last executing test programs:

8m42.224164056s ago: executing program 2 (id=3114):
r0 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r0, 0x0, 0x0)
sendmsg$IPVS_CMD_GET_CONFIG(r0, &(0x7f0000000380)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000700)={0x94, 0x0, 0x400, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0x64, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_TUN_TYPE={0x5, 0xd, 0x1}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e22}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x230}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x10001}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x2}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e23}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e20}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0xee0}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x2}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0x2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e21}]}, @IPVS_CMD_ATTR_DEST={0x1c, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e20}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x40}, @IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e24}]}]}, 0x94}, 0x1, 0x0, 0x0, 0x20000001}, 0x8000)
r1 = socket$netlink(0x10, 0x3, 0xf)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000340)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xf, &(0x7f00000007c0)=ANY=[@ANYBLOB="180000000000010000000000010000a967e128d64400181100003bf7c113b75ad62277c5d20cc302c5ee02aff57818a03ba3451a000000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000085000000b7000000000000009500000000000000"], &(0x7f0000002140)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r3}, 0x10)
r4 = socket$netlink(0x10, 0x3, 0xf)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000540)=ANY=[@ANYBLOB="80000000", @ANYRES16=r5, @ANYBLOB="050000000000000000000f00000008000300", @ANYRES32=0x0, @ANYBLOB="0c009900040000005300000057000e0048"], 0x80}}, 0x0)
sendmsg$NL80211_CMD_NOTIFY_RADAR(r0, &(0x7f0000000640)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000600)={&(0x7f0000000880)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="101a27bd70ecfbdfdf258600000008009f00060000000800a000050000000800270002000000080022019303000008002600b4140000050019010b00000080d2939b87ee7ecbe7c2ccbb080071ac618f3e3ae87d2ab9e7e833cce704daaf68962c6f1bfd9e7331f933aa53b32b8fafc455db46c7c4b318fd5c723d8635b4d94fb354664a080e6cf12e693aab20f45e6f4ef216c2a5ef87d74f283b2d9f58557cb41144fa22ad28106f516d302e04ddf8a84f7472c2c6af73652d204571e4039e5a071629d9b3f54e78e3"], 0x5c}, 0x1, 0x0, 0x0, 0x4800}, 0x840)
bind$netlink(r4, &(0x7f0000000a40)={0x10, 0x0, 0x25dfdbfb, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r4, 0x10e, 0x4, &(0x7f00000003c0)=0x6, 0xdc)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4800000010001fff000000000100000000000000", @ANYRES32=0x0, @ANYBLOB="000000000000000028001280090001007665746800"], 0x48}}, 0x4040004)
sendmsg$IPCTNL_MSG_TIMEOUT_GET(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=ANY=[@ANYBLOB="140000000108050000000000d9466166c8245c8c21aba0"], 0x14}, 0x1, 0x0, 0x0, 0x20000050}, 0x14)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_mreq(r7, 0x29, 0x15, &(0x7f00000002c0)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, 0x14)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
shutdown(r8, 0x1)
setsockopt$inet6_tcp_TCP_MD5SIG(r8, 0x6, 0xe, &(0x7f0000000100)={@in6={{0xa, 0x4e20, 0x0, @loopback, 0x7}}, 0x0, 0x0, 0x47, 0x0, "09be2271b78506e6dd938d324c415acd403a4480fd1afa34432bcdfa64d957e93efafd27ad06a6f589bb643f167cf0fcd370239aaa93f6ded3c5032c96ead0cdc68474d402ab73e482db7ec1e0a57489"}, 0xd8)
bind$inet6(r8, &(0x7f0000000a00)={0xa, 0x4e20, 0x4, @loopback, 0x5}, 0x1c)
connect$inet6(r8, &(0x7f0000000000)={0xa, 0x4e20, 0xeffffff1, @empty, 0x2}, 0x1c)
connect$inet6(r8, &(0x7f00000000c0)={0xa, 0x4e20, 0x8, @empty, 0x5}, 0x1c)
connect$inet6(r8, &(0x7f0000000200)={0xa, 0x4e22, 0x5, @loopback, 0x7ff}, 0x1c)
timer_create(0x2, &(0x7f0000000200)={0x0, 0x21, 0x2, @thr={&(0x7f00000003c0)="8c96af057356d0995f2bfe7d7707282fcbd9a73fa73f5afff6fa00f1166eaf0866d11ef434bb8307347160a63c2fba3348a2fdf0a010e0d95f05271a063078164e96", &(0x7f0000000440)="66ad7d956059a9e2e78b1a2ff8d49f5bea1644716d9e9815742c032687bc530983ff84c844e64e1fa9c560ca63364d0b0528b953abb90d2f353f3d7e444f3e9804159713fd2aefdf6992aff4b4a96733a373438cacb114f1f31021ec14da06f906ee7a6ce537e3218e3aa1134f5223a7c9b953b2a94e5f3911a260b0365f7449c42ea20fbf69ee5c98192723b844db9fda2bc2a9026d8973304edec9a1849e39d597717aeefe4641"}}, &(0x7f0000000300)=<r9=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r9, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)

8m42.207912406s ago: executing program 2 (id=3116):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB='\v\x00\x00\x00\b\x00\x00\x00\f'], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x2}, 0x18)
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./bus\x00', 0x2000414, &(0x7f0000000300)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000", @ANYRESOCT, @ANYRES32, @ANYRESHEX, @ANYRESDEC], 0x1, 0x2b8, &(0x7f0000000f80)="$eJzs3NFLU38Yx/Hn5/y5OdEtiKCgeqibuhm6/oAaoRANCnNSXQTHPKux0ybnDGMRuZvotr9DuuwuqP4Bb6Kb7ruTIOjGi+gbnrPpmU6durml7xfIeXae74fzdZvybLCt3n/7rJj3UnmrIgMxlQGRmqyJJNeruv/qxwG/HpKwmlwd+fXt/L0HD29nstnJadWpzMy1tKqOXfz4/OW7S58rI7Pvxz5EZSX5aPVn+vvK0MrZ1T8zTwueFjwtlStq6Vy5XLHmHFvnC14xpXrXsS3P1kLJs92mft4pLyxU1SrNj8YXXNvz1CpVtWhXtVLWiltV64lVKGkqldLRuJxsg22syS1PT1uZHdsm0tEdoeuGW5103UytdTO3fAR7AgAAfWb3+T+Y9Xee/7OzwXE/8/+Zved/Eeb/Lqk13dpj/sex4LoZK17/+23G/A8AAAAAAAAAAAAAAAAAAAAAwL9gzZiEMSaxfqyf8m9HRSQmIqbe7/E20SXhx9+EfvZ4/K/3aLvosNAH92IizpvF3GIuOAb9TF4K4ogt45KQ3/7zoS6op25lJ8fVl5RPzlI9v7SYi0i0kW9ItspfODUR5LU5/7/Ew9dPS0JOt75+umV+SK5cDuVTkpAvj6Usjsz7z+vN/KsJ1Zt3slvyw/46AAAAAACOg5Ru2Pb63e/7C2KyvR/kQ+8PGGOWdnt/YMvr60E5185XVAIAAAAAgEPzqi+KluPY7gGKqIgcIt75whiR3m8jIv1xbzQXN0SkD7ZxVEVMRIIzepD4j414WynTxppBEen53bKPotf/mQAAAAB02ubQv4/Q19dd3BEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACdPu98H1li/rdVo7BIPXS5y5L8gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Ef+BgAA//+4IRyf")
creat(&(0x7f0000000d80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x120)

8m41.983024378s ago: executing program 2 (id=3118):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0xc806, &(0x7f0000000180)={0x2, 0x4e21, @multicast1}, 0x10)
sendto$inet(r0, &(0x7f0000000100)='J', 0xfdbe, 0x4004084, 0x0, 0x11000a00)

8m41.946956609s ago: executing program 2 (id=3119):
bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f00000017c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff7a1ef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40dddb51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88370d9ed9467b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42553ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca000000000000000000000509619f5f0cbc72eebc653946d3552236f0dfe485cfa71bd69f4ded6e131128c3875b785875addfcbd5931c12adbef75535e694f3a19f28f9f99fa32e8ff66e7b1ff674434fb63ba0e28aadccf77d387525c98e81476058c958eaccfa7d251d0671222dc9d06485f7f690d3d4227bd21bd7ff8338617705b7faec47c86789a488b43d0fedf1b0ee05d65c677ced1e8214b2f6cb74d73886eb"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e}, 0x48)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x206060, 0x42)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000280)="d8000000190081044e81f782db4cb904021d0800fd007c05e8fe55a108001e000140020304000e4190000900ac00060211000000160012000a0002000d48035c3b61c1d67f01282e8d614230a68000a007a290457f01a7cee4090000001fb791643a5ee4e11b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5ae24e25ccca9e00360db79826835d3a71d95667e006dcdf63951f2155e3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9000000008af2f28fcb1dc7a2cfe8ee732717c6ef", 0xd8}], 0x1}, 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x3000046, &(0x7f0000000bc0)={[{@dioread_nolock}, {@data_err_abort}, {@inlinecrypt}, {@noauto_da_alloc}, {@data_err_ignore}, {@nojournal_checksum}, {@errors_remount}, {@grpquota}, {@noblock_validity}, {@user_xattr}, {@nombcache}, {@errors_remount}]}, 0x11, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000240), 0x80080, 0x0)
read$rfkill(r2, &(0x7f0000000040), 0x8)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x143142, 0x40)
pwritev2(r4, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5405, 0x0, 0x0)
ioctl$EXT4_IOC_GET_ES_CACHE(r4, 0xc020662a, &(0x7f0000000380)={0x3fffffffbfb, 0x5, 0x5, 0x7f})
fcntl$setlease(r0, 0x400, 0x0)
sendmsg$key(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)={0x2, 0x16, 0x1a, 0x9, 0x3, 0x0, 0x70bd27, 0x25dfdbfe, [@sadb_x_nat_t_port={0x1, 0x15, 0x4e24}]}, 0x18}}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1070}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
socket$packet(0x11, 0x3, 0x300)
syz_emit_ethernet(0x3e, &(0x7f0000000340)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @multicast, @void, {@ipv6={0x86dd, @udp={0xa, 0x6, '\x00', 0x8, 0x11, 0x0, @local, @mcast2, {[], {0x4e1d, 0x4e20, 0x8}}}}}}, 0x0)
r6 = syz_clone(0x5800400, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
ptrace(0x10, r6)

8m41.089223624s ago: executing program 2 (id=3145):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000a80)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xfff2}, {0xffff, 0xffff}, {0x7, 0xfff1}}}, 0x24}}, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup/cgroup.procs\x00', 0xa000, 0xce)
close(r2)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket$key(0xf, 0x3, 0x2)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYRES32=r5, @ANYBLOB="1a73ca6b20134074003908107f87e6e23e3c29f0f3e1de44ac589a1243f038a108dc4d53b8767d5c3b0d74fc7ee4561cefab66d786d920b5ca65c272f39692b9b0bab3ab26d20e87c2899d97c785d1649f5244567d99cc6728be298f199a0f66ea154f91b3fefa302e987644ee2d597b8e00319ad7f5", @ANYRES64=r4, @ANYRESHEX=r1, @ANYRES32=r1, @ANYRES16=r3], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
sendmsg$key(r4, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000100)={0x2, 0x3, 0x0, 0x3, 0xf, 0x0, 0x70bd2c, 0x25dfdbfb, [@sadb_key={0x3, 0x9, 0x80, 0x0, "1cdc0dca1d9f68846960e56de42944af"}, @sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x4e22, @remote}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x7, 0xc, 0x1}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}}, @sadb_x_sa2={0x2, 0x13, 0x3, 0x0, 0x0, 0x70bd28, 0x3503}]}, 0x78}, 0x1, 0x7}, 0x0)
r7 = socket$kcm(0x2, 0x200000000000001, 0x106)
setsockopt$sock_attach_bpf(r7, 0x0, 0x8, 0x0, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)

8m40.643803748s ago: executing program 2 (id=3149):
syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000000280)='./file0\x00', 0x4, &(0x7f00000000c0)={[{@dots}, {@fat=@nfs}, {@dots}, {@fat=@dmask={'dmask', 0x3d, 0x3}}, {@fat=@uid}]}, 0x1, 0x22d, &(0x7f0000000300)="$eJzs3b2KE1EYBuDP3exu2MatxWLAxiqodzDICuKAEJlCKwdWm10RZpvRKpfhNXhJXsZW6UbMhPwZbTQes/M8EOaFl8B3mpwU5yRv73+4vPh4/b799iWGwywGEZOYRpzFQRxG5878eTDLx7FqEgDAvhmPqzz1DOxWXefVUUSc/NSUX5MMBAAAAAAAAAAAwB9z/h8A+sf5/9uvrvPqdP79bZ3z/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEA607a92/7mlXo+AODvs/8DQP/Y/wGgf+z/ANA/r16/eZEXxfk4y4YRN5OmbMru2fXPnhfnj7KZs+W7bpqmPFz0j7s+W++P4nTeP9naH8fDB13/o3v6stjoT+Ji98sHAAAAAAAAAAAAAAAAAACA/8IoW9h6v380+lXfpZXfB9i4vz+Ie4N/tgwAAAAAAAAAAAAAAAAAAADYa9efPl9WV1fvakEQhEVI/ckEAAAAAAAAAAAAAAAAAAD9s7z0m3oSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEhn+f//uwup1wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0w/cAAAD//wu+k9A=")

8m40.622882688s ago: executing program 32 (id=3149):
syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000000280)='./file0\x00', 0x4, &(0x7f00000000c0)={[{@dots}, {@fat=@nfs}, {@dots}, {@fat=@dmask={'dmask', 0x3d, 0x3}}, {@fat=@uid}]}, 0x1, 0x22d, &(0x7f0000000300)="$eJzs3b2KE1EYBuDP3exu2MatxWLAxiqodzDICuKAEJlCKwdWm10RZpvRKpfhNXhJXsZW6UbMhPwZbTQes/M8EOaFl8B3mpwU5yRv73+4vPh4/b799iWGwywGEZOYRpzFQRxG5878eTDLx7FqEgDAvhmPqzz1DOxWXefVUUSc/NSUX5MMBAAAAAAAAAAAwB9z/h8A+sf5/9uvrvPqdP79bZ3z/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEA607a92/7mlXo+AODvs/8DQP/Y/wGgf+z/ANA/r16/eZEXxfk4y4YRN5OmbMru2fXPnhfnj7KZs+W7bpqmPFz0j7s+W++P4nTeP9naH8fDB13/o3v6stjoT+Ji98sHAAAAAAAAAAAAAAAAAACA/8IoW9h6v380+lXfpZXfB9i4vz+Ie4N/tgwAAAAAAAAAAAAAAAAAAADYa9efPl9WV1fvakEQhEVI/ckEAAAAAAAAAAAAAAAAAAD9s7z0m3oSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEhn+f//uwup1wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0w/cAAAD//wu+k9A=")

2.392695924s ago: executing program 1 (id=13031):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000160000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_VIF(r1, 0x0, 0xca, &(0x7f0000003d80)={0x0, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r2, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000340)={'syz_tun\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@getchain={0x24, 0x11, 0x1, 0x2000000, 0x0, {0x0, 0x0, 0x0, r5, {}, {}, {0xfff3}}}, 0x24}}, 0x0)

2.302833735s ago: executing program 1 (id=13032):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000140))
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x1900000000000000, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r1}, &(0x7f0000bbdffc))
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, 0x0, 0x4804)
r3 = socket$netlink(0x10, 0x3, 0x10)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r3, 0x10e, 0x4, &(0x7f0000000640)=0x1802, 0x4)
setxattr$system_posix_acl(&(0x7f0000000080)='./file0\x00', &(0x7f00000001c0)='system.posix_acl_default\x00', &(0x7f0000000cc0)={{}, {0x1, 0xb}, [{0x2, 0x2}, {0x2, 0x3}, {}, {0x2, 0x3}, {0x2, 0x2}, {0x2, 0x2}, {0x2, 0x4}, {0x2, 0x4}, {}], {0x4, 0x4}, [{0x8, 0x7}, {}, {}, {0x8, 0x2}, {0x8, 0x6}, {0x8, 0x2}, {0x8, 0x6}, {0x8, 0x1}], {0x10, 0x5}, {0x20, 0x2}}, 0xac, 0x1)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000380)="2e00000010008188e6b62aa73772cc9f1ba1f848110000005e140602000000000e000a001000000002", 0x29}], 0x1}, 0x40)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x2})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000040)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0x2}, 0x64)
r4 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0xb, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, @perf_config_ext={0x1f5a685a}, 0x4dc8, 0x10000, 0xfffffffc, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r5 = syz_io_uring_setup(0xbdc, &(0x7f0000000240)={0x0, 0x6862, 0x8, 0x0, 0x1c0}, &(0x7f00000002c0)=<r6=>0x0, &(0x7f0000000300)=<r7=>0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x6000, @fd=r4, 0x0, 0x0})
io_uring_enter(r5, 0x847ba, 0x0, 0xe, 0x0, 0x0)

1.903280747s ago: executing program 4 (id=13039):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x3}, 0x18)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r2, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18)

1.860124688s ago: executing program 4 (id=13040):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000bc0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0xbd, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r1}, 0x10)
pipe2$9p(&(0x7f0000001900)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = dup(r3)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@version_9p2000}], [], 0x6b}})

1.756469618s ago: executing program 4 (id=13043):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000040000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
rmdir(&(0x7f0000000c80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000940)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0)
write$selinux_attr(r2, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)

1.694601249s ago: executing program 4 (id=13045):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000007e40)=[{{&(0x7f0000000340)={0xa, 0x4e20, 0x0, @dev}, 0x18, 0x0}}], 0x6c00, 0x48)
sendto$inet6(r0, 0x0, 0x0, 0x44, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x19}}, 0xffffff69}, 0x1c)
r1 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r1, 0x0, 0x27, &(0x7f0000000280)={@multicast2, @local, @remote}, 0xc)
setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f00000000c0)=ANY=[@ANYBLOB="e0000002ac1414aa00"], 0x1c)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000800)={0x3, 0xc, &(0x7f0000000980)=ANY=[@ANYRESOCT=r0, @ANYRESHEX=r2, @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000"], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
r4 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
close(r4)
setsockopt$MRT_INIT(r1, 0x0, 0xc8, &(0x7f00000001c0), 0x4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020732600000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000180)='kfree\x00', r5, 0x0, 0x2}, 0x18)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x1f, 0x14, &(0x7f00000003c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0xfffdfffd}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r7}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}}, @printk={@ld, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0xb0}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2000}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r6, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xfffffffffffffdd0, 0x0, 0x41000}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000100)='kmem_cache_free\x00', r9, 0x0, 0x1}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x80, &(0x7f0000000000)={[{@errors_remount}]}, 0x1, 0x4dd, &(0x7f0000000240)="$eJzs3VFrHFsdAPD/TLL3pm2um4si14K3xUbSot1NGtsGkVpB9Kmg1vcYk00I2WRDdlObUDTFDyCIqOCTT74IfgBB+hFEKOi7aFFEW33wQTuysxPbtLtJJGnWu/n94HTOmTM7/3Om2bM7O4eZAE6tixFxOyKGIuJKRJSL9WmRZovU3u7Z0wfz7ZRElt39axJJsW53X+3ycESci4idiBiJiK99OeKbyetxm1vbK3P1em2jKFdbq+vV5tb21eXVuaXaUm1tenrqxszNmeszk1nhSP08HxG3vvjkh9/72Zdu/erT3/r97J8vf7vdrM99tNPuiJg/UoAeOvsu5cdiV/sYbbyJYH0wVPSn1O+GAABwKOMRcSkiPpF//y/HUP5tDgAAABgk2edH419JRAYAAAAMrDQiRiNJK8V839FI00qlM4f3I3E2rTearU8tNjbXFtp1EWNRSheX67XJYq7wWJSSdnkqz78oX3ulPB0R70bED8pn8nJlvlFf6PePHwAAAHBKnLuw9/z/H+U0zwMAAAADZqxnAQAAABgUTvkBAABg8Dn/BwAAgIH2lTt32inbfY73wr2tzZXGvasLteZKZXVzvjLf2FivLDUaS/k9+1YP2l+90Vj/TKxt3q+2as1Wtbm1Pbva2FxrzS7veQQ2AAAAcILevfDod0lE7Hz2TJ6iuA8gwB5/7HcDgOM01O8GAH0z3O8GAH1TOnALIwQMuuSA+p6Td359/G0BAADejImPvX79/62i7uDfBoAPMnN9AOD0cXUPTq+SGYBw6o13Fm/3qj/69f8s+58bBQAAHKvRPCVppbgWOBppWqlEvJM/FqCULC7Xa5MR8aGI+G259Ha7PJW/MjlwzjAAAAAAAAAAAAAAAAAAAAAAAAAA0JFlSWQAAADAQItI/5Tkd/OPmCiPj776+8BbyT/L8aQo/OTuj+7PtVobU+31fyvn9RHR+nGx/lrmkQAAAADwf6Bznl4sp/rdGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGzbOnD+Z300nG/csXImKsW/zhGMmXI1GKiLN/T2L4pdclETF0DPF3HkbEe93iJ/E8y7KxohXd4p95w/HH8kPTPX4aEeeOIT6cZo/a48/tbu+/NC7my+7vv+EiHVXv8S/97/g31GP8eeeQMc4//kW1Z/yHEeeHu48/u/GTHvEvHTL+N76+vd2rLvtpxETXz59kT6xqa3W92tzavrq8OrdUW6qtTU9P3Zi5OXN9ZrK6uFyvFf92jfH9j//y+X79P9sj/tgB/R8/ZP///fj+0w93sqVu8S9f6v75+16P+Gnx2ffJIt+un9jN73TyL3v/5795f7/+L/To/0H//5cP2f8rX/3uHw65KQBwAppb2ytz9XptY5/MyCG2kZE5Sib7Tufv8Wj7OeLLX8tk/T4sfcz0e2QCAACO24sv/f1uCQAAAAAAAAAAAAAAAAAAAJxeJ3E7sVdj7vSnqwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+/pPAAAA//+e1d5O")
syz_clone(0xe50c1700, 0x0, 0x0, 0x0, 0x0, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x3000008, 0x0, 0x71efaedd92f16327)

1.294307171s ago: executing program 4 (id=13050):
r0 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300"], &(0x7f0000000540)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0x9}, 0x18)
writev(r0, &(0x7f0000000040)=[{&(0x7f0000000240)='4', 0x1}], 0x1)

1.226508232s ago: executing program 4 (id=13052):
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0xc, &(0x7f0000000040)=@assoc_value={<r0=>0x0}, &(0x7f0000000000)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000140)={r0, 0xfb4}, 0x8)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r1 = getpid()
r2 = syz_pidfd_open(r1, 0x0)
ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(r2, 0x4018f50b, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0xc0100, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000080)='kfree\x00', r4}, 0x18)
r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="140100002900010000000000fcdbdf250301f2800c001c000bac0f00000000001400050000000000000000000000ffff7f00000150bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c808004500ac1414bb008ff6c7ceb20989cf7012879d834d615c00270767239d067b197678c60ec0bbf9b5ea23c51fe2e06d657cb535325ebaecae2f435734d53e43af5234199a718bcc0b75cb5205db65bc4907a3a45abd6c5348e15545c24e24fa1475570e72fe61b6abb82c9b0ea64e526ca2c38b1b88ce7726aac7f5a8611f51869e00059e3bc734692b2bd2aa2fea80ff865ef41e21729e192cdb793c9295cb8bbde418524334b6d611b73ec02e2ad303eb4d81c4c524d2f60586af33ec6294d9045b90ce4052b763b80fd2a2424b3f4ad485cef311f234277dcec0401bbaaad2d782fc5e0a0e7e4a"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000080)=0xf)
r6 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
r7 = syz_clone(0x8d002240, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r7)
ptrace$pokeuser(0x6, r7, 0x358, 0xffff888237c16e50)
capget(&(0x7f00000003c0)={0x19980330, r7}, &(0x7f0000000400)={0xe, 0x1ff, 0x7fff, 0x0, 0x4, 0x6})
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r8}, 0x18)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x8, 0x40008, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x9, 0x6}, 0x0, 0x0, 0x800000, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r9 = socket(0x10, 0x3, 0x9)
sendmsg$NFT_BATCH(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={{0x14, 0x3ea, 0x1, 0x0, 0x0, {0xa}}, [], {0x14, 0x11, 0x1, 0x0, 0x0, {0x2}}}, 0x28}}, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000040)='system_u:object_r:dhcp_state_t:s0\x00', 0x1e, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7030000e2000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000300)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
ioctl$TCFLSH(r3, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r3, 0x5437, 0x2000000)

1.096538383s ago: executing program 5 (id=13055):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000040000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
rmdir(&(0x7f0000000c80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r2 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0)
write$selinux_attr(r2, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)

1.072883692s ago: executing program 5 (id=13056):
socket$netlink(0x10, 0x3, 0x8000000004)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000080000000800000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/22], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000000), &(0x7f0000000180)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
creat(&(0x7f00000000c0)='./bus\x00', 0x1a2)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file2\x00', 0xa4c42, 0x108)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000340)='kfree\x00', r3, 0x0, 0xfffffffffffffffd}, 0x18)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'veth0_vlan\x00', <r5=>0x0})
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYRES16], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x1b, '\x00', 0x0, 0x2}, 0xffffffffffffffae)
syz_emit_ethernet(0x5e, &(0x7f0000000600)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaabaaa86dd60b804230028000000000000000000000000000000000000fe8000000000000000000000000000aa00040000000000000718000000010403090003000000000000000008000000000000010005020000a764bdb27f8a2c01658bd05d921816a1d1456163c205e0a0ac9695cc9a621b0a28f80b12d2ba17c8286f744c413b75eb480e29d1306e7dd9b10ea389dd4496b7aa7207cf370a482b0ddd6243230f289c578b6fe3e06dc27773bfd8121576c10600bd81aa283ec87476179e334d52864efcd4ffe2ecc1a4bfd41df9e89510568b07012b95638ecd5f4c47780690b61403f0d02688956b9c4f43305cff3617ecb7f44112cb929400"/272], 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
r8 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x3, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r8, 0x0, 0x9}, 0x18)
write$selinux_load(0xffffffffffffffff, &(0x7f0000000280)=ANY=[@ANYBLOB="8cff7cf9080000005345204c"], 0x65)
r9 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={0x38, 0x1403, 0x1, 0x70bd26, 0x25dfdbff, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'veth0_to_bridge\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x20000010)
r10 = socket(0x40000000015, 0x805, 0x0)
getsockopt(r10, 0x114, 0x5, 0x0, &(0x7f00000000c0))
getsockopt$bt_l2cap_L2CAP_LM(r10, 0x6, 0x3, &(0x7f0000000040), &(0x7f00000000c0)=0x4)
sendmsg$nl_route_sched(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0x3, 0x6}, {0x0, 0x1}}}, 0x24}, 0x1, 0x0, 0x0, 0x48080}, 0x0)

1.046988323s ago: executing program 3 (id=13057):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0}, 0x18)
creat(&(0x7f0000000040)='./file0\x00', 0x340)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000400)={[{@nolazytime}]}, 0x2, 0x522, &(0x7f00000006c0)="$eJzs3U9sI1cZAPBvJsnau02bLfQAqNClFBa0WjvxtlHVC+VUIVQJ0SOHbUicKIodR7FTmrCH7JE7EpU4wYkzByQOSD1xR+IANy7lgFRgBWqQkHDlsZ11/ji2sondjX8/aeQ38zz+3tvRvGd93swLYGLdioj9iLgWEe9GxFzneNLZ4s321nrfJ48eLB88erCcRLP5zj+TrL51LHrOaXmm85n5iPjBWxE/So4F/VNEfXdvY6lSKW93DhUb1a1ifXfv7np1aa28Vt4slRYXFudfv/da6cL6+lL1Nx9fj4jf/+7LH/1x/1s/aTVrtlPX24+L1O76zGGclumI+N5lBBuDqU5/rp3n5HOdxEVKI+JzEfFydv/PxVR2NY86epm+PcLWAQCXodmci+Zc7z4AcNWlWQ4sSQudXMBspGmh0M7hvRA30kqt3rizWtvZXGnnym7GTLq6XinPd3KFN2MmWV2fLi9k5e5+pVxKju7fi4jnI+JnuevZfmG5VlkZ5xcfAJhgzxyb//+Ta8//AMAVl39czI2zHQDA6OTH3QAAYOTM/wAwecz/ADB5zP8AMHnM/wAwecz/ADBRvv/2262tedB5/vXKe7s7G7X37q6U6xuF6s5yYbm2vVVYq9XWsmf2VAd9XqVW21p4NXbeLzbK9Uaxvrt3v1rb2Wzcz57rfb88M5JeAQBnef6lD/+SRMT+G9ezLXqe9z9wrn7xslsHXKZ03A0AxmZq3A0Axubkal/ApJCPh8n1/2azGT1r90bEw8NSz8NA+/4XoQ+GCpNaNxQ+e25/8Qny/8BTTf4fJtf58v++y8NVIP8Pk6vZTKz5DwATRo4fSAbU9/7+P9/s2Rnu938AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4kmazLUkLnbXAZyNNC4WIZyPiZswkq+uV8nxEPBcRf87N5Fr7CxFh3SAAeJqlf08663/dnntl9njttdx/c9lrRPz4F+/8/P2lRmN7IeJa8q/D440POsdL42g/ADBId57uzuNdnzx6sNzdRtmej7/TXly0Ffegs7VrpmM6e81nuYYb/046+22t7ytTFxB//2FEfOG0/idZbuRmZ+XT4/FbsZ8dafz0SPw0q2u/tv4tPn8BbYFJ82Fr/HnztPsvjVvZ6+n3fz4boZ5cd/w7ODH+pYfj31Sf8e/WsDFe/cN3TxxszrXrHkZ8aTrioPvhPeNPN37SJ/4rQ8b/64tfeblfXfOXEbfjtP4nR2IVG9WtYn137+56dWmtvFbeLJUWFxbnX7/3WqmY5aiL3Uz1Sf94485z/eK3+n+jT/z8gP5/fcj+/+p/7/7wq2fE/+bXTr/+L5wRvzUnfmPI+Es3fpvvV9eKv9Kn/4Ou/50h43/0t72VEwcHLTgOAFya+u7exlKlUt5+8kL+zPekFxFiiEISsX/JIR4Xcr/+6VuD35wbWXvOWYh+VVOflRZemULuHGflL/Y+HbIw7pEJuGyPb/pxtwQAAAAAAAAAAAAAAOhnFH9ONO4+AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHV9GgAA///+udUz")
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r2, &(0x7f00000000c0)=ANY=[], 0xff2e)
r3 = syz_open_procfs$pagemap(0x0, &(0x7f0000001080))
madvise(&(0x7f0000cf6000/0x4000)=nil, 0x4000, 0x16)
ioctl$PAGEMAP_SCAN(r3, 0xc0606610, &(0x7f0000000140)={0x60, 0x0, &(0x7f0000001000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x0, &(0x7f00000000c0)=[{0x800000000}, {0x0, 0x0, 0x4}], 0x2, 0x100000c01, 0x38, 0x0, 0x42, 0x6e})
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
sendmsg$IPCTNL_MSG_CT_DELETE(r4, &(0x7f0000001a00)={0x0, 0x0, &(0x7f00000019c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="2000000002010300000094d10000000000009e060c00198007", @ANYRES32], 0x20}, 0x1, 0x0, 0x0, 0x40010}, 0x20004810)
add_key$keyring(&(0x7f0000000000), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5, 0x0, 0x1}, 0x18)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000004c0)={0x0, 0x3c}, 0x1, 0x0, 0x0, 0x20009005}, 0x40040c0)
timer_create(0x0, 0x0, &(0x7f0000000100)=<r6=>0x0)
timer_settime(r6, 0x1, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="74010000170001000000000000000000fc0000000000000000000000000000000000000000000000fe8000000000000000000000000000bbfc000000000000000000000000000000200100000000000000000000000000014e210000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ff010000000000000000000000000001ffffffff0000000000000000000000000000ffff000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="00000000000000000000000000000000260e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008001f0002000000440005"], 0x174}}, 0x0)

985.798613ms ago: executing program 5 (id=13058):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB='\v\x00\x00\x00\b\x00\x00\x00\f'], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x3}, 0x18)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r2, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18)

949.672763ms ago: executing program 0 (id=13059):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0}, &(0x7f0000000180), &(0x7f00000001c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
ioctl$AUTOFS_IOC_FAIL(0xffffffffffffffff, 0x4c80, 0x7000000)
stat(&(0x7f0000000740)='./file0\x00', &(0x7f00000007c0))

908.113064ms ago: executing program 5 (id=13060):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x7fff}, 0x18)
syz_emit_ethernet(0x12, &(0x7f0000000000)=ANY=[@ANYBLOB="910418166421b54fa0aaaa050004424203"], 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x5, 0xb68, 0xffffffffffffff62, &(0x7f0000000000)="ff", 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe}, 0x48)

907.598594ms ago: executing program 5 (id=13061):
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x1)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2b}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x64}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, 0x0, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000012c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b00010062726964676500001800028005001900840000000c001e"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x4008050)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x2d)
io_setup(0x8, &(0x7f0000002740)=<r4=>0x0)
io_pgetevents(r4, 0x2, 0x2, &(0x7f0000000000)=[{}, {}], &(0x7f0000000080)={0x0, 0x989680}, 0x0)
r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@ipv4_newrule={0x24, 0x20, 0x1, 0x70bd2d, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, [@FRA_GENERIC_POLICY=@FRA_L3MDEV={0x5, 0x13, 0x40}]}, 0x24}}, 0x0)
socket$kcm(0x2, 0x2, 0x0)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), r5)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRESDEC=r7, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$BLKTRACETEARDOWN(r5, 0x1276, 0x0)

876.603904ms ago: executing program 0 (id=13062):
r0 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300"], &(0x7f0000000540)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0x9}, 0x18)
writev(r0, &(0x7f0000000040)=[{&(0x7f0000000240)='4', 0x1}], 0x1)

833.056114ms ago: executing program 0 (id=13063):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000080000000800000000", @ANYBLOB, @ANYRES32=0x0, @ANYRES32], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000000), &(0x7f0000000180)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file2\x00', 0xa4c42, 0x108)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000340)='kfree\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffd}, 0x18)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYRES16], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x1b, '\x00', 0x0, 0x2}, 0xffffffffffffffae)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
r3 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
writev(r3, &(0x7f00000025c0)=[{&(0x7f0000000240)='4', 0x1}], 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32], 0x0, 0x3, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={0x38, 0x1403, 0x1, 0x70bd26, 0x25dfdbff, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'veth0_to_bridge\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x20000010)
r4 = socket(0x40000000015, 0x805, 0x0)
getsockopt(r4, 0x114, 0x5, 0x0, &(0x7f00000000c0))

787.674794ms ago: executing program 0 (id=13064):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x3f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000240), r1)
sendmsg$IEEE802154_LIST_PHY(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)={0x14, r2, 0x30b, 0x70bd27, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4851}, 0x20000004)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="840000000002010400000000000000000a00000004000180300003802c00018014000300fc00000000000000000000100000000014004400fe800000001f610000000000000000bb3c0002800c00028005000100000000002c00018014000300fc02000000000000000000000000000014"], 0x84}}, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$NFT_MSG_GETCHAIN(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="48010000040a0500000000000000000002000008680004801400030076657468315f6d6163767461700000000800014000000000140003"], 0x148}, 0x1, 0x0, 0x0, 0x24001005}, 0x2c77edc509eea7a8)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYRES32, @ANYBLOB="14000100ff010000000000000000000000000001140006"], 0x70}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x9)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="a000000010003b0e2a1a86eb2636037f00000000", @ANYRES32=r5, @ANYBLOB="0200000000008000800012000800010076746936740002"], 0xa0}}, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mbind(&(0x7f000028f000/0x3000)=nil, 0x3000, 0x0, &(0x7f0000000000)=0x2, 0x401, 0x0)
mremap(&(0x7f00003dc000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000042c000/0x3000)=nil)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x18)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000002d00)={&(0x7f0000000540)=ANY=[@ANYBLOB="9feb01001800000000000000340000003400000003000000010000000000000e02000000000000000000000001000084000000000000000003000000000000210000000000000006040000000061"], 0x0, 0x4f, 0x0, 0x8}, 0x28)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r7, &(0x7f0000000200), 0x2, 0x0)
r8 = openat$cgroup_ro(r7, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x0, 0x0)
lstat(&(0x7f0000000140)='./cgroup/../file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, <r9=>0x0})
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x46, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r11}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000bc0)='kfree\x00', r11, 0x0, 0x7ffffffffffffffa}, 0x18)
r12 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$KDFONTOP_SET(r12, 0x4b72, &(0x7f0000000080)={0x0, 0x0, 0x8, 0x1b, 0x100, &(0x7f00000000c0)="387ed7626d850509a2d6c1aa38f15cd00f85c263cb226db671261fff7ce9c555f189afa63530db6dd493f28fd98872219ae21b3e3b4523ae2594f47d8f62b480c4160b1f90ac9c41fae6ab12ac4c113fef588684ef495689092883b902a41cd75387ef6f7bc7d460d5e665f398ff95596dc94ec97003a3db08e500c2fb07e11aa4031a61c51caf7a65a2b613bda33f3eaeae635d7cd81761e74c38a7695800a15516eb337056e02335f9a7d10aa2eaf7beb7e1f7a1e850ecb3421143c5c4ded0f083a0c524dcf320827266819b6a952db5bc96141b26c54db857edbcbbc81c7af7aadf50bc549974b6401a19cdb130282b955592efa94242065a4c8d695a2cdd9ada350defd58c775b92d348305774d3a256c7520b285d8da0db0a0000004413ed2ddf9bcbf881caf811852806175d63892a15234fbcd7a88a2a0aea45d19148f0e7dada7d6d0d77881387fdeaa02863be90b88dfff412bff40c31c6415c54ae3335e54a49d315851feffe30d999c36def4df7df747695ef060000001bbe1b649f42f310859122c0d2c1e558dc6586958a28374f386ecf369274e43003a09b5159ea515eb44521901ef0d00baa91c10a8e44a76aac3468a15bd3d45ad389977467f306f9bcde071b30769795eed2f1580414d168f557cd90040c4bd2a3d6bc509254a12cece59181fcb5bad8c24bd9f8f78d17ab01831325501e80d899e9252f99d3a2666343392fda115048e4f4dd9f45657f8224fc78eb1168fe0527fac33466ffffffff0000000047778566e0f3945b2bf36b6eecc7fa18914beb66ac9e519bd3330000000000000009a3237aebbe3bed781e39d5a0fb0cdc60e196f2261305feb596b5b66ab89d2d6333f699b16db68986ab3eee7b199fefb5f79ffb2d1050e46982af1c56a8404755c73e74bb90e64bab9647c70ed5afca1c3d87907d14df8aa9df6f40a80ace2bb8a2aad3b0c66915927db4173181943d88c0c76d5969e2043db5bd77fd60ba0f012139929ccfec965c1f769785a4d23332d71f0875e3146afef5b20cc306d3ecee65944fe9829e0ad0c3f6bb2fdc1bc31152538db50f47dc38ba908a0d808687e478a609fe0daa0000000000000000e7f2e98597e27f3e1dba9c3c16e9fab3bda6ed33cb1c75513e2264b69d4794ded98eff9aa53d22eb77c9d93169c04ab2490bf28106f770e07eb7a9e8fdc4cbfcb11a90139264a9ee807c973167f493760278df0cc34be9e8f86f948d9a62e63ad6ca9d174d2465380b1a00ddc42915e4f3a5db640600000095a3d63904c9ecd1c313c08e29b814bd8fed1ab6d2846c73345962895d289ac77152cac2e04c93a5470774975b42091f218dd1e68a15f8226577bf9481ae0555db64a717eb23a811356d00000000ddffffff00"})
kexec_load(0xfffffffffffffffc, 0x2, &(0x7f0000000900)=[{0x0, 0x0, 0x200000000}, {0x0, 0x0, 0x3e0000000000, 0x8000}], 0x0)
mount$9p_fd(0x0, &(0x7f0000000080)='./cgroup/../file0\x00', &(0x7f00000000c0), 0x21010, &(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRESHEX=r8, @ANYBLOB=',wfdno=', @ANYRESHEX=r7, @ANYBLOB=',access=', @ANYRESDEC=r9, @ANYBLOB=',cache=none,dfltuid=', @ANYRESHEX, @ANYBLOB=',debug=0x0000000000000007,noextend,afid=0x0000000000000008,\x00'])

739.172205ms ago: executing program 5 (id=13065):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0}, 0x18)
creat(&(0x7f0000000040)='./file0\x00', 0x340)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000400)={[{@nolazytime}]}, 0x2, 0x522, &(0x7f00000006c0)="$eJzs3U9sI1cZAPBvJsnau02bLfQAqNClFBa0WjvxtlHVC+VUIVQJ0SOHbUicKIodR7FTmrCH7JE7EpU4wYkzByQOSD1xR+IANy7lgFRgBWqQkHDlsZ11/ji2sondjX8/aeQ38zz+3tvRvGd93swLYGLdioj9iLgWEe9GxFzneNLZ4s321nrfJ48eLB88erCcRLP5zj+TrL51LHrOaXmm85n5iPjBWxE/So4F/VNEfXdvY6lSKW93DhUb1a1ifXfv7np1aa28Vt4slRYXFudfv/da6cL6+lL1Nx9fj4jf/+7LH/1x/1s/aTVrtlPX24+L1O76zGGclumI+N5lBBuDqU5/rp3n5HOdxEVKI+JzEfFydv/PxVR2NY86epm+PcLWAQCXodmci+Zc7z4AcNWlWQ4sSQudXMBspGmh0M7hvRA30kqt3rizWtvZXGnnym7GTLq6XinPd3KFN2MmWV2fLi9k5e5+pVxKju7fi4jnI+JnuevZfmG5VlkZ5xcfAJhgzxyb//+Ta8//AMAVl39czI2zHQDA6OTH3QAAYOTM/wAwecz/ADB5zP8AMHnM/wAwecz/ADBRvv/2262tedB5/vXKe7s7G7X37q6U6xuF6s5yYbm2vVVYq9XWsmf2VAd9XqVW21p4NXbeLzbK9Uaxvrt3v1rb2Wzcz57rfb88M5JeAQBnef6lD/+SRMT+G9ezLXqe9z9wrn7xslsHXKZ03A0AxmZq3A0Axubkal/ApJCPh8n1/2azGT1r90bEw8NSz8NA+/4XoQ+GCpNaNxQ+e25/8Qny/8BTTf4fJtf58v++y8NVIP8Pk6vZTKz5DwATRo4fSAbU9/7+P9/s2Rnu938AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4kmazLUkLnbXAZyNNC4WIZyPiZswkq+uV8nxEPBcRf87N5Fr7CxFh3SAAeJqlf08663/dnntl9njttdx/c9lrRPz4F+/8/P2lRmN7IeJa8q/D440POsdL42g/ADBId57uzuNdnzx6sNzdRtmej7/TXly0Ffegs7VrpmM6e81nuYYb/046+22t7ytTFxB//2FEfOG0/idZbuRmZ+XT4/FbsZ8dafz0SPw0q2u/tv4tPn8BbYFJ82Fr/HnztPsvjVvZ6+n3fz4boZ5cd/w7ODH+pYfj31Sf8e/WsDFe/cN3TxxszrXrHkZ8aTrioPvhPeNPN37SJ/4rQ8b/64tfeblfXfOXEbfjtP4nR2IVG9WtYn137+56dWmtvFbeLJUWFxbnX7/3WqmY5aiL3Uz1Sf94485z/eK3+n+jT/z8gP5/fcj+/+p/7/7wq2fE/+bXTr/+L5wRvzUnfmPI+Es3fpvvV9eKv9Kn/4Ou/50h43/0t72VEwcHLTgOAFya+u7exlKlUt5+8kL+zPekFxFiiEISsX/JIR4Xcr/+6VuD35wbWXvOWYh+VVOflRZemULuHGflL/Y+HbIw7pEJuGyPb/pxtwQAAAAAAAAAAAAAAOhnFH9ONO4+AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHV9GgAA///+udUz")
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r2, &(0x7f00000000c0)=ANY=[], 0xff2e)
syz_open_procfs$pagemap(0x0, &(0x7f0000001080))
madvise(&(0x7f0000cf6000/0x4000)=nil, 0x4000, 0x16)
add_key$keyring(&(0x7f0000000000), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb)

685.777235ms ago: executing program 0 (id=13066):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000040000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0)
write$selinux_attr(r2, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)

649.271295ms ago: executing program 0 (id=13067):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0}, 0x18)
creat(&(0x7f0000000040)='./file0\x00', 0x340)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000400)={[{@nolazytime}]}, 0x2, 0x522, &(0x7f00000006c0)="$eJzs3U9sI1cZAPBvJsnau02bLfQAqNClFBa0WjvxtlHVC+VUIVQJ0SOHbUicKIodR7FTmrCH7JE7EpU4wYkzByQOSD1xR+IANy7lgFRgBWqQkHDlsZ11/ji2sondjX8/aeQ38zz+3tvRvGd93swLYGLdioj9iLgWEe9GxFzneNLZ4s321nrfJ48eLB88erCcRLP5zj+TrL51LHrOaXmm85n5iPjBWxE/So4F/VNEfXdvY6lSKW93DhUb1a1ifXfv7np1aa28Vt4slRYXFudfv/da6cL6+lL1Nx9fj4jf/+7LH/1x/1s/aTVrtlPX24+L1O76zGGclumI+N5lBBuDqU5/rp3n5HOdxEVKI+JzEfFydv/PxVR2NY86epm+PcLWAQCXodmci+Zc7z4AcNWlWQ4sSQudXMBspGmh0M7hvRA30kqt3rizWtvZXGnnym7GTLq6XinPd3KFN2MmWV2fLi9k5e5+pVxKju7fi4jnI+JnuevZfmG5VlkZ5xcfAJhgzxyb//+Ta8//AMAVl39czI2zHQDA6OTH3QAAYOTM/wAwecz/ADB5zP8AMHnM/wAwecz/ADBRvv/2262tedB5/vXKe7s7G7X37q6U6xuF6s5yYbm2vVVYq9XWsmf2VAd9XqVW21p4NXbeLzbK9Uaxvrt3v1rb2Wzcz57rfb88M5JeAQBnef6lD/+SRMT+G9ezLXqe9z9wrn7xslsHXKZ03A0AxmZq3A0Axubkal/ApJCPh8n1/2azGT1r90bEw8NSz8NA+/4XoQ+GCpNaNxQ+e25/8Qny/8BTTf4fJtf58v++y8NVIP8Pk6vZTKz5DwATRo4fSAbU9/7+P9/s2Rnu938AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4kmazLUkLnbXAZyNNC4WIZyPiZswkq+uV8nxEPBcRf87N5Fr7CxFh3SAAeJqlf08663/dnntl9njttdx/c9lrRPz4F+/8/P2lRmN7IeJa8q/D440POsdL42g/ADBId57uzuNdnzx6sNzdRtmej7/TXly0Ffegs7VrpmM6e81nuYYb/046+22t7ytTFxB//2FEfOG0/idZbuRmZ+XT4/FbsZ8dafz0SPw0q2u/tv4tPn8BbYFJ82Fr/HnztPsvjVvZ6+n3fz4boZ5cd/w7ODH+pYfj31Sf8e/WsDFe/cN3TxxszrXrHkZ8aTrioPvhPeNPN37SJ/4rQ8b/64tfeblfXfOXEbfjtP4nR2IVG9WtYn137+56dWmtvFbeLJUWFxbnX7/3WqmY5aiL3Uz1Sf94485z/eK3+n+jT/z8gP5/fcj+/+p/7/7wq2fE/+bXTr/+L5wRvzUnfmPI+Es3fpvvV9eKv9Kn/4Ou/50h43/0t72VEwcHLTgOAFya+u7exlKlUt5+8kL+zPekFxFiiEISsX/JIR4Xcr/+6VuD35wbWXvOWYh+VVOflRZemULuHGflL/Y+HbIw7pEJuGyPb/pxtwQAAAAAAAAAAAAAAOhnFH9ONO4+AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHV9GgAA///+udUz")
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r2, &(0x7f00000000c0)=ANY=[], 0xff2e)
r3 = syz_open_procfs$pagemap(0x0, &(0x7f0000001080))
madvise(&(0x7f0000cf6000/0x4000)=nil, 0x4000, 0x16)
ioctl$PAGEMAP_SCAN(r3, 0xc0606610, &(0x7f0000000140)={0x60, 0x0, &(0x7f0000001000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x0, &(0x7f00000000c0)=[{0x800000000}, {0x0, 0x0, 0x4}], 0x2, 0x100000c01, 0x38, 0x0, 0x42, 0x6e})
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
sendmsg$IPCTNL_MSG_CT_DELETE(r4, &(0x7f0000001a00)={0x0, 0x0, &(0x7f00000019c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="2000000002010300000094d10000000000009e060c00198007", @ANYRES32], 0x20}, 0x1, 0x0, 0x0, 0x40010}, 0x20004810)
add_key$keyring(&(0x7f0000000000), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5, 0x0, 0x1}, 0x18)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000004c0)={0x0, 0x3c}, 0x1, 0x0, 0x0, 0x20009005}, 0x40040c0)
timer_create(0x0, 0x0, &(0x7f0000000100)=<r6=>0x0)
timer_settime(r6, 0x1, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="74010000170001000000000000000000fc0000000000000000000000000000000000000000000000fe8000000000000000000000000000bbfc000000000000000000000000000000200100000000000000000000000000014e210000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ff010000000000000000000000000001ffffffff0000000000000000000000000000ffff000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="00000000000000000000000000000000260e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008001f0002000000440005"], 0x174}}, 0x0)

445.421517ms ago: executing program 1 (id=13068):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000040000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
rmdir(&(0x7f0000000c80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000940)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
chdir(0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000900)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x28, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r3}, 0x10)
write$selinux_attr(0xffffffffffffffff, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)

424.787567ms ago: executing program 1 (id=13069):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="74010000170001000000000000000000fc0000000000000000000000000000000000000000000000fe8000000000000000000000000000bbfc000000000000000000000000000000200100000000000000000000000000014e210000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ff010000000000000000000000000001ffffffff0000000000000000000000000000ffff000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="00000000000000000000000000000000260e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008001f00020000004400"], 0x174}}, 0x0)

407.326907ms ago: executing program 1 (id=13070):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r0 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x80, 0x2, 0x1f9}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000300)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, r0, 0x0, &(0x7f0000000040)='./file0\x00', 0x64, 0x183000, 0x12345})
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002)
io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0)

193.564728ms ago: executing program 3 (id=13071):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB='\v\x00\x00\x00\b\x00\x00\x00\f'], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x3}, 0x18)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r2, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18)

140.890969ms ago: executing program 3 (id=13072):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0}, &(0x7f0000000180), &(0x7f00000001c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
stat(&(0x7f0000000740)='./file0\x00', &(0x7f00000007c0))

140.267049ms ago: executing program 3 (id=13073):
socket$netlink(0x10, 0x3, 0x8000000004)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000080000000800000000000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/12], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000000), &(0x7f0000000180)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[], 0x48)
syz_emit_ethernet(0x5e, 0x0, 0x0)
r3 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
writev(r3, &(0x7f00000025c0)=[{&(0x7f0000000240)}], 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x3, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3, 0x0, 0x9}, 0x18)
write$selinux_load(0xffffffffffffffff, &(0x7f0000000280)=ANY=[@ANYBLOB="8cff7cf9080000005345204c"], 0x65)

125.593769ms ago: executing program 1 (id=13074):
socket$nl_xfrm(0x10, 0x3, 0x6)
syz_create_resource$binfmt(0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='\x00\x00\b\x00')
r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, &(0x7f0000000100)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2, 0x0, 0x3}, 0x18)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000002480)="85", 0x1}], 0x1, 0x9c00, 0x0, 0x3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0xffffffffffffffff}, 0x18)
sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000002580)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES32, @ANYBLOB="0100000000000000000003000000400001802cdc89c435aca755c8006f7ed6000000140002008e503aec7402000000ffff0001007564703a73797a3200000010a800000000000004000000"], 0x54}}, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x3)
r4 = dup(r3)
write$UHID_INPUT(r4, &(0x7f0000001300)={0xc, {"a2e3ad214fc752f91b4847f70e06d038e7ff7fc6e5539b3f6d078b089b3b083848090890e0878f0e1ac6e7049b3367959b669a240d5b67f3988f7e0319520100ffe8d178708c523c921b1b5b31300d095da736cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb88ced6f9081b4040d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465f41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a4d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d606495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07840900000000000000f5c8f4ceb360c7e658828163e2d25c4aa348561f097e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f028dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c000003716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff8f2211f1033195563c7f93cd54b9094f22b625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a605fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b611fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db56c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47afed367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadbbf5c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d00000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000", 0x1000}}, 0x1006)

63.617359ms ago: executing program 3 (id=13075):
bpf$MAP_CREATE(0x0, &(0x7f0000002400)=ANY=[@ANYBLOB="b03a2a10d73a203ff9626e634abeaccb12b4c6a1af0219e1c613f2dbe1d0e55684573cb47a5b403735f0575d9404beea6d6c8183f886affd6252fede0d78a841367a61c8c34fc83153c74fe683748dd29431517e21996902ef8cbee251e8c61d49c18d03f31165987f164f740d577048e09a4ff43374965932bbb247137b5731224c6c43648edce1cf18672d7ea8f9523b4fd1324042f296c65af9b4eca506febac463bc4c69b6f9a6a31eb7bf3cdaa35308615f7cabc472e41ea5aab137980bce803f7aadd994e506a4d683c4c79774d8a0a51f2eaeba506b9fdff4bf9bf5e96807cc4932b424c5a40983e2e2f31cefed1d36a8318c0851d74184ea31e574bc0445f1f7acc9cf9a18b16da509959c0949ed19cc035f963ce11128ea040d1ade5521f0d70203f00718cd3026bc9421fa41227322d992bde99c9cd971a43db41573344cb773791dc91a42d6a47133208301c9911a13fb479b57c787dad1e35b72901032e045758b69d313d4056727e074c573e569343e200156c8e25390c938aa58ea9493c40db44f68bc6b462d1c4d4975ac4ee43952bfee51f6f2c16cad6b8774443b086750d0aa60a78f9f79b267df66661bd5a7b9c55c64be7184caf9e25cfb3aff97af2d27ca33bb2b9aff14d02c49d968a088d5d1313fdd03f315844fc56d9c095c7058b3b9cc9c35f4f97f67b1dffc00f0aba6ec25ba461c1d8d115cf4d59c2b25e35487033740355851f5c2c633957dc9a406f7538214cdad6428a95f56e00861614f54de7d2bf990f43e715dfbf3dc44f26fa547920d76f8c94d62ed6f17651eb9350c9e9ff7c3b114b516d9e84dd7a239c9f19230cb7c01b4486e41c3fb2bff7d5db9f4676a7c4e7c80e57453562324bb274570bf586a11b9e18321abfa643cc6c942dfecc43464d68950e7a7bb3d9272d1865d919f37cc0ff06b157bc8749dcabcc74dc0e52843408e47d58964d1faebb83997c7a9691da26dc4cc78e57d6a4ab51035a54558c178fd6d78b62ef6b2dfc2a97efb550897de64a2ac0d18f1d0cd077dca837a2cd52656c7415c33f703115dfeb9b7866098b045e81eaa859f1ea76ae2d87313d3adb067b4b0fc37fca8d1a7c76c22ddebe790e9019047722f2ba339ebfef859989274fc9c81fffcff37101ba0c07e5c1fb92ce927d964c83d0ff81734495115f059ebe63d500aa6bf96abc186e3df24e2f59688711b1eda45836b096309449e7086965152b82edcc82ee4149a9a058f55805b965e3b96432d2627ab2f5d3eef7e27a6dadbc4431e1d3dcf84b2de7cc535d8a18b9ec31cf472b10b8f9ba19f6744a9002f746dde0ce2879812581f1547c0f9279b00d8e5bb44176f77210caa9caed14483e189405d4eb1a86ab767fe8898e98bb1a7c6624ac2bac09412123b679c35b32bad17585bfd2b238df5cfc0753c998392dd3b86983c5e54e1075e614725d94b18244f84c65b47d76cc74796e5989da692c3b0ebfcceacd6f872fa284d78ebfb60154a6ab013b801746a2adbfb4cad16c3c1091e09597090c3d46c5cb3511838939b06d664b8e8b5e53def906d337d6b48da12ed36cba2eb32c5be24157d33eb584fa4d19ca3ea8a625ce51e114bd4ae40b1a898373e297db3f217c5ff1f49becdf3592e72872096cdf3c16bb5e7477408c74bdca83dd673dc2252d640774a8eb7648711f396ac7afd22cb6c1c69f9f16f713768090b60e45206bf8991963c790d10532f09e0003eb5e7e06415ad68b3c8a48c84a499157aeb4aa42b32ec6f72db984f81a0dd348c47f1a3b17333ab261f4128e0ccf9c8e8eadab6b4e9b97d27ca6767a0579328178d78cf07ca64c7460fe49c340230a5fce8a26c8cefa7119a140a7adfe1afad6e7f766e5030e5574f9e0d22635c80e1c07e3eeea508d07204de051e3d160d6ace8f7c8cf2bc4c025e21b2468c7583605298bdb102631be4e520f9d749e9de9c4ab39fe79c10fc0e1cece9961701c846237560543fb6a3bfd14ac2b0a4986f4f451e737074e5b84b33e6a758216b818038cb1644d75c0ed32eb159d2f19c3fe897fac00276b8350dd3ffd38361577702b5dd066669dda2004b43279f1430386a75d848a6975d2f07ac6d1326d0e33c54428f8ce8aaa1e2699a2dc9c66a610b8dfa109fb443f451e9c427e8910bf61c34db9a8c2035c35492da400aeffe75e2e11827a24c22e46e029f399a236cb69ca94b279924f983b4d910b44fa0f424d832c242da6dc5a19c70428091b2d5ec669882fdb6667e6087a46eb54efe64e2a25404e1198cb67a75614bd6edddd31795971a8370370ce7bc5bcd1adf53969b01c276a9d1e4d31796b595bcaec73414fbf86f323753472ab9c9ba8ea03c508b64ba83922854cb1b56e9b65f8ad024c5fef1dfceed7dbdda54376575baa7b20bda7a1c08c34608bd3f2b1b5cb9e517f3ec206622a4a51f0441016411c32578b4b15040fcecc0d7525ab51e6796b30b6e2cd0bfc63177181f7dc5d49f2e7edbb82ab15c0ada6890e8775546bd7fa006e1ab99455f97b0a8d9a1cce6e7f355ad74f00da34cd1f52a402439e4e1ff938194b15cee297bd25602e5adb88719fe381a1e4f71f0b31dc993982fc45a587ad3e1934a0d5a915c0ea2d529b73323432509988cb8c426963377286f8f496c02e71d5fc91e6c49b9e449a38deec4a6f5a838dfdca7ff20a5393d8cb9436f866b423dac9cd68123b0c683c504340b2bfff8196b4b967c549aafc70c7a48f87c464521fe689888b191f7c768d88f8fa67d8c70c85d12911479f3403aa6cf2326bd0aceefbf9a16df0d30e75a89dfba4355f51401090c4fb9bca6e84b6577c56502db1c74839a03ad915946a19fd392d80a98c4b95bb7671f53e39a9fb691ebe406dbea8b5963b5ddcc04d0d00f4f07bff5583cee7e9919e2f90720db56a9ec4e5d324f743b51cbece52662ab99b8d2ed4e729386843537cf132f850a911acbaeeae1756e61defed85ebeabfd335c8edcde6e8e5bac0fd4515f8b9a519fc42f39413d742745e45b5a870a03b099396a77cafe78f1c1b96b9e534c43c688e712ab44e22b0341231a29ed169d6d92107b901a706edeb1efe85163f30785c6bd00eb5fb2ee484ce3d3fa376b7a3096f7e029e775034ab215670c6d28b3ae7d6c79952208e2e083c82161af9b07c1af77bd580c9065686bfbb324c69cef468d81786af10c713b43a300e660b106f31802b58e40d6f716efe4688f6347b4b95e62fcd097b5992aa4e5dc2d37d1052b4b929711b564a86126fce58944fceb6c08ecd7e9455c55a13dbe02fd492240686d11c612e4a0b5383d8cc3388018c9014e85f9bc9b64464b66aee832ac4bdf31494a89a20c26cb6cb9676946360044f0db2e28a38878b3edf35db8aef22b718145f572a32a4fe1c1f83a0e9c7fc0efe4b02dbafe2927eda16c930f6e840004cbe087202dca94541bb75eedaec11cdbf7c50de35d23657dc96f0efd8b278dab3ba909e30984ec6ab36ee3164b23a7fbc49c99dffe89b0936f936cf9b0b0fa1778557215b275feb0e10029025eee68de77481bb9fb04a867e78c1cc137eacad1fa718c7a92d63da3ed90dd53c8f3dafafe6f5f47d68ca86f80c781dc2ff73bd7435fdbef6d98f4c82a3f1ed81c67dea12852089d650074ffbe41332ccde3cddba5b05de2ebeb4e68a55bf965eb49ae9905ce70ede286673bb8e6cfe50ada1fec5bda591ebe76031cad6ab99282d263dccb164f25732e66898149856c391746504bafd18764920611cdd0ec65d88949d55ecfa227c11766a0adadde6171471978c1d2fea04e85ae5c24717fc29479161ad079ca69959c2c7252f3161d98abf579691988e9c2cbb1c029d843605d16c1de4bffd8432447f813b097c93e9d55265794fe0611aafd01a25528ff0b4cfdf37e10687aeeced6e402f1051a52ef758bd57087c3abd46b728719d6756d252bf25097b87278d944c485efd063d88a346e0a91f64f882f4c8ff322952e8d4958abea54b0d87111757bd44cf3607f87b76f9f509f1061aaf566dd6ab9f558f269d214682728c7d4f85c8aac485be0c59d4fa2b10883fe2db97d7d2a9c4e5e49528ed84abdd62ab5730f21c09346e7ca53d78e285ead61dbd8d6c7b07d2f0eb03502b2583786baccc0e7a84f8bd3eaaefacab1437096b50b61cc9ede397116e189101ac746cbba3bb2cbf9c3d359b26fe05847641b036c76bb67982bba5c5d5499f0e55497412c713a7f9fb48791f1538888432340717b6d7429b90beaa665bd5e440a07c1b9053ad2eaa30fe9376d8f4c02bfa0288095e9eee9bbb950f2c8140c50829b7d6b21cf3ae93cf627d40094b2d62df9a09b7cfcc5af77f4d3e7aefc312f32a72ad64e11dfdfff868e8edf3e4370233fc7c58be610265dd576f5bf6df096e6e76c590c65535d4d6a867b2c43bc3bcd86f5a1ba9d119b4a1a8a9b23d4a0974e11114f5a8bd629fe44ab787d558429d23726ac44c3aa3c3960de6b634ea8f400e130fc13614fd79509e4a9fdf17e10a862b61a72a51b298c0349f0be335d94d07fb35e783b729c8584ad1f7cf001756bf42165893032cd79647d65db84d2bd245eb440779bdc45e9e2b12696749ae93b94261ea5bf784c4c70a0ec6a7b9c5ee713c6673393d315d667e94b17add6d705dc0561078ae92e0f148eabcce7a567d2386b92153115613baecf6e8b740985b99b24672eec81fb13153a8831175691212dd2e3c0c3f5d85f0fbd1185042289c331ae3b804b13823527859adbdc32041083a7e5201f86121763efc8e535f8c6076eab172e78d8da7624dff4a157350dd286f86d7aff62968b1a7e63265842ab284461997ea61bc94b937339c2d6006f7d821097beba3e7f882dc15ef21bbd4845a0f292a609c82d424ffe3c9c67c49279cf8b7eee6a02a5d5d55f2ab65b82ff46d803b28c32b9efc722d30c68ce7ed9c028cb4b1bfd3f538d0cab642f2f5c61e6830c151c4f71a4f66712bfd6cc764d41731be0eb66a7209cd8448b9a65454da257a97b72956072f30fd8ff2da0bdf19e4ca8c09db955e2f1e26d411bad3fedcbed3bd708d199ae8df50b2cc22464eeda50dd51d9696c20af9aa62cdbba9f99b5619f4e5134ecaee44ab623cfe3482d9085eab3765236b7911e5ff32a28def1a439033ccf0e0942cc6856b8ddf1857b6185dacce7686114d19ef9df89542e62077221746a40aeda8a5f022d5f58877452531bafab5e861a50da225277064624ae44489b7ecee09c54fe2281cbe3b1a430b1fafef7f9661697c9cb2b7f59a291186e70461cff064cc05f7183fe56f3d01157285e3d625bb734729b5161edf75111e6d5100fc53979b46b770eb3d8245d43177f1f776b2707aeda110fb154dc1eaff88d8e86068f3424e5c902bef8f916cd55b522b7e532e6f7a12f54f02e1628e6c0b232f1cf87ce476f4749c5ee6a644b802eb372e51782913e1ca1a15d0e9f83006f821051b5b991508610a8771987ad7cc9d2e22549c315cd96cdd0a6ba4e0a96e7f13d5f8145cb20ca2bdad08fb1290fcb196de56f44f09bd6e12de6773f1786ec08b9686474290c262bf6dfe64f8fd956e2385f180dea4871873181e14ba5008f9cfbbfe0bc41d674fe2fa90a57a8552a68bb05e0f8ff44c707b6c4a9b912dbc92876d0d4dd3b76bd6c82b566741711dceb457f9691673ec297db40011c1572f1a705582ca74ba7ac5d27625c75d4227e93ca4e45c2a676c96a2a712069fd35a926293f99f888ab6509830f7f5e41f740eed008425470d4f908caad98226f08d651b20ccd30312314dbf3d37778224f51e757954a02e48a0de9a3fd000000000000000092d5db2175eec5bbde56f73c6843983dd2eecdc36e8e97599bb25684ab934273273961e5d81abd5b9f65e7d3ea0693fd3afcc8980691d55190f4d7c5712689130fd03801e596799bb12e28a816250efc58a06c406a7aae71d090b405ee317672daa1c99f260e9aaf90ac92fa77c447ac6055fda4f83c3f0a3eeda8b091d7000000000000"], 0x48)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x18)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r1 = perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x2)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001340)={0x17, 0x10, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES16=r2, @ANYBLOB='\x00'/13], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x10, '\x00', 0x0, @fallback=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f00000001c0)={0xa, 0x4e21, 0x80000, @empty, 0xfffffffd}, 0x1c, 0x0, 0x0, &(0x7f0000000380)=[@pktinfo={{0x24, 0x29, 0x32, {@mcast1}}}], 0x28}, 0x8c4)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000600)={0xffffffffffffffff, 0xe0, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000640), ""/16, 0x0, 0x0, 0x0, 0x0, 0x2, 0x6, &(0x7f0000000340)=[0x0, 0x0], &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xaf, &(0x7f00000004c0)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x48, 0x10, &(0x7f0000000540), &(0x7f0000000580), 0x8, 0x54, 0x8, 0x8, &(0x7f00000005c0)}}, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="38000000031401000000000000000000090002002f797a2f000000000800410072786500140033007465616d5f736c6176655f30"], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x8844)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f00000003c0)={[{@max_batch_time={'max_batch_time', 0x3d, 0x4}}, {@max_batch_time={'max_batch_time', 0x3d, 0x2}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@user_xattr}, {@errors_remount}, {@nombcache}]}, 0x1, 0x43c, &(0x7f0000000d80)="$eJzs289rHFUcAPDv7Cap/WViqT+aVo1WMfgjadJae/CiKHhQEPQQjzFJS+y2kSaCLUGjSD1KwXvwKPgXeNKLqCfBq96lUCSX1p5WZncm2d3spkm6yVb384Ft35t5y/t+d+btvpmXCaBrDaX/JBEHIuKPiOivVusbDFX/u7WyOPXPyuJUEuXyO38nlXY3Vxan8qb5+/bnlZ6IwhdJHG3S7/zlK+cnS6WZS1l9dOHCh6Pzl6+8MHth8tzMuZmL42fOnDo59tLp8Rfbkmea183BT+aOHXnjvWtvTU1ce/+X75I8/4Y82mRoo51Pl8tt7q6zDtaUk54OBsKWFKvDNHor478/irF28Prj9c87Ghywo8rlcvmh1ruXysD/WBKdjgDojPyHPr3+zV+7NPW4J9x4pXoBlOZ9K3tV9/REIWvT23B9205DETGxlCxPLN1ejp25DwEAUOeHdP7zfLP5XyFq7wvdn62hDETEAxFxKCJOR8ThiHgwotL24Yh4ZIv9Ny6SrJ//FK5vK7FNSud/L2drW/Xzv3z2FwPFrHawkn9vcna2NHMi+0yGo3dPWh/boI8fX/v9q1b7qvO/28v5K+0/nwtmcVzv2VP/nunJhcm7ybnWjc8iBnua5Z+srgQkEXEkIga32cfss98ea7XvzvlvoA3rTOVvIp6pHv+laMg/l2y8Pjl6X5RmTozmZ8V6v/529e1W/d9V/m2QHv99Tc//1fwHktr12vmt93H1zy9bXtNs9/zvS96t2/bx5MLCpbGIvuTNatC128cb2o2vtU/zHz7emH9fZcQfirVP4mhEpCfxoxHxWEQ8nsX+REQ8GRHHN8j/51ef+mD7+e+sNP/pLR3/tUJfNG5pXiie/+n7uk4HtpJ/evxPVUrD2ZbNfP9tJq7tnc0AAADw31OIiAORFEZWy4XCyEj1b/gPx75CaW5+4bmzcx9dnK4+IzAQvYX8Tld/zf3QseyyPq+PN9RPZveNvy7urdRHpuZK051OHrrc/hbjP/VXsdPRATvO81rQvYx/6F7GP3Sv5uM/2fU4gN3XZPzv7UQcwO5r9vv/aQfiAHZfw/i37AddxP0/6F7GP3Qv4x+60vzeuPND8goK6wpRuCfCUNihQqe/mQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANrj3wAAAP//2Arl5A==")
getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f0000000240)={0x0, 0x82, "af8c07a50e8bcf8abe64d64c39b08a7246ff6336c7586517e9673a0468ff1f5c5a64ed7f3a67ec894f2c3d401da743b56c8755b5a643e9dcf9bc32837d57f00312d7ef16cd21fde5ce6ddbada8036780bd19b1fc318c4a76927b7a3b7d14b8b7111de4205afa9164274ce62cec4f1ccfb10207423251ca651eb0ce308ba1dc9198f5"}, &(0x7f0000000640)=0x8a)

0s ago: executing program 3 (id=13076):
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x8, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x26)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$PIO_UNIMAPCLR(r1, 0x4b68, 0x0)
prlimit64(0x0, 0xa, &(0x7f0000000140)={0x9, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='mem_connect\x00', r5}, 0x18)
add_key(&(0x7f0000000440)='dns_resolver\x00', 0x0, &(0x7f00000004c0)="a079394a04954e2d1523cd274d954f18a7b1235d2023e670955c12e7265fa97c2cfb7ba5f67d4a0f06d00c089c2dbb7034ddf203c4f50b4d19d6ab0b49d345571461f3c9bc2be016252397574e61cd9b5fc6337f92b077112e9d69d5f0d761e584bd5f7a22aa334740193d174c89a6670c", 0x71, 0xffffffffffffffff)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="f80000001600010000000000000000000a01010000000000000000000000000000000000000000000000ffff000000000000000000000000000080a000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000bb"], 0xffffffffffffff0f}}, 0x40864)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="20010000120013070000000000000000e0000001000000000000000000000000fc00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000072c42572f64a264410b000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fbc18c8582fc7800000000000000000000000050019000000000028001a"], 0x120}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
rt_sigtimedwait(0x0, 0x0, 0x0, 0x0)
r7 = getpid()
r8 = syz_pidfd_open(r7, 0x0)
setns(r8, 0x24020000)
syz_clone(0xf5982500, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000000000), &(0x7f0000000040)=0x4)

kernel console output (not intermixed with test programs):

, 0] type 2 family 0 port 6081 - 0
[  624.847373][ T2783] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=2783 comm=syz.1.12320
[  624.864775][ T2779] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  624.872205][ T2783] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  624.888316][ T2783] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  624.896590][ T2784] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  624.903487][ T3574] Bluetooth: hci0: sending frame failed (-49)
[  624.909720][ T3544] Bluetooth: hci0: Opcode 0x1003 failed: -49
[  624.950803][ T2779] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  624.993766][ T2803] netlink: 'syz.5.12325': attribute type 30 has an invalid length.
[  625.041239][ T2779] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  625.104878][T30914] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  625.116161][T30914] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  625.127502][T30914] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  625.139796][T30914] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  625.182433][ T2811] IPv6: NLM_F_CREATE should be specified when creating new route
[  625.433470][ T2842] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  625.604106][ T2850] loop1: detected capacity change from 0 to 2048
[  625.621001][ T2850] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  625.674047][T27580] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  625.783302][ T2866] siw: device registration error -23
[  625.811564][ T2873] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  625.861524][ T2873] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  625.874662][ T2878] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=2878 comm=syz.4.12351
[  625.893792][ T2882] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  625.899776][ T2878] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  625.909505][ T2878] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  625.920338][T30914] Bluetooth: hci0: Frame reassembly failed (-84)
[  625.929502][ T2873] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  626.021506][ T2873] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  626.085209][T30912] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  626.096470][T30912] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  626.112416][T30912] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  626.125807][T30912] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  626.151527][ T2885] hub 6-0:1.0: USB hub found
[  626.156367][ T2885] hub 6-0:1.0: 8 ports detected
[  626.470567][ T2914] FAULT_INJECTION: forcing a failure.
[  626.470567][ T2914] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  626.483766][ T2914] CPU: 1 UID: 0 PID: 2914 Comm: syz.5.12361 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  626.483827][ T2914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  626.483842][ T2914] Call Trace:
[  626.483849][ T2914]  <TASK>
[  626.483857][ T2914]  __dump_stack+0x1d/0x30
[  626.483878][ T2914]  dump_stack_lvl+0xe8/0x140
[  626.483898][ T2914]  dump_stack+0x15/0x1b
[  626.483919][ T2914]  should_fail_ex+0x265/0x280
[  626.483943][ T2914]  should_fail+0xb/0x20
[  626.484020][ T2914]  should_fail_usercopy+0x1a/0x20
[  626.484101][ T2914]  _copy_from_iter+0xd2/0xe80
[  626.484126][ T2914]  ? __build_skb_around+0x1ab/0x200
[  626.484161][ T2914]  ? __alloc_skb+0x223/0x320
[  626.484256][ T2914]  netlink_sendmsg+0x471/0x6b0
[  626.484280][ T2914]  ? __pfx_netlink_sendmsg+0x10/0x10
[  626.484299][ T2914]  __sock_sendmsg+0x145/0x180
[  626.484323][ T2914]  ____sys_sendmsg+0x31e/0x4e0
[  626.484364][ T2914]  ___sys_sendmsg+0x17b/0x1d0
[  626.484399][ T2914]  __x64_sys_sendmsg+0xd4/0x160
[  626.484425][ T2914]  x64_sys_call+0x191e/0x3000
[  626.484483][ T2914]  do_syscall_64+0xd2/0x200
[  626.484504][ T2914]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  626.484535][ T2914]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  626.484568][ T2914]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  626.484625][ T2914] RIP: 0033:0x7f2f5086efc9
[  626.484644][ T2914] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  626.484691][ T2914] RSP: 002b:00007f2f4f2d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  626.484711][ T2914] RAX: ffffffffffffffda RBX: 00007f2f50ac5fa0 RCX: 00007f2f5086efc9
[  626.484726][ T2914] RDX: 0000000000000040 RSI: 0000200000009b40 RDI: 0000000000000003
[  626.484741][ T2914] RBP: 00007f2f4f2d7090 R08: 0000000000000000 R09: 0000000000000000
[  626.484756][ T2914] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  626.484771][ T2914] R13: 00007f2f50ac6038 R14: 00007f2f50ac5fa0 R15: 00007ffff0c92998
[  626.484788][ T2914]  </TASK>
[  626.706034][ T2916] loop3: detected capacity change from 0 to 2048
[  626.720428][ T2916] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  626.771869][ T2919] netlink: 'syz.1.12363': attribute type 1 has an invalid length.
[  626.779845][ T2919] netlink: 'syz.1.12363': attribute type 6 has an invalid length.
[  626.787714][ T2919] netlink: 'syz.1.12363': attribute type 3 has an invalid length.
[  626.803194][ T2927] hub 6-0:1.0: USB hub found
[  626.810608][T27423] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  626.819928][ T2927] hub 6-0:1.0: 8 ports detected
[  626.856344][ T2932] netlink: 'syz.3.12369': attribute type 30 has an invalid length.
[  626.917142][ T2940] netlink: 'syz.5.12370': attribute type 10 has an invalid length.
[  627.311658][ T2971] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=2971 comm=syz.5.12381
[  627.324422][ T2981] siw: device registration error -23
[  627.341259][ T2971] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  627.358352][ T2971] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  627.370355][ T2987] loop3: detected capacity change from 0 to 4096
[  627.379419][T30915] Bluetooth: hci2: Frame reassembly failed (-84)
[  627.386444][ T2987] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  627.400304][ T2987] FAULT_INJECTION: forcing a failure.
[  627.400304][ T2987] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  627.413698][ T2987] CPU: 1 UID: 0 PID: 2987 Comm: syz.3.12384 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  627.413730][ T2987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  627.413745][ T2987] Call Trace:
[  627.413753][ T2987]  <TASK>
[  627.413771][ T2987]  __dump_stack+0x1d/0x30
[  627.413816][ T2987]  dump_stack_lvl+0xe8/0x140
[  627.413836][ T2987]  dump_stack+0x15/0x1b
[  627.413889][ T2987]  should_fail_ex+0x265/0x280
[  627.413909][ T2987]  should_fail_alloc_page+0xf2/0x100
[  627.413941][ T2987]  __alloc_frozen_pages_noprof+0xff/0x360
[  627.413968][ T2987]  alloc_pages_mpol+0xb3/0x260
[  627.413992][ T2987]  folio_alloc_noprof+0x97/0x150
[  627.414093][ T2987]  filemap_alloc_folio_noprof+0x66/0x210
[  627.414142][ T2987]  __filemap_get_folio+0x28f/0x650
[  627.414177][ T2987]  ? ext4_chunk_trans_extent+0x178/0x1a0
[  627.414257][ T2987]  ext4_write_begin+0x2fe/0xeb0
[  627.414296][ T2987]  ext4_da_write_begin+0x1fb/0x6e0
[  627.414330][ T2987]  ? balance_dirty_pages_ratelimited_flags+0x40b/0x5e0
[  627.414413][ T2987]  generic_perform_write+0x184/0x490
[  627.414438][ T2987]  ext4_buffered_write_iter+0x1ee/0x3c0
[  627.414481][ T2987]  ? ext4_file_write_iter+0xfe/0xf60
[  627.414558][ T2987]  ext4_file_write_iter+0x387/0xf60
[  627.414595][ T2987]  ? kstrtouint_from_user+0x9f/0xf0
[  627.414619][ T2987]  ? 0xffffffff81000000
[  627.414636][ T2987]  ? __rcu_read_unlock+0x4f/0x70
[  627.414668][ T2987]  ? avc_policy_seqno+0x15/0x30
[  627.414686][ T2987]  ? selinux_file_permission+0x1e4/0x320
[  627.414752][ T2987]  ? __pfx_ext4_file_write_iter+0x10/0x10
[  627.414782][ T2987]  vfs_write+0x52a/0x960
[  627.414817][ T2987]  __x64_sys_pwrite64+0xfd/0x150
[  627.414894][ T2987]  x64_sys_call+0xc4d/0x3000
[  627.414915][ T2987]  do_syscall_64+0xd2/0x200
[  627.414938][ T2987]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  627.415028][ T2987]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  627.415067][ T2987]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  627.415089][ T2987] RIP: 0033:0x7f994685efc9
[  627.415104][ T2987] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  627.415165][ T2987] RSP: 002b:00007f99452c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000012
[  627.415186][ T2987] RAX: ffffffffffffffda RBX: 00007f9946ab5fa0 RCX: 00007f994685efc9
[  627.415198][ T2987] RDX: 00000000200000c1 RSI: 00002000000000c0 RDI: 0000000000000008
[  627.415252][ T2987] RBP: 00007f99452c7090 R08: 0000000000000000 R09: 0000000000000000
[  627.415265][ T2987] R10: 0000000000009000 R11: 0000000000000246 R12: 0000000000000001
[  627.415282][ T2987] R13: 00007f9946ab6038 R14: 00007f9946ab5fa0 R15: 00007fffec79afe8
[  627.415303][ T2987]  </TASK>
[  627.712577][T27423] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  627.828944][ T2996] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=2996 comm=syz.3.12386
[  627.844589][ T2996] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  627.853367][ T2996] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  627.906386][ T3002] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  627.948226][ T3544] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  627.960051][ T3002] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  627.975720][ T3003] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  628.019880][ T3002] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  628.059657][ T3002] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  628.473969][   T29] kauditd_printk_skb: 964 callbacks suppressed
[  628.473988][   T29] audit: type=1400 audit(628.455:148444): avc:  denied  { write } for  pid=3005 comm="syz.4.12388" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  628.602541][ T3010] __nla_validate_parse: 40 callbacks suppressed
[  628.602560][ T3010] netlink: 96 bytes leftover after parsing attributes in process `syz.4.12390'.
[  628.632357][   T29] audit: type=1400 audit(628.615:148445): avc:  denied  { create } for  pid=3011 comm="syz.4.12391" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  628.638719][ T3012] netlink: 12 bytes leftover after parsing attributes in process `syz.4.12391'.
[  628.652185][   T29] audit: type=1400 audit(628.625:148446): avc:  denied  { ioctl } for  pid=3011 comm="syz.4.12391" path="socket:[141874]" dev="sockfs" ino=141874 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  628.685748][   T29] audit: type=1400 audit(628.625:148447): avc:  denied  { write } for  pid=3011 comm="syz.4.12391" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  628.705963][   T29] audit: type=1400 audit(628.625:148448): avc:  denied  { nlmsg_write } for  pid=3011 comm="syz.4.12391" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  628.783792][   T29] audit: type=1400 audit(628.765:148449): avc:  denied  { execute } for  pid=3013 comm="syz.4.12392" path="/575/cpuacct.usage_percpu" dev="tmpfs" ino=3022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  628.910817][ T3019] FAULT_INJECTION: forcing a failure.
[  628.910817][ T3019] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  628.924051][ T3019] CPU: 1 UID: 0 PID: 3019 Comm: syz.4.12393 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  628.924129][ T3019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  628.924143][ T3019] Call Trace:
[  628.924150][ T3019]  <TASK>
[  628.924156][ T3019]  __dump_stack+0x1d/0x30
[  628.924174][ T3019]  dump_stack_lvl+0xe8/0x140
[  628.924257][ T3019]  dump_stack+0x15/0x1b
[  628.924270][ T3019]  should_fail_ex+0x265/0x280
[  628.924284][ T3019]  should_fail+0xb/0x20
[  628.924295][ T3019]  should_fail_usercopy+0x1a/0x20
[  628.924310][ T3019]  _copy_from_user+0x1c/0xb0
[  628.924451][ T3019]  ___sys_sendmsg+0xc1/0x1d0
[  628.924472][ T3019]  __sys_sendmmsg+0x178/0x300
[  628.924491][ T3019]  __x64_sys_sendmmsg+0x57/0x70
[  628.924505][ T3019]  x64_sys_call+0x1c4a/0x3000
[  628.924543][ T3019]  do_syscall_64+0xd2/0x200
[  628.924557][ T3019]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  628.924575][ T3019]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  628.924631][ T3019]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  628.924646][ T3019] RIP: 0033:0x7f470f94efc9
[  628.924658][ T3019] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  628.924671][ T3019] RSP: 002b:00007f470e3b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  628.924686][ T3019] RAX: ffffffffffffffda RBX: 00007f470fba5fa0 RCX: 00007f470f94efc9
[  628.924736][ T3019] RDX: 04000000000001f2 RSI: 0000200000000000 RDI: 0000000000000003
[  628.924745][ T3019] RBP: 00007f470e3b7090 R08: 0000000000000000 R09: 0000000000000000
[  628.924753][ T3019] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  628.924764][ T3019] R13: 00007f470fba6038 R14: 00007f470fba5fa0 R15: 00007ffdad879dc8
[  628.924783][ T3019]  </TASK>
[  629.103903][ T3574] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  629.107059][   T29] audit: type=1400 audit(629.085:148450): avc:  denied  { read write } for  pid=3020 comm="syz.4.12394" name="rdma_cm" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  629.134056][   T29] audit: type=1400 audit(629.085:148451): avc:  denied  { open } for  pid=3020 comm="syz.4.12394" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  629.173785][   T29] audit: type=1400 audit(629.145:148452): avc:  denied  { ioctl } for  pid=3020 comm="syz.4.12394" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=252 ioctlcmd=0x6615 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  629.179021][ T3025] netlink: 12 bytes leftover after parsing attributes in process `syz.4.12396'.
[  629.200230][   T29] audit: type=1400 audit(629.145:148453): avc:  denied  { read write } for  pid=3022 comm="syz.1.12395" name="nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  629.209909][ T3025] netlink: 28 bytes leftover after parsing attributes in process `syz.4.12396'.
[  629.209931][ T3025] netlink: 12 bytes leftover after parsing attributes in process `syz.4.12396'.
[  629.364785][ T3033] netlink: 224 bytes leftover after parsing attributes in process `syz.4.12399'.
[  629.382441][T30918] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  629.393443][ T3035] vlan0: entered allmulticast mode
[  629.396634][ T3033] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=3033 comm=syz.4.12399
[  629.398972][ T3544] Bluetooth: hci2: command 0x1003 tx timeout
[  629.411483][   T44] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  629.422131][ T3033] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  629.432245][ T3033] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  629.442839][T30913] Bluetooth: hci0: Frame reassembly failed (-84)
[  629.456365][T30918] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  629.464803][T30918] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  629.476240][T30918] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  629.504801][ T3040] loop1: detected capacity change from 0 to 512
[  629.518901][ T3040] EXT4-fs: Ignoring removed i_version option
[  629.527409][ T3040] EXT4-fs error (device loop1): ext4_xattr_inode_iget:446: comm syz.1.12400: error while reading EA inode 32 err=-116
[  629.540710][ T3040] EXT4-fs error (device loop1): ext4_xattr_inode_iget:446: comm syz.1.12400: error while reading EA inode 32 err=-116
[  629.553688][ T3040] EXT4-fs (loop1): 1 orphan inode deleted
[  629.568536][ T3040] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  629.592369][T27580] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  629.661109][ T3051] loop1: detected capacity change from 0 to 512
[  629.680755][ T3051] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  629.694691][ T3051] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  629.790564][ T3054] netlink: 8 bytes leftover after parsing attributes in process `syz.1.12404'.
[  629.868221][T30802] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  629.874827][ T3056] lo: entered allmulticast mode
[  629.902414][ T3056] netlink: 4 bytes leftover after parsing attributes in process `syz.0.12405'.
[  629.970038][ T3064] netlink: 12 bytes leftover after parsing attributes in process `syz.5.12408'.
[  630.055740][ T3068] netlink: 224 bytes leftover after parsing attributes in process `syz.0.12410'.
[  630.076839][ T3068] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=3068 comm=syz.0.12410
[  630.092686][ T3068] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  630.101429][ T3068] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  630.111120][T30915] Bluetooth: hci1: Frame reassembly failed (-84)
[  630.404203][ T3083] netlink: 'syz.3.12415': attribute type 10 has an invalid length.
[  630.489551][ T3087] loop3: detected capacity change from 0 to 256
[  631.379985][ T3110] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  631.414284][ T3112] loop3: detected capacity change from 0 to 2048
[  631.434474][ T3112] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  631.449119][ T3110] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  631.466723][ T3115] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  631.474133][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  631.497767][T27423] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  631.516199][ T3122] !yz!: rxe_newlink: already configured on team_slave_0
[  631.528797][ T3110] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  631.601209][ T3110] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  631.679249][T30915] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  631.696877][T30915] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  631.708239][T30915] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  631.716618][T30915] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  631.802292][ T3137] hub 6-0:1.0: USB hub found
[  631.807062][ T3137] hub 6-0:1.0: 8 ports detected
[  631.815780][ T3141] vlan0: entered allmulticast mode
[  631.844615][ T3145] netlink: 'syz.5.12436': attribute type 1 has an invalid length.
[  631.853000][ T3145] netlink: 'syz.5.12436': attribute type 6 has an invalid length.
[  631.861466][ T3145] netlink: 'syz.5.12436': attribute type 3 has an invalid length.
[  631.928681][ T3149] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=3149 comm=syz.3.12438
[  631.944891][ T3149] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  631.956312][ T3149] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  631.968026][T30914] Bluetooth: hci0: Frame reassembly failed (-84)
[  632.019307][ T3163] !yz!: rxe_newlink: already configured on team_slave_0
[  632.029996][ T3163] loop1: detected capacity change from 0 to 512
[  632.037269][ T3163] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  632.049795][ T3163] EXT4-fs (loop1): 1 truncate cleaned up
[  632.056014][ T3163] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  632.112274][ T3178] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  632.131811][ T3179] hub 6-0:1.0: USB hub found
[  632.136665][ T3179] hub 6-0:1.0: 8 ports detected
[  632.188239][   T44] Bluetooth: hci1: command 0x1003 tx timeout
[  632.194800][ T3544] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  632.200223][ T3186] netlink: 'syz.5.12451': attribute type 1 has an invalid length.
[  632.208960][ T3186] netlink: 'syz.5.12451': attribute type 6 has an invalid length.
[  632.216903][ T3186] netlink: 'syz.5.12451': attribute type 3 has an invalid length.
[  632.402043][ T3195] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=3195 comm=syz.5.12454
[  632.417617][ T3195] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  632.426654][ T3195] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  632.437158][T30914] Bluetooth: hci1: Frame reassembly failed (-84)
[  632.889722][T27580] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  632.957130][ T3228] netlink: 'syz.1.12465': attribute type 30 has an invalid length.
[  633.139975][ T3234] netlink: 'syz.1.12467': attribute type 1 has an invalid length.
[  633.147918][ T3234] netlink: 'syz.1.12467': attribute type 6 has an invalid length.
[  633.267707][ T3241] hub 6-0:1.0: USB hub found
[  633.272557][ T3241] hub 6-0:1.0: 8 ports detected
[  633.362062][T30918] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  633.370577][T30918] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  633.379520][T30918] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  633.387988][T30918] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  633.404550][ T3248] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  633.486078][   T29] kauditd_printk_skb: 1540 callbacks suppressed
[  633.486098][   T29] audit: type=1400 audit(633.465:149994): avc:  denied  { unlink } for  pid=27580 comm="syz-executor" name="file0" dev="tmpfs" ino=3139 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  633.500217][ T3251] vlan0: entered allmulticast mode
[  633.515238][   T29] audit: type=1400 audit(633.475:149995): avc:  denied  { create } for  pid=3250 comm="syz.1.12474" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  633.539793][   T29] audit: type=1400 audit(633.475:149996): avc:  denied  { ioctl } for  pid=3250 comm="syz.1.12474" path="socket:[144697]" dev="sockfs" ino=144697 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  633.656047][   T29] audit: type=1400 audit(633.635:149997): avc:  denied  { mounton } for  pid=3252 comm="+}[@" path="/591/file0" dev="tmpfs" ino=3150 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  633.698441][ T3255] __nla_validate_parse: 19 callbacks suppressed
[  633.698457][ T3255] netlink: 12 bytes leftover after parsing attributes in process `syz.4.12476'.
[  633.714312][ T3255] netlink: 28 bytes leftover after parsing attributes in process `syz.4.12476'.
[  633.723382][ T3255] netlink: 12 bytes leftover after parsing attributes in process `syz.4.12476'.
[  633.818250][   T29] audit: type=1400 audit(633.795:149998): avc:  denied  { module_request } for  pid=3254 comm="syz.4.12476" kmod="nft-expr-2-immVdiate" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  633.878942][   T29] audit: type=1400 audit(633.865:149999): avc:  denied  { write } for  pid=3261 comm="syz.4.12478" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  633.959164][   T29] audit: type=1400 audit(633.945:150000): avc:  denied  { prog_load } for  pid=3266 comm="syz.0.12480" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  633.990426][   T29] audit: type=1400 audit(633.945:150001): avc:  denied  { bpf } for  pid=3266 comm="syz.0.12480" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  634.010781][   T29] audit: type=1400 audit(633.945:150002): avc:  denied  { create } for  pid=3266 comm="syz.0.12480" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  634.030155][   T29] audit: type=1400 audit(633.945:150003): avc:  denied  { getopt } for  pid=3266 comm="syz.0.12480" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  634.049883][T30802] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  634.252813][ T3273] netlink: 8 bytes leftover after parsing attributes in process `syz.0.12481'.
[  634.283203][ T3279] hub 6-0:1.0: USB hub found
[  634.287964][ T3279] hub 6-0:1.0: 8 ports detected
[  634.344738][ T3282] siw: device registration error -23
[  634.351258][ T3282] netlink: 4 bytes leftover after parsing attributes in process `syz.4.12485'.
[  634.461260][ T3289] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  634.508195][   T44] Bluetooth: hci1: command 0x1003 tx timeout
[  634.514834][ T3544] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  634.795433][ T3294] hub 6-0:1.0: USB hub found
[  634.800509][ T3294] hub 6-0:1.0: 8 ports detected
[  634.870058][ T3303] netlink: 12 bytes leftover after parsing attributes in process `syz.4.12491'.
[  634.879325][ T3303] netlink: 28 bytes leftover after parsing attributes in process `syz.4.12491'.
[  634.888664][ T3303] netlink: 12 bytes leftover after parsing attributes in process `syz.4.12491'.
[  634.983122][ T3310] vlan0: entered allmulticast mode
[  635.012804][ T3308] netlink: 16 bytes leftover after parsing attributes in process `syz.1.12493'.
[  635.129795][ T3323] loop1: detected capacity change from 0 to 512
[  635.144974][ T3325] loop3: detected capacity change from 0 to 512
[  635.158740][ T3323] EXT4-fs: Ignoring removed i_version option
[  635.189770][ T3323] EXT4-fs error (device loop1): ext4_xattr_inode_iget:446: comm syz.1.12497: error while reading EA inode 32 err=-116
[  635.190891][ T3325] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  635.228565][ T3323] EXT4-fs error (device loop1): ext4_xattr_inode_iget:446: comm syz.1.12497: error while reading EA inode 32 err=-116
[  635.265931][ T3323] EXT4-fs (loop1): 1 orphan inode deleted
[  635.277378][ T3325] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  635.289953][ T3323] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  635.311551][ T3333] netlink: 24 bytes leftover after parsing attributes in process `syz.4.12500'.
[  635.379449][T27580] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  635.516701][ T3337] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  635.577088][ T3346] !yz!: rxe_newlink: already configured on team_slave_0
[  635.657672][ T3348] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  635.674578][ T3337] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  635.780059][ T3356] vlan0: entered allmulticast mode
[  635.796882][ T3337] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  635.861562][ T3337] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  635.948905][ T3362] validate_nla: 6 callbacks suppressed
[  635.948923][ T3362] netlink: 'syz.0.12508': attribute type 1 has an invalid length.
[  635.962436][ T3362] netlink: 'syz.0.12508': attribute type 6 has an invalid length.
[  635.970252][T30915] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  635.970381][ T3362] netlink: 'syz.0.12508': attribute type 3 has an invalid length.
[  635.990907][T30915] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  636.008334][T30915] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  636.036949][T30915] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  636.145034][ T3367] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=3367 comm=syz.1.12510
[  636.181825][ T3367] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  636.190534][ T3367] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  636.201580][T30912] Bluetooth: hci0: Frame reassembly failed (-84)
[  636.204806][ T3364] netlink: 'syz.3.12509': attribute type 12 has an invalid length.
[  636.272748][ T3383] hub 6-0:1.0: USB hub found
[  636.273932][ T3385] vlan0: entered allmulticast mode
[  636.277851][ T3383] hub 6-0:1.0: 8 ports detected
[  636.282801][ T3385] bridge_slave_0: entered allmulticast mode
[  636.727602][ T3427] vlan0: entered allmulticast mode
[  636.908340][ T3394] chnl_net:caif_netlink_parms(): no params data found
[  637.000372][ T3394] bridge0: port 1(bridge_slave_0) entered blocking state
[  637.007652][ T3394] bridge0: port 1(bridge_slave_0) entered disabled state
[  637.020985][ T3394] bridge_slave_0: entered allmulticast mode
[  637.030852][ T3394] bridge_slave_0: entered promiscuous mode
[  637.063885][ T3394] bridge0: port 2(bridge_slave_1) entered blocking state
[  637.071060][ T3394] bridge0: port 2(bridge_slave_1) entered disabled state
[  637.081930][ T3394] bridge_slave_1: entered allmulticast mode
[  637.100045][ T3394] bridge_slave_1: entered promiscuous mode
[  637.142730][ T3394] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  637.167337][ T3394] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  637.215346][ T3394] team0: Port device team_slave_0 added
[  637.222550][ T3394] team0: Port device team_slave_1 added
[  637.251307][ T3394] batman_adv: batadv0: Adding interface: batadv_slave_0
[  637.258478][ T3394] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  637.284413][ T3394] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  637.300736][ T3394] batman_adv: batadv0: Adding interface: batadv_slave_1
[  637.307768][ T3394] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  637.333719][ T3394] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  637.393702][ T3394] hsr_slave_0: entered promiscuous mode
[  637.404575][ T3394] hsr_slave_1: entered promiscuous mode
[  637.411102][ T3394] debugfs: 'hsr0' already exists in 'hsr'
[  637.417044][ T3394] Cannot create hsr debugfs directory
[  637.441609][T30918] bridge_slave_1: left allmulticast mode
[  637.447406][T30918] bridge_slave_1: left promiscuous mode
[  637.453125][T30918] bridge0: port 2(bridge_slave_1) entered disabled state
[  637.461230][T30918] bridge_slave_0: left allmulticast mode
[  637.466910][T30918] bridge_slave_0: left promiscuous mode
[  637.472773][T30918] bridge0: port 1(bridge_slave_0) entered disabled state
[  637.740358][T30918] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  637.750389][T30918] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  637.769280][T30918] bond0 (unregistering): (slave batadv0): Releasing backup interface
[  637.778573][T30918] bond0 (unregistering): Released all slaves
[  637.846251][ T3466] netlink: 'syz.3.12539': attribute type 30 has an invalid length.
[  637.882531][T30918] hsr_slave_0: left promiscuous mode
[  637.888450][T30918] hsr_slave_1: left promiscuous mode
[  637.894327][T30918] batman_adv: batadv0: Removing interface: batadv_slave_0
[  637.902746][T30918] batman_adv: batadv0: Removing interface: batadv_slave_1
[  637.963519][T30918] team0 (unregistering): Port device team_slave_0 removed
[  638.004437][T30918] lo (unregistering): left allmulticast mode
[  638.230466][ T3394] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  638.245611][ T3394] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  638.268401][ T3544] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  638.274625][   T44] Bluetooth: hci0: command 0x1003 tx timeout
[  638.281909][ T3394] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  638.326344][ T3394] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  638.403099][ T3489] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  638.512708][ T3394] 8021q: adding VLAN 0 to HW filter on device bond0
[  638.546840][ T3394] 8021q: adding VLAN 0 to HW filter on device team0
[  638.574690][T30913] bridge0: port 1(bridge_slave_0) entered blocking state
[  638.582043][T30913] bridge0: port 1(bridge_slave_0) entered forwarding state
[  638.616077][T30913] bridge0: port 2(bridge_slave_1) entered blocking state
[  638.623209][T30913] bridge0: port 2(bridge_slave_1) entered forwarding state
[  638.734005][   T29] kauditd_printk_skb: 813 callbacks suppressed
[  638.734022][   T29] audit: type=1400 audit(638.715:150817): avc:  denied  { sys_module } for  pid=3394 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  638.843193][ T3394] 8021q: adding VLAN 0 to HW filter on device batadv0
[  638.883347][   T29] audit: type=1400 audit(638.865:150818): avc:  denied  { mounton } for  pid=3499 comm="+}[@" path="/598/file0" dev="tmpfs" ino=3188 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  638.957613][   T29] audit: type=1400 audit(638.935:150819): avc:  denied  { create } for  pid=3504 comm="syz.3.12545" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  639.018053][   T29] audit: type=1400 audit(638.935:150820): avc:  denied  { write } for  pid=3504 comm="syz.3.12545" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  639.142917][ T3523] __nla_validate_parse: 14 callbacks suppressed
[  639.142937][ T3523] netlink: 12 bytes leftover after parsing attributes in process `syz.0.12551'.
[  639.158783][ T3523] netlink: 28 bytes leftover after parsing attributes in process `syz.0.12551'.
[  639.167844][ T3523] netlink: 12 bytes leftover after parsing attributes in process `syz.0.12551'.
[  639.200129][   T29] audit: type=1400 audit(639.165:150821): avc:  denied  { write } for  pid=3519 comm="syz.1.12550" name="tun" dev="devtmpfs" ino=138 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 trawcon="system_u:object_r:getty_var_run_t:s0"
[  639.226918][   T29] audit: type=1400 audit(639.165:150822): avc:  denied  { open } for  pid=3519 comm="syz.1.12550" path="/dev/net/tun" dev="devtmpfs" ino=138 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 trawcon="system_u:object_r:getty_var_run_t:s0"
[  639.254875][   T29] audit: type=1400 audit(639.165:150823): avc:  denied  { module_request } for  pid=3394 comm="syz-executor" kmod="netdev-virt_wifi0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  639.256970][ T3528] hub 6-0:1.0: USB hub found
[  639.277058][   T29] audit: type=1400 audit(639.165:150824): avc:  denied  { prog_load } for  pid=3517 comm="syz.3.12549" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  639.300642][   T29] audit: type=1400 audit(639.165:150825): avc:  denied  { bpf } for  pid=3517 comm="syz.3.12549" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  639.321634][   T29] audit: type=1400 audit(639.175:150826): avc:  denied  { perfmon } for  pid=3517 comm="syz.3.12549" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  639.326717][ T3528] hub 6-0:1.0: 8 ports detected
[  639.383661][ T3534] netlink: 'syz.3.12554': attribute type 1 has an invalid length.
[  639.391802][ T3534] netlink: 'syz.3.12554': attribute type 6 has an invalid length.
[  639.399806][ T3534] netlink: 'syz.3.12554': attribute type 3 has an invalid length.
[  639.407643][ T3534] netlink: 24 bytes leftover after parsing attributes in process `syz.3.12554'.
[  639.432185][ T3394] veth0_vlan: entered promiscuous mode
[  639.440614][ T3394] veth1_vlan: entered promiscuous mode
[  639.476023][ T3394] veth0_macvtap: entered promiscuous mode
[  639.499847][ T3394] veth1_macvtap: entered promiscuous mode
[  639.547523][ T3394] batman_adv: batadv0: Interface activated: batadv_slave_0
[  639.567869][ T3394] batman_adv: batadv0: Interface activated: batadv_slave_1
[  639.582064][T30912] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  639.620592][T30912] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  639.648604][T30912] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  639.686709][T30912] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  639.703336][ T3546] siw: device registration error -23
[  639.720453][ T3546] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12557'.
[  639.831302][ T3577] netlink: 16 bytes leftover after parsing attributes in process `syz.3.12562'.
[  640.062913][ T3588] netlink: 12 bytes leftover after parsing attributes in process `syz.0.12568'.
[  640.072351][ T3588] netlink: 28 bytes leftover after parsing attributes in process `syz.0.12568'.
[  640.081423][ T3588] netlink: 12 bytes leftover after parsing attributes in process `syz.0.12568'.
[  640.367942][ T3597] vlan0: entered allmulticast mode
[  640.633393][ T3602] loop3: detected capacity change from 0 to 1024
[  640.648167][ T3602] EXT4-fs: Ignoring removed bh option
[  640.657186][ T3604] FAULT_INJECTION: forcing a failure.
[  640.657186][ T3604] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  640.670496][ T3604] CPU: 0 UID: 0 PID: 3604 Comm: syz.0.12572 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  640.670635][ T3604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  640.670651][ T3604] Call Trace:
[  640.670658][ T3604]  <TASK>
[  640.670667][ T3604]  __dump_stack+0x1d/0x30
[  640.670694][ T3604]  dump_stack_lvl+0xe8/0x140
[  640.670792][ T3604]  dump_stack+0x15/0x1b
[  640.670910][ T3604]  should_fail_ex+0x265/0x280
[  640.670930][ T3604]  should_fail+0xb/0x20
[  640.670945][ T3604]  should_fail_usercopy+0x1a/0x20
[  640.670968][ T3604]  _copy_from_user+0x1c/0xb0
[  640.670994][ T3604]  ___sys_sendmsg+0xc1/0x1d0
[  640.671043][ T3604]  __x64_sys_sendmsg+0xd4/0x160
[  640.671070][ T3604]  x64_sys_call+0x191e/0x3000
[  640.671162][ T3604]  do_syscall_64+0xd2/0x200
[  640.671180][ T3604]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  640.671273][ T3604]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  640.671308][ T3604]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  640.671329][ T3604] RIP: 0033:0x7ff838c5efc9
[  640.671345][ T3604] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  640.671414][ T3604] RSP: 002b:00007ff8376c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  640.671434][ T3604] RAX: ffffffffffffffda RBX: 00007ff838eb5fa0 RCX: 00007ff838c5efc9
[  640.671447][ T3604] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000003
[  640.671459][ T3604] RBP: 00007ff8376c7090 R08: 0000000000000000 R09: 0000000000000000
[  640.671471][ T3604] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  640.671485][ T3604] R13: 00007ff838eb6038 R14: 00007ff838eb5fa0 R15: 00007ffd420a5318
[  640.671549][ T3604]  </TASK>
[  640.758219][ T3602] ext4: Unknown parameter 'obj_user'
[  640.911620][ T3606] netlink: 4 bytes leftover after parsing attributes in process `syz.0.12573'.
[  640.932038][ T3608] vlan2: entered allmulticast mode
[  641.116201][ T3622] infiniband syû: set down
[  641.120756][ T3622] infiniband syû: added bond_slave_0
[  641.160412][ T3622] RDS/IB: syû: added
[  641.164399][ T3622] smc: adding ib device syû with port count 1
[  641.177215][ T3622] smc:    ib device syû port 1 has no pnetid
[  641.736718][ T3656] vlan0: entered allmulticast mode
[  641.881632][ T3666] netlink: 'syz.0.12591': attribute type 1 has an invalid length.
[  641.889729][ T3666] netlink: 'syz.0.12591': attribute type 6 has an invalid length.
[  641.890084][ T3665] loop3: detected capacity change from 0 to 512
[  641.898025][ T3666] netlink: 'syz.0.12591': attribute type 3 has an invalid length.
[  641.941401][ T3665] EXT4-fs warning (device loop3): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  641.986369][ T3665] EXT4-fs (loop3): mount failed
[  642.223631][ T3676] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  642.239530][ T3683] loop3: detected capacity change from 0 to 512
[  642.272252][ T3683] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  642.296593][ T3687] netlink: 'syz.0.12598': attribute type 12 has an invalid length.
[  642.296618][ T3687] netlink: 'syz.0.12598': attribute type 29 has an invalid length.
[  642.314513][ T3683] EXT4-fs (loop3): 1 truncate cleaned up
[  642.314943][ T3683] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  642.426012][ T3696] netlink: 'syz.0.12600': attribute type 30 has an invalid length.
[  642.446785][T25417] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  642.446930][T25417] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  642.446971][T25417] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  642.447068][T25417] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  642.533424][T27423] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  642.649125][ T3703] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=3703 comm=syz.3.12601
[  642.678059][ T3708] vlan0: entered allmulticast mode
[  642.708056][ T3712] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  642.722161][ T3712] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  642.747284][T30913] Bluetooth: hci0: Frame reassembly failed (-84)
[  642.974379][T30913] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  642.999554][ T3690] chnl_net:caif_netlink_parms(): no params data found
[  643.093900][T30913] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  643.163366][ T3690] bridge0: port 1(bridge_slave_0) entered blocking state
[  643.170859][ T3690] bridge0: port 1(bridge_slave_0) entered disabled state
[  643.223674][ T3690] bridge_slave_0: entered allmulticast mode
[  643.232768][ T3690] bridge_slave_0: entered promiscuous mode
[  643.240032][ T3745] netlink: 'syz.5.12611': attribute type 30 has an invalid length.
[  643.251419][ T3749] netdevsim netdevsim0 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  643.261295][ T3749] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  643.275175][T30913] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  643.292536][ T3751] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  643.304776][ T3690] bridge0: port 2(bridge_slave_1) entered blocking state
[  643.311923][ T3690] bridge0: port 2(bridge_slave_1) entered disabled state
[  643.323796][ T3690] bridge_slave_1: entered allmulticast mode
[  643.330558][ T3690] bridge_slave_1: entered promiscuous mode
[  643.339519][T25417] netdevsim netdevsim5 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  643.349319][T30913] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  643.362861][ T3749] netdevsim netdevsim0 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  643.372815][ T3749] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  643.415707][T25417] netdevsim netdevsim5 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  643.437918][ T3690] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  643.447292][T25417] netdevsim netdevsim5 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  643.458306][T25417] netdevsim netdevsim5 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  643.469799][ T3754] siw: device registration error -23
[  643.475912][ T3690] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  643.504260][ T3749] netdevsim netdevsim0 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  643.514330][ T3749] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  643.547508][T30913] bridge_slave_1: left allmulticast mode
[  643.553512][T30913] bridge_slave_1: left promiscuous mode
[  643.559266][T30913] bridge0: port 2(bridge_slave_1) entered disabled state
[  643.589237][T30913] bridge_slave_0: left promiscuous mode
[  643.595210][T30913] bridge0: port 1(bridge_slave_0) entered disabled state
[  644.000587][T30913] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  644.010206][T30913] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  644.020184][T30913] bond0 (unregistering): (slave batadv0): Releasing backup interface
[  644.029859][T30913] bond0 (unregistering): Released all slaves
[  644.048236][ T3749] netdevsim netdevsim0 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  644.058182][ T3749] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  644.075342][ T3770] vlan0: entered allmulticast mode
[  644.086918][ T3690] team0: Port device team_slave_0 added
[  644.103310][T30913] tipc: Left network mode
[  644.110049][ T3690] team0: Port device team_slave_1 added
[  644.176911][ T3690] batman_adv: batadv0: Adding interface: batadv_slave_0
[  644.184173][ T3690] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  644.210748][ T3690] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  644.247042][   T29] kauditd_printk_skb: 534 callbacks suppressed
[  644.247059][   T29] audit: type=1400 audit(644.225:151360): avc:  denied  { read } for  pid=3775 comm="syz.5.12621" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  644.256581][ T3690] batman_adv: batadv0: Adding interface: batadv_slave_1
[  644.277874][   T29] audit: type=1400 audit(644.225:151361): avc:  denied  { open } for  pid=3775 comm="syz.5.12621" path="/dev/loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  644.284768][ T3690] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  644.309274][   T29] audit: type=1400 audit(644.225:151362): avc:  denied  { ioctl } for  pid=3775 comm="syz.5.12621" path="/dev/loop-control" dev="devtmpfs" ino=99 ioctlcmd=0x4c80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  644.335311][ T3690] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  644.382111][   T29] audit: type=1400 audit(644.355:151363): avc:  denied  { setattr } for  pid=3775 comm="syz.5.12621" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  644.390980][T30918] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  644.409666][T30918] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  644.433815][T30913] hsr_slave_0: left promiscuous mode
[  644.444263][T30913] hsr_slave_1: left promiscuous mode
[  644.450179][T30913] batman_adv: batadv0: Removing interface: batadv_slave_0
[  644.457815][T30913] batman_adv: batadv0: Removing interface: batadv_slave_1
[  644.492333][T30913] team0 (unregistering): Port device team_slave_0 removed
[  644.500581][T30915] smc: removing ib device !yz!
[  644.521323][T30913] lo (unregistering): left allmulticast mode
[  644.532074][T30918] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  644.540458][T30918] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  644.581535][ T3782] loop0: detected capacity change from 0 to 512
[  644.587904][T30918] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  644.596447][T30918] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  644.612260][ T3782] Quota error (device loop0): v2_read_file_info: Free block number 1 out of range (1, 6).
[  644.622589][ T3782] EXT4-fs warning (device loop0): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  644.625287][ T3690] hsr_slave_0: entered promiscuous mode
[  644.637959][ T3782] EXT4-fs (loop0): mount failed
[  644.651882][ T3690] hsr_slave_1: entered promiscuous mode
[  644.667033][ T3690] debugfs: 'hsr0' already exists in 'hsr'
[  644.672909][ T3690] Cannot create hsr debugfs directory
[  644.693673][T30918] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  644.702288][T30918] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  644.710698][ T3787] __nla_validate_parse: 24 callbacks suppressed
[  644.710718][ T3787] netlink: 12 bytes leftover after parsing attributes in process `syz.0.12625'.
[  644.726111][ T3787] netlink: 28 bytes leftover after parsing attributes in process `syz.0.12625'.
[  644.735215][ T3787] netlink: 12 bytes leftover after parsing attributes in process `syz.0.12625'.
[  644.749820][ T3544] Bluetooth: hci0: command 0x1003 tx timeout
[  644.755906][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  644.763498][ T3788] netlink: 'syz.5.12624': attribute type 12 has an invalid length.
[  644.768254][   T29] audit: type=1326 audit(644.745:151364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3702 comm="syz.3.12601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f994685efc9 code=0x7ffc0000
[  644.771642][ T3788] netlink: 'syz.5.12624': attribute type 29 has an invalid length.
[  644.795146][   T29] audit: type=1326 audit(644.745:151365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3702 comm="syz.3.12601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f994685efc9 code=0x7ffc0000
[  644.802982][ T3788] netlink: 148 bytes leftover after parsing attributes in process `syz.5.12624'.
[  644.937953][   T29] audit: type=1400 audit(644.915:151366): avc:  denied  { connect } for  pid=3798 comm="syz.5.12628" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  644.957346][   T29] audit: type=1400 audit(644.915:151367): avc:  denied  { read } for  pid=3798 comm="syz.5.12628" path="socket:[147862]" dev="sockfs" ino=147862 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  644.995790][ T3801] netlink: 16 bytes leftover after parsing attributes in process `syz.5.12628'.
[  644.995845][   T29] audit: type=1400 audit(644.975:151368): avc:  denied  { nlmsg_write } for  pid=3798 comm="syz.5.12628" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  645.270377][ T3814] netlink: 8 bytes leftover after parsing attributes in process `syz.4.12634'.
[  645.279599][ T3814] netlink: 'syz.4.12634': attribute type 30 has an invalid length.
[  645.300338][T30917] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  645.321310][T30917] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  645.336331][T30917] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  645.345367][T30917] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  645.390026][ T3816] loop0: detected capacity change from 0 to 512
[  645.399795][ T3816] EXT4-fs warning (device loop0): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  645.419084][ T3816] EXT4-fs (loop0): mount failed
[  645.474003][ T3690] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  645.486525][ T3690] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  645.486827][ T3825] loop0: detected capacity change from 0 to 512
[  645.500524][ T3825] EXT4-fs: Ignoring removed i_version option
[  645.513554][ T3690] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  645.517531][ T3830] IPv6: NLM_F_CREATE should be specified when creating new route
[  645.524961][ T3825] EXT4-fs error (device loop0): ext4_xattr_inode_iget:446: comm syz.0.12638: error while reading EA inode 32 err=-116
[  645.543210][ T3690] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  645.552689][ T3827] netlink: 12 bytes leftover after parsing attributes in process `syz.3.12639'.
[  645.562039][ T3827] netlink: 28 bytes leftover after parsing attributes in process `syz.3.12639'.
[  645.571193][ T3827] netlink: 12 bytes leftover after parsing attributes in process `syz.3.12639'.
[  645.581496][ T3825] EXT4-fs error (device loop0): ext4_xattr_inode_iget:446: comm syz.0.12638: error while reading EA inode 32 err=-116
[  645.594448][ T3825] EXT4-fs (loop0): 1 orphan inode deleted
[  645.601169][ T3825] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  645.644174][  T418] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  645.750609][ T3690] 8021q: adding VLAN 0 to HW filter on device bond0
[  645.800697][ T3690] 8021q: adding VLAN 0 to HW filter on device team0
[  645.825873][T30913] bridge0: port 1(bridge_slave_0) entered blocking state
[  645.833002][T30913] bridge0: port 1(bridge_slave_0) entered forwarding state
[  645.844259][T30913] bridge0: port 2(bridge_slave_1) entered blocking state
[  645.851387][T30913] bridge0: port 2(bridge_slave_1) entered forwarding state
[  645.890422][ T3851] loop3: detected capacity change from 0 to 512
[  645.911125][ T3851] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  645.927174][ T3851] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  645.957921][ T3858] netlink: 8 bytes leftover after parsing attributes in process `syz.0.12642'.
[  646.059556][ T3690] 8021q: adding VLAN 0 to HW filter on device batadv0
[  646.101414][ T3864] vlan0: entered allmulticast mode
[  646.227409][ T3690] veth0_vlan: entered promiscuous mode
[  646.248799][ T3690] veth1_vlan: entered promiscuous mode
[  646.291282][ T3690] veth0_macvtap: entered promiscuous mode
[  646.310634][ T3690] veth1_macvtap: entered promiscuous mode
[  646.340082][ T3690] batman_adv: batadv0: Interface activated: batadv_slave_0
[  646.365414][ T3690] batman_adv: batadv0: Interface activated: batadv_slave_1
[  646.388830][T30913] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  646.424801][T30913] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  646.451171][T30913] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  646.484035][T30917] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  646.809234][ T3888] loop3: detected capacity change from 0 to 512
[  646.832999][ T3890] vlan0: entered allmulticast mode
[  646.865184][ T3888] EXT4-fs warning (device loop3): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  646.930337][ T3888] EXT4-fs (loop3): mount failed
[  647.144332][ T3898] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=3898 comm=syz.5.12654
[  647.185363][ T3898] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  647.201606][ T3898] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  647.231480][ T3906] loop0: detected capacity change from 0 to 512
[  647.262764][ T3906] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  647.291929][ T3906] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  648.196394][ T3923] netlink: 'syz.0.12659': attribute type 1 has an invalid length.
[  648.204480][ T3923] netlink: 'syz.0.12659': attribute type 6 has an invalid length.
[  648.212334][ T3923] netlink: 'syz.0.12659': attribute type 3 has an invalid length.
[  648.433256][ T3931] loop0: detected capacity change from 0 to 512
[  648.516599][ T3931] EXT4-fs warning (device loop0): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  648.537553][ T3933] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=3933 comm=syz.5.12664
[  648.569973][ T3933] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  648.588825][ T3933] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  648.599291][ T3931] EXT4-fs (loop0): mount failed
[  648.677400][ T3941] loop0: detected capacity change from 0 to 512
[  648.694422][ T3941] EXT4-fs: Ignoring removed i_version option
[  648.748921][ T3941] EXT4-fs error (device loop0): ext4_xattr_inode_iget:446: comm syz.0.12665: error while reading EA inode 32 err=-116
[  648.802091][ T3941] EXT4-fs error (device loop0): ext4_xattr_inode_iget:446: comm syz.0.12665: error while reading EA inode 32 err=-116
[  648.865557][ T3941] EXT4-fs (loop0): 1 orphan inode deleted
[  648.895925][ T3941] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  648.974851][  T418] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  649.268521][ T3953] netdevsim netdevsim5 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  649.278451][ T3953] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  649.325840][   T29] kauditd_printk_skb: 1136 callbacks suppressed
[  649.325862][   T29] audit: type=1400 audit(649.305:152502): avc:  denied  { write } for  pid=3952 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  649.374458][   T29] audit: type=1400 audit(649.355:152503): avc:  denied  { write } for  pid=3959 comm="syz.3.12672" name="001" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  649.397369][   T29] audit: type=1400 audit(649.355:152504): avc:  denied  { create } for  pid=3952 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  649.414887][ T3954] infiniband !yz!: set active
[  649.421377][ T3954] infiniband !yz!: added team_slave_0
[  649.428403][ T3953] netdevsim netdevsim5 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  649.438343][ T3953] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  649.462766][ T3954] RDS/IB: !yz!: added
[  649.465246][ T3960] hub 6-0:1.0: USB hub found
[  649.469393][ T3954] smc: adding ib device !yz! with port count 1
[  649.480176][ T3960] hub 6-0:1.0: 8 ports detected
[  649.485596][ T3954] smc:    ib device !yz! port 1 has no pnetid
[  649.506255][ T3953] netdevsim netdevsim5 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  649.516162][ T3953] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  649.529742][   T29] audit: type=1400 audit(649.355:152505): avc:  denied  { write } for  pid=3952 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  649.582066][ T3953] netdevsim netdevsim5 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  649.592058][ T3953] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  649.605430][ T3967] loop1: detected capacity change from 0 to 512
[  649.630954][ T3971] loop3: detected capacity change from 0 to 512
[  649.638283][ T3971] EXT4-fs: Ignoring removed i_version option
[  649.671995][ T3971] EXT4-fs error (device loop3): ext4_xattr_inode_iget:446: comm syz.3.12677: error while reading EA inode 32 err=-116
[  649.685419][ T3967] Quota error (device loop1): v2_read_file_info: Free block number 1 out of range (1, 6).
[  649.710406][T30917] netdevsim netdevsim5 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  649.718908][T30917] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  649.721492][ T3967] EXT4-fs warning (device loop1): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  649.741513][ T3971] EXT4-fs error (device loop3): ext4_xattr_inode_iget:446: comm syz.3.12677: error while reading EA inode 32 err=-116
[  649.744432][ T3967] EXT4-fs (loop1): mount failed
[  649.761607][T25417] netdevsim netdevsim5 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  649.770072][T25417] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  649.778903][T25417] netdevsim netdevsim5 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  649.787213][T25417] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  649.796628][ T3971] EXT4-fs (loop3): 1 orphan inode deleted
[  649.803061][ T3971] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  649.816272][T30917] netdevsim netdevsim5 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  649.824636][T30917] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  649.843685][T27423] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  649.890506][   T29] audit: type=1326 audit(649.875:152506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3980 comm="syz.0.12680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff838c5efc9 code=0x7ffc0000
[  649.913864][   T29] audit: type=1326 audit(649.875:152507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3980 comm="syz.0.12680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff838c5efc9 code=0x7ffc0000
[  649.944037][ T3981] __nla_validate_parse: 12 callbacks suppressed
[  649.944052][ T3981] netlink: 224 bytes leftover after parsing attributes in process `syz.0.12680'.
[  649.962989][   T29] audit: type=1326 audit(649.875:152508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3980 comm="syz.0.12680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7ff838c5efc9 code=0x7ffc0000
[  649.986265][   T29] audit: type=1326 audit(649.875:152509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3980 comm="syz.0.12680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff838c5efc9 code=0x7ffc0000
[  650.009464][   T29] audit: type=1326 audit(649.875:152510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3980 comm="syz.0.12680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff838c5efc9 code=0x7ffc0000
[  650.092657][ T3988] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=3988 comm=syz.0.12680
[  650.147722][ T3981] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  650.159965][ T3981] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  650.169163][ T4001] netlink: 12 bytes leftover after parsing attributes in process `syz.5.12685'.
[  650.178317][ T4001] netlink: 28 bytes leftover after parsing attributes in process `syz.5.12685'.
[  650.187378][ T4001] netlink: 12 bytes leftover after parsing attributes in process `syz.5.12685'.
[  650.203918][T30917] Bluetooth: hci0: Frame reassembly failed (-84)
[  650.267051][ T4005] netlink: 16 bytes leftover after parsing attributes in process `syz.1.12684'.
[  650.313507][ T4009] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12679'.
[  650.359817][ T4013] vlan2: entered allmulticast mode
[  650.443701][ T4013] netlink: 16 bytes leftover after parsing attributes in process `syz.4.12688'.
[  650.452867][ T4013] netlink: 16 bytes leftover after parsing attributes in process `syz.4.12688'.
[  650.462031][ T4013] netlink: 16 bytes leftover after parsing attributes in process `syz.4.12688'.
[  650.629406][ T4019] 9pnet_fd: Insufficient options for proto=fd
[  651.031745][ T4024] loop1: detected capacity change from 0 to 512
[  651.056880][ T4026] FAULT_INJECTION: forcing a failure.
[  651.056880][ T4026] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  651.058738][ T4024] EXT4-fs: Ignoring removed i_version option
[  651.070183][ T4026] CPU: 0 UID: 0 PID: 4026 Comm: syz.5.12692 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  651.070272][ T4026] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  651.070334][ T4026] Call Trace:
[  651.070340][ T4026]  <TASK>
[  651.070388][ T4026]  __dump_stack+0x1d/0x30
[  651.070482][ T4026]  dump_stack_lvl+0xe8/0x140
[  651.070549][ T4026]  dump_stack+0x15/0x1b
[  651.070567][ T4026]  should_fail_ex+0x265/0x280
[  651.070588][ T4026]  should_fail+0xb/0x20
[  651.070606][ T4026]  should_fail_usercopy+0x1a/0x20
[  651.070642][ T4026]  _copy_from_user+0x1c/0xb0
[  651.070668][ T4026]  __sys_connect+0xd0/0x2b0
[  651.070737][ T4026]  __x64_sys_connect+0x3f/0x50
[  651.070825][ T4026]  x64_sys_call+0x2c0c/0x3000
[  651.070849][ T4026]  do_syscall_64+0xd2/0x200
[  651.070869][ T4026]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  651.070897][ T4026]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  651.070978][ T4026]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  651.071055][ T4026] RIP: 0033:0x7f2f5086efc9
[  651.071135][ T4026] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  651.071205][ T4026] RSP: 002b:00007f2f4f2d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  651.071269][ T4026] RAX: ffffffffffffffda RBX: 00007f2f50ac5fa0 RCX: 00007f2f5086efc9
[  651.071282][ T4026] RDX: 0000000000000010 RSI: 0000200000000400 RDI: 0000000000000003
[  651.071295][ T4026] RBP: 00007f2f4f2d7090 R08: 0000000000000000 R09: 0000000000000000
[  651.071308][ T4026] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  651.071321][ T4026] R13: 00007f2f50ac6038 R14: 00007f2f50ac5fa0 R15: 00007ffff0c92998
[  651.071419][ T4026]  </TASK>
[  651.139882][ T4028] netlink: 4 bytes leftover after parsing attributes in process `syz.5.12693'.
[  651.278856][ T4024] EXT4-fs error (device loop1): ext4_xattr_inode_iget:446: comm syz.1.12691: error while reading EA inode 32 err=-116
[  651.292043][ T4024] EXT4-fs error (device loop1): ext4_xattr_inode_iget:446: comm syz.1.12691: error while reading EA inode 32 err=-116
[  651.334854][ T4024] EXT4-fs (loop1): 1 orphan inode deleted
[  651.354702][ T4024] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  651.447765][ T3690] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  651.489850][ T4040] ip6_tunnel: non-ECT from fc00:0000:0000:0000:0000:0000:0000:0000 with DS=0xf
[  651.813641][ T4068] ip6_tunnel: non-ECT from fc00:0000:0000:0000:0000:0000:0000:0000 with DS=0xf
[  651.985999][ T4073] hub 6-0:1.0: USB hub found
[  651.996265][ T4073] hub 6-0:1.0: 8 ports detected
[  652.129856][ T4090] IPv6: NLM_F_CREATE should be specified when creating new route
[  652.136038][ T4081] hub 6-0:1.0: USB hub found
[  652.148406][ T4081] hub 6-0:1.0: 8 ports detected
[  652.170530][ T4094] ip6_tunnel: non-ECT from fc00:0000:0000:0000:0000:0000:0000:0000 with DS=0xf
[  652.268188][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  652.318931][ T4106] loop1: detected capacity change from 0 to 512
[  652.340455][ T4106] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  652.363917][ T4106] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  652.533014][ T4115] netlink: 'syz.4.12726': attribute type 1 has an invalid length.
[  652.540938][ T4115] netlink: 'syz.4.12726': attribute type 6 has an invalid length.
[  652.540958][ T4115] netlink: 'syz.4.12726': attribute type 3 has an invalid length.
[  653.245534][ T4150] netlink: 'syz.5.12738': attribute type 1 has an invalid length.
[  653.253440][ T4150] netlink: 'syz.5.12738': attribute type 6 has an invalid length.
[  653.261410][ T4150] netlink: 'syz.5.12738': attribute type 3 has an invalid length.
[  653.396317][ T4161] vlan2: entered allmulticast mode
[  653.697071][ T4175] loop0: detected capacity change from 0 to 512
[  653.714896][ T4177] hub 6-0:1.0: USB hub found
[  653.728931][ T4177] hub 6-0:1.0: 8 ports detected
[  653.739055][ T4175] ------------[ cut here ]------------
[  653.744560][ T4175] EA inode 11 i_nlink=2
[  653.744829][ T4175] WARNING: CPU: 0 PID: 4175 at fs/ext4/xattr.c:1058 ext4_xattr_inode_update_ref+0x36a/0x380
[  653.759461][ T4175] Modules linked in:
[  653.763384][ T4175] CPU: 0 UID: 0 PID: 4175 Comm: syz.0.12748 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  653.773356][ T4175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  653.783712][ T4175] RIP: 0010:ext4_xattr_inode_update_ref+0x36a/0x380
[  653.790481][ T4175] Code: 90 49 8d 7e 40 e8 76 fd b8 ff 4d 8b 6e 40 4c 89 e7 e8 8a f8 b8 ff 41 8b 56 48 48 c7 c7 fa cc 55 86 4c 89 ee e8 07 fa 67 ff 90 <0f> 0b 90 90 e9 ff fe ff ff e8 88 e7 b5 03 0f 1f 84 00 00 00 00 00
[  653.810296][ T4175] RSP: 0018:ffffc900020ff5a0 EFLAGS: 00010246
[  653.816481][ T4175] RAX: fa1d0402085ad100 RBX: ffff888117956d18 RCX: 0000000000080000
[  653.824593][ T4175] RDX: ffffc90004aaa000 RSI: 0000000000003d94 RDI: 0000000000003d95
[  653.832939][ T4175] RBP: 0000000000000002 R08: 0001c900020ff427 R09: 0000000000000000
[  653.841083][ T4175] R10: 00000000ffffffff R11: 0000000000000002 R12: ffff888117956cc8
[  653.849119][ T4175] R13: 000000000000000b R14: ffff888117956c80 R15: 0000000000000001
[  653.857260][ T4175] FS:  00007ff8376c76c0(0000) GS:ffff8882aee13000(0000) knlGS:0000000000000000
[  653.866338][ T4175] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  653.873241][ T4175] CR2: 00007ffc684b3598 CR3: 000000011125c000 CR4: 00000000003506f0
[  653.881390][ T4175] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  653.889517][ T4175] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  653.897608][ T4175] Call Trace:
[  653.900934][ T4175]  <TASK>
[  653.903934][ T4175]  ext4_xattr_set_entry+0x77f/0x1020
[  653.909394][ T4175]  ext4_xattr_ibody_set+0x184/0x3c0
[  653.914744][ T4175]  ext4_expand_extra_isize_ea+0xcbb/0x11f0
[  653.920723][ T4175]  __ext4_expand_extra_isize+0x246/0x280
[  653.926422][ T4175]  __ext4_mark_inode_dirty+0x29d/0x3f0
[  653.931973][ T4175]  ext4_evict_inode+0x80e/0xd90
[  653.936879][ T4175]  ? __pfx_ext4_evict_inode+0x10/0x10
[  653.942326][ T4175]  evict+0x2e3/0x550
[  653.946341][ T4175]  ? __dquot_initialize+0x146/0x7c0
[  653.951738][ T4175]  iput+0x4ed/0x650
[  653.955747][ T4175]  ext4_process_orphan+0x1a9/0x1c0
[  653.960903][ T4175]  ext4_orphan_cleanup+0x6a8/0xa00
[  653.966081][ T4175]  ext4_fill_super+0x3483/0x3810
[  653.971161][ T4175]  ? snprintf+0x86/0xb0
[  653.975396][ T4175]  ? set_blocksize+0x1a8/0x310
[  653.980337][ T4175]  ? sb_set_blocksize+0xe3/0x100
[  653.985394][ T4175]  ? setup_bdev_super+0x30e/0x370
[  653.990570][ T4175]  ? __pfx_ext4_fill_super+0x10/0x10
[  653.995874][ T4175]  get_tree_bdev_flags+0x291/0x300
[  654.001173][ T4175]  ? __pfx_ext4_fill_super+0x10/0x10
[  654.006491][ T4175]  get_tree_bdev+0x1f/0x30
[  654.011060][ T4175]  ext4_get_tree+0x1c/0x30
[  654.015544][ T4175]  vfs_get_tree+0x57/0x1d0
[  654.020078][ T4175]  do_new_mount+0x24d/0x660
[  654.024656][ T4175]  path_mount+0x4a5/0xb70
[  654.029063][ T4175]  ? user_path_at+0x109/0x130
[  654.033768][ T4175]  __se_sys_mount+0x28c/0x2e0
[  654.038517][ T4175]  __x64_sys_mount+0x67/0x80
[  654.043154][ T4175]  x64_sys_call+0x2b51/0x3000
[  654.048197][ T4175]  do_syscall_64+0xd2/0x200
[  654.052794][ T4175]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  654.059012][ T4175]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  654.065173][ T4175]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  654.071249][ T4175] RIP: 0033:0x7ff838c6076a
[  654.075769][ T4175] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  654.095698][ T4175] RSP: 002b:00007ff8376c6e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  654.104283][ T4175] RAX: ffffffffffffffda RBX: 00007ff8376c6ef0 RCX: 00007ff838c6076a
[  654.112307][ T4175] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007ff8376c6eb0
[  654.120337][ T4175] RBP: 0000200000000180 R08: 00007ff8376c6ef0 R09: 0000000001a08700
[  654.128389][ T4175] R10: 0000000001a08700 R11: 0000000000000246 R12: 00002000000001c0
[  654.136519][ T4175] R13: 00007ff8376c6eb0 R14: 0000000000000470 R15: 0000200000000700
[  654.144740][ T4175]  </TASK>
[  654.147779][ T4175] ---[ end trace 0000000000000000 ]---
[  654.156024][ T4175] EXT4-fs (loop0): 1 orphan inode deleted
[  654.162468][ T4175] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  654.215224][  T418] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  654.231393][ T4191] netlink: 'syz.5.12753': attribute type 1 has an invalid length.
[  654.239324][ T4191] netlink: 'syz.5.12753': attribute type 6 has an invalid length.
[  654.247473][ T4191] netlink: 'syz.5.12753': attribute type 3 has an invalid length.
[  654.308546][ T4194] loop3: detected capacity change from 0 to 512
[  654.331773][ T4194] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  654.332475][ T4194] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  654.342920][   T29] kauditd_printk_skb: 1464 callbacks suppressed
[  654.342935][   T29] audit: type=1326 audit(654.325:153975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4193 comm="syz.3.12757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f994685d810 code=0x7ffc0000
[  654.342964][   T29] audit: type=1326 audit(654.325:153976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4193 comm="syz.3.12757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f994685ebcb code=0x7ffc0000
[  654.343018][   T29] audit: type=1326 audit(654.325:153977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4193 comm="syz.3.12757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f994685dc2a code=0x7ffc0000
[  654.343058][   T29] audit: type=1326 audit(654.325:153978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4193 comm="syz.3.12757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f994685efc9 code=0x7ffc0000
[  654.343152][   T29] audit: type=1326 audit(654.325:153979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4193 comm="syz.3.12757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f994685efc9 code=0x7ffc0000
[  654.346225][   T29] audit: type=1326 audit(654.325:153980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4193 comm="syz.3.12757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f994685efc9 code=0x7ffc0000
[  654.346552][ T4205] vlan0: entered allmulticast mode
[  654.347499][   T29] audit: type=1326 audit(654.325:153981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4193 comm="syz.3.12757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f994685efc9 code=0x7ffc0000
[  654.347868][   T29] audit: type=1400 audit(654.325:153982): avc:  denied  { nlmsg_write } for  pid=4208 comm="syz.1.12760" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  654.414673][   T29] audit: type=1400 audit(654.395:153983): avc:  denied  { bind } for  pid=4215 comm="syz.3.12762" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  654.416023][   T29] audit: type=1400 audit(654.395:153984): avc:  denied  { setopt } for  pid=4215 comm="syz.3.12762" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  654.630397][ T4230] FAULT_INJECTION: forcing a failure.
[  654.630397][ T4230] name failslab, interval 1, probability 0, space 0, times 0
[  654.630433][ T4230] CPU: 0 UID: 0 PID: 4230 Comm: syz.5.12767 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  654.630533][ T4230] Tainted: [W]=WARN
[  654.630541][ T4230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  654.630553][ T4230] Call Trace:
[  654.630558][ T4230]  <TASK>
[  654.630565][ T4230]  __dump_stack+0x1d/0x30
[  654.630590][ T4230]  dump_stack_lvl+0xe8/0x140
[  654.630676][ T4230]  dump_stack+0x15/0x1b
[  654.630695][ T4230]  should_fail_ex+0x265/0x280
[  654.630715][ T4230]  should_failslab+0x8c/0xb0
[  654.630795][ T4230]  kmem_cache_alloc_noprof+0x50/0x480
[  654.630824][ T4230]  ? io_submit_one+0xb8/0x11d0
[  654.630857][ T4230]  io_submit_one+0xb8/0x11d0
[  654.630892][ T4230]  __se_sys_io_submit+0xfb/0x280
[  654.631015][ T4230]  __x64_sys_io_submit+0x43/0x50
[  654.631067][ T4230]  x64_sys_call+0x2d6c/0x3000
[  654.631090][ T4230]  do_syscall_64+0xd2/0x200
[  654.631110][ T4230]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  654.631209][ T4230]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  654.631240][ T4230]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  654.631262][ T4230] RIP: 0033:0x7f2f5086efc9
[  654.631299][ T4230] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  654.631385][ T4230] RSP: 002b:00007f2f4f2d7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  654.631406][ T4230] RAX: ffffffffffffffda RBX: 00007f2f50ac5fa0 RCX: 00007f2f5086efc9
[  654.631419][ T4230] RDX: 00002000000000c0 RSI: 0000000000000001 RDI: 00007f2f4f228000
[  654.631449][ T4230] RBP: 00007f2f4f2d7090 R08: 0000000000000000 R09: 0000000000000000
[  654.631463][ T4230] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  654.631476][ T4230] R13: 00007f2f50ac6038 R14: 00007f2f50ac5fa0 R15: 00007ffff0c92998
[  654.631494][ T4230]  </TASK>
[  654.783467][ T4234] netlink: 'syz.0.12769': attribute type 1 has an invalid length.
[  654.783487][ T4234] netlink: 'syz.0.12769': attribute type 6 has an invalid length.
[  654.783503][ T4234] netlink: 'syz.0.12769': attribute type 3 has an invalid length.
[  654.905468][ T4237] hub 6-0:1.0: USB hub found
[  654.905985][ T4237] hub 6-0:1.0: 8 ports detected
[  654.939244][ T4216] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  654.942287][ T4216] loop3: detected capacity change from 0 to 512
[  654.943047][ T4216] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  654.944791][ T4216] EXT4-fs (loop3): 1 truncate cleaned up
[  654.945248][ T4216] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  654.962280][ T4242] __nla_validate_parse: 24 callbacks suppressed
[  654.962298][ T4242] netlink: 76 bytes leftover after parsing attributes in process `syz.1.12771'.
[  655.314168][ T4235] netlink: 8 bytes leftover after parsing attributes in process `syz.5.12768'.
[  655.324714][T27423] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  655.373126][ T4250] netlink: 8 bytes leftover after parsing attributes in process `syz.1.12775'.
[  655.382573][ T4250] netlink: 'syz.1.12775': attribute type 30 has an invalid length.
[  655.466952][ T4256] bridge0: port 2(bridge_slave_1) entered disabled state
[  655.474442][ T4256] bridge0: port 1(bridge_slave_0) entered disabled state
[  655.560815][ T4256] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  655.571054][ T4256] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  655.626225][T30917] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  655.638275][T13152] syz1: Port: 1 Link DOWN
[  655.645465][ T4264] netlink: 12 bytes leftover after parsing attributes in process `syz.4.12779'.
[  655.654726][ T4264] netlink: 28 bytes leftover after parsing attributes in process `syz.4.12779'.
[  655.663867][ T4264] netlink: 12 bytes leftover after parsing attributes in process `syz.4.12779'.
[  655.737823][T30917] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  655.749059][T30917] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  655.787742][T30917] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  655.831663][ T4272] hub 6-0:1.0: USB hub found
[  655.837893][T30917] netdevsim netdevsim0 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  655.846659][T30917] netdevsim netdevsim0 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  655.848631][ T4272] hub 6-0:1.0: 8 ports detected
[  655.891440][T30917] netdevsim netdevsim0 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  655.899914][T30917] netdevsim netdevsim0 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  655.946672][T30917] netdevsim netdevsim0 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  655.955230][T30917] netdevsim netdevsim0 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  656.003185][T30917] netdevsim netdevsim0 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  656.009562][ T4274] loop0: detected capacity change from 0 to 512
[  656.011678][T30917] netdevsim netdevsim0 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  656.070180][ T4274] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  656.120546][ T4274] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  656.295595][ T4279] netlink: 8 bytes leftover after parsing attributes in process `syz.0.12782'.
[  656.347713][ T4281] netlink: 24 bytes leftover after parsing attributes in process `syz.3.12784'.
[  656.361069][ T4283] netlink: 76 bytes leftover after parsing attributes in process `syz.1.12785'.
[  656.442986][ T4285] af_packet: tpacket_rcv: packet too big, clamped from 48 to 4294967272. macoff=96
[  656.474905][ T4287] netlink: 20 bytes leftover after parsing attributes in process `syz.4.12787'.
[  656.548640][ T4289] loop3: detected capacity change from 0 to 512
[  656.615609][ T4289] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  656.631626][ T4289] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  656.754622][ T4297] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4297 comm=syz.4.12790
[  656.788911][ T4297] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  656.797668][ T4297] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  656.819147][T30913] Bluetooth: hci0: Frame reassembly failed (-84)
[  657.346407][ T4336] loop0: detected capacity change from 0 to 512
[  657.405249][ T4342] vlan0: entered allmulticast mode
[  657.464576][ T4338] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4338 comm=syz.3.12804
[  657.501488][ T4338] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  657.530828][ T4338] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  657.569008][T30914] Bluetooth: hci1: Frame reassembly failed (-84)
[  658.428238][ T4361] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  658.828191][T30802] Bluetooth: hci0: command 0x1003 tx timeout
[  658.834583][ T3544] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  658.871739][ T4370] loop0: detected capacity change from 0 to 512
[  658.949934][ T4370] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  658.978762][ T4370] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  659.014741][ T4377] hub 6-0:1.0: USB hub found
[  659.021784][ T4377] hub 6-0:1.0: 8 ports detected
[  659.111242][ T4380] vlan2: entered allmulticast mode
[  659.239660][ T4388] loop1: detected capacity change from 0 to 512
[  659.251349][ T4388] EXT4-fs warning (device loop1): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  659.267085][ T4388] EXT4-fs (loop1): mount failed
[  659.348661][   T29] kauditd_printk_skb: 2036 callbacks suppressed
[  659.348675][   T29] audit: type=1326 audit(659.335:156020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4369 comm="syz.0.12814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7ff838c91885 code=0x7ffc0000
[  659.378588][   T29] audit: type=1326 audit(659.365:156021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4369 comm="syz.0.12814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7ff838c91885 code=0x7ffc0000
[  659.409737][   T29] audit: type=1326 audit(659.385:156022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4369 comm="syz.0.12814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7ff838c91885 code=0x7ffc0000
[  659.432909][   T29] audit: type=1326 audit(659.385:156023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4369 comm="syz.0.12814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7ff838c91885 code=0x7ffc0000
[  659.456315][   T29] audit: type=1326 audit(659.385:156024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4369 comm="syz.0.12814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7ff838c91885 code=0x7ffc0000
[  659.479679][   T29] audit: type=1326 audit(659.385:156025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4369 comm="syz.0.12814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7ff838c91885 code=0x7ffc0000
[  659.503167][   T29] audit: type=1326 audit(659.395:156026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4369 comm="syz.0.12814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7ff838c91885 code=0x7ffc0000
[  659.529376][   T29] audit: type=1326 audit(659.515:156027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4369 comm="syz.0.12814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7ff838c91885 code=0x7ffc0000
[  659.579338][   T29] audit: type=1326 audit(659.535:156028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4369 comm="syz.0.12814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7ff838c91885 code=0x7ffc0000
[  659.602870][   T29] audit: type=1326 audit(659.535:156029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4369 comm="syz.0.12814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7ff838c91885 code=0x7ffc0000
[  659.632333][ T3544] Bluetooth: hci1: command 0x1003 tx timeout
[  659.638592][   T44] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  659.719936][ T4417] FAULT_INJECTION: forcing a failure.
[  659.719936][ T4417] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  659.733196][ T4417] CPU: 0 UID: 0 PID: 4417 Comm: syz.1.12830 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  659.733235][ T4417] Tainted: [W]=WARN
[  659.733244][ T4417] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  659.733259][ T4417] Call Trace:
[  659.733268][ T4417]  <TASK>
[  659.733277][ T4417]  __dump_stack+0x1d/0x30
[  659.733304][ T4417]  dump_stack_lvl+0xe8/0x140
[  659.733392][ T4417]  dump_stack+0x15/0x1b
[  659.733467][ T4417]  should_fail_ex+0x265/0x280
[  659.733489][ T4417]  should_fail+0xb/0x20
[  659.733507][ T4417]  should_fail_usercopy+0x1a/0x20
[  659.733526][ T4417]  _copy_from_user+0x1c/0xb0
[  659.733556][ T4417]  ___sys_sendmsg+0xc1/0x1d0
[  659.733583][ T4417]  __x64_sys_sendmsg+0xd4/0x160
[  659.733603][ T4417]  x64_sys_call+0x191e/0x3000
[  659.733637][ T4417]  do_syscall_64+0xd2/0x200
[  659.733654][ T4417]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  659.733679][ T4417]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  659.733775][ T4417]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  659.733821][ T4417] RIP: 0033:0x7f04db1befc9
[  659.733885][ T4417] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  659.733902][ T4417] RSP: 002b:00007f04d9c1f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  659.733921][ T4417] RAX: ffffffffffffffda RBX: 00007f04db415fa0 RCX: 00007f04db1befc9
[  659.733933][ T4417] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000005
[  659.733944][ T4417] RBP: 00007f04d9c1f090 R08: 0000000000000000 R09: 0000000000000000
[  659.733956][ T4417] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  659.734036][ T4417] R13: 00007f04db416038 R14: 00007f04db415fa0 R15: 00007ffc684b3318
[  659.734053][ T4417]  </TASK>
[  659.965681][ T4425] loop1: detected capacity change from 0 to 1024
[  659.980194][ T4425] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (58532!=20869)
[  659.982125][ T4425] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a040e11d, mo2=0002]
[  659.982213][ T4425] EXT4-fs (loop1): failed to initialize system zone (-117)
[  659.982241][ T4425] EXT4-fs (loop1): mount failed
[  660.024498][ T4432] __nla_validate_parse: 34 callbacks suppressed
[  660.024515][ T4432] netlink: 4 bytes leftover after parsing attributes in process `syz.5.12836'.
[  660.057698][ T4432] netlink: 12 bytes leftover after parsing attributes in process `syz.5.12836'.
[  660.082540][ T4437] netlink: 224 bytes leftover after parsing attributes in process `syz.4.12838'.
[  660.155840][ T4437] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4437 comm=syz.4.12838
[  660.177676][ T4446] netlink: 8 bytes leftover after parsing attributes in process `syz.5.12839'.
[  660.185524][ T4437] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  660.196494][ T4437] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  660.207714][T30914] Bluetooth: hci0: Frame reassembly failed (-84)
[  660.239883][ T4452] loop1: detected capacity change from 0 to 512
[  660.246633][ T4452] EXT4-fs: Ignoring removed i_version option
[  660.255942][ T4452] EXT4-fs error (device loop1): ext4_xattr_inode_iget:446: comm syz.1.12843: error while reading EA inode 32 err=-116
[  660.269337][ T4452] EXT4-fs error (device loop1): ext4_xattr_inode_iget:446: comm syz.1.12843: error while reading EA inode 32 err=-116
[  660.282406][ T4452] EXT4-fs (loop1): 1 orphan inode deleted
[  660.288779][ T4452] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  660.313950][ T3690] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  660.383782][ T4457] hub 6-0:1.0: USB hub found
[  660.389078][ T4457] hub 6-0:1.0: 8 ports detected
[  660.420296][ T4461] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  660.430016][ T4462] netlink: 224 bytes leftover after parsing attributes in process `syz.1.12847'.
[  660.451006][ T4462] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4462 comm=syz.1.12847
[  660.465741][ T4462] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  660.475912][ T4462] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  660.485570][T30918] Bluetooth: hci1: Frame reassembly failed (-84)
[  660.614053][ T4468] FAULT_INJECTION: forcing a failure.
[  660.614053][ T4468] name failslab, interval 1, probability 0, space 0, times 0
[  660.627018][ T4468] CPU: 0 UID: 0 PID: 4468 Comm: syz.3.12848 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  660.627076][ T4468] Tainted: [W]=WARN
[  660.627084][ T4468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  660.627098][ T4468] Call Trace:
[  660.627106][ T4468]  <TASK>
[  660.627112][ T4468]  __dump_stack+0x1d/0x30
[  660.627203][ T4468]  dump_stack_lvl+0xe8/0x140
[  660.627253][ T4468]  dump_stack+0x15/0x1b
[  660.627266][ T4468]  should_fail_ex+0x265/0x280
[  660.627291][ T4468]  should_failslab+0x8c/0xb0
[  660.627309][ T4468]  kmem_cache_alloc_noprof+0x50/0x480
[  660.627328][ T4468]  ? getname_flags+0x80/0x3b0
[  660.627414][ T4468]  getname_flags+0x80/0x3b0
[  660.627495][ T4468]  do_sys_openat2+0x60/0x110
[  660.627510][ T4468]  __x64_sys_openat+0xf2/0x120
[  660.627564][ T4468]  x64_sys_call+0x2eab/0x3000
[  660.627579][ T4468]  do_syscall_64+0xd2/0x200
[  660.627593][ T4468]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  660.627691][ T4468]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  660.627711][ T4468]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  660.627726][ T4468] RIP: 0033:0x7f994685efc9
[  660.627803][ T4468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  660.627824][ T4468] RSP: 002b:00007f99452c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  660.627887][ T4468] RAX: ffffffffffffffda RBX: 00007f9946ab5fa0 RCX: 00007f994685efc9
[  660.627899][ T4468] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  660.627935][ T4468] RBP: 00007f99452c7090 R08: 0000000000000000 R09: 0000000000000000
[  660.627949][ T4468] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  660.627962][ T4468] R13: 00007f9946ab6038 R14: 00007f9946ab5fa0 R15: 00007fffec79afe8
[  660.627983][ T4468]  </TASK>
[  660.828598][ T4471] netlink: 12 bytes leftover after parsing attributes in process `syz.0.12849'.
[  660.837775][ T4471] netlink: 28 bytes leftover after parsing attributes in process `syz.0.12849'.
[  660.846994][ T4471] netlink: 12 bytes leftover after parsing attributes in process `syz.0.12849'.
[  661.143627][ T4490] netlink: 8 bytes leftover after parsing attributes in process `syz.5.12852'.
[  661.210512][ T4492] xt_limit: Overflow, try lower: 0/0
[  661.229452][ T4492] A link change request failed with some changes committed already. Interface ip_vti0 may have been left with an inconsistent configuration, please check.
[  661.252010][ T4492] tipc: Started in network mode
[  661.256918][ T4492] tipc: Node identity 4, cluster identity 4711
[  661.263382][ T4492] tipc: Node number set to 4
[  661.452157][ T4480] chnl_net:caif_netlink_parms(): no params data found
[  661.491639][ T4480] bridge0: port 1(bridge_slave_0) entered blocking state
[  661.498826][ T4480] bridge0: port 1(bridge_slave_0) entered disabled state
[  661.506355][ T4480] bridge_slave_0: entered allmulticast mode
[  661.513223][ T4480] bridge_slave_0: entered promiscuous mode
[  661.525024][ T4480] bridge0: port 2(bridge_slave_1) entered blocking state
[  661.532258][ T4480] bridge0: port 2(bridge_slave_1) entered disabled state
[  661.539817][ T4480] bridge_slave_1: entered allmulticast mode
[  661.546492][ T4480] bridge_slave_1: entered promiscuous mode
[  661.579155][ T4511] 9pnet_fd: Insufficient options for proto=fd
[  661.597696][ T4480] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  661.609162][ T4480] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  661.637986][ T4480] team0: Port device team_slave_0 added
[  661.645529][ T4480] team0: Port device team_slave_1 added
[  661.668480][ T4480] batman_adv: batadv0: Adding interface: batadv_slave_0
[  661.675511][ T4480] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  661.702153][ T4480] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  661.714451][ T4480] batman_adv: batadv0: Adding interface: batadv_slave_1
[  661.721608][ T4480] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  661.748570][ T4480] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  661.776481][ T4524] loop0: detected capacity change from 0 to 512
[  661.786658][ T4480] hsr_slave_0: entered promiscuous mode
[  661.793249][ T4480] hsr_slave_1: entered promiscuous mode
[  661.799420][ T4480] debugfs: 'hsr0' already exists in 'hsr'
[  661.805187][ T4480] Cannot create hsr debugfs directory
[  661.809860][ T4524] EXT4-fs warning (device loop0): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  661.825966][ T4524] EXT4-fs (loop0): mount failed
[  661.899413][ T4534] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pid=4534 comm=syz.5.12864
[  661.903355][ T4533] hub 6-0:1.0: USB hub found
[  661.914761][ T4534] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pid=4534 comm=syz.5.12864
[  661.917278][ T4533] hub 6-0:1.0: 8 ports detected
[  661.930010][ T4534] netlink: 36 bytes leftover after parsing attributes in process `syz.5.12864'.
[  661.945518][ T4534] FAULT_INJECTION: forcing a failure.
[  661.945518][ T4534] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  661.958911][ T4534] CPU: 0 UID: 0 PID: 4534 Comm: syz.5.12864 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  661.958977][ T4534] Tainted: [W]=WARN
[  661.958984][ T4534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  661.958997][ T4534] Call Trace:
[  661.959003][ T4534]  <TASK>
[  661.959011][ T4534]  __dump_stack+0x1d/0x30
[  661.959089][ T4534]  dump_stack_lvl+0xe8/0x140
[  661.959112][ T4534]  dump_stack+0x15/0x1b
[  661.959133][ T4534]  should_fail_ex+0x265/0x280
[  661.959155][ T4534]  should_fail+0xb/0x20
[  661.959173][ T4534]  should_fail_usercopy+0x1a/0x20
[  661.959272][ T4534]  _copy_from_user+0x1c/0xb0
[  661.959301][ T4534]  __sys_connect+0xd0/0x2b0
[  661.959341][ T4534]  __x64_sys_connect+0x3f/0x50
[  661.959373][ T4534]  x64_sys_call+0x2c0c/0x3000
[  661.959423][ T4534]  do_syscall_64+0xd2/0x200
[  661.959445][ T4534]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  661.959541][ T4534]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  661.959573][ T4534]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  661.959636][ T4534] RIP: 0033:0x7f2f5086efc9
[  661.959653][ T4534] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  661.959672][ T4534] RSP: 002b:00007f2f4f2d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  661.959692][ T4534] RAX: ffffffffffffffda RBX: 00007f2f50ac5fa0 RCX: 00007f2f5086efc9
[  661.959705][ T4534] RDX: 000000000000001c RSI: 0000200000000200 RDI: 0000000000000008
[  661.959717][ T4534] RBP: 00007f2f4f2d7090 R08: 0000000000000000 R09: 0000000000000000
[  661.959732][ T4534] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  661.959792][ T4534] R13: 00007f2f50ac6038 R14: 00007f2f50ac5fa0 R15: 00007ffff0c92998
[  661.959809][ T4534]  </TASK>
[  662.268387][T30802] Bluetooth: hci0: command 0x1003 tx timeout
[  662.268406][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  662.301041][ T4548] validate_nla: 9 callbacks suppressed
[  662.301059][ T4548] netlink: 'syz.0.12871': attribute type 1 has an invalid length.
[  662.314886][ T4548] netlink: 'syz.0.12871': attribute type 6 has an invalid length.
[  662.322747][ T4548] netlink: 'syz.0.12871': attribute type 3 has an invalid length.
[  662.390943][T30914] bond0 (unregistering): (slave batadv0): Releasing backup interface
[  662.400192][T30914] bond0 (unregistering): Released all slaves
[  662.446739][ T4553] loop0: detected capacity change from 0 to 512
[  662.460356][ T4553] EXT4-fs warning (device loop0): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  662.476000][ T4553] EXT4-fs (loop0): mount failed
[  662.481577][T30914] hsr_slave_0: left promiscuous mode
[  662.487587][T30914] hsr_slave_1: left promiscuous mode
[  662.508219][   T44] Bluetooth: hci1: command 0x1003 tx timeout
[  662.514392][ T3544] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  662.581545][T30915] smc: removing ib device syû
[  662.601833][T30914] lo (unregistering): left allmulticast mode
[  662.906809][ T4480] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  662.919818][ T4573] siw: device registration error -23
[  662.927232][ T4575] loop0: detected capacity change from 0 to 512
[  662.941855][ T4575] EXT4-fs: Ignoring removed i_version option
[  662.953183][ T4575] EXT4-fs error (device loop0): ext4_xattr_inode_iget:446: comm syz.0.12879: error while reading EA inode 32 err=-116
[  662.966298][ T4575] EXT4-fs error (device loop0): ext4_xattr_inode_iget:446: comm syz.0.12879: error while reading EA inode 32 err=-116
[  662.979405][ T4575] EXT4-fs (loop0): 1 orphan inode deleted
[  662.985797][ T4575] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  663.002697][ T4480] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  663.011017][  T418] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  663.011711][ T4480] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  663.029609][ T4480] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  663.136000][ T4589] netlink: 'syz.4.12882': attribute type 1 has an invalid length.
[  663.144113][ T4589] netlink: 'syz.4.12882': attribute type 6 has an invalid length.
[  663.152830][ T4589] netlink: 'syz.4.12882': attribute type 3 has an invalid length.
[  663.200069][ T4480] 8021q: adding VLAN 0 to HW filter on device bond0
[  663.265803][ T4480] 8021q: adding VLAN 0 to HW filter on device team0
[  663.287323][T30918] bridge0: port 1(bridge_slave_0) entered blocking state
[  663.294445][T30918] bridge0: port 1(bridge_slave_0) entered forwarding state
[  663.339080][ T4597] netlink: 'syz.4.12884': attribute type 30 has an invalid length.
[  663.355119][T30918] bridge0: port 2(bridge_slave_1) entered blocking state
[  663.362494][T30918] bridge0: port 2(bridge_slave_1) entered forwarding state
[  663.540520][ T4480] 8021q: adding VLAN 0 to HW filter on device batadv0
[  663.707136][ T4616] hub 6-0:1.0: USB hub found
[  663.724591][ T4616] hub 6-0:1.0: 8 ports detected
[  663.821421][ T4480] veth0_vlan: entered promiscuous mode
[  663.846140][ T4480] veth1_vlan: entered promiscuous mode
[  663.894839][ T4480] veth0_macvtap: entered promiscuous mode
[  663.920604][ T4480] veth1_macvtap: entered promiscuous mode
[  663.958947][ T4480] batman_adv: batadv0: Interface activated: batadv_slave_0
[  663.981481][ T4629] netlink: 'syz.5.12892': attribute type 1 has an invalid length.
[  663.989494][ T4629] netlink: 'syz.5.12892': attribute type 6 has an invalid length.
[  663.997589][ T4629] netlink: 'syz.5.12892': attribute type 3 has an invalid length.
[  664.016891][ T4480] batman_adv: batadv0: Interface activated: batadv_slave_1
[  664.051475][T30914] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  664.073220][T30914] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  664.102268][T30914] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  664.138628][T30914] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  664.358594][   T29] kauditd_printk_skb: 2382 callbacks suppressed
[  664.358610][   T29] audit: type=1326 audit(664.345:158410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4633 comm="syz.5.12894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2f508a1885 code=0x7ffc0000
[  664.422665][   T29] audit: type=1326 audit(664.375:158411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4611 comm="syz.4.12888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fefca45efc9 code=0x7ffc0000
[  664.445913][   T29] audit: type=1326 audit(664.375:158412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4611 comm="syz.4.12888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fefca45efc9 code=0x7ffc0000
[  664.469089][   T29] audit: type=1326 audit(664.385:158413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4633 comm="syz.5.12894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2f508a1885 code=0x7ffc0000
[  664.492413][   T29] audit: type=1326 audit(664.395:158414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4633 comm="syz.5.12894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2f508a1885 code=0x7ffc0000
[  664.515743][   T29] audit: type=1326 audit(664.395:158415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4633 comm="syz.5.12894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2f508a1885 code=0x7ffc0000
[  664.539089][   T29] audit: type=1326 audit(664.395:158416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4633 comm="syz.5.12894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2f508a1885 code=0x7ffc0000
[  664.562668][   T29] audit: type=1326 audit(664.395:158417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4633 comm="syz.5.12894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2f508a1885 code=0x7ffc0000
[  664.586004][   T29] audit: type=1326 audit(664.395:158418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4633 comm="syz.5.12894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2f508a1885 code=0x7ffc0000
[  664.609494][   T29] audit: type=1326 audit(664.395:158419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4633 comm="syz.5.12894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2f508a1885 code=0x7ffc0000
[  664.669561][T25417] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  664.682392][T25417] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  664.691830][T25417] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  664.708864][T25417] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  664.745092][ T4651] syz_tun: entered allmulticast mode
[  664.791718][ T4651] syz_tun (unregistering): left allmulticast mode
[  664.811724][ T4653] hub 6-0:1.0: USB hub found
[  664.818554][ T4653] hub 6-0:1.0: 8 ports detected
[  664.853088][ T4658] loop3: detected capacity change from 0 to 512
[  664.891815][ T4658] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  664.914166][ T4658] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  664.986599][ T4665] hub 6-0:1.0: USB hub found
[  665.015801][ T4665] hub 6-0:1.0: 8 ports detected
[  665.035483][ T4672] vlan0: entered allmulticast mode
[  665.093712][ T4673] __nla_validate_parse: 16 callbacks suppressed
[  665.093757][ T4673] netlink: 16 bytes leftover after parsing attributes in process `syz.4.12908'.
[  665.109371][ T4673] netlink: 16 bytes leftover after parsing attributes in process `syz.4.12908'.
[  665.118758][ T4673] netlink: 16 bytes leftover after parsing attributes in process `syz.4.12908'.
[  665.131888][ T4675] vlan2: entered allmulticast mode
[  665.224186][ T4682] netlink: 8 bytes leftover after parsing attributes in process `syz.4.12912'.
[  665.343776][ T4693] netlink: 24 bytes leftover after parsing attributes in process `syz.1.12915'.
[  665.546702][ T4702] netlink: 8 bytes leftover after parsing attributes in process `syz.4.12918'.
[  665.584967][ T4704] netlink: 76 bytes leftover after parsing attributes in process `syz.1.12919'.
[  665.721984][ T4707] loop1: detected capacity change from 0 to 512
[  665.724277][ T4709] loop3: detected capacity change from 0 to 512
[  665.743600][ T4709] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  665.759828][ T4709] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  665.780066][ T4707] EXT4-fs warning (device loop1): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  665.826966][ T4715] netlink: 12 bytes leftover after parsing attributes in process `syz.5.12922'.
[  665.836153][ T4715] netlink: 28 bytes leftover after parsing attributes in process `syz.5.12922'.
[  665.845222][ T4715] netlink: 12 bytes leftover after parsing attributes in process `syz.5.12922'.
[  665.859932][ T4707] EXT4-fs (loop1): mount failed
[  665.972881][ T4721] loop1: detected capacity change from 0 to 512
[  666.011593][ T4721] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  666.038943][ T4721] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  666.742703][ T4750] siw: device registration error -23
[  666.833810][ T4755] vlan2: entered allmulticast mode
[  666.930141][ T4764] !yz!: rxe_newlink: already configured on team_slave_0
[  667.066005][ T4780] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  667.090150][ T4783] vlan0: entered allmulticast mode
[  667.391831][ T4798] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  667.425867][ T4798] loop3: detected capacity change from 0 to 512
[  667.442232][ T4798] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  667.480275][ T4798] EXT4-fs (loop3): 1 truncate cleaned up
[  667.509975][ T4798] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  667.620023][ T4480] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  667.697856][ T4821] loop3: detected capacity change from 0 to 512
[  667.723265][ T4825] vlan0: entered allmulticast mode
[  667.731590][ T4821] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  667.747025][ T4821] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  667.813520][ T4830] vlan0: entered allmulticast mode
[  668.326743][ T4841] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pid=4841 comm=syz.0.12973
[  668.343364][ T4841] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pid=4841 comm=syz.0.12973
[  668.396793][ T4845] hub 6-0:1.0: USB hub found
[  668.401699][ T4845] hub 6-0:1.0: 8 ports detected
[  668.436890][ T4847] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  668.447505][ T4847] loop0: detected capacity change from 0 to 512
[  668.454911][ T4847] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  668.466936][ T4847] EXT4-fs (loop0): 1 truncate cleaned up
[  668.473762][ T4847] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  668.548735][  T418] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  668.647940][ T4859] loop0: detected capacity change from 0 to 512
[  668.695739][ T4859] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.12979: couldn't read orphan inode 26 (err -116)
[  668.730291][ T4859] EXT4-fs (loop0): Remounting filesystem read-only
[  668.749028][ T4859] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  668.807045][ T4875] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4875 comm=syz.3.12985
[  668.837817][ T4875] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  668.857053][ T4875] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  669.106997][ T4891] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4891 comm=syz.4.12989
[  669.129679][ T4891] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  669.138681][ T4891] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  669.191288][  T418] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  669.219977][ T4898] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  669.232912][ T4898] loop0: detected capacity change from 0 to 512
[  669.249083][ T4898] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  669.261169][ T4898] EXT4-fs (loop0): 1 truncate cleaned up
[  669.267356][ T4898] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  669.341604][  T418] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  669.368806][   T29] kauditd_printk_skb: 3112 callbacks suppressed
[  669.368823][   T29] audit: type=1326 audit(669.355:161513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4882 comm="syz.5.12987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2f508a1885 code=0x7ffc0000
[  669.400894][   T29] audit: type=1326 audit(669.385:161514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4882 comm="syz.5.12987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2f508a1885 code=0x7ffc0000
[  669.429274][   T29] audit: type=1326 audit(669.385:161515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4882 comm="syz.5.12987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2f508a1885 code=0x7ffc0000
[  669.452827][   T29] audit: type=1326 audit(669.385:161516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4882 comm="syz.5.12987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2f508a1885 code=0x7ffc0000
[  669.476250][   T29] audit: type=1326 audit(669.385:161517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4882 comm="syz.5.12987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2f508a1885 code=0x7ffc0000
[  669.499513][   T29] audit: type=1326 audit(669.385:161518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4882 comm="syz.5.12987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2f508a1885 code=0x7ffc0000
[  669.523201][   T29] audit: type=1326 audit(669.385:161519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4882 comm="syz.5.12987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2f508a1885 code=0x7ffc0000
[  669.546720][   T29] audit: type=1326 audit(669.385:161520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4882 comm="syz.5.12987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2f508a1885 code=0x7ffc0000
[  669.570240][   T29] audit: type=1326 audit(669.395:161521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4882 comm="syz.5.12987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2f508a1885 code=0x7ffc0000
[  669.593807][   T29] audit: type=1326 audit(669.395:161522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4882 comm="syz.5.12987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2f508a1885 code=0x7ffc0000
[  669.659153][ T4910] validate_nla: 8 callbacks suppressed
[  669.659167][ T4910] netlink: 'syz.0.12995': attribute type 30 has an invalid length.
[  669.735159][ T4922] netlink: 'syz.5.12999': attribute type 1 has an invalid length.
[  669.743258][ T4922] netlink: 'syz.5.12999': attribute type 6 has an invalid length.
[  669.751296][ T4922] netlink: 'syz.5.12999': attribute type 3 has an invalid length.
[  669.822895][ T4929] !yz!: rxe_newlink: already configured on team_slave_0
[  669.997925][ T4939] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4939 comm=syz.5.13006
[  670.033922][ T4939] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  670.054153][ T4939] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  670.225028][ T4958] siw: device registration error -23
[  670.231050][ T4958] __nla_validate_parse: 30 callbacks suppressed
[  670.231068][ T4958] netlink: 4 bytes leftover after parsing attributes in process `syz.1.13011'.
[  670.237479][ T4955] loop0: detected capacity change from 0 to 512
[  670.287174][ T4955] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.13010: couldn't read orphan inode 26 (err -116)
[  670.313802][ T4955] EXT4-fs (loop0): Remounting filesystem read-only
[  670.338694][ T4955] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  670.374630][  T418] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  670.430787][ T4967] siw: device registration error -23
[  670.436994][ T4967] netlink: 4 bytes leftover after parsing attributes in process `syz.1.13014'.
[  670.476074][ T4974] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  670.589356][ T4977] netlink: 'syz.1.13016': attribute type 1 has an invalid length.
[  670.597375][ T4977] netlink: 'syz.1.13016': attribute type 6 has an invalid length.
[  670.605271][ T4977] netlink: 'syz.1.13016': attribute type 3 has an invalid length.
[  670.613193][ T4977] netlink: 24 bytes leftover after parsing attributes in process `syz.1.13016'.
[  670.703195][ T4981] syz_tun: entered allmulticast mode
[  670.710347][ T4981] netlink: 4 bytes leftover after parsing attributes in process `syz.1.13018'.
[  670.721847][ T4981] syz_tun (unregistering): left allmulticast mode
[  670.776381][ T4984] netlink: 12 bytes leftover after parsing attributes in process `syz.0.13019'.
[  670.785612][ T4984] netlink: 28 bytes leftover after parsing attributes in process `syz.0.13019'.
[  670.795035][ T4984] netlink: 12 bytes leftover after parsing attributes in process `syz.0.13019'.
[  670.908406][   T44] Bluetooth: hci0: command 0x1003 tx timeout
[  670.914454][ T3544] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  670.960745][ T4990] loop0: detected capacity change from 0 to 512
[  670.994095][ T4990] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  671.034524][ T4990] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  671.130294][ T4995] netlink: 8 bytes leftover after parsing attributes in process `syz.0.13020'.
[  671.256295][ T4998] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  671.266860][ T4998] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  671.326253][ T4999] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  671.336272][ T4998] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  671.347140][ T4998] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  671.368981][ T5004] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  671.378785][ T5004] loop1: detected capacity change from 0 to 512
[  671.385844][ T5004] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  671.399283][ T5004] EXT4-fs (loop1): 1 truncate cleaned up
[  671.405327][ T5004] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  671.406241][ T4998] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  671.428327][ T4998] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  671.449521][ T3690] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  671.497569][ T5012] netlink: 224 bytes leftover after parsing attributes in process `syz.5.13027'.
[  671.511959][ T4998] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  671.522626][ T4998] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  671.534604][ T5014] netlink: 12 bytes leftover after parsing attributes in process `syz.3.13028'.
[  671.565557][ T5012] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5012 comm=syz.5.13027
[  671.580523][ T5012] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  671.594278][ T5012] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  671.626903][T30915] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  671.635354][T30915] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  671.662820][ T5026] lo: entered allmulticast mode
[  671.667900][T30915] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  671.676350][T30915] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  671.692621][T30915] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  671.700878][T30915] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  671.711932][T30915] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  671.720307][T30915] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  671.962852][ T5049] loop3: detected capacity change from 0 to 512
[  671.977226][ T5044] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  671.989334][ T5049] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  672.059944][ T5049] EXT4-fs (loop3): 1 truncate cleaned up
[  672.070293][ T5049] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  672.118314][ T4480] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  672.142658][ T5057] IPv6: NLM_F_CREATE should be specified when creating new route
[  672.251777][ T5063] loop3: detected capacity change from 0 to 512
[  672.275894][ T5063] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.13041: couldn't read orphan inode 26 (err -116)
[  672.338570][ T5063] EXT4-fs (loop3): Remounting filesystem read-only
[  672.352043][ T5063] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  672.697171][ T4480] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  672.727298][ T5097] !yz!: rxe_newlink: already configured on team_slave_0
[  672.788877][ T5104] syz_tun: entered allmulticast mode
[  672.827095][ T5104] syz_tun (unregistering): left allmulticast mode
[  672.891595][ T5106] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5106 comm=syz.4.13052
[  672.910209][ T5106] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  672.919291][ T5106] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  672.921160][T25417] Bluetooth: hci0: Frame reassembly failed (-84)
[  673.014002][ T5117] siw: device registration error -23
[  673.025370][ T5121] loop3: detected capacity change from 0 to 512
[  673.041713][ T5121] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  673.072310][ T5121] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  673.150827][ T5131] netlink: 'syz.5.13061': attribute type 30 has an invalid length.
[  673.285733][ T5138] netlink: 'syz.0.13064': attribute type 1 has an invalid length.
[  673.293649][ T5138] netlink: 'syz.0.13064': attribute type 6 has an invalid length.
[  673.428498][ T5145] loop0: detected capacity change from 0 to 512
[  673.452101][ T5145] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  673.466657][ T5145] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  673.957193][ T5162] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  673.967801][ T5162] loop3: detected capacity change from 0 to 512
[  673.983125][ T5162] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  673.996374][ T5162] EXT4-fs (loop3): 1 truncate cleaned up
[  673.996488][ T5165] ==================================================================
[  673.996512][ T5165] BUG: KCSAN: data-race in _prb_read_valid / prb_reserve
[  673.996540][ T5165] 
[  673.996547][ T5165] write to 0xffffffff868d8718 of 88 bytes by task 5162 on cpu 1:
[  673.996565][ T5165]  prb_reserve+0x695/0xaf0
[  673.996585][ T5165]  vprintk_store+0x56d/0x860
[  673.996611][ T5165]  vprintk_emit+0x10d/0x580
[  673.996635][ T5165]  vprintk_default+0x26/0x30
[  673.996670][ T5165]  vprintk+0x1d/0x30
[  673.996700][ T5165]  _printk+0x79/0xa0
[  673.996732][ T5165]  __ext4_msg+0x18f/0x1a0
[  673.996752][ T5165]  ext4_orphan_cleanup+0x938/0xa00
[  673.996778][ T5165]  ext4_fill_super+0x3483/0x3810
[  673.996802][ T5165]  get_tree_bdev_flags+0x291/0x300
[  673.996829][ T5165]  get_tree_bdev+0x1f/0x30
[  673.996823][ T5162] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  673.996856][ T5165]  ext4_get_tree+0x1c/0x30
[  673.996877][ T5165]  vfs_get_tree+0x57/0x1d0
[  673.996904][ T5165]  do_new_mount+0x24d/0x660
[  673.996930][ T5165]  path_mount+0x4a5/0xb70
[  673.996953][ T5165]  __se_sys_mount+0x28c/0x2e0
[  673.996977][ T5165]  __x64_sys_mount+0x67/0x80
[  673.997000][ T5165]  x64_sys_call+0x2b51/0x3000
[  673.997021][ T5165]  do_syscall_64+0xd2/0x200
[  673.997038][ T5165]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  673.997057][ T5165] 
[  673.997063][ T5165] read to 0xffffffff868d8718 of 8 bytes by task 5165 on cpu 0:
[  673.997080][ T5165]  _prb_read_valid+0x1c4/0x920
[  673.997101][ T5165]  prb_read_valid+0x3c/0x60
[  673.997121][ T5165]  printk_get_next_message+0xc8/0x510
[  673.997146][ T5165]  console_flush_all+0x290/0x6a0
[  673.997172][ T5165]  console_unlock+0xa1/0x2e0
[  673.997198][ T5165]  con_flush_chars+0xb2/0x1b0
[  673.997223][ T5165]  con_write+0x2e/0x40
[  673.997245][ T5165]  n_tty_write+0x7ca/0xb40
[  673.997272][ T5165]  file_tty_write+0x378/0x690
[  673.997295][ T5165]  tty_write+0x25/0x30
[  673.997316][ T5165]  vfs_write+0x52a/0x960
[  673.997338][ T5165]  ksys_write+0xda/0x1a0
[  673.997359][ T5165]  __x64_sys_write+0x40/0x50
[  673.997385][ T5165]  x64_sys_call+0x2802/0x3000
[  673.997432][ T5165]  do_syscall_64+0xd2/0x200
[  673.997454][ T5165]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  673.997478][ T5165] 
[  673.997484][ T5165] value changed: 0x0000000000002baf -> 0x0000000000004baf
[  673.997496][ T5165] 
[  673.997501][ T5165] Reported by Kernel Concurrency Sanitizer on:
[  673.997517][ T5165] CPU: 0 UID: 0 PID: 5165 Comm:  Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  673.997546][ T5165] Tainted: [W]=WARN
[  673.997554][ T5165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  673.997568][ T5165] ==================================================================
[  674.055031][ T4480] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  674.449878][   T29] kauditd_printk_skb: 2980 callbacks suppressed
[  674.449897][   T29] audit: type=1400 audit(674.435:164500): avc:  denied  { nlmsg_read } for  pid=5167 comm="syz.3.13076" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  674.508230][   T29] audit: type=1400 audit(674.435:164501): avc:  denied  { create } for  pid=5167 comm="syz.3.13076" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[  674.527693][   T29] audit: type=1400 audit(674.435:164502): avc:  denied  { sys_admin } for  pid=5167 comm="syz.3.13076" capability=21  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1
[  674.548778][   T29] audit: type=1400 audit(674.485:164503): avc:  denied  { create } for  pid=5167 comm="syz.3.13076" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  674.988308][ T3544] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  674.995586][   T29] audit: type=1326 audit(674.975:164504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5105 comm="syz.4.13052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fefca45efc9 code=0x7ffc0000
[  675.019569][   T29] audit: type=1326 audit(675.005:164505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5105 comm="syz.4.13052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fefca45efc9 code=0x7ffc0000