last executing test programs:

1m8.033092678s ago: executing program 4 (id=233):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='rxrpc_recvmsg\x00', r0}, 0x18)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000005"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
unlink(0x0)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xec}]}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3)
sendmmsg$inet(r1, &(0x7f0000000f00)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000a00)="449f6aed247d197178d7f0a82e1deae14825b22ab6c0ec1ca0", 0x19}, {&(0x7f0000000640)="cc5a4dbac0affd0a979c63ea8352d608a51fc8625318716ddf62b7752be4540c4ac7d344c53a3ad28313abc2437b60b03c0e587cafcf9a435bf90c618351f70a828238fdf90bc5d36c7d614b82552649954e0185662defd28f78449f073bad544f586136c5076a6f0f1b6fc9adf80557eb44db1b41824e9ef104c95e999766bbf27d74ad5d8fa63210cde65d384dd3e87c3fedaec3144d1ee66a0eb0750363e346cb930dae6109df6b9955bf8af119b5c9a86622af4ff8b5949fb90f8edbde416d046d61512fe4c453bb601a780e1bbc00dbedc5e50d3cd9bc920810eaefd5f9a171e9d32ab46b42e3e78c60087318bab42e94653cbd9e52fba37c5a31d095500e91d02256f101e82447e34733220cdaaabc947f5b815080b5214c94a06fe96450ea42f48006c032b24d9e8d722841b7c7244b1d2cc012fcda1f7472fdbabb673ef862e349359fad715b3f5cef6ef951abab80a4a0f5f8574395c5820fa25d07a119e23b39a87cb3b763fbfb0491121eec3e05eacbe7835e79e74881d1179013622a2a6421d51c974e6abd48a9882c8fcadbcee369346a9ad948fd5dd8f87496a30a9d888cdbcee8f3592dd69165358c4cd474639fc1330031c158ed115fb9818b20d177a39157101dbd8e23bc9ed32efed96c410a103d35336fb4ee4000bfb3d32b0181ff3d726a7dc6432a336a42b50b2c6877cb63b410d746b35fc721e5992ba47c3a2bc2d3679abe0794d226b7b0c333c3000fee04000000efd57382eb2a86d71acaae52a154477a5b66757a886f4ad5446607520c17fb81ede0473cd897a34c7c9f41b660260699fb02c4f643a320812a36a2fdb8552682757bbe1bc4c5acf96541539dff8ff3a68049d4e5aa0327697c3654aa155b156ed826e0589d5de6bf83cb2406ba077125aa8bfc32c7cd22baa6d933bb1978905acc", 0x29b}, {&(0x7f0000000300)="2e0fd87d8d84b93c7803a87df5acd511ee50b0a0d0d9e3fc8345949042d5449c61a2b530aeea469c70772df880777d6e1744da498487c553359a", 0x3a}], 0x3}}, {{0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f00000001c0)="ffbcf4974a4a645c6d8cd8ef2dde80a53f40daf5ec8c7b36eb6b4d4d5286a436a562f1656469c511aaadc7389df3d15187940450e3b35c63d66f24df397537c747612c3e38daf2f2336c6de65eb8048c4860fc269b96a50098a9485f692d75ecdf", 0x61}], 0x1}}, {{0x0, 0x0, &(0x7f0000000c80)=[{&(0x7f0000000140)="050843cb10087b3d2217d41cb7a292b19944", 0x12}, {&(0x7f0000000900)="f742c97e8353ef9d8afd344747fb058fea97deff79dbb8e7b56b20a2d430240bf6d32e802d80bb22b247cbad7cbbc4ec0293eb6e0c35c044ad426db18e9403dc1b6b93bfb0ea8f4cb3f3f9cf3a2379cbb191560885ad9a829313c85064a06bc36da8d9a89b20656f349ba2f202c322bd93c50ad4a2d407383bfb6bef053dbb620324f60dfce9383279f82f5e7148e317cfa432eb7d7d38db6d1c70af445a17b02ad505e48cde584306bdc40bb021c3957e83336c68286d2fccc1dfa976d5a08b894e72aed5ee5efd350810f8a85f02545d4c6aea8d82606c2cb6984876e3", 0xde}, {&(0x7f0000000a40)="9502d92394027a53ed87f498965bb80e4b19c3d35fdef593e6b27023c930b5128b33fc6c3176978e6d6236fd33d41b30c3ba02f9ced9d3b0885326b4465606c6d4bd89c93cf8a9eaaba9a30a68e937b951be4e2935a30af461bd442f11f4b66d4c0146", 0x63}, {&(0x7f0000000b80)="924a47d58460977aa3ca02e00a7f5a29c19a836ac747ed79c3facf74da5489e37c7fb07ad69ad60d07747b3d7069380431087eb6b1baaf69904a056fbcd9210ec4942a8eff38f64d9254fcf620ee3f30d95f4ff1843135bbe3ea9944510eaab3cdb691dcfa857098dfd130e17be1d332b6474474591d8f2fad7272cf9949129985045b51c0f6ecc979e9426e205bb3c5f12385ed84b144fc9195bae4f738b65adb697161b8f2ff3823aa80635e8ff785dd4ae007bcc5d1d7d7da4073275fadf5e43f63efa7a87b4beb26d7ee83c4c57f1cec59e2aef5dca5a85f68d7dbf373f802", 0xe1}, {&(0x7f0000000ac0)="e08357325e84dba723519f3e6e3e0761f7caefa653e91de50496c9b80ffda48854378c32d884", 0x26}], 0x5}}], 0x3, 0x40408e0)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r1, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)
r4 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r4, &(0x7f0000000340)={&(0x7f0000000440)=@pppol2tpv3={0x18, 0x1, {0x0, r4, {0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x4, 0x7, 0x0, 0x4}}, 0x80, 0x0, 0x1e, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b70e586eed0998a61d7da0c86d70000001010"], 0x10b8}, 0x106)
recvmsg$kcm(r4, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x100)
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000008000000018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000cc0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1m7.91598144s ago: executing program 4 (id=236):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x75, 0x0, 0x0, 0x0, 0x2}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
syz_clone(0x41aa1000, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r3 = socket(0x10, 0x803, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000006c0)=@newtfilter={0x70, 0x2c, 0xd27, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, r5, {0xfff2, 0x4}, {}, {0xd, 0x10}}, [@filter_kind_options=@f_flow={{0x9}, {0x40, 0x2, [@TCA_FLOW_EMATCHES={0x3c, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xfffb}}, @TCA_EMATCH_TREE_LIST={0x30, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x7, 0x7, 0x2}, {{0x0, 0x1, 0x0, 0x1}, {0x0, 0x1, 0x1, 0x1}}}}, @TCF_EM_META={0x18, 0x2, 0x0, 0x0, {{0xfffb, 0x4, 0x2}, [@TCA_EM_META_HDR={0xc, 0x1, {{}, {0x5, 0x8}}}]}}]}]}]}}]}, 0x70}, 0x1, 0x0, 0x0, 0x400c021}, 0x20040054)

1m7.396509221s ago: executing program 4 (id=244):
r0 = socket$inet6(0xa, 0x802, 0x0)
setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18)
ioctl(r0, 0xffffffff, &(0x7f0000000080))
setsockopt$inet6_opts(r0, 0x29, 0x37, &(0x7f0000000000)=ANY=[], 0x18)
setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000340)=ANY=[], 0x48)
sendmmsg$inet6(r0, &(0x7f0000002ec0)=[{{&(0x7f0000000000)={0xa, 0x4e22, 0xb, @remote, 0x9}, 0x1c, 0x0}}], 0x1, 0x40000)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002ec0)=ANY=[@ANYRESHEX=r0], &(0x7f0000000340)='syzkaller\x00'}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
gettid()
timer_create(0x0, 0x0, 0x0)
socket(0x10, 0x803, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{}, 0x0, &(0x7f0000000580)}, 0x20)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000000050005000200000c12000300686173683a6e65742c706f7274"], 0x4c}}, 0x2)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="50000000090601020000000000000000020000000900020073797a31000000000500010007000000280007800c00018008000140ffffffff0500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
setsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0xc, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r4}, 0x10)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r5, 0xc08c5332, &(0x7f0000000300)={0x0, 0x0, 0x0, 'queue1\x00'})
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1fc}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

1m7.367043533s ago: executing program 4 (id=245):
r0 = socket(0x15, 0x5, 0x0)
r1 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r1, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x9, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3ff}, 0x94)
r5 = socket(0xa, 0x1, 0x0)
setsockopt$inet6_group_source_req(r5, 0x29, 0x2e, &(0x7f00000001c0)={0x3, {{0xa, 0x4e24, 0x9, @mcast1, 0xff7ffffd}}, {{0xa, 0x4e08, 0x1, @local, 0x4f1}}}, 0x108)
setsockopt$inet6_MCAST_MSFILTER(r5, 0x29, 0x30, &(0x7f00000005c0)={0x3, {{0xa, 0x4e23, 0xc, @mcast1, 0xfffffff8}}, 0x0, 0x1, [{{0xa, 0x8001, 0x2, @loopback, 0x30000}}]}, 0x110)
r6 = openat$nci(0xffffffffffffff9c, &(0x7f0000000b00), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r6, 0x0, &(0x7f0000009440)=<r7=>0x0)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000000)={0x4, @rand_addr=0x64010101, 0x4e24, 0x0, 'none\x00', 0x10, 0xd356, 0x60}, 0x2c)
bind$nfc_llcp(0xffffffffffffffff, &(0x7f0000009480)={0x27, r7, 0x0, 0x5, 0x1, 0x6, "be8e19b6a865e7ab561f559d74a73485c8abd6554271850320b9571ca0d8f47c1e1a12c085d196fd2eb6853571e830e500", 0x31}, 0xb)
stat(&(0x7f0000000340)='./file0\x00', 0x0)

1m6.343330285s ago: executing program 4 (id=252):
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f00000000c0)="1a00000082000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x1, @loopback}], 0x1c)
sendto$inet6(r0, &(0x7f0000000980)="c8", 0xff82, 0x1, &(0x7f0000000040)={0xa, 0x4e23, 0xf, @loopback, 0x8}, 0x1c)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
rename(&(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='./file0\x00')
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x800)
sendmsg$NFT_BATCH(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000002000000a70000000060a0b0400000000000000000200000044000480200001800e000100636f6e6e6c696d69740000000c000280080001400000000010000180090001006c61737400000000100001800a00010072656469720000000900010073797a30000000000900020073797a320000000014000000110001"], 0x98}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
close(r2)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
ioctl$TIOCGSID(r3, 0x5429, &(0x7f00000000c0)=<r4=>0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r4, 0xffffffffffffffff, 0x0, 0x31, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x9e\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)

1m5.888590869s ago: executing program 4 (id=257):
setsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18)
ioctl(0xffffffffffffffff, 0xffffffff, &(0x7f0000000080))
setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x37, &(0x7f0000000000)=ANY=[], 0x18)
setsockopt$inet6_IPV6_DSTOPTS(0xffffffffffffffff, 0x29, 0x3b, &(0x7f0000000340)=ANY=[], 0x48)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000002ec0)=[{{&(0x7f0000000000)={0xa, 0x4e22, 0xb, @remote, 0x9}, 0x1c, 0x0}}], 0x1, 0x40000)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002ec0)=ANY=[@ANYRESHEX], &(0x7f0000000340)='syzkaller\x00'}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x8, 0x1ffffffffffffdf4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
gettid()
timer_create(0x0, 0x0, 0x0)
socket(0x10, 0x803, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{}, 0x0, &(0x7f0000000580)}, 0x20)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000000050005000200000c12000300686173683a6e65742c706f7274"], 0x4c}}, 0x2)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="50000000090601020000000000000000020000000900020073797a31000000000500010007000000280007800c00018008000140ffffffff0500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
setsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0xc, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r3}, 0x10)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f0000000300)={0x0, 0x0, 0x0, 'queue1\x00'})
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1fc}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

50.85491911s ago: executing program 32 (id=257):
setsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18)
ioctl(0xffffffffffffffff, 0xffffffff, &(0x7f0000000080))
setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x37, &(0x7f0000000000)=ANY=[], 0x18)
setsockopt$inet6_IPV6_DSTOPTS(0xffffffffffffffff, 0x29, 0x3b, &(0x7f0000000340)=ANY=[], 0x48)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000002ec0)=[{{&(0x7f0000000000)={0xa, 0x4e22, 0xb, @remote, 0x9}, 0x1c, 0x0}}], 0x1, 0x40000)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002ec0)=ANY=[@ANYRESHEX], &(0x7f0000000340)='syzkaller\x00'}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x8, 0x1ffffffffffffdf4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
gettid()
timer_create(0x0, 0x0, 0x0)
socket(0x10, 0x803, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{}, 0x0, &(0x7f0000000580)}, 0x20)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000000050005000200000c12000300686173683a6e65742c706f7274"], 0x4c}}, 0x2)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="50000000090601020000000000000000020000000900020073797a31000000000500010007000000280007800c00018008000140ffffffff0500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
setsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0xc, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r3}, 0x10)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f0000000300)={0x0, 0x0, 0x0, 'queue1\x00'})
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1fc}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

2.93246523s ago: executing program 1 (id=1333):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b000000000000"], 0x48)
set_mempolicy(0x4005, 0x0, 0x9)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000004d00000600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={0x0, r2}, 0x18)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
fstat(0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000001}, 0x94)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
r6 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FILTER(r6, 0x65, 0x1, 0x0, 0xf00)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r3}, 0x10)
clock_nanosleep(0x9, 0x0, 0x0, 0x0)
r7 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000500)=ANY=[@ANYBLOB="38000000031401002cbd7000fcdbdf250900020073797a3200000000410096dc588f3d840e595f73697700140033006c6f00"/65], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00'}, 0x10)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xf}, {0xe}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0x0, 0x0, 0x5, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x4000c00)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYRES16=r5], 0x0, 0x3, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
getpid()
madvise(&(0x7f0000a5e000/0x1000)=nil, 0x1000, 0x17)

2.773726726s ago: executing program 5 (id=1338):
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x2400, 0x0)
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000006c0), 0x48200, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x18)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x200000000000000)

2.760781367s ago: executing program 3 (id=1339):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000006c0), 0x48200, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x18)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xe)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x200000000000000)

2.760381307s ago: executing program 1 (id=1340):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001680)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40001}, 0x4040850)
r2 = socket$kcm(0xa, 0x922000000003, 0x11)
sendmsg$kcm(r2, &(0x7f0000000000)={&(0x7f00000007c0)=@l2tp6={0xa, 0x0, 0x800, @loopback, 0x1, 0xfffffffe}, 0x80, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5f, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0xfffffffe, 0x400, 0x0, 0x379}, &(0x7f0000000040)=<r6=>0x0, &(0x7f0000000080)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f0000000140)=@IORING_OP_SENDMSG={0x9, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000740)=[{0x0}, {0x0}], 0x2, 0x0, 0x330}, 0x0, 0xc004, 0x1})
io_uring_enter(r5, 0x47ba, 0x3e80, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r4}, 0x10)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r8, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000580)={0x2c, r9, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve1\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40}, 0x40080c0)
pipe2$9p(&(0x7f0000000240)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff}, 0x0)
r12 = dup(r11)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r10, @ANYBLOB=',wfdno=', @ANYRESHEX=r12])

2.73413545s ago: executing program 3 (id=1342):
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x6)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000500)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010024bd7000fbd3df25020000000900030073797a30000000000900010073"], 0x5c}, 0x1, 0x0, 0x0, 0x1400c891}, 0x4040000)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sched_switch\x00', r2}, 0x10)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
r4 = socket(0xa, 0x5, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r4, 0x84, 0x7b, &(0x7f00000002c0)={0x0, 0x2}, 0x8)
sendto$inet6(r4, &(0x7f00000000c0)='H', 0x34000, 0x44004, &(0x7f0000000040)={0xa, 0x4e24, 0x7, @loopback, 0xc5f}, 0x1c)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap$perf(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1, 0x4000011, 0xffffffffffffffff, 0x0)
poll(&(0x7f0000000080)=[{0xffffffffffffffff, 0x1}], 0x1, 0x10001)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x109040, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r5, 0x400455c8, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x10b002, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000000c0)=0xf)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r7, 0x400448c9, 0x0)

2.655179678s ago: executing program 5 (id=1344):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/mdstat\x00', 0x0, 0x0)
ppoll(&(0x7f0000000580)=[{r1, 0x40}], 0x1, 0x0, 0x0, 0x0)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xfffffffffffffdd0, 0x0, 0x41000}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'team0\x00', <r5=>0x0})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'bridge0\x00', <r6=>0x0})
syz_genetlink_get_family_id$batadv(&(0x7f0000000100), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r7=>0x0})
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000680)={r3, 0xe0, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[0x0, 0x0], ""/16, <r8=>0x0, 0x0, 0x0, 0x0, 0x0, 0x8, &(0x7f0000000500), &(0x7f0000000540)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x48, &(0x7f0000000340)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f00000005c0), &(0x7f0000000600), 0x8, 0xed, 0x8, 0x8, &(0x7f0000000640)}}, 0x10)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f00000006c0)={'sit0\x00', &(0x7f0000000e40)={'syztnl2\x00', 0x0, 0x48, 0x1, 0x5, 0xc28, {{0x2b, 0x4, 0x3, 0x2, 0xac, 0x64, 0x0, 0x7, 0x29, 0x0, @remote, @local, {[@timestamp_addr={0x44, 0x24, 0x85, 0x1, 0x5, [{@loopback, 0x3}, {@empty, 0x7}, {@multicast2, 0x9}, {@rand_addr=0x64010100, 0x9}]}, @generic={0x86, 0x10, "87bf841dd5ee5ed373136a2cf4c4"}, @rr={0x7, 0x3, 0x99}, @timestamp_prespec={0x44, 0x34, 0xb2, 0x3, 0x7, [{@empty, 0xee}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x4}, {@empty, 0x6}, {@dev={0xac, 0x14, 0x14, 0x19}}, {@multicast2, 0x9b400000}, {@broadcast, 0x1}]}, @timestamp={0x44, 0x10, 0x71, 0x0, 0x8, [0xef5, 0x3, 0x200000]}, @timestamp={0x44, 0x14, 0x6, 0x0, 0x8, [0xfff, 0x2, 0x5, 0x79fec4b3]}, @lsrr={0x83, 0x7, 0xa9, [@loopback]}]}}}}})
r9 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000040)={'bridge0\x00', <r10=>0x0})
r11 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r11, 0x6, 0x21, &(0x7f0000000240)="58b00aff170454d96e84c06e151077ac", 0x10)
r12 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x10, 0x0, 0x7fff7ffc}]})
close_range(r12, 0xffffffffffffffff, 0x0)
sendmsg$nl_route(r9, &(0x7f0000001300)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="280000001c00010028bd7000fcdbdf2507000000", @ANYRES32=r10, @ANYBLOB="8000260b0a2002008180c200000c00e6b2349dcb181eecd7e427acf9dd5aa58122e532be743a5583f829e2"], 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x20040010)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, &(0x7f0000000840)={@loopback, @broadcast, <r13=>0x0}, &(0x7f0000000880)=0xc)
sendmsg$ETHTOOL_MSG_LINKINFO_GET(0xffffffffffffffff, &(0x7f0000000cc0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000009c0)={&(0x7f0000000b40)=ANY=[@ANYBLOB="64010000", @ANYRES16=r4, @ANYBLOB="20002cbd7000fcdbdf25020000004400018008000100", @ANYRES32=r5, @ANYBLOB="08000300010000001400020076657468315f6d61637674617000000014000200697036746e6c3000000000000000000008000300010000000c00018008000300030000001c0001800800030000000000080003000000000008000100", @ANYRES32=r6, @ANYBLOB="2c0001801400020064766d727031000000000000001400020070696d367265673000000000000000003400018008000100", @ANYRES32=r7, @ANYBLOB="08000100", @ANYRES32=r8, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="08000300030000000800030001000000080003000200000070000180080003000200000014000200766c616e300000000000000000000000080003000000000008000300070000001400020069705f76746930000000000000000000080003000200000008000100", @ANYRES32=r13, @ANYBLOB="140002007767310000000000000000000000000008000100", @ANYRES32=0x0, @ANYBLOB="1400018008000300020000000800030000000000"], 0x164}, 0x1, 0x0, 0x0, 0x80}, 0x60000844)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="020000000400000008"], 0x48)
r14 = socket$inet6_mptcp(0xa, 0x1, 0x106)
recvmmsg(0xffffffffffffffff, &(0x7f0000000f80), 0x0, 0x10000, 0x0)
connect$inet6(r14, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1c}, 0xd}, 0x1c)
recvmmsg(r14, &(0x7f00000002c0), 0x220, 0x100, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x18)
socket$key(0xf, 0x3, 0x2)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000d40), r2)

2.614591762s ago: executing program 5 (id=1346):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d00000085"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001080)={&(0x7f0000001040)='kfree\x00', r0, 0x0, 0x9}, 0x18)
r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000100)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r1, &(0x7f0000000240)='asymmetric\x00', &(0x7f0000000180)=@secondary)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r1, &(0x7f00000000c0)='asymmetric\x00', &(0x7f0000000280)=@chain)

2.594294184s ago: executing program 5 (id=1347):
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0, &(0x7f0000000240)=0x9, 0xa, 0x5)
r0 = io_uring_setup(0x22625, 0x0)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_clone3(&(0x7f0000001040)={0x20400, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, &(0x7f0000001000)=[0x0], 0x1}, 0x58)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
readv(r2, &(0x7f0000000000)=[{&(0x7f0000000580)=""/244, 0xf4}], 0x1)
syz_clone(0x100411, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0xfffffffffffffffb]}, 0x8, 0x0)
readv(r3, &(0x7f0000000ec0)=[{&(0x7f0000001380)=""/4096, 0x1000}], 0x1)
fcntl$setsig(0xffffffffffffffff, 0xa, 0x10007)
timer_create(0x7, &(0x7f00000000c0)={0x0, 0x12}, &(0x7f0000000280))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0))
r4 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setsig(r4, 0xa, 0x13)
fcntl$setlease(r4, 0x400, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
truncate(&(0x7f0000000040)='./file0\x00', 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000008500000004000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r5}, 0x10)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000005c0)=@newqdisc={0x64, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r9, {0x0, 0xb}, {0xffff, 0xffff}, {0x10, 0xf}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x38, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x44, 0x0, 0x6, 0x6, 0x3, 0x2}, {0x3, 0x2, 0x7, 0x4, 0x0, 0x6}, 0x90000000, 0x82b8ca3e, 0x1d24}}, @TCA_TBF_PRATE64={0xc, 0x5, 0x9b4e7c312ffd1ff5}]}}]}, 0x64}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000003a00)=@deltfilter={0x814, 0x2d, 0x20, 0x70bd2d, 0x25dfdbff, {0x0, 0x0, 0x0, r9, {0xffff, 0x4}, {0x6}, {0x4, 0xfff1}}, [@filter_kind_options=@f_bpf={{0x8}, {0x714, 0x2, [@TCA_BPF_CLASSID={0x8, 0x3, {0xfff3, 0x1}}, @TCA_BPF_ACT={0x304, 0x1, [@m_skbmod={0xf4, 0x1c, 0x0, 0x0, {{0xb}, {0x30, 0x2, 0x0, 0x1, [@TCA_SKBMOD_SMAC={0xa, 0x4, @broadcast}, @TCA_SKBMOD_ETYPE={0x6, 0x5, 0xe}, @TCA_SKBMOD_SMAC={0xa}, @TCA_SKBMOD_DMAC={0xa, 0x3, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}]}, {0x9c, 0x6, "c6da7d282e3c55ecdd3faf893a1acd1fe8b2ced6a9915a2270a44835245d0d78297236cd9db5c24d499eec34f60128c557ee068026fa66a80f4e8e004228f8865a388f8366ffc11a2757fd88b0b7e6d7155078115678cc1f4cea6c3f25614efb0a63623ba0b4418a29cfd26d22b4efbd9bffdb595aaa73a17b048bfd3e3b7cc1eae2f5d77cad6da24bd02139d1fc422ffc7df5763748a55a"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3}}}}, @m_bpf={0x74, 0x4, 0x0, 0x0, {{0x8}, {0xc, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0xa}]}, {0x42, 0x6, "79c70c368eccfdf0cce1636b65b9bcedd3933c057e2a6d67f5cdfe169533f471336b7cffd71107f5f1dfec5fbfa4b0c1e4acd94291375d00be4d132b2c77"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1}}}}, @m_tunnel_key={0x114, 0x4, 0x0, 0x0, {{0xf}, {0x30, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_IPV6_DST={0x14, 0x6, @mcast2}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @local}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @private=0xa010100}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @remote}]}, {0xb5, 0x6, "b719652f4a06e57b27e9180bb418b5491b9c22f80920501ad2e8fe463f3292a68ab5d7065116a59a467be39c84c02eaa1474db661c01a67bab0bca3867fbc0621ddbb5d7e2d80755ec6f64bbf2e28c86a1b2106be57b661ff27e8ec338ab140b3d5256def23c9741b8636c3fd43bc90f2d1f9cb170f080d14b2fb9dca974fb421035d3b4f8741f967735106a1d97d43e914b07e3b01fd761abc824d204f5461d2737bf513fa7a2e9560cc5f56d46dbbd7d"}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_vlan={0x84, 0x14, 0x0, 0x0, {{0x9}, {0x34, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_PRIORITY={0x5, 0x6, 0x2}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x5, 0x6, 0x7}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0xc2}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x8100}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x5}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x5, 0x6, 0x2}]}, {0x28, 0x6, "21ce783e20530ef8ade741e0358af700ffd870de2acae2e35d9ee886a79c24924df316f7"}, {0xc}, {0xc, 0x8, {0x2}}}}]}, @TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x1}, @TCA_BPF_ACT={0x3fc, 0x1, [@m_xt={0xa0, 0xa, 0x0, 0x0, {{0x7}, {0x14, 0x2, 0x0, 0x1, [@TCA_IPT_INDEX={0x8, 0x3, 0xff}, @TCA_IPT_INDEX={0x8, 0x3, 0x8}]}, {0x67, 0x6, "2634724bbb708016e44e37c7da0556a70cc5534c284bb678c64fbb84ae8404c743abd8bf084267dc75be1574167f83ee4b59ee1313323045f7346ab107aa89ff656bd8b14a74d68f720ddba0b2cf03471a06106f69a3509c01a53ba740c26d2b2856ee"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x2}}}}, @m_tunnel_key={0xbc, 0x18, 0x0, 0x0, {{0xf}, {0x38, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_KEY_ID={0x8}, @TCA_TUNNEL_KEY_ENC_KEY_ID={0x8, 0x7, 0x4}, @TCA_TUNNEL_KEY_ENC_IPV6_DST={0x14, 0x6, @loopback}, @TCA_TUNNEL_KEY_NO_CSUM={0x5}, @TCA_TUNNEL_KEY_ENC_DST_PORT={0x6, 0x9, 0x4e21}]}, {0x57, 0x6, "d5d00a7f489750b528604943bc7435c5d840134c074a9c0703ce1a23de0c2d430b07b2e53700e7f271d4da2c235d0770c7ffc61d92bfde6daeafb5899601a1ef6f7ae4147deaefbcf46ad7f27a377b5fa9adb4"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3}}}}, @m_bpf={0xe4, 0x12, 0x0, 0x0, {{0x8}, {0x70, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6}, @TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x2}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x10000, 0x1, 0x6, 0xf, 0x6}}, @TCA_ACT_BPF_OPS={0xc, 0x4, [{0xfffb, 0x2, 0x95, 0x101}]}, @TCA_ACT_BPF_FD={0x8, 0x5, r1}, @TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x9}, @TCA_ACT_BPF_FD={0x8, 0x5, r6}, @TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x2}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x6, 0x6, 0x4, 0x4, 0x5}}]}, {0x4e, 0x6, "23e6c19deead65880b89ae9319b4184fe1d781fae6d4753ad4aff184aa5f65508bb9e18cdfe162c5957b9cc9b24a516c4c9fc193d2b017db67c5f48850aed3db5547d1a1857f1fcd1f1c"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}, @m_gact={0x150, 0x10, 0x0, 0x0, {{0x9}, {0x34, 0x2, 0x0, 0x1, [@TCA_GACT_PROB={0xc, 0x3, {0x0, 0x1010, 0x1}}, @TCA_GACT_PROB={0xc, 0x3, {0x0, 0x1bf5, 0x8}}, @TCA_GACT_PARMS={0x18, 0x2, {0x200, 0x1b56, 0x4, 0x8, 0x3}}]}, {0xf3, 0x6, "e592358d93e85583f9595f006861d2558b41fa5348eb6eb084f00df44f2b627a18ed7dc990e3d978b58791fb66c8e9caf2f7e4521f540d1147554a7e41e22d6504818a94646e0192cc5e338202f3dc53905cb93445a9ec04022c44441f0a2bdf97ad627927e2a235db2b500ce6849767322982c2c0719851c91afdfc137df53dfc5016a2f7a22ef7c5f549a60e345096c459c02d876614cf1b4c82ef16fd89c71382b683feadabeac1a906e989a5fbec80be34944ca462cd3687775c9da2fdfe3d287c1322ed0df066f9385fe819bb40b75dc5285d3ff4718d874c78a0d80940cebbb6fe9e1a42183a6c35b4a4959e"}, {0xc}, {0xc, 0x8, {0x3}}}}, @m_tunnel_key={0x68, 0x2, 0x0, 0x0, {{0xf}, {0x1c, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @rand_addr=0x64010102}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @multicast1}, @TCA_TUNNEL_KEY_NO_CSUM={0x5, 0xa, 0x1}]}, {0x20, 0x6, "02b2431be0d17b9fda40ff585372af7fcfdfee8b793e1b51bc76e871"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2}}}}]}]}}, @filter_kind_options=@f_route={{0xa}, {0xb0, 0x2, [@TCA_ROUTE4_ACT={0xa4, 0x6, [@m_bpf={0xa0, 0x9, 0x0, 0x0, {{0x8}, {0x44, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_FD={0x8, 0x5, r0}, @TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x4}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x7ff, 0x1, 0x20000000, 0x2, 0x7}}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x3, 0x7, 0x5, 0x2}}]}, {0x36, 0x6, "e34fb4d02d3238da187b5295935ba5b8ae08886001d3f339c0877f69d62c9554603ecb09768306453da64361af4d048d875a"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3, 0x5}}}}]}, @TCA_ROUTE4_FROM={0x8, 0x3, 0x74}]}}, @TCA_CHAIN={0x8, 0xb, 0x3}, @TCA_RATE={0x6, 0x5, {0x42, 0x9}}, @TCA_RATE={0x6, 0x5, {0xff, 0x6}}]}, 0x814}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4000000)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
setxattr$security_capability(0x0, &(0x7f0000000280), 0x0, 0x0, 0x0)
lsetxattr$security_capability(&(0x7f0000000100)='./file0\x00', &(0x7f00000000c0), &(0x7f0000000240)=@v3={0x3000000, [{0xffff4a0c, 0x7}, {0x2}], 0xee01}, 0x18, 0x0)

2.043062358s ago: executing program 1 (id=1348):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
ppoll(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)

1.691616733s ago: executing program 2 (id=1358):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001680)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40001}, 0x4040850)
r2 = socket$kcm(0xa, 0x922000000003, 0x11)
sendmsg$kcm(r2, &(0x7f0000000000)={&(0x7f00000007c0)=@l2tp6={0xa, 0x0, 0x800, @loopback, 0x1, 0xfffffffe}, 0x80, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5f, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0xfffffffe, 0x400, 0x0, 0x379}, &(0x7f0000000040)=<r6=>0x0, &(0x7f0000000080)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f0000000140)=@IORING_OP_SENDMSG={0x9, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000740)=[{0x0}, {0x0}], 0x2, 0x0, 0x330}, 0x0, 0xc004, 0x1})
io_uring_enter(r5, 0x47ba, 0x3e80, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r4}, 0x10)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r8, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000580)={0x2c, r9, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve1\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40}, 0x40080c0)
pipe2$9p(&(0x7f0000000240)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff}, 0x0)
r12 = dup(r11)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r10, @ANYBLOB=',wfdno=', @ANYRESHEX=r12])

1.690948313s ago: executing program 5 (id=1359):
getsockopt(0xffffffffffffffff, 0x200000000114, 0x2715, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x0, 0xc, 0x0, 0x0, 0x9, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3ff}, 0x94)
r3 = socket(0xa, 0x1, 0x0)
setsockopt$inet6_group_source_req(r3, 0x29, 0x2e, &(0x7f00000001c0)={0x3, {{0xa, 0x4e24, 0x9, @mcast1, 0xff7ffffd}}, {{0xa, 0x4e08, 0x1, @local, 0x4f1}}}, 0x108)
setsockopt$inet6_MCAST_MSFILTER(r3, 0x29, 0x30, &(0x7f00000005c0)={0x3, {{0xa, 0x4e23, 0xc, @mcast1, 0xfffffff8}}}, 0x90)
r4 = openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r4, 0x0, 0x0)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000000)={0x4, @rand_addr=0x64010101, 0x4e24, 0x0, 'none\x00', 0x10, 0xd356, 0x60}, 0x2c)
bind$nfc_llcp(0xffffffffffffffff, &(0x7f0000009480)={0x27, 0x0, 0x0, 0x5, 0x1, 0x6, "be8e19b6a865e7ab561f559d74a73485c8abd6554271850320b9571ca0d8f47c1e1a12c085d196fd2eb6853571e830e500", 0x31}, 0xb)
stat(&(0x7f0000000340)='./file0\x00', 0x0)

1.21606962s ago: executing program 0 (id=1364):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, 0x2}, 0x94)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_tcp_int(r0, 0x6, 0x9, 0x0, &(0x7f0000000380))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x41)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000"], 0x50)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
close_range(r2, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e0000000400000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='rxrpc_recvmsg\x00', r4}, 0x18)
r5 = socket$kcm(0x21, 0x2, 0x2)
recvmsg$kcm(r5, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x100)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000800007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x26, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000080)}, 0x41)
recvmsg(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x2)
r7 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
write$binfmt_aout(r7, &(0x7f00000000c0)=ANY=[], 0x20)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x18, 0x49, &(0x7f00000003c0)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='kfree\x00', r8}, 0x18)
open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)

1.163462575s ago: executing program 1 (id=1365):
r0 = memfd_create(&(0x7f0000000bc0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\t\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F91 ^x\x85\x80[\xa3B\n#!\xc2R\xdd\xf4)\xba\x1e\xfb6U\xabc\xda\x9a)\xc3\x9a\x06\xc5\xccP)\xdf.\xa7-\x84\xdf8\xbf\xfc1^}B\xee\xccR/z\x1e\xe8\x1e\x99\x99\n\xf4u\xd4\xbd^L\xb2\xbdA\xff\x1d\x10\xc8\xad\xbd_OI\xb1\xe8y\x003\a\x06\x92\x8e\n\x8b\xf3\xd4G\x85\xbd\x1a\x81+3\x99jq\xd1\xacK^\xef\xb6!8\xcd?\x1e\\\x16W2\xbd4$zn\xa9\x7f\x9dE\xaf\x0f\xdb\xe0\xfa\x10\xc3\xb2\xf8\x80\x8c\xec$\xda\xc0\x94y1\t\xc5`\xda\xca\xd1\xab:\x18\x10\x9b\xd0w', 0x2)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_misc(r0, &(0x7f0000000180)="e502", 0x2)
syz_mount_image$iso9660(&(0x7f00000009c0), &(0x7f0000000800)='./file0\x00', 0x0, &(0x7f0000001140)=ANY=[], 0x2, 0x699, &(0x7f0000000140)="$eJzs3V9rG9n9x/HPyLIte3+E5dcSQsifk6QLDk2VkbxxMCl01dHInlbSiBm52FBY0o29hMjZNkmh8c3WN/0D2yfQu970og+i0Ot9Fr0pLSztXaE3KnNmJEvRv3ijOLvN+2V2NTrznTnfmaPoy9iaIwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADle1XVLjupBc2fXTOZVo7AxZX26t0XdTBduzuxXcpL/VCjoQtp04Zsnq88n/7uuS+mzSyokDwUdvXP+3XvfyOd6209J6MvQaXf49PnRo/udzv6Tl4hd0Kl3/yYp11taycZkTNCW3wziMGhUtnwTxKHZ3Nhwb2/XYlML6n68F7f9hvEiP9cOI7Pm3TSlzc114xf3wp3mVrVS93uNd79Tdt0N84PldKAlFWNvO6jXg+aWjUlWJzF3zWc/TgP8SsOYg4ed/fVZR5IElV4mqDwrqOyWy6VSuVzauLN5567r5kca3ITj9mkkYu4vWnzNzOeNG5iDXFL//+pIdRXU1I52Zcb+eKoqUqjGhPWZXv1/77Y/td/B+t+r8hek72WrL8rW/yvpsyuT6v+EXIyM3WDcGmdC++l+Fm1GRk/1XEd6pPvqqKN9PZnDvo3M1bns5Qx+tuSrqUCxQgVqqGJbTNZitKkNbcjVh9pWTbGMagpUl69Ye4rVlm9fUZ4i+aqorVCRjNbk6aaMStrUptZl5KuoPYXaUVNbqqqif3e73QM9tOd9fUqO6gWVJgQsDwaVp+xpUv3/yafp6zSr/y71/22Vvg6W04fPp8UAXwHd7Pp/UG72ZldfX0YAAAAAAGDeHPvbd8f+7f6ypK5qQd1333RaAAAAAABgjhx1l3VJTnL9L+myHK7/AQAAAAD4X+PYe+wcSav2Q/3OyZ1QL/NLgIUzSBEAAAAAALwie+f/lSWpayetuCrnVNf/AAAAAADga+A3A3Ps53tz7HZ7f9bPSYpby86f/7msaNE5bu1+yzmsJGsqh1nMyCcA2rWLzrlsol77sCTJPvP8S07WWzYJZn/ewS8OZs3170QvJLC0MLiDCQk4Sc8b+eyZPtO1dJNr2TzzD45ysmvSXlZrQd0vemH9XkmVyrlc299t//zxw19IUf84Dx529osffdJ5YHM5TpqOD5OdfjqUTm78yTjJ5Zmdb8HeczHuiFdU63X522Zj1bH9ur3jX1DlMDfY0bQBOOnzV7qejtn11TR29ag/435y/IXk+EtFO2RDRx8tOidZlF488nEDMSGLgs3iRhpzY+2Gyn9Ll/ujkHMK316QysXRMRjKojyYxexz4fxr5FwMZGEfemsGzsV6ksVfkh1NyGL9dFmMjAgAvCkHuiz7LnRZdhLzfhUqZHW3Vx56b2pfqu7Mru4fDFf3Z7/vdu0GC1I++9vE1F4KSt7R1xxbh5bSQ8pfHPOO7mZ1paAJ7+juK1S3pK8/nXwHUpb2SBb/6Xa790q239+9UFX/MNTdSL9xvbyQnMLbzw5/aifAT3y8//H+43J5fcN933XvlLVoDyN7WBC1BwAwYvZ37MyMcN7XtTTi2oN/vJcuDVW8/+9/pKCoj/SJOnqgW72vELg6fq+rAx9DuJVetWrgqtWcf/ee/V664diSbk28qrO1dCC23I9dVG+T4Up9Erv+mkcBAICzdX1GHR5f/wtD9f+W1tKItYtjr7uHa3l2ddy/pJ8UW5qd/AfzPhsAALwd/OgLZ7X9ayeKgtaHpc3NUqW97Zso9H5ooqC65Zug2fYjb7vS3PJNKwrboRfWTSvSclD1YxPvtFph1Da1MDKtMA527Te/m+yr32O/UWm2Ay9u1f1K7BsvbLYrXttUg9gzrZ3v14N424/sxnHL94Ja4FXaQdg0cbgTeX7RmNj3BwKDqt9sB7UgWWyaVhQ0KtGe+VFY32n4purHXhS02mG6w15fQbMWRg2722K+O+7zAgAAvHWePj96dL/T2X/y4sJKcmmethxrQszowpKePk+uypOWfLaKOYIAAPiKOSngp9io8BoTAgAAAAAAAAAAAAAAAAAAAAAAI2bf0nfKhcVxNwtK/Zafncta9Eud3GI4sh9H807sNAu5027VuyXi6NHnU4JX+i290z8Yc3xmB/j3/5PesS1KW/Lz72tlyuC+joXvHqRndGJMsnLsquX+WOTn/88hWXj8xwmrut1ud/rmy8PncGnaAQ4v5CU9WXqFITj79yIAZ+u/AQAA//9b5DOa")
execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

1.130841848s ago: executing program 0 (id=1366):
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x2400, 0x0)
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000006c0), 0x48200, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x18)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x200000000000000)

1.090069403s ago: executing program 2 (id=1367):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f00000000c0)=[@in={0x2, 0x4e23, @private=0xa010101}, @in6={0xa, 0x4e21, 0x6, @mcast1, 0x1}, @in6={0xa, 0x4e20, 0x6, @empty, 0x4}], 0x48)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000e40), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000001080)={&(0x7f0000000000)={0x6c, r2, 0x1, 0x0, 0x25dfdbfe, {}, [@TIPC_NLA_BEARER={0x58, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x0, 0x0, @loopback, 0x8004}}, {0x20, 0x2, @in6={0xa, 0x0, 0x0, @remote}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}]}]}, 0x6c}}, 0x0)

1.036500668s ago: executing program 0 (id=1368):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x1, 0x0, 0x7ffc0005}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000013"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
mlockall(0x7)

1.00784809s ago: executing program 2 (id=1369):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000e8f70000000000ff000044850000000e000000650000005000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kfree\x00', r0}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2, 0x0, 0x2}, 0x18)
close(0xffffffffffffffff)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c)
listen(r3, 0x0)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
mq_open(0x0, 0x40, 0x11, 0x0)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
accept(0xffffffffffffffff, 0x0, 0x0)

996.898331ms ago: executing program 1 (id=1370):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r1}, &(0x7f0000000200), &(0x7f0000000240)=r2}, 0x20)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x52)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_int(r5, 0x0, 0x21, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r4}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r6}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
r7 = socket$inet6(0xa, 0x3, 0x7)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r7, 0x29, 0x20, &(0x7f0000000280)={@dev={0xfe, 0x80, '\x00', 0x23}, 0x800, 0x0, 0x2000000000903, 0x1}, 0x20)
setsockopt$inet6_int(r7, 0x29, 0x1000000000021, &(0x7f0000000200)=0xffffffff, 0x4)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r7, 0x29, 0x20, &(0x7f0000000000)={@local, 0x10000, 0x0, 0x1, 0x1, 0x0, 0x2}, 0x20)
connect$inet6(r7, &(0x7f0000000080)={0xa, 0x0, 0x380000, @loopback}, 0x1c)
ioctl$F2FS_IOC_DEFRAGMENT(r4, 0xc010f508, &(0x7f0000000040)={0x0, 0x3})
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r7, 0x29, 0x20, &(0x7f0000000100)={@empty, 0xfffffff9, 0x0, 0x3, 0x0, 0x4, 0x6}, &(0x7f0000000140)=0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newtaction={0xe68, 0x30, 0x871a15abc695fa3d, 0x70bd2d, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{}, 0x93}, [{0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {0x0, 0x0, 0x0, 0x0, 0x3000000}, {0x1, 0xffffffff, 0x0, 0x4000000, 0x7, 0x80000}, {0x8000, 0x9, 0x0, 0xfffffffc, 0x5}, {}, {0x0, 0x0, 0x800000, 0x0, 0x6}, {0x0, 0xc3}, {0x0, 0x5}, {0x5}, {}, {0x0, 0x10}, {0x0, 0x4, 0x0, 0x8000000, 0x0, 0x200000}, {}, {0x2, 0x0, 0x0, 0x0, 0x6, 0x6}, {}, {}, {0x0, 0x4, 0x0, 0x1, 0xfffffffe, 0xfff}, {0x0, 0x0, 0x0, 0x8000000}, {}, {0x0, 0x0, 0x0, 0x0, 0x20}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {}, {0x0, 0x0, 0x0, 0xfffffffc}, {0x20000, 0x0, 0x0, 0x0, 0x0, 0x1}, {}, {0x0, 0x7, 0x0, 0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x5}, {0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x60569add}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {0xffffffff, 0x9}, {0x0, 0x0, 0x0, 0x0, 0xfffff800}, {0x0, 0x0, 0x0, 0x0, 0x9}, {}, {0xffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {}, {}, {0x0, 0x9, 0x0, 0xffffffff, 0x0, 0x2}, {}, {0x80}, {0x80, 0x0, 0x0, 0x0, 0x400}, {0x0, 0x0, 0x0, 0x5, 0x5}, {}, {0x0, 0x0, 0x8}, {0x0, 0x2, 0x0, 0x0, 0x9}, {0x0, 0x0, 0x0, 0x0, 0x3}, {}, {}, {0x0, 0x0, 0x0, 0x8510}, {0xffff}, {}, {0x0, 0x0, 0x80000}, {0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {0x0, 0xfffefffd}, {0x0, 0x80000, 0x0, 0x1, 0x3, 0x2}, {}, {0x5}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}, {0x0, 0x7}, {}, {0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x9}, {0x0, 0xfffffffc, 0x200}, {0xffffffff}, {}, {0x4}, {0x0, 0x0, 0x0, 0x66dea0ac}, {0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1}, {0x0, 0x101, 0x0, 0x0, 0x0, 0xffffffff}, {}, {0x3}, {0x0, 0x0, 0x0, 0x4, 0x9}, {}, {0x0, 0x0, 0x0, 0x0, 0x1, 0x7}, {0x0, 0xb}, {0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x100}, {}, {0x0, 0x7, 0x0, 0x0, 0x0, 0x80000000}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x56}, {0x0, 0x0, 0x0, 0xec33, 0x0, 0x4}, {}, {0xb, 0x0, 0x0, 0x0, 0x0, 0xfe1}, {0x0, 0x0, 0x0, 0x0, 0x4}, {}, {}, {0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x80000}, {0x6}, {0x7f}, {}, {0x0, 0x8, 0x0, 0x0, 0xfffffffe}, {0x0, 0x2, 0x0, 0x2, 0x0, 0xfffffffe}, {0x0, 0x0, 0x0, 0x0, 0xe9b, 0x58a}, {0x2}, {0x2, 0x9, 0x20000000}, {0xfffffffc}, {0x0, 0x0, 0x0, 0x0, 0x5}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x292}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {0x0, 0x0, 0xe600, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, {0x0, 0x5, 0x0, 0x7, 0x1}, {0x0, 0x5}, {0x0, 0x0, 0x0, 0x0, 0x80}, {0x10000000, 0xc9, 0x0, 0x0, 0x4}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {0x3}, {0x80000000, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {0xfffffff9}, {}, {0xfffffffb, 0x0, 0x0, 0x0, 0x8000}, {0x6, 0x0, 0x0, 0x0, 0x1, 0xfffffffe}, {0x2d}, {0x0, 0x0, 0x8000}, {0x0, 0x8000}, {0x0, 0xffffffff, 0x10000}, {0x0, 0x80000000, 0x0, 0x7fff800, 0x4}, {0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0xd}], [{}, {}, {0x4, 0x1}, {0x1, 0x1}, {}, {0x3}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {0x5, 0x1}, {}, {0x4}, {0x3}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {0x4}, {}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x1}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x0, 0x1}, {}, {0x5}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {}, {0x4}, {}, {}, {}, {0x5}, {0x0, 0x1}, {0x0, 0x1}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {0x1}, {}, {0x5}, {}, {}, {}, {}, {}, {0x1}, {}, {0x2, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2, 0x1}, {}, {}, {0x4}, {0x3}, {}, {}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}, 0x1, 0x0, 0x0, 0x50}, 0x0)

970.390724ms ago: executing program 0 (id=1371):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x11, &(0x7f0000000580)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x50}, @snprintf={{}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x5}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0xb3}}]}, &(0x7f00000000c0)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x32, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r1}, 0xc)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='\n\x00\x00P\x00\x00'], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7030000080000002d01000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="20ca1930f7e63aabbf068e062cf508d843df1380a8385223759345ac7692feff37aa05c179b8f147dee22339b90ee49c1a5e10a2ca7decd8e8a29dcbf526b154ba258e128b87d52f96283630e53bd910a26077ce322179eae5a322b7b6ee5072091dcef59a8b6bac1813af"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x39)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000040340000000000000800000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000357500007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x18)
r8 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r5)
sendmsg$NLBL_MGMT_C_ADDDEF(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010000000000000000000400000008000700000000000800020005000000050008"], 0x34}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r9}, 0x10)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r10, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000740)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r11, @ANYBLOB="010326bd7000fbdb00251c00000018000180140002006c6f00000000000000000000000000000de196dc8d9fe4a1289c146e2bb69d50ca81a0d7ec1f5ec2affd3d4ef6f3f9ac880fe5957a3ac56e4af8430c26aee9c06dfe1b01c53d3be9a0e37c7bd2e1286764278f6d0936b725fc62d0222daf18e1eec40bc2d2453bfcdbc85c2983b376d10583b56edba17ca66413deeb246e58a01cbe6b626cfe714325d3bcb5e31aa5d106c26ac2c4fb1722d983d8abc204cd03eb11"], 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x40006)
r12 = mq_open(&(0x7f0000000a00)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xd3\xa7\xd8J\xfd\x94#KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\xd8\x01YZy\xe6!\x89\x9c\xd1\xa6\x167\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa\x81W\x97Te\x81\x98L\xfe\x97+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xeb\x84\x99\xc6\x0f\xf1\xd5LD\xa87\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xb4\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*@v\xe7\xd1\xee\xb3\xc2\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xf2\x1e\xcd\v\xe5L\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3~$\xc0\xa5n\x9a W\xb1e\xcc<$\xf5#G\xce\xafUD\x9dA\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v\xb9\xdc\xd6\x87\x8f\xcd\xc1\xb05\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe1:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6\x8b\x18/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f:Z\xb8\xee;\xe3;\x8aPV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\t\x11\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\x8a\x82\x19\xb0\t\xac\x10\\\x8c\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\xca\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xad3\x91\xa5\xe6!\xcd\xa2\xa4\x14\x12\xf9\xbf\xa8b\xcec:\xd7\'\f\f\x957\xc9}\r\xa6\xaa\x0f\xca\x96\xeb\x00\x00\x00\x00\x00', 0x42, 0x1f0, 0x0)
mq_timedsend(r12, 0x0, 0x0, 0x0, 0x0)
mq_unlink(&(0x7f0000000000)='eth0\x00')
close(r12)

954.707996ms ago: executing program 1 (id=1372):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8c}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4000000}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
socket$pptp(0x18, 0x1, 0x2)
recvmmsg(r0, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000007c0)=ANY=[@ANYBLOB="18000000000000000000000007000000181200", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000001b000000b700"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000300)='kmem_cache_free\x00', r4}, 0x18)
syz_clone(0x400a1400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 1)
move_mount(0xffffffffffffffff, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
io_uring_register$IORING_REGISTER_FILES2(0xffffffffffffffff, 0xd, &(0x7f0000000540)={0x0, 0x1, 0x0, &(0x7f0000000400), 0x0}, 0x20)
prlimit64(0x0, 0xe, 0x0, 0x0)

926.934548ms ago: executing program 0 (id=1373):
r0 = socket$inet6(0xa, 0x802, 0x0)
setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18)
ioctl(r0, 0xffffffff, &(0x7f0000000080))
setsockopt$inet6_opts(r0, 0x29, 0x37, &(0x7f0000000000)=ANY=[], 0x18)
setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000340)=ANY=[], 0x48)
sendmmsg$inet6(r0, &(0x7f0000002ec0)=[{{&(0x7f0000000000)={0xa, 0x4e22, 0xb, @remote, 0x9}, 0x1c, 0x0}}], 0x1, 0x40000)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002ec0)=ANY=[@ANYRESHEX=r0], &(0x7f0000000340)='syzkaller\x00'}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x8, 0x1ffffffffffffdf4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
gettid()
timer_create(0x0, 0x0, 0x0)
socket(0x10, 0x803, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{}, 0x0, &(0x7f0000000580)}, 0x20)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000000050005000200000c12000300686173683a6e65742c706f7274"], 0x4c}}, 0x2)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="50000000090601020000000000000000020000000900020073797a31000000000500010007000000280007800c00018008000140ffffffff0500070084000000060004404e220000060005"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
setsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0xc, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r4}, 0x10)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r5, 0xc08c5332, &(0x7f0000000300)={0x0, 0x0, 0x0, 'queue1\x00'})
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1fc}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

902.434741ms ago: executing program 0 (id=1374):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8c}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x5f98471b625f1818, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
socket$pptp(0x18, 0x1, 0x2)
recvmmsg(r0, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000007c0)=ANY=[@ANYBLOB="18000000000000000000000007000000181200", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000001b000000b700"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000300)='kmem_cache_free\x00', r4}, 0x18)
syz_clone(0x400a1400, 0x0, 0x0, 0x0, 0x0, 0x0)
move_mount(0xffffffffffffffff, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
io_uring_register$IORING_REGISTER_FILES2(0xffffffffffffffff, 0xd, &(0x7f0000000540)={0x0, 0x1, 0x0, &(0x7f0000000400), 0x0}, 0x20)
prlimit64(0x0, 0xe, 0x0, 0x0)

793.811291ms ago: executing program 5 (id=1375):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
ppoll(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)

404.808879ms ago: executing program 3 (id=1376):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r1}, &(0x7f0000000200), &(0x7f0000000240)=r2}, 0x20)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x52)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_int(r5, 0x0, 0x21, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r4}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r6}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
r7 = socket$inet6(0xa, 0x3, 0x7)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r7, 0x29, 0x20, &(0x7f0000000280)={@dev={0xfe, 0x80, '\x00', 0x23}, 0x800, 0x0, 0x2000000000903, 0x1}, 0x20)
setsockopt$inet6_int(r7, 0x29, 0x1000000000021, &(0x7f0000000200)=0xffffffff, 0x4)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r7, 0x29, 0x20, &(0x7f0000000000)={@local, 0x10000, 0x0, 0x1, 0x1, 0x0, 0x2}, 0x20)
connect$inet6(r7, &(0x7f0000000080)={0xa, 0x0, 0x380000, @loopback}, 0x1c)
ioctl$F2FS_IOC_DEFRAGMENT(r4, 0xc010f508, &(0x7f0000000040)={0x0, 0x3})
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r7, 0x29, 0x20, &(0x7f0000000100)={@empty, 0xfffffff9, 0x0, 0x3, 0x0, 0x4, 0x6}, &(0x7f0000000140)=0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newtaction={0xe68, 0x30, 0x871a15abc695fa3d, 0x70bd2d, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{}, 0x93}, [{0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {0x0, 0x0, 0x0, 0x0, 0x3000000}, {0x1, 0xffffffff, 0x0, 0x4000000, 0x7, 0x80000}, {0x8000, 0x9, 0x0, 0xfffffffc, 0x5}, {}, {0x0, 0x0, 0x800000, 0x0, 0x6}, {0x0, 0xc3}, {0x0, 0x5}, {0x5}, {}, {0x0, 0x10}, {0x0, 0x4, 0x0, 0x8000000, 0x0, 0x200000}, {}, {0x2, 0x0, 0x0, 0x0, 0x6, 0x6}, {}, {}, {0x0, 0x4, 0x0, 0x1, 0xfffffffe, 0xfff}, {0x0, 0x0, 0x0, 0x8000000}, {}, {0x0, 0x0, 0x0, 0x0, 0x20}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {}, {0x0, 0x0, 0x0, 0xfffffffc}, {0x20000, 0x0, 0x0, 0x0, 0x0, 0x1}, {}, {0x0, 0x7, 0x0, 0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x5}, {0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x60569add}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {0xffffffff, 0x9}, {0x0, 0x0, 0x0, 0x0, 0xfffff800}, {0x0, 0x0, 0x0, 0x0, 0x9}, {}, {0xffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {}, {}, {0x0, 0x9, 0x0, 0xffffffff, 0x0, 0x2}, {}, {0x80}, {0x80, 0x0, 0x0, 0x0, 0x400}, {0x0, 0x0, 0x0, 0x5, 0x5}, {}, {0x0, 0x0, 0x8}, {0x0, 0x2, 0x0, 0x0, 0x9}, {0x0, 0x0, 0x0, 0x0, 0x3}, {}, {}, {0x0, 0x0, 0x0, 0x8510}, {0xffff}, {}, {0x0, 0x0, 0x80000}, {0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {0x0, 0xfffefffd}, {0x0, 0x80000, 0x0, 0x1, 0x3, 0x2}, {}, {0x5}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}, {0x0, 0x7}, {}, {0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x9}, {0x0, 0xfffffffc, 0x200}, {0xffffffff}, {}, {0x4}, {0x0, 0x0, 0x0, 0x66dea0ac}, {0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1}, {0x0, 0x101, 0x0, 0x0, 0x0, 0xffffffff}, {}, {0x3}, {0x0, 0x0, 0x0, 0x4, 0x9}, {}, {0x0, 0x0, 0x0, 0x0, 0x1, 0x7}, {0x0, 0xb}, {0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x100}, {}, {0x0, 0x7, 0x0, 0x0, 0x0, 0x80000000}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x56}, {0x0, 0x0, 0x0, 0xec33, 0x0, 0x4}, {}, {0xb, 0x0, 0x0, 0x0, 0x0, 0xfe1}, {0x0, 0x0, 0x0, 0x0, 0x4}, {}, {}, {0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x80000}, {0x6}, {0x7f}, {}, {0x0, 0x8, 0x0, 0x0, 0xfffffffe}, {0x0, 0x2, 0x0, 0x2, 0x0, 0xfffffffe}, {0x0, 0x0, 0x0, 0x0, 0xe9b, 0x58a}, {0x2}, {0x2, 0x9, 0x20000000}, {0xfffffffc}, {0x0, 0x0, 0x0, 0x0, 0x5}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x292}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {0x0, 0x0, 0xe600, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, {0x0, 0x5, 0x0, 0x7, 0x1}, {0x0, 0x5}, {0x0, 0x0, 0x0, 0x0, 0x80}, {0x10000000, 0xc9, 0x0, 0x0, 0x4}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {0x3}, {0x80000000, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {0xfffffff9}, {}, {0xfffffffb, 0x0, 0x0, 0x0, 0x8000}, {0x6, 0x0, 0x0, 0x0, 0x1, 0xfffffffe}, {0x2d}, {0x0, 0x0, 0x8000}, {0x0, 0x8000}, {0x0, 0xffffffff, 0x10000}, {0x0, 0x80000000, 0x0, 0x7fff800, 0x4}, {0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0xd}], [{}, {}, {0x4, 0x1}, {0x1, 0x1}, {}, {0x3}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {0x5, 0x1}, {}, {0x4}, {0x3}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {0x4}, {}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x1}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x0, 0x1}, {}, {0x5}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {}, {0x4}, {}, {}, {}, {0x5}, {0x0, 0x1}, {0x0, 0x1}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {0x1}, {}, {0x5}, {}, {}, {}, {}, {}, {0x1}, {}, {0x2, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2, 0x1}, {}, {}, {0x4}, {0x3}, {}, {}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}, 0x1, 0x0, 0x0, 0x50}, 0x0)

343.790776ms ago: executing program 3 (id=1377):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001680)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40001}, 0x4040850)
r2 = socket$kcm(0xa, 0x922000000003, 0x11)
sendmsg$kcm(r2, &(0x7f0000000000)={&(0x7f00000007c0)=@l2tp6={0xa, 0x0, 0x800, @loopback, 0x1, 0xfffffffe}, 0x80, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5f, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0xfffffffe, 0x400, 0x0, 0x379}, &(0x7f0000000040)=<r6=>0x0, &(0x7f0000000080)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f0000000140)=@IORING_OP_SENDMSG={0x9, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000740)=[{0x0}, {0x0}], 0x2, 0x0, 0x330}, 0x0, 0xc004, 0x1})
io_uring_enter(r5, 0x47ba, 0x3e80, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r4}, 0x10)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r8, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000580)={0x2c, r9, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve1\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40}, 0x40080c0)
pipe2$9p(&(0x7f0000000240)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff}, 0x0)
r12 = dup(r11)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r10, @ANYBLOB=',wfdno=', @ANYRESHEX=r12])

188.805791ms ago: executing program 3 (id=1378):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000006c0), 0x48200, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x18)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x200000000000000)

115.635668ms ago: executing program 2 (id=1379):
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x9}}, './file0\x00'})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='kfree\x00', r2}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r3)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x1c, r4, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000000)={'team0\x00', <r5=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="580000001000ffff27bd3000fbdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="43000100000000003000128009000100766c616e0000000020000280100004800cb2e7e20d0000000100010006000100010000000400038008000500", @ANYRES32=r5], 0x58}, 0x1, 0x0, 0x0, 0x2000c855}, 0x8000002)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r5, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000200)='spmi_write_begin\x00', r6}, 0x11)
r7 = memfd_create(&(0x7f0000000bc0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\t\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F91 ^x\x85\x80[\xa3B\n#!\xc2R\xdd\xf4)\xba\x1e\xfb6U\xabc\xda\x9a)\xc3\x9a\x06\xc5\xccP)\xdf.\xa7-\x84\xdf8\xbf\xfc1^}B\xee\xccR/z\x1e\xe8\x1e\x99\x99\n\xf4u\xd4\xbd^L\xb2\xbdA\xff\x1d\x10\xc8\xad\xbd_OI\xb1\xe8y\x003\a\x06\x92\x8e\n\x8b\xf3\xd4G\x85\xbd\x1a\x81+3\x99jq\xd1\xacK^\xef\xb6!8\xcd?\x1e\\\x16W2\xbd4$zn\xa9\x7f\x9dE\xaf\x0f\xdb\xe0\xfa\x10\xc3\xb2\xf8\x80\x8c\xec$\xda\xc0\x94y1\t\xc5`\xda\xca\xd1\xab:\x18\x10\x9b\xd0w', 0x2)
write$binfmt_misc(r7, &(0x7f0000000040)="e502", 0x2)
execveat(r7, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xc, 0xe, &(0x7f0000001700)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0200000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000010000006a0af2fe000000008500000009000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f85db47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ab99dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7f9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d00000020000000ef19349ee7f31abc11c800000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec7ffff35e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c41ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc7130000000000002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42cea68bef67422ecc13968a27ef6a1296dfff4a979369b0e8ebc62887aa46e824d86869ec4ab392b0a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f78fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb3c035fc6846abe389b25c988f0bbb889560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a412a9b7d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0dac090000000000000084d8223edbccbf9258b7374e79a1f8bf3fb73c8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f381ba6e0363d0a4a8a813edaa626f0000000000000000004f9e02a3b51a97c4b1c1b411cc6bee2a56f29c55a6aac46a0cfc318fae02922a403431d4e5a4396cad2c8dd34037bc041a2ba1505ba2c4889122ca04e85881aad5f8bfc12e6741872aad21bf5301cd4c60"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f00000001c0), 0xfffffedf, 0x10, &(0x7f0000000040), 0x2, 0x0, 0xffffffffffffffff, 0xd}, 0x48)

115.209598ms ago: executing program 3 (id=1380):
r0 = memfd_create(&(0x7f0000000bc0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\t\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F91 ^x\x85\x80[\xa3B\n#!\xc2R\xdd\xf4)\xba\x1e\xfb6U\xabc\xda\x9a)\xc3\x9a\x06\xc5\xccP)\xdf.\xa7-\x84\xdf8\xbf\xfc1^}B\xee\xccR/z\x1e\xe8\x1e\x99\x99\n\xf4u\xd4\xbd^L\xb2\xbdA\xff\x1d\x10\xc8\xad\xbd_OI\xb1\xe8y\x003\a\x06\x92\x8e\n\x8b\xf3\xd4G\x85\xbd\x1a\x81+3\x99jq\xd1\xacK^\xef\xb6!8\xcd?\x1e\\\x16W2\xbd4$zn\xa9\x7f\x9dE\xaf\x0f\xdb\xe0\xfa\x10\xc3\xb2\xf8\x80\x8c\xec$\xda\xc0\x94y1\t\xc5`\xda\xca\xd1\xab:\x18\x10\x9b\xd0w', 0x2)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_misc(r0, &(0x7f0000000180)="e502", 0x2)
syz_mount_image$iso9660(&(0x7f00000009c0), &(0x7f0000000800)='./file0\x00', 0x0, &(0x7f0000001140)=ANY=[], 0x2, 0x699, &(0x7f0000000140)="$eJzs3V9rG9n9x/HPyLIte3+E5dcSQsifk6QLDk2VkbxxMCl01dHInlbSiBm52FBY0o29hMjZNkmh8c3WN/0D2yfQu970og+i0Ot9Fr0pLSztXaE3KnNmJEvRv3ijOLvN+2V2NTrznTnfmaPoy9iaIwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADle1XVLjupBc2fXTOZVo7AxZX26t0XdTBduzuxXcpL/VCjoQtp04Zsnq88n/7uuS+mzSyokDwUdvXP+3XvfyOd6209J6MvQaXf49PnRo/udzv6Tl4hd0Kl3/yYp11taycZkTNCW3wziMGhUtnwTxKHZ3Nhwb2/XYlML6n68F7f9hvEiP9cOI7Pm3TSlzc114xf3wp3mVrVS93uNd79Tdt0N84PldKAlFWNvO6jXg+aWjUlWJzF3zWc/TgP8SsOYg4ed/fVZR5IElV4mqDwrqOyWy6VSuVzauLN5567r5kca3ITj9mkkYu4vWnzNzOeNG5iDXFL//+pIdRXU1I52Zcb+eKoqUqjGhPWZXv1/77Y/td/B+t+r8hek72WrL8rW/yvpsyuT6v+EXIyM3WDcGmdC++l+Fm1GRk/1XEd6pPvqqKN9PZnDvo3M1bns5Qx+tuSrqUCxQgVqqGJbTNZitKkNbcjVh9pWTbGMagpUl69Ye4rVlm9fUZ4i+aqorVCRjNbk6aaMStrUptZl5KuoPYXaUVNbqqqif3e73QM9tOd9fUqO6gWVJgQsDwaVp+xpUv3/yafp6zSr/y71/22Vvg6W04fPp8UAXwHd7Pp/UG72ZldfX0YAAAAAAGDeHPvbd8f+7f6ypK5qQd1333RaAAAAAABgjhx1l3VJTnL9L+myHK7/AQAAAAD4X+PYe+wcSav2Q/3OyZ1QL/NLgIUzSBEAAAAAALwie+f/lSWpayetuCrnVNf/AAAAAADga+A3A3Ps53tz7HZ7f9bPSYpby86f/7msaNE5bu1+yzmsJGsqh1nMyCcA2rWLzrlsol77sCTJPvP8S07WWzYJZn/ewS8OZs3170QvJLC0MLiDCQk4Sc8b+eyZPtO1dJNr2TzzD45ysmvSXlZrQd0vemH9XkmVyrlc299t//zxw19IUf84Dx529osffdJ5YHM5TpqOD5OdfjqUTm78yTjJ5Zmdb8HeczHuiFdU63X522Zj1bH9ur3jX1DlMDfY0bQBOOnzV7qejtn11TR29ag/435y/IXk+EtFO2RDRx8tOidZlF488nEDMSGLgs3iRhpzY+2Gyn9Ll/ujkHMK316QysXRMRjKojyYxexz4fxr5FwMZGEfemsGzsV6ksVfkh1NyGL9dFmMjAgAvCkHuiz7LnRZdhLzfhUqZHW3Vx56b2pfqu7Mru4fDFf3Z7/vdu0GC1I++9vE1F4KSt7R1xxbh5bSQ8pfHPOO7mZ1paAJ7+juK1S3pK8/nXwHUpb2SBb/6Xa790q239+9UFX/MNTdSL9xvbyQnMLbzw5/aifAT3y8//H+43J5fcN933XvlLVoDyN7WBC1BwAwYvZ37MyMcN7XtTTi2oN/vJcuDVW8/+9/pKCoj/SJOnqgW72vELg6fq+rAx9DuJVetWrgqtWcf/ee/V664diSbk28qrO1dCC23I9dVG+T4Up9Erv+mkcBAICzdX1GHR5f/wtD9f+W1tKItYtjr7uHa3l2ddy/pJ8UW5qd/AfzPhsAALwd/OgLZ7X9ayeKgtaHpc3NUqW97Zso9H5ooqC65Zug2fYjb7vS3PJNKwrboRfWTSvSclD1YxPvtFph1Da1MDKtMA527Te/m+yr32O/UWm2Ay9u1f1K7BsvbLYrXttUg9gzrZ3v14N424/sxnHL94Ja4FXaQdg0cbgTeX7RmNj3BwKDqt9sB7UgWWyaVhQ0KtGe+VFY32n4purHXhS02mG6w15fQbMWRg2722K+O+7zAgAAvHWePj96dL/T2X/y4sJKcmmethxrQszowpKePk+uypOWfLaKOYIAAPiKOSngp9io8BoTAgAAAAAAAAAAAAAAAAAAAAAAI2bf0nfKhcVxNwtK/Zafncta9Eud3GI4sh9H807sNAu5027VuyXi6NHnU4JX+i290z8Yc3xmB/j3/5PesS1KW/Lz72tlyuC+joXvHqRndGJMsnLsquX+WOTn/88hWXj8xwmrut1ud/rmy8PncGnaAQ4v5CU9WXqFITj79yIAZ+u/AQAA//9b5DOa")
execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

24.542307ms ago: executing program 2 (id=1381):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x1, 0x0, 0x7ffc0005}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000013"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
mlockall(0x7)

0s ago: executing program 2 (id=1382):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0xf1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00'}, 0x90)
close(0x3)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r0, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
close_range(r1, 0xffffffffffffffff, 0x0)
r2 = socket$l2tp6(0xa, 0x2, 0x73)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000c40)=@raw={'raw\x00', 0x9, 0x3, 0x2a8, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x1d8, 0xffffffff, 0xffffffff, 0x1d8, 0xffffffff, 0x3, &(0x7f0000000000), {[{{@ipv6={@private0={0xfc, 0x0, '\x00', 0x1}, @private1, [0xff, 0xff000000, 0xff000000, 0xffffff00], [0xff, 0x0, 0xffffffff, 0x7f7fff00], 'pim6reg0\x00', 'bond_slave_0\x00', {}, {0xff}, 0x2e, 0x5, 0x4}, 0x0, 0xa8, 0xe8}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x2, 0x27, "79bb2ba4a263b15e9d19379ce477d15e82563c873be31b67eda87bdfab4a"}}}, {{@ipv6={@empty, @loopback, [0xff, 0xffffff00, 0xff000000, 0xffffffff], [0xff, 0xff, 0x0, 0xff000000], 'bond_slave_0\x00', 'vxcan1\x00', {}, {0xf3686d06c760fc0a}, 0x21, 0x4, 0x2, 0x11}, 0x0, 0xd0, 0xf0, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x1}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x308)

kernel console output (not intermixed with test programs):

call+0x282e/0x3000
[   55.212264][ T4547]  do_syscall_64+0xd2/0x200
[   55.212288][ T4547]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   55.212402][ T4547]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   55.212444][ T4547]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   55.212472][ T4547] RIP: 0033:0x7f97ebafefc9
[   55.212504][ T4547] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   55.212558][ T4547] RSP: 002b:00007f97ea567038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[   55.212576][ T4547] RAX: ffffffffffffffda RBX: 00007f97ebd55fa0 RCX: 00007f97ebafefc9
[   55.212588][ T4547] RDX: 0000000000000001 RSI: 0000200000000240 RDI: 0000000000000003
[   55.212602][ T4547] RBP: 00007f97ea567090 R08: 0000000000000000 R09: 0000000000000000
[   55.212618][ T4547] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   55.212633][ T4547] R13: 00007f97ebd56038 R14: 00007f97ebd55fa0 R15: 00007ffd9fc5db48
[   55.212657][ T4547]  </TASK>
[   55.535416][ T4552] msdos: Unknown parameter '˙PL'
[   55.545348][ T4547] netlink: 4 bytes leftover after parsing attributes in process `syz.0.267'.
[   55.576598][ T4553] netlink: 4 bytes leftover after parsing attributes in process `syz.2.268'.
[   55.777698][ T4534] loop3: detected capacity change from 0 to 2048
[   55.816637][ T3302]  loop3: p1 p2 p3
[   55.837911][ T4534]  loop3: p1 p2 p3
[   55.979453][ T4560] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[   56.009383][ T4560] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[   56.137902][ T4567] netlink: 8 bytes leftover after parsing attributes in process `syz.2.272'.
[   56.307221][ T3530] udevd[3530]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[   56.307398][ T3302] udevd[3302]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[   56.319129][ T3730] udevd[3730]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[   56.467358][ T4552] loop1: detected capacity change from 0 to 2048
[   56.484984][ T4581] loop3: detected capacity change from 0 to 164
[   56.507740][ T4581] syz.3.274: attempt to access beyond end of device
[   56.507740][ T4581] loop3: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   56.512405][ T3302]  loop1: p1 p2 p3
[   56.595294][ T4581] syz.3.274: attempt to access beyond end of device
[   56.595294][ T4581] loop3: rw=0, sector=263328, nr_sectors = 4 limit=164
[   56.625291][ T4552] loop_reread_partitions: partition scan of loop1 () failed (rc=-16)
[   57.469808][ T4598] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[   57.491806][ T4598] netlink: '+}[@': attribute type 4 has an invalid length.
[   57.499140][ T4598] netlink: 152 bytes leftover after parsing attributes in process `+}[@'.
[   57.538689][ T4598] .`: renamed from bond0
[   57.602271][ T4606] netlink: 19 bytes leftover after parsing attributes in process `syz.1.283'.
[   57.678083][ T4609] loop1: detected capacity change from 0 to 512
[   57.718710][ T4609] EXT4-fs warning (device loop1): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   57.734614][ T4609] EXT4-fs (loop1): mount failed
[   57.835155][ T4620] syzkaller1: entered promiscuous mode
[   57.840747][ T4620] syzkaller1: entered allmulticast mode
[   57.871315][ T4622] netlink: 'syz.0.289': attribute type 1 has an invalid length.
[   57.923469][ T4624] msdos: Unknown parameter '˙PL'
[   57.940214][ T4628] netlink: 'syz.2.291': attribute type 21 has an invalid length.
[   57.949278][ T4626] tipc: Started in network mode
[   57.954223][ T4626] tipc: Node identity d27d856e708, cluster identity 4711
[   57.961600][ T4626] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   57.968486][ T4628] netlink: 156 bytes leftover after parsing attributes in process `syz.2.291'.
[   57.977503][ T4628] netlink: 4 bytes leftover after parsing attributes in process `syz.2.291'.
[   57.998978][ T4626] tipc: Disabling bearer <eth:syzkaller0>
[   58.018412][ T4628] netlink: 148 bytes leftover after parsing attributes in process `syz.2.291'.
[   58.075796][ T4637] loop3: detected capacity change from 0 to 512
[   58.163260][ T4637] EXT4-fs warning (device loop3): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   58.196451][ T4637] EXT4-fs (loop3): mount failed
[   58.302534][ T4651] loop3: detected capacity change from 0 to 512
[   58.316971][ T4651] EXT4-fs warning (device loop3): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   58.335813][ T4651] EXT4-fs (loop3): mount failed
[   58.507768][ T4660] netlink: 'syz.3.303': attribute type 4 has an invalid length.
[   58.615629][ T4668] FAULT_INJECTION: forcing a failure.
[   58.615629][ T4668] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   58.628799][ T4668] CPU: 0 UID: 0 PID: 4668 Comm: syz.0.307 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   58.628907][ T4668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   58.628919][ T4668] Call Trace:
[   58.628924][ T4668]  <TASK>
[   58.628932][ T4668]  __dump_stack+0x1d/0x30
[   58.628956][ T4668]  dump_stack_lvl+0xe8/0x140
[   58.628982][ T4668]  dump_stack+0x15/0x1b
[   58.629019][ T4668]  should_fail_ex+0x265/0x280
[   58.629042][ T4668]  should_fail+0xb/0x20
[   58.629061][ T4668]  should_fail_usercopy+0x1a/0x20
[   58.629081][ T4668]  copy_to_user_nofault+0x7f/0x120
[   58.629147][ T4668]  bpf_probe_write_user+0x83/0xc0
[   58.629178][ T4668]  bpf_prog_f26ae291ee3ebee3+0x41/0x49
[   58.629200][ T4668]  bpf_trace_run3+0x10f/0x1d0
[   58.629237][ T4668]  ? audit_log_end+0x23d/0x250
[   58.629279][ T4668]  ? __list_del_entry_valid_or_report+0x65/0x130
[   58.629364][ T4668]  ? audit_log_end+0x23d/0x250
[   58.629406][ T4668]  kmem_cache_free+0x329/0x3d0
[   58.629444][ T4668]  audit_log_end+0x23d/0x250
[   58.629572][ T4668]  audit_seccomp+0xdc/0x100
[   58.629614][ T4668]  __seccomp_filter+0x83e/0x1250
[   58.629650][ T4668]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   58.629686][ T4668]  ? vfs_write+0x7e8/0x960
[   58.629726][ T4668]  ? __rcu_read_unlock+0x4f/0x70
[   58.629755][ T4668]  ? __fget_files+0x184/0x1c0
[   58.629786][ T4668]  __secure_computing+0x82/0x150
[   58.629816][ T4668]  syscall_trace_enter+0xcf/0x1e0
[   58.629926][ T4668]  do_syscall_64+0xac/0x200
[   58.629949][ T4668]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   58.630057][ T4668]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   58.630097][ T4668]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.630166][ T4668] RIP: 0033:0x7f97ebafefc9
[   58.630182][ T4668] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   58.630202][ T4668] RSP: 002b:00007f97ea567038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c8
[   58.630224][ T4668] RAX: ffffffffffffffda RBX: 00007f97ebd55fa0 RCX: 00007f97ebafefc9
[   58.630238][ T4668] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000000
[   58.630252][ T4668] RBP: 00007f97ea567090 R08: 0000000000000000 R09: 0000000000000000
[   58.630266][ T4668] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   58.630342][ T4668] R13: 00007f97ebd56038 R14: 00007f97ebd55fa0 R15: 00007ffd9fc5db48
[   58.630361][ T4668]  </TASK>
[   58.636624][ T4670] FAULT_INJECTION: forcing a failure.
[   58.636624][ T4670] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   58.885726][ T4670] CPU: 1 UID: 0 PID: 4670 Comm: syz.3.308 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   58.885760][ T4670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   58.885775][ T4670] Call Trace:
[   58.885783][ T4670]  <TASK>
[   58.885791][ T4670]  __dump_stack+0x1d/0x30
[   58.885814][ T4670]  dump_stack_lvl+0xe8/0x140
[   58.885876][ T4670]  dump_stack+0x15/0x1b
[   58.885900][ T4670]  should_fail_ex+0x265/0x280
[   58.885920][ T4670]  should_fail+0xb/0x20
[   58.885936][ T4670]  should_fail_usercopy+0x1a/0x20
[   58.885970][ T4670]  _copy_from_user+0x1c/0xb0
[   58.886010][ T4670]  ___sys_sendmsg+0xc1/0x1d0
[   58.886057][ T4670]  __x64_sys_sendmsg+0xd4/0x160
[   58.886193][ T4670]  x64_sys_call+0x191e/0x3000
[   58.886300][ T4670]  do_syscall_64+0xd2/0x200
[   58.886367][ T4670]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   58.886402][ T4670]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   58.886500][ T4670]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.886527][ T4670] RIP: 0033:0x7fbe89abefc9
[   58.886547][ T4670] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   58.886622][ T4670] RSP: 002b:00007fbe8851f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   58.886645][ T4670] RAX: ffffffffffffffda RBX: 00007fbe89d15fa0 RCX: 00007fbe89abefc9
[   58.886656][ T4670] RDX: 0000000000000004 RSI: 00002000000000c0 RDI: 0000000000000006
[   58.886667][ T4670] RBP: 00007fbe8851f090 R08: 0000000000000000 R09: 0000000000000000
[   58.886678][ T4670] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   58.886689][ T4670] R13: 00007fbe89d16038 R14: 00007fbe89d15fa0 R15: 00007ffd3ca90198
[   58.886713][ T4670]  </TASK>
[   59.092752][ T4678] netlink: 'syz.2.310': attribute type 4 has an invalid length.
[   59.100486][ T4678] __nla_validate_parse: 1 callbacks suppressed
[   59.100503][ T4678] netlink: 17 bytes leftover after parsing attributes in process `syz.2.310'.
[   59.106743][ T4624] loop1: detected capacity change from 0 to 2048
[   59.181904][ T4674] sch_tbf: burst 2 is lower than device syzkaller0 mtu (1514) !
[   59.190479][ T4624]  loop1: p1 p2 p3
[   59.201350][ T3003]  loop1: p1 p2 p3
[   59.211673][ T4683] loop3: detected capacity change from 0 to 512
[   59.255244][   T29] kauditd_printk_skb: 427 callbacks suppressed
[   59.255263][   T29] audit: type=1326 audit(1761536427.921:2046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4684 comm="syz.2.312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eaa38efc9 code=0x7ffc0000
[   59.284934][   T29] audit: type=1326 audit(1761536427.921:2047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4684 comm="syz.2.312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eaa38efc9 code=0x7ffc0000
[   59.308462][   T29] audit: type=1326 audit(1761536427.921:2048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4684 comm="syz.2.312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eaa38efc9 code=0x7ffc0000
[   59.331868][   T29] audit: type=1326 audit(1761536427.921:2049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4684 comm="syz.2.312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f0eaa38efc9 code=0x7ffc0000
[   59.355253][   T29] audit: type=1326 audit(1761536427.921:2050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4684 comm="syz.2.312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eaa38efc9 code=0x7ffc0000
[   59.378716][   T29] audit: type=1326 audit(1761536427.921:2051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4684 comm="syz.2.312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eaa38efc9 code=0x7ffc0000
[   59.402065][   T29] audit: type=1326 audit(1761536427.921:2052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4684 comm="syz.2.312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eaa38efc9 code=0x7ffc0000
[   59.425432][   T29] audit: type=1326 audit(1761536427.921:2053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4684 comm="syz.2.312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0eaa38efc9 code=0x7ffc0000
[   59.448976][   T29] audit: type=1326 audit(1761536427.921:2054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4684 comm="syz.2.312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eaa38efc9 code=0x7ffc0000
[   59.472340][   T29] audit: type=1326 audit(1761536427.921:2055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4684 comm="syz.2.312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eaa38efc9 code=0x7ffc0000
[   59.499663][ T4683] EXT4-fs warning (device loop3): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   59.539247][ T4683] EXT4-fs (loop3): mount failed
[   59.808584][ T3730] udevd[3730]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[   59.809815][ T3302] udevd[3302]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[   59.820724][ T3530] udevd[3530]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[   59.840241][ T4705] netlink: 'syz.0.322': attribute type 4 has an invalid length.
[   59.848004][ T4705] netlink: 17 bytes leftover after parsing attributes in process `syz.0.322'.
[   59.857290][ T4706] loop3: detected capacity change from 0 to 164
[   59.894121][ T4706] syz.3.318: attempt to access beyond end of device
[   59.894121][ T4706] loop3: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   59.931851][ T4706] syz.3.318: attempt to access beyond end of device
[   59.931851][ T4706] loop3: rw=0, sector=263328, nr_sectors = 4 limit=164
[   59.996887][ T4712] netlink: 48 bytes leftover after parsing attributes in process `syz.1.324'.
[   60.059914][ T4720] netlink: 8 bytes leftover after parsing attributes in process `syz.0.326'.
[   60.215801][ T4733] Bluetooth: hci0: Frame reassembly failed (-84)
[   60.227893][ T4401] Bluetooth: hci1: Frame reassembly failed (-84)
[   60.415136][ T4759] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[   60.438757][ T4759] netlink: '+}[@': attribute type 4 has an invalid length.
[   60.446034][ T4759] netlink: 152 bytes leftover after parsing attributes in process `+}[@'.
[   60.457589][ T4759] .`: renamed from bond0
[   60.486519][ T4764] netlink: 19 bytes leftover after parsing attributes in process `syz.0.340'.
[   60.523061][ T4766] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   60.530841][ T4766] tipc: Disabling bearer <eth:syzkaller0>
[   61.348300][ T4791] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=51484 sclass=netlink_route_socket pid=4791 comm=syz.3.349
[   61.397517][ T4793] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   61.437071][ T4797] tipc: Started in network mode
[   61.442030][ T4797] tipc: Node identity ba21f97d709f, cluster identity 4711
[   61.449314][ T4797] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   61.526868][ T4796] tipc: Disabling bearer <eth:syzkaller0>
[   61.587020][ T4793] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   61.719920][ T4793] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   61.879538][ T4793] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   61.975743][ T4389] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   61.991078][ T4389] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   62.052666][ T4389] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   62.060980][ T4389] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   62.245272][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   62.251772][   T44] Bluetooth: hci1: command 0x1003 tx timeout
[   62.257958][ T4398] Bluetooth: hci0: Frame reassembly failed (-84)
[   62.264387][ T4743] Bluetooth: hci1: Opcode 0x1003 failed: -110
[   62.749570][ T4842] x_tables: duplicate underflow at hook 1
[   63.000610][ T4736] Bluetooth: hci0: Opcode 0x1003 failed: -4
[   63.182666][ T4873] netlink: 'syz.3.382': attribute type 4 has an invalid length.
[   63.190411][ T4873] netlink: 17 bytes leftover after parsing attributes in process `syz.3.382'.
[   63.353934][ T4879] loop1: detected capacity change from 0 to 512
[   63.409722][ T4879] EXT4-fs warning (device loop1): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   63.427400][ T4879] EXT4-fs (loop1): mount failed
[   63.509320][ T4884] netlink: 8 bytes leftover after parsing attributes in process `syz.1.387'.
[   64.121381][ T4914] netlink: 'syz.3.400': attribute type 4 has an invalid length.
[   64.129199][ T4914] netlink: 17 bytes leftover after parsing attributes in process `syz.3.400'.
[   64.209150][ T4919] netlink: 19 bytes leftover after parsing attributes in process `syz.3.402'.
[   64.462362][ T4932] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[   64.490490][   T29] kauditd_printk_skb: 402 callbacks suppressed
[   64.490505][   T29] audit: type=1400 audit(1761536433.181:2456): avc:  denied  { read append } for  pid=4933 comm="syz.1.409" name="snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[   64.554590][   T29] audit: type=1326 audit(1761536433.241:2457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4935 comm="syz.3.410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe89abefc9 code=0x7ffc0000
[   64.578130][   T29] audit: type=1326 audit(1761536433.241:2458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4935 comm="syz.3.410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fbe89abefc9 code=0x7ffc0000
[   64.601339][   T29] audit: type=1326 audit(1761536433.241:2459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4935 comm="syz.3.410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe89abefc9 code=0x7ffc0000
[   64.624710][   T29] audit: type=1326 audit(1761536433.241:2460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4935 comm="syz.3.410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fbe89abefc9 code=0x7ffc0000
[   64.648122][   T29] audit: type=1326 audit(1761536433.241:2461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4935 comm="syz.3.410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe89abefc9 code=0x7ffc0000
[   64.671513][   T29] audit: type=1326 audit(1761536433.241:2462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4935 comm="syz.3.410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7fbe89abefc9 code=0x7ffc0000
[   64.694764][   T29] audit: type=1326 audit(1761536433.241:2463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4935 comm="syz.3.410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe89abefc9 code=0x7ffc0000
[   64.718145][   T29] audit: type=1326 audit(1761536433.241:2464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4935 comm="syz.3.410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=310 compat=0 ip=0x7fbe89abefc9 code=0x7ffc0000
[   64.744933][   T29] audit: type=1326 audit(1761536433.281:2465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4935 comm="syz.3.410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe89abefc9 code=0x7ffc0000
[   64.750767][ T4940] netlink: 'syz.1.412': attribute type 4 has an invalid length.
[   64.776110][ T4940] netlink: 17 bytes leftover after parsing attributes in process `syz.1.412'.
[   64.882082][ T4949] netlink: 19 bytes leftover after parsing attributes in process `syz.1.416'.
[   64.924845][ T4953] netlink: 19 bytes leftover after parsing attributes in process `syz.1.418'.
[   64.936227][ T4954] loop3: detected capacity change from 0 to 164
[   64.958441][ T4954] syz.3.414: attempt to access beyond end of device
[   64.958441][ T4954] loop3: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   64.986285][ T4956] netlink: 19 bytes leftover after parsing attributes in process `syz.1.419'.
[   64.995293][ T4954] syz.3.414: attempt to access beyond end of device
[   64.995293][ T4954] loop3: rw=0, sector=263328, nr_sectors = 4 limit=164
[   65.128944][ T4951] sch_tbf: burst 2 is lower than device syzkaller0 mtu (1514) !
[   65.775929][ T4980] netlink: 'syz.0.426': attribute type 4 has an invalid length.
[   65.783638][ T4980] netlink: 17 bytes leftover after parsing attributes in process `syz.0.426'.
[   65.911094][ T4991] lo speed is unknown, defaulting to 1000
[   65.917276][ T4991] lo speed is unknown, defaulting to 1000
[   65.923285][ T4991] lo speed is unknown, defaulting to 1000
[   65.929502][ T4991] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   65.937406][ T4991] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[   65.949264][ T4991] lo speed is unknown, defaulting to 1000
[   65.955474][ T4991] lo speed is unknown, defaulting to 1000
[   65.967809][ T4991] lo speed is unknown, defaulting to 1000
[   65.993751][ T4991] lo speed is unknown, defaulting to 1000
[   66.000301][ T4991] lo speed is unknown, defaulting to 1000
[   66.007555][ T4994] smc: removing ib device !yz!
[   66.083676][ T5003] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4)
[   66.090267][ T5003] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   66.097964][ T5003] vhci_hcd vhci_hcd.0: Device attached
[   66.196217][ T5005] vhci_hcd: connection closed
[   66.196522][ T4403] vhci_hcd: stop threads
[   66.205641][ T4403] vhci_hcd: release socket
[   66.210135][ T4403] vhci_hcd: disconnect device
[   66.368316][ T5021] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   66.368316][ T5021]    program syz.3.437 not setting count and/or reply_len properly
[   66.389969][ T5021] netlink: 8 bytes leftover after parsing attributes in process `syz.3.437'.
[   66.553934][ T5025] loop1: detected capacity change from 0 to 512
[   66.568249][ T5025] EXT4-fs warning (device loop1): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   66.586977][ T5025] EXT4-fs (loop1): mount failed
[   67.097172][ T5050] netlink: 20 bytes leftover after parsing attributes in process `syz.2.448'.
[   67.179074][ T5053] netlink: 'syz.2.448': attribute type 13 has an invalid length.
[   67.186876][ T5053] netlink: 16 bytes leftover after parsing attributes in process `syz.2.448'.
[   67.281238][ T5050] geneve2: entered promiscuous mode
[   67.837634][ T5075] sch_tbf: burst 2 is lower than device syzkaller0 mtu (1514) !
[   69.476744][ T5129] lo speed is unknown, defaulting to 1000
[   69.519579][   T29] kauditd_printk_skb: 290 callbacks suppressed
[   69.519598][   T29] audit: type=1326 audit(1761536438.211:2755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5143 comm="syz.2.483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eaa38efc9 code=0x7ffc0000
[   69.554509][   T29] audit: type=1326 audit(1761536438.211:2756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5143 comm="syz.2.483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eaa38efc9 code=0x7ffc0000
[   69.577962][   T29] audit: type=1326 audit(1761536438.211:2757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5143 comm="syz.2.483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eaa38efc9 code=0x7ffc0000
[   69.601289][   T29] audit: type=1326 audit(1761536438.211:2758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5143 comm="syz.2.483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eaa38efc9 code=0x7ffc0000
[   69.624798][   T29] audit: type=1326 audit(1761536438.211:2759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5143 comm="syz.2.483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eaa38efc9 code=0x7ffc0000
[   69.648317][   T29] audit: type=1326 audit(1761536438.211:2760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5143 comm="syz.2.483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f0eaa38efc9 code=0x7ffc0000
[   69.671753][   T29] audit: type=1326 audit(1761536438.211:2761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5143 comm="syz.2.483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eaa38efc9 code=0x7ffc0000
[   69.695188][   T29] audit: type=1326 audit(1761536438.211:2762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5143 comm="syz.2.483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eaa38efc9 code=0x7ffc0000
[   69.719172][   T29] audit: type=1326 audit(1761536438.211:2763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5143 comm="syz.2.483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eaa38efc9 code=0x7ffc0000
[   69.742480][   T29] audit: type=1326 audit(1761536438.211:2764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5143 comm="syz.2.483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0eaa38efc9 code=0x7ffc0000
[   69.769720][ T4389] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   69.785678][ T5129] chnl_net:caif_netlink_parms(): no params data found
[   69.831961][ T5129] bridge0: port 1(bridge_slave_0) entered blocking state
[   69.839098][ T5129] bridge0: port 1(bridge_slave_0) entered disabled state
[   69.847023][ T5129] bridge_slave_0: entered allmulticast mode
[   69.853717][ T5129] bridge_slave_0: entered promiscuous mode
[   69.861455][ T5129] bridge0: port 2(bridge_slave_1) entered blocking state
[   69.868653][ T5129] bridge0: port 2(bridge_slave_1) entered disabled state
[   69.876659][ T5129] bridge_slave_1: entered allmulticast mode
[   69.883191][ T5129] bridge_slave_1: entered promiscuous mode
[   69.892546][ T4389] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   69.916395][ T5129] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   70.063316][ T5160] loop1: detected capacity change from 0 to 512
[   70.117566][ T5160] EXT4-fs warning (device loop1): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   70.133537][ T5160] EXT4-fs (loop1): mount failed
[   70.357057][ T5129] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   70.376463][ T4389] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.416014][ T5129] team0: Port device team_slave_0 added
[   70.422886][ T5129] team0: Port device team_slave_1 added
[   70.435831][ T5167] loop1: detected capacity change from 0 to 512
[   70.445605][ T5129] batman_adv: batadv0: Adding interface: batadv_slave_0
[   70.452979][ T5129] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   70.479010][ T5129] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   70.496998][ T5167] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[   70.508790][ T4389] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.524927][ T5129] batman_adv: batadv0: Adding interface: batadv_slave_1
[   70.532001][ T5129] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   70.557968][ T5129] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   70.599402][ T5167] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   70.602628][ T5177] netlink: 8 bytes leftover after parsing attributes in process `syz.0.492'.
[   70.647826][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.664833][ T5183] msdos: Unknown parameter '˙PL'
[   70.673173][ T5181] netlink: 19 bytes leftover after parsing attributes in process `syz.2.493'.
[   70.706581][ T5129] hsr_slave_0: entered promiscuous mode
[   70.718121][ T5129] hsr_slave_1: entered promiscuous mode
[   70.724332][ T5129] debugfs: 'hsr0' already exists in 'hsr'
[   70.730208][ T5129] Cannot create hsr debugfs directory
[   70.753869][ T5190] 9pnet: Could not find request transport: t
[   70.861414][ T5190] bond1: entered promiscuous mode
[   70.866647][ T5190] bond1: entered allmulticast mode
[   70.881225][ T5190] 8021q: adding VLAN 0 to HW filter on device bond1
[   70.902876][ T5190] bond1 (unregistering): Released all slaves
[   70.910375][ T5204] netlink: 44 bytes leftover after parsing attributes in process `syz.1.502'.
[   70.923415][ T4389] bridge_slave_1: left allmulticast mode
[   70.929149][ T4389] bridge_slave_1: left promiscuous mode
[   70.935008][ T4389] bridge0: port 2(bridge_slave_1) entered disabled state
[   71.085591][ T5204] netlink: 12 bytes leftover after parsing attributes in process `syz.1.502'.
[   71.303537][ T5213] loop1: detected capacity change from 0 to 512
[   71.335105][ T5213] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[   71.421039][ T5213] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.514619][ T4389] bridge_slave_0: left allmulticast mode
[   71.520424][ T4389] bridge_slave_0: left promiscuous mode
[   71.526187][ T4389] bridge0: port 1(bridge_slave_0) entered disabled state
[   71.534833][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.665475][ T5191] loop3: detected capacity change from 0 to 2048
[   71.674581][ T4389] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   71.683530][ T5227] netlink: 12 bytes leftover after parsing attributes in process `syz.1.510'.
[   71.694796][ T4389] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   71.706546][ T3302]  loop3: p1 p2 p3
[   71.714303][ T4389] bond0 (unregistering): Released all slaves
[   71.726537][ T5191]  loop3: p1 p2 p3
[   71.762075][ T5232] netlink: 68 bytes leftover after parsing attributes in process `syz.0.509'.
[   71.830850][ T4389] hsr_slave_0: left promiscuous mode
[   71.846534][ T4389] hsr_slave_1: left promiscuous mode
[   71.869566][ T4389] veth1_macvtap: left promiscuous mode
[   71.888983][ T4389] veth0_macvtap: left promiscuous mode
[   71.904748][ T4389] veth1_vlan: left promiscuous mode
[   71.914877][ T4389] veth0_vlan: left promiscuous mode
[   72.007978][ T4389] team0 (unregistering): Port device team_slave_1 removed
[   72.019944][ T4389] team0 (unregistering): Port device team_slave_0 removed
[   72.067725][ T5245] netlink: 4 bytes leftover after parsing attributes in process `syz.2.513'.
[   72.076551][ T5245] tipc: Enabling of bearer <et:s> rejected, media not registered
[   72.159330][ T5257] netlink: 'syz.3.514': attribute type 21 has an invalid length.
[   72.167535][ T5129] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   72.194371][ T5257] netlink: 'syz.3.514': attribute type 1 has an invalid length.
[   72.202198][ T5257] netlink: 132 bytes leftover after parsing attributes in process `syz.3.514'.
[   72.213166][ T5129] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   72.234064][ T5129] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   72.267449][ T5129] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   72.402325][ T5285] netlink: 12 bytes leftover after parsing attributes in process `syz.1.520'.
[   72.618138][ T5255] lo speed is unknown, defaulting to 1000
[   72.648362][ T5297] msdos: Unknown parameter '˙PL'
[   72.797537][ T5304] netlink: 19 bytes leftover after parsing attributes in process `syz.0.524'.
[   72.917299][ T5129] 8021q: adding VLAN 0 to HW filter on device bond0
[   72.940611][ T5129] 8021q: adding VLAN 0 to HW filter on device team0
[   72.950446][ T4401] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.957672][ T4401] bridge0: port 1(bridge_slave_0) entered forwarding state
[   72.981849][ T4401] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.989017][ T4401] bridge0: port 2(bridge_slave_1) entered forwarding state
[   73.090612][ T5319] FAULT_INJECTION: forcing a failure.
[   73.090612][ T5319] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   73.104087][ T5319] CPU: 1 UID: 0 PID: 5319 Comm: syz.0.528 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   73.104115][ T5319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   73.104173][ T5319] Call Trace:
[   73.104180][ T5319]  <TASK>
[   73.104189][ T5319]  __dump_stack+0x1d/0x30
[   73.104217][ T5319]  dump_stack_lvl+0xe8/0x140
[   73.104263][ T5319]  dump_stack+0x15/0x1b
[   73.104283][ T5319]  should_fail_ex+0x265/0x280
[   73.104307][ T5319]  should_fail+0xb/0x20
[   73.104327][ T5319]  should_fail_usercopy+0x1a/0x20
[   73.104352][ T5319]  strncpy_from_user+0x25/0x230
[   73.104459][ T5319]  ? __kmalloc_cache_noprof+0x249/0x4a0
[   73.104574][ T5319]  __se_sys_memfd_create+0x1ff/0x590
[   73.104629][ T5319]  __x64_sys_memfd_create+0x31/0x40
[   73.104740][ T5319]  x64_sys_call+0x2ac2/0x3000
[   73.104838][ T5319]  do_syscall_64+0xd2/0x200
[   73.104855][ T5319]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   73.105024][ T5319]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   73.105064][ T5319]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.105091][ T5319] RIP: 0033:0x7f97ebafefc9
[   73.105134][ T5319] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   73.105179][ T5319] RSP: 002b:00007f97ea566e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   73.105207][ T5319] RAX: ffffffffffffffda RBX: 000000000000052e RCX: 00007f97ebafefc9
[   73.105218][ T5319] RDX: 00007f97ea566ef0 RSI: 0000000000000000 RDI: 00007f97ebb82960
[   73.105233][ T5319] RBP: 0000200000000f00 R08: 00007f97ea566bb7 R09: 00007f97ea566e40
[   73.105247][ T5319] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000000
[   73.105314][ T5319] R13: 00007f97ea566ef0 R14: 00007f97ea566eb0 R15: 00002000000003c0
[   73.105372][ T5319]  </TASK>
[   73.421108][ T5339] loop3: detected capacity change from 0 to 512
[   73.429050][ T5129] 8021q: adding VLAN 0 to HW filter on device batadv0
[   73.459348][ T5339] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[   73.508531][ T5339] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.559368][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.937577][ T5392] lo speed is unknown, defaulting to 1000
[   74.882465][ T5309] loop1: detected capacity change from 0 to 2048
[   74.894154][ T5129] veth0_vlan: entered promiscuous mode
[   74.907908][ T5129] veth1_vlan: entered promiscuous mode
[   74.920555][ T5129] veth0_macvtap: entered promiscuous mode
[   74.927991][ T5129] veth1_macvtap: entered promiscuous mode
[   74.938404][ T5129] batman_adv: batadv0: Interface activated: batadv_slave_0
[   74.952735][ T5129] batman_adv: batadv0: Interface activated: batadv_slave_1
[   74.962729][ T4389] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   74.976469][ T3302]  loop1: p1 p2 p3
[   74.999955][ T5309]  loop1: p1 p2 p3
[   75.004315][ T4389] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   75.029575][   T29] kauditd_printk_skb: 128 callbacks suppressed
[   75.029591][   T29] audit: type=1400 audit(1761536443.721:2892): avc:  denied  { mount } for  pid=5129 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   75.044666][ T4389] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   75.120173][ T4389] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   75.151109][   T29] audit: type=1400 audit(1761536443.761:2893): avc:  denied  { mounton } for  pid=5129 comm="syz-executor" path="/root/syzkaller.6yNW2T/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[   75.252026][   T29] audit: type=1400 audit(1761536443.911:2894): avc:  denied  { create } for  pid=5422 comm="syz.2.549" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   75.310153][   T29] audit: type=1326 audit(1761536444.001:2895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5433 comm="syz.5.554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f566faaefc9 code=0x7ffc0000
[   75.379880][   T29] audit: type=1326 audit(1761536444.021:2896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5433 comm="syz.5.554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=26 compat=0 ip=0x7f566faaefc9 code=0x7ffc0000
[   75.403424][   T29] audit: type=1326 audit(1761536444.021:2897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5433 comm="syz.5.554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f566faaefc9 code=0x7ffc0000
[   75.440029][ T5443] loop5: detected capacity change from 0 to 512
[   75.502476][ T5447] loop3: detected capacity change from 0 to 512
[   75.555430][ T5443] Quota error (device loop5): v2_read_file_info: Free block number 1 out of range (1, 6).
[   75.556145][   T29] audit: type=1326 audit(1761536444.241:2898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5450 comm="syz.0.561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97ebafefc9 code=0x7ffc0000
[   75.565447][ T5443] EXT4-fs warning (device loop5): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   75.603737][   T29] audit: type=1326 audit(1761536444.291:2899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5450 comm="syz.0.561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97ebafefc9 code=0x7ffc0000
[   75.604911][ T5447] Quota error (device loop3): v2_read_file_info: Free block number 1 out of range (1, 6).
[   75.637573][ T5443] EXT4-fs (loop5): mount failed
[   75.671492][ T5447] EXT4-fs warning (device loop3): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   75.702919][ T5460] __nla_validate_parse: 7 callbacks suppressed
[   75.702934][ T5460] netlink: 4 bytes leftover after parsing attributes in process `gtp'.
[   75.728006][ T5447] EXT4-fs (loop3): mount failed
[   75.740986][ T5460] netlink: 4 bytes leftover after parsing attributes in process `gtp'.
[   75.878813][ T5478] netlink: 8 bytes leftover after parsing attributes in process `syz.1.569'.
[   75.971087][ T5484] msdos: Unknown parameter '˙PL'
[   76.000244][ T5485] netlink: 16 bytes leftover after parsing attributes in process `syz.3.568'.
[   76.010856][ T5474] infiniband syz0: set down
[   76.015438][ T5474] infiniband syz0: added bond_slave_0
[   76.019422][ T5445] ip6t_rpfilter: unknown options
[   76.050614][ T5474] RDS/IB: syz0: added
[   76.062057][ T5474] smc: adding ib device syz0 with port count 1
[   76.068462][ T5474] smc:    ib device syz0 port 1 has pnetid S (user defined)
[   76.322018][ T5505] loop3: detected capacity change from 0 to 512
[   76.337918][ T5505] EXT4-fs warning (device loop3): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   76.355358][ T5505] EXT4-fs (loop3): mount failed
[   76.457075][ T5520] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[   76.503401][ T5493] loop1: detected capacity change from 0 to 2048
[   76.537102][ T5527] netlink: 19 bytes leftover after parsing attributes in process `syz.3.585'.
[   76.562273][ T5493]  loop1: p1 p2 p3
[   76.783614][ T5532] hub 6-0:1.0: USB hub found
[   76.789604][ T5532] hub 6-0:1.0: 8 ports detected
[   77.268527][ T5549] netlink: 8 bytes leftover after parsing attributes in process `syz.5.594'.
[   77.363868][ T5564] msdos: Unknown parameter '˙PL'
[   77.378977][ T5541] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   77.456432][ T5547] sch_tbf: burst 2 is lower than device syzkaller0 mtu (1514) !
[   77.553464][ T5576] netlink: 'syz.1.603': attribute type 21 has an invalid length.
[   77.561639][ T5576] netlink: 'syz.1.603': attribute type 1 has an invalid length.
[   77.569364][ T5576] netlink: 132 bytes leftover after parsing attributes in process `syz.1.603'.
[   78.405952][ T5606] netlink: 8 bytes leftover after parsing attributes in process `syz.3.612'.
[   78.630353][ T5616] lo speed is unknown, defaulting to 1000
[   78.672765][ T5621] hub 6-0:1.0: USB hub found
[   78.677718][ T5621] hub 6-0:1.0: 8 ports detected
[   78.707992][ T5620] netlink: 19 bytes leftover after parsing attributes in process `syz.1.617'.
[   78.782461][ T5625] sctp: [Deprecated]: syz.3.616 (pid 5625) Use of int in maxseg socket option.
[   78.782461][ T5625] Use struct sctp_assoc_value instead
[   78.908239][ T5632] netlink: 19 bytes leftover after parsing attributes in process `syz.1.619'.
[   79.041594][ T5638] msdos: Unknown parameter '˙PL'
[   79.072799][ T5639] loop5: detected capacity change from 0 to 164
[   79.090730][ T5639] syz.5.621: attempt to access beyond end of device
[   79.090730][ T5639] loop5: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   79.113613][ T5639] syz.5.621: attempt to access beyond end of device
[   79.113613][ T5639] loop5: rw=0, sector=263328, nr_sectors = 4 limit=164
[   79.495690][ T5663] loop5: detected capacity change from 0 to 164
[   79.506375][ T5663] syz.5.630: attempt to access beyond end of device
[   79.506375][ T5663] loop5: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   79.521459][ T5663] syz.5.630: attempt to access beyond end of device
[   79.521459][ T5663] loop5: rw=0, sector=263328, nr_sectors = 4 limit=164
[   79.653949][ T5641] loop3: detected capacity change from 0 to 2048
[   79.723011][ T5641]  loop3: p1 p2 p3
[   79.811134][ T5681] loop1: detected capacity change from 0 to 512
[   79.822018][ T5681] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[   79.972950][ T5681] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   80.039738][ T5679] netlink: 'syz.5.637': attribute type 3 has an invalid length.
[   80.074115][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.106798][   T29] kauditd_printk_skb: 423 callbacks suppressed
[   80.106814][   T29] audit: type=1326 audit(1761536448.801:3322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5690 comm="syz.1.641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdbbb4efc9 code=0x7ffc0000
[   80.167744][   T29] audit: type=1326 audit(1761536448.801:3323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5690 comm="syz.1.641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdbbb4efc9 code=0x7ffc0000
[   80.191121][   T29] audit: type=1326 audit(1761536448.801:3324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5690 comm="syz.1.641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdbbb4efc9 code=0x7ffc0000
[   80.214484][   T29] audit: type=1326 audit(1761536448.801:3325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5690 comm="syz.1.641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7efdbbb4efc9 code=0x7ffc0000
[   80.237753][   T29] audit: type=1326 audit(1761536448.801:3326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5690 comm="syz.1.641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdbbb4efc9 code=0x7ffc0000
[   80.261099][   T29] audit: type=1326 audit(1761536448.801:3327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5690 comm="syz.1.641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdbbb4efc9 code=0x7ffc0000
[   80.270104][ T5696] loop5: detected capacity change from 0 to 512
[   80.284652][   T29] audit: type=1326 audit(1761536448.801:3328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5690 comm="syz.1.641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdbbb4efc9 code=0x7ffc0000
[   80.314285][   T29] audit: type=1326 audit(1761536448.801:3329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5690 comm="syz.1.641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdbbb4efc9 code=0x7ffc0000
[   80.338246][   T29] audit: type=1326 audit(1761536448.801:3330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5690 comm="syz.1.641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efdbbb4efc9 code=0x7ffc0000
[   80.361592][   T29] audit: type=1326 audit(1761536448.801:3331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5690 comm="syz.1.641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdbbb4efc9 code=0x7ffc0000
[   80.372952][ T5695] FAULT_INJECTION: forcing a failure.
[   80.372952][ T5695] name failslab, interval 1, probability 0, space 0, times 0
[   80.397702][ T5695] CPU: 1 UID: 0 PID: 5695 Comm: syz.0.644 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   80.397804][ T5695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   80.397818][ T5695] Call Trace:
[   80.397826][ T5695]  <TASK>
[   80.397834][ T5695]  __dump_stack+0x1d/0x30
[   80.397859][ T5695]  dump_stack_lvl+0xe8/0x140
[   80.397879][ T5695]  dump_stack+0x15/0x1b
[   80.397895][ T5695]  should_fail_ex+0x265/0x280
[   80.397966][ T5695]  should_failslab+0x8c/0xb0
[   80.397998][ T5695]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[   80.398031][ T5695]  ? __alloc_skb+0x101/0x320
[   80.398077][ T5695]  __alloc_skb+0x101/0x320
[   80.398105][ T5695]  netlink_alloc_large_skb+0xbf/0xf0
[   80.398222][ T5695]  netlink_sendmsg+0x3cf/0x6b0
[   80.398288][ T5695]  ? __pfx_netlink_sendmsg+0x10/0x10
[   80.398306][ T5695]  __sock_sendmsg+0x145/0x180
[   80.398333][ T5695]  ____sys_sendmsg+0x31e/0x4e0
[   80.398376][ T5695]  ___sys_sendmsg+0x17b/0x1d0
[   80.398505][ T5695]  __x64_sys_sendmsg+0xd4/0x160
[   80.398566][ T5695]  x64_sys_call+0x191e/0x3000
[   80.398629][ T5695]  do_syscall_64+0xd2/0x200
[   80.398651][ T5695]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   80.398685][ T5695]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.398709][ T5695] RIP: 0033:0x7f97ebafefc9
[   80.398729][ T5695] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   80.398748][ T5695] RSP: 002b:00007f97ea567038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   80.398766][ T5695] RAX: ffffffffffffffda RBX: 00007f97ebd55fa0 RCX: 00007f97ebafefc9
[   80.398779][ T5695] RDX: 0000000000048014 RSI: 0000200000000340 RDI: 0000000000000004
[   80.398793][ T5695] RBP: 00007f97ea567090 R08: 0000000000000000 R09: 0000000000000000
[   80.398841][ T5695] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   80.398855][ T5695] R13: 00007f97ebd56038 R14: 00007f97ebd55fa0 R15: 00007ffd9fc5db48
[   80.398878][ T5695]  </TASK>
[   80.636596][ T5696] EXT4-fs warning (device loop5): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   80.652782][ T5696] EXT4-fs (loop5): mount failed
[   80.725639][ T5718] loop5: detected capacity change from 0 to 512
[   80.780127][ T5723] loop1: detected capacity change from 0 to 512
[   80.788229][ T5718] EXT4-fs warning (device loop5): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   80.820922][ T5718] EXT4-fs (loop5): mount failed
[   80.826647][ T5723] EXT4-fs warning (device loop1): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   80.845708][ T5723] EXT4-fs (loop1): mount failed
[   80.925742][ T5737] __nla_validate_parse: 3 callbacks suppressed
[   80.925761][ T5737] netlink: 19 bytes leftover after parsing attributes in process `syz.1.655'.
[   81.081477][ T5755] netlink: 48 bytes leftover after parsing attributes in process `syz.5.662'.
[   81.170615][ T5765] loop1: detected capacity change from 0 to 512
[   81.183016][ T4387] Bluetooth: hci0: Frame reassembly failed (-84)
[   81.195033][ T4387] Bluetooth: hci1: Frame reassembly failed (-84)
[   81.202900][ T5765] EXT4-fs warning (device loop1): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   81.222649][ T5765] EXT4-fs (loop1): mount failed
[   81.248752][ T5773] FAULT_INJECTION: forcing a failure.
[   81.248752][ T5773] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   81.262049][ T5773] CPU: 0 UID: 0 PID: 5773 Comm: syz.0.667 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   81.262092][ T5773] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   81.262182][ T5773] Call Trace:
[   81.262189][ T5773]  <TASK>
[   81.262196][ T5773]  __dump_stack+0x1d/0x30
[   81.262222][ T5773]  dump_stack_lvl+0xe8/0x140
[   81.262312][ T5773]  dump_stack+0x15/0x1b
[   81.262411][ T5773]  should_fail_ex+0x265/0x280
[   81.262436][ T5773]  should_fail+0xb/0x20
[   81.262535][ T5773]  should_fail_usercopy+0x1a/0x20
[   81.262561][ T5773]  _copy_from_user+0x1c/0xb0
[   81.262636][ T5773]  ___sys_sendmsg+0xc1/0x1d0
[   81.262681][ T5773]  __x64_sys_sendmsg+0xd4/0x160
[   81.262723][ T5773]  x64_sys_call+0x191e/0x3000
[   81.262810][ T5773]  do_syscall_64+0xd2/0x200
[   81.262840][ T5773]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   81.262900][ T5773]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   81.262940][ T5773]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   81.262966][ T5773] RIP: 0033:0x7f97ebafefc9
[   81.262984][ T5773] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   81.263006][ T5773] RSP: 002b:00007f97ea567038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   81.263099][ T5773] RAX: ffffffffffffffda RBX: 00007f97ebd55fa0 RCX: 00007f97ebafefc9
[   81.263118][ T5773] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000004
[   81.263133][ T5773] RBP: 00007f97ea567090 R08: 0000000000000000 R09: 0000000000000000
[   81.263147][ T5773] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   81.263161][ T5773] R13: 00007f97ebd56038 R14: 00007f97ebd55fa0 R15: 00007ffd9fc5db48
[   81.263184][ T5773]  </TASK>
[   81.305531][ T5777] netlink: 48 bytes leftover after parsing attributes in process `syz.1.669'.
[   82.593007][ T5859] netlink: 'syz.2.686': attribute type 4 has an invalid length.
[   82.600797][ T5859] netlink: 17 bytes leftover after parsing attributes in process `syz.2.686'.
[   82.639025][ T5853] lo speed is unknown, defaulting to 1000
[   82.753412][ T5871] netlink: 4 bytes leftover after parsing attributes in process `syz.2.690'.
[   82.762962][ T5871] netlink: 20 bytes leftover after parsing attributes in process `syz.2.690'.
[   82.771944][ T5871] netlink: 8 bytes leftover after parsing attributes in process `syz.2.690'.
[   82.980505][ T5883] netlink: 'syz.3.696': attribute type 3 has an invalid length.
[   82.992707][ T5883] loop3: detected capacity change from 0 to 512
[   82.993731][ T5884] SET target dimension over the limit!
[   83.010067][ T5883] EXT4-fs (loop3): too many log groups per flexible block group
[   83.018184][ T5883] EXT4-fs (loop3): failed to initialize mballoc (-12)
[   83.025083][ T5883] EXT4-fs (loop3): mount failed
[   83.074585][ T5890] unsupported nla_type 52263
[   83.081780][ T5890] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   83.090544][ T5890] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   83.205264][ T4744] Bluetooth: hci1: command 0x1003 tx timeout
[   83.205259][ T4743] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   83.205391][   T44] Bluetooth: hci1: Opcode 0x1003 failed: -110
[   83.211359][ T5777] Bluetooth: hci0: Opcode 0x1003 failed: -4
[   83.293418][ T5895] netlink: 'syz.5.700': attribute type 4 has an invalid length.
[   83.301377][ T5895] netlink: 17 bytes leftover after parsing attributes in process `syz.5.700'.
[   83.372399][ T5900] netlink: 'syz.5.702': attribute type 4 has an invalid length.
[   83.380131][ T5900] netlink: 17 bytes leftover after parsing attributes in process `syz.5.702'.
[   83.450308][ T5902] loop5: detected capacity change from 0 to 512
[   83.476711][ T5902] EXT4-fs warning (device loop5): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   83.491922][ T5902] EXT4-fs (loop5): mount failed
[   83.643381][ T5911] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=5911 comm=syz.3.704
[   83.841894][ T5913] loop5: detected capacity change from 0 to 1024
[   83.868228][ T5913] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   83.884062][ T5919] netlink: 19 bytes leftover after parsing attributes in process `syz.0.708'.
[   83.935082][ T5913] EXT4-fs error (device loop5): mb_free_blocks:2017: group 0, inode 18: block 241:freeing already freed block (bit 15); block bitmap corrupt.
[   83.988312][ T5129] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.066037][ T5935] loop3: detected capacity change from 0 to 512
[   84.096895][ T5938] loop5: detected capacity change from 0 to 512
[   84.112001][ T5938] EXT4-fs: Ignoring removed bh option
[   84.134925][ T5938] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[   84.149555][ T5935] EXT4-fs warning (device loop3): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   84.165627][ T5938] EXT4-fs (loop5): 1 truncate cleaned up
[   84.180621][ T5935] EXT4-fs (loop3): mount failed
[   84.192380][ T5938] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   84.228288][ T5129] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.398355][ T5969] bridge_slave_1: left allmulticast mode
[   84.404080][ T5969] bridge_slave_1: left promiscuous mode
[   84.409996][ T5969] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.426904][ T5969] bridge_slave_0: left allmulticast mode
[   84.433408][ T5969] bridge_slave_0: left promiscuous mode
[   84.439286][ T5969] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.639225][ T5966] 9pnet_fd: Insufficient options for proto=fd
[   84.698607][ T5940] lo speed is unknown, defaulting to 1000
[   84.817777][ T5987] netlink: 'syz.2.728': attribute type 4 has an invalid length.
[   85.080050][ T6000] loop5: detected capacity change from 0 to 512
[   85.110754][ T6000] EXT4-fs warning (device loop5): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   85.126428][ T6000] EXT4-fs (loop5): mount failed
[   85.282253][   T29] kauditd_printk_skb: 421 callbacks suppressed
[   85.282273][   T29] audit: type=1326 audit(1761536453.961:3746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6014 comm="syz.3.740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe89abefc9 code=0x7ffc0000
[   85.311934][   T29] audit: type=1326 audit(1761536453.961:3747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6014 comm="syz.3.740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe89abefc9 code=0x7ffc0000
[   85.335518][   T29] audit: type=1326 audit(1761536453.961:3748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6014 comm="syz.3.740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbe89ac0ee7 code=0x7ffc0000
[   85.358881][   T29] audit: type=1326 audit(1761536453.961:3749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6014 comm="syz.3.740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7fbe89ac0e5c code=0x7ffc0000
[   85.382542][   T29] audit: type=1326 audit(1761536453.961:3750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6014 comm="syz.3.740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fbe89ac0d94 code=0x7ffc0000
[   85.405920][   T29] audit: type=1326 audit(1761536453.961:3751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6014 comm="syz.3.740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fbe89ac0d94 code=0x7ffc0000
[   85.429429][   T29] audit: type=1326 audit(1761536453.961:3752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6014 comm="syz.3.740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fbe89abdc2a code=0x7ffc0000
[   85.452603][   T29] audit: type=1326 audit(1761536453.961:3753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6014 comm="syz.3.740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe89abefc9 code=0x7ffc0000
[   85.475962][   T29] audit: type=1326 audit(1761536453.961:3754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6014 comm="syz.3.740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbe89abd810 code=0x7ffc0000
[   85.499327][   T29] audit: type=1326 audit(1761536453.961:3755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6014 comm="syz.3.740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fbe89ac07f7 code=0x7ffc0000
[   85.540752][ T4397] Bluetooth: hci0: Frame reassembly failed (-84)
[   85.629475][ T6010] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   85.846970][ T6043] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:0
[   85.974116][ T6050] loop5: detected capacity change from 0 to 512
[   86.007939][ T6050] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   86.022306][ T6050] ext4 filesystem being mounted at /48/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   86.065478][ T6047] EXT4-fs: Remounting fs w/o journal so ignoring data_err option
[   86.073350][ T6047] EXT4-fs: Cannot change journaled quota options when quota turned on
[   86.104864][ T6061] netlink: 'syz.2.754': attribute type 6 has an invalid length.
[   86.113053][ T6061] netlink: 'syz.2.754': attribute type 6 has an invalid length.
[   86.121043][ T6061] netlink: 'syz.2.754': attribute type 6 has an invalid length.
[   86.131684][ T6061] netlink: 'syz.2.754': attribute type 6 has an invalid length.
[   86.139725][ T6061] netlink: 'syz.2.754': attribute type 6 has an invalid length.
[   86.178171][ T5129] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.208139][ T6066] __nla_validate_parse: 8 callbacks suppressed
[   86.208158][ T6066] netlink: 40 bytes leftover after parsing attributes in process `syz.2.757'.
[   86.215375][ T6068] IPv6: NLM_F_CREATE should be specified when creating new route
[   86.279649][ T6074] netlink: 4 bytes leftover after parsing attributes in process `syz.2.760'.
[   86.575543][ T6084] lo speed is unknown, defaulting to 1000
[   86.845363][ T6090] 9pnet_fd: Insufficient options for proto=fd
[   87.172591][ T6109] loop1: detected capacity change from 0 to 512
[   87.187260][ T6109] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[   87.222994][ T6109] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   87.309627][ T6112] 9pnet_fd: Insufficient options for proto=fd
[   87.345548][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.407779][ T6122] .`: (slave dummy0): Enslaving as an active interface with an up link
[   87.510533][ T6131] lo speed is unknown, defaulting to 1000
[   87.538124][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   87.672940][ T6141] loop5: detected capacity change from 0 to 164
[   87.717874][ T6141] syz.5.781: attempt to access beyond end of device
[   87.717874][ T6141] loop5: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   87.754577][ T6141] syz.5.781: attempt to access beyond end of device
[   87.754577][ T6141] loop5: rw=0, sector=263328, nr_sectors = 4 limit=164
[   87.768838][ T6150] loop1: detected capacity change from 0 to 512
[   87.779550][ T6150] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[   87.811725][ T6150] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   87.847712][ T6156] netlink: 19 bytes leftover after parsing attributes in process `syz.5.788'.
[   87.857718][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.913094][ T6162] netlink: 19 bytes leftover after parsing attributes in process `syz.5.791'.
[   87.927914][ T6164] netlink: 48 bytes leftover after parsing attributes in process `syz.1.792'.
[   87.943715][ T4917] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   87.960969][ T4917] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   88.074872][ T6166] hid-generic 0000:0000:0000.0001: pid 6166 passed too short report
[   88.092826][ T5796] Bluetooth: hci0: Frame reassembly failed (-84)
[   88.159766][ T6175] netlink: 19 bytes leftover after parsing attributes in process `syz.2.795'.
[   88.243539][ T6184] validate_nla: 61 callbacks suppressed
[   88.243558][ T6184] netlink: 'syz.2.799': attribute type 4 has an invalid length.
[   88.256981][ T6184] netlink: 17 bytes leftover after parsing attributes in process `syz.2.799'.
[   89.459453][ T6217] loop5: detected capacity change from 0 to 256
[   89.524090][ T6217] FAT-fs (loop5): Directory bread(block 64) failed
[   89.540879][ T6217] FAT-fs (loop5): Directory bread(block 65) failed
[   89.551041][ T6217] FAT-fs (loop5): Directory bread(block 66) failed
[   89.553211][ T6215] sch_tbf: burst 2 is lower than device syzkaller0 mtu (1514) !
[   89.565237][ T6217] FAT-fs (loop5): Directory bread(block 67) failed
[   89.576321][ T6217] FAT-fs (loop5): Directory bread(block 68) failed
[   89.582940][ T6217] FAT-fs (loop5): Directory bread(block 69) failed
[   89.593028][ T6217] FAT-fs (loop5): Directory bread(block 70) failed
[   89.603241][ T6217] FAT-fs (loop5): Directory bread(block 71) failed
[   89.610246][ T6217] FAT-fs (loop5): Directory bread(block 72) failed
[   89.616883][ T6217] FAT-fs (loop5): Directory bread(block 73) failed
[   89.708498][ T6224] netlink: 'syz.5.811': attribute type 4 has an invalid length.
[   89.716313][ T6224] netlink: 17 bytes leftover after parsing attributes in process `syz.5.811'.
[   89.997770][ T6236] loop5: detected capacity change from 0 to 512
[   90.016434][ T6236] EXT4-fs warning (device loop5): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   90.031820][ T6236] EXT4-fs (loop5): mount failed
[   90.165300][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   90.181923][ T6240] hub 6-0:1.0: USB hub found
[   90.187142][ T6240] hub 6-0:1.0: 8 ports detected
[   90.286855][ T6249] loop3: detected capacity change from 0 to 512
[   90.294187][ T6249] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[   90.306770][ T6249] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   90.335060][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.376337][ T6255] msdos: Unknown parameter '˙PL'
[   90.383175][   T29] kauditd_printk_skb: 430 callbacks suppressed
[   90.383190][   T29] audit: type=1400 audit(1761536459.071:4185): avc:  denied  { mount } for  pid=6254 comm="syz.1.822" name="/" dev="configfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[   90.433647][ T6256] loop3: detected capacity change from 0 to 1764
[   90.440479][ T6256] iso9660: Unknown parameter 'dmjŇtÍ0x0000000000000005'
[   90.465090][   T29] audit: type=1400 audit(1761536459.151:4186): avc:  denied  { create } for  pid=6253 comm="syz.3.821" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[   90.486705][   T29] audit: type=1400 audit(1761536459.181:4187): avc:  denied  { sys_admin } for  pid=6253 comm="syz.3.821" capability=21  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1
[   90.545816][ T6262] netlink: 'syz.3.823': attribute type 4 has an invalid length.
[   90.553515][ T6262] netlink: 17 bytes leftover after parsing attributes in process `syz.3.823'.
[   90.644372][   T29] audit: type=1326 audit(1761536459.331:4188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6270 comm="syz.2.827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eaa38efc9 code=0x7ffc0000
[   90.678259][ T6273] netlink: 20 bytes leftover after parsing attributes in process `syz.0.828'.
[   90.723953][ T6275] loop3: detected capacity change from 0 to 512
[   90.732967][   T29] audit: type=1326 audit(1761536459.361:4189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6270 comm="syz.2.827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0eaa38efc9 code=0x7ffc0000
[   90.756388][   T29] audit: type=1326 audit(1761536459.361:4190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6270 comm="syz.2.827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eaa38efc9 code=0x7ffc0000
[   90.779931][   T29] audit: type=1326 audit(1761536459.361:4191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6270 comm="syz.2.827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0eaa38efc9 code=0x7ffc0000
[   90.803342][   T29] audit: type=1326 audit(1761536459.361:4192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6270 comm="syz.2.827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eaa38efc9 code=0x7ffc0000
[   90.826794][   T29] audit: type=1326 audit(1761536459.361:4193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6270 comm="syz.2.827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0eaa38efc9 code=0x7ffc0000
[   90.850230][   T29] audit: type=1326 audit(1761536459.361:4194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6270 comm="syz.2.827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eaa38efc9 code=0x7ffc0000
[   90.886551][ T6275] EXT4-fs warning (device loop3): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   90.902487][ T6275] EXT4-fs (loop3): mount failed
[   91.171461][ T6255] loop1: detected capacity change from 0 to 2048
[   91.216374][ T6255]  loop1: p1 p2 p3
[   91.504381][ T6301] netlink: 'syz.1.836': attribute type 4 has an invalid length.
[   91.512136][ T6301] netlink: 17 bytes leftover after parsing attributes in process `syz.1.836'.
[   91.550150][ T6303] sctp: [Deprecated]: syz.0.837 (pid 6303) Use of int in max_burst socket option.
[   91.550150][ T6303] Use struct sctp_assoc_value instead
[   91.688909][ T6314] netlink: 8 bytes leftover after parsing attributes in process `syz.2.841'.
[   91.992504][ T6321] 9pnet_fd: Insufficient options for proto=fd
[   92.042872][ T6325] msdos: Unknown parameter '˙PL'
[   92.167024][ T6333] netlink: 'syz.3.848': attribute type 4 has an invalid length.
[   92.174757][ T6333] netlink: 17 bytes leftover after parsing attributes in process `syz.3.848'.
[   92.467750][ T6325] loop5: detected capacity change from 0 to 2048
[   92.506426][ T3302]  loop5: p1 p2 p3
[   92.522474][ T6325]  loop5: p1 p2 p3
[   92.532963][ T3003]  loop5: p1 p2 p3
[   92.664399][ T6338] sch_tbf: burst 2 is lower than device syzkaller0 mtu (1514) !
[   92.686808][ T6358] netlink: 96 bytes leftover after parsing attributes in process `syz.2.856'.
[   92.733164][ T6360] netlink: 19 bytes leftover after parsing attributes in process `syz.2.858'.
[   92.941391][ T6366] syzkaller1: entered promiscuous mode
[   92.946978][ T6366] syzkaller1: entered allmulticast mode
[   93.138764][ T6374] netlink: 19 bytes leftover after parsing attributes in process `syz.3.864'.
[   93.302988][ T6385] netlink: 19 bytes leftover after parsing attributes in process `syz.1.869'.
[   93.347214][ T6392] msdos: Unknown parameter '˙PL'
[   93.584530][ T6402] netlink: 'syz.0.875': attribute type 10 has an invalid length.
[   93.592529][ T6402] macvlan1: entered promiscuous mode
[   93.597957][ T6402] macvlan1: entered allmulticast mode
[   93.604930][ T6402] veth1_vlan: entered promiscuous mode
[   93.610490][ T6402] veth1_vlan: entered allmulticast mode
[   93.617745][ T6402] .`: (slave macvlan1): Enslaving as an active interface with an up link
[   93.749058][ T6413] netlink: 19 bytes leftover after parsing attributes in process `syz.2.880'.
[   93.768321][ T6415] netlink: 20 bytes leftover after parsing attributes in process `syz.0.876'.
[   93.777438][ T6392] loop1: detected capacity change from 0 to 2048
[   93.816357][ T3302]  loop1: p1 p2 p3
[   93.826263][ T6392]  loop1: p1 p2 p3
[   94.150270][ T6427] loop1: detected capacity change from 0 to 512
[   94.162000][ T6427] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[   94.199648][ T6427] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   94.210080][ T6435] netlink: 4 bytes leftover after parsing attributes in process `syz.5.888'.
[   94.233095][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   94.270262][ T6436] loop5: detected capacity change from 0 to 1024
[   94.292444][ T6436] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   94.373717][ T6450] msdos: Unknown parameter '˙PL'
[   94.983387][ T6450] loop3: detected capacity change from 0 to 2048
[   95.095709][ T6450]  loop3: p1 p2 p3
[   95.210111][ T5129] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.289625][ T6470] loop5: detected capacity change from 0 to 164
[   95.302473][ T6472] loop1: detected capacity change from 0 to 512
[   95.333225][ T6472] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[   95.425355][ T6472] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   95.463642][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.505395][   T29] kauditd_printk_skb: 327 callbacks suppressed
[   95.505409][   T29] audit: type=1326 audit(1761536464.191:4521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6481 comm="syz.3.904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe89abefc9 code=0x7ffc0000
[   95.535303][   T29] audit: type=1326 audit(1761536464.191:4522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6481 comm="syz.3.904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe89abefc9 code=0x7ffc0000
[   95.558903][   T29] audit: type=1326 audit(1761536464.191:4523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6481 comm="syz.3.904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe89abefc9 code=0x7ffc0000
[   95.582277][   T29] audit: type=1326 audit(1761536464.191:4524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6481 comm="syz.3.904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe89abefc9 code=0x7ffc0000
[   95.606017][   T29] audit: type=1326 audit(1761536464.191:4525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6481 comm="syz.3.904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe89abefc9 code=0x7ffc0000
[   95.629378][   T29] audit: type=1326 audit(1761536464.191:4526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6481 comm="syz.3.904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fbe89abefc9 code=0x7ffc0000
[   95.652773][   T29] audit: type=1326 audit(1761536464.191:4527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6481 comm="syz.3.904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe89abefc9 code=0x7ffc0000
[   95.676660][   T29] audit: type=1326 audit(1761536464.191:4528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6481 comm="syz.3.904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe89abefc9 code=0x7ffc0000
[   95.700048][   T29] audit: type=1326 audit(1761536464.191:4529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6481 comm="syz.3.904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe89abefc9 code=0x7ffc0000
[   95.723473][   T29] audit: type=1326 audit(1761536464.191:4530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6481 comm="syz.3.904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbe89abefc9 code=0x7ffc0000
[   95.768867][ T6497] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   95.776386][ T6497] batman_adv: batadv0: Removing interface: batadv_slave_0
[   95.797749][ T6497] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   95.805241][ T6497] batman_adv: batadv0: Removing interface: batadv_slave_1
[   95.815425][ T6497] bridge0: port 3(batadv0) entered disabled state
[   95.824053][ T6497] bridge0: port 3(batadv0) entered disabled state
[   95.845526][ T6484] lo speed is unknown, defaulting to 1000
[   95.894381][ T6500] loop1: detected capacity change from 0 to 512
[   95.947716][ T6500] EXT4-fs warning (device loop1): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   95.995528][ T6500] EXT4-fs (loop1): mount failed
[   96.712250][ T6522] loop5: detected capacity change from 0 to 164
[   96.729246][ T6523] FAULT_INJECTION: forcing a failure.
[   96.729246][ T6523] name failslab, interval 1, probability 0, space 0, times 0
[   96.741975][ T6523] CPU: 1 UID: 0 PID: 6523 Comm: syz.0.914 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   96.742004][ T6523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   96.742021][ T6523] Call Trace:
[   96.742042][ T6523]  <TASK>
[   96.742053][ T6523]  __dump_stack+0x1d/0x30
[   96.742083][ T6523]  dump_stack_lvl+0xe8/0x140
[   96.742112][ T6523]  dump_stack+0x15/0x1b
[   96.742136][ T6523]  should_fail_ex+0x265/0x280
[   96.742163][ T6523]  should_failslab+0x8c/0xb0
[   96.742205][ T6523]  __kmalloc_cache_node_noprof+0x54/0x4a0
[   96.742240][ T6523]  ? __get_vm_area_node+0x106/0x1d0
[   96.742329][ T6523]  __get_vm_area_node+0x106/0x1d0
[   96.742373][ T6523]  __vmalloc_node_range_noprof+0x28c/0xed0
[   96.742420][ T6523]  ? bpf_prog_alloc_no_stats+0x47/0x3b0
[   96.742468][ T6523]  ? bpf_perf_event_read+0x129/0x150
[   96.742504][ T6523]  ? __rcu_read_unlock+0x4f/0x70
[   96.742540][ T6523]  ? __perf_event_task_sched_in+0xa5b/0xac0
[   96.742594][ T6523]  ? bpf_prog_alloc_no_stats+0x47/0x3b0
[   96.742713][ T6523]  __vmalloc_noprof+0x83/0xc0
[   96.742756][ T6523]  ? bpf_prog_alloc_no_stats+0x47/0x3b0
[   96.742793][ T6523]  bpf_prog_alloc_no_stats+0x47/0x3b0
[   96.742920][ T6523]  ? bpf_prog_alloc+0x2a/0x150
[   96.742961][ T6523]  bpf_prog_alloc+0x3c/0x150
[   96.743047][ T6523]  bpf_prog_create_from_user+0x7d/0x260
[   96.743084][ T6523]  ? __pfx_seccomp_check_filter+0x10/0x10
[   96.743126][ T6523]  do_seccomp+0x5ef/0xa40
[   96.743159][ T6523]  ? trace_reschedule_exit+0xd/0xc0
[   96.743246][ T6523]  __x64_sys_seccomp+0x40/0x50
[   96.743275][ T6523]  x64_sys_call+0x2ad8/0x3000
[   96.743305][ T6523]  do_syscall_64+0xd2/0x200
[   96.743331][ T6523]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   96.743412][ T6523]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   96.743456][ T6523]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.743486][ T6523] RIP: 0033:0x7f97ebafefc9
[   96.743503][ T6523] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   96.743531][ T6523] RSP: 002b:00007f97ea546038 EFLAGS: 00000246 ORIG_RAX: 000000000000013d
[   96.743551][ T6523] RAX: ffffffffffffffda RBX: 00007f97ebd56090 RCX: 00007f97ebafefc9
[   96.743564][ T6523] RDX: 0000200000000040 RSI: 000000000000001d RDI: 0000000000000001
[   96.743581][ T6523] RBP: 00007f97ea546090 R08: 0000000000000000 R09: 0000000000000000
[   96.743597][ T6523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   96.743614][ T6523] R13: 00007f97ebd56128 R14: 00007f97ebd56090 R15: 00007ffd9fc5db48
[   96.743647][ T6523]  </TASK>
[   96.743657][ T6523] syz.0.914: vmalloc error: size 4096, vm_struct allocation failed, mode:0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0
[   97.016831][ T6523] CPU: 1 UID: 0 PID: 6523 Comm: syz.0.914 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   97.016898][ T6523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   97.016914][ T6523] Call Trace:
[   97.016922][ T6523]  <TASK>
[   97.016932][ T6523]  __dump_stack+0x1d/0x30
[   97.016995][ T6523]  dump_stack_lvl+0xe8/0x140
[   97.017032][ T6523]  dump_stack+0x15/0x1b
[   97.017050][ T6523]  warn_alloc+0x12b/0x1a0
[   97.017092][ T6523]  __vmalloc_node_range_noprof+0x2b1/0xed0
[   97.017211][ T6523]  ? bpf_perf_event_read+0x129/0x150
[   97.017241][ T6523]  ? __rcu_read_unlock+0x4f/0x70
[   97.017269][ T6523]  ? __perf_event_task_sched_in+0xa5b/0xac0
[   97.017308][ T6523]  ? bpf_prog_alloc_no_stats+0x47/0x3b0
[   97.017380][ T6523]  __vmalloc_noprof+0x83/0xc0
[   97.017414][ T6523]  ? bpf_prog_alloc_no_stats+0x47/0x3b0
[   97.017550][ T6523]  bpf_prog_alloc_no_stats+0x47/0x3b0
[   97.017581][ T6523]  ? bpf_prog_alloc+0x2a/0x150
[   97.017619][ T6523]  bpf_prog_alloc+0x3c/0x150
[   97.017701][ T6523]  bpf_prog_create_from_user+0x7d/0x260
[   97.017742][ T6523]  ? __pfx_seccomp_check_filter+0x10/0x10
[   97.017852][ T6523]  do_seccomp+0x5ef/0xa40
[   97.017880][ T6523]  ? trace_reschedule_exit+0xd/0xc0
[   97.017911][ T6523]  __x64_sys_seccomp+0x40/0x50
[   97.017944][ T6523]  x64_sys_call+0x2ad8/0x3000
[   97.017974][ T6523]  do_syscall_64+0xd2/0x200
[   97.018054][ T6523]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   97.018166][ T6523]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   97.018199][ T6523]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.018231][ T6523] RIP: 0033:0x7f97ebafefc9
[   97.018308][ T6523] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.018325][ T6523] RSP: 002b:00007f97ea546038 EFLAGS: 00000246 ORIG_RAX: 000000000000013d
[   97.018343][ T6523] RAX: ffffffffffffffda RBX: 00007f97ebd56090 RCX: 00007f97ebafefc9
[   97.018422][ T6523] RDX: 0000200000000040 RSI: 000000000000001d RDI: 0000000000000001
[   97.018438][ T6523] RBP: 00007f97ea546090 R08: 0000000000000000 R09: 0000000000000000
[   97.018453][ T6523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   97.018520][ T6523] R13: 00007f97ebd56128 R14: 00007f97ebd56090 R15: 00007ffd9fc5db48
[   97.018539][ T6523]  </TASK>
[   97.018554][ T6523] Mem-Info:
[   97.107500][ T6522] syz.5.915: attempt to access beyond end of device
[   97.107500][ T6522] loop5: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   97.110683][ T6523] active_anon:15560 inactive_anon:0 isolated_anon:0
[   97.110683][ T6523]  active_file:23654 inactive_file:2557 isolated_file:0
[   97.110683][ T6523]  unevictable:0 dirty:308 writeback:0
[   97.110683][ T6523]  slab_reclaimable:3379 slab_unreclaimable:49681
[   97.110683][ T6523]  mapped:38426 shmem:8796 pagetables:1053
[   97.110683][ T6523]  sec_pagetables:0 bounce:0
[   97.110683][ T6523]  kernel_misc_reclaimable:0
[   97.110683][ T6523]  free:1807156 free_pcp:18283 free_cma:0
[   97.115374][ T6522] syz.5.915: attempt to access beyond end of device
[   97.115374][ T6522] loop5: rw=0, sector=263328, nr_sectors = 4 limit=164
[   97.120892][ T6523] Node 0 active_anon:62240kB inactive_anon:0kB active_file:94616kB inactive_file:10228kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:153704kB dirty:1232kB writeback:0kB shmem:35184kB kernel_stack:4400kB pagetables:4212kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[   97.151588][ T6520] lo speed is unknown, defaulting to 1000
[   97.156438][ T6523] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   97.293475][ T6514] netlink: 32 bytes leftover after parsing attributes in process `syz.1.913'.
[   97.306674][ T6523] lowmem_reserve[]: 0 2881 7859 7859
[   97.306710][ T6523] Node 0 DMA32 free:2946744kB boost:0kB min:4132kB low:7060kB high:9988kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:3129332kB managed:2950272kB mlocked:0kB bounce:0kB free_pcp:3528kB local_pcp:0kB free_cma:0kB
[   97.428334][ T6523] lowmem_reserve[]: 0 0 4978 4978
[   97.433427][ T6523] Node 0 Normal free:4262232kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB free_highatomic:0KB active_anon:62124kB inactive_anon:0kB active_file:94616kB inactive_file:10228kB unevictable:0kB writepending:1232kB zspages:0kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:69156kB local_pcp:10040kB free_cma:0kB
[   97.466648][ T6523] lowmem_reserve[]: 0 0 0 0
[   97.471249][ T6523] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   97.483927][ T6523] Node 0 DMA32: 2*4kB (M) 2*8kB (M) 6*16kB (M) 2*32kB (M) 4*64kB (M) 2*128kB (M) 2*256kB (M) 3*512kB (M) 3*1024kB (M) 2*2048kB (M) 717*4096kB (M) = 2946744kB
[   97.499996][ T6523] Node 0 Normal: 30*4kB (UME) 160*8kB (UME) 510*16kB (UME) 74*32kB (UME) 81*64kB (UM) 111*128kB (UME) 149*256kB (UME) 73*512kB (UME) 52*1024kB (UME) 13*2048kB (UM) 995*4096kB (UM) = 4262232kB
[   97.519105][ T6523] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[   97.528512][ T6523] 35003 total pagecache pages
[   97.533237][ T6523] 0 pages in swap cache
[   97.537415][ T6523] Free swap  = 124996kB
[   97.541569][ T6523] Total swap = 124996kB
[   97.545772][ T6523] 2097051 pages RAM
[   97.549750][ T6523] 0 pages HighMem/MovableOnly
[   97.554432][ T6523] 81083 pages reserved
[   97.641407][ T6529] netlink: 16 bytes leftover after parsing attributes in process `syz.2.917'.
[   97.826268][ T6550] x_tables: ip_tables: DNAT target: used from hooks POSTROUTING, but only usable from PREROUTING/OUTPUT
[   97.848302][ T6551] netlink: 'syz.5.922': attribute type 16 has an invalid length.
[   97.856218][ T6551] netlink: 'syz.5.922': attribute type 17 has an invalid length.
[   97.885333][ T6551] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   98.725114][ T6583] loop3: detected capacity change from 0 to 512
[   98.726673][ T6580] tipc: Started in network mode
[   98.736540][ T6580] tipc: Node identity 4, cluster identity 4711
[   98.742861][ T6580] tipc: Node number set to 4
[   98.753522][ T6580] netlink: 12 bytes leftover after parsing attributes in process `syz.1.935'.
[   98.759163][ T6583] EXT4-fs warning (device loop3): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   98.762631][ T6580] netlink: 'syz.1.935': attribute type 2 has an invalid length.
[   98.786110][ T6583] EXT4-fs (loop3): mount failed
[   98.875596][ T6596] netlink: 8 bytes leftover after parsing attributes in process `syz.1.940'.
[   98.927271][ T6598] loop1: detected capacity change from 0 to 164
[   98.962045][ T6598] syz.1.941: attempt to access beyond end of device
[   98.962045][ T6598] loop1: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   98.976015][ T6598] syz.1.941: attempt to access beyond end of device
[   98.976015][ T6598] loop1: rw=0, sector=263328, nr_sectors = 4 limit=164
[   99.061630][ T6608] loop3: detected capacity change from 0 to 1024
[   99.078917][ T6608] EXT4-fs: inline encryption not supported
[   99.097492][ T6608] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   99.121056][ T6608] netlink: 72 bytes leftover after parsing attributes in process `syz.3.945'.
[   99.131004][ T6608] netlink: 64 bytes leftover after parsing attributes in process `syz.3.945'.
[   99.136849][ T6615] loop1: detected capacity change from 0 to 512
[   99.151804][ T6615] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[   99.170219][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.190770][ T6615] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   99.228182][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.294147][ T6627] netlink: 19 bytes leftover after parsing attributes in process `syz.1.952'.
[   99.334127][ T6629] loop1: detected capacity change from 0 to 1024
[   99.343146][ T6629] EXT4-fs: inline encryption not supported
[   99.357771][ T6629] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   99.376649][ T6629] netlink: 72 bytes leftover after parsing attributes in process `syz.1.953'.
[   99.386277][ T6629] netlink: 64 bytes leftover after parsing attributes in process `syz.1.953'.
[   99.407879][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.515722][ T6641] loop1: detected capacity change from 0 to 8192
[   99.524620][ T6641] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   99.539642][ T6641] ipt_rpfilter: only valid in 'raw' or 'mangle' table, not '
'
[   99.952276][ T6659] loop3: detected capacity change from 0 to 1024
[   99.961915][ T6659] EXT4-fs: inline encryption not supported
[   99.978149][ T6659] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.004927][ T6659] netlink: 72 bytes leftover after parsing attributes in process `syz.3.964'.
[  100.035223][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.094261][ T6669] loop1: detected capacity change from 0 to 512
[  100.105628][ T6669] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  100.156068][ T6669] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.290111][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.329196][ T6692] netlink: 'syz.1.975': attribute type 4 has an invalid length.
[  100.410624][ T6697] dvmrp1: entered allmulticast mode
[  100.613334][   T29] kauditd_printk_skb: 259 callbacks suppressed
[  100.613352][   T29] audit: type=1326 audit(1761536469.301:4788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6708 comm="syz.1.981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdbbb4efc9 code=0x7ffc0000
[  100.672938][   T29] audit: type=1326 audit(1761536469.301:4789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6708 comm="syz.1.981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efdbbb4efc9 code=0x7ffc0000
[  100.696448][   T29] audit: type=1326 audit(1761536469.301:4790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6708 comm="syz.1.981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdbbb4efc9 code=0x7ffc0000
[  100.719792][   T29] audit: type=1326 audit(1761536469.301:4791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6708 comm="syz.1.981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efdbbb4efc9 code=0x7ffc0000
[  100.743260][   T29] audit: type=1326 audit(1761536469.301:4792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6708 comm="syz.1.981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdbbb4efc9 code=0x7ffc0000
[  100.766645][   T29] audit: type=1326 audit(1761536469.301:4793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6708 comm="syz.1.981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=271 compat=0 ip=0x7efdbbb4efc9 code=0x7ffc0000
[  100.960902][ T6719] IPv6: NLM_F_CREATE should be specified when creating new route
[  101.188062][ T6727] netlink: 'syz.0.986': attribute type 4 has an invalid length.
[  101.263044][ T6727] netlink: 'syz.0.986': attribute type 4 has an invalid length.
[  101.579865][   T29] audit: type=1400 audit(1761536470.221:4794): avc:  denied  { listen } for  pid=6734 comm="syz.5.988" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  101.637793][   T29] audit: type=1326 audit(1761536470.301:4795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6736 comm="syz.1.989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdbbb4efc9 code=0x7ffc0000
[  101.661424][   T29] audit: type=1326 audit(1761536470.301:4796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6736 comm="syz.1.989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdbbb4efc9 code=0x7ffc0000
[  101.684766][   T29] audit: type=1326 audit(1761536470.301:4797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6736 comm="syz.1.989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=115 compat=0 ip=0x7efdbbb4efc9 code=0x7ffc0000
[  101.710640][ T6744] macvtap1: entered promiscuous mode
[  101.716090][ T6744] macvtap1: entered allmulticast mode
[  101.742033][ T6744] veth1: entered allmulticast mode
[  101.747275][ T6744] veth1: entered promiscuous mode
[  101.762888][ T6744] team0: Device macvtap1 failed to register rx_handler
[  101.782042][ T6744] veth1: left allmulticast mode
[  101.786977][ T6744] veth1: left promiscuous mode
[  101.862236][ T6730] 9pnet_fd: Insufficient options for proto=fd
[  102.183011][ T6759] sch_tbf: burst 2 is lower than device syzkaller0 mtu (1514) !
[  102.326481][ T6785] loop3: detected capacity change from 0 to 512
[  102.347019][ T6785] EXT4-fs warning (device loop3): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  102.362120][ T6785] EXT4-fs (loop3): mount failed
[  102.397134][ T6792] loop1: detected capacity change from 0 to 512
[  102.434159][ T6792] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.1008: inode has both inline data and extents flags
[  102.449590][ T6792] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.1008: couldn't read orphan inode 15 (err -117)
[  102.462181][ T6792] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.528154][ T6805] __nla_validate_parse: 5 callbacks suppressed
[  102.528172][ T6805] netlink: 19 bytes leftover after parsing attributes in process `syz.3.1014'.
[  102.909467][ T6828] lo speed is unknown, defaulting to 1000
[  102.932277][ T6837] loop3: detected capacity change from 0 to 512
[  102.947991][ T6837] EXT4-fs warning (device loop3): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  102.964758][ T6837] EXT4-fs (loop3): mount failed
[  103.025050][ T6846] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1028'.
[  103.124516][ T6857] msdos: Unknown parameter '˙PL'
[  103.302060][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.814584][ T6875] loop1: detected capacity change from 0 to 164
[  103.845844][ T6875] syz.1.1036: attempt to access beyond end of device
[  103.845844][ T6875] loop1: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  103.880847][ T6875] syz.1.1036: attempt to access beyond end of device
[  103.880847][ T6875] loop1: rw=0, sector=263328, nr_sectors = 4 limit=164
[  103.957693][ T6857] loop5: detected capacity change from 0 to 2048
[  104.017093][ T3302]  loop5: p1 p2 p3
[  104.027765][ T6857]  loop5: p1 p2 p3
[  104.370241][ T6894] sch_tbf: burst 2 is lower than device syzkaller0 mtu (1514) !
[  104.439141][ T6901] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  104.680278][ T6904] loop5: detected capacity change from 0 to 512
[  104.696783][ T6904] EXT4-fs warning (device loop5): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  104.715210][ T6904] EXT4-fs (loop5): mount failed
[  104.792334][ T6914] netlink: 48 bytes leftover after parsing attributes in process `syz.5.1048'.
[  104.851697][ T6920] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=6920 comm=syz.1.1051
[  105.064518][ T6940] lo speed is unknown, defaulting to 1000
[  105.226962][ T6945] wg2: entered promiscuous mode
[  105.231909][ T6945] wg2: entered allmulticast mode
[  105.260102][ T6949] netlink: 19 bytes leftover after parsing attributes in process `syz.3.1062'.
[  105.330894][ T6953] loop3: detected capacity change from 0 to 164
[  105.361991][ T6953] syz.3.1064: attempt to access beyond end of device
[  105.361991][ T6953] loop3: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  105.380817][ T6953] syz.3.1064: attempt to access beyond end of device
[  105.380817][ T6953] loop3: rw=0, sector=263328, nr_sectors = 4 limit=164
[  105.672343][ T6973] loop5: detected capacity change from 0 to 1024
[  105.705569][   T29] kauditd_printk_skb: 324 callbacks suppressed
[  105.705585][   T29] audit: type=1400 audit(1761536474.401:5119): avc:  denied  { getopt } for  pid=6970 comm="syz.3.1071" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  105.715703][ T6973] EXT4-fs: inline encryption not supported
[  105.789308][ T6973] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.864368][ T6973] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4193: comm syz.5.1072: Allocating blocks 497-513 which overlap fs metadata
[  105.885523][ T6973] EXT4-fs (loop5): Remounting filesystem read-only
[  105.892500][   T29] audit: type=1400 audit(1761536474.581:5120): avc:  denied  { getopt } for  pid=6983 comm="syz.0.1075" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  105.952400][ T6972] EXT4-fs (loop5): pa ffff888106e70770: logic 256, phys. 401, len 7
[  105.985240][ T6986] netlink: 80 bytes leftover after parsing attributes in process `syz.0.1076'.
[  106.032175][ T6986] SELinux: failed to load policy
[  106.033676][   T29] audit: type=1400 audit(1761536474.721:5121): avc:  denied  { load_policy } for  pid=6985 comm="syz.0.1076" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  106.078008][ T5129] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.136341][   T29] audit: type=1326 audit(1761536474.831:5122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6959 comm="syz.2.1067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eaa38efc9 code=0x7ffc0000
[  106.165115][   T29] audit: type=1326 audit(1761536474.851:5123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6959 comm="syz.2.1067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=152 compat=0 ip=0x7f0eaa38efc9 code=0x7ffc0000
[  106.188638][   T29] audit: type=1326 audit(1761536474.851:5124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6959 comm="syz.2.1067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eaa38efc9 code=0x7ffc0000
[  106.212139][   T29] audit: type=1326 audit(1761536474.851:5125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6959 comm="syz.2.1067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eaa38efc9 code=0x7ffc0000
[  106.235722][   T29] audit: type=1326 audit(1761536474.851:5126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6959 comm="syz.2.1067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0eaa38efc9 code=0x7ffc0000
[  106.259291][   T29] audit: type=1326 audit(1761536474.851:5127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6959 comm="syz.2.1067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eaa38efc9 code=0x7ffc0000
[  106.282768][   T29] audit: type=1326 audit(1761536474.851:5128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6959 comm="syz.2.1067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eaa38efc9 code=0x7ffc0000
[  106.580619][ T7009] loop1: detected capacity change from 0 to 512
[  106.589241][ T7009] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  106.607323][ T7009] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  106.631446][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.768680][ T7021] loop3: detected capacity change from 0 to 512
[  106.789382][ T7021] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.1090: Failed to acquire dquot type 1
[  106.801620][ T7021] EXT4-fs (loop3): 1 truncate cleaned up
[  106.807832][ T7021] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  106.820684][ T7021] ext4 filesystem being mounted at /214/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  106.890183][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.955649][ T7040] FAULT_INJECTION: forcing a failure.
[  106.955649][ T7040] name failslab, interval 1, probability 0, space 0, times 0
[  106.968409][ T7040] CPU: 1 UID: 0 PID: 7040 Comm: syz.3.1098 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  106.968443][ T7040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  106.968462][ T7040] Call Trace:
[  106.968469][ T7040]  <TASK>
[  106.968519][ T7040]  __dump_stack+0x1d/0x30
[  106.968541][ T7040]  dump_stack_lvl+0xe8/0x140
[  106.968561][ T7040]  dump_stack+0x15/0x1b
[  106.968578][ T7040]  should_fail_ex+0x265/0x280
[  106.968657][ T7040]  should_failslab+0x8c/0xb0
[  106.968688][ T7040]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[  106.968786][ T7040]  ? __alloc_skb+0x101/0x320
[  106.968816][ T7040]  __alloc_skb+0x101/0x320
[  106.968884][ T7040]  netlink_alloc_large_skb+0xbf/0xf0
[  106.968922][ T7040]  netlink_sendmsg+0x3cf/0x6b0
[  106.968944][ T7040]  ? __pfx_netlink_sendmsg+0x10/0x10
[  106.968962][ T7040]  __sock_sendmsg+0x145/0x180
[  106.968985][ T7040]  ____sys_sendmsg+0x31e/0x4e0
[  106.969063][ T7040]  ___sys_sendmsg+0x17b/0x1d0
[  106.969121][ T7040]  __x64_sys_sendmsg+0xd4/0x160
[  106.969240][ T7040]  x64_sys_call+0x191e/0x3000
[  106.969344][ T7040]  do_syscall_64+0xd2/0x200
[  106.969364][ T7040]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  106.969454][ T7040]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  106.969492][ T7040]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.969512][ T7040] RIP: 0033:0x7fbe89abefc9
[  106.969527][ T7040] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  106.969600][ T7040] RSP: 002b:00007fbe8851f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  106.969623][ T7040] RAX: ffffffffffffffda RBX: 00007fbe89d15fa0 RCX: 00007fbe89abefc9
[  106.969638][ T7040] RDX: 0000000000000000 RSI: 00002000000012c0 RDI: 0000000000000003
[  106.969650][ T7040] RBP: 00007fbe8851f090 R08: 0000000000000000 R09: 0000000000000000
[  106.969663][ T7040] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  106.969674][ T7040] R13: 00007fbe89d16038 R14: 00007fbe89d15fa0 R15: 00007ffd3ca90198
[  106.969692][ T7040]  </TASK>
[  107.243792][ T7045] netlink: 19 bytes leftover after parsing attributes in process `syz.5.1099'.
[  107.516778][ T7081] netlink: 19 bytes leftover after parsing attributes in process `syz.3.1113'.
[  107.563938][ T7058] sch_tbf: burst 2 is lower than device syzkaller0 mtu (1514) !
[  107.590707][ T7088] netlink: 'syz.0.1115': attribute type 39 has an invalid length.
[  107.599705][ T7087] lo speed is unknown, defaulting to 1000
[  107.683842][ T7090] lo speed is unknown, defaulting to 1000
[  107.730616][ T7083] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1115'.
[  107.872092][ T7084] loop5: detected capacity change from 0 to 32768
[  107.951335][ T7084]  loop5: p1 p2 p3 < p5 p6 >
[  107.957830][ T7084] loop5: p2 size 16775168 extends beyond EOD, truncated
[  107.968012][ T7084] loop5: p5 start 4294970168 is beyond EOD, truncated
[  108.401354][ T7113] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1124'.
[  108.455707][ T7113] veth3: entered allmulticast mode
[  108.490932][ T7120] ieee802154 phy0 wpan0: encryption failed: -22
[  108.576474][ T7129] ucma_write: process 605 (syz.3.1133) changed security contexts after opening file descriptor, this is not allowed.
[  108.683515][ T7133] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1134'.
[  108.740029][ T7141] netlink: 'syz.5.1137': attribute type 4 has an invalid length.
[  108.747893][ T7141] netlink: 17 bytes leftover after parsing attributes in process `syz.5.1137'.
[  108.830985][ T7157] loop1: detected capacity change from 0 to 164
[  108.848455][ T7157] syz.1.1145: attempt to access beyond end of device
[  108.848455][ T7157] loop1: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  108.893377][ T7157] syz.1.1145: attempt to access beyond end of device
[  108.893377][ T7157] loop1: rw=0, sector=263328, nr_sectors = 4 limit=164
[  109.003944][ T7177] loop1: detected capacity change from 0 to 764
[  109.016973][ T7177] loop1: detected capacity change from 0 to 512
[  109.027023][ T7177] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  109.512111][ T7200] lo speed is unknown, defaulting to 1000
[  109.614262][ T7209] FAULT_INJECTION: forcing a failure.
[  109.614262][ T7209] name failslab, interval 1, probability 0, space 0, times 0
[  109.626977][ T7209] CPU: 1 UID: 0 PID: 7209 Comm: syz.5.1162 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  109.627020][ T7209] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  109.627034][ T7209] Call Trace:
[  109.627041][ T7209]  <TASK>
[  109.627048][ T7209]  __dump_stack+0x1d/0x30
[  109.627077][ T7209]  dump_stack_lvl+0xe8/0x140
[  109.627099][ T7209]  dump_stack+0x15/0x1b
[  109.627121][ T7209]  should_fail_ex+0x265/0x280
[  109.627166][ T7209]  should_failslab+0x8c/0xb0
[  109.627203][ T7209]  __kmalloc_noprof+0xa5/0x570
[  109.627242][ T7209]  ? sock_kmalloc+0x85/0xc0
[  109.627266][ T7209]  sock_kmalloc+0x85/0xc0
[  109.627283][ T7209]  ipv6_renew_options+0x1fb/0x5f0
[  109.627378][ T7209]  ? _raw_spin_unlock_bh+0x36/0x40
[  109.627434][ T7209]  ipv6_set_opt_hdr+0x13b/0x620
[  109.627468][ T7209]  do_ipv6_setsockopt+0x10b9/0x2160
[  109.627556][ T7209]  ? kstrtoull+0x111/0x140
[  109.627589][ T7209]  ? avc_has_perm_noaudit+0x1b1/0x200
[  109.627671][ T7209]  ? selinux_netlbl_socket_setsockopt+0x1f9/0x2d0
[  109.627712][ T7209]  ipv6_setsockopt+0x59/0x130
[  109.627752][ T7209]  udpv6_setsockopt+0x99/0xb0
[  109.627856][ T7209]  sock_common_setsockopt+0x69/0x80
[  109.627885][ T7209]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  109.627915][ T7209]  __sys_setsockopt+0x184/0x200
[  109.627957][ T7209]  __x64_sys_setsockopt+0x64/0x80
[  109.628048][ T7209]  x64_sys_call+0x20ec/0x3000
[  109.628215][ T7209]  do_syscall_64+0xd2/0x200
[  109.628234][ T7209]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  109.628262][ T7209]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  109.628377][ T7209]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.628403][ T7209] RIP: 0033:0x7f566faaefc9
[  109.628422][ T7209] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  109.628444][ T7209] RSP: 002b:00007f566e517038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  109.628510][ T7209] RAX: ffffffffffffffda RBX: 00007f566fd05fa0 RCX: 00007f566faaefc9
[  109.628550][ T7209] RDX: 0000000000000039 RSI: 0000000000000029 RDI: 0000000000000004
[  109.628566][ T7209] RBP: 00007f566e517090 R08: 0000000000000000 R09: 0000000000000000
[  109.628581][ T7209] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  109.628596][ T7209] R13: 00007f566fd06038 R14: 00007f566fd05fa0 R15: 00007fff09918548
[  109.628619][ T7209]  </TASK>
[  109.957522][ T7219] netlink: 'syz.0.1168': attribute type 4 has an invalid length.
[  109.965336][ T7219] netlink: 17 bytes leftover after parsing attributes in process `syz.0.1168'.
[  109.979559][ T7217] loop1: detected capacity change from 0 to 512
[  110.058474][ T7217] EXT4-fs warning (device loop1): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  110.079745][ T7217] EXT4-fs (loop1): mount failed
[  110.174703][ T7241] loop3: detected capacity change from 0 to 1024
[  110.196143][ T7241] EXT4-fs: inline encryption not supported
[  110.207742][ T7241] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  110.249000][ T7241] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4193: comm syz.3.1175: Allocating blocks 497-513 which overlap fs metadata
[  110.267937][ T7241] EXT4-fs (loop3): Remounting filesystem read-only
[  110.296534][ T7240] EXT4-fs (loop3): pa ffff8881004b3150: logic 256, phys. 401, len 7
[  110.369686][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.462834][ T7248] lo speed is unknown, defaulting to 1000
[  110.761108][ T7255] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  110.768632][ T7255] batman_adv: batadv0: Removing interface: batadv_slave_0
[  110.778821][ T7255] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  110.786881][ T7255] batman_adv: batadv0: Removing interface: batadv_slave_1
[  110.814354][ T7258] loop1: detected capacity change from 0 to 164
[  110.838573][ T7258] syz.1.1179: attempt to access beyond end of device
[  110.838573][ T7258] loop1: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  110.856354][   T29] kauditd_printk_skb: 346 callbacks suppressed
[  110.856371][   T29] audit: type=1326 audit(1761536479.551:5472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7254 comm="syz.3.1178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe89abefc9 code=0x7ffc0000
[  110.873395][ T7258] syz.1.1179: attempt to access beyond end of device
[  110.873395][ T7258] loop1: rw=0, sector=263328, nr_sectors = 4 limit=164
[  110.914455][   T29] audit: type=1326 audit(1761536479.551:5473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7254 comm="syz.3.1178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=115 compat=0 ip=0x7fbe89abefc9 code=0x7ffc0000
[  110.938054][   T29] audit: type=1326 audit(1761536479.551:5474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7254 comm="syz.3.1178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe89abefc9 code=0x7ffc0000
[  110.961501][   T29] audit: type=1326 audit(1761536479.551:5475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7254 comm="syz.3.1178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fbe89abefc9 code=0x7ffc0000
[  110.984955][   T29] audit: type=1326 audit(1761536479.551:5476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7254 comm="syz.3.1178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe89abefc9 code=0x7ffc0000
[  111.008718][   T29] audit: type=1326 audit(1761536479.551:5477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7254 comm="syz.3.1178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fbe89abefc9 code=0x7ffc0000
[  111.059662][   T29] audit: type=1400 audit(1761536479.751:5478): avc:  denied  { create } for  pid=7261 comm="syz.1.1180" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  111.080410][ T7264] netlink: 19 bytes leftover after parsing attributes in process `syz.2.1181'.
[  111.163976][ T7269] netlink: 'syz.2.1183': attribute type 4 has an invalid length.
[  111.171874][ T7269] netlink: 17 bytes leftover after parsing attributes in process `syz.2.1183'.
[  111.399300][   T29] audit: type=1326 audit(1761536480.041:5479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7254 comm="syz.3.1178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe89abefc9 code=0x7ffc0000
[  111.422789][   T29] audit: type=1326 audit(1761536480.041:5480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7254 comm="syz.3.1178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe89abefc9 code=0x7ffc0000
[  111.853840][   T29] audit: type=1400 audit(1761536480.541:5481): avc:  denied  { bind } for  pid=7292 comm="syz.3.1189" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  112.028794][ T7295] loop5: detected capacity change from 0 to 1024
[  112.076890][ T7295] EXT4-fs: inline encryption not supported
[  112.226266][ T7295] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  112.283003][ T7295] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4193: comm syz.5.1190: Allocating blocks 497-513 which overlap fs metadata
[  112.309278][ T7295] EXT4-fs (loop5): Remounting filesystem read-only
[  112.321812][ T7310] loop1: detected capacity change from 0 to 512
[  112.339064][ T7310] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  112.339144][ T7294] EXT4-fs (loop5): pa ffff888106e70770: logic 256, phys. 401, len 7
[  112.352164][ T7310] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  112.367795][ T7310] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps block group descriptors
[  112.381116][ T7310] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (25715!=33349)
[  112.404102][ T7310] EXT4-fs error (device loop1): __ext4_fill_super:5512: inode #2: comm syz.1.1197: iget: special inode unallocated
[  112.422061][ T7297] wireguard0: entered promiscuous mode
[  112.427682][ T7297] wireguard0: entered allmulticast mode
[  112.430463][ T7310] EXT4-fs (loop1): get root inode failed
[  112.439032][ T7310] EXT4-fs (loop1): mount failed
[  112.447673][ T5129] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.455361][ T7315] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1545 sclass=netlink_route_socket pid=7315 comm=syz.3.1191
[  112.724861][ T7336] netlink: 19 bytes leftover after parsing attributes in process `syz.3.1205'.
[  113.018794][ T4917] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  113.026342][ T4917] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  113.033742][ T4917] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  113.041214][ T4917] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  113.049169][ T4917] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  113.056637][ T4917] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  113.064041][ T4917] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  113.071469][ T4917] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  113.078895][ T4917] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  113.086459][ T4917] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  113.194255][ T4917] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  113.212442][ T7358] batadv_slave_1: entered promiscuous mode
[  113.219455][ T7357] batadv_slave_1: left promiscuous mode
[  113.241232][ T7359] fido_id[7359]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  113.264996][ T7362] netlink: 19 bytes leftover after parsing attributes in process `syz.1.1215'.
[  113.278963][ T7365] loop3: detected capacity change from 0 to 164
[  113.295925][ T7365] syz.3.1214: attempt to access beyond end of device
[  113.295925][ T7365] loop3: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  113.312224][ T7365] syz.3.1214: attempt to access beyond end of device
[  113.312224][ T7365] loop3: rw=0, sector=263328, nr_sectors = 4 limit=164
[  113.452222][ T7383] loop3: detected capacity change from 0 to 1024
[  113.461535][ T7383] EXT4-fs: inline encryption not supported
[  113.489468][ T7383] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  113.510459][ T7383] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  113.525603][ T7383] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  113.607729][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.658074][ T7393] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1227'.
[  113.693998][ T7395] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1228'.
[  113.728785][ T7395] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  113.736268][ T7395] vhci_hcd: invalid port number 96
[  113.741422][ T7395] vhci_hcd: default hub control req: 0300 vfffa i0060 l0
[  113.839761][ T7397] IPv6: Can't replace route, no match found
[  113.867218][ T7400] netlink: 19 bytes leftover after parsing attributes in process `syz.3.1230'.
[  114.017491][ T7414] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1237'.
[  114.091991][ T7421] netlink: 'syz.3.1240': attribute type 4 has an invalid length.
[  114.099928][ T7421] netlink: 17 bytes leftover after parsing attributes in process `syz.3.1240'.
[  114.238734][ T7426] netlink: 830 bytes leftover after parsing attributes in process `syz.3.1243'.
[  114.369751][ T7455] netlink: 'syz.5.1254': attribute type 4 has an invalid length.
[  114.377593][ T7455] netlink: 17 bytes leftover after parsing attributes in process `syz.5.1254'.
[  114.431341][ T7460] .`: (slave dummy0): Releasing backup interface
[  114.440108][ T7460] batman_adv: batadv0: Adding interface: dummy0
[  114.440125][ T7460] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  114.440172][ T7460] batman_adv: batadv0: Not using interface dummy0 (retrying later): interface not active
[  114.568909][ T7463] netlink: 108 bytes leftover after parsing attributes in process `syz.3.1253'.
[  114.609851][ T7474] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1261'.
[  114.787064][ T7470] loop1: detected capacity change from 0 to 1024
[  114.788920][ T7484] tipc: New replicast peer: 255.255.255.255
[  114.800030][ T7484] tipc: Enabled bearer <udp:ree>, priority 10
[  114.893173][ T7470] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  115.089203][ T7470] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4193: comm syz.1.1260: Allocating blocks 449-513 which overlap fs metadata
[  115.137770][ T7469] EXT4-fs (loop1): pa ffff8881004b3230: logic 48, phys. 177, len 21
[  115.145857][ T7469] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[  115.205643][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.325788][ T7524] loop1: detected capacity change from 0 to 512
[  115.370376][ T7524] EXT4-fs warning (device loop1): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  115.391514][ T7524] EXT4-fs (loop1): mount failed
[  115.624025][ T7557] loop3: detected capacity change from 0 to 1024
[  115.643674][ T7557] EXT4-fs: inline encryption not supported
[  115.660535][ T7557] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  115.728701][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.803732][ T7567] lo speed is unknown, defaulting to 1000
[  115.913934][   T29] kauditd_printk_skb: 436 callbacks suppressed
[  115.913953][   T29] audit: type=1400 audit(1761536484.601:5917): avc:  denied  { read } for  pid=7572 comm="syz.1.1300" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  115.920374][ T7580] loop1: detected capacity change from 0 to 1024
[  115.939551][    T9] tipc: Node number set to 3401513341
[  115.950973][ T7580] EXT4-fs (loop1): couldn't mount as ext3 due to feature incompatibilities
[  115.987791][ T7574] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  115.996385][ T7574] vhci_hcd: invalid port number 253
[  116.049097][ T7583] loop3: detected capacity change from 0 to 512
[  116.088555][ T7583] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  116.123373][ T7583] ext4 filesystem being mounted at /271/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  116.219757][   T29] audit: type=1400 audit(1761536484.911:5918): avc:  denied  { getopt } for  pid=7594 comm="syz.1.1306" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  116.246538][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.248354][   T29] audit: type=1400 audit(1761536484.941:5919): avc:  denied  { connect } for  pid=7596 comm="syz.1.1307" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  116.387368][ T7609] tc_dump_action: action bad kind
[  116.422939][ T7613] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  116.437166][ T7613] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  116.491932][   T29] audit: type=1400 audit(1761536485.181:5920): avc:  denied  { connect } for  pid=7618 comm="syz.2.1317" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  116.583969][ T7628] netlink: 'syz.5.1321': attribute type 4 has an invalid length.
[  116.628758][ T7633] loop5: detected capacity change from 0 to 512
[  116.646616][ T7633] Quota error (device loop5): v2_read_file_info: Free block number 1 out of range (1, 6).
[  116.657019][ T7633] EXT4-fs warning (device loop5): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  116.672156][ T7633] EXT4-fs (loop5): mount failed
[  116.875674][   T29] audit: type=1400 audit(1761536485.571:5921): avc:  denied  { connect } for  pid=7649 comm="syz.5.1328" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  117.024605][ T7656] loop1: detected capacity change from 0 to 8192
[  117.128765][ T7662] loop5: detected capacity change from 0 to 1024
[  117.135929][ T7662] EXT4-fs (loop5): filesystem is read-only
[  117.144900][ T7662] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  117.164599][ T7662] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  117.175249][ T7662] EXT4-fs error (device loop5): ext4_get_journal_inode:5808: comm syz.5.1332: inode #1: comm syz.5.1332: iget: illegal inode #
[  117.189000][ T7662] EXT4-fs (loop5): no journal found
[  117.194234][ T7662] EXT4-fs (loop5): can't get journal size
[  117.200367][ T7662] EXT4-fs (loop5): failed to initialize system zone (-22)
[  117.207767][ T7662] EXT4-fs (loop5): mount failed
[  117.216784][ T7662] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  117.224215][ T7662] vhci_hcd: invalid port number 253
[  117.264665][   T29] audit: type=1326 audit(1761536485.951:5922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7664 comm="syz.1.1333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdbbb4efc9 code=0x7ffc0000
[  117.288281][   T29] audit: type=1326 audit(1761536485.951:5923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7664 comm="syz.1.1333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdbbb4efc9 code=0x7ffc0000
[  117.328526][   T29] audit: type=1326 audit(1761536485.991:5924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7664 comm="syz.1.1333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdbbb4efc9 code=0x7ffc0000
[  117.352024][   T29] audit: type=1326 audit(1761536485.991:5925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7664 comm="syz.1.1333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdbbb4efc9 code=0x7ffc0000
[  117.587553][ T5810] Bluetooth: hci0: Frame reassembly failed (-84)
[  117.827119][ T7698] sch_tbf: burst 2 is lower than device syzkaller0 mtu (1514) !
[  119.062284][ T7744] loop1: detected capacity change from 0 to 164
[  119.083344][ T7744] syz.1.1365: attempt to access beyond end of device
[  119.083344][ T7744] loop1: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  119.107546][ T7748] tipc: Started in network mode
[  119.112473][ T7748] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  119.121741][ T7748] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  119.124961][ T7744] syz.1.1365: attempt to access beyond end of device
[  119.124961][ T7744] loop1: rw=0, sector=263328, nr_sectors = 4 limit=164
[  119.130047][ T7748] tipc: Enabled bearer <udp:syz0>, priority 10
[  119.232891][ T7756] __nla_validate_parse: 27 callbacks suppressed
[  119.232912][ T7756] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1371'.
[  119.502262][ T7768] FAULT_INJECTION: forcing a failure.
[  119.502262][ T7768] name failslab, interval 1, probability 0, space 0, times 0
[  119.514994][ T7768] CPU: 1 UID: 0 PID: 7768 Comm: syz.1.1372 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  119.515030][ T7768] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  119.515043][ T7768] Call Trace:
[  119.515050][ T7768]  <TASK>
[  119.515059][ T7768]  __dump_stack+0x1d/0x30
[  119.515111][ T7768]  dump_stack_lvl+0xe8/0x140
[  119.515135][ T7768]  dump_stack+0x15/0x1b
[  119.515152][ T7768]  should_fail_ex+0x265/0x280
[  119.515178][ T7768]  should_failslab+0x8c/0xb0
[  119.515215][ T7768]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[  119.515319][ T7768]  ? dup_task_struct+0x70/0x6b0
[  119.515357][ T7768]  dup_task_struct+0x70/0x6b0
[  119.515457][ T7768]  ? _parse_integer+0x27/0x40
[  119.515492][ T7768]  copy_process+0x399/0x2000
[  119.515527][ T7768]  ? kstrtouint+0x76/0xc0
[  119.515575][ T7768]  ? kstrtouint_from_user+0x9f/0xf0
[  119.515594][ T7768]  ? __rcu_read_unlock+0x4f/0x70
[  119.515663][ T7768]  kernel_clone+0x16c/0x5c0
[  119.515691][ T7768]  ? vfs_write+0x7e8/0x960
[  119.515773][ T7768]  __x64_sys_clone+0xe6/0x120
[  119.515885][ T7768]  x64_sys_call+0x119c/0x3000
[  119.515907][ T7768]  do_syscall_64+0xd2/0x200
[  119.515925][ T7768]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  119.516067][ T7768]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  119.516108][ T7768]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  119.516145][ T7768] RIP: 0033:0x7efdbbb4efc9
[  119.516165][ T7768] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  119.516184][ T7768] RSP: 002b:00007efdba56cfe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  119.516207][ T7768] RAX: ffffffffffffffda RBX: 00007efdbbda6180 RCX: 00007efdbbb4efc9
[  119.516296][ T7768] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000400a1400
[  119.516313][ T7768] RBP: 00007efdba56d090 R08: 0000000000000000 R09: 0000000000000000
[  119.516325][ T7768] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[  119.516336][ T7768] R13: 00007efdbbda6218 R14: 00007efdbbda6180 R15: 00007ffdadb34428
[  119.516355][ T7768]  </TASK>
[  119.725343][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  119.761410][ T7770] lo speed is unknown, defaulting to 1000
[  120.077679][ T7780] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1379'.
[  120.107141][ T7782] loop3: detected capacity change from 0 to 164
[  120.135330][ T3401] tipc: Node number set to 1
[  120.157350][ T7782] ==================================================================
[  120.165487][ T7782] BUG: KCSAN: data-race in find_get_block_common / has_bh_in_lru
[  120.173346][ T7782] 
[  120.175804][ T7782] read-write to 0xffff888237d26fd0 of 8 bytes by task 7783 on cpu 1:
[  120.183885][ T7782]  find_get_block_common+0x4f0/0x960
[  120.189211][ T7782]  bdev_getblk+0x83/0x3b0
[  120.193672][ T7782]  __ext4_get_inode_loc+0x303/0x930
[  120.198908][ T7782]  ext4_reserve_inode_write+0xd7/0x250
[  120.204407][ T7782]  __ext4_mark_inode_dirty+0x8c/0x3f0
[  120.209831][ T7782]  ext4_dirty_inode+0x92/0xc0
[  120.214539][ T7782]  __mark_inode_dirty+0x162/0x750
[  120.219591][ T7782]  file_update_time+0x288/0x2b0
[  120.224469][ T7782]  ext4_page_mkwrite+0x18c/0xb90
[  120.229515][ T7782]  handle_mm_fault+0x15ce/0x2be0
[  120.234487][ T7782]  do_user_addr_fault+0x630/0x1080
[  120.239633][ T7782]  exc_page_fault+0x62/0xa0
[  120.244248][ T7782]  asm_exc_page_fault+0x26/0x30
[  120.249724][ T7782] 
[  120.252057][ T7782] read to 0xffff888237d26fd0 of 8 bytes by task 7782 on cpu 0:
[  120.259606][ T7782]  has_bh_in_lru+0x35/0x1f0
[  120.264130][ T7782]  smp_call_function_many_cond+0x2a9/0xc60
[  120.269952][ T7782]  on_each_cpu_cond_mask+0x3c/0x80
[  120.275087][ T7782]  invalidate_bh_lrus+0x2a/0x30
[  120.279969][ T7782]  set_blocksize+0x24f/0x310
[  120.284571][ T7782]  sb_set_blocksize+0x7a/0x100
[  120.289345][ T7782]  isofs_fill_super+0xa73/0x1270
[  120.294296][ T7782]  get_tree_bdev_flags+0x291/0x300
[  120.299517][ T7782]  get_tree_bdev+0x1f/0x30
[  120.303968][ T7782]  isofs_get_tree+0x1c/0x30
[  120.308495][ T7782]  vfs_get_tree+0x57/0x1d0
[  120.313032][ T7782]  do_new_mount+0x24d/0x660
[  120.317559][ T7782]  path_mount+0x4a5/0xb70
[  120.321900][ T7782]  __se_sys_mount+0x28c/0x2e0
[  120.326589][ T7782]  __x64_sys_mount+0x67/0x80
[  120.331196][ T7782]  x64_sys_call+0x2b51/0x3000
[  120.335891][ T7782]  do_syscall_64+0xd2/0x200
[  120.340417][ T7782]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.346339][ T7782] 
[  120.348671][ T7782] value changed: 0x0000000000000000 -> 0xffff888100468bc8
[  120.355780][ T7782] 
[  120.358111][ T7782] Reported by Kernel Concurrency Sanitizer on:
[  120.364277][ T7782] CPU: 0 UID: 0 PID: 7782 Comm: syz.3.1380 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  120.374012][ T7782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  120.384164][ T7782] ==================================================================
[  120.420868][ T7782] syz.3.1380: attempt to access beyond end of device
[  120.420868][ T7782] loop3: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  120.448603][ T7782] syz.3.1380: attempt to access beyond end of device
[  120.448603][ T7782] loop3: rw=0, sector=263328, nr_sectors = 4 limit=164
[  120.464021][ T7787] x_tables: duplicate underflow at hook 3