', @link_local})
r7 = socket$kcm(0x10, 0x2, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={r8, &(0x7f0000000140), &(0x7f0000000000)=""/6, 0x2}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000000c0)={r8, &(0x7f0000000100), &(0x7f0000000000), 0x2}, 0x20)
setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f00000001c0)=0x800, 0x4)
sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)}, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x40, 0x0, r1, 0x0, 0x0, 0x0, 0x4000000, 0x1})
io_uring_enter(r2, 0x47f9, 0x0, 0x0, 0x0, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000180))

433.524087ms ago: executing program 6 (id=1043):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
syz_mount_image$iso9660(&(0x7f0000000080), &(0x7f0000000540)='./bus\x00', 0x120c018, &(0x7f0000000180)={[{@check_relaxed}, {@map_normal}, {@nojoliet}, {@cruft}, {@uid}, {@dmode={'dmode', 0x3d, 0x1000}}, {@session={'session', 0x3d, 0x6}}, {@map_normal}]}, 0xff, 0x534, &(0x7f0000001000)="$eJzs3V9v09YbwPHHpf1R5SehaUwIVQUOZZOKVILjQFDEleecpAccO7Id1F6hirZTRQoTZdLam8EN26TtRXC7F7F3NO0lMNlOSkv+Af0TVH0/EZwT+8TnOWl0HrmNjwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIjl1Wy7ZIlvgvaKGs6rRWHz/dPuq/s2yM1DxYh+Raz0n8zOyuV80+Vv3u++lP63IPP5s3mZTYtZ2fv/pa/uX5ye6r1+RMCnYmd37+lap7PxYtKBnKAr54fva+jAxKFpug2tTByqaqVi316ux6pufB2vxoluKi/SbhJGatG7qUrValnp4mrYDho119e9jfduObZdUQ+KLe1GcRjcflCMvWXj+yZoZG3S3Wmbe+kH8aFJVKLdplKbW52N8rgBpI1KH9PIGdfIsR2nVHKcUuVu9e49257u22B/QPpaTP5Di8k6xtkbOJqpbv4XX4wE0pYVUQMfntQkklCaQ/Z39fL/d7f1yH4P5v9elr/8fvecZPn/av7s6rD8PySW03vsyK7syVNZk450ZENeTDyi0300REsgRmIJxUhT3GyL6m5RUpWKVMSWx7IsdYlFSV2M+KIlllWJJRGdfaI8iUSLK4mEEomSRfHkpigpSVWqUhYlWoqyKqG0JZCG1MTNjrIpW9n7XhZlDYtxv1Fp6DAKvc/dhjgjRkv+x9Ed6/wNHMW7Xv4HAAAAAABnlpX99j09/5+RK1mtbnxtTzosAAAAAABwjLK//M+nxUxauyIW5/8AAAAAAJw1VnaNnSUiBbmW1zbFyi6X4pcAAAAAAACcEdnf/6+mRbYGyjWx9pdL4fwfAAAAAIAz4rfha+y/O5/vaZ23/v5XomjGet1a+dbadtON7va5fO+5D4+Y1OesC92DZEUlL6anPT1vzeaN9hfB/KdbbI5b698aFMCrTwng4rT8IdfzNtfX83K9tyfvpVA3vi56oX+/JK57YSrRK8lPz7Z+lmz4vwfNC5ZsbnU2ik+ed9azWF6nR3m93V1AsW8dxRGxvMzWW8iuuRg44pnsQoxuv4W8X/vg+Kfyl099Qp9vZCFvs9Bd8bZwePyzaZ+l4rDRd6MoHXHkb+RG3ubG4o28GBCFMy4K52AUn/VefEQU5XFRlI8YBQBMyuaYLGT1J/7PmOU+L7vL0OxuiSWDZvTFvM3iXDaxTs8NmNHtcTO6fcTs9lffPZCG5di03z8/yKpv0xe87ev3XbeMfcdK38JzL7d/lEs7u3u3trbXZuSHjWeOU67Yd2z7riMz2TC6BbkHADDA+HvsjG1h3RlzVv31/lcKivJEnktH1mUpu9og+8bBwKMWDnwNYWnMWWshS5P5HV6WRpzV/S+7yqF3XGdk28MxlE/+BwEAwClaGJOHPyb/L4057z6cy0efHRcO3K0NAACcDB29sgrJr1YUmdbjUrVacpNlraLQe6giU2toZYJER96yGzS0akVhEnqhn1YemZqOVdxutcIoUfUwUq0wNivZnd9V99bvsW66QWK8uOVrN9bKC4PE9RJVM7GnWu3vfRMv6yh7cdzSnqkbz01MGKg4bEeeLioVa32goanpIDF1k1YD1YpM041W1aPQbze1qunYi0wrCfMD9voyQT2Mmtlhi5N+swEA+ELs7O49Xet0Nl6cYGXSYwQAAIeRpQEAAAAAAAAAAAAAAAAAAAAA+PKdxvV/VM54pbcU9JcSD5VjqIydOn458ckJwIn6LwAA//9HHk9e")
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r1}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)

398.308458ms ago: executing program 5 (id=1044):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000ec0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a30000000090a010100000000000000000100000508000740000000010c0010400000000000000002080007400000000804040000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d2800128014000180090001006c617374000000000400028010000180090001006c6173740000000008000340000001100c00098008000140000001980900020073797a32000000000c00104000000000000000026c030980340002801c000180080001400000000708000140000000020800014000000fff14000180080001400000000608000140fffffec9600102802c0001800800014000000101080001400000000908000140ffffffff080001400000000908000140000000042c55603053000140000080010800014000000008080001400000ff9a0800014000000005080001400000000734000180080001"], 0x45c}}, 0x20050800)

348.019448ms ago: executing program 6 (id=1045):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000ec0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a30000000090a010100000000000000000100000508000740000000010c0010400000000000000002080007400000000804040000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d2800128014000180090001006c617374000000000400028010000180090001006c6173740000000008000340000001100c00098008000140000001980900020073797a32000000000c00104000000000000000026c030980340002801c000180080001400000000708000140000000020800014000000fff14000180080001400000000608000140fffffec9600102802c0001800800014000000101080001400000000908000140ffffffff080001400000000908000140000000042c55603053000140000080010800014000000008080001400000ff9a08000140000000050800014000000007340001800800014000000008080001400000000508000140000000090800014000000005080001400000000208000140000033902c0001800800"], 0x45c}}, 0x20050800)

252.082129ms ago: executing program 5 (id=1046):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xc, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="b40000000000000063113000000000008510000002000000850000000800000000000000000000110000000000000000"], &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$FAT_IOCTL_SET_ATTRIBUTES(r0, 0x40047211, &(0x7f00000005c0)=0x10)
close(r4)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xc8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
recvmsg$unix(r3, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x2, 0xc, 0x1400, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r6}, 0x10)
r7 = openat$selinux_relabel(0xffffffffffffff9c, &(0x7f0000001540), 0x2, 0x0)
write$selinux_access(r7, &(0x7f0000001580)={'system_u:object_r:etc_mail_t:s0', 0x20, '/sbin/dhclient'}, 0x44)

232.337529ms ago: executing program 1 (id=1047):
r0 = epoll_create1(0x0)
r1 = epoll_create1(0x0)
r2 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f00000008c0)={0x10})
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000000))
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r3, &(0x7f0000000000))
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f00000000c0))
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000004c0)={0xffffffffffffffff, 0x20, &(0x7f0000000480)={&(0x7f00000002c0)=""/96, 0x60, <r4=>0x0, &(0x7f0000000440)=""/13, 0xd}}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x4, 0xc, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000000000000000000000000008500000018000000180100002020782500000000002020207b1af8ff00000000bfa10000000000000700000000fbab7ed3000000000000850000000700000095000000000000000000"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
close_range(r6, 0xffffffffffffffff, 0x0)
sendmsg$NFNL_MSG_ACCT_GET(r6, &(0x7f0000000640)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000600)={&(0x7f00000006c0)=ANY=[@ANYBLOB="90000000010701040000000000000000050000050900010073797a30000000000900010073797a31000000000c00064000000000000000051400078008000140fffffffb08000140000059660c00064000000000000000090c000340000000000000f05008000540000000660c00034000000000000000a90c00064000000000000001010c0007800800014030a4c9a5"], 0x90}, 0x1, 0x0, 0x0, 0x40084}, 0x2000091)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r5, 0x0, 0xe, 0x0, &(0x7f0000000400)="e4e647c9e0b8e9a2f2ab3026da58", 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
lsetxattr$security_selinux(&(0x7f0000000000)='./cgroup.cpu/cgroup.procs\x00', &(0x7f0000000940), 0x0, 0x0, 0x1)
socket$inet(0x2, 0x1, 0x9afa)
r7 = socket$inet(0x2, 0x4, 0x81)
setsockopt$inet_mreqsrc(r7, 0x0, 0x0, &(0x7f00000001c0)={@loopback, @dev={0xac, 0x14, 0x14, 0x30}, @rand_addr=0x64010100}, 0xc)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x2, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r11}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r9}, 0x10)
r12 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r12, 0x11b, 0x4, &(0x7f0000001000)={0x0, 0x8000, 0x1000, 0x0, 0x4}, 0x20)
socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000000040)={0x8, 0x200, 0x9, 0x3}, &(0x7f0000000080)=0x10)

189.583219ms ago: executing program 6 (id=1048):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = openat$sysfs(0xffffff9c, &(0x7f0000000040)='/sys/kernel/notes', 0x0, 0x0)
finit_module(r1, 0x0, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
pipe(&(0x7f0000000000)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
close(r7)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/power/pm_trace', 0x40102, 0x0)
write$binfmt_misc(r6, &(0x7f00000000c0), 0xfffffc8f)
splice(r5, 0x0, r7, 0x0, 0x1800, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bridge0\x00'})
r8 = perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r8, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001740)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000fdfdfff67a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040000010000400404000001f7ff04b7050000000000006a0a00fe00000000850000000b000000b70000000000000095000000000000009cc6b3fcd62c061c6207005d43a4505f80e39c9f3c530cf08e467b592f868ee3b0a435df0a0e8c1bf176db2a6b2feb4b77d3d5707bfd2d84aaa3b1d4e984c46ea7e2b347a36f5662403e1b2be4284322a4908a0d411a9872971c7c56f0979bd10b97163c066d0e196bf02f46c7953ab1abdaf9de9ca3c00cb9bf4e418d07fa22f0610a70f2bdf4000200000000b0c2c125080963f63223b7b80197aa3161f45346b100000000000000000089e399f6609876b588743794298b79dc192dff048fc207c81f28bdd3e26a1a8a0481e9f0da43bb6ca66e2f55a9ff19ffcafe3e64be06000000000000005064caec04a367c23d9fb6a6991ddb737d527d6acb15426406991c3b404984dfa2c6e94bd0339454c13ad3c328a182c15dc760a313e3b3ca5d3393404029e98fa883c71949a34d84030323e3d54fc5b29d27643453ad9211e3550ee5520211d9370175133f260c6882a146880b9387f1beb5418618bc83a3becf9ba5d80efd7da7ba8b913c685fc6700848dc6665d73248c1f74e08ad04ce905faf32706e0000249a028044ede964362cfb2f30a246c3b2f60000fc4deb91da1368b0960b8d69bd99c64893d44f962524429dc058528e7e541c903869d96989b9a986620cb2c95c83f2a082c52764f49e51188f9418b01bcd8ae164acdac95318ec8b2c6feacdcf4b528e5e58219bc54f6ad5679e7f430e6960ed048c46e1dccca05bfa1d67c83795eae2d31968c055d325a9c794ef88b30c2de4a274878b73c05ffa88b7073be648b12bb1fee58958d6a6f31bfe5682159fbde59dad00008a73b40f09cf018cd496b36050d7fd45e3620c28f76749262e33e16429a6da35ceb1a989de81c3f8b8bc348ef2ac3781b847611fcb0a26acafdd6d9a1b17dcb9f7c493d8f8cd344a1d470ca0d6f16ab0293774b5509fb0e7113936d59d5a60dbd84a9384f531bb0200000000000000cc1fbc455a64fd449284f71761092a0302000000000000008a05d36fd9b814b4292745418c92d94462d2d8f7e1d24cabe17ad4135d8872935ceac6eb4f046f2acc1b0efb4438abddcabb4e4e72a450aab72b589bec83bbb688e659fb426cb43d0ee993516fd4e867232cde69b6ffad447dcd92e0ef82948dd1fa7afb77d951fe4abf618121b7894c106beb49a71c62df5544ef221973432ccc7e62b151eb898a01010a7ec5acd0a5dcb2de443880c8a682515d1da9a3048744acb44384d1591df789883c0560495cb0cb32283529926d25e5c7f481112ab8a82247e927fb6f256830dab3671f00500d36a17790bab7d0e89e6c15314f2b963bfc867953476b0505c7d728326d666f39e82cfcf7e7a85df288d75df24c5e4d529c349923f9a4fb882310391dd58b4cbd8def239a227724d39c3e6c40e20e07e68a22888a5c3941b7a765b92bcb37f302487bcbd93ccf3a104021ff34ddf7ffcca1a04eae963e25516a114573779b24a341dfb2e80f1f345c6d96493ffc2a18478b5bf3aab2ea59c51cf0678e1a57d0ea042d911548ff612002ddb2d54d42fbdde42b56887003d27468225b2594a05044baf314113e889468cf13dd92aa0d7744db6b56557a5adad95cb9a69d4de50642b4b9d6d3ba7eb534b00d0fea62f0a61535dfc4da06e7e8695be614c557caed7eb0120516e1351fed7d8ffa31c8f4be364185469cfc5f25c90d71bce745dd2f58a30e0844f1ad00bbdd7a08465e665c2620d78673dfb6d9263ed7def8924cfcd48a8a3534f1a3eac9ee9f18a18106ba3d7c7a62330f5c0e98cb7982dd7bad02c8dba9c13894185bfc4bd2520b6e01000000fc5eb55ecf9e6e363ea2ac40a14a6f00f0ffffa0fdb6487c51ef12c27b30255bc4f8813be88beeb5aa6f6a4151cfb90644e50630ed474df7d1635afcb1ea3f6c6ab5acbba2ce5099a9387c7acb9bbd1da497611ceda25049e48ddacccbb58dddaf9a3510d65383829a51e0f41e661fa80ca1eaaa6cf0824305ba4ec80400c50ffe83ccb0e6fef321190c58aca8c7c8c6d26ff5cbc2cadebda8e1219e04f8dacffd33db1a0a2e74c9eb978d80a12d0b5327bfd053000000000000000000be0d02a14708504412fa93d33599a40283c5addc191b4a21c7b340d0536b01958e15315eb5f3f9f4992c18f666359f40295fa73284c4b607649bae75bd68c3e2b770c324a0ab26b6065d7e95a7bd80052db57506ec7cc861bf3998d07484c66630ca8173fea3f06ed1dfc70a8b90418e2dc76137e0f68cb1c8a908aef9f0f85647dba54e05028c33d94d463fb20d2e7547184b8d3611e45dff02144387f342ef9b9bf650e9d049bf65258a7bc094a6965e24611c077e1ca0891362a9d68f3ec7610c0449acf18459500f024f9b75885cd79ba32776e4a511c8a4ad922b00000000000000a9241220dfbf7d02ef507ec6fc7f5d37d835f7bed71283c431b9d8cbd9003972bf1dc6a71bedad8e19efc3edd2a7a7e555d5f3176af69920471e6e5bcb8966c813c132d65e2b99d3015e06b372e1aefaae14ee3fbc6349af362cdff99c214de66912d1a9a98d92dc197a51c29443de62caca334c46d110e50896fe50d0477771d387f40c8ef05750ca651e6e69a237dcf78666d6ab2bda1f853525494e4efdd93be38bb5fc671f8794002d7a951fd336aaf4ed1166cb459df70218c571ba1c40b028234505e5477e268326af8812c2fbb8785a223fce0a0601c2a3b58bea8c6216eadabcabe86ab46e4cd3d58ef7ce8d3c4b0bc5952e81dfc0a490d8568db6f9c51fe703c6864fae0053d2f91f49e977cdc1962dbc28c29471a72199862bc8fc6e211d13d8579cab4fba94b2b613c9b8148d05e0690a4c4ab35aabc45801d2b82081e62b23a01b58b1ffb624f63ad2246796796160cd3682374364edac52f1becb7c6eff50823b75fb2ef516ec4ec1cb20a2535b504502d744f2099674e58f2c117c980cf0d041c8ea5c4f166bab4aa5ed200ef4dcff96f7c9c1ab8c22db0f439b23b04bcd41ffc3a0e01976ca1cf43e12d7d72f3faa4979faabd62e2dc54a980eae4d5e8c6498de331c3aba1144ef1190ea6cda641d9416c4560cab2d819eac7b04c70f141754c3ffd79da363fe8859afee531710caf1b2bf5a51142f4755cbb700c28083525a9093790096cb93417f1216000000000000000000000000000040ceb244e4cae2b65a76d41793aabccd3d0c50486eae6793e1f54814a8ee2779c14ca94759266200229b58c12279817869e831cade7b09ddffffff9d93e2ad25eed43c0b9ee4fd209b5b919a42f676b9d7236fc8dd5040899d0676291407ce9ac8101dd3512f5b3ac8cf8179d1749de324000030d0f942ec4604c28d5c287d1435956784003a53eb5fe535ead8857acf0166dbd9f30a9b9c8a9b9faf1356faf269cded935b07863e4fdad8aab52686c81babd1c08f6700a2fadd413443022ea5c774ffefdd426abed08d437a4db48611fc82a18ab9f54758a1aad86d95cd186ceb55fafa3930090467b8b7bb8adef4de2076dc538bb97502b4b4350e633dc0a53c2fc9a01bc5cfae0245f1fab843c6737ba8b1672ae9677bb5970cf3e84be433446f5f3a43226109b7dafe7815773bd6969f04cbe15236b90000000000000000000000000000000000000000000000000000ff0779b9c005da21073c6d9680d4e547cb727addb2efe11b8b3a706569f1522b57d71bb0beccab7c8fe9e1330b2f501b2ac3cf4eba7ceda6ff8a0c8b18c5e9e2f505e833217557abb257d61af8e8c473a7585436730db75da167481ab8921fe051b250f8d8ef9c8481bb28a137d15040b0181c28dfad7c17b30c452a64c43a117cb948247c33abc765a6ba695c3cea5e32a4d1ae2dcbec2ff4268e03aad15efc6004e6b3d7f0edf8b5d4ae7846a6d43c16c90b7c5dc13ac2ff0439ab693498964cad2bb533bcd240778b7e49145c48efde42b44c01517f1a7c7707b4c4fc0900e7086ec40354504590696282286db9030f0320e2fcba8723939005347b3f744ff1973431000000000100000000000000000000000000003495d69aaf9a1d83e83511a3bf44fe753b8ad83bc34ea4d46b397e000ff267c50122aa5aaf8474ec2e57d960d963900bef84a4b3c7dd01ae4d6b5522aa8a35ae7996e298bcfe3f31a34e3e12c58cf172a4d3677a67b52041ec21ae8003aa1c9969178b1b00e4d12ac9745b3cabc908e623403c013907523c77f8acc20b9e2fd224ca8f21fab2b10991881e2112f4e1c4f54b9ca7c9a0c8298d60b8b6eaa023418992d6d62b0e9faca4a3b3a805e859137cd933ef5eb8db16f159f32505725da51414562d064b551246dacd586f42d06c790000087bb52ae4bc09f3846c785d1b278e661ed01fbc2415288bc9c808c4aef648d431b3029da0dec8886c3ee9cad996843d00a3b5eb54e270dd2e96c8f2fdb4c27c2d1bd467f2a14867dec6d8a68356cef8646f3815eb4daf46c5c76b29839d9feff688dfbe25c73f936338e7b057980da58a6303d95f17712d667d5a1066ae457ae32925ce518b559c1182a74e267da57fe25b19153f1cdebaddf3f7a3479c09f2303dff449c0513b552a75ed48215cc31264a6ff648a95daa0d8e5c599dbce303b3b5307572df30429a3b4b115cab0a018f2501272048dd9e69877535e20078e7c28a98f26ace2fa90c68166396a2398d7a266bdc15ce904f25ec7fb2434ee7b5b69bed702ba1e7ed72942f452f1a98a2d949450091075efa823b11f5f5eccd921c04c7c15a5a05750cd85b1300fc00ce275de7559e117f87cb6c3c9a4b9f96149e3fcffa44d7258e9fc818ab3d76ab660a254d998592c31017f816e01a21c08a17acdb8ada5bc901934e40608563f14698feafac57b2b48cb89e10c85463a386be0f7fb1d1cfd621f8e2b51d50622b7c15be3999ffa42bd57408fe168d840c45a15317b21cf4c2278a04000000000000000033e2ad66fd156dcbf12d9e0e85dc9705d0ce24a4694c8ecd2493e1ed561a425d6045eb68c80d1dc57defb4abe86c9f2c37652d98b0c415bf246642062bd3b58a1ec57acdc2b6be53eaffaafd100002000057fe38ef705b4b9c0342a9b267db42fdda35e41afd619fb6bb14b910346544d83f462635f0738fe4a8db56364fd28540ac55be7fff8aa77009f12e2c1e7098a27b0bc549f3a6f68c11d786e498bffc37c297185efdb868a16ae1323c7d19da92531b33023e82cdeb8be27f82ca830f409a21d1aec436b0230e4b1b376005bcf6e55fceffce6d184de1b89dc5ed8bdfa37e8f86ada4158a7713db2c6789e6ba90df2bc48944775e45134f2187359f74c9dff3c78fb36fe5f672a8ce6e5c404ed8d734b905c5a12a996d8836b4522dbc73e595c14db95232"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000540)={r9, 0x18000000000002a0, 0xf0, 0x0, &(0x7f0000000040)="5aee41dea43e63a3f7fb7f110800", 0x0, 0xf000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
close(r8)
r10 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYRESHEX=r9, @ANYRES32=r10, @ANYRESDEC=r6], 0x30}, 0x1, 0x0, 0x0, 0x40}, 0x40010)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x8, 0x2010, 0xffffffffffffffff, 0x0)
msgget$private(0x0, 0x100)
remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x74}, [@initr0]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
remap_file_pages(&(0x7f00005fd000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)

138.853619ms ago: executing program 1 (id=1049):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000100))
socketpair$tipc(0x1e, 0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000005c0)="d8000000140081044e81f782db44b904021f080219000000040060a118000200e000000a09000e1208000f0100810401a80016ea1f000840032e5f54c92011148ed08734843cb12b00000803600cfab94dcf5c046100a0e408e8d8ef075c0100000000000000cb090000001fb791643a5ee4001b146218a07445d6d930dfe1d9d322fe7c9fd68775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e0060000000000000080bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd68adbeffa447ef4a6fbd3824305240c", 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2, 0x810, 0xffffffffffffffff, 0x8000000)
syz_io_uring_complete(r5)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000080)='kfree\x00', r7, 0x0, 0x4}, 0x18)
write$P9_RVERSION(r4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff"], 0x15)
r8 = dup(r4)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r8])
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x1100, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000011008108090f9becdb4cb92e264831371900000069bd6efb2502eaf60d002700020400bf050005001201", 0x2e}], 0x1}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r9}, 0x10)
r10 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioperm(0x0, 0x2, 0x5)
ptrace(0x10, 0x0)
ptrace$getregset(0x4204, 0x0, 0x201, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
dup2(0xffffffffffffffff, r10)

138.353089ms ago: executing program 5 (id=1050):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_mount_image$iso9660(&(0x7f0000000080), &(0x7f0000000540)='./bus\x00', 0x120c018, &(0x7f0000000180)={[{@check_relaxed}, {@map_normal}, {@nojoliet}, {@cruft}, {@uid}, {@dmode={'dmode', 0x3d, 0x1000}}, {@session={'session', 0x3d, 0x6}}, {@map_normal}]}, 0xff, 0x534, &(0x7f0000001000)="$eJzs3V9v09YbwPHHpf1R5SehaUwIVQUOZZOKVILjQFDEleecpAccO7Id1F6hirZTRQoTZdLam8EN26TtRXC7F7F3NO0lMNlOSkv+Af0TVH0/EZwT+8TnOWl0HrmNjwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIjl1Wy7ZIlvgvaKGs6rRWHz/dPuq/s2yM1DxYh+Raz0n8zOyuV80+Vv3u++lP63IPP5s3mZTYtZ2fv/pa/uX5ye6r1+RMCnYmd37+lap7PxYtKBnKAr54fva+jAxKFpug2tTByqaqVi316ux6pufB2vxoluKi/SbhJGatG7qUrValnp4mrYDho119e9jfduObZdUQ+KLe1GcRjcflCMvWXj+yZoZG3S3Wmbe+kH8aFJVKLdplKbW52N8rgBpI1KH9PIGdfIsR2nVHKcUuVu9e49257u22B/QPpaTP5Di8k6xtkbOJqpbv4XX4wE0pYVUQMfntQkklCaQ/Z39fL/d7f1yH4P5v9elr/8fvecZPn/av7s6rD8PySW03vsyK7syVNZk450ZENeTDyi0300REsgRmIJxUhT3GyL6m5RUpWKVMSWx7IsdYlFSV2M+KIlllWJJRGdfaI8iUSLK4mEEomSRfHkpigpSVWqUhYlWoqyKqG0JZCG1MTNjrIpW9n7XhZlDYtxv1Fp6DAKvc/dhjgjRkv+x9Ed6/wNHMW7Xv4HAAAAAABnlpX99j09/5+RK1mtbnxtTzosAAAAAABwjLK//M+nxUxauyIW5/8AAAAAAJw1VnaNnSUiBbmW1zbFyi6X4pcAAAAAAACcEdnf/6+mRbYGyjWx9pdL4fwfAAAAAIAz4rfha+y/O5/vaZ23/v5XomjGet1a+dbadtON7va5fO+5D4+Y1OesC92DZEUlL6anPT1vzeaN9hfB/KdbbI5b698aFMCrTwng4rT8IdfzNtfX83K9tyfvpVA3vi56oX+/JK57YSrRK8lPz7Z+lmz4vwfNC5ZsbnU2ik+ed9azWF6nR3m93V1AsW8dxRGxvMzWW8iuuRg44pnsQoxuv4W8X/vg+Kfyl099Qp9vZCFvs9Bd8bZwePyzaZ+l4rDRd6MoHXHkb+RG3ubG4o28GBCFMy4K52AUn/VefEQU5XFRlI8YBQBMyuaYLGT1J/7PmOU+L7vL0OxuiSWDZvTFvM3iXDaxTs8NmNHtcTO6fcTs9lffPZCG5di03z8/yKpv0xe87ev3XbeMfcdK38JzL7d/lEs7u3u3trbXZuSHjWeOU67Yd2z7riMz2TC6BbkHADDA+HvsjG1h3RlzVv31/lcKivJEnktH1mUpu9og+8bBwKMWDnwNYWnMWWshS5P5HV6WRpzV/S+7yqF3XGdk28MxlE/+BwEAwClaGJOHPyb/L4057z6cy0efHRcO3K0NAACcDB29sgrJr1YUmdbjUrVacpNlraLQe6giU2toZYJER96yGzS0akVhEnqhn1YemZqOVdxutcIoUfUwUq0wNivZnd9V99bvsW66QWK8uOVrN9bKC4PE9RJVM7GnWu3vfRMv6yh7cdzSnqkbz01MGKg4bEeeLioVa32goanpIDF1k1YD1YpM041W1aPQbze1qunYi0wrCfMD9voyQT2Mmtlhi5N+swEA+ELs7O49Xet0Nl6cYGXSYwQAAIeRpQEAAAAAAAAAAAAAAAAAAAAA+PKdxvV/VM54pbcU9JcSD5VjqIydOn458ckJwIn6LwAA//9HHk9e")
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r1}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)

0s ago: executing program 5 (id=1051):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0b00000007000000020000000400000005000000", @ANYRES32, @ANYBLOB="0000080000000000000000005ce90711350d0000", @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x7, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x141141, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000010c0)={{r2}, &(0x7f0000001040), &(0x7f0000001080)}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000000c0)={r2, 0x0, 0x0}, 0x20)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x8, 0x3, 0x4d0, 0x0, 0x25, 0x148, 0x340, 0x60, 0x438, 0x2a8, 0x2a8, 0x438, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'dvmrp1\x00', {0xff}}, 0x0, 0xd0, 0xf8, 0x0, {}, [@common=@unspec=@cgroup0={{0x28}, {0x4}}, @common=@unspec=@statistic={{0x38}}]}, @common=@unspec=@MARK={0x28, 'MARK\x00', 0x2, {0x9, 0x8001}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x530)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
rt_sigprocmask(0x0, &(0x7f0000000100)={[0xfffffffffffe]}, 0x0, 0x8)
r3 = gettid()
timer_create(0x2, &(0x7f0000000180)={0x0, 0x1e, 0x4, @tid=r3}, &(0x7f00000000c0))
timer_settime(0x0, 0x1, &(0x7f00000001c0)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000080)={[0xfffffffffffffffe]}, 0x8, 0x0)
readv(r4, &(0x7f0000000000)=[{&(0x7f0000002480)=""/231, 0xe7}], 0x1)

kernel console output (not intermixed with test programs):

  __x64_sys_bpf+0x43/0x50
[   58.842802][ T4432]  x64_sys_call+0x2914/0x2dc0
[   58.842844][ T4432]  do_syscall_64+0xc9/0x1c0
[   58.842878][ T4432]  ? clear_bhb_loop+0x55/0xb0
[   58.842908][ T4432]  ? clear_bhb_loop+0x55/0xb0
[   58.842939][ T4432]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.842969][ T4432] RIP: 0033:0x7f95de67e819
[   58.842989][ T4432] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   58.843012][ T4432] RSP: 002b:00007f95dccf1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   58.843037][ T4432] RAX: ffffffffffffffda RBX: 00007f95de835fa0 RCX: 00007f95de67e819
[   58.843051][ T4432] RDX: 0000000000000048 RSI: 00000000200009c0 RDI: 0000000000000000
[   58.843065][ T4432] RBP: 00007f95dccf1090 R08: 0000000000000000 R09: 0000000000000000
[   58.843080][ T4432] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   58.843160][ T4432] R13: 0000000000000000 R14: 00007f95de835fa0 R15: 00007fff4b61a608
[   58.843184][ T4432]  </TASK>
[   58.956839][ T4440] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.958859][ T4440] xt_CONNSECMARK: invalid mode: 6
[   59.012224][ T4442] bridge0: port 1(bridge_slave_0) entered disabled state
[   59.013650][ T4442] xt_CONNSECMARK: invalid mode: 6
[   59.385455][   T29] kauditd_printk_skb: 117 callbacks suppressed
[   59.385473][   T29] audit: type=1326 audit(1732280333.955:1213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4460 comm="syz.5.312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4e154e819 code=0x7ffc0000
[   59.440535][   T29] audit: type=1326 audit(1732280333.995:1214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4460 comm="syz.5.312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=38 compat=0 ip=0x7fa4e154e819 code=0x7ffc0000
[   59.463916][   T29] audit: type=1326 audit(1732280333.995:1215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4460 comm="syz.5.312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4e154e819 code=0x7ffc0000
[   59.487359][   T29] audit: type=1326 audit(1732280333.995:1216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4460 comm="syz.5.312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa4e154e819 code=0x7ffc0000
[   59.515153][   T29] audit: type=1326 audit(1732280334.075:1217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4460 comm="syz.5.312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4e154e819 code=0x7ffc0000
[   59.538781][   T29] audit: type=1326 audit(1732280334.075:1218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4460 comm="syz.5.312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4e154e819 code=0x7ffc0000
[   59.562137][   T29] audit: type=1326 audit(1732280334.085:1219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4460 comm="syz.5.312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa4e154e819 code=0x7ffc0000
[   59.585496][   T29] audit: type=1326 audit(1732280334.085:1220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4460 comm="syz.5.312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4e154e819 code=0x7ffc0000
[   59.614497][   T29] audit: type=1326 audit(1732280334.085:1221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4460 comm="syz.5.312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4e154e819 code=0x7ffc0000
[   59.637873][   T29] audit: type=1326 audit(1732280334.095:1222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4460 comm="syz.5.312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa4e154e819 code=0x7ffc0000
[   59.676718][ T4464] loop4: detected capacity change from 0 to 2048
[   59.699071][ T4464] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   59.752125][ T4469] loop5: detected capacity change from 0 to 512
[   59.779501][ T4469] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[   59.801885][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   59.818885][ T4471] loop2: detected capacity change from 0 to 736
[   59.825865][ T4469] EXT4-fs (loop5): corrupt root inode, run e2fsck
[   59.842398][ T4471] ISOFS: Logical zone size(8) < hardware blocksize(1024)
[   59.859713][ T4469] EXT4-fs (loop5): mount failed
[   60.121343][ T4495] ref_ctr_offset mismatch. inode: 0x105 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x82
[   60.142396][ T4497] loop4: detected capacity change from 0 to 512
[   60.154054][ T4497] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.326: corrupted in-inode xattr: invalid ea_ino
[   60.182451][ T4497] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.326: couldn't read orphan inode 15 (err -117)
[   60.205354][ T4497] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   60.290417][ T4509] FAULT_INJECTION: forcing a failure.
[   60.290417][ T4509] name failslab, interval 1, probability 0, space 0, times 0
[   60.303579][ T4509] CPU: 1 UID: 0 PID: 4509 Comm: syz.5.329 Not tainted 6.12.0-syzkaller-07749-g28eb75e178d3 #0
[   60.313853][ T4509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[   60.324018][ T4509] Call Trace:
[   60.327323][ T4509]  <TASK>
[   60.330293][ T4509]  dump_stack_lvl+0xf2/0x150
[   60.335006][ T4509]  dump_stack+0x15/0x20
[   60.339202][ T4509]  should_fail_ex+0x223/0x230
[   60.343919][ T4509]  ? security_netlbl_sid_to_secattr+0xc1/0x160
[   60.350135][ T4509]  should_failslab+0x8f/0xb0
[   60.354807][ T4509]  __kmalloc_node_track_caller_noprof+0xa6/0x380
[   60.361266][ T4509]  ? should_fail_ex+0xd7/0x230
[   60.366064][ T4509]  kstrdup+0x3a/0x80
[   60.377123][ T4509]  security_netlbl_sid_to_secattr+0xc1/0x160
[   60.383611][ T4509]  selinux_netlbl_sock_genattr+0xa3/0x260
[   60.389539][ T4509]  selinux_netlbl_socket_post_create+0x69/0x100
[   60.389620][ T4520] netlink: 48 bytes leftover after parsing attributes in process `syz.3.330'.
[   60.395830][ T4509]  selinux_socket_post_create+0x20c/0x2a0
[   60.395866][ T4509]  security_socket_post_create+0x5b/0xa0
[   60.416252][ T4509]  __sock_create+0x35b/0x5a0
[   60.420932][ T4509]  sock_create_kern+0x38/0x50
[   60.425676][ T4509]  udp_sock_create4+0x67/0x2a0
[   60.430483][ T4509]  fou_nl_add_doit+0xf2/0x600
[   60.435251][ T4509]  genl_rcv_msg+0x61b/0x6c0
[   60.439840][ T4509]  ? __pfx_fou_nl_add_doit+0x10/0x10
[   60.445252][ T4509]  ? __dev_queue_xmit+0xb6e/0x2090
[   60.450447][ T4509]  netlink_rcv_skb+0x12c/0x230
[   60.455229][ T4509]  ? __pfx_genl_rcv_msg+0x10/0x10
[   60.460280][ T4509]  genl_rcv+0x28/0x40
[   60.464315][ T4509]  netlink_unicast+0x599/0x670
[   60.469124][ T4509]  netlink_sendmsg+0x5cc/0x6e0
[   60.473993][ T4509]  ? __pfx_netlink_sendmsg+0x10/0x10
[   60.479296][ T4509]  __sock_sendmsg+0x140/0x180
[   60.484043][ T4509]  ____sys_sendmsg+0x312/0x410
[   60.488900][ T4509]  __sys_sendmsg+0x19d/0x230
[   60.493527][ T4509]  __x64_sys_sendmsg+0x46/0x50
[   60.498470][ T4509]  x64_sys_call+0x2734/0x2dc0
[   60.503181][ T4509]  do_syscall_64+0xc9/0x1c0
[   60.507744][ T4509]  ? clear_bhb_loop+0x55/0xb0
[   60.512521][ T4509]  ? clear_bhb_loop+0x55/0xb0
[   60.517256][ T4509]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.523294][ T4509] RIP: 0033:0x7fa4e154e819
[   60.527810][ T4509] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   60.547548][ T4509] RSP: 002b:00007fa4dfbc7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   60.556009][ T4509] RAX: ffffffffffffffda RBX: 00007fa4e1705fa0 RCX: 00007fa4e154e819
[   60.564008][ T4509] RDX: 0000000000000000 RSI: 0000000020005800 RDI: 0000000000000003
[   60.571983][ T4509] RBP: 00007fa4dfbc7090 R08: 0000000000000000 R09: 0000000000000000
[   60.579969][ T4509] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   60.587966][ T4509] R13: 0000000000000000 R14: 00007fa4e1705fa0 R15: 00007ffd2d89d478
[   60.595954][ T4509]  </TASK>
[   60.604937][ T4523] SELinux:  policydb magic number 0x1af184e6 does not match expected magic number 0xf97cff8c
[   60.634729][ T4523] SELinux: failed to load policy
[   60.637772][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   60.714354][ T4530] FAULT_INJECTION: forcing a failure.
[   60.714354][ T4530] name failslab, interval 1, probability 0, space 0, times 0
[   60.727036][ T4530] CPU: 0 UID: 0 PID: 4530 Comm: syz.5.334 Not tainted 6.12.0-syzkaller-07749-g28eb75e178d3 #0
[   60.737338][ T4530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[   60.747452][ T4530] Call Trace:
[   60.750733][ T4530]  <TASK>
[   60.753744][ T4530]  dump_stack_lvl+0xf2/0x150
[   60.758397][ T4530]  dump_stack+0x15/0x20
[   60.762566][ T4530]  should_fail_ex+0x223/0x230
[   60.767259][ T4530]  ? __alloc_skb+0x10b/0x310
[   60.771876][ T4530]  should_failslab+0x8f/0xb0
[   60.776474][ T4530]  kmem_cache_alloc_node_noprof+0x51/0x2b0
[   60.782380][ T4530]  __alloc_skb+0x10b/0x310
[   60.786815][ T4530]  tcp_v6_send_response+0x1e5/0x1020
[   60.792116][ T4530]  ? arch_stack_walk+0xe5/0x150
[   60.797050][ T4530]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[   60.803286][ T4530]  ? find_stack+0xcf/0x170
[   60.807740][ T4530]  tcp_v6_send_reset+0x7b1/0x9f0
[   60.812738][ T4530]  ? tcp_v6_fill_cb+0x176/0x190
[   60.817606][ T4530]  tcp_v6_rcv+0x14f2/0x1ca0
[   60.822145][ T4530]  ? __pfx_tcp_v6_rcv+0x10/0x10
[   60.827009][ T4530]  ip6_protocol_deliver_rcu+0x9f5/0x1060
[   60.832724][ T4530]  ip6_input+0xbf/0x1c0
[   60.836958][ T4530]  ? __pfx_ip6_input_finish+0x10/0x10
[   60.842351][ T4530]  ? __pfx_ip6_input+0x10/0x10
[   60.847139][ T4530]  ip6_rcv_finish+0x1fa/0x330
[   60.851944][ T4530]  ipv6_rcv+0x74/0x150
[   60.856033][ T4530]  ? __pfx_ip6_rcv_finish+0x10/0x10
[   60.861251][ T4530]  __netif_receive_skb+0xa2/0x280
[   60.866350][ T4530]  netif_receive_skb+0x4a/0x320
[   60.871484][ T4530]  ? tun_rx_batched+0xba/0x410
[   60.876285][ T4530]  tun_rx_batched+0xf0/0x410
[   60.880916][ T4530]  tun_get_user+0x1f3d/0x25b0
[   60.885699][ T4530]  ? ref_tracker_alloc+0x1f5/0x2f0
[   60.890873][ T4530]  tun_chr_write_iter+0x188/0x240
[   60.895961][ T4530]  vfs_write+0x77f/0x920
[   60.900222][ T4530]  ? __schedule+0x6fa/0x930
[   60.904756][ T4530]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   60.910387][ T4530]  ksys_write+0xe8/0x1b0
[   60.914765][ T4530]  __x64_sys_write+0x42/0x50
[   60.919408][ T4530]  x64_sys_call+0x287e/0x2dc0
[   60.924108][ T4530]  do_syscall_64+0xc9/0x1c0
[   60.928634][ T4530]  ? clear_bhb_loop+0x55/0xb0
[   60.933472][ T4530]  ? clear_bhb_loop+0x55/0xb0
[   60.938165][ T4530]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.944107][ T4530] RIP: 0033:0x7fa4e154d2ff
[   60.948531][ T4530] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[   60.968208][ T4530] RSP: 002b:00007fa4dfbc7000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   60.976636][ T4530] RAX: ffffffffffffffda RBX: 00007fa4e1705fa0 RCX: 00007fa4e154d2ff
[   60.984645][ T4530] RDX: 000000000000004a RSI: 00000000200003c0 RDI: 00000000000000c8
[   60.992633][ T4530] RBP: 00007fa4dfbc7090 R08: 0000000000000000 R09: 0000000000000000
[   61.000619][ T4530] R10: 000000000000004a R11: 0000000000000293 R12: 0000000000000002
[   61.008629][ T4530] R13: 0000000000000000 R14: 00007fa4e1705fa0 R15: 00007ffd2d89d478
[   61.016630][ T4530]  </TASK>
[   61.320740][ T4556] netlink: 8 bytes leftover after parsing attributes in process `syz.4.345'.
[   61.329662][ T4556] netlink: 48 bytes leftover after parsing attributes in process `syz.4.345'.
[   61.338612][ T4556] netlink: 200 bytes leftover after parsing attributes in process `syz.4.345'.
[   61.372394][ T4555] loop5: detected capacity change from 0 to 512
[   61.397095][ T4555] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2240: inode #15: comm syz.5.343: corrupted in-inode xattr: invalid ea_ino
[   61.414254][ T4555] EXT4-fs error (device loop5): ext4_orphan_get:1394: comm syz.5.343: couldn't read orphan inode 15 (err -117)
[   61.427342][ T4555] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   61.758325][ T3747] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   61.989901][ T4580] SELinux:  policydb version 0 does not match my version range 15-33
[   62.010967][ T4580] SELinux: failed to load policy
[   62.095599][ T4592] FAULT_INJECTION: forcing a failure.
[   62.095599][ T4592] name failslab, interval 1, probability 0, space 0, times 0
[   62.108383][ T4592] CPU: 0 UID: 0 PID: 4592 Comm: syz.1.349 Not tainted 6.12.0-syzkaller-07749-g28eb75e178d3 #0
[   62.118651][ T4592] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[   62.128781][ T4592] Call Trace:
[   62.132096][ T4592]  <TASK>
[   62.135054][ T4592]  dump_stack_lvl+0xf2/0x150
[   62.139698][ T4592]  dump_stack+0x15/0x20
[   62.144059][ T4592]  should_fail_ex+0x223/0x230
[   62.148793][ T4592]  ? sidtab_sid2str_get+0xb8/0x140
[   62.154086][ T4592]  should_failslab+0x8f/0xb0
[   62.158703][ T4592]  __kmalloc_node_track_caller_noprof+0xa6/0x380
[   62.165140][ T4592]  kmemdup_noprof+0x2a/0x60
[   62.169677][ T4592]  sidtab_sid2str_get+0xb8/0x140
[   62.174645][ T4592]  security_sid_to_context_core+0x1eb/0x2f0
[   62.180654][ T4592]  security_sid_to_context+0x27/0x30
[   62.185980][ T4592]  selinux_lsmprop_to_secctx+0x2c/0x40
[   62.191508][ T4592]  security_lsmprop_to_secctx+0x4a/0x90
[   62.197090][ T4592]  audit_log_task_context+0x93/0x1c0
[   62.202475][ T4592]  audit_log_task+0xfb/0x180
[   62.207135][ T4592]  audit_seccomp+0x68/0x130
[   62.211738][ T4592]  __seccomp_filter+0x6fa/0x1180
[   62.216749][ T4592]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   62.222409][ T4592]  ? vfs_write+0x596/0x920
[   62.226959][ T4592]  ? __schedule+0x6fa/0x930
[   62.231521][ T4592]  __secure_computing+0x9f/0x1c0
[   62.236474][ T4592]  syscall_trace_enter+0xd1/0x1f0
[   62.241666][ T4592]  do_syscall_64+0xaa/0x1c0
[   62.246190][ T4592]  ? clear_bhb_loop+0x55/0xb0
[   62.250915][ T4592]  ? clear_bhb_loop+0x55/0xb0
[   62.255754][ T4592]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   62.261663][ T4592] RIP: 0033:0x7f9ce600e819
[   62.266101][ T4592] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   62.285793][ T4592] RSP: 002b:00007f9ce4687038 EFLAGS: 00000246 ORIG_RAX: 000000000000001a
[   62.294217][ T4592] RAX: ffffffffffffffda RBX: 00007f9ce61c5fa0 RCX: 00007f9ce600e819
[   62.302197][ T4592] RDX: 0000000000000002 RSI: 0000000000003000 RDI: 000000002010d000
[   62.310181][ T4592] RBP: 00007f9ce4687090 R08: 0000000000000000 R09: 0000000000000000
[   62.318265][ T4592] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   62.326300][ T4592] R13: 0000000000000000 R14: 00007f9ce61c5fa0 R15: 00007ffc6e6f7338
[   62.334327][ T4592]  </TASK>
[   62.517618][ T4612] loop4: detected capacity change from 0 to 512
[   62.540847][ T4610] netlink: 100 bytes leftover after parsing attributes in process `syz.3.356'.
[   62.591255][ T4612] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.357: corrupted in-inode xattr: invalid ea_ino
[   62.616391][ T4612] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.357: couldn't read orphan inode 15 (err -117)
[   62.651295][ T4612] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   62.750252][ T4650] SELinux:  policydb version 0 does not match my version range 15-33
[   62.771310][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   62.795847][ T4650] SELinux: failed to load policy
[   63.610372][ T4683] netlink: 8 bytes leftover after parsing attributes in process `syz.1.371'.
[   63.619514][ T4683] netlink: 8 bytes leftover after parsing attributes in process `syz.1.371'.
[   63.628433][ T4683] netlink: 8 bytes leftover after parsing attributes in process `syz.1.371'.
[   63.637295][ T4683] netlink: 8 bytes leftover after parsing attributes in process `syz.1.371'.
[   63.936363][   T24] IPVS: starting estimator thread 0...
[   64.079025][ T4689] IPVS: using max 2400 ests per chain, 120000 per kthread
[   64.264973][ T4706] SELinux: security policydb version 18 (MLS) not backwards compatible
[   64.506242][   T29] kauditd_printk_skb: 97 callbacks suppressed
[   64.506259][   T29] audit: type=1400 audit(1732280339.055:1319): avc:  denied  { write } for  pid=4717 comm="syz.1.382" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[   64.669593][ T4706] SELinux: failed to load policy
[   64.839176][   T29] audit: type=1326 audit(1732280339.385:1320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4735 comm="syz.3.387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3e6c9e819 code=0x7ffc0000
[   64.862687][   T29] audit: type=1326 audit(1732280339.385:1321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4735 comm="syz.3.387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3e6c9e819 code=0x7ffc0000
[   64.886114][   T29] audit: type=1326 audit(1732280339.385:1322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4735 comm="syz.3.387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb3e6c9e819 code=0x7ffc0000
[   64.909687][   T29] audit: type=1326 audit(1732280339.385:1323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4735 comm="syz.3.387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3e6c9e819 code=0x7ffc0000
[   64.933130][   T29] audit: type=1326 audit(1732280339.385:1324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4735 comm="syz.3.387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3e6c9e819 code=0x7ffc0000
[   64.996281][   T29] audit: type=1326 audit(1732280339.465:1325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4735 comm="syz.3.387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb3e6c9e819 code=0x7ffc0000
[   65.019802][   T29] audit: type=1326 audit(1732280339.535:1326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4735 comm="syz.3.387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3e6c9e819 code=0x7ffc0000
[   65.043151][   T29] audit: type=1326 audit(1732280339.535:1327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4735 comm="syz.3.387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3e6c9e819 code=0x7ffc0000
[   65.066777][   T29] audit: type=1326 audit(1732280339.565:1328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4735 comm="syz.3.387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fb3e6c9e819 code=0x7ffc0000
[   65.102065][ T4751] loop1: detected capacity change from 0 to 512
[   65.177628][ T4751] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.388: corrupted in-inode xattr: invalid ea_ino
[   65.238013][ T4751] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.388: couldn't read orphan inode 15 (err -117)
[   65.296562][ T4751] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   65.339937][ T3324] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   65.432715][ T4773] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   65.471715][ T4778] netlink: 'syz.3.391': attribute type 21 has an invalid length.
[   65.480824][ T4778] netlink: 'syz.3.391': attribute type 1 has an invalid length.
[   65.488545][ T4778] netlink: 144 bytes leftover after parsing attributes in process `syz.3.391'.
[   65.662440][ T4798] SELinux: security policydb version 18 (MLS) not backwards compatible
[   65.679610][ T4798] SELinux: failed to load policy
[   65.705939][ T4800] xt_hashlimit: max too large, truncated to 1048576
[   65.753199][ T4803] loop5: detected capacity change from 0 to 164
[   66.380994][ T4815] netlink: 40 bytes leftover after parsing attributes in process `syz.5.404'.
[   66.412214][ T4830] SELinux:  policydb version 0 does not match my version range 15-33
[   66.441280][ T4830] SELinux: failed to load policy
[   66.466792][ T4832] IPv6: NLM_F_CREATE should be specified when creating new route
[   66.727696][ T4852] loop4: detected capacity change from 0 to 512
[   66.753778][ T4855] ALSA: seq fatal error: cannot create timer (-22)
[   66.762086][ T4852] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.419: corrupted in-inode xattr: invalid ea_ino
[   66.779493][ T4855] lo speed is unknown, defaulting to 1000
[   66.786124][ T4855] lo speed is unknown, defaulting to 1000
[   66.798635][ T4852] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.419: couldn't read orphan inode 15 (err -117)
[   66.819819][ T4855] lo speed is unknown, defaulting to 1000
[   66.834882][ T3395] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   66.842517][ T3395] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   66.849988][ T3395] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   66.857410][ T3395] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   66.864842][ T3395] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   66.872261][ T3395] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   66.879687][ T3395] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   66.887122][ T3395] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   66.894645][ T3395] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   66.902087][ T3395] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   66.909614][ T3395] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   66.917049][ T3395] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   66.923376][ T4852] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   66.924466][ T3395] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   66.944352][ T3395] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   66.944456][ T4861] loop1: detected capacity change from 0 to 1024
[   66.951781][ T3395] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   66.965639][ T3395] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   66.973130][ T3395] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   66.980660][ T3395] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   66.988102][ T3395] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   66.995565][ T3395] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   67.003063][ T3395] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   67.010546][ T3395] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   67.041571][ T4861] EXT4-fs (loop1): can't mount with journal_async_commit, fs mounted w/o journal
[   67.041733][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.064223][ T4864] tun0: tun_chr_ioctl cmd 1074025678
[   67.065044][ T4855] infiniband syz2: set active
[   67.069607][ T4864] tun0: group set to 0
[   67.078452][ T4855] infiniband syz2: added lo
[   67.086416][    T8] lo speed is unknown, defaulting to 1000
[   67.094099][ T3395] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID vffffff.fe Device [syz0] on syz1
[   67.110341][ T4855] RDS/IB: syz2: added
[   67.114571][ T4855] smc: adding ib device syz2 with port count 1
[   67.121751][ T4855] smc:    ib device syz2 port 1 has pnetid 
[   67.128056][ T3395] lo speed is unknown, defaulting to 1000
[   67.144367][ T4855] lo speed is unknown, defaulting to 1000
[   67.150533][ T4868] FAULT_INJECTION: forcing a failure.
[   67.150533][ T4868] name failslab, interval 1, probability 0, space 0, times 0
[   67.163223][ T4868] CPU: 1 UID: 0 PID: 4868 Comm: syz.3.425 Not tainted 6.12.0-syzkaller-07749-g28eb75e178d3 #0
[   67.173516][ T4868] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[   67.183750][ T4868] Call Trace:
[   67.187038][ T4868]  <TASK>
[   67.188661][ T4855] lo speed is unknown, defaulting to 1000
[   67.189966][ T4868]  dump_stack_lvl+0xf2/0x150
[   67.190001][ T4868]  dump_stack+0x15/0x20
[   67.204485][ T4868]  should_fail_ex+0x223/0x230
[   67.209199][ T4868]  ? audit_log_start+0x34c/0x6b0
[   67.214241][ T4868]  should_failslab+0x8f/0xb0
[   67.218916][ T4868]  kmem_cache_alloc_noprof+0x4c/0x290
[   67.224369][ T4868]  audit_log_start+0x34c/0x6b0
[   67.226101][ T4855] lo speed is unknown, defaulting to 1000
[   67.229236][ T4868]  audit_seccomp+0x4b/0x130
[   67.239572][ T4868]  __seccomp_filter+0x6fa/0x1180
[   67.244627][ T4868]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   67.250371][ T4868]  ? vfs_write+0x596/0x920
[   67.254811][ T4868]  ? putname+0xcf/0xf0
[   67.258905][ T4868]  __secure_computing+0x9f/0x1c0
[   67.263943][ T4868]  syscall_trace_enter+0xd1/0x1f0
[   67.266109][ T4855] lo speed is unknown, defaulting to 1000
[   67.268971][ T4868]  ? fpregs_assert_state_consistent+0x83/0xa0
[   67.269020][ T4868]  do_syscall_64+0xaa/0x1c0
[   67.285368][ T4868]  ? clear_bhb_loop+0x55/0xb0
[   67.290098][ T4868]  ? clear_bhb_loop+0x55/0xb0
[   67.294799][ T4868]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.300741][ T4868] RIP: 0033:0x7fb3e6c9e819
[   67.305176][ T4868] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   67.305188][ T4855] lo speed is unknown, defaulting to 1000
[   67.324795][ T4868] RSP: 002b:00007fb3e5317038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d0
[   67.324826][ T4868] RAX: ffffffffffffffda RBX: 00007fb3e6e55fa0 RCX: 00007fb3e6c9e819
[   67.324841][ T4868] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[   67.324857][ T4868] RBP: 00007fb3e5317090 R08: 0000000000000000 R09: 0000000000000000
[   67.363256][ T4868] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   67.371302][ T4868] R13: 0000000000000000 R14: 00007fb3e6e55fa0 R15: 00007fff6ffe1f78
[   67.379319][ T4868]  </TASK>
[   67.478241][ T4876] loop4: detected capacity change from 0 to 164
[   67.681109][ T4893] FAULT_INJECTION: forcing a failure.
[   67.681109][ T4893] name failslab, interval 1, probability 0, space 0, times 0
[   67.693804][ T4893] CPU: 0 UID: 0 PID: 4893 Comm: syz.2.435 Not tainted 6.12.0-syzkaller-07749-g28eb75e178d3 #0
[   67.704140][ T4893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[   67.714206][ T4893] Call Trace:
[   67.717493][ T4893]  <TASK>
[   67.720447][ T4893]  dump_stack_lvl+0xf2/0x150
[   67.725075][ T4893]  dump_stack+0x15/0x20
[   67.729376][ T4893]  should_fail_ex+0x223/0x230
[   67.734139][ T4893]  ? sidtab_sid2str_get+0xb8/0x140
[   67.739468][ T4893]  should_failslab+0x8f/0xb0
[   67.744077][ T4893]  __kmalloc_node_track_caller_noprof+0xa6/0x380
[   67.750508][ T4893]  kmemdup_noprof+0x2a/0x60
[   67.755037][ T4893]  sidtab_sid2str_get+0xb8/0x140
[   67.760004][ T4893]  security_sid_to_context_core+0x1eb/0x2f0
[   67.766013][ T4893]  security_sid_to_context+0x27/0x30
[   67.771374][ T4893]  selinux_lsmprop_to_secctx+0x2c/0x40
[   67.776885][ T4893]  security_lsmprop_to_secctx+0x4a/0x90
[   67.782533][ T4893]  audit_log_task_context+0x93/0x1c0
[   67.788022][ T4893]  audit_log_task+0xfb/0x180
[   67.792651][ T4893]  audit_seccomp+0x68/0x130
[   67.797186][ T4893]  __seccomp_filter+0x6fa/0x1180
[   67.802202][ T4893]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   67.807977][ T4893]  ? vfs_write+0x596/0x920
[   67.812510][ T4893]  ? __schedule+0x6fa/0x930
[   67.817122][ T4893]  __secure_computing+0x9f/0x1c0
[   67.822167][ T4893]  syscall_trace_enter+0xd1/0x1f0
[   67.827265][ T4893]  do_syscall_64+0xaa/0x1c0
[   67.831913][ T4893]  ? clear_bhb_loop+0x55/0xb0
[   67.836652][ T4893]  ? clear_bhb_loop+0x55/0xb0
[   67.841372][ T4893]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.847302][ T4893] RIP: 0033:0x7f95de67e819
[   67.851763][ T4893] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   67.871408][ T4893] RSP: 002b:00007f95dccf1038 EFLAGS: 00000246 ORIG_RAX: 000000000000001a
[   67.879847][ T4893] RAX: ffffffffffffffda RBX: 00007f95de835fa0 RCX: 00007f95de67e819
[   67.887833][ T4893] RDX: 0000000000000002 RSI: 0000000000003000 RDI: 000000002010d000
[   67.895834][ T4893] RBP: 00007f95dccf1090 R08: 0000000000000000 R09: 0000000000000000
[   67.903881][ T4893] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   67.911967][ T4893] R13: 0000000000000000 R14: 00007f95de835fa0 R15: 00007fff4b61a608
[   67.920033][ T4893]  </TASK>
[   67.975409][ T4903] loop4: detected capacity change from 0 to 164
[   68.092315][ T4914] netlink: 4696 bytes leftover after parsing attributes in process `syz.2.443'.
[   68.103987][ T4914] netlink: 4696 bytes leftover after parsing attributes in process `syz.2.443'.
[   68.113116][ T4914] netlink: 508 bytes leftover after parsing attributes in process `syz.2.443'.
[   68.318110][ T4927] netlink: 8 bytes leftover after parsing attributes in process `syz.4.449'.
[   68.424642][ T4934] loop4: detected capacity change from 0 to 164
[   68.547344][ T4941] loop5: detected capacity change from 0 to 1024
[   68.570980][ T4941] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   68.634721][ T3747] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.675856][ T4949] loop5: detected capacity change from 0 to 512
[   68.702769][ T4949] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   68.770484][ T3747] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.850794][ T4962] loop5: detected capacity change from 0 to 164
[   68.900280][ T4964] netlink: 8 bytes leftover after parsing attributes in process `syz.2.466'.
[   69.004950][ T4971] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   69.030422][ T4971] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   69.599595][   T29] kauditd_printk_skb: 407 callbacks suppressed
[   69.605858][   T29] audit: type=1326 audit(1732280344.175:1731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4979 comm="syz.4.471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3eae24e819 code=0x7ffc0000
[   69.629314][   T29] audit: type=1326 audit(1732280344.175:1732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4979 comm="syz.4.471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3eae24e819 code=0x7ffc0000
[   69.656634][   T29] audit: type=1326 audit(1732280344.175:1733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4979 comm="syz.4.471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3eae24e819 code=0x7ffc0000
[   69.680143][   T29] audit: type=1326 audit(1732280344.175:1734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4979 comm="syz.4.471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3eae24e819 code=0x7ffc0000
[   69.703650][   T29] audit: type=1326 audit(1732280344.175:1735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4979 comm="syz.4.471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3eae24e819 code=0x7ffc0000
[   69.727050][   T29] audit: type=1326 audit(1732280344.175:1736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4979 comm="syz.4.471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3eae24e819 code=0x7ffc0000
[   69.862417][ T4980] loop4: detected capacity change from 0 to 512
[   69.883547][ T4982] FAULT_INJECTION: forcing a failure.
[   69.883547][ T4982] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   69.896700][ T4982] CPU: 1 UID: 0 PID: 4982 Comm: syz.3.472 Not tainted 6.12.0-syzkaller-07749-g28eb75e178d3 #0
[   69.907055][ T4982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[   69.917183][ T4982] Call Trace:
[   69.920474][ T4982]  <TASK>
[   69.923491][ T4982]  dump_stack_lvl+0xf2/0x150
[   69.928179][ T4982]  dump_stack+0x15/0x20
[   69.932363][ T4982]  should_fail_ex+0x223/0x230
[   69.937184][ T4982]  should_fail+0xb/0x10
[   69.941405][ T4982]  should_fail_usercopy+0x1a/0x20
[   69.946462][ T4982]  _copy_from_iter+0xd5/0xd00
[   69.951295][ T4982]  ? kmalloc_reserve+0x16e/0x190
[   69.956325][ T4982]  ? __build_skb_around+0x196/0x1f0
[   69.961613][ T4982]  ? __alloc_skb+0x21f/0x310
[   69.966253][ T4982]  ? __virt_addr_valid+0x1ed/0x250
[   69.971555][ T4982]  ? __check_object_size+0x364/0x520
[   69.976880][ T4982]  netlink_sendmsg+0x460/0x6e0
[   69.981726][ T4982]  ? __pfx_netlink_sendmsg+0x10/0x10
[   69.987130][ T4982]  __sock_sendmsg+0x140/0x180
[   69.991827][ T4982]  ____sys_sendmsg+0x312/0x410
[   69.996616][ T4982]  __sys_sendmsg+0x19d/0x230
[   70.001245][ T4982]  __x64_sys_sendmsg+0x46/0x50
[   70.006033][ T4982]  x64_sys_call+0x2734/0x2dc0
[   70.010731][ T4982]  do_syscall_64+0xc9/0x1c0
[   70.015377][ T4982]  ? clear_bhb_loop+0x55/0xb0
[   70.020154][ T4982]  ? clear_bhb_loop+0x55/0xb0
[   70.024846][ T4982]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.030755][ T4982] RIP: 0033:0x7fb3e6c9e819
[   70.035211][ T4982] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   70.054838][ T4982] RSP: 002b:00007fb3e5317038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   70.063276][ T4982] RAX: ffffffffffffffda RBX: 00007fb3e6e55fa0 RCX: 00007fb3e6c9e819
[   70.071261][ T4982] RDX: 0000000000000000 RSI: 0000000020000680 RDI: 0000000000000006
[   70.079244][ T4982] RBP: 00007fb3e5317090 R08: 0000000000000000 R09: 0000000000000000
[   70.087235][ T4982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   70.095271][ T4982] R13: 0000000000000000 R14: 00007fb3e6e55fa0 R15: 00007fff6ffe1f78
[   70.103277][ T4982]  </TASK>
[   70.124660][   T29] audit: type=1326 audit(1732280344.425:1737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4979 comm="syz.4.471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3eae24e819 code=0x7ffc0000
[   70.148096][   T29] audit: type=1326 audit(1732280344.435:1738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4979 comm="syz.4.471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f3eae24e819 code=0x7ffc0000
[   70.171442][   T29] audit: type=1326 audit(1732280344.435:1739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4979 comm="syz.4.471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f3eae24e853 code=0x7ffc0000
[   70.194665][   T29] audit: type=1326 audit(1732280344.435:1740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4979 comm="syz.4.471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f3eae24d2ff code=0x7ffc0000
[   70.284236][ T4980] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   70.810517][ T4994] SELinux: syz.5.476 (4994) set checkreqprot to 1. This is no longer supported.
[   70.834379][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.836383][ T4999] FAULT_INJECTION: forcing a failure.
[   70.836383][ T4999] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   70.856551][ T4999] CPU: 1 UID: 0 PID: 4999 Comm: syz.2.478 Not tainted 6.12.0-syzkaller-07749-g28eb75e178d3 #0
[   70.866818][ T4999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[   70.876986][ T4999] Call Trace:
[   70.880273][ T4999]  <TASK>
[   70.883210][ T4999]  dump_stack_lvl+0xf2/0x150
[   70.887827][ T4999]  dump_stack+0x15/0x20
[   70.892062][ T4999]  should_fail_ex+0x223/0x230
[   70.896765][ T4999]  should_fail+0xb/0x10
[   70.900933][ T4999]  should_fail_usercopy+0x1a/0x20
[   70.906096][ T4999]  _copy_from_user+0x1e/0xb0
[   70.910704][ T4999]  ip6gre_tunnel_siocdevprivate+0x143/0x6f0
[   70.916645][ T4999]  ? __pfx_ip6gre_tunnel_siocdevprivate+0x10/0x10
[   70.923073][ T4999]  dev_ifsioc+0x84e/0xa10
[   70.927418][ T4999]  dev_ioctl+0x8e9/0xab0
[   70.931726][ T4999]  sock_ioctl+0x5ba/0x640
[   70.936060][ T4999]  ? __pfx_sock_ioctl+0x10/0x10
[   70.940916][ T4999]  __se_sys_ioctl+0xc9/0x140
[   70.945659][ T4999]  __x64_sys_ioctl+0x43/0x50
[   70.950264][ T4999]  x64_sys_call+0x1690/0x2dc0
[   70.955036][ T4999]  do_syscall_64+0xc9/0x1c0
[   70.959708][ T4999]  ? clear_bhb_loop+0x55/0xb0
[   70.964400][ T4999]  ? clear_bhb_loop+0x55/0xb0
[   70.969257][ T4999]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.975163][ T4999] RIP: 0033:0x7f95de67e819
[   70.979590][ T4999] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   70.999277][ T4999] RSP: 002b:00007f95dccf1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   71.007751][ T4999] RAX: ffffffffffffffda RBX: 00007f95de835fa0 RCX: 00007f95de67e819
[   71.015733][ T4999] RDX: 0000000020000080 RSI: 00000000000089f1 RDI: 0000000000000007
[   71.023741][ T4999] RBP: 00007f95dccf1090 R08: 0000000000000000 R09: 0000000000000000
[   71.031725][ T4999] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   71.039748][ T4999] R13: 0000000000000000 R14: 00007f95de835fa0 R15: 00007fff4b61a608
[   71.047733][ T4999]  </TASK>
[   71.393245][ T5033] SELinux: syz.3.493 (5033) set checkreqprot to 1. This is no longer supported.
[   71.471299][ T5037] syzkaller0: entered allmulticast mode
[   71.479654][ T5037] syzkaller0 (unregistering): left allmulticast mode
[   71.773380][ T5056] lo speed is unknown, defaulting to 1000
[   71.812102][ T5061] SELinux: syz.3.505 (5061) set checkreqprot to 1. This is no longer supported.
[   72.389480][ T5083] vlan2: entered promiscuous mode
[   72.394611][ T5083] vlan2: entered allmulticast mode
[   72.672769][ T5081] FAULT_INJECTION: forcing a failure.
[   72.672769][ T5081] name failslab, interval 1, probability 0, space 0, times 0
[   72.685504][ T5081] CPU: 1 UID: 0 PID: 5081 Comm: syz.5.513 Not tainted 6.12.0-syzkaller-07749-g28eb75e178d3 #0
[   72.695847][ T5081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[   72.706001][ T5081] Call Trace:
[   72.709301][ T5081]  <TASK>
[   72.712312][ T5081]  dump_stack_lvl+0xf2/0x150
[   72.717002][ T5081]  dump_stack+0x15/0x20
[   72.721195][ T5081]  should_fail_ex+0x223/0x230
[   72.725947][ T5081]  ? kernfs_fop_write_iter+0xe1/0x2c0
[   72.731361][ T5081]  should_failslab+0x8f/0xb0
[   72.736080][ T5081]  __kmalloc_noprof+0xa5/0x370
[   72.740882][ T5081]  kernfs_fop_write_iter+0xe1/0x2c0
[   72.746145][ T5081]  iter_file_splice_write+0x5f1/0x980
[   72.751574][ T5081]  ? __pfx_iter_file_splice_write+0x10/0x10
[   72.757589][ T5081]  direct_splice_actor+0x160/0x2c0
[   72.762737][ T5081]  splice_direct_to_actor+0x302/0x670
[   72.768265][ T5081]  ? __pfx_direct_splice_actor+0x10/0x10
[   72.773952][ T5081]  do_splice_direct+0xd7/0x150
[   72.778813][ T5081]  ? __pfx_direct_file_splice_eof+0x10/0x10
[   72.781891][ T5105] loop2: detected capacity change from 0 to 164
[   72.784745][ T5081]  do_sendfile+0x398/0x660
[   72.795455][ T5081]  __x64_sys_sendfile64+0x110/0x150
[   72.800674][ T5081]  x64_sys_call+0xfbd/0x2dc0
[   72.805286][ T5081]  do_syscall_64+0xc9/0x1c0
[   72.809809][ T5081]  ? clear_bhb_loop+0x55/0xb0
[   72.814559][ T5081]  ? clear_bhb_loop+0x55/0xb0
[   72.819256][ T5081]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   72.825231][ T5081] RIP: 0033:0x7fa4e154e819
[   72.829658][ T5081] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   72.849288][ T5081] RSP: 002b:00007fa4dfbc7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   72.857840][ T5081] RAX: ffffffffffffffda RBX: 00007fa4e1705fa0 RCX: 00007fa4e154e819
[   72.865884][ T5081] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003
[   72.873867][ T5081] RBP: 00007fa4dfbc7090 R08: 0000000000000000 R09: 0000000000000000
[   72.881925][ T5081] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000002
[   72.889911][ T5081] R13: 0000000000000000 R14: 00007fa4e1705fa0 R15: 00007ffd2d89d478
[   72.897976][ T5081]  </TASK>
[   72.958013][ T5107] FAULT_INJECTION: forcing a failure.
[   72.958013][ T5107] name failslab, interval 1, probability 0, space 0, times 0
[   72.970793][ T5107] CPU: 0 UID: 0 PID: 5107 Comm: syz.2.525 Not tainted 6.12.0-syzkaller-07749-g28eb75e178d3 #0
[   72.981099][ T5107] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[   72.991184][ T5107] Call Trace:
[   72.994540][ T5107]  <TASK>
[   72.997538][ T5107]  dump_stack_lvl+0xf2/0x150
[   73.002236][ T5107]  dump_stack+0x15/0x20
[   73.006426][ T5107]  should_fail_ex+0x223/0x230
[   73.011136][ T5107]  ? sidtab_sid2str_get+0xb8/0x140
[   73.016391][ T5107]  should_failslab+0x8f/0xb0
[   73.021028][ T5107]  __kmalloc_node_track_caller_noprof+0xa6/0x380
[   73.027485][ T5107]  kmemdup_noprof+0x2a/0x60
[   73.032012][ T5107]  sidtab_sid2str_get+0xb8/0x140
[   73.037003][ T5107]  security_sid_to_context_core+0x1eb/0x2f0
[   73.042956][ T5107]  security_sid_to_context+0x27/0x30
[   73.048379][ T5107]  avc_audit_post_callback+0x10d/0x530
[   73.053995][ T5107]  ? __pfx_avc_audit_post_callback+0x10/0x10
[   73.060117][ T5107]  common_lsm_audit+0x7cc/0xfc0
[   73.065049][ T5107]  ? avc_denied+0xf1/0x110
[   73.069491][ T5107]  slow_avc_audit+0xf9/0x140
[   73.074273][ T5107]  avc_has_perm+0x129/0x160
[   73.078895][ T5107]  sel_write_validatetrans+0xdc/0x370
[   73.084388][ T5107]  vfs_writev+0x3fb/0x880
[   73.088808][ T5107]  ? __pfx_sel_write_validatetrans+0x10/0x10
[   73.094816][ T5107]  ? mutex_lock+0xd/0x40
[   73.099100][ T5107]  do_writev+0xf4/0x220
[   73.103269][ T5107]  __x64_sys_writev+0x45/0x50
[   73.107982][ T5107]  x64_sys_call+0x1fab/0x2dc0
[   73.112678][ T5107]  do_syscall_64+0xc9/0x1c0
[   73.117203][ T5107]  ? clear_bhb_loop+0x55/0xb0
[   73.121895][ T5107]  ? clear_bhb_loop+0x55/0xb0
[   73.126649][ T5107]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.132561][ T5107] RIP: 0033:0x7f95de67e819
[   73.136999][ T5107] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   73.156749][ T5107] RSP: 002b:00007f95dccf1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[   73.165309][ T5107] RAX: ffffffffffffffda RBX: 00007f95de835fa0 RCX: 00007f95de67e819
[   73.173373][ T5107] RDX: 0000000000000001 RSI: 0000000020004340 RDI: 0000000000000003
[   73.181449][ T5107] RBP: 00007f95dccf1090 R08: 0000000000000000 R09: 0000000000000000
[   73.189496][ T5107] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   73.197475][ T5107] R13: 0000000000000000 R14: 00007f95de835fa0 R15: 00007fff4b61a608
[   73.205463][ T5107]  </TASK>
[   73.395061][ T5125] syz.4.534[5125] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   73.395180][ T5125] syz.4.534[5125] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   73.407936][ T5125] syz.4.534[5125] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   73.530546][ T5132] loop4: detected capacity change from 0 to 164
[   74.008888][ T5136] lo speed is unknown, defaulting to 1000
[   74.109358][ T5147] FAULT_INJECTION: forcing a failure.
[   74.109358][ T5147] name failslab, interval 1, probability 0, space 0, times 0
[   74.122190][ T5147] CPU: 1 UID: 0 PID: 5147 Comm: syz.5.542 Not tainted 6.12.0-syzkaller-07749-g28eb75e178d3 #0
[   74.132467][ T5147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[   74.142600][ T5147] Call Trace:
[   74.145902][ T5147]  <TASK>
[   74.148851][ T5147]  dump_stack_lvl+0xf2/0x150
[   74.153543][ T5147]  dump_stack+0x15/0x20
[   74.157761][ T5147]  should_fail_ex+0x223/0x230
[   74.162479][ T5147]  ? mas_alloc_nodes+0x1d3/0x4a0
[   74.167549][ T5147]  should_failslab+0x8f/0xb0
[   74.172192][ T5147]  kmem_cache_alloc_noprof+0x4c/0x290
[   74.177590][ T5147]  mas_alloc_nodes+0x1d3/0x4a0
[   74.182488][ T5147]  mas_preallocate+0x449/0x650
[   74.187305][ T5147]  __split_vma+0x244/0x6a0
[   74.191760][ T5147]  ? _raw_spin_lock_irqsave+0x3c/0xb0
[   74.197244][ T5147]  vma_modify+0x2cb/0xcd0
[   74.201668][ T5147]  ? __rcu_read_unlock+0x4e/0x70
[   74.206687][ T5147]  vma_modify_flags+0xf1/0x120
[   74.211470][ T5147]  mprotect_fixup+0x31a/0x5e0
[   74.216233][ T5147]  do_mprotect_pkey+0x653/0x960
[   74.221124][ T5147]  __x64_sys_mprotect+0x48/0x60
[   74.226016][ T5147]  x64_sys_call+0x2770/0x2dc0
[   74.230791][ T5147]  do_syscall_64+0xc9/0x1c0
[   74.235381][ T5147]  ? clear_bhb_loop+0x55/0xb0
[   74.240080][ T5147]  ? clear_bhb_loop+0x55/0xb0
[   74.244800][ T5147]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.250781][ T5147] RIP: 0033:0x7fa4e154e819
[   74.255231][ T5147] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   74.274933][ T5147] RSP: 002b:00007fa4dfbc7038 EFLAGS: 00000246 ORIG_RAX: 000000000000000a
[   74.283439][ T5147] RAX: ffffffffffffffda RBX: 00007fa4e1705fa0 RCX: 00007fa4e154e819
[   74.291455][ T5147] RDX: 0000000000000005 RSI: 0000000000800000 RDI: 0000000020000000
[   74.299441][ T5147] RBP: 00007fa4dfbc7090 R08: 0000000000000000 R09: 0000000000000000
[   74.307419][ T5147] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   74.315402][ T5147] R13: 0000000000000000 R14: 00007fa4e1705fa0 R15: 00007ffd2d89d478
[   74.323400][ T5147]  </TASK>
[   74.537411][ T5144] FAULT_INJECTION: forcing a failure.
[   74.537411][ T5144] name failslab, interval 1, probability 0, space 0, times 0
[   74.550105][ T5144] CPU: 1 UID: 0 PID: 5144 Comm: syz.4.541 Not tainted 6.12.0-syzkaller-07749-g28eb75e178d3 #0
[   74.560396][ T5144] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[   74.570492][ T5144] Call Trace:
[   74.573785][ T5144]  <TASK>
[   74.576738][ T5144]  dump_stack_lvl+0xf2/0x150
[   74.581425][ T5144]  dump_stack+0x15/0x20
[   74.585643][ T5144]  should_fail_ex+0x223/0x230
[   74.590417][ T5144]  ? sidtab_sid2str_get+0xb8/0x140
[   74.595473][ T5151] loop1: detected capacity change from 0 to 4096
[   74.595627][ T5144]  should_failslab+0x8f/0xb0
[   74.606363][   T29] kauditd_printk_skb: 336 callbacks suppressed
[   74.606384][   T29] audit: type=1326 audit(1732280349.115:2077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5142 comm="syz.4.541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3eae24e819 code=0x7ffc0000
[   74.606624][ T5144]  __kmalloc_node_track_caller_noprof+0xa6/0x380
[   74.631108][   T29] audit: type=1326 audit(1732280349.115:2078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5142 comm="syz.4.541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3eae24e819 code=0x7ffc0000
[   74.654307][ T5144]  kmemdup_noprof+0x2a/0x60
[   74.660662][   T29] audit: type=1326 audit(1732280349.115:2079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5142 comm="syz.4.541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3eae24d1b0 code=0x7ffc0000
[   74.683880][ T5144]  sidtab_sid2str_get+0xb8/0x140
[   74.688443][   T29] audit: type=1326 audit(1732280349.115:2080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5142 comm="syz.4.541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f3eae24d2ff code=0x7ffc0000
[   74.711636][ T5144]  security_sid_to_context_core+0x1eb/0x2f0
[   74.745743][ T5144]  security_sid_to_context+0x27/0x30
[   74.751067][ T5144]  selinux_lsmprop_to_secctx+0x2c/0x40
[   74.756554][ T5144]  security_lsmprop_to_secctx+0x4a/0x90
[   74.762185][ T5144]  audit_log_task_context+0x93/0x1c0
[   74.767554][ T5144]  audit_log_task+0xfb/0x180
[   74.772173][ T5144]  audit_seccomp+0x68/0x130
[   74.776698][ T5144]  __seccomp_filter+0x6fa/0x1180
[   74.781716][ T5144]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   74.787379][ T5144]  ? vfs_write+0x596/0x920
[   74.791862][ T5144]  __secure_computing+0x9f/0x1c0
[   74.796815][ T5144]  syscall_trace_enter+0xd1/0x1f0
[   74.801872][ T5144]  ? fpregs_assert_state_consistent+0x83/0xa0
[   74.808055][ T5144]  do_syscall_64+0xaa/0x1c0
[   74.812684][ T5144]  ? clear_bhb_loop+0x55/0xb0
[   74.817391][ T5144]  ? clear_bhb_loop+0x55/0xb0
[   74.822087][ T5144]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.828078][ T5144] RIP: 0033:0x7f3eae24e819
[   74.832512][ T5144] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   74.852205][ T5144] RSP: 002b:00007f3eac8a6038 EFLAGS: 00000246 ORIG_RAX: 000000000000013b
[   74.860704][ T5144] RAX: ffffffffffffffda RBX: 00007f3eae406080 RCX: 00007f3eae24e819
[   74.868706][ T5144] RDX: 0000000000000038 RSI: 0000000020000080 RDI: 0000000000000000
[   74.876684][ T5144] RBP: 00007f3eac8a6090 R08: 0000000000000000 R09: 0000000000000000
[   74.884687][ T5144] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   74.892664][ T5144] R13: 0000000000000000 R14: 00007f3eae406080 R15: 00007ffe927684a8
[   74.900741][ T5144]  </TASK>
[   74.903912][ T5144] audit: error in audit_log_task_context
[   74.921640][   T29] audit: type=1326 audit(1732280349.115:2081): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=5142 comm="syz.4.541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=315 compat=0 ip=0x7f3eae24e819 code=0x7ffc0000
[   74.942815][   T29] audit: type=1326 audit(1732280349.495:2082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5142 comm="syz.4.541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f3eae24d25c code=0x7ffc0000
[   74.966042][   T29] audit: type=1326 audit(1732280349.495:2083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5142 comm="syz.4.541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f3eae24d2ff code=0x7ffc0000
[   74.989294][   T29] audit: type=1326 audit(1732280349.495:2084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5142 comm="syz.4.541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f3eae24d4aa code=0x7ffc0000
[   75.006032][ T5161] SELinux:  policydb table sizes (0,0) do not match mine (6,7)
[   75.012451][   T29] audit: type=1326 audit(1732280349.495:2085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5142 comm="syz.4.541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3eae24e819 code=0x7ffc0000
[   75.052833][ T5151] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.126334][ T5161] SELinux: failed to load policy
[   75.248659][ T5168] loop2: detected capacity change from 0 to 512
[   75.269053][ T5169] netlink: 'syz.3.549': attribute type 10 has an invalid length.
[   75.288188][ T5169] syz_tun: entered promiscuous mode
[   75.308638][ T5168] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   75.310727][ T5169] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[   75.339612][ T5172] loop5: detected capacity change from 0 to 164
[   75.401573][ T3324] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.530632][ T3328] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.558809][ T5179] FAULT_INJECTION: forcing a failure.
[   75.558809][ T5179] name failslab, interval 1, probability 0, space 0, times 0
[   75.571576][ T5179] CPU: 0 UID: 0 PID: 5179 Comm: syz.3.553 Not tainted 6.12.0-syzkaller-07749-g28eb75e178d3 #0
[   75.581885][ T5179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[   75.591991][ T5179] Call Trace:
[   75.595282][ T5179]  <TASK>
[   75.598222][ T5179]  dump_stack_lvl+0xf2/0x150
[   75.602848][ T5179]  dump_stack+0x15/0x20
[   75.607038][ T5179]  should_fail_ex+0x223/0x230
[   75.611872][ T5179]  ? __hw_addr_add_ex+0x13d/0x360
[   75.616924][ T5179]  should_failslab+0x8f/0xb0
[   75.621544][ T5179]  __kmalloc_cache_noprof+0x4b/0x2a0
[   75.626930][ T5179]  ? __memcg_slab_post_alloc_hook+0x510/0x660
[   75.633082][ T5179]  __hw_addr_add_ex+0x13d/0x360
[   75.638003][ T5179]  dev_addr_init+0xb2/0x120
[   75.642520][ T5179]  alloc_netdev_mqs+0x1e1/0x9c0
[   75.647466][ T5179]  ? __pfx_vlan_setup+0x10/0x10
[   75.652380][ T5179]  rtnl_create_link+0x233/0x680
[   75.657307][ T5179]  rtnl_newlink_create+0x133/0x5c0
[   75.662516][ T5179]  rtnl_newlink+0xe3a/0x1200
[   75.667172][ T5179]  ? xas_load+0x3ae/0x3d0
[   75.671588][ T5179]  ? xa_load+0xb9/0xe0
[   75.675696][ T5179]  ? __memcg_slab_free_hook+0xc9/0x1e0
[   75.681222][ T5179]  ? __rcu_read_unlock+0x4e/0x70
[   75.686199][ T5179]  ? avc_has_perm_noaudit+0x1cc/0x210
[   75.691617][ T5179]  ? selinux_capable+0x1f2/0x260
[   75.696581][ T5179]  ? security_capable+0x81/0x90
[   75.701508][ T5179]  ? ns_capable+0x7d/0xb0
[   75.705851][ T5179]  ? __pfx_rtnl_newlink+0x10/0x10
[   75.710896][ T5179]  rtnetlink_rcv_msg+0x651/0x710
[   75.715862][ T5179]  ? ref_tracker_free+0x3a5/0x410
[   75.720902][ T5179]  ? __dev_queue_xmit+0x186/0x2090
[   75.726062][ T5179]  ? ref_tracker_alloc+0x1f5/0x2f0
[   75.731205][ T5179]  netlink_rcv_skb+0x12c/0x230
[   75.736023][ T5179]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   75.741561][ T5179]  rtnetlink_rcv+0x1c/0x30
[   75.746062][ T5179]  netlink_unicast+0x599/0x670
[   75.750851][ T5179]  netlink_sendmsg+0x5cc/0x6e0
[   75.755683][ T5179]  ? __pfx_netlink_sendmsg+0x10/0x10
[   75.760993][ T5179]  __sock_sendmsg+0x140/0x180
[   75.765692][ T5179]  ____sys_sendmsg+0x312/0x410
[   75.770481][ T5179]  __sys_sendmsg+0x19d/0x230
[   75.775104][ T5179]  __x64_sys_sendmsg+0x46/0x50
[   75.779957][ T5179]  x64_sys_call+0x2734/0x2dc0
[   75.784653][ T5179]  do_syscall_64+0xc9/0x1c0
[   75.789172][ T5179]  ? clear_bhb_loop+0x55/0xb0
[   75.793957][ T5179]  ? clear_bhb_loop+0x55/0xb0
[   75.798648][ T5179]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.804625][ T5179] RIP: 0033:0x7fb3e6c9e819
[   75.809049][ T5179] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.829290][ T5179] RSP: 002b:00007fb3e5317038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   75.837712][ T5179] RAX: ffffffffffffffda RBX: 00007fb3e6e55fa0 RCX: 00007fb3e6c9e819
[   75.845689][ T5179] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000005
[   75.853666][ T5179] RBP: 00007fb3e5317090 R08: 0000000000000000 R09: 0000000000000000
[   75.861703][ T5179] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   75.869685][ T5179] R13: 0000000000000000 R14: 00007fb3e6e55fa0 R15: 00007fff6ffe1f78
[   75.877674][ T5179]  </TASK>
[   76.016218][ T3395] IPVS: starting estimator thread 0...
[   76.109193][ T5194] netlink: 'syz.3.559': attribute type 13 has an invalid length.
[   76.117053][ T5194] netlink: 80 bytes leftover after parsing attributes in process `syz.3.559'.
[   76.126066][ T5187] IPVS: using max 2448 ests per chain, 122400 per kthread
[   76.198404][ T5194] pim6reg1: entered promiscuous mode
[   76.203831][ T5194] pim6reg1: entered allmulticast mode
[   76.356631][ T5202] netlink: 2040 bytes leftover after parsing attributes in process `syz.1.561'.
[   76.365732][ T5202] netlink: 24 bytes leftover after parsing attributes in process `syz.1.561'.
[   76.389533][ T5204] loop5: detected capacity change from 0 to 164
[   76.417787][ T5206] IPv6: Can't replace route, no match found
[   77.173598][ T5226] lo speed is unknown, defaulting to 1000
[   77.483099][ T5229] lo speed is unknown, defaulting to 1000
[   78.180435][ T5243] loop2: detected capacity change from 0 to 164
[   78.221092][ T5239] 9pnet: Could not find request transport: tvp
[   78.453395][ T5258] netlink: 4 bytes leftover after parsing attributes in process `syz.5.581'.
[   78.482163][ T5259] loop2: detected capacity change from 0 to 512
[   78.500170][ T5258] netlink: 4 bytes leftover after parsing attributes in process `syz.5.581'.
[   78.532941][ T5259] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   78.596541][ T5263] loop5: detected capacity change from 0 to 2048
[   78.644364][ T5263] EXT4-fs: Ignoring removed mblk_io_submit option
[   78.679769][ T5263] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   78.756376][ T5258] EXT4-fs error (device loop5): ext4_search_dir:1505: inode #2: block 16: comm syz.5.581: bad entry in directory: inode out of bounds - offset=44, inode=185, rec_len=16, size=2048 fake=0
[   78.785247][ T3328] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.806015][ T5258] EXT4-fs error (device loop5): ext4_find_dest_de:2079: inode #2: block 16: comm syz.5.581: bad entry in directory: inode out of bounds - offset=44, inode=185, rec_len=16, size=2048 fake=0
[   78.857989][ T5258] netlink: 8 bytes leftover after parsing attributes in process `syz.5.581'.
[   79.092978][ T3747] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.105484][   T24] IPVS: starting estimator thread 0...
[   79.196306][ T5286] IPVS: using max 2448 ests per chain, 122400 per kthread
[   79.220985][ T5296] loop4: detected capacity change from 0 to 512
[   79.232117][ T5296] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   79.304843][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.753743][ T5306] veth0_to_team: entered promiscuous mode
[   79.759576][ T5306] veth0_to_team: entered allmulticast mode
[   79.773751][ T5306] program syz.2.598 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   79.784320][ T5306] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[   79.866147][   T29] kauditd_printk_skb: 305 callbacks suppressed
[   79.872398][   T29] audit: type=1400 audit(1732280354.435:2391): avc:  denied  { name_bind } for  pid=5311 comm="syz.2.600" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[   79.895091][   T29] audit: type=1326 audit(1732280354.455:2392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5315 comm="syz.1.603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ce600e819 code=0x7ffc0000
[   79.918526][   T29] audit: type=1326 audit(1732280354.455:2393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5315 comm="syz.1.603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9ce600e819 code=0x7ffc0000
[   79.941873][   T29] audit: type=1326 audit(1732280354.455:2394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5315 comm="syz.1.603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ce600e819 code=0x7ffc0000
[   79.965309][   T29] audit: type=1326 audit(1732280354.455:2395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5315 comm="syz.1.603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9ce600e819 code=0x7ffc0000
[   79.988795][   T29] audit: type=1326 audit(1732280354.455:2396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5315 comm="syz.1.603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ce600e819 code=0x7ffc0000
[   80.012151][   T29] audit: type=1326 audit(1732280354.455:2397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5315 comm="syz.1.603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9ce600e819 code=0x7ffc0000
[   80.035446][   T29] audit: type=1326 audit(1732280354.465:2398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5315 comm="syz.1.603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ce600e819 code=0x7ffc0000
[   80.058862][   T29] audit: type=1326 audit(1732280354.465:2399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5315 comm="syz.1.603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ce600e819 code=0x7ffc0000
[   80.082257][   T29] audit: type=1326 audit(1732280354.465:2400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5315 comm="syz.1.603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9ce600e819 code=0x7ffc0000
[   80.171202][ T5321] netlink: 8 bytes leftover after parsing attributes in process `syz.5.605'.
[   80.180141][ T5321] netlink: 468 bytes leftover after parsing attributes in process `syz.5.605'.
[   80.385318][ T5347] netlink: 8 bytes leftover after parsing attributes in process `syz.1.618'.
[   80.394362][ T5347] netlink: 468 bytes leftover after parsing attributes in process `syz.1.618'.
[   80.581337][ T5362] ref_ctr_offset mismatch. inode: 0x22a offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x82
[   80.820897][ T5382] FAULT_INJECTION: forcing a failure.
[   80.820897][ T5382] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   80.834195][ T5382] CPU: 1 UID: 0 PID: 5382 Comm: syz.2.632 Not tainted 6.12.0-syzkaller-07749-g28eb75e178d3 #0
[   80.835751][ T5379] lo speed is unknown, defaulting to 1000
[   80.844439][ T5382] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[   80.844459][ T5382] Call Trace:
[   80.844466][ T5382]  <TASK>
[   80.844475][ T5382]  dump_stack_lvl+0xf2/0x150
[   80.871106][ T5382]  dump_stack+0x15/0x20
[   80.875347][ T5382]  should_fail_ex+0x223/0x230
[   80.880090][ T5382]  should_fail+0xb/0x10
[   80.884371][ T5382]  should_fail_usercopy+0x1a/0x20
[   80.889470][ T5382]  _copy_from_user+0x1e/0xb0
[   80.894117][ T5382]  kstrtouint_from_user+0x76/0xe0
[   80.899247][ T5382]  ? 0xffffffff81000000
[   80.903422][ T5382]  ? selinux_file_permission+0x22a/0x360
[   80.909171][ T5382]  proc_fail_nth_write+0x4f/0x150
[   80.914323][ T5382]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   80.920096][ T5382]  vfs_write+0x281/0x920
[   80.924397][ T5382]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   80.930060][ T5382]  ? __fget_files+0x17c/0x1c0
[   80.934795][ T5382]  ksys_write+0xe8/0x1b0
[   80.939144][ T5382]  __x64_sys_write+0x42/0x50
[   80.943775][ T5382]  x64_sys_call+0x287e/0x2dc0
[   80.946003][ T5388] loop4: detected capacity change from 0 to 256
[   80.948477][ T5382]  do_syscall_64+0xc9/0x1c0
[   80.948514][ T5382]  ? clear_bhb_loop+0x55/0xb0
[   80.963958][ T5382]  ? clear_bhb_loop+0x55/0xb0
[   80.968788][ T5382]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.974768][ T5382] RIP: 0033:0x7f95de67d2ff
[   80.979194][ T5382] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[   80.998849][ T5382] RSP: 002b:00007f95dccf1030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   81.007286][ T5382] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f95de67d2ff
[   81.015348][ T5382] RDX: 0000000000000001 RSI: 00007f95dccf10a0 RDI: 0000000000000006
[   81.023349][ T5382] RBP: 00007f95dccf1090 R08: 0000000000000000 R09: 0000000000000000
[   81.031333][ T5382] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[   81.039364][ T5382] R13: 0000000000000000 R14: 00007f95de835fa0 R15: 00007fff4b61a608
[   81.047355][ T5382]  </TASK>
[   81.100885][ T5388] FAT-fs (loop4): Directory bread(block 64) failed
[   81.139019][ T5388] FAT-fs (loop4): Directory bread(block 65) failed
[   81.145595][ T5388] FAT-fs (loop4): Directory bread(block 66) failed
[   81.149450][ T5397] netlink: 16 bytes leftover after parsing attributes in process `syz.2.639'.
[   81.166356][ T5388] FAT-fs (loop4): Directory bread(block 67) failed
[   81.173167][ T5388] FAT-fs (loop4): Directory bread(block 68) failed
[   81.186250][ T5388] FAT-fs (loop4): Directory bread(block 69) failed
[   81.192822][ T5388] FAT-fs (loop4): Directory bread(block 70) failed
[   81.213474][ T5388] FAT-fs (loop4): Directory bread(block 71) failed
[   81.220468][ T5401] ref_ctr_offset mismatch. inode: 0x28d offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x82
[   81.231620][ T5388] FAT-fs (loop4): Directory bread(block 72) failed
[   81.231649][ T5388] FAT-fs (loop4): Directory bread(block 73) failed
[   81.351020][ T5403] netlink: 8 bytes leftover after parsing attributes in process `syz.2.642'.
[   81.359892][ T5403] netlink: 460 bytes leftover after parsing attributes in process `syz.2.642'.
[   81.495817][ T5412] loop5: detected capacity change from 0 to 256
[   81.512196][ T5379] lo speed is unknown, defaulting to 1000
[   81.551679][ T5412] syzkaller0: entered allmulticast mode
[   81.573146][ T5412] syzkaller0 (unregistering): left allmulticast mode
[   81.595217][ T5416] Illegal XDP return value 4294967274 on prog  (id 393) dev N/A, expect packet loss!
[   81.617298][ T5416] IPv6: Can't replace route, no match found
[   81.736610][ T5424] loop5: detected capacity change from 0 to 164
[   81.821772][ T5432] ref_ctr_offset mismatch. inode: 0x311 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x82
[   81.909028][ T5434] 9pnet_fd: Insufficient options for proto=fd
[   82.043856][ T5441] loop5: detected capacity change from 0 to 164
[   82.242001][ T3321] FAT-fs (loop4): error, corrupted directory (invalid entries)
[   82.249731][ T3321] FAT-fs (loop4): Filesystem has been set read-only
[   82.274447][ T5443] lo speed is unknown, defaulting to 1000
[   82.298322][ T5449] netlink: 56 bytes leftover after parsing attributes in process `syz.3.662'.
[   82.344504][ T3321] FAT-fs (loop4): error, corrupted directory (invalid entries)
[   82.455071][ T5455] netlink: 8 bytes leftover after parsing attributes in process `syz.3.664'.
[   82.463945][ T5455] netlink: 460 bytes leftover after parsing attributes in process `syz.3.664'.
[   82.566360][ T5457] smc: net device bond0 applied user defined pnetid SYZ0
[   82.591802][ T5458] smc: net device bond0 erased user defined pnetid SYZ0
[   82.605613][ T5462] loop5: detected capacity change from 0 to 256
[   82.691989][ T5462] syzkaller0: entered allmulticast mode
[   82.700014][ T5462] syzkaller0 (unregistering): left allmulticast mode
[   82.745187][ T5470] ref_ctr_offset mismatch. inode: 0x32d offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x82
[   82.891435][ T5479] loop5: detected capacity change from 0 to 164
[   83.044224][ T5488] netlink: 8 bytes leftover after parsing attributes in process `syz.2.678'.
[   83.053145][ T5488] netlink: 40 bytes leftover after parsing attributes in process `syz.2.678'.
[   83.062123][ T5488] netlink: 200 bytes leftover after parsing attributes in process `syz.2.678'.
[   83.071167][ T5488] netlink: 40 bytes leftover after parsing attributes in process `syz.2.678'.
[   83.427395][ T5508] netlink: 'syz.2.685': attribute type 13 has an invalid length.
[   83.468944][ T5508] syz_tun: refused to change device tx_queue_len
[   83.475337][ T5508] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[   83.529624][ T5502] lo speed is unknown, defaulting to 1000
[   83.589897][ T5516] syzkaller0: entered allmulticast mode
[   83.604842][ T5516] syzkaller0 (unregistering): left allmulticast mode
[   83.738699][ T5521] netlink: 'syz.1.689': attribute type 21 has an invalid length.
[   83.760630][ T5521] netlink: 'syz.1.689': attribute type 1 has an invalid length.
[   83.806090][ T5502] chnl_net:caif_netlink_parms(): no params data found
[   83.925832][ T5502] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.933006][ T5502] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.947927][ T5502] bridge_slave_0: entered allmulticast mode
[   83.986312][ T5502] bridge_slave_0: entered promiscuous mode
[   84.006113][ T5502] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.013381][ T5502] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.027954][ T5502] bridge_slave_1: entered allmulticast mode
[   84.034771][ T5502] bridge_slave_1: entered promiscuous mode
[   84.055294][ T5502] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   84.068020][ T5502] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   84.104626][ T5502] team0: Port device team_slave_0 added
[   84.114153][ T5502] team0: Port device team_slave_1 added
[   84.133331][ T5502] batman_adv: batadv0: Adding interface: batadv_slave_0
[   84.140424][ T5502] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   84.166520][ T5502] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   84.279681][ T5502] batman_adv: batadv0: Adding interface: batadv_slave_1
[   84.286853][ T5502] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   84.312797][ T5502] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   84.561530][ T5502] hsr_slave_0: entered promiscuous mode
[   84.570808][ T5502] hsr_slave_1: entered promiscuous mode
[   84.576832][ T5502] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   84.584865][ T5502] Cannot create hsr debugfs directory
[   84.782346][ T5502] netdevsim netdevsim6 netdevsim0: renamed from eth0
[   84.799074][ T5502] netdevsim netdevsim6 netdevsim1: renamed from eth1
[   84.829645][ T5502] netdevsim netdevsim6 netdevsim2: renamed from eth2
[   84.903054][ T5502] netdevsim netdevsim6 netdevsim3: renamed from eth3
[   84.918809][ T5502] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.926008][ T5502] bridge0: port 2(bridge_slave_1) entered forwarding state
[   84.933377][ T5502] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.940470][ T5502] bridge0: port 1(bridge_slave_0) entered forwarding state
[   84.970526][ T5502] 8021q: adding VLAN 0 to HW filter on device bond0
[   84.981829][ T5502] 8021q: adding VLAN 0 to HW filter on device team0
[   85.082582][ T5502] 8021q: adding VLAN 0 to HW filter on device batadv0
[   85.369848][   T29] kauditd_printk_skb: 318 callbacks suppressed
[   85.369866][   T29] audit: type=1326 audit(1732280359.945:2719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5597 comm="syz.3.711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3e6c9e819 code=0x7ffc0000
[   85.370291][ T5596] program syz.2.710 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   85.382919][   T29] audit: type=1326 audit(1732280359.945:2720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5597 comm="syz.3.711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3e6c9e819 code=0x7ffc0000
[   85.472682][ T5502] veth0_vlan: entered promiscuous mode
[   85.482091][ T5596] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[   85.490657][   T29] audit: type=1326 audit(1732280359.975:2721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5597 comm="syz.3.711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb3e6c9e819 code=0x7ffc0000
[   85.514024][   T29] audit: type=1326 audit(1732280359.975:2722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5597 comm="syz.3.711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3e6c9e819 code=0x7ffc0000
[   85.537544][   T29] audit: type=1326 audit(1732280359.975:2723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5597 comm="syz.3.711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3e6c9e819 code=0x7ffc0000
[   85.561041][   T29] audit: type=1326 audit(1732280359.975:2724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5597 comm="syz.3.711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb3e6c9e819 code=0x7ffc0000
[   85.579510][ T5502] veth1_vlan: entered promiscuous mode
[   85.584398][   T29] audit: type=1326 audit(1732280359.985:2725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5597 comm="syz.3.711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3e6c9e819 code=0x7ffc0000
[   85.613230][   T29] audit: type=1326 audit(1732280359.985:2726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5597 comm="syz.3.711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fb3e6c9e819 code=0x7ffc0000
[   85.636570][   T29] audit: type=1326 audit(1732280359.985:2727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5597 comm="syz.3.711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3e6c9e819 code=0x7ffc0000
[   85.659912][   T29] audit: type=1326 audit(1732280360.015:2728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5597 comm="syz.3.711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3e6c9e819 code=0x7ffc0000
[   85.735654][ T5502] veth0_macvtap: entered promiscuous mode
[   85.747912][ T5502] veth1_macvtap: entered promiscuous mode
[   85.768143][ T5502] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   85.778665][ T5502] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.788612][ T5502] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   85.799070][ T5502] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.808904][ T5502] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   85.819391][ T5502] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.829394][ T5502] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   85.832672][ T5608] program syz.3.715 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   85.839867][ T5502] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.839891][ T5502] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   85.839909][ T5502] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.926964][ T5502] batman_adv: batadv0: Interface activated: batadv_slave_0
[   85.949490][ T5502] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   85.960051][ T5502] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.969998][ T5502] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   85.980104][ T5608] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[   85.980522][ T5502] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.980533][ T5502] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   85.980549][ T5502] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.019532][ T5502] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   86.030061][ T5502] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.040164][ T5502] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   86.050656][ T5502] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.112362][ T5502] batman_adv: batadv0: Interface activated: batadv_slave_1
[   86.153402][ T5502] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   86.162197][ T5502] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   86.171058][ T5502] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   86.179808][ T5502] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   86.256094][ T5617] IPv6: Can't replace route, no match found
[   86.365179][ T5624] __nla_validate_parse: 2 callbacks suppressed
[   86.365199][ T5624] netlink: 8 bytes leftover after parsing attributes in process `syz.6.721'.
[   86.454398][ T5632] netlink: 8 bytes leftover after parsing attributes in process `syz.1.724'.
[   86.463386][ T5632] netlink: 468 bytes leftover after parsing attributes in process `syz.1.724'.
[   86.521757][ T5634] lo speed is unknown, defaulting to 1000
[   86.528610][ T5637] netlink: 4 bytes leftover after parsing attributes in process `syz.3.722'.
[   86.890007][ T5647] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[   87.292459][ T5650] netlink: 24 bytes leftover after parsing attributes in process `syz.5.730'.
[   87.662406][ T5666] netlink: 8 bytes leftover after parsing attributes in process `syz.2.736'.
[   87.671352][ T5666] netlink: 468 bytes leftover after parsing attributes in process `syz.2.736'.
[   87.760133][ T5660] IPv6: Can't replace route, no match found
[   88.143560][ T5687] loop6: detected capacity change from 0 to 164
[   88.239537][ T5694] netlink: 8 bytes leftover after parsing attributes in process `syz.6.748'.
[   88.248489][ T5694] netlink: 468 bytes leftover after parsing attributes in process `syz.6.748'.
[   88.468172][ T5702] IPv6: Can't replace route, no match found
[   88.556474][ T5708] loop6: detected capacity change from 0 to 2048
[   88.622300][ T5708] Alternate GPT is invalid, using primary GPT.
[   88.628676][ T5708]  loop6: p2 p3 p7
[   88.838319][ T5720] netlink: 8 bytes leftover after parsing attributes in process `syz.6.761'.
[   88.875769][ T5722] program syz.2.762 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   88.898595][ T5722] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[   88.988161][ T5728] loop6: detected capacity change from 0 to 512
[   89.018269][ T5728] EXT4-fs error (device loop6): ext4_orphan_get:1389: inode #15: comm syz.6.765: iget: bad extended attribute block 1
[   89.071208][ T5728] EXT4-fs error (device loop6): ext4_orphan_get:1394: comm syz.6.765: couldn't read orphan inode 15 (err -117)
[   89.125470][ T5728] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   89.213579][ T5502] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.239539][ T5741] loop5: detected capacity change from 0 to 164
[   89.418181][ T5751] loop5: detected capacity change from 0 to 256
[   89.452027][ T5751] vfat: Bad value for 'time_offset'
[   89.761358][ T5771] loop5: detected capacity change from 0 to 1024
[   89.769565][ T5771] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   89.780592][ T5771] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   89.793423][ T5771] JBD2: no valid journal superblock found
[   89.799190][ T5771] EXT4-fs (loop5): Could not load journal inode
[   90.141401][ T5778] FAULT_INJECTION: forcing a failure.
[   90.141401][ T5778] name failslab, interval 1, probability 0, space 0, times 0
[   90.154263][ T5778] CPU: 0 UID: 0 PID: 5778 Comm: syz.2.786 Not tainted 6.12.0-syzkaller-07749-g28eb75e178d3 #0
[   90.164544][ T5778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[   90.174710][ T5778] Call Trace:
[   90.178033][ T5778]  <TASK>
[   90.181036][ T5778]  dump_stack_lvl+0xf2/0x150
[   90.185668][ T5778]  dump_stack+0x15/0x20
[   90.189863][ T5778]  should_fail_ex+0x223/0x230
[   90.194629][ T5778]  ? audit_log_d_path+0x96/0x250
[   90.199603][ T5778]  should_failslab+0x8f/0xb0
[   90.204230][ T5778]  __kmalloc_cache_noprof+0x4b/0x2a0
[   90.209604][ T5778]  audit_log_d_path+0x96/0x250
[   90.214415][ T5778]  ? __rcu_read_unlock+0x4e/0x70
[   90.219477][ T5778]  audit_log_d_path_exe+0x42/0x70
[   90.224530][ T5778]  audit_log_task+0x155/0x180
[   90.229518][ T5778]  audit_seccomp+0x68/0x130
[   90.234090][ T5778]  __seccomp_filter+0x6fa/0x1180
[   90.239099][ T5778]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   90.244780][ T5778]  ? vfs_write+0x596/0x920
[   90.249304][ T5778]  ? putname+0xcf/0xf0
[   90.253411][ T5778]  __secure_computing+0x9f/0x1c0
[   90.258426][ T5778]  syscall_trace_enter+0xd1/0x1f0
[   90.263588][ T5778]  ? fpregs_assert_state_consistent+0x83/0xa0
[   90.265173][ T5780] loop6: detected capacity change from 0 to 164
[   90.269672][ T5778]  do_syscall_64+0xaa/0x1c0
[   90.269707][ T5778]  ? clear_bhb_loop+0x55/0xb0
[   90.285250][ T5778]  ? clear_bhb_loop+0x55/0xb0
[   90.290120][ T5778]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.296048][ T5778] RIP: 0033:0x7f95de67e819
[   90.300553][ T5778] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   90.320353][ T5778] RSP: 002b:00007f95dccf1038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fd
[   90.328994][ T5778] RAX: ffffffffffffffda RBX: 00007f95de835fa0 RCX: 00007f95de67e819
[   90.336984][ T5778] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   90.344989][ T5778] RBP: 00007f95dccf1090 R08: 0000000000000000 R09: 0000000000000000
[   90.353058][ T5778] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   90.361049][ T5778] R13: 0000000000000000 R14: 00007f95de835fa0 R15: 00007fff4b61a608
[   90.369057][ T5778]  </TASK>
[   90.376555][   T29] kauditd_printk_skb: 648 callbacks suppressed
[   90.376636][   T29] audit: type=1326 audit(1732280364.945:3377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5777 comm="syz.2.786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f95de67d25c code=0x7ffc0000
[   90.406260][   T29] audit: type=1326 audit(1732280364.955:3378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5777 comm="syz.2.786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f95de67d2ff code=0x7ffc0000
[   90.429686][   T29] audit: type=1326 audit(1732280364.955:3379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5777 comm="syz.2.786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f95de67d4aa code=0x7ffc0000
[   90.452855][   T29] audit: type=1326 audit(1732280364.955:3380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5777 comm="syz.2.786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95de67e819 code=0x7ffc0000
[   90.476534][   T29] audit: type=1326 audit(1732280364.955:3381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5777 comm="syz.2.786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95de67e819 code=0x7ffc0000
[   90.517207][   T29] audit: type=1400 audit(1732280365.095:3382): avc:  denied  { create } for  pid=5783 comm="syz.6.789" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[   90.588720][ T5785] sctp: [Deprecated]: syz.6.789 (pid 5785) Use of struct sctp_assoc_value in delayed_ack socket option.
[   90.588720][ T5785] Use struct sctp_sack_info instead
[   90.608534][   T29] audit: type=1400 audit(1732280365.165:3383): avc:  denied  { ioctl } for  pid=5783 comm="syz.6.789" path="/dev/snapshot" dev="devtmpfs" ino=90 ioctlcmd=0x3312 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[   90.633646][   T29] audit: type=1400 audit(1732280365.165:3384): avc:  denied  { create } for  pid=5783 comm="syz.6.789" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   90.653000][   T29] audit: type=1400 audit(1732280365.165:3385): avc:  denied  { ioctl } for  pid=5783 comm="syz.6.789" path="socket:[12507]" dev="sockfs" ino=12507 ioctlcmd=0x89e7 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[   90.677787][   T29] audit: type=1400 audit(1732280365.185:3386): avc:  denied  { ioctl } for  pid=5783 comm="syz.6.789" path="socket:[12510]" dev="sockfs" ino=12510 ioctlcmd=0x942a scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   90.851532][ T5804] loop6: detected capacity change from 0 to 8192
[   90.872803][ T5798] netlink: 'syz.6.795': attribute type 4 has an invalid length.
[   90.889466][ T5798] netlink: 'syz.6.795': attribute type 4 has an invalid length.
[   90.981135][ T5808] unsupported nlmsg_type 40
[   91.069241][ T5811] veth0_to_team: entered promiscuous mode
[   91.075040][ T5811] veth0_to_team: entered allmulticast mode
[   91.115438][ T5814] FAULT_INJECTION: forcing a failure.
[   91.115438][ T5814] name failslab, interval 1, probability 0, space 0, times 0
[   91.128194][ T5814] CPU: 0 UID: 0 PID: 5814 Comm: syz.3.800 Not tainted 6.12.0-syzkaller-07749-g28eb75e178d3 #0
[   91.138580][ T5814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[   91.148733][ T5814] Call Trace:
[   91.152096][ T5814]  <TASK>
[   91.155034][ T5814]  dump_stack_lvl+0xf2/0x150
[   91.159663][ T5814]  dump_stack+0x15/0x20
[   91.163849][ T5814]  should_fail_ex+0x223/0x230
[   91.168619][ T5814]  ? getname_flags+0x81/0x3b0
[   91.173337][ T5814]  should_failslab+0x8f/0xb0
[   91.177952][ T5814]  kmem_cache_alloc_noprof+0x4c/0x290
[   91.183400][ T5814]  getname_flags+0x81/0x3b0
[   91.188001][ T5814]  user_path_at+0x26/0x120
[   91.192521][ T5814]  __se_sys_mount+0x248/0x2d0
[   91.197221][ T5814]  ? fput+0x1c4/0x200
[   91.201227][ T5814]  __x64_sys_mount+0x67/0x80
[   91.205897][ T5814]  x64_sys_call+0x2c84/0x2dc0
[   91.210690][ T5814]  do_syscall_64+0xc9/0x1c0
[   91.215223][ T5814]  ? clear_bhb_loop+0x55/0xb0
[   91.219966][ T5814]  ? clear_bhb_loop+0x55/0xb0
[   91.224672][ T5814]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.230616][ T5814] RIP: 0033:0x7fb3e6c9e819
[   91.235048][ T5814] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.254679][ T5814] RSP: 002b:00007fb3e5317038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   91.263221][ T5814] RAX: ffffffffffffffda RBX: 00007fb3e6e55fa0 RCX: 00007fb3e6c9e819
[   91.271254][ T5814] RDX: 0000000020000100 RSI: 0000000020000140 RDI: 0000000000000000
[   91.279238][ T5814] RBP: 00007fb3e5317090 R08: 0000000000000000 R09: 0000000000000000
[   91.287372][ T5814] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   91.295401][ T5814] R13: 0000000000000000 R14: 00007fb3e6e55fa0 R15: 00007fff6ffe1f78
[   91.303398][ T5814]  </TASK>
[   92.223647][ T5838] SELinux:  policydb version 0 does not match my version range 15-33
[   92.232214][ T5838] SELinux: failed to load policy
[   92.266447][ T5840] loop6: detected capacity change from 0 to 164
[   92.326943][ T5841] __nla_validate_parse: 3 callbacks suppressed
[   92.326979][ T5841] netlink: 212 bytes leftover after parsing attributes in process `syz.3.808'.
[   92.367856][ T5844] IPv6: Can't replace route, no match found
[   92.496863][ T5853] loop5: detected capacity change from 0 to 164
[   92.610784][ T5862] loop6: detected capacity change from 0 to 512
[   92.661294][ T5862] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   92.666380][ T5864] netlink: 28 bytes leftover after parsing attributes in process `syz.5.819'.
[   92.677069][ T5862] ext4 filesystem being mounted at /31/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   92.720556][ T5862] FAULT_INJECTION: forcing a failure.
[   92.720556][ T5862] name failslab, interval 1, probability 0, space 0, times 0
[   92.733385][ T5862] CPU: 0 UID: 0 PID: 5862 Comm: syz.6.818 Not tainted 6.12.0-syzkaller-07749-g28eb75e178d3 #0
[   92.743664][ T5862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[   92.753885][ T5862] Call Trace:
[   92.757216][ T5862]  <TASK>
[   92.760210][ T5862]  dump_stack_lvl+0xf2/0x150
[   92.764984][ T5862]  dump_stack+0x15/0x20
[   92.769251][ T5862]  should_fail_ex+0x223/0x230
[   92.773962][ T5862]  ? audit_log_start+0x34c/0x6b0
[   92.778983][ T5862]  should_failslab+0x8f/0xb0
[   92.783662][ T5862]  kmem_cache_alloc_noprof+0x4c/0x290
[   92.789210][ T5862]  audit_log_start+0x34c/0x6b0
[   92.794015][ T5862]  audit_seccomp+0x4b/0x130
[   92.798665][ T5862]  __seccomp_filter+0x6fa/0x1180
[   92.803630][ T5862]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   92.809375][ T5862]  ? vfs_write+0x596/0x920
[   92.813871][ T5862]  ? __schedule+0x6fa/0x930
[   92.818487][ T5862]  __secure_computing+0x9f/0x1c0
[   92.823540][ T5862]  syscall_trace_enter+0xd1/0x1f0
[   92.828674][ T5862]  do_syscall_64+0xaa/0x1c0
[   92.833215][ T5862]  ? clear_bhb_loop+0x55/0xb0
[   92.837934][ T5862]  ? clear_bhb_loop+0x55/0xb0
[   92.842719][ T5862]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.848631][ T5862] RIP: 0033:0x7f28b554e819
[   92.853078][ T5862] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   92.872804][ T5862] RSP: 002b:00007f28b3bc7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   92.881326][ T5862] RAX: ffffffffffffffda RBX: 00007f28b5705fa0 RCX: 00007f28b554e819
[   92.889347][ T5862] RDX: 0000000000000001 RSI: 0000000020003a80 RDI: 0000000000000007
[   92.897372][ T5862] RBP: 00007f28b3bc7090 R08: 0000000000000000 R09: 0000000000000000
[   92.905506][ T5862] R10: 000000002c000011 R11: 0000000000000246 R12: 0000000000000001
[   92.913571][ T5862] R13: 0000000000000000 R14: 00007f28b5705fa0 R15: 00007ffe1b412d68
[   92.921575][ T5862]  </TASK>
[   92.938559][ T5872] netlink: 8 bytes leftover after parsing attributes in process `syz.5.820'.
[   92.947432][ T5872] netlink: 200 bytes leftover after parsing attributes in process `syz.5.820'.
[   92.983299][ T5874] loop5: detected capacity change from 0 to 164
[   93.445341][ T5502] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.510832][ T5900] netlink: 12 bytes leftover after parsing attributes in process `syz.6.831'.
[   93.585859][ T5902] loop6: detected capacity change from 0 to 164
[   93.689946][ T5904] loop6: detected capacity change from 0 to 256
[   93.712088][ T5904] vfat: Bad value for 'time_offset'
[   93.955292][ T5912] loop5: detected capacity change from 0 to 512
[   93.983437][ T5913] loop6: detected capacity change from 0 to 1024
[   94.054505][ T5913] EXT4-fs (loop6): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   94.065646][ T5913] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   94.078391][ T5913] JBD2: no valid journal superblock found
[   94.084170][ T5913] EXT4-fs (loop6): Could not load journal inode
[   94.139208][ T5912] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   94.463855][ T5916] SELinux:  policydb version 117440512 does not match my version range 15-33
[   94.473923][ T5916] SELinux: failed to load policy
[   94.538508][ T3747] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   94.651315][ T5927] veth0_to_team: entered promiscuous mode
[   94.657354][ T5927] veth0_to_team: entered allmulticast mode
[   94.687571][ T5927] program syz.3.840 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   94.701286][ T5928] netlink: 28 bytes leftover after parsing attributes in process `syz.5.838'.
[   94.707513][ T5927] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[   94.710254][ T5928] netlink: 28 bytes leftover after parsing attributes in process `syz.5.838'.
[   94.759223][ T5928] erspan0: entered promiscuous mode
[   94.795183][ T5928] batadv_slave_1: entered promiscuous mode
[   94.824926][ T5931] program syz.3.841 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   94.859507][ T5931] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[   94.907588][ T5933] SELinux:  policydb table sizes (0,0) do not match mine (6,7)
[   94.916986][ T5933] SELinux: failed to load policy
[   94.997303][ T5937] loop5: detected capacity change from 0 to 512
[   95.050375][ T5937] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   95.108710][ T3747] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.182075][ T5944] netlink: 28 bytes leftover after parsing attributes in process `syz.3.848'.
[   95.191075][ T5944] netlink: 28 bytes leftover after parsing attributes in process `syz.3.848'.
[   95.320726][ T5953] FAULT_INJECTION: forcing a failure.
[   95.320726][ T5953] name failslab, interval 1, probability 0, space 0, times 0
[   95.333611][ T5953] CPU: 1 UID: 0 PID: 5953 Comm: syz.1.850 Not tainted 6.12.0-syzkaller-07749-g28eb75e178d3 #0
[   95.340036][ T5954] netlink: 16 bytes leftover after parsing attributes in process `syz.3.849'.
[   95.343929][ T5953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[   95.362972][ T5953] Call Trace:
[   95.366318][ T5953]  <TASK>
[   95.369312][ T5953]  dump_stack_lvl+0xf2/0x150
[   95.373956][ T5953]  dump_stack+0x15/0x20
[   95.378173][ T5953]  should_fail_ex+0x223/0x230
[   95.382885][ T5953]  ? rtnl_newlink+0x5d/0x1200
[   95.387678][ T5953]  should_failslab+0x8f/0xb0
[   95.392299][ T5953]  __kmalloc_cache_noprof+0x4b/0x2a0
[   95.397633][ T5953]  ? __pfx_rtnl_newlink+0x10/0x10
[   95.402702][ T5953]  rtnl_newlink+0x5d/0x1200
[   95.407271][ T5953]  ? kmem_cache_free+0xdc/0x2d0
[   95.412259][ T5953]  ? __kfree_skb+0x102/0x150
[   95.416924][ T5953]  ? tpacket_rcv+0x13dd/0x1890
[   95.421722][ T5953]  ? sk_skb_reason_drop+0xba/0x290
[   95.426987][ T5953]  ? tpacket_rcv+0x13dd/0x1890
[   95.431770][ T5953]  ? xa_load+0xb9/0xe0
[   95.435941][ T5953]  ? __copy_skb_header+0x290/0x320
[   95.441090][ T5953]  ? __memcg_slab_free_hook+0xc9/0x1e0
[   95.446671][ T5953]  ? __rcu_read_unlock+0x4e/0x70
[   95.451700][ T5953]  ? avc_has_perm_noaudit+0x1cc/0x210
[   95.457161][ T5953]  ? selinux_capable+0x1f2/0x260
[   95.462144][ T5953]  ? security_capable+0x81/0x90
[   95.467071][ T5953]  ? ns_capable+0x7d/0xb0
[   95.471419][ T5953]  ? __pfx_rtnl_newlink+0x10/0x10
[   95.476615][ T5953]  rtnetlink_rcv_msg+0x651/0x710
[   95.481581][ T5953]  ? ref_tracker_free+0x3a5/0x410
[   95.486689][ T5953]  ? __dev_queue_xmit+0x186/0x2090
[   95.491929][ T5953]  ? skb_clone+0x154/0x1f0
[   95.496548][ T5953]  netlink_rcv_skb+0x12c/0x230
[   95.501453][ T5953]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   95.506965][ T5953]  rtnetlink_rcv+0x1c/0x30
[   95.511473][ T5953]  netlink_unicast+0x599/0x670
[   95.516358][ T5953]  netlink_sendmsg+0x5cc/0x6e0
[   95.521182][ T5953]  ? __pfx_netlink_sendmsg+0x10/0x10
[   95.526517][ T5953]  __sock_sendmsg+0x140/0x180
[   95.531224][ T5953]  ____sys_sendmsg+0x312/0x410
[   95.536041][ T5953]  __sys_sendmsg+0x19d/0x230
[   95.540691][ T5953]  __x64_sys_sendmsg+0x46/0x50
[   95.545523][ T5953]  x64_sys_call+0x2734/0x2dc0
[   95.550236][ T5953]  do_syscall_64+0xc9/0x1c0
[   95.554863][ T5953]  ? clear_bhb_loop+0x55/0xb0
[   95.559570][ T5953]  ? clear_bhb_loop+0x55/0xb0
[   95.564284][ T5953]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.570299][ T5953] RIP: 0033:0x7f9ce600e819
[   95.574733][ T5953] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.594833][ T5953] RSP: 002b:00007f9ce4687038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   95.603317][ T5953] RAX: ffffffffffffffda RBX: 00007f9ce61c5fa0 RCX: 00007f9ce600e819
[   95.611310][ T5953] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000004
[   95.619379][ T5953] RBP: 00007f9ce4687090 R08: 0000000000000000 R09: 0000000000000000
[   95.627357][ T5953] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   95.635381][ T5953] R13: 0000000000000000 R14: 00007f9ce61c5fa0 R15: 00007ffc6e6f7338
[   95.643459][ T5953]  </TASK>
[   95.712666][ T5967] SELinux:  policydb table sizes (0,0) do not match mine (6,7)
[   95.724373][ T5967] SELinux: failed to load policy
[   95.816583][   T29] kauditd_printk_skb: 325 callbacks suppressed
[   95.816600][   T29] audit: type=1326 audit(1732280370.335:3710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5971 comm="syz.1.857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ce600e819 code=0x7ffc0000
[   95.846304][   T29] audit: type=1326 audit(1732280370.335:3711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5971 comm="syz.1.857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ce600e819 code=0x7ffc0000
[   95.854661][ T5976] SELinux:  policydb version 0 does not match my version range 15-33
[   95.869670][   T29] audit: type=1326 audit(1732280370.335:3712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5971 comm="syz.1.857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9ce600e819 code=0x7ffc0000
[   95.869726][   T29] audit: type=1326 audit(1732280370.335:3713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5971 comm="syz.1.857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ce600e819 code=0x7ffc0000
[   95.877962][ T5976] SELinux: failed to load policy
[   95.901316][   T29] audit: type=1326 audit(1732280370.335:3714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5971 comm="syz.1.857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ce600e819 code=0x7ffc0000
[   95.953166][   T29] audit: type=1326 audit(1732280370.335:3715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5971 comm="syz.1.857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9ce600e819 code=0x7ffc0000
[   95.976583][   T29] audit: type=1326 audit(1732280370.335:3716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5971 comm="syz.1.857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ce600e819 code=0x7ffc0000
[   96.000078][   T29] audit: type=1326 audit(1732280370.335:3717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5971 comm="syz.1.857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f9ce600e819 code=0x7ffc0000
[   96.023555][   T29] audit: type=1326 audit(1732280370.335:3718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5971 comm="syz.1.857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f9ce600e853 code=0x7ffc0000
[   96.046720][   T29] audit: type=1326 audit(1732280370.345:3719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5971 comm="syz.1.857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f9ce600d2ff code=0x7ffc0000
[   96.053230][ T5979] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[   96.239160][ T5989] veth0_to_team: entered promiscuous mode
[   96.245020][ T5989] veth0_to_team: entered allmulticast mode
[   96.360482][ T5994] loop5: detected capacity change from 0 to 164
[   96.369251][ T5996] SELinux:  policydb table sizes (0,0) do not match mine (6,7)
[   96.385068][ T5996] SELinux: failed to load policy
[   96.915905][ T6025] loop6: detected capacity change from 0 to 164
[   97.156354][ T6031] loop6: detected capacity change from 0 to 512
[   97.195674][ T6031] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   97.321984][ T5502] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.555732][ T6040] loop6: detected capacity change from 0 to 256
[   97.572359][ T6040] vfat: Bad value for 'time_offset'
[   97.705160][ T6046] __nla_validate_parse: 11 callbacks suppressed
[   97.705181][ T6046] netlink: 8 bytes leftover after parsing attributes in process `syz.2.886'.
[   97.720588][ T6046] netlink: 8 bytes leftover after parsing attributes in process `syz.2.886'.
[   97.729469][ T6046] netlink: 8 bytes leftover after parsing attributes in process `syz.2.886'.
[   97.865607][ T6050] loop6: detected capacity change from 0 to 1024
[   97.939649][ T6050] EXT4-fs (loop6): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   97.950579][ T6050] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   97.962166][ T6050] JBD2: no valid journal superblock found
[   97.967953][ T6050] EXT4-fs (loop6): Could not load journal inode
[   98.299901][ T6060] SELinux:  policydb table sizes (0,0) do not match mine (6,7)
[   98.317570][ T6060] SELinux: failed to load policy
[   99.100535][ T6082] netlink: 8 bytes leftover after parsing attributes in process `syz.1.899'.
[   99.109441][ T6082] netlink: 8 bytes leftover after parsing attributes in process `syz.1.899'.
[   99.118265][ T6082] netlink: 8 bytes leftover after parsing attributes in process `syz.1.899'.
[   99.327514][ T6098] SELinux:  policydb table sizes (0,0) do not match mine (6,7)
[   99.342618][ T6098] SELinux: failed to load policy
[   99.347875][ T6100] SELinux:  policydb table sizes (0,0) do not match mine (6,7)
[   99.355549][ T6100] SELinux: failed to load policy
[   99.483449][ T6110] netlink: 8 bytes leftover after parsing attributes in process `syz.5.911'.
[   99.492374][ T6110] netlink: 8 bytes leftover after parsing attributes in process `syz.5.911'.
[   99.602750][ T6118] loop5: detected capacity change from 0 to 4096
[   99.636654][ T6118] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   99.852681][ T6121] lo speed is unknown, defaulting to 1000
[   99.985825][ T6129] SELinux:  policydb table sizes (0,0) do not match mine (6,7)
[   99.995066][ T6129] SELinux: failed to load policy
[  100.022933][ T6131] IPv6: Can't replace route, no match found
[  100.295112][ T6142] netlink: 8 bytes leftover after parsing attributes in process `syz.1.923'.
[  100.304101][ T6142] netlink: 8 bytes leftover after parsing attributes in process `syz.1.923'.
[  100.437866][ T3747] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.621654][ T6158] program syz.6.930 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  100.632407][ T6158] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  100.677250][ T6160] loop6: detected capacity change from 0 to 164
[  101.397643][ T6176] loop5: detected capacity change from 0 to 164
[  101.438294][ T6162] lo speed is unknown, defaulting to 1000
[  101.447619][   T29] kauditd_printk_skb: 132 callbacks suppressed
[  101.447634][   T29] audit: type=1400 audit(1732280376.025:3852): avc:  denied  { setopt } for  pid=6177 comm="syz.5.938" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  101.499682][ T6178] loop5: detected capacity change from 0 to 2048
[  101.547583][ T6178] Alternate GPT is invalid, using primary GPT.
[  101.553886][ T6178]  loop5: p1 p2 p3
[  101.568080][ T3021] Alternate GPT is invalid, using primary GPT.
[  101.574456][ T3021]  loop5: p1 p2 p3
[  101.618104][ T3313] udevd[3313]: inotify_add_watch(7, /dev/loop5p2, 10) failed: No such file or directory
[  101.620778][ T3311] udevd[3311]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory
[  101.645046][ T3554] udevd[3554]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory
[  101.665684][ T6189] loop6: detected capacity change from 0 to 164
[  101.682466][ T3313] udevd[3313]: inotify_add_watch(7, /dev/loop5p2, 10) failed: No such file or directory
[  101.682489][ T3311] udevd[3311]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory
[  101.693204][ T3554] udevd[3554]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory
[  101.917687][   T29] audit: type=1400 audit(1732280376.495:3853): avc:  denied  { ioctl } for  pid=6203 comm="syz.2.947" path="socket:[12752]" dev="sockfs" ino=12752 ioctlcmd=0x943e scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  101.955824][   T29] audit: type=1400 audit(1732280376.525:3854): avc:  denied  { read } for  pid=6205 comm=E6A6 name="msr" dev="devtmpfs" ino=85 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  101.977913][   T29] audit: type=1400 audit(1732280376.525:3855): avc:  denied  { open } for  pid=6205 comm=E6A6 path="/dev/cpu/0/msr" dev="devtmpfs" ino=85 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  102.454066][   T29] audit: type=1400 audit(1732280377.025:3856): avc:  denied  { ioctl } for  pid=6215 comm="syz.1.952" path="socket:[14406]" dev="sockfs" ino=14406 ioctlcmd=0x48f0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  102.545547][ T6219] loop5: detected capacity change from 0 to 164
[  102.590664][ T6222] SELinux:  policydb table sizes (0,0) do not match mine (6,7)
[  102.626134][ T6222] SELinux: failed to load policy
[  102.665957][ T6224] loop5: detected capacity change from 0 to 164
[  102.824080][   T29] audit: type=1326 audit(1732280377.395:3857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6234 comm="syz.3.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3e6c9e819 code=0x7ffc0000
[  102.848220][ T6236] FAULT_INJECTION: forcing a failure.
[  102.848220][ T6236] name failslab, interval 1, probability 0, space 0, times 0
[  102.860942][ T6236] CPU: 0 UID: 0 PID: 6236 Comm: syz.3.962 Not tainted 6.12.0-syzkaller-07749-g28eb75e178d3 #0
[  102.871212][ T6236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  102.881426][ T6236] Call Trace:
[  102.884720][ T6236]  <TASK>
[  102.887667][ T6236]  dump_stack_lvl+0xf2/0x150
[  102.892368][ T6236]  dump_stack+0x15/0x20
[  102.896680][ T6236]  should_fail_ex+0x223/0x230
[  102.901377][ T6236]  ? audit_log_d_path+0x96/0x250
[  102.906425][ T6236]  should_failslab+0x8f/0xb0
[  102.911030][ T6236]  __kmalloc_cache_noprof+0x4b/0x2a0
[  102.916339][ T6236]  audit_log_d_path+0x96/0x250
[  102.921212][ T6236]  ? __rcu_read_unlock+0x4e/0x70
[  102.926325][ T6236]  audit_log_d_path_exe+0x42/0x70
[  102.931448][ T6236]  audit_log_task+0x155/0x180
[  102.936181][ T6236]  audit_seccomp+0x68/0x130
[  102.940784][ T6236]  __seccomp_filter+0x6fa/0x1180
[  102.945777][ T6236]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  102.951552][ T6236]  ? __rcu_read_unlock+0x4e/0x70
[  102.956526][ T6236]  ? __fget_files+0x17c/0x1c0
[  102.961289][ T6236]  __secure_computing+0x9f/0x1c0
[  102.966353][ T6236]  syscall_trace_enter+0xd1/0x1f0
[  102.971461][ T6236]  ? fpregs_assert_state_consistent+0x83/0xa0
[  102.977588][ T6236]  do_syscall_64+0xaa/0x1c0
[  102.982105][ T6236]  ? clear_bhb_loop+0x55/0xb0
[  102.986801][ T6236]  ? clear_bhb_loop+0x55/0xb0
[  102.991492][ T6236]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.997441][ T6236] RIP: 0033:0x7fb3e6c9d25c
[  103.001867][ T6236] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  103.021574][ T6236] RSP: 002b:00007fb3e5317030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  103.030074][ T6236] RAX: ffffffffffffffda RBX: 00007fb3e6e55fa0 RCX: 00007fb3e6c9d25c
[  103.038151][ T6236] RDX: 000000000000000f RSI: 00007fb3e53170a0 RDI: 0000000000000005
[  103.046220][ T6236] RBP: 00007fb3e5317090 R08: 0000000000000000 R09: 0000000000000000
[  103.054377][ T6236] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  103.062368][ T6236] R13: 0000000000000000 R14: 00007fb3e6e55fa0 R15: 00007fff6ffe1f78
[  103.070507][ T6236]  </TASK>
[  103.096202][   T29] audit: type=1326 audit(1732280377.425:3858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6234 comm="syz.3.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb3e6c9d1b0 code=0x7ffc0000
[  103.119564][   T29] audit: type=1326 audit(1732280377.425:3859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6234 comm="syz.3.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fb3e6c9d2ff code=0x7ffc0000
[  103.142758][   T29] audit: type=1326 audit(1732280377.425:3860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6234 comm="syz.3.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=326 compat=0 ip=0x7fb3e6c9e819 code=0x7ffc0000
[  103.166246][   T29] audit: type=1326 audit(1732280377.425:3861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6234 comm="syz.3.962" exe="<no_memory>" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7fb3e6c9d25c code=0x7ffc0000
[  103.245619][ T6242] __nla_validate_parse: 3 callbacks suppressed
[  103.245640][ T6242] netlink: 3 bytes leftover after parsing attributes in process `syz.1.964'.
[  103.276810][ T6242] 0ªX¹¦À: renamed from caif0
[  103.284035][ T6242] 0ªX¹¦À: entered allmulticast mode
[  103.289572][ T6242] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[  103.367195][ T6254] ebtables: ebtables: counters copy to user failed while replacing table
[  103.444376][ T6269] SELinux:  policydb table sizes (0,0) do not match mine (6,7)
[  103.452768][ T6269] SELinux: failed to load policy
[  103.551127][ T6275] veth0_to_team: entered promiscuous mode
[  103.556987][ T6275] veth0_to_team: entered allmulticast mode
[  103.568249][ T6277] loop6: detected capacity change from 0 to 164
[  103.632837][ T6280] program syz.1.976 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  103.644365][ T6280] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  103.762733][ T6288] loop6: detected capacity change from 0 to 164
[  103.821681][ T6291] FAULT_INJECTION: forcing a failure.
[  103.821681][ T6291] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  103.835149][ T6291] CPU: 0 UID: 0 PID: 6291 Comm: syz.6.981 Not tainted 6.12.0-syzkaller-07749-g28eb75e178d3 #0
[  103.845493][ T6291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  103.855581][ T6291] Call Trace:
[  103.858917][ T6291]  <TASK>
[  103.861925][ T6291]  dump_stack_lvl+0xf2/0x150
[  103.866583][ T6291]  dump_stack+0x15/0x20
[  103.870756][ T6291]  should_fail_ex+0x223/0x230
[  103.875464][ T6291]  should_fail_alloc_page+0xfd/0x110
[  103.880820][ T6291]  __alloc_pages_noprof+0x109/0x340
[  103.886044][ T6291]  alloc_pages_mpol_noprof+0xb1/0x1e0
[  103.891569][ T6291]  vma_alloc_folio_noprof+0x1a0/0x2f0
[  103.896975][ T6291]  handle_mm_fault+0xdbe/0x2aa0
[  103.901946][ T6291]  ? __rcu_read_lock+0x36/0x50
[  103.906775][ T6291]  __get_user_pages+0xf2c/0x2670
[  103.911756][ T6291]  __mm_populate+0x25b/0x3b0
[  103.916391][ T6291]  vm_mmap_pgoff+0x1d6/0x290
[  103.921020][ T6291]  ksys_mmap_pgoff+0xd0/0x330
[  103.925721][ T6291]  ? fpregs_assert_state_consistent+0x83/0xa0
[  103.931981][ T6291]  x64_sys_call+0x1940/0x2dc0
[  103.936714][ T6291]  do_syscall_64+0xc9/0x1c0
[  103.941346][ T6291]  ? clear_bhb_loop+0x55/0xb0
[  103.946053][ T6291]  ? clear_bhb_loop+0x55/0xb0
[  103.950810][ T6291]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.956727][ T6291] RIP: 0033:0x7f28b554e819
[  103.961174][ T6291] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  103.980815][ T6291] RSP: 002b:00007f28b3bc7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  103.989263][ T6291] RAX: ffffffffffffffda RBX: 00007f28b5705fa0 RCX: 00007f28b554e819
[  103.997323][ T6291] RDX: 0000000001000007 RSI: 000000000000a000 RDI: 0000000020000000
[  104.005335][ T6291] RBP: 00007f28b3bc7090 R08: ffffffffffffffff R09: 0000000000000000
[  104.013503][ T6291] R10: 0000000000002172 R11: 0000000000000246 R12: 0000000000000002
[  104.021587][ T6291] R13: 0000000000000000 R14: 00007f28b5705fa0 R15: 00007ffe1b412d68
[  104.029661][ T6291]  </TASK>
[  104.072877][ T6293] netlink: 8 bytes leftover after parsing attributes in process `syz.5.982'.
[  104.081776][ T6293] netlink: 8 bytes leftover after parsing attributes in process `syz.5.982'.
[  104.090816][ T6293] netlink: 8 bytes leftover after parsing attributes in process `syz.5.982'.
[  104.099687][ T6293] netlink: 8 bytes leftover after parsing attributes in process `syz.5.982'.
[  104.192486][ T6295] SELinux:  policydb table sizes (0,0) do not match mine (6,7)
[  104.225787][ T6295] SELinux: failed to load policy
[  104.288858][ T6302] netlink: 'syz.6.986': attribute type 10 has an invalid length.
[  104.326055][ T6302] 8021q: adding VLAN 0 to HW filter on device team0
[  104.346289][ T6302] bond0: (slave team0): Enslaving as an active interface with an up link
[  104.495250][ T6317] netlink: 240 bytes leftover after parsing attributes in process `syz.1.993'.
[  104.524187][ T6302] loop6: detected capacity change from 0 to 8192
[  104.546404][ T6302] bio_check_eod: 4296 callbacks suppressed
[  104.546430][ T6302] syz.6.986: attempt to access beyond end of device
[  104.546430][ T6302] loop6: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  104.568711][ T6302] FAT-fs (loop6): error, invalid access to FAT (entry 0x0000e1b1)
[  104.577245][ T6302] FAT-fs (loop6): Filesystem has been set read-only
[  104.584849][ T6302] FAT-fs (loop6): error, invalid access to FAT (entry 0x0000e1b1)
[  104.593098][ T6302] FAT-fs (loop6): error, invalid access to FAT (entry 0x0000e1b1)
[  104.720703][ T6329] SELinux:  policydb table sizes (0,0) do not match mine (6,7)
[  104.746586][ T6329] SELinux: failed to load policy
[  104.764544][ T6332] FAULT_INJECTION: forcing a failure.
[  104.764544][ T6332] name failslab, interval 1, probability 0, space 0, times 0
[  104.777415][ T6332] CPU: 0 UID: 0 PID: 6332 Comm: syz.6.998 Not tainted 6.12.0-syzkaller-07749-g28eb75e178d3 #0
[  104.787683][ T6332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  104.797795][ T6332] Call Trace:
[  104.801130][ T6332]  <TASK>
[  104.804134][ T6332]  dump_stack_lvl+0xf2/0x150
[  104.808773][ T6332]  dump_stack+0x15/0x20
[  104.812970][ T6332]  should_fail_ex+0x223/0x230
[  104.817834][ T6332]  ? mas_alloc_nodes+0x1d3/0x4a0
[  104.822824][ T6332]  should_failslab+0x8f/0xb0
[  104.827513][ T6332]  kmem_cache_alloc_noprof+0x4c/0x290
[  104.832999][ T6332]  mas_alloc_nodes+0x1d3/0x4a0
[  104.837815][ T6332]  mas_preallocate+0x449/0x650
[  104.842657][ T6332]  __split_vma+0x244/0x6a0
[  104.847109][ T6332]  vms_gather_munmap_vmas+0x175/0x7a0
[  104.852517][ T6332]  ? _parse_integer+0x27/0x30
[  104.857251][ T6332]  ? kstrtoull+0x110/0x140
[  104.861691][ T6332]  do_vmi_align_munmap+0x1a4/0x390
[  104.866852][ T6332]  do_vmi_munmap+0x1eb/0x230
[  104.871618][ T6332]  __vm_munmap+0xfd/0x220
[  104.875981][ T6332]  __x64_sys_munmap+0x36/0x40
[  104.880803][ T6332]  x64_sys_call+0xe14/0x2dc0
[  104.885504][ T6332]  do_syscall_64+0xc9/0x1c0
[  104.890104][ T6332]  ? clear_bhb_loop+0x55/0xb0
[  104.894897][ T6332]  ? clear_bhb_loop+0x55/0xb0
[  104.899704][ T6332]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.905626][ T6332] RIP: 0033:0x7f28b554e819
[  104.910057][ T6332] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  104.929716][ T6332] RSP: 002b:00007f28b3bc7038 EFLAGS: 00000246 ORIG_RAX: 000000000000000b
[  104.938164][ T6332] RAX: ffffffffffffffda RBX: 00007f28b5705fa0 RCX: 00007f28b554e819
[  104.946202][ T6332] RDX: 0000000000000000 RSI: 0000000000c00000 RDI: 00000000203fe000
[  104.954272][ T6332] RBP: 00007f28b3bc7090 R08: 0000000000000000 R09: 0000000000000000
[  104.962291][ T6332] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  104.970396][ T6332] R13: 0000000000000001 R14: 00007f28b5705fa0 R15: 00007ffe1b412d68
[  104.978430][ T6332]  </TASK>
[  105.065359][ T6338] program syz.6.1001 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  105.085255][ T6338] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  105.270858][ T6350] loop6: detected capacity change from 0 to 4096
[  105.290005][ T6350] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.411229][ T6359] SELinux:  policydb table sizes (0,0) do not match mine (6,7)
[  105.458787][ T6359] SELinux: failed to load policy
[  105.536616][ T6365] FAULT_INJECTION: forcing a failure.
[  105.536616][ T6365] name failslab, interval 1, probability 0, space 0, times 0
[  105.549337][ T6365] CPU: 1 UID: 0 PID: 6365 Comm: syz.3.1011 Not tainted 6.12.0-syzkaller-07749-g28eb75e178d3 #0
[  105.559737][ T6365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  105.569807][ T6365] Call Trace:
[  105.573092][ T6365]  <TASK>
[  105.576033][ T6365]  dump_stack_lvl+0xf2/0x150
[  105.580646][ T6365]  dump_stack+0x15/0x20
[  105.584828][ T6365]  should_fail_ex+0x223/0x230
[  105.589583][ T6365]  ? io_alloc_async_data+0x4a/0xb0
[  105.594716][ T6365]  should_failslab+0x8f/0xb0
[  105.599318][ T6365]  __kmalloc_noprof+0xa5/0x370
[  105.604105][ T6365]  io_alloc_async_data+0x4a/0xb0
[  105.609070][ T6365]  io_prep_rw+0x2ec/0x440
[  105.613440][ T6365]  io_prep_rwv+0x59/0x1f0
[  105.617838][ T6365]  io_prep_readv+0x1f/0x30
[  105.622365][ T6365]  io_submit_sqes+0x5d0/0x1090
[  105.627160][ T6365]  __se_sys_io_uring_enter+0x1be/0x1a10
[  105.632749][ T6365]  ? selinux_file_permission+0x22a/0x360
[  105.638420][ T6365]  ? get_pid_task+0x8e/0xc0
[  105.642954][ T6365]  ? proc_fail_nth_write+0x12a/0x150
[  105.648270][ T6365]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  105.653976][ T6365]  ? vfs_write+0x596/0x920
[  105.658470][ T6365]  ? __fget_files+0x17c/0x1c0
[  105.663196][ T6365]  ? fput+0x1c4/0x200
[  105.667190][ T6365]  ? ksys_write+0x176/0x1b0
[  105.671725][ T6365]  __x64_sys_io_uring_enter+0x78/0x90
[  105.677132][ T6365]  x64_sys_call+0xb5e/0x2dc0
[  105.681803][ T6365]  do_syscall_64+0xc9/0x1c0
[  105.686384][ T6365]  ? clear_bhb_loop+0x55/0xb0
[  105.691140][ T6365]  ? clear_bhb_loop+0x55/0xb0
[  105.695860][ T6365]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.701819][ T6365] RIP: 0033:0x7fb3e6c9e819
[  105.706265][ T6365] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  105.725967][ T6365] RSP: 002b:00007fb3e5317038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  105.734459][ T6365] RAX: ffffffffffffffda RBX: 00007fb3e6e55fa0 RCX: 00007fb3e6c9e819
[  105.742472][ T6365] RDX: 0000000000000000 RSI: 0000000000000567 RDI: 0000000000000003
[  105.750465][ T6365] RBP: 00007fb3e5317090 R08: 0000000000000000 R09: 0000000000000000
[  105.758453][ T6365] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  105.766467][ T6365] R13: 0000000000000000 R14: 00007fb3e6e55fa0 R15: 00007fff6ffe1f78
[  105.774454][ T6365]  </TASK>
[  105.903289][ T6366] tipc: Started in network mode
[  105.908260][ T6366] tipc: Node identity ac14140f, cluster identity 4711
[  105.930775][ T6366] tipc: New replicast peer: 255.255.255.5
[  105.936740][ T6366] tipc: Enabled bearer <udp:s>, priority 10
[  106.053541][ T5502] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.119021][ T6378] program syz.2.1017 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  106.134579][ T6376] xt_nat: multiple ranges no longer supported
[  106.153860][ T6378] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  106.183842][ T6381] loop6: detected capacity change from 0 to 164
[  106.361118][ T6392] loop6: detected capacity change from 0 to 256
[  106.505786][ T6397] lo speed is unknown, defaulting to 1000
[  106.862693][ T6404] loop5: detected capacity change from 0 to 1024
[  106.884696][ T6406] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  106.895231][ T6404] EXT4-fs: Ignoring removed orlov option
[  106.910545][   T29] kauditd_printk_skb: 138 callbacks suppressed
[  106.910563][   T29] audit: type=1326 audit(1732280381.485:4000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6407 comm="syz.6.1027" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f28b554e819 code=0x0
[  106.943297][ T6404] EXT4-fs (loop5): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  106.979855][ T6404] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  107.007607][   T29] audit: type=1400 audit(1732280381.585:4001): avc:  denied  { setattr } for  pid=6403 comm="syz.5.1025" name="LLC" dev="sockfs" ino=14974 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  107.036520][ T6404] EXT4-fs error (device loop5): ext4_expand_extra_isize_ea:2793: inode #12: comm syz.5.1025: corrupted in-inode xattr: bad magic number in in-inode xattr
[  107.056598][    T9] tipc: Node number set to 2886997007
[  107.072466][ T6404] EXT4-fs (loop5): Remounting filesystem read-only
[  107.111437][ T3747] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.166881][   T29] audit: type=1326 audit(1732280381.745:4002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6426 comm="syz.1.1033" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9ce600e819 code=0x0
[  107.195476][ T6429] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in;
[  107.195476][ T6429]    program syz.5.1032 not setting count and/or reply_len properly
[  107.249042][ T6429] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  107.394831][ T6436] syzkaller0: tun_chr_ioctl cmd 1074025677
[  107.400787][ T6436] syzkaller0: Linktype set failed because interface is up
[  107.408195][    T9] syzkaller0: tun_net_xmit 76
[  107.418517][ T6440] SELinux:  policydb table sizes (0,0) do not match mine (6,7)
[  107.434547][ T6440] SELinux: failed to load policy
[  107.471568][   T29] audit: type=1326 audit(1732280382.045:4003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6435 comm="syz.5.1037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4e154e819 code=0x7ffc0000
[  107.516366][   T29] audit: type=1326 audit(1732280382.065:4004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6435 comm="syz.5.1037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4e154e819 code=0x7ffc0000
[  107.540333][   T29] audit: type=1326 audit(1732280382.065:4005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6435 comm="syz.5.1037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=74 compat=0 ip=0x7fa4e154e819 code=0x7ffc0000
[  107.563902][   T29] audit: type=1326 audit(1732280382.065:4006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6435 comm="syz.5.1037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4e154e819 code=0x7ffc0000
[  107.587329][   T29] audit: type=1326 audit(1732280382.065:4007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6435 comm="syz.5.1037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4e154e819 code=0x7ffc0000
[  107.650411][   T29] audit: type=1326 audit(1732280382.225:4008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6445 comm="syz.3.1040" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3e6c9e819 code=0x7ffc0000
[  107.674345][   T29] audit: type=1326 audit(1732280382.225:4009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6445 comm="syz.3.1040" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3e6c9e819 code=0x7ffc0000
[  107.814392][ T6452] loop6: detected capacity change from 0 to 164
[  107.887263][ T6455] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1044'.
[  107.896347][ T6455] netlink: 468 bytes leftover after parsing attributes in process `syz.5.1044'.
[  107.944951][ T6457] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1045'.
[  107.953920][ T6457] netlink: 468 bytes leftover after parsing attributes in process `syz.6.1045'.
[  108.074869][ T6465] Invalid ELF header magic: != ELF
[  108.125613][ T6469] loop5: detected capacity change from 0 to 164
[  108.137926][ T6470] netlink: 'syz.1.1049': attribute type 2 has an invalid length.
[  108.145778][ T6470] netlink: 'syz.1.1049': attribute type 8 has an invalid length.
[  108.194580][ T6470] netlink: 'syz.1.1049': attribute type 39 has an invalid length.
[  108.238567][ T6472] mmap: syz.6.1048 (6472) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  108.253138][ T3021] ==================================================================
[  108.261253][ T3021] BUG: KCSAN: data-race in set_nlink / set_nlink
[  108.267601][ T3021] 
[  108.269951][ T3021] read to 0xffff88810646a518 of 4 bytes by task 3554 on cpu 1:
[  108.277499][ T3021]  set_nlink+0x2b/0xb0
[  108.281587][ T3021]  kernfs_iop_permission+0x1c8/0x210
[  108.286896][ T3021]  inode_permission+0x18c/0x300
[  108.291769][ T3021]  link_path_walk+0x14b/0x820
[  108.296457][ T3021]  path_openat+0x1af/0x1fa0
[  108.301004][ T3021]  do_filp_open+0x107/0x230
[  108.305543][ T3021]  do_sys_openat2+0xab/0x120
[  108.310154][ T3021]  __x64_sys_openat+0xf3/0x120
[  108.314947][ T3021]  x64_sys_call+0x2b30/0x2dc0
[  108.319659][ T3021]  do_syscall_64+0xc9/0x1c0
[  108.324179][ T3021]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.330102][ T3021] 
[  108.332439][ T3021] write to 0xffff88810646a518 of 4 bytes by task 3021 on cpu 0:
[  108.340081][ T3021]  set_nlink+0x98/0xb0
[  108.344164][ T3021]  kernfs_iop_permission+0x1c8/0x210
[  108.349516][ T3021]  inode_permission+0x18c/0x300
[  108.354392][ T3021]  link_path_walk+0x14b/0x820
[  108.359097][ T3021]  path_lookupat+0x72/0x2b0
[  108.363633][ T3021]  filename_lookup+0x150/0x340
[  108.368436][ T3021]  vfs_statx+0x9a/0x170
[  108.372630][ T3021]  __se_sys_newfstatat+0xdc/0x300
[  108.377680][ T3021]  __x64_sys_newfstatat+0x55/0x70
[  108.382727][ T3021]  x64_sys_call+0x236d/0x2dc0
[  108.387465][ T3021]  do_syscall_64+0xc9/0x1c0
[  108.392007][ T3021]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.398290][ T3021] 
[  108.400625][ T3021] value changed: 0x00000009 -> 0x00000008
[  108.406379][ T3021] 
[  108.408712][ T3021] Reported by Kernel Concurrency Sanitizer on:
[  108.414868][ T3021] CPU: 0 UID: 0 PID: 3021 Comm: udevd Not tainted 6.12.0-syzkaller-07749-g28eb75e178d3 #0
[  108.424872][ T3021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  108.434942][ T3021] ==================================================================