last executing test programs:

4.190652387s ago: executing program 3 (id=241):
openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = socket$kcm(0xa, 0x5, 0x0)
sendmsg$inet(r0, &(0x7f0000000380)={&(0x7f0000000040)={0xa, 0x0, @local}, 0x1c, &(0x7f0000000180)=[{&(0x7f0000000080)="a2", 0x34000}], 0x8, 0x0, 0x0, 0x2044}, 0x60)
sendmsg$inet(r0, &(0x7f0000000580)={&(0x7f0000000340)={0x2, 0x4e22, @loopback}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000400)="0c518b0a75", 0x5}], 0x1}, 0x8844) (fail_nth: 10)

3.808663965s ago: executing program 3 (id=243):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r2, 0x0, 0x80000}, 0x18)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sysvipc/msg\x00', 0x0, 0x0)
write$binfmt_script(r0, &(0x7f0000000000)={'#! ', './file0'}, 0xb)
times(0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000d40)={0x44, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x44}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f0000000000)={0x0, 0xeff9, &(0x7f0000000240)={&(0x7f0000000040)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast1=0xe0004001}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x0)

3.494971284s ago: executing program 3 (id=250):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000540)=@raw={'raw\x00', 0x8, 0x3, 0x4d8, 0x340, 0x11, 0x148, 0x340, 0x0, 0x440, 0x2a8, 0x2a8, 0x440, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'ip_vti0\x00', {0x0, 0x0, 0x3f, 0x0, 0x88000000, 0x3, 0x7}}}, @common=@unspec=@bpf1={{0x230}, @pinned={0x1, 0x0, 0x0, './file0\x00'}}]}, @unspec=@CT0={0x48}}, {{@ip={@multicast2, @empty, 0x0, 0x0, 'vlan0\x00', 'netdevsim0\x00'}, 0x0, 0xd0, 0x100, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@unspec=@quota={{0x38}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x538)

3.405770284s ago: executing program 3 (id=254):
bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB], 0x48)
socket$inet6(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="3400000014000905000000000000000002000000", @ANYRES32, @ANYBLOB="1400060000000000000000000000000000000000080002"], 0x34}}, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='rseq_update\x00', r0, 0x0, 0x8}, 0x18)
socket$inet_udp(0x2, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='kfree\x00', r2, 0x0, 0xfe}, 0x18)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000800)={0x20, 0x2, 0x1, 0x5, 0x0, 0x0, {0x5, 0x0, 0x7}, [@CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0x202}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x404c051}, 0x2004c0c4)
process_vm_writev(0x0, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0)

3.351646004s ago: executing program 3 (id=256):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x8, 0x3, 0x4c8, 0x340, 0x25, 0x148, 0x0, 0x60, 0x488, 0x2a8, 0x2a8, 0x488, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2a0, 0x2e8, 0x0, {0x200003ae, 0x7f00}, [@common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@empty, @empty, 0x0, 0x0, 'syzkaller0\x00', 'veth0_to_team\x00'}, 0x0, 0xe8, 0x148, 0x0, {}, [@common=@set={{0x40}}, @common=@unspec=@statistic={{0x38}}]}, @common=@SET={0x60}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x528)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000440)=ANY=[], &(0x7f0000000440)='GPL\x00', 0x101, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3, 0x0, 0x1}, 0x18)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000b40)=ANY=[@ANYRES8=r4], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYRES8=r3, @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095", @ANYBLOB="31bfb607cd66b003f340d1cc21f0d130fa4e9e665568e1965ba79b0fb56f7072dd049e7c32480062ec0dd6cf51e9ffd1aec0cdfd26d778a5a9"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x1, &(0x7f0000000540)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r6, 0xc0502100, &(0x7f0000000340)={0x0, <r7=>0x0})
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x2d)
r8 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r8, 0xc004743e, 0x20001400)
ioctl$TUNSETOFFLOAD(r8, 0x8004745a, 0x2000000c)
r9 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000300)='./cgroup/syz0\x00', 0x200002, 0x0)
r10 = openat$cgroup_procs(r9, &(0x7f0000000140)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r10, &(0x7f00000001c0), 0x74)
sched_setscheduler(r7, 0x1, &(0x7f0000000200)=0x4)
syz_open_dev$MSR(&(0x7f00000001c0), 0x8, 0x0)

2.149837949s ago: executing program 1 (id=276):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)

2.087750758s ago: executing program 2 (id=279):
sendmsg$TIPC_CMD_GET_BEARER_NAMES(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24000010}, 0x4004010)
capset(0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000001b40)='sched_switch\x00', r2}, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
r3 = shmget$private(0x0, 0x3000, 0x800, &(0x7f0000ffd000/0x3000)=nil)
shmctl$SHM_LOCK(r3, 0xb)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00'}, 0x18)

2.041362548s ago: executing program 2 (id=280):
socket$tipc(0x1e, 0x5, 0x0)
recvfrom$inet_nvme(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x39)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000080)={'vxcan0\x00'})
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, 0xffffffffffffffff, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, &(0x7f0000001380)=""/4080, 0xff0, 0x0, 0x0}, &(0x7f0000000000)=0x40)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
sendto$inet(r3, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10)
sendto$inet(r3, &(0x7f0000000700)="0c268a927f1f6588b967481241ba78600a34f65ac618ded8974895abeaf4b4834ff959bcecc7a95425a3a07e758044ab4ea6f7c555d88fecf90b037511bf746bec66ba", 0x994b6e03113064ae, 0x0, 0x0, 0x0)
recvmsg(r3, &(0x7f0000001500)={0x0, 0xa, &(0x7f0000002200)=[{&(0x7f00000035c0)=""/4106, 0x200045ca}], 0x1, 0x0, 0x46, 0x407006}, 0x104)
setsockopt$inet_sctp_SCTP_AUTOCLOSE(r3, 0x84, 0x4, &(0x7f0000000000)=0xfef, 0x4)

1.983212278s ago: executing program 0 (id=281):
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$int_in(r1, 0x5421, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYRESHEX=0x0, @ANYRES8=r0, @ANYRES64=r1, @ANYRESHEX=r0], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000840)={'batadv_slave_1\x00', <r7=>0x0})
r8 = syz_open_dev$loop(&(0x7f00000005c0), 0x61, 0x75f81a93ddde66ff)
ioctl$BLKTRACESTART(r8, 0x1274, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(r6, 0x29, 0x23, &(0x7f0000000ac0)={{{@in=@private, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0}}, {{@in6=@loopback}, 0x0, @in=@remote}}, &(0x7f0000000380)=0xe8)
sendmsg$nl_xfrm(r6, &(0x7f0000000a80)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000a40)={&(0x7f00000006c0)=@delpolicy={0x98, 0x14, 0x0, 0x70bd28, 0x25dfdbfd, {{@in6=@mcast2, @in=@multicast1, 0x4e23, 0x0, 0x4e21, 0x0, 0x2, 0x80, 0x80, 0x33, r7, r9}}, [@replay_esn_val={0x2c, 0x17, {0x4, 0x70bd2d, 0x70bd28, 0x70bd25, 0x70bd2b, 0x40b7, [0xb4a3, 0x2, 0x7, 0x3]}}, @encap={0x1c, 0x4, {0xfffffffffffffffb, 0x4e21, 0x4e24, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}]}, 0x98}, 0x1, 0x0, 0x0, 0x20008084}, 0x4000000)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x18}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock_addr, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r10 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r10, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="40000000120005010000010000000000050019000000000028001a"], 0x40}}, 0x0)
socket$kcm(0x11, 0xa, 0x300)
r11 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r11, 0x5, 0x0, 0x0, 0x0, 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
r12 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r12, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
sendmsg$NFT_BATCH(r12, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x58, 0x16, 0xa, 0x203, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x2c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'syz_tun\x00'}]}]}]}], {0x14}}, 0x80}}, 0x0)
syz_emit_ethernet(0x42, &(0x7f0000000280)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @broadcast, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0xc, 0x11, 0x0, @remote, @mcast2, {[], {0x0, 0xe22, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x8, 0x100, @void}}}}}}}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'lo\x00', <r13=>0x0})
mq_open(&(0x7f0000000240)='\x00', 0x40, 0x0, &(0x7f00000007c0)={0x4, 0xffffffff, 0x9})
sendmsg$nl_route_sched(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000300)=@newqdisc={0x48, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r13, {0x0, 0xffe0}, {0xffff, 0xffff}, {0x4}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0xbfed, "3d6532ace1e66f902d4b5d3dddf25a74"}}}]}, 0x48}}, 0x8840)

1.779914827s ago: executing program 0 (id=282):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = getpgrp(0xffffffffffffffff)
sched_rr_get_interval(r1, &(0x7f0000000080))
r2 = syz_open_procfs(0x0, &(0x7f00000006c0)='net/udp6\x00')
preadv(r2, &(0x7f0000000240)=[{&(0x7f00000004c0)=""/152, 0x98}, {&(0x7f0000000580)=""/142, 0x2000060e}], 0x2, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000004000004850000006d00000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x4, 0x1e3}, &(0x7f00000004c0)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0})
clock_nanosleep(0x2, 0x0, &(0x7f0000000100)={0x77359400}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{}, &(0x7f0000000000), &(0x7f0000000040)='%ps    \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, &(0x7f0000000640)=@framed={{}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x1ff}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x90, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
prctl$PR_SET_IO_FLUSHER(0x39, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB], 0x48)

1.559086096s ago: executing program 1 (id=286):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
r1 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x201, 0x2)
ioctl$USBDEVFS_FREE_STREAMS(r1, 0x8008551d, &(0x7f0000000300)={0xbf3, 0x1a, [{0x1}, {0xe}, {0xb}, {0x7, 0x1}, {0xc}, {0xb}, {0xf, 0x1}, {0xd}, {0x8}, {0xb}, {0x6}, {0x6, 0x1}, {0x1}, {0xc, 0x1}, {0x7, 0x1}, {0xb, 0x1}, {}, {0xe}, {0x0, 0x1}, {0xb, 0x1}, {0x3}, {0xf}, {0xd, 0x1}, {0x9}, {0xf}, {0x4}]})

1.479947826s ago: executing program 1 (id=287):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
r1 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x201, 0x2)
ioctl$USBDEVFS_FREE_STREAMS(r1, 0x8008551d, &(0x7f0000000300)={0xbf3, 0x1a, [{0x1}, {0xe}, {0xb}, {0x7, 0x1}, {0xc}, {0xb}, {0xf, 0x1}, {0xd}, {0x8}, {0xb}, {0x6}, {0x6, 0x1}, {0x1}, {0xc, 0x1}, {0x7, 0x1}, {0xb, 0x1}, {}, {0xe}, {0x0, 0x1}, {0xb, 0x1}, {0x3}, {0xf}, {0xd, 0x1}, {0x9}, {0xf}, {0x4}]})

1.454850116s ago: executing program 1 (id=288):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000500000002"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000540)='sched_switch\x00', r2, 0x0, 0x1000}, 0x18)
io_setup(0x8, &(0x7f0000004200)=<r3=>0x0)
io_pgetevents(r3, 0x3, 0x3, &(0x7f0000000440)=[{}, {}, {}], 0x0, 0x0)
r4 = memfd_secret(0x80000)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b70200000000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket(0x2, 0x80805, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x3)
wait4(0x0, 0x0, 0x40000000, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002300000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r6}, 0x10)
fcntl$setlease(r4, 0x400, 0x0)
close(r4)

1.275774715s ago: executing program 4 (id=290):
sendmsg$TIPC_CMD_GET_BEARER_NAMES(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24000010}, 0x4004010)
capset(0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000001b40)='sched_switch\x00', r2}, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
r3 = shmget$private(0x0, 0x3000, 0x800, &(0x7f0000ffd000/0x3000)=nil)
shmctl$SHM_LOCK(r3, 0xb)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00'}, 0x18)

1.273854475s ago: executing program 2 (id=291):
bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB], 0x48)
socket$inet6(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="3400000014000905000000000000000002000000", @ANYRES32, @ANYBLOB="1400060000000000000000000000000000000000080002"], 0x34}}, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='rseq_update\x00', r0, 0x0, 0x8}, 0x18)
socket$inet_udp(0x2, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='kfree\x00', r2, 0x0, 0xfe}, 0x18)
r3 = syz_clone(0x200, 0x0, 0xffffffd3, 0x0, 0x0, 0x0)
process_vm_writev(r3, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0)

1.229499865s ago: executing program 4 (id=292):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a0ef010095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = epoll_create(0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000140)='sched_pi_setprio\x00', r0}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, 0x0, 0x20040010)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x1ea)
fcntl$setlease(r3, 0x400, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0, 0x0)
link(0x0, 0x0)
r4 = perf_event_open(&(0x7f0000000040)={0x6d13dcb325235162, 0x80, 0x81, 0x7c, 0x8, 0xd, 0x0, 0x3, 0x1000, 0x8, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x710, 0x7}, 0x100004, 0x800, 0x2, 0x7, 0x229, 0x9, 0x1, 0x0, 0x2, 0x0, 0x7fff}, 0xffffffffffffffff, 0xb, 0xffffffffffffffff, 0x8)
perf_event_open(&(0x7f00000003c0)={0x6, 0x80, 0x3c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp={0x0}, 0x0, 0x6, 0xffff, 0x3, 0x1ff, 0xfffffff8}, 0x0, 0xffffffffffffffff, r4, 0x2)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r5}, 0x10)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYRES64=r1], 0xa0}, 0x1, 0x0, 0x0, 0x20040080}, 0x0)
r7 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r7, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000001c0)="d80000001c0081064e81f782db44b9040a1d08040e00000000000aa1180002000600142603600e1208000f0000810401a8001605200001400200000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0))
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r9}, 0x10)

1.113607345s ago: executing program 4 (id=293):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000c80)=@framed={{}, [@printk={@llu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x5}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x3, 0x5, 0x1000, 0xffffffffffffffff, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r4}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
setsockopt$inet_opts(r1, 0x0, 0x80000000000008, &(0x7f0000000580)="0f", 0x1)
bpf$OBJ_PIN_PROG(0x6, &(0x7f00000001c0)=@generic={&(0x7f0000000180)='./file0\x00', r3}, 0x18)
setsockopt$inet_opts(r1, 0x0, 0xc, &(0x7f00000000c0)='7', 0x1)
getsockopt$inet_opts(r1, 0x0, 0x9, 0x0, &(0x7f0000000080))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r5 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_CONTROL(r5, 0xc0105500, &(0x7f00000002c0)={0x3, 0x18, 0x302, 0x0, 0x0, 0x20fd, 0x0})

1.079979004s ago: executing program 2 (id=294):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000440)={<r1=>0xffffffffffffffff}, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r0, &(0x7f0000000000)={0x13, 0x10, 0x7, {0x0, r1, 0x1}}, 0x18)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000004c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
recvmsg$unix(r2, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)}, 0x100)
setsockopt$sock_attach_bpf(r2, 0x1, 0x23, &(0x7f00000000c0), 0x4)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0a00000002000000ff0f"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001500)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000ebfc0f794b1d2cbb5320d6654f6d7118968dfa2b9c6b3ea696a69ca38eb701bd631d3237362dd328650da1fe8b094af2fd9cea62a0542dc965db6989107784158516bf506c92b6ecc94493548945cbbb42c1546df64e28435c74410d3f67fd1532f12da0aef45cdc07dedc5c17926c0ded8d43b486e98786909d6e3d957417e8bc1896e536b21fa7dae26efd3c"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x15, 0x10, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000008000000000000000800000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf890000000000005509010000000000950000000000000085100000f5ffffffbf91000000000000b7020000000000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000240)='syzkaller\x00', 0x9, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, @sk_reuseport, 0x0, 0x8300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_usb_connect$cdc_ecm(0x2, 0x4d, &(0x7f0000000340)={{0x12, 0x1, 0x250, 0x2, 0x0, 0x0, 0x10, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x3b, 0x1, 0x1, 0x0, 0x20, 0x3, [{{0x9, 0x4, 0x0, 0x2, 0x2, 0x2, 0x6, 0x0, 0x5, {{0x5}, {0x5, 0x24, 0x0, 0x1}, {0xd, 0x24, 0xf, 0x1, 0xffff, 0x4, 0xd, 0x4f}}, {[], {{0x9, 0x5, 0x82, 0x2, 0x200, 0x8, 0x39}}, {{0x9, 0x5, 0x3, 0x2, 0x400, 0x9, 0x9, 0x7}}}}}]}}]}}, 0x0)
sendmsg$unix(r3, &(0x7f0000000480)={0xfffffffffffffffd, 0x0, 0x0}, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r8, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000500)={0x2c, r9, 0xc4fc9e906872338b, 0x10000, 0x0, {{0x15}, {@val={0x8}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x10, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x8, 0xd, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x4}]}]}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r10 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r10, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)={0x38, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000600), r10)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), r11)
ioctl$sock_SIOCGIFINDEX_80211(r11, 0x8933, &(0x7f0000000400)={'wlan0\x00', <r12=>0x0})
sendmsg$NL80211_CMD_SET_BSS(r10, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000000c0)={&(0x7f0000000580)={0x38, 0x0, 0x20, 0x70bd2d, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r12}, @val={0xc, 0x99, {0x10000, 0x6f}}}}, [@NL80211_ATTR_BSS_HT_OPMODE={0x6, 0x6d, 0x9}, @NL80211_ATTR_BSS_HT_OPMODE={0x6, 0x6d, 0x100}]}, 0x38}, 0x1, 0x0, 0x0, 0x20004094}, 0x40000)
sendmsg$NL80211_CMD_START_P2P_DEVICE(r7, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x28, r9, 0x20, 0x70bd2a, 0x25dfdbff, {{}, {@val={0x8, 0x3, r12}, @val={0xc, 0x99, {0xff, 0x5}}}}, ["", "", "", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x800)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f00000001c0), 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x28, 0x0, 0x100, 0x70bd29, 0x25dfdbff, {{}, {@void, @val={0x8, 0x3, r12}, @val={0xc, 0x99, {0x57d8, 0x59}}}}, [""]}, 0x28}, 0x1, 0x0, 0x0, 0x40}, 0xc0)
clock_gettime(0x0, &(0x7f0000000140)={<r13=>0x0, <r14=>0x0})
select(0x40, &(0x7f0000000040)={0x8, 0x40, 0x1, 0x5, 0xffff, 0x3, 0x3, 0x7}, &(0x7f0000000080)={0xd25, 0x9, 0x4, 0x80000001, 0x8000000000000000, 0xc1d, 0x4, 0x9}, &(0x7f0000000100)={0xffffffffffff8eef, 0x9e3, 0x8d8, 0x6, 0x10, 0x400, 0x68, 0x280000000000000}, &(0x7f0000000180)={r13, r14/1000+60000})

939.941774ms ago: executing program 4 (id=295):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002000007b1af8ff00000000bf"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
connect$pppl2tp(r0, &(0x7f00000002c0)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x8, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x32)
writev(r0, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x34060}], 0x1)

919.539594ms ago: executing program 4 (id=296):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000440)={<r1=>0xffffffffffffffff}, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r0, &(0x7f0000000000)={0x13, 0x10, 0x7, {0x0, r1, 0x1}}, 0x18)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000004c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
recvmsg$unix(r2, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)}, 0x100)
setsockopt$sock_attach_bpf(r2, 0x1, 0x23, &(0x7f00000000c0), 0x4)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0a00000002000000ff0f"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001500)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000ebfc0f794b1d2cbb5320d6654f6d7118968dfa2b9c6b3ea696a69ca38eb701bd631d3237362dd328650da1fe8b094af2fd9cea62a0542dc965db6989107784158516bf506c92b6ecc94493548945cbbb42c1546df64e28435c74410d3f67fd1532f12da0aef45cdc07dedc5c17926c0ded8d43b486e98786909d6e3d957417e8bc1896e536b21fa7dae26efd3c"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x15, 0x10, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000008000000000000000800000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf890000000000005509010000000000950000000000000085100000f5ffffffbf91000000000000b7020000000000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000240)='syzkaller\x00', 0x9, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, @sk_reuseport, 0x0, 0x8300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_usb_connect$cdc_ecm(0x2, 0x4d, &(0x7f0000000340)={{0x12, 0x1, 0x250, 0x2, 0x0, 0x0, 0x10, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x3b, 0x1, 0x1, 0x0, 0x20, 0x3, [{{0x9, 0x4, 0x0, 0x2, 0x2, 0x2, 0x6, 0x0, 0x5, {{0x5}, {0x5, 0x24, 0x0, 0x1}, {0xd, 0x24, 0xf, 0x1, 0xffff, 0x4, 0xd, 0x4f}}, {[], {{0x9, 0x5, 0x82, 0x2, 0x200, 0x8, 0x39}}, {{0x9, 0x5, 0x3, 0x2, 0x400, 0x9, 0x9, 0x7}}}}}]}}]}}, 0x0)
sendmsg$unix(r3, &(0x7f0000000480)={0xfffffffffffffffd, 0x0, 0x0}, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r8, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000500)={0x2c, r9, 0xc4fc9e906872338b, 0x10000, 0x0, {{0x15}, {@val={0x8}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x10, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x8, 0xd, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x4}]}]}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r10 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r10, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)={0x38, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000600), r10)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), r11)
ioctl$sock_SIOCGIFINDEX_80211(r11, 0x8933, &(0x7f0000000400)={'wlan0\x00', <r12=>0x0})
sendmsg$NL80211_CMD_SET_BSS(r10, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000000c0)={&(0x7f0000000580)={0x38, 0x0, 0x20, 0x70bd2d, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r12}, @val={0xc, 0x99, {0x10000, 0x6f}}}}, [@NL80211_ATTR_BSS_HT_OPMODE={0x6, 0x6d, 0x9}, @NL80211_ATTR_BSS_HT_OPMODE={0x6, 0x6d, 0x100}]}, 0x38}, 0x1, 0x0, 0x0, 0x20004094}, 0x40000)
sendmsg$NL80211_CMD_START_P2P_DEVICE(r7, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x28, r9, 0x20, 0x70bd2a, 0x25dfdbff, {{}, {@val={0x8, 0x3, r12}, @val={0xc, 0x99, {0xff, 0x5}}}}, ["", "", "", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x800)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f00000001c0), 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x28, 0x0, 0x100, 0x70bd29, 0x25dfdbff, {{}, {@void, @val={0x8, 0x3, r12}, @val={0xc, 0x99, {0x57d8, 0x59}}}}, [""]}, 0x28}, 0x1, 0x0, 0x0, 0x40}, 0xc0)
clock_gettime(0x0, &(0x7f0000000140)={<r13=>0x0, <r14=>0x0})
select(0x40, &(0x7f0000000040)={0x8, 0x40, 0x1, 0x5, 0xffff, 0x3, 0x3, 0x7}, &(0x7f0000000080)={0xd25, 0x9, 0x4, 0x80000001, 0x8000000000000000, 0xc1d, 0x4, 0x9}, &(0x7f0000000100)={0xffffffffffff8eef, 0x9e3, 0x8d8, 0x6, 0x10, 0x400, 0x68, 0x280000000000000}, &(0x7f0000000180)={r13, r14/1000+60000})

910.960394ms ago: executing program 0 (id=297):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFC_CMD_GET_TARGET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000040)={0x14, 0x0, 0x4}, 0x14}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000480)='ext4\x00', &(0x7f0000000400)='./file0\x00', 0x3000006, &(0x7f00000001c0)={[{@discard}, {@abort}, {@block_validity}, {@init_itable_val={'init_itable', 0x3d, 0x6}}, {@nobarrier}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1ff}}, {@usrjquota_path={'usrjquota', 0x3d, './file0'}}, {@nodiscard}, {@orlov}, {@user_xattr}, {@init_itable_val={'init_itable', 0x3d, 0x400}}]}, 0x1, 0x556, &(0x7f0000001100)="$eJzs3d1rW+UfAPDvSdu9/37rYAwVkcIunMyltvVlghfzUnQ40PsZ2rMymi6jScdaB24X7sYbGYKIA/Fe770c/gP+FQMtDBlFL7ypnPSky9akybL0ZebzgbM9zzknfc4353yfPCdPQgIYWGPZP4WIFyPi6yTiaNO24cg3jq3vt/rwxnS2JLG29smfSST5usb+Sf7/4bzyQkT8+mXE6cLmdqtLy3OlcjldyOvjtfmr49Wl5TOX50uz6Wx6ZXJq6uxbU5PvvvN232J97cLf331874OzX51c/fbnlWN3kjgXR/JtzXE8g5vNlbEYy5+TkTj3xI4TfWhsL0l2+wDoyVCe5yOR9QFHYyjPeuC/74uIWAMGVCL/YUA1xgGNe/s+3Qc/Nx68v34DtDn+4fX3RuJA/d7o0Gry2J1Rdr872of2szZ++ePunWyJ/r0PAdDRzVsRK0PDw5v7vyTv/3r3Rhf7PNmG/g92zr1s/PN6q/FPYWP8Ey3GP4db5G4vOud/YaUPzbSVjf/eazn+3Zi0Gh3Ka/+rj/lGkkuXy2nWt/0/Ik7FyP6svtV8ztnV+2vttjWP/7Ila78xFsyPY2V4/+OPmSnVSs8Sc7MHtyJeajn+TTbOf9Li/GfPx4Uu2ziR3n2l3bbO8W+vtR8jXm15/h/NaCVbz0+O16+H8cZVsdlft0/81q793Y4/O/+Hto5/NGmer60+fRs/HPgnbbet1+t/X/JpvbwvX3e9VKstTETsSz7avH7y0WMb9cb+WfynTm7d/7W6/g9GxGddxn/7+E8v9x7/9srin3mq8//0hfsffv59u/a7O/9v1kun8jXd9H/dHuCzPHcAAAAAAACw1xQi4kgkheJGuVAoFtc/33E8DhXKlWrt9KXK4pWZqH9XdjRGCo2Z7qNNn4eYyD8P26hPPlGfiohjEfHN0MF6vThdKc/sdvAAAAAAAAAAAAAAAAAAAACwRxxu8/3/zO9Du310wLbzk98wuDrmfz9+6QnYk7z+w+CS/zC45D8MLvkPg0v+w+DqkP/JTh0HsPO8/sPgkv8AAAAAAAAAAAAAAAAAAAAAAAAAAADQVxfOn8+WtdWHN6az+sy1pcW5yrUzM2l1rji/OF2crixcLc5WKrPltDhdme/098qVytWJyVi8Pl5Lq7Xx6tLyxfnK4pXaxcvzpdn0YjqyI1EBAAAAAAAAAAAAAAAAAADA86W6tDxXKpfTBQWFngrDe+MwFPpc2O2eCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAe+TcAAP//Z7w5Vw==")
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
pipe(&(0x7f0000000500))
bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1e0000000000000004000000060000004c010000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000001b"], 0x48)
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file1\x00', 0x0, &(0x7f00000007c0)={[{@resuid={'resuid', 0x3d, 0xee00}}]}, 0x1, 0xb80, &(0x7f0000000c40)="$eJzs3MtrXFUYAPDv3jyaNrGTiqgtggGpFcVp2hSFrlrXooIuuuyYTErI9GEmggldpHWvLkRcFKR/guDeunAluKgLrX9BEYsU3bQuInce6dBkktjO9PTx+8GZe86c6XzfN5fOPQfmJoAn1kTxkEfsjYiTWUSp9XweEcON3kjESvN1t2+eny5aFqur7/+VRRYRt26en26/V9Y6jrYGIxFx9a0snv50fdz60vJ8pVarLrTGBxdPnztYX1p+fe505VT1VPXMkak3j0y9MTXVw1qvn/vw6xd+eefli5c/m3z3q90/ZXEsxlpznXX0ykRMrH0mnQYjotLrYIkMtOrprDMbTJgQAACbyjvWcM9GKQbizuKtFD/+mjQ5AAAAoCdWByJWAQAAgMdcZv8PAAAAj7n27wBu3Tw/3W5pf5HwYN04HhHjzfrb9zc3ZwZjpXEciaGI2PV3Fp23tWbNf3bfJopI3/1cLVr06T7kzaxciIjnNzr/WaP+8cZd3OvrzyNisgfxJ+4aP0r1H+tB/NT1A/BkunK8eSFbf/3L19Y/scH1b3CDa9e9SH39a6//bq9b/92pf6DL+u+9bcbY9++rV7vNda7/Tnz++0wRvzjeV1H/w40LEfsGN6o/W6s/61L/yW3GGJ2+fqnbXFF/UW+7Pej6Vy9H7I+N62/LNvv7RAdn52rVyeZjlxj7fzhxoFv8zvNftCJ+ey/wIBTnf1eX+rc6/+e2GWP8uT/3dpvbuv78j+Hsg0ZvuPXMJ5XFxYVDEcPZ2+ufP7x5Lu3XtN+jqP+Vlzb//79R/cV3wkrrcyj2Ahdax2J88a6Yo/sPf3vv9fdXUf/MPZ7/L7YZ45vvL33UbS51/QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GvKIGIssL6/187xcjhiNiGdiV147W198bfbsx2dmirmI8RjKZ+dq1cmIKDXHWTE+1OjfGR++azwVEXsi4svSzsa4PH22NpO6eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaMRsRYZHk5IvKI+KeU5+Vy6qwAAACAnhtPnQAAAADQd/b/AAAA8Piz/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDP9rx45VoWEStHdzZaYbg1N5Q0M6Df8tQJAMkMpE4ASGYwdQJAMvb4QLbF/EjXmR09zwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh9eBvVeuZRGxcnRnoxWGW3NDSTMD+i1PnQCQzEDqBIBkBlMnACRjjw9kW8yPdJ3Z0fNcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHh4jTValpcjIm/087xcjngqIsZjKJudq1UnI2J3RPxWGtpRjA+lThoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICeqy8tz1dqteqCjo6Ozlon9TcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp1JeW5yu1WnWhnjoTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAILX60vJ8pVarLvSxk7pGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADS+S8AAP//szUGGQ==")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
ioctl$EXT4_IOC_SETFSUUID(r1, 0x4008662c, 0x0)

541.720622ms ago: executing program 3 (id=298):
socket$key(0xf, 0x3, 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000100)='./bus\x00', 0x800000, &(0x7f0000000080)=ANY=[], 0x1, 0x38b, &(0x7f0000000500)="$eJzs3T2IHOUbAPBnbvZ2L4H//7YTBWG1E/RM0mljglwgeAgqix+FuJiLyu5Z3OFhUuTuLAyWgqVWdgo2FmIpgiJ2FrZGkGhIoekCBkdmZmd3bj+iiVwk+PsVu+897/u8H7N7u3PD7nsvHY/+6cU4c/XqpVhaSqJx/PHjcS2JdqRR2Y1pzRkxAODOcC3L4resFBHt3pOtv0pJbs/MAICDUrz/vxIRnWiXkbe+ulH7zLs/ANzxhn//H7pRm6V5FZ0DmRIAcMAmrv9H3L+vutmIaEaj+rFR+1QAAHCneub5F544sRbxdKezFLFxYbu73Y1Hx/UnzsRrMYj1OBLLcT2iPFHIb5Li9uSptdUjnU5nIX5uRzciFoaJ3fJM4URa5LfiaCxHe5ifn2pkRTk9+ena6tFOISJ2d4rxYyPZ7i7G4eH4PxyO9fGJR9VJcRdxam31WGfYQXejyt+J2Btft8jnvxLL8d3Lo26yrPoE49rq+aPVpMf5291WnB4dhblXQAAAAAAAAAAAAAAAAAAAAAAA4JasdEbao/1zsvy+3ClnZWVGfbE/Tpk/3B9or9gj8HrWyiLLfn3zoe47aezbH2hyf55tGwkCAAAAAAAAAAAAAAAAAADAyNbZZvQGg/XNrbPn+mWhURR2NrfOLkREHnn9m0++PBT1Nn+r0CiHaEWMhugMhz3X72Vp1ThLI6bT03zwKvLRZ6MZ19u0RquYOY3W/KrB4H/3/fT+OHJvWvX8x7hN2py9wLQ2jccmet74fzml2YNeSYq1zztix+qRVky1uZhlWS3ydj39/IvTHUYS0bj5B+5cfyHmt8nywteXXr27Ovq9L7LSAw8uP3vxvQ8v93uDfOQoHsHm5tb1rN9LqsY3M43eoTyliiTDQ5fUnwmN3uWH56bv7Y/00u+vPHfPu9/OHTRJaj1n9ao38ufzRFZaLmdpsp9mWcj7mlzOOH1xuIjB+uKMJ//sQnVQe4NbeEzv+uDzj7Psx1/ySCNm/cbtL9ReJBamXjaSf/iyAwAAAAAAAAAAAAAAAAAAzFD7rvjQ8Mu+izfKeuSpg58ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANw+4///Xyvs7cZEZFTYnYqMCr/vzMhqrW9eaP7biwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4D/vzwAAAP//bMNNwA==")
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f00000013c0), 0xffffffffffffffff)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000580)='kmem_cache_free\x00', r3}, 0x10)
syz_emit_ethernet(0x3e, &(0x7f0000000140)={@broadcast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2e}, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "82d2f3", 0x8, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[@hopopts={0x33}]}}}}}, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000100)=0xcf5)
getuid()
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
r4 = syz_open_pts(r1, 0x0)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000280)=0x3)
sendmsg$NL802154_CMD_NEW_INTERFACE(r0, &(0x7f0000001500)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=ANY=[@ANYRES32=0x0, @ANYRES32=r3, @ANYRES32=r2], 0x38}}, 0x24000000)
syz_genetlink_get_family_id$nbd(&(0x7f0000000340), 0xffffffffffffffff)
r5 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000200), 0x1, 0x0)
writev(r5, &(0x7f00000025c0)=[{&(0x7f0000000240)='4', 0x1}, {0x0, 0x900}], 0x2)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000380))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000003c0))
r6 = socket(0x2, 0x1, 0x4)
setsockopt$EBT_SO_SET_ENTRIES(r6, 0xa00000000000000, 0x80, &(0x7f00000000c0)=@broute={'broute\x00', 0x20, 0x1, 0x990, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000e00], 0x0, 0x0, &(0x7f0000000e00)=ANY=[@ANYBLOB="000000000c0000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000001000000000240b182e9936299000000000000000000000000000000ffffffff010000000b00000020000000000062726964676530000000000000000000766c616e300000000000000000000000736974300000000000000000000000007465716c3000000000000000000000000000000000000000000000000180c20000000000000000000000b8080000b808000030090000616d6f6e670000000000000000000000000000000020080000000000001404000000000000000000000a00000000000000000000000000080000000000000000000000000000b085da05d603888318a0cce400000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000fdffffffff00000000000000000000e4ff0000000000000000000000000000000000000000000000000000000000000000c06a330000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005000000000000000000000000000000000000000000040000000000000000000000006fb7cd02b734bcce41ef6e95bd000000008000000000000000000000000000000000000000000000000000000000000000eeff3f000000008fc7660c490587b3ab213098a6767c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000de1f8f00000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000440a050000000000000000000000000000000000000000000000000000000000002f470e43ba7aa62a00000000000000000000000000f18a0afe993500000000000000000000000000000000000000000000000000000000000000000000000000fcffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4f016fa70c12554000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e61bf829de3481b50000000000000000000000000000000000008c7f8f1b44f000000000feffffff000000000000000000100000000000000000f4ff00000000000000000000000000e8b5520a0cd4af00000000000000000000000000000001000000000000000000000000000062f75a00627f34dd71012eed00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e0ffffff00000000000000000000000000000000000000000000001b00000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000f200000000000000000000000000000000000000000000000000000000000000fffffff900000000000000000000000000000000000000000000000000000000000000000000ff000000000000000000f2573bd04a330000000e00000000000000000000000000000000000000e9bfffff0000000000000000000000000000000000000000000000ffffffffffffffff0000000000200000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000cb33322c9c564ae5f8eef74d5aa7cc9c000000000000000000000000000000000000000000000000000000000500000000000000000000000000000000000000003f7f1c000000000000f34700000000000000000000000000000000000000000000000000000000000000dbffd4d57f898f20b15a00000000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d3d2e851000000000000000000000000000000000000000000000000006f670000001100000000000000000000000000000000000000000000005080000000000000000000000000000000010000a600a9e85725d89818472e65aba21d9bbc1b20e8331c6fd24a5aceaeefe102e42a013ac2c00eeb782c34eab997013e0506220c21a54cc58ff5bc83d5e4066c770000000000000000000000004000"/2448]}, 0xa08)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$devlink(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r7, &(0x7f0000000180)={0x0, 0x600, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="01000000000000000000240000000e0001006e65746465767b696d0000000f0002006e657464657673696d30000008008b00", @ANYRES32=0x0, @ANYBLOB], 0x3c}}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000400))
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000008c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)=ANY=[], 0x54}, 0x1, 0x0, 0x0, 0x8d9961f70feef124}, 0x40000)
ioctl$FITRIM(0xffffffffffffffff, 0xc0185879, &(0x7f0000000040)={0x200000008, 0x4000, 0x4013})

541.411372ms ago: executing program 0 (id=299):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000002000000fd0f000003"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0x1}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r0}, &(0x7f0000000000), &(0x7f0000000180)}, 0x20)
execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1000)

498.803082ms ago: executing program 1 (id=300):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x0, @void, @value}, 0x28)
syz_io_uring_setup(0x4349, &(0x7f0000000180)={0x0, 0x9867, 0x8000, 0x0, 0xd9}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100))
syz_io_uring_setup(0x2d36, &(0x7f0000000200)={0x0, 0x172c, 0x6200, 0x0, 0x292}, &(0x7f0000000280), &(0x7f00000002c0)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r0, 0x0, 0x0, 0x0, 0x0, 0x1})
openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3, 0x0, 0xffffffffffffffff}, 0x18)
r4 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r4, &(0x7f0000000200)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0xf0b, 0x70bd2a, 0x2001, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}, {0x5, 0xd}}}, 0x24}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000a80)=@newtfilter={0x5c, 0x2c, 0x100, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r5, {0xe}, {}, {0x8, 0xffe0}}, [@filter_kind_options=@f_flower={{0xb}, {0x2c, 0x2, [@TCA_FLOWER_KEY_MPLS_LABEL={0x8, 0x46, 0x9}, @TCA_FLOWER_KEY_ICMPV6_CODE={0x5}, @TCA_FLOWER_KEY_IP_TOS={0x5, 0x49, 0x6}, @TCA_FLOWER_KEY_FLAGS_MASK={0x8, 0x30, 0x101}, @TCA_FLOWER_KEY_ETH_TYPE={0x6, 0x8, 0x88fb}]}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4000010}, 0xc000)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r6, &(0x7f00000002c0), 0x40000000000009f, 0x0)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, 0x0, 0x4040000)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="2d0400000000000056e3f665d6e18046007f099533ab2a42157ef556d559", @ANYRES32, @ANYBLOB="a600"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000040000000000000007010000f8ffffffbfa40000000039ed482b55d476db23105e61311bdd000007040000f0", @ANYRES32=r7, @ANYBLOB="0000000000000000b70400000800000085000000950000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r8}, 0x10)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000540)=@raw={'raw\x00', 0x8, 0x3, 0x4d8, 0x340, 0x11, 0x148, 0x340, 0x0, 0x440, 0x2a8, 0x2a8, 0x440, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'ip_vti0\x00', {0x0, 0x0, 0x3f, 0x0, 0x88000000, 0x3, 0x7}}}, @common=@unspec=@bpf1={{0x230}, @pinned={0x1, 0x0, 0x0, './file0\x00'}}]}, @unspec=@CT0={0x48}}, {{@ip={@multicast2, @empty, 0x0, 0x0, 'vlan0\x00', 'netdevsim0\x00'}, 0x0, 0xd0, 0x100, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@unspec=@quota={{0x38}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x538)

373.384992ms ago: executing program 1 (id=301):
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
sendmsg$DEVLINK_CMD_RATE_NEW(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f0000000300)={[{@nojournal_checksum}, {@nombcache}, {@min_batch_time={'min_batch_time', 0x3d, 0xffffffffffffffff}}]}, 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
mknod$loop(&(0x7f0000000000)='./file0\x00', 0x6000, 0x1)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000202300800000000000"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
rename(&(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000440)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x0, 0x0)
open_by_handle_at(r1, &(0x7f0000000240)=@reiserfs_2={0x8, 0x2, {0xb}}, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x6, &(0x7f0000000300)=0x8, 0x4)
ioctl$RTC_UIE_OFF(r1, 0x7004)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0xad, 0x7ffc1ffb}]})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="0207a20802"], 0x10}}, 0x0)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000000080)={{{@in=@broadcast, @in6=@mcast1, 0x0, 0x0, 0xfffc, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee00}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x40000000000000, 0x0, 0x0, 0x10000}, 0x0, 0x0, 0x1}, {{@in6=@loopback, 0x10000, 0x32}, 0x0, @in6=@mcast1, 0x0, 0x0, 0x0, 0xb7, 0x2, 0xffffffff}}, 0xe8)
sendmmsg(r2, &(0x7f0000000180), 0x400000000000077, 0x7600)
socket$nl_generic(0x10, 0x3, 0x10)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r4 = socket$igmp(0x2, 0x3, 0x2)
getsockopt$sock_buf(r4, 0x1, 0x37, &(0x7f0000000040)=""/66, &(0x7f0000000540)=0x42)
lremovexattr(&(0x7f0000000100)='./file0\x00', &(0x7f0000000200)=@known='system.posix_acl_access\x00')

322.364131ms ago: executing program 0 (id=302):
sendmsg$TIPC_CMD_GET_BEARER_NAMES(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24000010}, 0x4004010)
capset(0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000001b40)='sched_switch\x00', r2}, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
r3 = shmget$private(0x0, 0x3000, 0x800, &(0x7f0000ffd000/0x3000)=nil)
shmctl$SHM_LOCK(r3, 0xb)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00'}, 0x18)

312.094571ms ago: executing program 2 (id=303):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
kcmp(r0, r0, 0x2, 0xffffffffffffffff, 0xffffffffffffffff) (fail_nth: 5)

158.949731ms ago: executing program 0 (id=304):
bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB], 0x48)
socket$inet6(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="3400000014000905000000000000000002000000", @ANYRES32, @ANYBLOB="1400060000000000000000000000000000000000080002"], 0x34}}, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='rseq_update\x00', r0, 0x0, 0x8}, 0x18)
socket$inet_udp(0x2, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = syz_clone(0x200, 0x0, 0xffffffd3, 0x0, 0x0, 0x0)
process_vm_writev(r2, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0)

896.51µs ago: executing program 2 (id=305):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) (async)
ioctl$EVIOCGRAB(0xffffffffffffffff, 0x40044590, &(0x7f0000000340)=0xfffffff8)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x18)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000010000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async)
r3 = socket(0x2, 0x5, 0x0)
sendmmsg$inet_sctp(r3, &(0x7f00000032c0)=[{&(0x7f0000002e40)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000680)="03", 0x1}], 0x1}], 0x1, 0x880)
sendmmsg$inet_sctp(r3, &(0x7f0000000bc0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000001c0)=[{0x0, 0x2}], 0x1, &(0x7f0000000140)=ANY=[@ANYBLOB="30000000000000008400000001000000000000000c0000000000000002002b0388edb6556900"/51, @ANYRES32=0x0], 0x30}], 0x1, 0x0) (async)
r4 = syz_open_dev$usbfs(&(0x7f0000000080), 0x5, 0x0) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r6}, 0x10) (async)
r7 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r7, &(0x7f0000000280)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040)={<r8=>0xffffffffffffffff}, 0x2}}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0xb, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r9}, 0x10) (async)
move_pages(0x0, 0x2064, &(0x7f0000000040)=[&(0x7f0000ff9000/0x2000)=nil], &(0x7f0000001180), &(0x7f0000000000), 0x0) (async)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r7, &(0x7f0000000200)={0x3, 0x40, 0xfa00, {{0xa, 0xfffd, 0x0, @empty, 0x4}, {0xa, 0x0, 0x0, @empty, 0xfffffffc}, r8}}, 0x48) (async)
r10 = dup2(r7, r7)
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r12, 0x0, 0x80000000000000}, 0x18)
r13 = socket$nl_generic(0x10, 0x3, 0x10)
r14 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r13)
sendmsg$NL80211_CMD_GET_WIPHY(r13, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000240)={0x28, r14, 0x301, 0x0, 0x0, {{}, {@val={0x8, 0x7}, @void, @val={0xc}}}}, 0x28}}, 0x0) (async)
write$RDMA_USER_CM_CMD_JOIN_MCAST(r10, &(0x7f00000008c0)={0x16, 0x98, 0xfa00, {0x0, 0x2, r8, 0x1c, 0x0, @in6={0xa, 0x4e20, 0x1, @private0, 0x7f}}}, 0xa0) (async)
syz_genetlink_get_family_id$batadv(&(0x7f00000002c0), r10) (async)
ioctl$USBDEVFS_RESET(r4, 0x5514)

0s ago: executing program 4 (id=306):
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000280), 0x2100, 0x0)
openat(r0, &(0x7f00000001c0)='./file0\x00', 0x103a00, 0x18)
r1 = epoll_create1(0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
mount$tmpfs(0x0, &(0x7f0000000540)='./cgroup\x00', &(0x7f0000000180), 0x0, &(0x7f0000000100)={[{@inode32}]})
r4 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000100)={0x20000014})
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r1, &(0x7f0000000000)={0xa0000001})
ppoll(&(0x7f0000000200)=[{r4, 0x1}], 0x1, 0x0, 0x0, 0x0)
epoll_wait(r4, &(0x7f0000000040)=[{}], 0x1, 0x400)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
flock(r1, 0xe)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='sched_switch\x00'}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r5 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r5, &(0x7f0000000080)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c)
sendmsg(r5, &(0x7f00000000c0)={0x0, 0x9504, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.7' (ED25519) to the list of known hosts.
[   33.633360][   T29] audit: type=1400 audit(1735402661.128:81): avc:  denied  { mounton } for  pid=3288 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1925 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   33.634642][ T3288] cgroup: Unknown subsys name 'net'
[   33.656146][   T29] audit: type=1400 audit(1735402661.128:82): avc:  denied  { mount } for  pid=3288 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   33.683501][   T29] audit: type=1400 audit(1735402661.158:83): avc:  denied  { unmount } for  pid=3288 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   33.703392][   T29] audit: type=1400 audit(1735402661.158:84): avc:  denied  { read } for  pid=2981 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[   33.819135][ T3288] cgroup: Unknown subsys name 'cpuset'
[   33.825343][ T3288] cgroup: Unknown subsys name 'rlimit'
[   33.996122][   T29] audit: type=1400 audit(1735402661.488:85): avc:  denied  { setattr } for  pid=3288 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   34.019479][   T29] audit: type=1400 audit(1735402661.488:86): avc:  denied  { create } for  pid=3288 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   34.039984][   T29] audit: type=1400 audit(1735402661.488:87): avc:  denied  { write } for  pid=3288 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   34.060376][   T29] audit: type=1400 audit(1735402661.488:88): avc:  denied  { read } for  pid=3288 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
Setting up swapspace version 1, size = 127995904 bytes
[   34.080693][   T29] audit: type=1400 audit(1735402661.508:89): avc:  denied  { mounton } for  pid=3288 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   34.089341][ T3292] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[   34.105473][   T29] audit: type=1400 audit(1735402661.508:90): avc:  denied  { mount } for  pid=3288 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[   34.167453][ T3288] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   35.450431][ T3304] chnl_net:caif_netlink_parms(): no params data found
[   35.479067][ T3298] chnl_net:caif_netlink_parms(): no params data found
[   35.501766][ T3305] chnl_net:caif_netlink_parms(): no params data found
[   35.515542][ T3300] chnl_net:caif_netlink_parms(): no params data found
[   35.590453][ T3304] bridge0: port 1(bridge_slave_0) entered blocking state
[   35.597599][ T3304] bridge0: port 1(bridge_slave_0) entered disabled state
[   35.604931][ T3304] bridge_slave_0: entered allmulticast mode
[   35.611366][ T3304] bridge_slave_0: entered promiscuous mode
[   35.638974][ T3304] bridge0: port 2(bridge_slave_1) entered blocking state
[   35.646057][ T3304] bridge0: port 2(bridge_slave_1) entered disabled state
[   35.653430][ T3304] bridge_slave_1: entered allmulticast mode
[   35.659782][ T3304] bridge_slave_1: entered promiscuous mode
[   35.665971][ T3311] chnl_net:caif_netlink_parms(): no params data found
[   35.718642][ T3304] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   35.727865][ T3298] bridge0: port 1(bridge_slave_0) entered blocking state
[   35.735014][ T3298] bridge0: port 1(bridge_slave_0) entered disabled state
[   35.742196][ T3298] bridge_slave_0: entered allmulticast mode
[   35.748775][ T3298] bridge_slave_0: entered promiscuous mode
[   35.755218][ T3300] bridge0: port 1(bridge_slave_0) entered blocking state
[   35.762384][ T3300] bridge0: port 1(bridge_slave_0) entered disabled state
[   35.770497][ T3300] bridge_slave_0: entered allmulticast mode
[   35.776965][ T3300] bridge_slave_0: entered promiscuous mode
[   35.783366][ T3305] bridge0: port 1(bridge_slave_0) entered blocking state
[   35.790506][ T3305] bridge0: port 1(bridge_slave_0) entered disabled state
[   35.797649][ T3305] bridge_slave_0: entered allmulticast mode
[   35.804024][ T3305] bridge_slave_0: entered promiscuous mode
[   35.811091][ T3305] bridge0: port 2(bridge_slave_1) entered blocking state
[   35.818182][ T3305] bridge0: port 2(bridge_slave_1) entered disabled state
[   35.825365][ T3305] bridge_slave_1: entered allmulticast mode
[   35.831886][ T3305] bridge_slave_1: entered promiscuous mode
[   35.843533][ T3304] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   35.862603][ T3298] bridge0: port 2(bridge_slave_1) entered blocking state
[   35.869802][ T3298] bridge0: port 2(bridge_slave_1) entered disabled state
[   35.876950][ T3298] bridge_slave_1: entered allmulticast mode
[   35.883510][ T3298] bridge_slave_1: entered promiscuous mode
[   35.889765][ T3300] bridge0: port 2(bridge_slave_1) entered blocking state
[   35.896855][ T3300] bridge0: port 2(bridge_slave_1) entered disabled state
[   35.904206][ T3300] bridge_slave_1: entered allmulticast mode
[   35.910847][ T3300] bridge_slave_1: entered promiscuous mode
[   35.931801][ T3304] team0: Port device team_slave_0 added
[   35.963804][ T3304] team0: Port device team_slave_1 added
[   35.987519][ T3300] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   35.997857][ T3300] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   36.007885][ T3305] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   36.025362][ T3311] bridge0: port 1(bridge_slave_0) entered blocking state
[   36.032608][ T3311] bridge0: port 1(bridge_slave_0) entered disabled state
[   36.039993][ T3311] bridge_slave_0: entered allmulticast mode
[   36.046474][ T3311] bridge_slave_0: entered promiscuous mode
[   36.053070][ T3311] bridge0: port 2(bridge_slave_1) entered blocking state
[   36.060192][ T3311] bridge0: port 2(bridge_slave_1) entered disabled state
[   36.067365][ T3311] bridge_slave_1: entered allmulticast mode
[   36.074099][ T3311] bridge_slave_1: entered promiscuous mode
[   36.081313][ T3298] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   36.091505][ T3305] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   36.105447][ T3304] batman_adv: batadv0: Adding interface: batadv_slave_0
[   36.112449][ T3304] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   36.138367][ T3304] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   36.155182][ T3298] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   36.170074][ T3300] team0: Port device team_slave_0 added
[   36.180467][ T3304] batman_adv: batadv0: Adding interface: batadv_slave_1
[   36.187452][ T3304] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   36.213419][ T3304] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   36.230416][ T3311] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   36.244370][ T3300] team0: Port device team_slave_1 added
[   36.255592][ T3305] team0: Port device team_slave_0 added
[   36.262326][ T3305] team0: Port device team_slave_1 added
[   36.271873][ T3311] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   36.311677][ T3298] team0: Port device team_slave_0 added
[   36.317570][ T3300] batman_adv: batadv0: Adding interface: batadv_slave_0
[   36.324608][ T3300] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   36.350566][ T3300] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   36.373223][ T3304] hsr_slave_0: entered promiscuous mode
[   36.379374][ T3304] hsr_slave_1: entered promiscuous mode
[   36.385991][ T3298] team0: Port device team_slave_1 added
[   36.391990][ T3300] batman_adv: batadv0: Adding interface: batadv_slave_1
[   36.398978][ T3300] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   36.424878][ T3300] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   36.438354][ T3305] batman_adv: batadv0: Adding interface: batadv_slave_0
[   36.445357][ T3305] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   36.471288][ T3305] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   36.482970][ T3311] team0: Port device team_slave_0 added
[   36.489884][ T3311] team0: Port device team_slave_1 added
[   36.517468][ T3305] batman_adv: batadv0: Adding interface: batadv_slave_1
[   36.524481][ T3305] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   36.550616][ T3305] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   36.571889][ T3311] batman_adv: batadv0: Adding interface: batadv_slave_0
[   36.578929][ T3311] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   36.604993][ T3311] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   36.616674][ T3311] batman_adv: batadv0: Adding interface: batadv_slave_1
[   36.623746][ T3311] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   36.649763][ T3311] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   36.660682][ T3298] batman_adv: batadv0: Adding interface: batadv_slave_0
[   36.667725][ T3298] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   36.693781][ T3298] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   36.704921][ T3298] batman_adv: batadv0: Adding interface: batadv_slave_1
[   36.711971][ T3298] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   36.737890][ T3298] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   36.781281][ T3300] hsr_slave_0: entered promiscuous mode
[   36.787383][ T3300] hsr_slave_1: entered promiscuous mode
[   36.793547][ T3300] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   36.801159][ T3300] Cannot create hsr debugfs directory
[   36.819410][ T3298] hsr_slave_0: entered promiscuous mode
[   36.825482][ T3298] hsr_slave_1: entered promiscuous mode
[   36.831899][ T3298] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   36.839510][ T3298] Cannot create hsr debugfs directory
[   36.860057][ T3311] hsr_slave_0: entered promiscuous mode
[   36.866405][ T3311] hsr_slave_1: entered promiscuous mode
[   36.872331][ T3311] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   36.879898][ T3311] Cannot create hsr debugfs directory
[   36.904506][ T3305] hsr_slave_0: entered promiscuous mode
[   36.910642][ T3305] hsr_slave_1: entered promiscuous mode
[   36.916494][ T3305] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   36.924274][ T3305] Cannot create hsr debugfs directory
[   37.088773][ T3304] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   37.100361][ T3304] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   37.109227][ T3304] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   37.119851][ T3304] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   37.150710][ T3300] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   37.160494][ T3300] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   37.169424][ T3300] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   37.183918][ T3300] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   37.205908][ T3311] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   37.216870][ T3311] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   37.226374][ T3311] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   37.235299][ T3311] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   37.264772][ T3298] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   37.281248][ T3298] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   37.290974][ T3298] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   37.307469][ T3304] 8021q: adding VLAN 0 to HW filter on device bond0
[   37.314974][ T3298] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   37.338574][ T3305] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   37.353483][ T3305] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   37.364245][ T3304] 8021q: adding VLAN 0 to HW filter on device team0
[   37.374265][ T3305] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   37.382993][ T3305] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   37.392577][   T50] bridge0: port 1(bridge_slave_0) entered blocking state
[   37.399665][   T50] bridge0: port 1(bridge_slave_0) entered forwarding state
[   37.423170][ T2090] bridge0: port 2(bridge_slave_1) entered blocking state
[   37.430267][ T2090] bridge0: port 2(bridge_slave_1) entered forwarding state
[   37.477637][ T3304] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   37.494236][ T3300] 8021q: adding VLAN 0 to HW filter on device bond0
[   37.517167][ T3311] 8021q: adding VLAN 0 to HW filter on device bond0
[   37.536030][ T3311] 8021q: adding VLAN 0 to HW filter on device team0
[   37.547527][ T3300] 8021q: adding VLAN 0 to HW filter on device team0
[   37.557028][ T3298] 8021q: adding VLAN 0 to HW filter on device bond0
[   37.568622][   T58] bridge0: port 1(bridge_slave_0) entered blocking state
[   37.575704][   T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[   37.600583][   T58] bridge0: port 1(bridge_slave_0) entered blocking state
[   37.607729][   T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[   37.617095][   T58] bridge0: port 2(bridge_slave_1) entered blocking state
[   37.624209][   T58] bridge0: port 2(bridge_slave_1) entered forwarding state
[   37.637583][   T58] bridge0: port 2(bridge_slave_1) entered blocking state
[   37.644686][   T58] bridge0: port 2(bridge_slave_1) entered forwarding state
[   37.670065][ T3298] 8021q: adding VLAN 0 to HW filter on device team0
[   37.691902][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[   37.699024][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[   37.723114][ T3304] 8021q: adding VLAN 0 to HW filter on device batadv0
[   37.731721][   T58] bridge0: port 2(bridge_slave_1) entered blocking state
[   37.738904][   T58] bridge0: port 2(bridge_slave_1) entered forwarding state
[   37.753553][ T3305] 8021q: adding VLAN 0 to HW filter on device bond0
[   37.780500][ T3311] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   37.812276][ T3305] 8021q: adding VLAN 0 to HW filter on device team0
[   37.828006][ T3300] 8021q: adding VLAN 0 to HW filter on device batadv0
[   37.867913][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[   37.875032][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[   37.884114][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[   37.891239][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[   37.923764][ T3311] 8021q: adding VLAN 0 to HW filter on device batadv0
[   37.938418][ T3298] 8021q: adding VLAN 0 to HW filter on device batadv0
[   37.969858][ T3304] veth0_vlan: entered promiscuous mode
[   37.981995][ T3304] veth1_vlan: entered promiscuous mode
[   38.011654][ T3304] veth0_macvtap: entered promiscuous mode
[   38.029599][ T3304] veth1_macvtap: entered promiscuous mode
[   38.056168][ T3305] 8021q: adding VLAN 0 to HW filter on device batadv0
[   38.078742][ T3304] batman_adv: batadv0: Interface activated: batadv_slave_0
[   38.090043][ T3300] veth0_vlan: entered promiscuous mode
[   38.099844][ T3304] batman_adv: batadv0: Interface activated: batadv_slave_1
[   38.110461][ T3304] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   38.119261][ T3304] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   38.127993][ T3304] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   38.136853][ T3304] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   38.157859][ T3300] veth1_vlan: entered promiscuous mode
[   38.186224][ T3311] veth0_vlan: entered promiscuous mode
[   38.203626][ T3300] veth0_macvtap: entered promiscuous mode
[   38.220299][ T3311] veth1_vlan: entered promiscuous mode
[   38.227728][ T3300] veth1_macvtap: entered promiscuous mode
[   38.238061][ T3300] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   38.248659][ T3300] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   38.259358][ T3300] batman_adv: batadv0: Interface activated: batadv_slave_0
[   38.269306][ T3304] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   38.278645][ T3300] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   38.294410][ T3300] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   38.305637][ T3300] batman_adv: batadv0: Interface activated: batadv_slave_1
[   38.327115][ T3300] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   38.335984][ T3300] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   38.345109][ T3300] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   38.354007][ T3300] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   38.382707][ T3305] veth0_vlan: entered promiscuous mode
[   38.392669][ T3305] veth1_vlan: entered promiscuous mode
[   38.401112][ T3311] veth0_macvtap: entered promiscuous mode
[   38.423819][ T3298] veth0_vlan: entered promiscuous mode
[   38.440363][ T3311] veth1_macvtap: entered promiscuous mode
[   38.450829][ T3311] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   38.461378][ T3311] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   38.471303][ T3311] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   38.481804][ T3311] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   38.485529][ T3440] loop2: detected capacity change from 0 to 1024
[   38.495340][ T3311] batman_adv: batadv0: Interface activated: batadv_slave_0
[   38.507229][ T3440] =======================================================
[   38.507229][ T3440] WARNING: The mand mount option has been deprecated and
[   38.507229][ T3440]          and is ignored by this kernel. Remove the mand
[   38.507229][ T3440]          option from the mount to silence this warning.
[   38.507229][ T3440] =======================================================
[   38.543339][ T3440] EXT4-fs: Ignoring removed i_version option
[   38.549551][ T3440] EXT4-fs: Ignoring removed bh option
[   38.558022][ T3305] veth0_macvtap: entered promiscuous mode
[   38.571025][ T3440] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   38.571687][ T3311] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   38.593619][ T3311] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   38.603488][ T3311] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   38.614042][ T3311] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   38.627626][ T3311] batman_adv: batadv0: Interface activated: batadv_slave_1
[   38.641475][   T29] kauditd_printk_skb: 92 callbacks suppressed
[   38.641492][   T29] audit: type=1326 audit(1735402666.138:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3441 comm="syz.1.2" exe="/root/syz-executor" sig=0 arch=c000003e syscall=239 compat=0 ip=0x7f669ce75d29 code=0x7ffc0000
[   38.652037][ T3311] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   38.679479][ T3311] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   38.688528][ T3311] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   38.697290][ T3311] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   38.709016][   T29] audit: type=1326 audit(1735402666.178:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3441 comm="syz.1.2" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f669ce6cce7 code=0x7ffc0000
[   38.720833][ T3305] veth1_macvtap: entered promiscuous mode
[   38.732265][   T29] audit: type=1326 audit(1735402666.178:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3441 comm="syz.1.2" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f669ce11f29 code=0x7ffc0000
[   38.760905][   T29] audit: type=1326 audit(1735402666.178:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3441 comm="syz.1.2" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f669ce75d29 code=0x7ffc0000
[   38.784173][   T29] audit: type=1326 audit(1735402666.178:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3441 comm="syz.1.2" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f669ce75d29 code=0x7ffc0000
[   38.787497][ T3305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   38.807325][   T29] audit: type=1400 audit(1735402666.208:188): avc:  denied  { nlmsg_read } for  pid=3437 comm="syz.2.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[   38.817757][ T3305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   38.817772][ T3305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   38.858376][ T3305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   38.868231][ T3305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   38.878688][ T3305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   38.893088][ T3305] batman_adv: batadv0: Interface activated: batadv_slave_0
[   38.900850][ T3298] veth1_vlan: entered promiscuous mode
[   38.913526][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.926323][ T3305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   38.936910][ T3305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   38.945193][   T29] audit: type=1400 audit(1735402666.438:189): avc:  denied  { create } for  pid=3447 comm="syz.1.7" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   38.946842][ T3305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   38.966045][   T29] audit: type=1400 audit(1735402666.438:190): avc:  denied  { ioctl } for  pid=3447 comm="syz.1.7" path="socket:[4138]" dev="sockfs" ino=4138 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   38.976411][ T3305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.010814][ T3305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   39.021331][ T3305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.032285][ T3305] batman_adv: batadv0: Interface activated: batadv_slave_1
[   39.040506][ T3305] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   39.049290][ T3305] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   39.058113][ T3305] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   39.066866][ T3305] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   39.083143][ T3451] loop2: detected capacity change from 0 to 1024
[   39.125071][ T3298] veth0_macvtap: entered promiscuous mode
[   39.134596][ T3451] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   39.139419][ T3298] veth1_macvtap: entered promiscuous mode
[   39.151944][ T3451] ext4 filesystem being mounted at /1/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   39.174510][ T3451] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.6: bg 0: block 393: padding at end of block bitmap is not set
[   39.184875][ T3298] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   39.199207][ T3298] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.209062][ T3298] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   39.219597][ T3298] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.229475][ T3298] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   39.240041][ T3298] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.250403][ T3298] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   39.260904][ T3298] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.273536][ T3298] batman_adv: batadv0: Interface activated: batadv_slave_0
[   39.281060][ T3451] syz.2.6 (3451) used greatest stack depth: 10504 bytes left
[   39.288770][   T29] audit: type=1326 audit(1735402666.778:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3459 comm="syz.3.4" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f59ae7b5d29 code=0x7ffc0000
[   39.312040][   T29] audit: type=1326 audit(1735402666.778:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3459 comm="syz.3.4" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f59ae7b5d29 code=0x7ffc0000
[   39.359503][ T3298] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   39.370121][ T3298] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.380009][ T3298] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   39.390605][ T3298] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.400475][ T3298] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   39.411166][ T3298] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.421029][ T3298] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   39.431593][ T3298] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.442789][ T3298] batman_adv: batadv0: Interface activated: batadv_slave_1
[   39.451927][ T3298] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   39.453658][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.460730][ T3298] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   39.460765][ T3298] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   39.460795][ T3298] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   39.617636][ T3478] loop4: detected capacity change from 0 to 128
[   39.647472][ T3487] netlink: 4 bytes leftover after parsing attributes in process `syz.2.14'.
[   39.651970][ T3478] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   39.658664][ T3487] netlink: 8 bytes leftover after parsing attributes in process `syz.2.14'.
[   39.686192][ T3478] ext4 filesystem being mounted at /0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   39.743301][ T3492] loop1: detected capacity change from 0 to 1024
[   39.750397][ T3298] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   39.750748][ T3492] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   39.799257][ T3492] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   39.807356][ T3492] EXT4-fs (loop1): orphan cleanup on readonly fs
[   39.818057][ T3492] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5837: Corrupt filesystem
[   39.830746][ T3492] EXT4-fs (loop1): Remounting filesystem read-only
[   39.843860][ T3492] EXT4-fs (loop1): 1 orphan inode deleted
[   39.852105][ T3492] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   39.864373][ T3492] SELinux: (dev loop1, type ext4) getxattr errno 5
[   39.871602][ T3492] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.943628][ T3492] +}[@ (3492) used greatest stack depth: 9792 bytes left
[   40.045984][ T3515] loop1: detected capacity change from 0 to 2048
[   40.071587][ T3515] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   40.089924][ T3515] netlink: 'syz.1.24': attribute type 3 has an invalid length.
[   40.207872][ T3528] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   40.410696][ T3535] process 'syz.4.29' launched './file0' with NULL argv: empty string added
[   40.713246][ T3542] loop0: detected capacity change from 0 to 1024
[   40.740649][ T3542] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   40.771753][ T3542] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   40.787201][ T3542] EXT4-fs (loop0): orphan cleanup on readonly fs
[   40.824500][ T3542] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5837: Corrupt filesystem
[   40.834279][ T3542] EXT4-fs (loop0): Remounting filesystem read-only
[   40.841114][ T3542] EXT4-fs (loop0): 1 orphan inode deleted
[   40.847482][ T3542] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   40.860114][ T3542] SELinux: (dev loop0, type ext4) getxattr errno 5
[   40.867069][ T3542] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.001634][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.458625][ T3542] +}[@ (3542) used greatest stack depth: 9640 bytes left
[   41.567279][ T3572] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   41.583919][ T3572] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   41.608675][ T3564] lo speed is unknown, defaulting to 1000
[   41.620507][ T3564] lo speed is unknown, defaulting to 1000
[   41.628775][ T3564] lo speed is unknown, defaulting to 1000
[   41.638444][ T3564] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   41.673358][ T3564] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[   41.750874][ T3564] lo speed is unknown, defaulting to 1000
[   41.760119][ T3564] lo speed is unknown, defaulting to 1000
[   41.771469][ T3564] lo speed is unknown, defaulting to 1000
[   41.787912][ T3564] lo speed is unknown, defaulting to 1000
[   41.811294][ T3564] lo speed is unknown, defaulting to 1000
[   41.989408][ T3587] serio: Serial port ptm0
[   42.032422][ T3589] loop0: detected capacity change from 0 to 512
[   42.045397][ T3589] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.44: invalid indirect mapped block 256 (level 2)
[   42.060843][ T3589] EXT4-fs (loop0): 2 truncates cleaned up
[   42.067194][ T3589] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.233443][ T3591] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.44: bg 0: block 5: invalid block bitmap
[   42.443360][ T3597] loop4: detected capacity change from 0 to 1024
[   42.454917][ T3597] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   42.495111][ T3597] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   42.512996][ T3597] EXT4-fs (loop4): orphan cleanup on readonly fs
[   42.535765][ T3597] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5837: Corrupt filesystem
[   42.547240][ T3597] EXT4-fs (loop4): Remounting filesystem read-only
[   42.562001][ T3604] loop1: detected capacity change from 0 to 1024
[   42.569759][ T3597] EXT4-fs (loop4): 1 orphan inode deleted
[   42.576217][ T3604] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   42.592953][ T3597] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   42.610716][ T3597] SELinux: (dev loop4, type ext4) getxattr errno 5
[   42.617546][ T3604] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   42.626179][ T3597] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.636477][ T3604] EXT4-fs (loop1): orphan cleanup on readonly fs
[   42.643443][ T3604] EXT4-fs warning (device loop1): ext4_enable_quotas:7156: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix.
[   42.658174][ T3604] EXT4-fs (loop1): Cannot turn on quotas: error -22
[   42.668637][ T3604] EXT4-fs error (device loop1): ext4_free_blocks:6589: comm syz.1.50: Freeing blocks not in datazone - block = 0, count = 4096
[   42.695850][ T3604] EXT4-fs (loop1): Remounting filesystem read-only
[   42.716488][ T3604] EXT4-fs (loop1): 1 orphan inode deleted
[   42.740116][ T3609] bridge0: entered promiscuous mode
[   42.752389][ T3604] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   42.781077][ T3604] SELinux: (dev loop1, type ext4) getxattr errno 5
[   42.788008][ T3604] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.995623][ T3622] loop2: detected capacity change from 0 to 2048
[   43.023529][ T3622] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   43.077069][ T3626] netlink: 4 bytes leftover after parsing attributes in process `syz.4.51'.
[   43.078821][ T3622] netlink: 'syz.2.57': attribute type 4 has an invalid length.
[   43.098257][ T3626] bridge_slave_1: left allmulticast mode
[   43.103947][ T3626] bridge_slave_1: left promiscuous mode
[   43.109805][ T3626] bridge0: port 2(bridge_slave_1) entered disabled state
[   43.126137][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.158803][ T3626] bridge_slave_0: left allmulticast mode
[   43.164528][ T3626] bridge_slave_0: left promiscuous mode
[   43.170443][ T3634] netlink: 'syz.2.57': attribute type 4 has an invalid length.
[   43.170575][ T3626] bridge0: port 1(bridge_slave_0) entered disabled state
[   43.217811][ T3626] bridge0 (unregistering): left promiscuous mode
[   43.358845][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.705082][   T29] kauditd_printk_skb: 260 callbacks suppressed
[   43.705101][   T29] audit: type=1400 audit(1735402671.198:441): avc:  denied  { write } for  pid=3654 comm="syz.4.68" name="001" dev="devtmpfs" ino=153 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   43.750640][ T3657] tun0: tun_chr_ioctl cmd 35108
[   43.765633][   T29] audit: type=1400 audit(1735402671.258:442): avc:  denied  { create } for  pid=3658 comm="syz.4.70" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   43.769876][ T3659] loop4: detected capacity change from 0 to 128
[   43.785113][   T29] audit: type=1400 audit(1735402671.258:443): avc:  denied  { create } for  pid=3658 comm="syz.4.70" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[   43.814750][ T3659] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   43.827981][ T3659] ext4 filesystem being mounted at /20/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   43.842353][   T29] audit: type=1400 audit(1735402671.338:444): avc:  denied  { create } for  pid=3658 comm="syz.4.70" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   43.864112][   T29] audit: type=1400 audit(1735402671.338:445): avc:  denied  { bind } for  pid=3658 comm="syz.4.70" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   43.884625][   T29] audit: type=1400 audit(1735402671.358:446): avc:  denied  { read } for  pid=3658 comm="syz.4.70" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   43.924411][ T3298] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   43.962852][   T29] audit: type=1400 audit(1735402671.458:447): avc:  denied  { read } for  pid=3666 comm="syz.1.74" name="autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[   43.986111][   T29] audit: type=1400 audit(1735402671.458:448): avc:  denied  { open } for  pid=3666 comm="syz.1.74" path="/dev/autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[   44.009786][   T29] audit: type=1400 audit(1735402671.458:449): avc:  denied  { ioctl } for  pid=3666 comm="syz.1.74" path="/dev/autofs" dev="devtmpfs" ino=91 ioctlcmd=0x937e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[   44.069233][   T29] audit: type=1326 audit(1735402671.558:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3669 comm="syz.1.75" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f669ce75d29 code=0x7ffc0000
[   44.114550][ T3673] loop4: detected capacity change from 0 to 1024
[   44.120780][ T3675] loop0: detected capacity change from 0 to 1024
[   44.124451][ T3677] loop1: detected capacity change from 0 to 1024
[   44.131406][ T3675] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   44.146106][ T3677] EXT4-fs: quotafile must be on filesystem root
[   44.153020][ T3673] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   44.173114][ T3675] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   44.183811][ T3673] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   44.185418][ T3675] EXT4-fs (loop0): orphan cleanup on readonly fs
[   44.199395][ T3673] EXT4-fs (loop4): orphan cleanup on readonly fs
[   44.199757][ T3677] loop1: detected capacity change from 0 to 4096
[   44.206439][ T3673] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5837: Corrupt filesystem
[   44.223740][ T3675] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5837: Corrupt filesystem
[   44.234451][ T3675] EXT4-fs (loop0): Remounting filesystem read-only
[   44.241417][ T3675] EXT4-fs (loop0): 1 orphan inode deleted
[   44.247525][ T3673] EXT4-fs (loop4): Remounting filesystem read-only
[   44.248116][ T3675] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   44.266130][ T3675] SELinux: (dev loop0, type ext4) getxattr errno 5
[   44.266308][ T3677] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.273030][ T3675] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.287198][ T3673] EXT4-fs (loop4): 1 orphan inode deleted
[   44.308503][ T3673] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   44.320687][ T3673] SELinux: (dev loop4, type ext4) getxattr errno 5
[   44.327899][ T3673] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.426148][ T3690] lo speed is unknown, defaulting to 1000
[   44.476072][ T3697] loop2: detected capacity change from 0 to 512
[   44.476335][ T3697] EXT4-fs: inline encryption not supported
[   44.488394][ T3697] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.488465][ T3697] ext4 filesystem being mounted at /14/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   44.490769][ T3697] netlink: 'syz.2.81': attribute type 10 has an invalid length.
[   44.521591][ T3697] geneve1: entered promiscuous mode
[   44.526554][ T3697] bond0: (slave geneve1): Enslaving as an active interface with an up link
[   44.564317][ T3690] EXT4-fs error (device loop2): ext4_do_update_inode:5153: inode #2: comm syz.2.81: corrupted inode contents
[   44.578105][ T3690] EXT4-fs error (device loop2): ext4_dirty_inode:6041: inode #2: comm syz.2.81: mark_inode_dirty error
[   44.590551][ T3690] EXT4-fs error (device loop2): ext4_do_update_inode:5153: inode #2: comm syz.2.81: corrupted inode contents
[   44.625844][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.695373][ T3707] loop0: detected capacity change from 0 to 512
[   44.705582][ T3707] journal_path: Lookup failure for '�q�Y�3aK/file0'
[   44.712459][ T3707] EXT4-fs: error: could not find journal device path
[   44.727602][ T3707] netlink: 12 bytes leftover after parsing attributes in process `syz.0.85'.
[   45.543006][ T3726] netlink: 8 bytes leftover after parsing attributes in process `syz.4.92'.
[   45.576101][ T3729] loop4: detected capacity change from 0 to 1024
[   45.584811][ T3730] FAULT_INJECTION: forcing a failure.
[   45.584811][ T3730] name failslab, interval 1, probability 0, space 0, times 1
[   45.593112][ T3729] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   45.597591][ T3730] CPU: 0 UID: 0 PID: 3730 Comm: syz.2.91 Not tainted 6.13.0-rc4-syzkaller-00071-gfd0584d220fe #0
[   45.609002][ T3729] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   45.618204][ T3730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   45.618223][ T3730] Call Trace:
[   45.618240][ T3730]  <TASK>
[   45.618249][ T3730]  dump_stack_lvl+0xf2/0x150
[   45.647179][ T3730]  dump_stack+0x15/0x1a
[   45.651377][ T3730]  should_fail_ex+0x223/0x230
[   45.656143][ T3730]  should_failslab+0x8f/0xb0
[   45.660754][ T3730]  __kmalloc_noprof+0xab/0x3f0
[   45.665658][ T3730]  ? io_alloc_async_data+0x4a/0xb0
[   45.670840][ T3730]  io_alloc_async_data+0x4a/0xb0
[   45.675794][ T3730]  io_sendmsg_prep+0x323/0x600
[   45.680588][ T3730]  io_submit_sqes+0x5d0/0x1090
[   45.685381][ T3730]  __se_sys_io_uring_enter+0x1b9/0x1ba0
[   45.690984][ T3730]  ? 0xffffffff81000000
[   45.695179][ T3730]  ? selinux_file_permission+0x22a/0x360
[   45.700884][ T3730]  ? get_pid_task+0x8e/0xc0
[   45.705504][ T3730]  ? proc_fail_nth_write+0x12a/0x150
[   45.710887][ T3730]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   45.716589][ T3730]  ? vfs_write+0x596/0x920
[   45.721024][ T3730]  ? putname+0xcf/0xf0
[   45.725186][ T3730]  ? __fget_files+0x17c/0x1c0
[   45.729888][ T3730]  ? fput+0x1c4/0x200
[   45.733881][ T3730]  ? ksys_write+0x176/0x1b0
[   45.738406][ T3730]  __x64_sys_io_uring_enter+0x78/0x90
[   45.743904][ T3730]  x64_sys_call+0xb5e/0x2dc0
[   45.748579][ T3730]  do_syscall_64+0xc9/0x1c0
[   45.753089][ T3730]  ? clear_bhb_loop+0x55/0xb0
[   45.757777][ T3730]  ? clear_bhb_loop+0x55/0xb0
[   45.762471][ T3730]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   45.768398][ T3730] RIP: 0033:0x7f8c0ea95d29
[   45.772901][ T3730] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   45.792521][ T3730] RSP: 002b:00007f8c0d0e6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[   45.801015][ T3730] RAX: ffffffffffffffda RBX: 00007f8c0ec86080 RCX: 00007f8c0ea95d29
[   45.808994][ T3730] RDX: 0000000000004000 RSI: 0000000000002ded RDI: 0000000000000005
[   45.816996][ T3730] RBP: 00007f8c0d0e6090 R08: 0000000000000000 R09: 0000000000000000
[   45.825035][ T3730] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   45.833022][ T3730] R13: 0000000000000000 R14: 00007f8c0ec86080 R15: 00007ffffa450be8
[   45.841186][ T3730]  </TASK>
[   45.850591][ T3729] EXT4-fs (loop4): orphan cleanup on readonly fs
[   45.857884][ T3729] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5837: Corrupt filesystem
[   45.874514][ T3729] EXT4-fs (loop4): Remounting filesystem read-only
[   45.881323][ T3729] EXT4-fs (loop4): 1 orphan inode deleted
[   45.887710][ T3729] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   45.900550][ T3729] SELinux: (dev loop4, type ext4) getxattr errno 5
[   45.907337][ T3729] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.059529][ T3746] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   46.068337][ T3746] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   46.078420][ T3745] siw: device registration error -23
[   46.435478][ T3764] netlink: 'syz.2.106': attribute type 10 has an invalid length.
[   46.458093][    C1] hrtimer: interrupt took 30069 ns
[   46.627520][ T3778] netlink: 4 bytes leftover after parsing attributes in process `syz.0.111'.
[   46.636647][ T3778] netlink: 8 bytes leftover after parsing attributes in process `syz.0.111'.
[   46.768173][ T3787] loop0: detected capacity change from 0 to 1024
[   46.777000][ T3787] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   46.799114][ T3787] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   46.807250][ T3787] EXT4-fs (loop0): orphan cleanup on readonly fs
[   46.814173][ T3787] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5837: Corrupt filesystem
[   46.824666][ T3787] EXT4-fs (loop0): Remounting filesystem read-only
[   46.833507][ T3787] EXT4-fs (loop0): 1 orphan inode deleted
[   46.840043][ T3787] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   46.852458][ T3787] SELinux: (dev loop0, type ext4) getxattr errno 5
[   46.859507][ T3787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.032981][ T3805] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   47.041537][ T3805] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   47.053506][ T3804] siw: device registration error -23
[   47.125494][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.150889][ T3809] netlink: 4 bytes leftover after parsing attributes in process `syz.1.122'.
[   47.160962][ T3809] netlink: 8 bytes leftover after parsing attributes in process `syz.1.122'.
[   47.350695][ T3829] netlink: 4 bytes leftover after parsing attributes in process `syz.3.132'.
[   47.363857][ T3829] netlink: 8 bytes leftover after parsing attributes in process `syz.3.132'.
[   47.429230][ T3835] netlink: 4 bytes leftover after parsing attributes in process `syz.3.135'.
[   47.438563][ T3835] netlink: 8 bytes leftover after parsing attributes in process `syz.3.135'.
[   47.637130][ T3854] loop4: detected capacity change from 0 to 4096
[   47.651143][ T3854] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   47.700077][ T3857] lo speed is unknown, defaulting to 1000
[   47.784642][ T3854] lo speed is unknown, defaulting to 1000
[   47.791876][ T3860] loop3: detected capacity change from 0 to 512
[   47.798728][ T3860] EXT4-fs: inline encryption not supported
[   47.819775][ T3860] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   47.845841][ T3860] ext4 filesystem being mounted at /26/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   47.895217][ T3857] netlink: 'syz.3.143': attribute type 10 has an invalid length.
[   47.910038][ T3857] geneve1: entered promiscuous mode
[   47.910673][ T3298] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.925341][ T3857] bond0: (slave geneve1): Enslaving as an active interface with an up link
[   47.944482][ T3873] syz.1.148 uses obsolete (PF_INET,SOCK_PACKET)
[   47.977591][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.170590][ T3894] netlink: 'syz.0.155': attribute type 298 has an invalid length.
[   48.181455][ T3893] loop3: detected capacity change from 0 to 512
[   48.191648][ T3893] EXT4-fs error (device loop3): ext4_get_journal_inode:5809: inode #32: comm syz.3.156: iget: special inode unallocated
[   48.222523][ T3893] EXT4-fs (loop3): Remounting filesystem read-only
[   48.229207][ T3893] EXT4-fs (loop3): no journal found
[   48.234436][ T3893] EXT4-fs (loop3): can't get journal size
[   48.251726][ T3897] loop2: detected capacity change from 0 to 512
[   48.263543][ T3897] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 1, start 00000001)
[   48.273585][ T3897] FAT-fs (loop2): Filesystem has been set read-only
[   48.299000][ T3893] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[   48.310999][ T3893] EXT4-fs (loop3): failed to initialize system zone (-117)
[   48.334856][ T3893] EXT4-fs (loop3): mount failed
[   48.410502][ T3906] loop4: detected capacity change from 0 to 512
[   48.418224][ T3906] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   48.431352][ T3906] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   48.486258][ T3910] vhci_hcd: default hub control req: 0318 v0302 i0000 l0
[   48.516359][ T3914] vlan2: entered allmulticast mode
[   48.524764][ T3906] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2863: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   48.577602][ T3921] loop3: detected capacity change from 0 to 1024
[   48.611731][ T3906] EXT4-fs (loop4): 1 truncate cleaned up
[   48.617842][ T3906] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.694305][ T3906] FAULT_INJECTION: forcing a failure.
[   48.694305][ T3906] name failslab, interval 1, probability 0, space 0, times 0
[   48.707011][ T3906] CPU: 1 UID: 0 PID: 3906 Comm: syz.4.160 Not tainted 6.13.0-rc4-syzkaller-00071-gfd0584d220fe #0
[   48.717692][ T3906] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   48.727839][ T3906] Call Trace:
[   48.731157][ T3906]  <TASK>
[   48.734251][ T3906]  dump_stack_lvl+0xf2/0x150
[   48.738965][ T3906]  dump_stack+0x15/0x1a
[   48.743159][ T3906]  should_fail_ex+0x223/0x230
[   48.747910][ T3906]  should_failslab+0x8f/0xb0
[   48.750342][ T3921] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   48.752557][ T3906]  __kmalloc_noprof+0xab/0x3f0
[   48.767595][ T3906]  ? alloc_pipe_info+0x1cb/0x360
[   48.772660][ T3906]  alloc_pipe_info+0x1cb/0x360
[   48.777462][ T3906]  splice_direct_to_actor+0x60f/0x670
[   48.782859][ T3906]  ? __pfx_direct_splice_actor+0x10/0x10
[   48.788618][ T3906]  ? 0xffffffff81000000
[   48.792790][ T3906]  ? selinux_file_permission+0x22a/0x360
[   48.798507][ T3906]  ? __rcu_read_unlock+0x4e/0x70
[   48.803486][ T3906]  ? avc_policy_seqno+0x15/0x20
[   48.808390][ T3906]  ? selinux_file_permission+0x22a/0x360
[   48.814102][ T3906]  do_splice_direct+0xd7/0x150
[   48.818973][ T3906]  ? __pfx_direct_file_splice_eof+0x10/0x10
[   48.824906][ T3906]  do_sendfile+0x398/0x660
[   48.829370][ T3906]  __x64_sys_sendfile64+0x110/0x150
[   48.834611][ T3906]  x64_sys_call+0xfbd/0x2dc0
[   48.839309][ T3906]  do_syscall_64+0xc9/0x1c0
[   48.843833][ T3906]  ? clear_bhb_loop+0x55/0xb0
[   48.848597][ T3906]  ? clear_bhb_loop+0x55/0xb0
[   48.853334][ T3906]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   48.859268][ T3906] RIP: 0033:0x7f5325c75d29
[   48.863713][ T3906] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   48.883353][ T3906] RSP: 002b:00007f53242e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   48.891783][ T3906] RAX: ffffffffffffffda RBX: 00007f5325e65fa0 RCX: 00007f5325c75d29
[   48.899764][ T3906] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[   48.907741][ T3906] RBP: 00007f53242e7090 R08: 0000000000000000 R09: 0000000000000000
[   48.915804][ T3906] R10: 0000000080000000 R11: 0000000000000246 R12: 0000000000000001
[   48.923789][ T3906] R13: 0000000000000000 R14: 00007f5325e65fa0 R15: 00007fffe049dda8
[   48.931777][ T3906]  </TASK>
[   48.941804][   T29] kauditd_printk_skb: 652 callbacks suppressed
[   48.948022][   T29] audit: type=1326 audit(1735402676.348:1087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3922 comm="syz.2.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c0ea95d29 code=0x7ffc0000
[   48.971402][   T29] audit: type=1326 audit(1735402676.348:1088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3922 comm="syz.2.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c0ea95d29 code=0x7ffc0000
[   48.994814][   T29] audit: type=1326 audit(1735402676.348:1089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3922 comm="syz.2.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8c0ea95d29 code=0x7ffc0000
[   49.018204][   T29] audit: type=1326 audit(1735402676.348:1090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3922 comm="syz.2.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c0ea95d29 code=0x7ffc0000
[   49.041648][   T29] audit: type=1326 audit(1735402676.348:1091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3922 comm="syz.2.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c0ea95d29 code=0x7ffc0000
[   49.065077][   T29] audit: type=1326 audit(1735402676.348:1092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3922 comm="syz.2.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8c0ea95d29 code=0x7ffc0000
[   49.088441][   T29] audit: type=1326 audit(1735402676.348:1093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3922 comm="syz.2.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c0ea95d29 code=0x7ffc0000
[   49.111806][   T29] audit: type=1326 audit(1735402676.348:1094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3922 comm="syz.2.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c0ea95d29 code=0x7ffc0000
[   49.135271][   T29] audit: type=1326 audit(1735402676.348:1095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3922 comm="syz.2.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8c0ea95d29 code=0x7ffc0000
[   49.158729][   T29] audit: type=1326 audit(1735402676.428:1096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3922 comm="syz.2.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c0ea95d29 code=0x7ffc0000
[   49.168400][ T3921] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   49.215557][ T3298] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.226005][ T3921] EXT4-fs (loop3): orphan cleanup on readonly fs
[   49.234888][ T3921] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5837: Corrupt filesystem
[   49.244635][ T3921] EXT4-fs (loop3): Remounting filesystem read-only
[   49.251703][ T3921] EXT4-fs (loop3): 1 orphan inode deleted
[   49.258700][ T3921] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   49.290735][ T3921] SELinux: (dev loop3, type ext4) getxattr errno 5
[   49.297670][ T3921] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.307929][ T3938] xt_hashlimit: max too large, truncated to 1048576
[   49.336766][ T3935] Zero length message leads to an empty skb
[   49.511786][ T3954] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   49.528356][ T3954] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   49.542869][ T3946] siw: device registration error -23
[   49.921010][ T3972] __nla_validate_parse: 10 callbacks suppressed
[   49.921029][ T3972] netlink: 4 bytes leftover after parsing attributes in process `syz.0.183'.
[   49.961621][ T3972] netlink: 8 bytes leftover after parsing attributes in process `syz.0.183'.
[   50.151281][ T3979] loop3: detected capacity change from 0 to 1024
[   50.171558][ T3979] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   50.199685][ T3979] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   50.219679][ T3979] EXT4-fs (loop3): orphan cleanup on readonly fs
[   50.227018][ T3979] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5837: Corrupt filesystem
[   50.228144][ T3982] netlink: 8 bytes leftover after parsing attributes in process `syz.4.187'.
[   50.237232][ T3979] EXT4-fs (loop3): Remounting filesystem read-only
[   50.252270][ T3979] EXT4-fs (loop3): 1 orphan inode deleted
[   50.259375][ T3979] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   50.278258][ T3982] FAULT_INJECTION: forcing a failure.
[   50.278258][ T3982] name failslab, interval 1, probability 0, space 0, times 0
[   50.291057][ T3982] CPU: 1 UID: 0 PID: 3982 Comm: syz.4.187 Not tainted 6.13.0-rc4-syzkaller-00071-gfd0584d220fe #0
[   50.301677][ T3982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   50.311833][ T3982] Call Trace:
[   50.315128][ T3982]  <TASK>
[   50.318091][ T3982]  dump_stack_lvl+0xf2/0x150
[   50.318144][ T3979] SELinux: (dev loop3, type ext4) getxattr errno 5
[   50.318482][ T3979] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.322728][ T3982]  dump_stack+0x15/0x1a
[   50.342386][ T3982]  should_fail_ex+0x223/0x230
[   50.347097][ T3982]  should_failslab+0x8f/0xb0
[   50.351763][ T3982]  __kmalloc_node_track_caller_noprof+0xa8/0x410
[   50.358113][ T3982]  ? sidtab_sid2str_get+0xb8/0x140
[   50.363286][ T3982]  kmemdup_noprof+0x2a/0x60
[   50.367863][ T3982]  sidtab_sid2str_get+0xb8/0x140
[   50.372825][ T3982]  security_sid_to_context_core+0x1eb/0x2f0
[   50.378754][ T3982]  security_sid_to_context+0x27/0x30
[   50.384103][ T3982]  selinux_lsmprop_to_secctx+0x2c/0x40
[   50.389600][ T3982]  security_lsmprop_to_secctx+0x4a/0x90
[   50.395191][ T3982]  audit_log_task_context+0x93/0x1c0
[   50.400570][ T3982]  audit_log_task+0xf9/0x1c0
[   50.405239][ T3982]  audit_seccomp+0x68/0x130
[   50.409753][ T3982]  __seccomp_filter+0x6fa/0x1180
[   50.414966][ T3982]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   50.420641][ T3982]  ? vfs_write+0x596/0x920
[   50.425075][ T3982]  ? __schedule+0x6fa/0x930
[   50.429632][ T3982]  __secure_computing+0x9f/0x1c0
[   50.434632][ T3982]  syscall_trace_enter+0xd1/0x1f0
[   50.439682][ T3982]  do_syscall_64+0xaa/0x1c0
[   50.444194][ T3982]  ? clear_bhb_loop+0x55/0xb0
[   50.448959][ T3982]  ? clear_bhb_loop+0x55/0xb0
[   50.453683][ T3982]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   50.459600][ T3982] RIP: 0033:0x7f5325c75d29
[   50.464080][ T3982] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   50.483741][ T3982] RSP: 002b:00007f53242e7038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[   50.492167][ T3982] RAX: ffffffffffffffda RBX: 00007f5325e65fa0 RCX: 00007f5325c75d29
[   50.500218][ T3982] RDX: 0000000000000000 RSI: 0000000000001849 RDI: 0000000000000008
[   50.508286][ T3982] RBP: 00007f53242e7090 R08: 0000000000000000 R09: 0000000000000000
[   50.516306][ T3982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   50.524282][ T3982] R13: 0000000000000000 R14: 00007f5325e65fa0 R15: 00007fffe049dda8
[   50.532347][ T3982]  </TASK>
[   50.654662][ T3990] netlink: 'syz.1.190': attribute type 4 has an invalid length.
[   50.671763][    T8] lo speed is unknown, defaulting to 1000
[   50.677633][ T3990] netlink: 'syz.1.190': attribute type 4 has an invalid length.
[   50.743622][ T3374] lo speed is unknown, defaulting to 1000
[   50.856724][ T4006] netlink: 120 bytes leftover after parsing attributes in process `syz.1.192'.
[   50.868660][ T4006] netlink: 24 bytes leftover after parsing attributes in process `syz.1.192'.
[   50.935588][ T4019] netlink: 8 bytes leftover after parsing attributes in process `syz.4.199'.
[   50.947113][ T4020] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   50.970391][ T4020] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   50.990322][ T4012] siw: device registration error -23
[   51.025330][ T4025] lo speed is unknown, defaulting to 1000
[   51.049008][ T4028] loop0: detected capacity change from 0 to 1024
[   51.065972][ T4028] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   51.085988][ T4028] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   51.098541][ T4028] EXT4-fs (loop0): orphan cleanup on readonly fs
[   51.110100][ T4028] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5837: Corrupt filesystem
[   51.136827][ T4028] EXT4-fs (loop0): Remounting filesystem read-only
[   51.143665][ T4028] EXT4-fs (loop0): 1 orphan inode deleted
[   51.178411][ T4028] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   51.212260][ T4028] SELinux: (dev loop0, type ext4) getxattr errno 5
[   51.244829][ T4028] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.505367][ T4055] loop1: detected capacity change from 0 to 1024
[   51.562788][ T4055] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   51.657652][ T4068] loop3: detected capacity change from 0 to 1024
[   51.722351][ T4068] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   51.773832][ T4068] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   51.783117][ T4068] EXT4-fs (loop3): orphan cleanup on readonly fs
[   51.791006][ T4068] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5837: Corrupt filesystem
[   51.809725][ T4068] EXT4-fs (loop3): Remounting filesystem read-only
[   51.816668][ T4068] EXT4-fs (loop3): 1 orphan inode deleted
[   51.840473][ T4068] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   51.858872][ T4068] SELinux: (dev loop3, type ext4) getxattr errno 5
[   51.865713][ T4068] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.953682][ T4089] loop0: detected capacity change from 0 to 128
[   51.966128][ T4089] ext4: Bad value for 'min_batch_time'
[   52.003834][ T4089] FAULT_INJECTION: forcing a failure.
[   52.003834][ T4089] name failslab, interval 1, probability 0, space 0, times 0
[   52.016581][ T4089] CPU: 1 UID: 0 PID: 4089 Comm: syz.0.225 Not tainted 6.13.0-rc4-syzkaller-00071-gfd0584d220fe #0
[   52.027201][ T4089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   52.033126][ T4099] bridge: RTM_NEWNEIGH with invalid ether address
[   52.037258][ T4089] Call Trace:
[   52.046970][ T4089]  <TASK>
[   52.049923][ T4089]  dump_stack_lvl+0xf2/0x150
[   52.054554][ T4089]  dump_stack+0x15/0x1a
[   52.058750][ T4089]  should_fail_ex+0x223/0x230
[   52.063495][ T4089]  ? audit_log_d_path+0x96/0x250
[   52.068464][ T4089]  should_failslab+0x8f/0xb0
[   52.073095][ T4089]  __kmalloc_cache_noprof+0x4e/0x320
[   52.078411][ T4089]  audit_log_d_path+0x96/0x250
[   52.083195][ T4089]  ? __rcu_read_unlock+0x4e/0x70
[   52.088161][ T4089]  audit_log_d_path_exe+0x42/0x70
[   52.093218][ T4089]  audit_log_task+0x192/0x1c0
[   52.097923][ T4089]  audit_seccomp+0x68/0x130
[   52.102534][ T4089]  __seccomp_filter+0x6fa/0x1180
[   52.107608][ T4089]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   52.113327][ T4089]  ? vfs_write+0x596/0x920
[   52.117847][ T4089]  ? __schedule+0x6fa/0x930
[   52.122385][ T4089]  __secure_computing+0x9f/0x1c0
[   52.127455][ T4089]  syscall_trace_enter+0xd1/0x1f0
[   52.132536][ T4089]  do_syscall_64+0xaa/0x1c0
[   52.137077][ T4089]  ? clear_bhb_loop+0x55/0xb0
[   52.141834][ T4089]  ? clear_bhb_loop+0x55/0xb0
[   52.146531][ T4089]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.152494][ T4089] RIP: 0033:0x7f639ea85d29
[   52.156987][ T4089] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   52.176695][ T4089] RSP: 002b:00007f639d0f1038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c6
[   52.185130][ T4089] RAX: ffffffffffffffda RBX: 00007f639ec75fa0 RCX: 00007f639ea85d29
[   52.193107][ T4089] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000020000100
[   52.201086][ T4089] RBP: 00007f639d0f1090 R08: 0000000000000000 R09: 0000000000000000
[   52.209063][ T4089] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   52.217037][ T4089] R13: 0000000000000000 R14: 00007f639ec75fa0 R15: 00007ffc28f1f7d8
[   52.225159][ T4089]  </TASK>
[   52.348918][ T4109] loop3: detected capacity change from 0 to 1024
[   52.360835][ T4109] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   52.380400][ T4109] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   52.400117][ T4109] EXT4-fs (loop3): orphan cleanup on readonly fs
[   52.408795][ T4109] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5837: Corrupt filesystem
[   52.448716][ T4109] EXT4-fs (loop3): Remounting filesystem read-only
[   52.459903][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.478851][ T4109] EXT4-fs (loop3): 1 orphan inode deleted
[   52.494947][ T4109] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   52.536067][ T4109] SELinux: (dev loop3, type ext4) getxattr errno 5
[   52.568162][ T4109] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.621914][ T4118] netlink: 16 bytes leftover after parsing attributes in process `syz.1.231'.
[   52.706919][ T4122] xt_hashlimit: max too large, truncated to 1048576
[   52.715963][ T3365] hid-generic 0000:0000:0000.0001: unknown main item tag 0x6
[   52.723452][ T3365] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   52.730893][ T3365] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   52.738338][ T3365] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   52.745750][ T3365] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   52.753240][ T3365] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   52.760682][ T3365] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   52.766871][ T4126] lo speed is unknown, defaulting to 1000
[   52.768123][ T3365] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   52.768150][ T3365] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   52.768174][ T3365] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   52.768199][ T3365] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   52.768231][ T3365] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   52.768257][ T3365] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   52.768284][ T3365] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   52.768309][ T3365] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   52.768346][ T3365] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   52.768374][ T3365] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   52.768400][ T3365] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   52.768427][ T3365] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   52.768451][ T3365] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   52.768509][ T3365] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   52.768533][ T3365] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   52.768560][ T3365] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   52.768587][ T3365] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   52.768614][ T3365] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   52.768679][ T3365] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   52.768706][ T3365] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   52.768733][ T3365] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   52.768759][ T3365] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   52.790858][ T3365] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.03 Device [syz0] on syz0
[   52.881844][ T4131] loop4: detected capacity change from 0 to 512
[   52.961184][ T4131] EXT4-fs: inline encryption not supported
[   52.974833][ T4139] FAULT_INJECTION: forcing a failure.
[   52.974833][ T4139] name failslab, interval 1, probability 0, space 0, times 0
[   52.987605][ T4139] CPU: 0 UID: 0 PID: 4139 Comm: syz.3.241 Not tainted 6.13.0-rc4-syzkaller-00071-gfd0584d220fe #0
[   52.998226][ T4139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   53.008398][ T4139] Call Trace:
[   53.011712][ T4139]  <TASK>
[   53.014650][ T4139]  dump_stack_lvl+0xf2/0x150
[   53.019273][ T4139]  dump_stack+0x15/0x1a
[   53.023496][ T4139]  should_fail_ex+0x223/0x230
[   53.028192][ T4139]  ? sctp_add_bind_addr+0x6f/0x1e0
[   53.033384][ T4139]  should_failslab+0x8f/0xb0
[   53.038020][ T4139]  __kmalloc_cache_noprof+0x4e/0x320
[   53.043320][ T4139]  sctp_add_bind_addr+0x6f/0x1e0
[   53.048273][ T4139]  sctp_copy_local_addr_list+0x19b/0x220
[   53.053917][ T4139]  sctp_copy_one_addr+0x83/0x410
[   53.058935][ T4139]  sctp_bind_addr_copy+0x81/0x2b0
[   53.064005][ T4139]  sctp_assoc_set_bind_addr_from_ep+0xc0/0xd0
[   53.070209][ T4139]  sctp_connect_new_asoc+0x1d0/0x3b0
[   53.075531][ T4139]  sctp_sendmsg+0xf05/0x1920
[   53.080200][ T4139]  ? __pfx_sctp_sendmsg+0x10/0x10
[   53.085293][ T4139]  inet_sendmsg+0xc5/0xd0
[   53.089716][ T4139]  __sock_sendmsg+0x102/0x180
[   53.094481][ T4139]  ____sys_sendmsg+0x312/0x410
[   53.099325][ T4139]  __sys_sendmsg+0x19d/0x230
[   53.104031][ T4139]  __x64_sys_sendmsg+0x46/0x50
[   53.108874][ T4139]  x64_sys_call+0x2734/0x2dc0
[   53.113667][ T4139]  do_syscall_64+0xc9/0x1c0
[   53.118194][ T4139]  ? clear_bhb_loop+0x55/0xb0
[   53.122961][ T4139]  ? clear_bhb_loop+0x55/0xb0
[   53.127715][ T4139]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   53.133698][ T4139] RIP: 0033:0x7f59ae7b5d29
[   53.138262][ T4139] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   53.157881][ T4139] RSP: 002b:00007f59ace27038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   53.166340][ T4139] RAX: ffffffffffffffda RBX: 00007f59ae9a5fa0 RCX: 00007f59ae7b5d29
[   53.174364][ T4139] RDX: 0000000000008844 RSI: 0000000020000580 RDI: 0000000000000004
[   53.182346][ T4139] RBP: 00007f59ace27090 R08: 0000000000000000 R09: 0000000000000000
[   53.190326][ T4139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   53.198302][ T4139] R13: 0000000000000000 R14: 00007f59ae9a5fa0 R15: 00007ffd6229f598
[   53.206329][ T4139]  </TASK>
[   53.259522][ T4142] netlink: 16 bytes leftover after parsing attributes in process `syz.1.242'.
[   53.296948][ T4142] bond0: option ad_select: unable to set because the bond device is up
[   53.315730][ T4131] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   53.328596][ T4131] ext4 filesystem being mounted at /61/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   53.344386][ T4126] netlink: 'syz.4.237': attribute type 10 has an invalid length.
[   53.361597][ T4126] geneve1: entered promiscuous mode
[   53.401673][ T4126] bond0: (slave geneve1): Enslaving as an active interface with an up link
[   53.490187][ T3298] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.593959][ T4158] loop0: detected capacity change from 0 to 512
[   53.618360][ T4158] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[   53.644361][ T4158] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=884ee02c, mo2=0102]
[   53.674879][ T4158] EXT4-fs (loop0): orphan cleanup on readonly fs
[   53.688534][ T4158] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.247: invalid indirect mapped block 2185560079 (level 1)
[   53.707469][ T4170] xt_hashlimit: max too large, truncated to 1048576
[   53.716668][ T4158] EXT4-fs (loop0): Remounting filesystem read-only
[   53.724139][ T4158] EXT4-fs (loop0): 1 truncate cleaned up
[   53.760625][ T4158] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: writeback.
[   53.795956][ T4158] SELinux: (dev loop0, type ext4) getxattr errno 5
[   53.806487][ T4178] loop1: detected capacity change from 0 to 512
[   53.847880][ T4158] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[   53.902858][ T4178] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   53.929167][ T4178] EXT4-fs (loop1): 1 truncate cleaned up
[   53.942316][ T4174] lo speed is unknown, defaulting to 1000
[   53.951897][   T29] kauditd_printk_skb: 422 callbacks suppressed
[   53.951916][   T29] audit: type=1326 audit(1735402681.448:1498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4179 comm="syz.2.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c0ea95d29 code=0x7ffc0000
[   53.988265][   T29] audit: type=1326 audit(1735402681.448:1499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4179 comm="syz.2.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c0ea95d29 code=0x7ffc0000
[   54.011791][   T29] audit: type=1326 audit(1735402681.468:1500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4179 comm="syz.2.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7f8c0ea95d29 code=0x7ffc0000
[   54.035248][   T29] audit: type=1326 audit(1735402681.468:1501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4179 comm="syz.2.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c0ea95d29 code=0x7ffc0000
[   54.058684][   T29] audit: type=1326 audit(1735402681.468:1502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4179 comm="syz.2.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=29 compat=0 ip=0x7f8c0ea95d29 code=0x7ffc0000
[   54.058841][ T4178] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   54.082069][   T29] audit: type=1326 audit(1735402681.468:1503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4179 comm="syz.2.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c0ea95d29 code=0x7ffc0000
[   54.117391][   T29] audit: type=1326 audit(1735402681.468:1504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4179 comm="syz.2.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=31 compat=0 ip=0x7f8c0ea95d29 code=0x7ffc0000
[   54.140746][   T29] audit: type=1326 audit(1735402681.468:1505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4179 comm="syz.2.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c0ea95d29 code=0x7ffc0000
[   54.164536][   T29] audit: type=1326 audit(1735402681.468:1506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4179 comm="syz.2.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8c0ea95d29 code=0x7ffc0000
[   54.187949][   T29] audit: type=1326 audit(1735402681.468:1507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4179 comm="syz.2.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c0ea95d29 code=0x7ffc0000
[   54.357737][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.387331][ T4201] loop0: detected capacity change from 0 to 512
[   54.431282][ T4201] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   54.446803][ T4201] ext4 filesystem being mounted at /65/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   54.552970][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.571725][ T4221] netlink: 'syz.1.263': attribute type 21 has an invalid length.
[   54.580338][ T4221] netlink: 132 bytes leftover after parsing attributes in process `syz.1.263'.
[   55.397619][ T4288] netlink: 28 bytes leftover after parsing attributes in process `syz.4.283'.
[   55.406562][ T4288] netlink: 28 bytes leftover after parsing attributes in process `syz.4.283'.
[   55.415526][ T4288] netlink: 12 bytes leftover after parsing attributes in process `syz.4.283'.
[   55.452645][ T4290] netlink: 12 bytes leftover after parsing attributes in process `syz.4.283'.
[   55.755767][ T4302] netlink: 12 bytes leftover after parsing attributes in process `syz.4.289'.
[   55.989080][ T4310] netlink: 132 bytes leftover after parsing attributes in process `syz.4.292'.
[   56.101332][ T4314] vhci_hcd: default hub control req: 0318 v0302 i0000 l0
[   56.144107][ T4317] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   56.178243][ T4317] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   56.208729][ T4316] siw: device registration error -23
[   56.286587][ T4324] loop0: detected capacity change from 0 to 1024
[   56.307521][ T4326] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   56.317476][ T4324] EXT4-fs: quotafile must be on filesystem root
[   56.324481][ T4326] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   56.367015][ T4321] siw: device registration error -23
[   56.447078][ T4324] loop0: detected capacity change from 0 to 4096
[   56.487217][ T4324] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   56.607415][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.630066][ T4332] loop3: detected capacity change from 0 to 256
[   56.677401][ T4332] FAT-fs (loop3): Directory bread(block 64) failed
[   56.696175][ T4332] FAT-fs (loop3): Directory bread(block 65) failed
[   56.717130][ T4332] FAT-fs (loop3): Directory bread(block 66) failed
[   56.739950][ T4332] FAT-fs (loop3): Directory bread(block 67) failed
[   56.740040][ T4336] loop1: detected capacity change from 0 to 128
[   56.746527][ T4332] FAT-fs (loop3): Directory bread(block 68) failed
[   56.760704][ T4332] FAT-fs (loop3): Directory bread(block 69) failed
[   56.767259][ T4332] FAT-fs (loop3): Directory bread(block 70) failed
[   56.775318][ T4332] FAT-fs (loop3): Directory bread(block 71) failed
[   56.778620][ T4336] ext4: Bad value for 'min_batch_time'
[   56.791426][ T4332] FAT-fs (loop3): Directory bread(block 72) failed
[   56.800111][ T4332] FAT-fs (loop3): Directory bread(block 73) failed
[   56.906700][ T4350] FAULT_INJECTION: forcing a failure.
[   56.906700][ T4350] name failslab, interval 1, probability 0, space 0, times 0
[   56.919514][ T4350] CPU: 1 UID: 0 PID: 4350 Comm: syz.2.303 Not tainted 6.13.0-rc4-syzkaller-00071-gfd0584d220fe #0
[   56.930152][ T4350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   56.940232][ T4350] Call Trace:
[   56.943533][ T4350]  <TASK>
[   56.946530][ T4350]  dump_stack_lvl+0xf2/0x150
[   56.951201][ T4350]  dump_stack+0x15/0x1a
[   56.955393][ T4350]  should_fail_ex+0x223/0x230
[   56.960105][ T4350]  ? audit_log_d_path+0x96/0x250
[   56.965243][ T4350]  should_failslab+0x8f/0xb0
[   56.969882][ T4350]  __kmalloc_cache_noprof+0x4e/0x320
[   56.975196][ T4350]  audit_log_d_path+0x96/0x250
[   56.980007][ T4350]  ? __rcu_read_unlock+0x4e/0x70
[   56.984981][ T4350]  audit_log_d_path_exe+0x42/0x70
[   56.990095][ T4350]  audit_log_task+0x192/0x1c0
[   56.994860][ T4350]  audit_seccomp+0x68/0x130
[   56.999409][ T4350]  __seccomp_filter+0x6fa/0x1180
[   57.004435][ T4350]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   57.010173][ T4350]  ? vfs_write+0x596/0x920
[   57.014615][ T4350]  ? __schedule+0x6fa/0x930
[   57.019177][ T4350]  __secure_computing+0x9f/0x1c0
[   57.024199][ T4350]  syscall_trace_enter+0xd1/0x1f0
[   57.029287][ T4350]  do_syscall_64+0xaa/0x1c0
[   57.033814][ T4350]  ? clear_bhb_loop+0x55/0xb0
[   57.038516][ T4350]  ? clear_bhb_loop+0x55/0xb0
[   57.043289][ T4350]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   57.049252][ T4350] RIP: 0033:0x7f8c0ea95d29
[   57.053711][ T4350] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   57.073488][ T4350] RSP: 002b:00007f8c0d107038 EFLAGS: 00000246 ORIG_RAX: 0000000000000138
[   57.082061][ T4350] RAX: ffffffffffffffda RBX: 00007f8c0ec85fa0 RCX: 00007f8c0ea95d29
[   57.090065][ T4350] RDX: 0000000000000002 RSI: 000000000000007c RDI: 000000000000007c
[   57.098075][ T4350] RBP: 00007f8c0d107090 R08: ffffffffffffffff R09: 0000000000000000
[   57.106148][ T4350] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[   57.114147][ T4350] R13: 0000000000000000 R14: 00007f8c0ec85fa0 R15: 00007ffffa450be8
[   57.122327][ T4350]  </TASK>
[   57.287924][ T3311] ==================================================================
[   57.296064][ T3311] BUG: KCSAN: data-race in shmem_add_to_page_cache / shmem_getattr
[   57.304003][ T3311] 
[   57.306346][ T3311] read-write to 0xffff8881178fc818 of 8 bytes by task 4362 on cpu 1:
[   57.314437][ T3311]  shmem_add_to_page_cache+0x3b9/0x4b0
[   57.319931][ T3311]  shmem_get_folio_gfp+0x4f6/0xd90
[   57.325071][ T3311]  shmem_write_begin+0xa2/0x180
[   57.329959][ T3311]  generic_perform_write+0x1a8/0x4a0
[   57.335282][ T3311]  shmem_file_write_iter+0xc2/0xe0
[   57.340454][ T3311]  __kernel_write_iter+0x24b/0x4e0
[   57.345610][ T3311]  dump_user_range+0x3ac/0x550
[   57.350427][ T3311]  elf_core_dump+0x1bdc/0x1ce0
[   57.355224][ T3311]  do_coredump+0x1898/0x1f40
[   57.359840][ T3311]  get_signal+0xd4f/0x1000
[   57.364287][ T3311]  arch_do_signal_or_restart+0x95/0x4b0
[   57.369873][ T3311]  irqentry_exit_to_user_mode+0xa7/0x120
[   57.375557][ T3311]  irqentry_exit+0x12/0x50
[   57.380005][ T3311]  asm_exc_page_fault+0x26/0x30
[   57.384905][ T3311] 
[   57.387239][ T3311] read to 0xffff8881178fc818 of 8 bytes by task 3311 on cpu 0:
[   57.394891][ T3311]  shmem_getattr+0x69/0x200
[   57.399429][ T3311]  vfs_statx_path+0x171/0x2d0
[   57.404133][ T3311]  vfs_statx+0xe1/0x170
[   57.408314][ T3311]  __se_sys_newfstatat+0xdc/0x300
[   57.413365][ T3311]  __x64_sys_newfstatat+0x55/0x70
[   57.418423][ T3311]  x64_sys_call+0x236d/0x2dc0
[   57.423143][ T3311]  do_syscall_64+0xc9/0x1c0
[   57.427667][ T3311]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   57.433616][ T3311] 
[   57.436040][ T3311] value changed: 0x000000000000045b -> 0x000000000000045c
[   57.443165][ T3311] 
[   57.445501][ T3311] Reported by Kernel Concurrency Sanitizer on:
[   57.451675][ T3311] CPU: 0 UID: 0 PID: 3311 Comm: syz-executor Not tainted 6.13.0-rc4-syzkaller-00071-gfd0584d220fe #0
[   57.462561][ T3311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   57.472759][ T3311] ==================================================================