last executing test programs:

30.879814871s ago: executing program 2 (id=3387):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000140)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r3, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1000f4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xb4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x7, 0x4, 0x18, 0xa042, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x18, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x55, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r5}, 0x18)
semctl$IPC_SET(0x0, 0x0, 0x1, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00'})
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000001e00100000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000fcffffffb702000004000000b7030000000000de850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x3d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x62000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xc}, 0x100000, 0x0, 0x0, 0x6, 0x3, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r7, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r8], 0x38}, 0x1, 0x0, 0x0, 0x4000011}, 0x0)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r7, &(0x7f0000000500)={0x0, 0x1fff, &(0x7f00000004c0)={&(0x7f0000000580)={0x14, r8, 0x1, 0x70bd28, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x890)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r6}, 0x18)
r9 = socket$packet(0x11, 0x3, 0x300)
r10 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000100)={'geneve1\x00', <r11=>0x0})
sendto$packet(r9, &(0x7f0000000240)="163c8f3f8a5d66571e583e7c88a8de0688a823e786dd", 0x16, 0x0, &(0x7f0000000200)={0x11, 0x0, r11, 0x1, 0x0, 0x6, @broadcast}, 0x14)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r4, 0x404c534a, &(0x7f0000000040))

30.441475644s ago: executing program 2 (id=3395):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x141a82, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
write$cgroup_int(r0, &(0x7f0000000040)=0x922, 0x12)

30.406714994s ago: executing program 2 (id=3396):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x141a82, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000140)="d800000018007b29e00212ba0d8105040a601800fe0f040b067c55a1bc0009001e0006990600000015000500fe800000000000000300014002000c0901ac04000bd67f6f94007100a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b11602b2a10c11ce1b14d6d930dfe1d9d322fe04fb95cae8c9010000730d7a5025ccca262f3d40fad95667e04adcdf634c1f215ce3bb9ad8ffd5e1cace81ccd40dd601edef3d93452a92307ff0ff0e97031e9f05e9f16e9cb500"/216, 0xd8}, {0x0}], 0x2, 0x0, 0x0, 0x2663}, 0x0)
write$cgroup_int(r0, &(0x7f0000000040)=0x922, 0x12)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000180)={'syztnl0\x00', &(0x7f0000000500)={'syztnl2\x00', <r4=>0x0, 0x4, 0x0, 0x1, 0x8000, 0x1, @private0={0xfc, 0x0, '\x00', 0x1}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x7800, 0x7800, 0x9, 0x1}})
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0xb, 0x5, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', r4, 0xffffffffffffffff, 0x3, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000200)=ANY=[@ANYRES8=r5, @ANYRES32=r5, @ANYBLOB="0000000000000000b708000000f1ff007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000000)='kmem_cache_free\x00', r6}, 0x10)
r7 = socket(0x200000000000011, 0x2, 0x9)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000280)={'syz_tun\x00', <r8=>0x0})
bind$packet(r7, &(0x7f0000000080)={0x11, 0x800, r8, 0x1, 0x0, 0x6, @random="518440db9de1"}, 0x14)
sendmmsg$inet(r7, &(0x7f0000001900)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4081)
r9 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r9, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x5f, 0xffffffffffffffff, {0x29}}, './file0\x00'})

30.352634624s ago: executing program 2 (id=3397):
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f00000000c0)={[{@discard}, {@bsdgroups}, {@resuid}, {@noblock_validity}, {@minixdf}, {@errors_remount}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x6}}, {@data_err_abort}]}, 0x1, 0x5d8, &(0x7f0000000600)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000340)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000200), 0x0, 0x0, 0x1) (fail_nth: 2)

29.988970356s ago: executing program 2 (id=3398):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x8, &(0x7f00000037c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000a70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c21f664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffaf4ab87b1bfed9fbe586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff90326eea31ae460f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf8714d7bb2366fde41f94290c2a5fdecb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1f5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27832b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd210819203a513a67da4a571ce585a17a02a210382f14d12ca3c3431ee97471c785a69da7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedda1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a540f0c10ec3a11667290b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad95971030000007d00000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfadfdd708789a20287d58187fbd49fa410632f95a5f622f851c66ee7e30393cd574d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91647b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf06d0000f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe6e7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a1914b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d0104361c37c61a43b5afd865b60d4cae891b73220f17d25979a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c056d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e64701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000300)='sys_enter\x00', r0}, 0x10)
mount_setattr(0xffffffffffffff9c, 0x0, 0x0, &(0x7f0000001500)={0x98, 0x70}, 0x20)

23.962190575s ago: executing program 2 (id=3476):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = epoll_create1(0x0)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f00000000c0)={0xe000001a})
epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r2, &(0x7f0000000000))

23.941296225s ago: executing program 32 (id=3476):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = epoll_create1(0x0)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f00000000c0)={0xe000001a})
epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r2, &(0x7f0000000000))

7.762213053s ago: executing program 0 (id=3724):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000700)={&(0x7f0000000740)=ANY=[@ANYBLOB="9feb01001800000000000000240000002400000002000000000000000300000d"], 0x0, 0x3e, 0x0, 0xa, 0x4, 0x0, @void, @value}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000f7850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f00000000c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r1, 0x0)
connect$unix(r0, &(0x7f0000fce000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc)
accept(r1, 0x0, 0x0)

7.742269253s ago: executing program 0 (id=3725):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r1, &(0x7f0000000040)={0x18, 0x0, {0x4, @multicast, 'erspan0\x00'}}, 0x1e)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
preadv2(0xffffffffffffffff, &(0x7f00000002c0)=[{&(0x7f0000000f80)=""/4096, 0x1000}], 0x1, 0xe, 0x1c00000, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
connect$pppoe(0xffffffffffffffff, &(0x7f00000000c0)={0x18, 0x0, {0x2, @empty, 'veth1_to_bridge\x00'}}, 0x1e)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="2800000010000108000000000000020000000000", @ANYRES32=0x0, @ANYBLOB="804001000000000008001b00"], 0x28}, 0x1, 0x0, 0x0, 0x40}, 0x0)

7.722272723s ago: executing program 0 (id=3726):
r0 = mq_open(0x0, 0x42, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000000002000000000ff000000850000000f000000850000000500000095", @ANYRESOCT=r1, @ANYRES8=r1, @ANYRES64=r0], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x3c, r2, 0x7, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_OURS={0x10, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x9}]}]}, 0x3c}}, 0x0)

7.704143423s ago: executing program 0 (id=3728):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f00000700000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000e62dc4c579498e8000"/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x2, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2d600007b8af892b9fe051d4807a1b6b505f86100bfa200000000000007020000f8ffffffb700000000000000b704000000"], 0x0, 0x4ee4, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="09000000200000012cbd7000fedbdf250a1410d6090000050400010014000200ff01000000000000000000000000000108000f000df8000008"], 0x88}, 0x1, 0x0, 0x0, 0x881}, 0x4010)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
socket$igmp(0x2, 0x3, 0x2)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2}, 0x4)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x13, 0x4, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x4c}, [@call={0x85, 0x0, 0x0, 0x2}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f00000003c0), 0x5, r4}, 0x38)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r6, &(0x7f0000000000)=0xfe8e, 0x12)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x4a16, &(0x7f0000000080)=ANY=[@ANYRES16=0x0, @ANYRESDEC, @ANYRESHEX, @ANYRES64=r6, @ANYRES32], 0x5, 0x31e, &(0x7f0000000a80)="$eJzs3M9LG1sUwPFjjDGJzySLx3u8Bw8v721eN4OmXZeGolAaqKgp1UJh1EkbMk0kEywppeqq29J9V4UuxKU7ofUfcNNdu+mmOzeFLuqidEomM+anmsZorH4/IHNz7z3m3sxNOBNyZ/fO84fZtKWl9aL4gkp+ExHZE4mJTzx97tHnlANSa1UuDX15/8/07NzNRDI5PqXURGLmclwpFRl58+hJyO22NSg7sXu7n+Ofdv7Y+Wv3+8yDjKUylsrli0pX8/mPRX3eNNRixspqSk2ahm4ZKpOzjEKlPV9pT5v5paWS0nOLw+GlgmFZSs+VVNYoqWJeFQslpd/XMzmlaZoaDguOklqfmtITHQYvdHkwOCGFQkLvF5FQU0tqvScDAgAAPdWY//vKKX1H+b9EnPy/3Lma/2/8u10cur0ZcfP/rUCr/P/Kh8r/qsv/gyLSSf7/Un4i/2/OiC6WY+X/OBtGAk1VfXWPyvl/2H3/Otbubow6BfJ/AAAAAAAAAAAAAAAAAAAAAAB+BXu2HbVtO+odvb/qFgL3Mc6lg87/oIgEy2ff5vyfZ9OzcxJ0Nu75IyLms+XUcqpydDtsi4gphoxKVL4568FVLns7j1RZTN6aK278ynKq32lJpCXjxI9JVGKN8bY9cSM5PqYq3Pj9bUrh2vi4ROX31vHx+nj3+QPy/3818ZpE5d2C5MWURWddV+Ofjil1/VayIT7k9AMAAAAA4DzQ1L6W1++adlB75S4j+9fXLb8fqFxfj7a8PvdH//b3evYAAAAAAFwMVulxVjdNo3BIISRH9+m84G+vc6ChZuCwzv01M2x3PAHn9y4ix53XqzZf1bqC90OKuqagW9nZeLz5d+18rdbW+KSNKH/j4EfKFeq44/G+Ngoc8DrLZHOU75CVMNC19fzni9dfu/cGubrprYCjO691+lzBxlXnFAZO47MHAAAAwOmqJv1ezbXa5r6eDAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAvmRG7p11Do9RwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAs+JHAAAA//+3evqP")
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r6, &(0x7f0000000400)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000300)={0x88, 0x0, 0x400, 0x70bd25, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_ADDR={0x2c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @broadcast}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0xf3}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0xc}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x8}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast1}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x7}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0xff}, @MPTCP_PM_ATTR_ADDR_REMOTE={0xc, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x4000101}, 0xa917d284f7e6664e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kfree\x00', r5}, 0x10)
sendmsg$NFT_BATCH(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELFLOWTABLE={0x60, 0x16, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x3}, @NFTA_FLOWTABLE_HOOK={0x2c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'netdevsim0\x00'}]}]}]}], {0x14, 0x10}}, 0xa8}, 0x1, 0x0, 0x0, 0x4080}, 0x0)

7.622126654s ago: executing program 0 (id=3731):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = socket(0x200000100000011, 0x803, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040), 0x4)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000280), 0x4)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
getsockopt$EBT_SO_GET_INFO(r2, 0x0, 0x80, &(0x7f0000000380)={'broute\x00', 0x0, 0x0, 0x0, [0x4, 0x7fff, 0xa, 0xffffffffffffffff, 0x8e, 0x6]}, &(0x7f0000000400)=0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00'}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x21085e, &(0x7f00000001c0)={[{@grpquota}, {@nouid32}, {@minixdf}]}, 0x1, 0x504, &(0x7f0000001480)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9sCWE0KoEqJHkNqQuFEUO45ipzShh/TMFYlKnODIH8C5J+5cENy4lAMSPyJQg8TBaMaT1E3tJtokdhR/PtJo3ps3nu97cea9+Dn2C2BoXY2I3YgYi4h7ETGdHc9lW9xqb8l5z/ceLe3vPVrKRat155+5tDw5Fh2PSVzJrlmMiB9+N+InuVfjNrZ31har1cpmlp9t1jZmG9s7N1ZriyuVlcp6ubwwvzD3yc2Py2fW1vdqY1nqq8/+sPutnyXVmsqOdLbjLLWbXjiMkxiNiO+fR7ABGMnaMzboivC55CPi7Yh4P73/p2MkfTYBgMus1ZqO1nRnHgC47PLpHFguX8rmAqYiny+V2nN478RkvlpvNK/fr2+tL7fnymaikL+/Wq3MZXOFM1HIJfn5NP0iXz6SvxkRb0XEL8Yn0nxpqV5dHuQfPgAwxK4cGf//M94e/wGAS6446AoAAH1n/AeA4WP8B4DhY/wHgOHTHv8nBl0NAKCPvP4HgOFj/AeAofKD27eTrbWfff/18oPtrbX6gxvLlcZaqba1VFqqb26UVur1lfQ7e2rHXa9ar2/MfxRbD2e+vdFozja2d+7W6lvrzbvp93rfrRTSs3b70DIAoJe33nv651wyIn86kW7RsZZDYaA1A85bftAVAAZmZNAVAAbGal8wvE7xGt/0AFwSXZbofUmx2weEWq1W6/yqBJyza18y/w/DqmP+338Bw5Ax/w/Dy/w/DK9WK3fSNf/jpCcCABebOX6gx/v/b2f732ZvDvx4+egZT7o+bjfrXs6uggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHABHaz/W8rWAp+KfL5UingjImaikLu/Wq3MRcSbEfGn8cJ4kp8fcJ0BgNPK/y2Xrf91bfrDqZeK3r1ymByLiJ/+6s4vHy42m5t/jBjL/Wv84HjzSXa83P/aAwDHOxin033HC/nne4+WDrZ+1ufv34mIYjv+/t5Y7B/GH43RdF+MQkRM/juX5dtyHXMXp7H7OCK+2K39uZhK50DaK58ejZ/EfqOv8fMvxc+nZe198rP4whnUBYbN06T/udXt/svH1XTf/f4vpj3U6WX9X3Kppf20D3wR/6D/G+nR/109aYyPfv+9dmri1bLHEV8ejTiIvd/R/xzEz/WI/+EJ4//lK+++36us9euIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m85Rz/YeDf7x6fU3e5Ul7Z/sEb94TPu/fsL2/+Z/9370tdfE/+YH3eLn453XxE/GxG+cMP7i5O+KvcqS+Ms92n/c83/9hPGf/XXnlWXDAYDBaWzvrC1Wq5VNCYmLn0h+ZS9ANbomPutXrLHoXvTzD9r39JGiVuv1F/yse1GvHuMsZt2Ai+Dwpo+I/w66MgAAAAAAAAAAAAAAQFf9+MTSoNsIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5fX/AAAA//+YXdZi")
r3 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r3, 0x7, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000300)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
mount$bind(0x0, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x2080000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000480)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
mount$bind(&(0x7f00000004c0)='./file0/../file0\x00', &(0x7f0000000180)='./file0/../file0\x00', 0x0, 0x297881, 0x0)
mount$bind(&(0x7f0000000280)='./file0\x00', &(0x7f0000002100)='./file0/file0\x00', 0x0, 0x2187017, 0x0)
r4 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
removexattr(&(0x7f0000000400)='./file0\x00', &(0x7f0000000440)=ANY=[@ANYBLOB="a9ff763c99"])
r5 = fcntl$dupfd(r4, 0x0, r4)
ioctl$SCSI_IOCTL_GET_PCI(r5, 0x5393, &(0x7f0000000000))
bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='./file1\x00', r5}, 0x18)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file1\x00', &(0x7f0000000240), 0x10000, 0x0)
mount$tmpfs(0x0, &(0x7f0000000140)='./file0/file0\x00', &(0x7f00000001c0), 0x0, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)

7.326493115s ago: executing program 0 (id=3738):
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SET_NAME(0xf, 0x0)
ioctl$TCSETAF(0xffffffffffffffff, 0x5408, &(0x7f0000000040)={0x1, 0xfff9, 0x7fff, 0x9, 0xa, "2f75030632c24ebc"})
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000031c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = mq_open(&(0x7f0000001140)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xd3\xa7\xd8J\xfd\x94#KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\xd8\x01YZy\xe6!\x89\x9c\xd1\xa6\x167\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa\xe0\x9d\x97Te\x81\x98L\xfe\x97+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xeb\x84\x99\xc6\x0f\xf1\xd5LD\xa87\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xb4\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*@v\xe7\xd1\xee\xb3\xc2\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xf2\x1e\xcd\v\xe5L\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3~$\xc0\xa5n\x9a W\xb1e\xcc<$\xdf\x15\f]\x15\xf5#G\xce\xaf\x88U\xfa\x80\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v\xb9\xdc\xd6\x87\x8f\xcd\xc1\xb05\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe1:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6\x8b\x18/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f:Z\xb8\xee;\xe3;\x8aPV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\t\x11\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\x8a\x82\x19\xb0\t\xac\x10\\\x8c\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\xca\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xad3\x91\xa5\xe6!\xcd\xa2\xa4\x14\x12\xf9\xbf\xa8b\xcec:\xd7\'\f\f\x957\xc9}\r\xa6\xaa\x0f\xca\x96\xeb', 0x42, 0x0, 0x0)
mq_timedsend(r1, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r1, 0x0, 0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000006c0)='./file0\x00', 0x19f, &(0x7f0000000100), 0x80, 0x550, &(0x7f0000000700)="$eJzs3c9rJFkdAPBvddKz8yOznVUPuuC4uiszi073ZOPuBg/rCKKnBXG9jzHpCWE66ZDu7E7CoJm/QBBRwZNevAj+AYIMePEowoLiRVBYUUQzehBcp6SqK5mmpzvp2e3tziSfD9TUq1dV7/teTb9KV9ejKoBT67mIuB4RD9I0fTEiKkV+qZhitzNl293fu7OUTUmk6Rv/SCIp8vbLSor5hWK3sxHxta9EfDN5NG5re+fWYqNR3yyWa+21jVpre+fq6triSn2lvj4/P/fKwqsLLy9cG0k7L0bEa1/6y/e/89Mvv/bLz7715xt/u/KtrFozxfrudjyG7BBNH7ZBp+nlzrEsZDtsvodgx9V03sLCuX5bpGmaPkgrXTl3x1IzAAB6Zd9LPxQRn4qIF6MSU4d/nQUAAACeQOkXZuLdJL9DE3/8w6W0x5neDAAAAODJU8rHwCalajEWYCZKpWq1M4b3I3G+1Gi22p+52dxaX+6MlZ2NcunmaqN+rRgrPBvlJFuey9MPl1/qWZ6PiGci4nuVc/lydanZWJ70jx8AAABwSlzouf7/d6Vz/Q8AAACcMLOPZpUmUQ8AAADgg9Pn+h8AAAA4YVz/AwAAwIn21ddfz6Z0//3Xy29ub91qvnl1ud66VV3bWqouNTc3qivN5kr+zL61o8prNJsbn4v1rdu1dr3VrrW2d26sNbfW2zdW89eBAwAAABPwzCfu/T6JiN3Pn8unzJlJVwoYi+mDVFLM+/T+Pz3dmb8zpkoBYzE1xDbvPDWGigBjNz3pCgATU550BYCJS45YP3Dwzm+K+SdHWx8AAGD0Ln9s8P3/w98BsOsVAfCEe8+d+KgfDIBjr+f+f1qZVEWAscvv/w874Nc3fjhRykONAAROsvd9//9IafpYFQIAAEZuJp+SUrX4eW8mSqVqNeJi/lqAcnJztVG/FhFPR8TvKuWnsuW5fM/ELUAAAAAAAAAAAAAAAAAAAAAAAAAAGFKaJpEe5vqhawEAAIAnQETpr8mvOs/yv1x5Yab394EzyX/yVwKfiYi3fvTGD24vttubc1n+Pw/y2z8s8l/q2vHd/fIBAACAcdu/Tt+/jgcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAUbq/d2fp/t6d9L97d5bGGffvX4yI2YP4+dRZMx1n8/nZKEfE+X8lMd21XxIRUyOIv3s3Ij7aL36SVesgZL/45z74+DFbHIV+8S+MID6cZvey88/1vP9FbERX/yvFc/m8q/8lRceLzolhegTxB5//4uD8NzWg/18cMsazb/+8NjD+3Yhnp/uff/bjJwPiPx+loeJ/4+s7O4PWpT+OuBz943fHqrXXNmqt7Z2rq2uLK/WV+vr8/NwrC68uvLxwrXZztVEv/u0b47sf/8WDw9p/fkD82SPa/0JvYQM+EP97+/behzvJcr/4V57vE//XPym2eDR+qfjb9+kina2/vJ/e7aS7XfrZby8d1v7lh+0vP87//5VBhQ55XACAyWht79xabDTqmyc2kV2lv+9ypi6muck3ZySJ3eNRjYknvj3SArMPSNan+qy6FxHDlJPEcTgseWLSZyYAAGDUHn7pn3RNAAAAAAAAAAAAAAAAAAAA4PQax+PEemPuHqQSTwYGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI6N/wcAAP//eOHkIw==")
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x35, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x2, 0xb8}, 0x0, 0xf5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r3, 0x7, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="ce5b9d49432ed1b1e6aea893dbb69d6aeb09c8a3178e", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r2}, &(0x7f0000000000), &(0x7f00000003c0)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000f7850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r5, &(0x7f0000000500)={0xa, 0x1000, 0x0, @mcast1, 0x9}, 0x1c)
r6 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
sendmsg$TIPC_NL_MEDIA_GET(r6, &(0x7f0000000540)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000004c0)={&(0x7f0000000340)={0x7c, 0x0, 0x300, 0x70bd25, 0x25dfdbfd, {}, [@TIPC_NLA_LINK={0x10, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}]}, @TIPC_NLA_LINK={0x58, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xcf0f}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7fffffff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x180000}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}]}]}, 0x7c}, 0x1, 0x0, 0x0, 0x24040811}, 0x4000000)
write$binfmt_script(r6, &(0x7f0000000440), 0x1000a)
sendfile(r5, r6, &(0x7f0000000000), 0x1001)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r7 = eventfd(0x800a6)
write$eventfd(r7, &(0x7f0000000000)=0xfffffffffffffffb, 0x8)
dup(r7)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160020000000000004000000ff00000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r8}, 0x0, &(0x7f0000000040)}, 0x20)

2.731611387s ago: executing program 3 (id=3806):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r2, &(0x7f00000000c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r2, 0x0)
connect$unix(r1, &(0x7f0000fce000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc)
accept(r2, 0x0, 0x0)

2.717077307s ago: executing program 3 (id=3807):
mq_open(0x0, 0x42, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, 0x0, 0x0)

2.656977477s ago: executing program 3 (id=3808):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000100)={'netdevsim0\x00', &(0x7f0000000200)=@ethtool_channels={0x3c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}})
syz_genetlink_get_family_id$ethtool(&(0x7f0000000540), 0xffffffffffffffff)
pselect6(0x40, &(0x7f0000000000)={0x9}, 0x0, 0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000640)=ANY=[@ANYRES32], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYRES16], 0x48)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r3=>0xffffffffffffffff})
splice(r3, 0x0, r2, 0x0, 0x10400, 0x0)
vmsplice(r2, &(0x7f00000013c0)=[{&(0x7f0000000280)='-', 0x1}, {&(0x7f0000000100)="a7", 0x1}, {&(0x7f0000000880)="9f", 0x1}], 0x3, 0x0)
ioctl$sock_SIOCINQ(r2, 0x541b, &(0x7f0000000240))
close_range(r2, 0xffffffffffffffff, 0x0)
io_uring_enter(0xffffffffffffffff, 0x1849, 0x0, 0x1, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000001940)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x4}}, './file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00'})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
listen(0xffffffffffffffff, 0xda90)

2.344654808s ago: executing program 5 (id=3817):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r2, &(0x7f00000000c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r2, 0x0)
connect$unix(r1, &(0x7f0000fce000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc)
accept(r2, 0x0, 0x0)

2.344371549s ago: executing program 5 (id=3818):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
iopl(0x3)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r1, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0x3}, 0x18)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b40)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x9, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}], {0x14}}, 0x64}}, 0x0)

2.304509509s ago: executing program 1 (id=3819):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0xc0a85320, &(0x7f0000001400)={{0x80}, 'port1\x00', 0xa0bf83d7d46f2cbb})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r1, 0x40505330, &(0x7f00000000c0)={0x800000, 0x0, 0x0, 0x0, 0x0, 0x6})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000005e00)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$F2FS_IOC_MOVE_RANGE(r2, 0x541b, &(0x7f0000000000)={<r3=>0xffffffffffffffff, 0xffffffffffffff00})
close_range(r3, 0xffffffffffffffff, 0x0)

2.304096709s ago: executing program 5 (id=3820):
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='kfree\x00'}, 0x10)
r0 = epoll_create1(0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000000c0)={0xe000001a})
epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, 0x0)

2.273913149s ago: executing program 5 (id=3821):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r0, &(0x7f00000000c0)="810022b6b57a4e1d62feebd8e23484c89e74d5e528b0f658c7fb58f9c4b5a3b20ddc0256bd77087f653b25745c787851e7ab110a7d25eea09bf4b7129c777a57ed841551acbdcd90e2bae4f42720d61889da584e2f1c904d97be2abe73687bbc5bd33f72116c7ed017826e76c380b2f8d98aa926419af248f7cf6a652c45b68814d06f069f146bab63b113a2643f1e9d6fa57cc17ea65d444fe800d213942fb646699758f5f96379bfa875eef051365bced539adc9887078094a3e8aa39c7fb4af67ddfbeca11da174de123fcbd5230d42b52163685c44cc640e959fa9e4f3acd22755a984924d6808b454c7f499828d906b0902c7623d510d42458ac7d7feb4607efb258636d47a477c8d245dce81d7329c722661aa9d14eae8de9ae5d1fcfb256eb5345a8aa9e8970d88d700234da52c149e6cdd4ccad9c345aa1e00b9dc39794df6dd5691144f531402bdbdbc570e8bbe430963c1ab57a9719a1ebfa57c4cefb6a236c0c9c694f8799996e501e46b77faa21a7ea9b410fd1e89bcab78c312cddb334872e475c45b186ef75feef431a4f7f429c66f32e4a74990715d05894cc1b7666fba2c733cff11b91251bb62b9c058b36753ba626dd7993191a6d7014bcd5dd87d123460a212a6a3d58c374bede4d852ace0549fdc644c6faee35e8b46a40299904bd3ed5b2287c06b5ed2b2f10b58d8c1aed7aa2d7499fde937d3fb7687eedd6232089e36c8ece2301fde54d37e00bdc95fd1a9b4bd88961aa913ac1658ca013a37fcdd201202", 0x22a)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000006c0)=@nat={'nat\x00', 0x1b, 0x5, 0x348, 0x1f8, 0x1f8, 0xffffffff, 0x1f8, 0xa8, 0x2b0, 0x2b0, 0xffffffff, 0x2b0, 0x2b0, 0x5, 0x0, {[{{@ip={@multicast2, @initdev={0xac, 0x1e, 0x1, 0x0}, 0xffffff00, 0x0, 'bridge_slave_1\x00', 'syzkaller0\x00', {}, {0xff}, 0x2e, 0x2, 0x36}, 0x0, 0x70, 0xa8}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0x0, @multicast1, @local, @icmp_id=0x65, @icmp_id=0x68}}}}, {{@ip={@local, @empty, 0xffffff00, 0x0, 'caif0\x00', 'nr0\x00', {}, {0xff}, 0x67, 0x2, 0x20}, 0x0, 0x70, 0xb8}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0x18, @ipv6=@private2, @ipv6=@loopback, @gre_key=0x1, @icmp_id=0x68}}}, {{@ip={@dev={0xac, 0x14, 0x14, 0xb}, @multicast2, 0xffffffff, 0xff, 'nr0\x00', 'pim6reg1\x00', {}, {0xff}, 0x2, 0x3, 0x2}, 0x0, 0x70, 0x98}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xffffffffffffffff}}, {{@uncond, 0x0, 0x70, 0xb8}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0x6, @ipv4=@multicast2, @ipv6=@private0, @gre_key=0x4, @port=0x4e20}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3a8)
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x35, &(0x7f0000000000)=0x8000, 0x4)
setsockopt$inet6_IPV6_HOPOPTS(r1, 0x29, 0x36, &(0x7f0000000140)=ANY=[], 0x8)
bind$inet6(r1, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_int(r1, 0x29, 0xb, &(0x7f0000000040)=0x7, 0x4)
recvmmsg(r1, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
recvmmsg(r0, &(0x7f0000000600), 0x204083acb88ff8b, 0x2, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x5, 0x28011, r2, 0x0)

2.273273039s ago: executing program 1 (id=3822):
socket$packet(0x11, 0x2, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f0000001640)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001640)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x18)
socket$inet(0x2, 0x4000000000000001, 0x0)
syz_init_net_socket$llc(0x1a, 0x1, 0x0) (async)
r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r1, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @multicast}, 0x10) (async)
connect$llc(r1, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @multicast}, 0x10)
recvmmsg(r1, &(0x7f00000050c0)=[{{0x0, 0x0, &(0x7f0000001540)=[{&(0x7f00000002c0)=""/59, 0x3b}], 0x1}}], 0x1, 0x2, 0x0)
sendmmsg(r1, &(0x7f0000001380), 0x3fffffffffffeed, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000800)={0x1, 0x58, &(0x7f0000000780)={0x0, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r3=>0x0}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYRES16=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r3, @cgroup_skb=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYRESDEC=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x24d8, @void, @value}, 0x94) (async)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYRESDEC=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x24d8, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
r5 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00'})
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', 0xffffffffffffffff, 0x0, 0x9135}, 0x18) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', 0xffffffffffffffff, 0x0, 0x9135}, 0x18)
unshare(0x62040200)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (async)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TCSETS(r6, 0x40045431, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0xc, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r7}, 0x10)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
socket$kcm(0x2, 0x3, 0x2) (async)
r9 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast}) (async)
ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r8, &(0x7f0000000680)={@val={0x8, 0x800}, @val={0x0, 0x3, 0x0, 0x31}, @ipv4=@udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x80, 0x11, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x0, 0x4e21, 0x8}}}, 0x2a)
ioctl$TIOCSSOFTCAR(r6, 0x541a, &(0x7f0000000400)=0x3d)
syz_open_pts(r6, 0x0) (async)
syz_open_pts(r6, 0x0)

2.04890385s ago: executing program 1 (id=3823):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYRES64=r1, @ANYRESHEX=r0, @ANYRES64=r1, @ANYRES32=r0], 0x50)
r3 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
writev(r3, &(0x7f0000002800)=[{&(0x7f0000002500)='\f7', 0x2}], 0x1)
write$cgroup_pid(r3, &(0x7f00000031c0), 0x12)
r4 = socket(0x11, 0x800000003, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
socket$inet_udplite(0x2, 0x2, 0x88)
syz_usb_connect(0x2, 0x0, 0x0, 0x0)
setsockopt$packet_add_memb(r5, 0x107, 0x1, &(0x7f0000000280)={0x0, 0x11, 0x6}, 0x10)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000003c0)='fsi_master_acf_send_request\x00', r6, 0x0, 0xfffffffffffffffc}, 0x18)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_ext={0x1c, 0x33, &(0x7f0000000700)=ANY=[@ANYBLOB="1800000003000000000000008100000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000182f0000", @ANYRES32=r3, @ANYBLOB="000000000000000041f306000800000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000018630000090000000000000007000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000080000085000000060000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000d80f010010000000bf91000000000000b7020000000000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000440)='GPL\x00', 0x1, 0x1b, &(0x7f00000008c0)=""/27, 0x41100, 0x1, '\x00', 0x0, 0x0, r3, 0x8, &(0x7f0000000940)={0x5, 0x5}, 0x8, 0x10, &(0x7f0000000980)={0x1, 0xc, 0x4, 0x1000}, 0x10, 0x11ab, r5, 0x0, &(0x7f00000009c0)=[r3, r3, 0xffffffffffffffff, r3, r2, r3, r2], 0x0, 0x10, 0x5, @void, @value}, 0x94)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@getchain={0x2c, 0x11, 0x839, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r9, {0x1}, {0x0, 0xc}}, [{0x8, 0xb, 0x4}]}, 0x2c}}, 0x4000)
ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000000600))
dup(0xffffffffffffffff)
r10 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
r11 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r10, r11, 0x0, 0x20000023896)
r12 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETSF(r12, 0x5404, &(0x7f0000000000)={0xb29, 0x0, 0xfffffffe, 0x0, 0x0, "7a58beca39ed2d5a99bbc4bff0ebd3e9bd5a8e"})
r13 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB, @ANYRES32, @ANYBLOB='\x00'/16], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYRES32=r13, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

1.845696381s ago: executing program 3 (id=3824):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
openat$null(0xffffffffffffff9c, &(0x7f0000000540), 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_generic(0x10, 0x3, 0x10)
socket$xdp(0x2c, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r2=>0x0})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r4}, &(0x7f0000000240), &(0x7f00000003c0)=r6}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r5, r2, 0x25, 0x2, @val=@tcx={@void, @value}}, 0x40)
syz_emit_ethernet(0x32, &(0x7f00000002c0)={@multicast, @empty, @val={@void, {0x8100, 0x4, 0x1, 0x1}}, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast}, {0x0, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001000)=ANY=[@ANYBLOB="61158c000000000061134c0000000000bfa00000000000001503000008004e002d3501000000000095004100000000006916000000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf500000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffbd4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076ebae3f55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932c9a6aa57f1ad2e99e0e67ab93716d20000009fbb0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000f4000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b30410856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff010404faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202ee1192b81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9b5a8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18487b6feb89752cd600000000abc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d5454d127edab14ba61ba1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf855689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873df904c2bdbef81f246d26f4b40df949e12bdac18533d4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684e62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961cf4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fd0407de31d6e5532f360d379f20f054692b47207922fe6c14eba96c9a7ae906abc1ae1ae8c4fae92883cfa1978a04bbff4bbe0000000000000000000000000044585397feaadda3fcc64e7b0c08f7ac5c64cb190f1712a3b10fc34eb758705f1751d8c8b712eb39d2b8ad44f129c2c9aedb15"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

1.802285882s ago: executing program 3 (id=3825):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f00000700000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000e62dc4c579498e8000"/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x2, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2d600007b8af892b9fe051d4807a1b6b505f86100bfa200000000000007020000f8ffffffb700000000000000b704000000"], 0x0, 0x4ee4, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="09000000200000012cbd7000fedbdf250a1410d6090000050400010014000200ff01000000000000000000000000000108000f000df8000008"], 0x88}, 0x1, 0x0, 0x0, 0x881}, 0x4010)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
socket$igmp(0x2, 0x3, 0x2)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2}, 0x4)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x13, 0x4, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x4c}, [@call={0x85, 0x0, 0x0, 0x2}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f00000003c0), 0x5, r4}, 0x38)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r6, &(0x7f0000000000)=0xfe8e, 0x12)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x4a16, &(0x7f0000000080)=ANY=[@ANYRES16=0x0, @ANYRESDEC, @ANYRESHEX, @ANYRES64=r6, @ANYRES32], 0x5, 0x31e, &(0x7f0000000a80)="$eJzs3M9LG1sUwPFjjDGJzySLx3u8Bw8v721eN4OmXZeGolAaqKgp1UJh1EkbMk0kEywppeqq29J9V4UuxKU7ofUfcNNdu+mmOzeFLuqidEomM+anmsZorH4/IHNz7z3m3sxNOBNyZ/fO84fZtKWl9aL4gkp+ExHZE4mJTzx97tHnlANSa1UuDX15/8/07NzNRDI5PqXURGLmclwpFRl58+hJyO22NSg7sXu7n+Ofdv7Y+Wv3+8yDjKUylsrli0pX8/mPRX3eNNRixspqSk2ahm4ZKpOzjEKlPV9pT5v5paWS0nOLw+GlgmFZSs+VVNYoqWJeFQslpd/XMzmlaZoaDguOklqfmtITHQYvdHkwOCGFQkLvF5FQU0tqvScDAgAAPdWY//vKKX1H+b9EnPy/3Lma/2/8u10cur0ZcfP/rUCr/P/Kh8r/qsv/gyLSSf7/Un4i/2/OiC6WY+X/OBtGAk1VfXWPyvl/2H3/Otbubow6BfJ/AAAAAAAAAAAAAAAAAAAAAAB+BXu2HbVtO+odvb/qFgL3Mc6lg87/oIgEy2ff5vyfZ9OzcxJ0Nu75IyLms+XUcqpydDtsi4gphoxKVL4568FVLns7j1RZTN6aK278ynKq32lJpCXjxI9JVGKN8bY9cSM5PqYq3Pj9bUrh2vi4ROX31vHx+nj3+QPy/3818ZpE5d2C5MWURWddV+Ofjil1/VayIT7k9AMAAAAA4DzQ1L6W1++adlB75S4j+9fXLb8fqFxfj7a8PvdH//b3evYAAAAAAFwMVulxVjdNo3BIISRH9+m84G+vc6ChZuCwzv01M2x3PAHn9y4ix53XqzZf1bqC90OKuqagW9nZeLz5d+18rdbW+KSNKH/j4EfKFeq44/G+Ngoc8DrLZHOU75CVMNC19fzni9dfu/cGubrprYCjO691+lzBxlXnFAZO47MHAAAAwOmqJv1ezbXa5r6eDAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAvmRG7p11Do9RwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAs+JHAAAA//+3evqP")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kfree\x00', r5}, 0x10)
sendmsg$NFT_BATCH(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELFLOWTABLE={0x60, 0x16, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x3}, @NFTA_FLOWTABLE_HOOK={0x2c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'netdevsim0\x00'}]}]}]}], {0x14, 0x10}}, 0xa8}, 0x1, 0x0, 0x0, 0x4080}, 0x0)

1.668897122s ago: executing program 3 (id=3830):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="190000000400000008000000"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffe}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
mkdir(0x0, 0x8)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a40)={{0x14}, [@NFT_MSG_NEWRULE={0x60, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x34, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x80000001}]}}}, {0x10, 0x1, 0x0, 0x1, @last={{0x9}, @void}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x88}}, 0x0)
close(r3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, &(0x7f0000001100)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095", @ANYRES64=0x0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='afs_cb_miss\x00', r2}, 0x18)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r5 = socket(0x1, 0x2, 0x0)
bind$unix(r5, &(0x7f00000001c0)=@file={0x1, './file0\x00'}, 0x6e)
bind$can_raw(r5, &(0x7f0000001080), 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
syz_genetlink_get_family_id$nfc(0x0, 0xffffffffffffffff)
syz_genetlink_get_family_id$nfc(0x0, 0xffffffffffffffff)
mq_unlink(0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000280)={0x0, 0xfe, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[], 0xa0}}, 0x0)
r8 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800019f00000000000000000a000000000000000800010001000000040004"], 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmmsg(r8, &(0x7f0000000000), 0x4000000000001f2, 0x0)

1.380780493s ago: executing program 5 (id=3835):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
openat$null(0xffffffffffffff9c, &(0x7f0000000540), 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_generic(0x10, 0x3, 0x10)
socket$xdp(0x2c, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r2=>0x0})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r4}, &(0x7f0000000240), &(0x7f00000003c0)=r6}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r5, r2, 0x25, 0x2, @val=@tcx={@void, @value}}, 0x40)
syz_emit_ethernet(0x32, &(0x7f00000002c0)={@multicast, @empty, @val={@void, {0x8100, 0x4, 0x1, 0x1}}, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast}, {0x0, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001000)=ANY=[@ANYBLOB="61158c000000000061134c0000000000bfa00000000000001503000008004e002d3501000000000095004100000000006916000000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf500000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffbd4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076ebae3f55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932c9a6aa57f1ad2e99e0e67ab93716d20000009fbb0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000f4000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b30410856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff010404faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202ee1192b81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9b5a8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18487b6feb89752cd600000000abc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d5454d127edab14ba61ba1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf855689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873df904c2bdbef81f246d26f4b40df949e12bdac18533d4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684e62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961cf4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fd0407de31d6e5532f360d379f20f054692b47207922fe6c14eba96c9a7ae906abc1ae1ae8c4fae92883cfa1978a04bbff4bbe0000000000000000000000000044585397feaadda3fcc64e7b0c08f7ac5c64cb190f1712a3b10fc34eb758705f1751d8c8b712eb39d2b8ad44f129c2c9aedb15"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

1.330149143s ago: executing program 5 (id=3837):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_FLUSH(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x60, 0x4, 0x6, 0x201, 0x0, 0x0, {0x1, 0x0, 0x5}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x60}, 0x1, 0x0, 0x0, 0x80}, 0x0)

1.052714165s ago: executing program 1 (id=3841):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000800000000220000000000ffffff000000000000000000"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYRES32=r0], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r4, 0x0, 0x5}, 0x18)
timerfd_gettime(0xffffffffffffffff, 0x0)
fcntl$dupfd(r2, 0x0, r2)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002a20702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r5}, 0x10)
timer_create(0x0, 0x0, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
r8 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r8, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x14}, 0x14}}, 0x0)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r9, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0)
sendmsg$nl_route(r6, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000540)=ANY=[@ANYBLOB="20000000100039042abd7000eaffffff000003e4", @ANYRES32=r9, @ANYBLOB="1006e9"], 0x20}, 0x1, 0x0, 0x0, 0x48044}, 0x4008040)
r10 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r10, &(0x7f0000000180)={0x28, 0x0, 0x0, @local}, 0x10)
capset(0x0, &(0x7f0000000080)={0x3b744d96, 0x7459, 0x2928932, 0x4, 0xe, 0xde})
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r11, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x10, @void, @value}, 0x94)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r12}, 0x10)

995.449685ms ago: executing program 4 (id=3843):
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='kfree\x00'}, 0x10)
r0 = epoll_create1(0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000000c0)={0xe000001a})
epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, 0x0)

901.095666ms ago: executing program 4 (id=3844):
r0 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ipvlan0\x00'})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000080)=ANY=[@ANYRESOCT=r0, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x4, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x5}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
syz_emit_ethernet(0x56, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000086dd60922ff500202100fe800000000000000000000000000015fe8000000000000000000000000000aa00000000640000000c00031039002000000000000401907800114f84007200"], 0x0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, 0x0)
r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000100), 0xffffffffffffffff)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000000140)=<r2=>0x0, &(0x7f0000000180)=0x4)
sendmsg$FOU_CMD_ADD(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x44, r1, 0x100, 0x70bd2c, 0x25dfdbfe, {}, [@FOU_ATTR_TYPE={0x5, 0x4, 0x3}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @loopback}, @FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e23}, @FOU_ATTR_IFINDEX={0x8, 0xb, r2}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}]}, 0x44}, 0x1, 0x0, 0x0, 0x20000000}, 0xc040)
r3 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x141341)
ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000200))
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r4}, 0x18)
ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0], 0x30}}, 0x0)
r6 = socket(0x28, 0x5, 0x0)
r7 = socket(0x28, 0x5, 0x0)
listen(r7, 0x0)
connect$vsock_stream(r6, &(0x7f0000000440), 0x10)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r8, 0x8933, 0x0)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r9}, 0x10)
sendmsg$nl_route(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000800)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x32b}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x3c}}, 0x0)

900.498656ms ago: executing program 1 (id=3845):
r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000001440), 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000001040)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xe, &(0x7f0000000440), 0x3, 0x440, &(0x7f00000006c0)="$eJzs28tvG8UfAPDvrpP019cvoZRHH0CgICIeSZMW6IEDIJA4FAkJDnCMkrQqdRvUBIlWFRSEygkhJO6II/8CJ7ggxAmJK9xRpQr10paT0dq7ie3YbuLaNcWfj7TtzO5sZr7eHXtmxw5gaE1m/yQRuyLi94gYr2UbC0zW/rtx7eLCzWsXF5KoVN76K6mWu37t4kJRtDhvZ56ZSiPSz5I40KLelfMXTs+Xy0vn8vzM6pn3Z1bOX3j21Jn5k0snl87OHTt29MjsC8/PPdeTOLM2Xd//0fLBfa+/+9Ubx79oiL8pjh6Z7HTwiUqlx9UN1u66dDIywIawJaWIyC7XaLX/j0cp1i/eeLz26UAbB/RVpVKp7Gx/+FIF+A9LojGvy8OwKD7os/lvsTUPAl7q3/Bj4K6+XJsAZXHfyLfakZFI8zKjTfPbXpqMiHcu/f1NtkV/nkMAADT4IRv/PNNq/JfG/XXl/p+vDU1ExD0RsSci7o2IvRFxX0S17AMR8eAW629eJNk4/kmvdBXYJmXjvxfzta3G8V8x+ouJUp7bXY1/NDlxqrx0OH9NpmJ0W5af7VDHj6/+9mW7Y/Xjv2zL6i/Ggnk7roxsazxncX51/nZirnf1k4j9I63iT9ZWApKI2BcR+7us49RT3x1sd+zW8XfQg3WmyrcRT9au/6Voir+QdF6fnPlflJcOzxR3xUa//Hr5zXb131b8PZBd/x0t7/+1+CeS+vXala3XcfmPz9vOabq9/8eSt6vpsXzfh/Orq+dmI8aS47VG1++fWz+3yBfls/inDrXu/3ti/ZU4EBHZTfxQRDwcEY/kbX80Ih6LiEMd4v/5lcff6z7+/sriX9zS9V9PjEXzntaJ0umfvm+odGJD/Dc7X/+j1dRUvmcz73+baVd3dzMAAADcfdKI2BVJOr2WTtPp6dr35ffGjrS8vLL69InlD84u1n4jMBGjafGka7zueehsPq0v8nNR+2pBkT+SPzf+urS9mp9eWC4vDjp4GHI72/T/zJ+lQbcO6Du/14Lhpf/D8NL/YXjp/zC8WvT/7YNoB3Dntfr8/3gA7QDuvKb+b9kPhoj5Pwwv/R+Gl/4PQ2lle9z6R/IdE8Vf6vJ0ibs0Eem/ohkSfUoM9n0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgV/4JAAD//3sE4iY=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r2, &(0x7f00000000c0), 0x10)
sendmsg$can_bcm(r2, &(0x7f0000000180)={&(0x7f0000000000), 0x10, &(0x7f0000000140)={&(0x7f0000001c40)=ANY=[], 0x48}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r3, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xca}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendmmsg$inet6(r3, &(0x7f0000000b40)=[{{&(0x7f0000000180)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000140)="e9", 0x1}], 0x1}}], 0x1, 0x600c000)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000340)={0x0, 0xff}, 0x8)
getdents64(r1, 0xfffffffffffffffe, 0x29)
close(r0)

782.970016ms ago: executing program 4 (id=3846):
r0 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ipvlan0\x00'})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000080)=ANY=[@ANYRESOCT=r0, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x4, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x5}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
syz_emit_ethernet(0x56, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000086dd60922ff500202100fe800000000000000000000000000015fe8000000000000000000000000000aa00000000640000000c00031039002000000000000401907800114f84007200"], 0x0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, 0x0)
r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000100), 0xffffffffffffffff)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000000140)=<r2=>0x0, &(0x7f0000000180)=0x4)
sendmsg$FOU_CMD_ADD(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x44, r1, 0x100, 0x70bd2c, 0x25dfdbfe, {}, [@FOU_ATTR_TYPE={0x5, 0x4, 0x3}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @loopback}, @FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e23}, @FOU_ATTR_IFINDEX={0x8, 0xb, r2}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}]}, 0x44}, 0x1, 0x0, 0x0, 0x20000000}, 0xc040)
r3 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x141341)
ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000200))
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70200001400f400b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b7000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x2d)
ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
r6 = socket(0x28, 0x5, 0x0)
r7 = socket(0x28, 0x5, 0x0)
listen(r7, 0x0)
connect$vsock_stream(r6, &(0x7f0000000440), 0x10)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r8, 0x8933, 0x0)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r9}, 0x10)
sendmsg$nl_route(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000800)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x32b}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x3c}}, 0x0)

675.779217ms ago: executing program 4 (id=3847):
r0 = socket$inet(0xa, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000002c0)=@mangle={'mangle\x00', 0x44, 0x6, 0x410, 0x238, 0x238, 0x238, 0x98, 0x98, 0x378, 0x378, 0x378, 0x378, 0x378, 0x6, 0x0, {[{{@ip={@loopback, @multicast1=0xe0007600, 0x0, 0x0, 'gre0\x00', 'ip6gre0\x00', {}, {}, 0x0, 0x0, 0x11}, 0x7a00, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0x0, 0x0, 'wg1\x00', 'nicvf0\x00', {}, {}, 0x11}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @local}}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'vlan1\x00', 'nr0\x00'}, 0x0, 0xb8, 0x100, 0x0, {}, [@common=@unspec=@limit={{0x48}, {0x0, 0x28, 0x0, 0x0, 0x0, 0x1}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@dev={0xfe, 0x80, '\x00', 0x18}, 'veth0_virt_wifi\x00', {0x7}}}}, {{@ip={@rand_addr, @private, 0xffffffff, 0xff, 'syzkaller0\x00', 'veth1_to_team\x00', {}, {0xff}}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @empty}}}, {{@ip={@empty, @empty, 0xff000000, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x4, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x470)

596.493547ms ago: executing program 4 (id=3848):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r2, &(0x7f00000000c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r2, 0x0)
connect$unix(r1, &(0x7f0000fce000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc)
accept(r2, 0x0, 0x0)

244.172609ms ago: executing program 4 (id=3849):
socket$nl_generic(0x10, 0x3, 0x10)
pselect6(0x40, &(0x7f0000000000)={0x9}, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000640)=ANY=[@ANYRES32], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCMIWAIT(r1, 0x545c, 0x0)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r3=>0xffffffffffffffff})
splice(r3, 0x0, r2, 0x0, 0x10400, 0x0)
vmsplice(r2, 0x0, 0x0, 0x0)
ioctl$sock_SIOCINQ(r2, 0x541b, &(0x7f0000000240))
close_range(r2, 0xffffffffffffffff, 0x0)
io_uring_enter(0xffffffffffffffff, 0x1849, 0x0, 0x1, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000001940)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x4}}, './file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00'})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
listen(0xffffffffffffffff, 0xda90)

0s ago: executing program 1 (id=3850):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001400), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x111}}, 0x20)
r2 = socket$tipc(0x1e, 0x5, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r4=>0x0})
bind$packet(r3, &(0x7f0000000380)={0x11, 0x4, r4, 0x1, 0x0, 0x6, @multicast}, 0x14)
syz_emit_ethernet(0xe, &(0x7f00000003c0)=ANY=[@ANYBLOB="ffffffffffffbbbb8fb45ae2c9bbbbbbbb001021191e62095cfb66284c7e10382899acbc65465d3dcfd5563395bacdbd0f3ff82dd383b8cad7aeddcf8842dd5936c058717ca90b224cfb2a68d4c7f2499315a2606eb748d9cad5e84a8a271b16032a68b7c9e6e5986d7c656f85afde9f1ad7cf3e8ddbdfdbebd01c9d370337f1be4a42ddc01d6a15df1abc9d9203c7532fafe7279f8c0b02d04bb5dcc5036379bc073be4ea2153d6d58da708c5b3ab57ac72a132922fc57b1f823503dca4a31ea8bdfd6a0a4a4c6029bd27d5c644a01b7487a0a9e087e7e89221e387f727094eb78eea0b0835c896dc692e36046567186963b2de75df36189036f890db33f4fd08b0d71b65e6473e41b2"], 0x0)
bind$tipc(r2, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1}, 0x10)
r5 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r5, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0x5}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000240)={0x42, 0x1}, 0x10)
bind$tipc(r2, 0x0, 0x0)
writev(r5, &(0x7f00000000c0)=[{&(0x7f0000000380)="fe", 0x1}], 0x1)
r6 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040)={<r7=>0xffffffffffffffff}, 0x111}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r6, &(0x7f0000000180)={0x3, 0x40, 0xfa02, {{0x6000000, 0x0, 0x0, @rand_addr=' \x01\x00'}, {0xa, 0x0, 0x0, @mcast2={0xff, 0x5}, 0x1}, r7}}, 0x48)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$tipc2(&(0x7f00000005c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_NET_SET(r8, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000740)={0x2c, r9, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NET={0x18, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x101}, @TIPC_NLA_NET_NODEID={0xc}]}]}, 0x2c}}, 0x0)
sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, &(0x7f0000000900)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000500)={&(0x7f0000000580)={0x34c, r9, 0x4, 0x70bd2b, 0x25dfdbfb, {}, [@TIPC_NLA_PUBL={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x8}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x8}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x400}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x4a5}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x8}]}, @TIPC_NLA_PUBL={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x4}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x9}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x5}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x2}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x9}]}, @TIPC_NLA_SOCK={0x5c, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7fff}]}, @TIPC_NLA_SOCK_CON={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x6}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x6}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x80000001}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x310}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xd}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x4}]}, @TIPC_NLA_MEDIA={0xc, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}]}, @TIPC_NLA_BEARER={0x64, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xffff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x101}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x16}}}, {0x14, 0x2, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0xe}}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}]}, @TIPC_NLA_NET={0x28, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x7}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x80000000}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7ff}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x1000}]}, @TIPC_NLA_BEARER={0x7c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x69}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e20, @local}}, {0x20, 0x2, @in6={0xa, 0x4e23, 0x8, @empty, 0x6}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x8462}, @TIPC_NLA_BEARER_NAME={0x15, 0x1, @l2={'ib', 0x3a, 'veth0_to_bond\x00'}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x1}]}, @TIPC_NLA_MON={0x3c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0xd}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xfffffffc}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xe95}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xb}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x1d}]}, @TIPC_NLA_MEDIA={0xb0, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xa}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9e4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x200}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xf}]}, @TIPC_NLA_MEDIA_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x973}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1f}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x3c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3026}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6f}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x800c}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x101}]}]}, @TIPC_NLA_SOCK={0x84, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x8}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x5}, @TIPC_NLA_CON_FLAG={0x8}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x6}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x2}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x9}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x5}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0x34, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x2}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x9}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x9}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x3ff}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xffffff1f}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x5}]}]}]}, 0x34c}, 0x1, 0x0, 0x0, 0xc6}, 0x20004000)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r1, &(0x7f0000000280)={0x3, 0x40, 0xfa00, {{0xa, 0x4e20, 0x8000, @private1={0xfc, 0x1, '\x00', 0x1}, 0x1}, {0xa, 0x4be, 0x7fff, @rand_addr=' \x01\x00', 0x6}, r7, 0x7a8d}}, 0x48)
writev(r1, &(0x7f0000000000)=[{&(0x7f0000000080)}, {&(0x7f0000000100)="06010000246837f73199aee6fdb9291b3091ec1a2d41d2270216d8ec030f5919f397867997f9c0efa9c9092a31cdbb98ea272787afda0af59a320709c3a59ef05c6f40ceafec53f48d6186e7d8409e35306221caf67b370d875eff3191932728e5ab6c9a3acf6ccee3e352c898f5744abaedfb53f92c37acb126bd143f3e9cdfcf25a8d6129fcc3a141c3f5ab6db772f87c787817a9b699dd60732d952716b103bc1e91ac5b1ed92f35389580994bb0df9bce07e7a80921888f984139f488d256a67fec0cbb5c4e93d5c151d97f676ab93b1efbd46f600dc964231e3257bf358448fddf894c0cdfa9115adbe5b19bc912fcbc8aac7719b649b1ff1267491", 0xfe}, {&(0x7f0000001480)="d1ffacd516de50ac9d15bc75316da4defa1e72f65a65cdd26dcc389aacf7856da9aecf3765d4c032e1960faf25bad906b7d3440b6e71a82f1d8f8b8db35b6091f3af94c6b46b9ab10fe3923f268771078d2668be7bd3eb941d4bb5baa8547e36283a065ce5766cbff3a8fc37fc4507643d3786bbf231d3ed88cb8b01eab14e4372cf4f89bd1b853caa5d9f07f523b9dfa8cc09053ff36fde08e96fb6b3acc196b1bd1e2d3a6c65f585df7e2b8b17439a7ab29a7dfe642c2f0ac7a81eca8073b559663f2daf7a0832b2b09557794a21bf114831f8e6db3922d0cd169e5a8b4adc95d7322ee75944de15f57780b88fef7f3d9b256705ccfa2125b43ce8e3aacaead963cdd7f792f14c9b24493f9f830f6de8da93bbd4357095631adec14224dd9bb049e826f3a49624393e6a031103faff0902ba88ae30af4a61caa77ff956214196fcf3c5536d823284306f367afcb46fb43231911cc53091671e7d853ebf015241b18e9fb6ac6d9a7a1b05dfd6d9e56a51567cd8837dd045abf6b85550f0dd8dded43147ab9bfadc18b9984699d5d875cb21a95a7f584d8c466d033df75193f9ae58b85cfacc54f6c6e12a0debe40ee361a839563bc2cb64271672a55370c2b035b482074ce2487ef8a3bc1c68856e6e09539276d961a0c647f1ee3237496fc99623e8fd33faf7797d86a88dcee152d15e10739bcbbd6077b76867e291f350d999024c12faf81f83792f48f7f6dd66aa6854e460ef7f8c755f3a6dd76509ea0d2db39057a5129185b2fb11546cd5d6cc59f640e9028ae6c7075fba5e5b5593d7f79ec387833f465d09bde464112821eaec5e6e8f2aee8d7358f9c14afe2018856f610848706c71cda62493aef2e39efb71b4a8e804847eda66b2b5b1d75b478f19208ee1ac43afb2dbbba5dd0f29f6946022e09fb853cb176ca3474ba2fa67cb245fe85ec61a095d6fd9ac2ac5685920201617342fe56072427b9bd3626a1a371e67041fcda781be0c234d6feb5ad500e8bc7074381fd0d04983a4a6cdb6c8e03d59dc50925e9e4b24e6f8e455f02818959f2927f0a2d9ff62ec3c5c399077048f7d3dad0830b2e6563693f2f9d48eca8c34804a7626282a4a214d13786993c011a88194dbf7b23e25f592e62186c9fb565fac7632de356153c89a6be0b6b26ba48c2427424769fcbd7ee072ed4bd4d0731d06c8537d616b1145a6c70edb13fb4dba3565221b3a2897a23861cd0e8e0060021cdd7de002d5e785e5d6d3d07f4e445ada9c8d9ba8b819d0b5c7b5d15a5192d3a83c125c8e117c823a9e33316b8c9154e7330d3a865048dbd9c14757691bfe56f10423f6ab717bec5eebeac6ba9ad1aeb6cde09d7fda8e475a71ac48d46b8d9a40879c9dec2db5c4799e5fc8e8b3d419031c1033fce88ae2c93d7ca62c9302e6b45ca8dfebe5b92724f035e8e9d7704efb23f445999fe08cfa28404874d8acc8d37870d394d9fcc8dbe763bc85c37f0f3bcc2cbea420cd073db598e7d89c14a31e5bf57cbefa301427c93091505f1f3e5cdf712958b2e8fc56684d3388107c1728f0e5a3be2164246071653e256ed3bf3000c17301da9a5a3d9ca475867c4f311a24e5ae909a62047a9e6bb71cbcb4f159c2ef0f66b4d0f9da51aba99cd9448443dd277362af18d32f111c48a952ef555b2c7c58b997ce61e74cc7551b57eaffe411219baddf490926d8e260dcd87c069e617195c352950f9b51ce88c12c4f7997ba515f77e68d44f831cdf4d7ee8b1b7cedcb4c4fc7e85ba288c8555d49d5b4b9bb70dc4b688bd12e6b38e37150f3ea457a76b23d5abe6551ea598e090aed87822b0954b8db1a7c605c925b7f9240b0e7a020f292a1fd4a37c74139bc6e7ff08373ebfc8feea371ae0b6c61c715f6f1f4b0b994c7e2e129f87db959aae6ff48664d824b29ba9f255890f9c537178db9c5302097891557f8175a46f308b1a2530aa726ea9d4cfce76db50637369724d0c5f51c97edb58ff5eb9b2434b3721b61688ba12471b97c6a65ba085e15406568ac852590701f2ef8451c5cf1191d70f51eaea9ddc4cbdd7428f627db5069111f65062d5cc34581826af3e670613dda99e31c42736aabd87be56e214ed606862a152455f91891b7430bae03284569c234588f495a5ecc4a23fad6ba34e2ee9ebde8c7f5f62c9344659375c2a1fe6fa6e4ef68712223b9471c513bb11429dbb8a45463c8882f462275ee0da567c60c2d8038843e0c20486676e9978f2aec9187820c94a6e7e519d06daf2ab198f5cafcab4d9c90a479800906192d66a3301a34fa6c5a931cea0a479a4d98d86d9de3e061323504b57186dd33df7a16ccb688c0de203666cb0a6b543a9d069dded44a3b432cbb71da921dcab6be1c2d7494d3b07841d9b4f9d659b5d3d3b2ed916f91588d589128e4b2d4448e6aab5a8160eddca0f6e022abb85e251a11cd6bae57a09b2c434ab5bdf6264afb20d5ab022d152e345bd32ba9283aa5b3cd9118bd271a8ac9083c98b8a83064e65428f7ad7b35bf1d60d4e703f22d2d316fc12bd68bcced82cf0962a3d5769c6a3d75d59f7a7b76454661fd3574b8c8e26d20c372407854505ea6c2406fbd8a1ba7bb017c565228aa6d03d18ed309a308ffb1ecec73c246413e7c70f25070eafed9e70d22e9e8b44125c44eceff37e65bf073bc6fad1ea2b72675af4bf70586a8f7e0f35700de94c802522897576ed115fa21b3d23a367844520b33f5b9aedc0245096765f4cb3b2ff4e54f39bd7346c2347875d75a931b17c6c424ddb4767e0e63cc7725a8fc4b1dbe7929b2f909cc5be8b09e63330341e6471dcac0f8b44693d01805a1467b71612260e2a273861b3697440a5f75497796bffcf79d62a4a50a6ed5ef2efe8c83374f2ecd08d8d628aa03b01a11caeb2bdecc0ab2abcecfa15627979d7c3f9dec5389fc6625e957f8075e23e636dd5514596189d568e14d33ae518e6e9978c6a36a74b49fdbd1260095c9abe447e618878039b75e305b1d2c9ddeb9e5cedb11802e0833739d8595d57d749c890c9290cca4aa96e6718747543796a187e54a66c2f71beefddf911a7a74b59c48ba642d5ecd4d415f48dfbde5baac8a4ba063c1b985d9f9f3180e8a1c8b2cf6a25c2ff17688cc858ac8b9c67960f09a1ca5f28f8e877159e00fe7fb10cca73b391508895e7e52c22f9b38d73dabd6ff7c55ebf4e1611daee8d52b4ceee49a6df7daeb81bf9d1c943a74c03d3dda52c5b99f3225c1b87074f5cef6187878bc5b665ec0561adcc9781280dd1c6592555d327afea78b21beeeb66a0af3eab3249245f41cdbca309d3fba5d4b345319dd0a26134c0c896f2c8d32fda28600013f6a4c95b4038faba70d6c480b360c55bdc0595f7ca636e85521ba505d894f9c5f0a90719bc9944f386ad7491422ff12f34a3c048708d51305a8cc5b2a502ac1575a14c75e9fb7219ede2f6d9c1b362230b6189e0d8cd8ccd11fd0325182c6e46c9977bf63aa02f7024aeb4389f989f5733a198b45e4329c4c1a538a009f216ad3ac09cac39547b4fd21a5d7146ea307ad9b9339f39d5161d17b59860a0aed38cd89d1b68c6438346d51a3a283074e34ee01d2eca527b1b3836ccdf7e807007152c79d14324e3d887c9551a9447527db4434810f5b0b73d855f32a0c89aa784e43f4c1657d408dd33f88aeae1e5186bbcc2a348b708e3cec9080e12ee3676beb5ee86a9b5cc4a3496c242b95a248906ed62f984b22373bdfd97515441f34e01006d8d1244aa88403f207cd8820ffe07634fc86d00f871c1e4c9e8fc1a00d295e36d98119599b62379cda10ada85efe7b50c5f38d8d010a2cd53db900939db1ffce14feffb7940d12842f4f2b507e1fa49e526752d1e3d80a0c2a75e870d85f77fd91fc46ac1b1288dd33338cdad154d6b80b5a925431868d62a3fb0036f28fe259a3f555f767526a9ea230c33843efc49ac3182a357845ea122d606ab22c9f937b2b905e02dd1cb07d380e3486be6167f00b6e6d90a3c1d6aee15da439a55542ce177e498998ba8ac69a848e63e4c7564e4dc04aad595fa1ab81275edafa0d352029c304200d2f2c5881cbf5a26b2141bdb117879cc11e7c13bd62f221ae1ac04dca3d8d58a13c130557ecf5f36184c7366d3852d0cbd6ca42f2a971d87c0bb204097af1a3abdab7b95d07fcdbf5f42607695dedcd26e30b8fc5cfd7b333a95f3ee69d5ba7911dadb1394285c437a0f26fc027737ba5ee7d63333f80acb59f1a7faf2ec3031c6533107502bffc92d8726a48ce00cdb5f1258d85ff8eb72bfb162e122022f1f3e8a72b41d2689d5228b1130fbc946384401f3bbe726314bb09d430333ad78de07b3cec5c18a4f4abb69507b6451ca4e610b8fc988c983426e0cc3b9d15393026eb75d3d08634b8a7495cef69aab83d27ea1b5b41f40b996dd10023d81f77d61192930ffc25cae1e149412322fcb0aa47bee3afc44ec3dda96c9294854e2cbaebfea6f9a90f0b3797d5f505824b4de964151569f881f87f9dd9d30a2a2f9ed01059a909cba157902903c77f2f3d056231e7c7483a3f35e04360e084f0d3f94a92c92c77b3f06479fbc417366d7fe87ddfcdfd86274f87a5f817b0f947924cbe2329f16f6b00c8a0ab96164f7b35fed38a388380af05c3600abc37a944c9e75a691728c26896ac3615297766f406aeb0f2fd147d68fad3fb3b032880280ebb4bf89252a36b0d9eb393daae72829b8da870b886676244897d5322b32703fcf138b66eedeb3024666a88fd99d8962f696ab7b34e19ced1bd27488aa2ffe5bfa11f8f9289bd8c052d4e88316cc33b0255ef1bfca4c17067d7f78175c56db481fe8dc6f73b1cbdf9d5823f115c9e03f2dfd07bc1ad88564d48b18cd9a30d83cbd5e6a3eedcb0ee86e5dd47f32820cb74dcf730b2052b31297b529e5e24f042335d13915e4048132fe1a101841e919c7870bb680eddead9a6111394bc12e274fbd88abaf2d254721c42e82abf4d1e319a631794ed6ce319ddd844ac5e9b1fc96dd9aaad42f2e087abe1b85430c4a00631970e3e74a6ed923f49e0df75685e044fae3fcea0af4dbfeebe0a9c2e73e8a89b89603a75f585e3ebba5453ae595da1469ea90ea3c9fb6a22411c56c58dfbf504caa629dbfc73ebbedc91669f2babf8b8215c525edf8feb366f104ffa9eb2bb79232660aece4730ef1ae8585c629ffe1390356a58e900da145b83ad177c7bb2d125e59d7ff4d3a8562efc620b4cf9b33c2305bbf1957e0f8b06f0fbe9c80db73b08fdd0be4a1ea4f91f52af47160040424aed8ac3c10251fb0b5d9be08247edf3dda5d1750d0597d60c8a0d9418a4e0c9325bb90f0886f9e5dda9e88ac1942ec1e53da0cf5ccad66b9cdfc2fdca784dd06a73713ef73785706d024873ddca5ccfcf0b91748a2c1fbd8c241934b5b473007b29d76aec5addf7b945a5f7abd6ddeccc8d0ccb26d69d4793b7224c27ba7bf45aac8a2be56086ab8c65ea69fdd593a01a29e2912378002d824bd98e6ed1c5dd5f33be529e640997f5f1bbde051fb2a669145966db4889bf32aa13777ac6c077c51bb8b2523954cea3adc307cfe53b8cbb00edf0c04c456392aea6613e8078a309dc538a6a24f80fc1b7f9fce3e3291ca6dab8090a634fcdb24e7a9de8aecd595b988f597cd623d148a8841b0a5203953166ea2e85316928f28dd2604d37c9ec80a49c0d91cbfe6d584b9b6a321b97bf99ae1d67985fd441976a828c97456003a7892c7c7f4a51bb49e3d3ea1e95ec29c89a2676", 0x1001}], 0x3)
r10 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r10, 0x5423, &(0x7f0000000080)=0x1b)
ioctl$TCXONC(r10, 0x540a, 0x3)
setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[@ANYRESHEX=r7, @ANYRES64=r4, @ANYRES32=r5, @ANYRES64=r2], 0x28)
r11 = socket$inet_tcp(0x2, 0x1, 0x0)
sendmsg$inet(r11, &(0x7f0000000340)={&(0x7f00000000c0)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10, 0x0}, 0x8000)

kernel console output (not intermixed with test programs):

: encrypted files will use data=ordered instead of data journaling mode
[  184.262427][T14948] EXT4-fs (loop0): 1 orphan inode deleted
[  184.268427][T14948] EXT4-fs (loop0): 1 truncate cleaned up
[  184.275886][T14948] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  184.288263][T14957] dccp_invalid_packet: P.Data Offset(100) too large
[  184.305977][T14957] hub 9-0:1.0: USB hub found
[  184.310892][T14957] hub 9-0:1.0: 8 ports detected
[  184.323452][T14957] geneve2: entered promiscuous mode
[  184.328858][T14957] geneve2: entered allmulticast mode
[  184.332384][T14959] loop0: detected capacity change from 0 to 512
[  184.345961][T14959] EXT4-fs: Ignoring removed orlov option
[  184.353264][T14959] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  184.370299][T14959] EXT4-fs (loop0): 1 orphan inode deleted
[  184.374239][T14961] loop3: detected capacity change from 0 to 1024
[  184.376097][T14959] EXT4-fs (loop0): 1 truncate cleaned up
[  184.419133][T14961] EXT4-fs: Cannot change quota options when quota turned on
[  184.419484][T14968] FAULT_INJECTION: forcing a failure.
[  184.419484][T14968] name failslab, interval 1, probability 0, space 0, times 0
[  184.439161][T14968] CPU: 1 UID: 0 PID: 14968 Comm: syz.0.3280 Not tainted 6.12.0-syzkaller-10313-g7d4050728c83 #0
[  184.449649][T14968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  184.459712][T14968] Call Trace:
[  184.463141][T14968]  <TASK>
[  184.466081][T14968]  dump_stack_lvl+0xf2/0x150
[  184.470708][T14968]  dump_stack+0x15/0x20
[  184.474951][T14968]  should_fail_ex+0x223/0x230
[  184.479703][T14968]  should_failslab+0x8f/0xb0
[  184.484313][T14968]  kmem_cache_alloc_node_noprof+0x59/0x320
[  184.490137][T14968]  ? __alloc_skb+0x10b/0x310
[  184.494715][T14968]  __alloc_skb+0x10b/0x310
[  184.499179][T14968]  ? audit_log_start+0x34c/0x6b0
[  184.504180][T14968]  audit_log_start+0x368/0x6b0
[  184.508961][T14968]  audit_seccomp+0x4b/0x130
[  184.513555][T14968]  __seccomp_filter+0x6fa/0x1180
[  184.518550][T14968]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  184.524196][T14968]  ? vfs_write+0x596/0x920
[  184.528623][T14968]  ? __schedule+0x6fa/0x930
[  184.533137][T14968]  __secure_computing+0x9f/0x1c0
[  184.538102][T14968]  syscall_trace_enter+0xd1/0x1f0
[  184.543212][T14968]  do_syscall_64+0xaa/0x1c0
[  184.547775][T14968]  ? clear_bhb_loop+0x55/0xb0
[  184.552490][T14968]  ? clear_bhb_loop+0x55/0xb0
[  184.557156][T14968]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.563088][T14968] RIP: 0033:0x7fdf205d0809
[  184.567503][T14968] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  184.587100][T14968] RSP: 002b:00007fdf1ec47058 EFLAGS: 00000246 ORIG_RAX: 0000000000000117
[  184.595578][T14968] RAX: ffffffffffffffda RBX: 00007fdf20795fa0 RCX: 00007fdf205d0809
[  184.603550][T14968] RDX: ffffffffffffffff RSI: 0000000000000018 RDI: 0000000000000000
[  184.611521][T14968] RBP: 00007fdf1ec470a0 R08: 0000000000000000 R09: 0000000000000000
[  184.619561][T14968] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  184.627540][T14968] R13: 0000000000000000 R14: 00007fdf20795fa0 R15: 00007ffd3de5d8d8
[  184.635565][T14968]  </TASK>
[  184.686988][T14974] loop0: detected capacity change from 0 to 512
[  184.707438][T14974] EXT4-fs: Ignoring removed orlov option
[  184.724130][T14980] syz.4.3286: attempt to access beyond end of device
[  184.724130][T14980] md34: rw=2048, sector=0, nr_sectors = 8 limit=0
[  184.739720][T14974] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  184.751447][T14974] EXT4-fs (loop0): 1 orphan inode deleted
[  184.757292][T14974] EXT4-fs (loop0): 1 truncate cleaned up
[  184.764447][T14985] loop4: detected capacity change from 0 to 256
[  184.789721][T14987] FAULT_INJECTION: forcing a failure.
[  184.789721][T14987] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  184.802870][T14987] CPU: 1 UID: 0 PID: 14987 Comm: syz.0.3289 Not tainted 6.12.0-syzkaller-10313-g7d4050728c83 #0
[  184.813375][T14987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  184.823502][T14987] Call Trace:
[  184.826784][T14987]  <TASK>
[  184.829711][T14987]  dump_stack_lvl+0xf2/0x150
[  184.834317][T14987]  dump_stack+0x15/0x20
[  184.838541][T14987]  should_fail_ex+0x223/0x230
[  184.843291][T14987]  should_fail+0xb/0x10
[  184.847445][T14987]  should_fail_usercopy+0x1a/0x20
[  184.852521][T14987]  _copy_from_iter+0xd5/0xd00
[  184.857195][T14987]  ? kmalloc_reserve+0x16e/0x190
[  184.862127][T14987]  ? __build_skb_around+0x196/0x1f0
[  184.867344][T14987]  ? __alloc_skb+0x21f/0x310
[  184.871928][T14987]  ? __virt_addr_valid+0x1ed/0x250
[  184.877196][T14987]  ? __check_object_size+0x364/0x520
[  184.882508][T14987]  netlink_sendmsg+0x460/0x6e0
[  184.887345][T14987]  ? __pfx_netlink_sendmsg+0x10/0x10
[  184.892699][T14987]  __sock_sendmsg+0x140/0x180
[  184.897396][T14987]  ____sys_sendmsg+0x312/0x410
[  184.902268][T14987]  __sys_sendmsg+0x19d/0x230
[  184.906895][T14987]  __x64_sys_sendmsg+0x46/0x50
[  184.911656][T14987]  x64_sys_call+0x2734/0x2dc0
[  184.916371][T14987]  do_syscall_64+0xc9/0x1c0
[  184.920959][T14987]  ? clear_bhb_loop+0x55/0xb0
[  184.925706][T14987]  ? clear_bhb_loop+0x55/0xb0
[  184.930383][T14987]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.936327][T14987] RIP: 0033:0x7fdf205d0809
[  184.940817][T14987] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  184.960503][T14987] RSP: 002b:00007fdf1ec47058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  184.968915][T14987] RAX: ffffffffffffffda RBX: 00007fdf20795fa0 RCX: 00007fdf205d0809
[  184.976966][T14987] RDX: 0000000000000080 RSI: 0000000020000200 RDI: 0000000000000003
[  184.984993][T14987] RBP: 00007fdf1ec470a0 R08: 0000000000000000 R09: 0000000000000000
[  184.993029][T14987] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  185.001046][T14987] R13: 0000000000000000 R14: 00007fdf20795fa0 R15: 00007ffd3de5d8d8
[  185.009012][T14987]  </TASK>
[  185.049685][T14993] loop0: detected capacity change from 0 to 512
[  185.070881][T14993] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  185.078913][T14993] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01c, mo2=0002]
[  185.115926][T14993] EXT4-fs (loop0): orphan cleanup on readonly fs
[  185.135754][T14993] EXT4-fs warning (device loop0): ext4_block_to_path:107: block 3279949761 > max in inode 13
[  185.148484][T14989] netlink: 'syz.1.3291': attribute type 1 has an invalid length.
[  185.156665][T14993] EXT4-fs warning (device loop0): ext4_block_to_path:107: block 3279949762 > max in inode 13
[  185.173040][T14993] EXT4-fs (loop0): 1 truncate cleaned up
[  185.173370][T15011] syz.2.3299: attempt to access beyond end of device
[  185.173370][T15011] md34: rw=2048, sector=0, nr_sectors = 8 limit=0
[  185.195976][T14989] 8021q: adding VLAN 0 to HW filter on device bond1
[  185.230482][T15015] loop2: detected capacity change from 0 to 256
[  185.278825][T15021] loop3: detected capacity change from 0 to 512
[  185.303792][T15021] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities
[  185.306189][    C0] ------------[ cut here ]------------
[  185.318007][    C0] refcount_t: underflow; use-after-free.
[  185.323851][    C0] WARNING: CPU: 0 PID: 15 at lib/refcount.c:28 refcount_warn_saturate+0x1c6/0x230
[  185.328871][T15024] FAULT_INJECTION: forcing a failure.
[  185.328871][T15024] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  185.333103][    C0] Modules linked in:
[  185.346177][T15024] CPU: 1 UID: 0 PID: 15024 Comm: syz.2.3306 Not tainted 6.12.0-syzkaller-10313-g7d4050728c83 #0
[  185.350013][    C0] CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Not tainted 6.12.0-syzkaller-10313-g7d4050728c83 #0
[  185.360373][T15024] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  185.360386][T15024] Call Trace:
[  185.360393][T15024]  <TASK>
[  185.360401][T15024]  dump_stack_lvl+0xf2/0x150
[  185.370620][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  185.380670][T15024]  dump_stack+0x15/0x20
[  185.383946][    C0] RIP: 0010:refcount_warn_saturate+0x1c6/0x230
[  185.386858][T15024]  should_fail_ex+0x223/0x230
[  185.391612][    C0] Code: 72 ff ff ff e8 9b 31 70 ff 48 c7 c7 0b 00 b3 86 e8 1f 7e 89 ff c6 05 93 a8 f2 04 01 90 48 c7 c7 63 5a 1c 86 e8 9b c3 51 ff 90 <0f> 0b 90 90 e9 43 ff ff ff e8 6c 31 70 ff 48 c7 c7 08 00 b3 86 e8
[  185.401715][T15024]  should_fail+0xb/0x10
[  185.405869][    C0] RSP: 0018:ffffc900000879e8 EFLAGS: 00010246
[  185.411994][T15024]  should_fail_usercopy+0x1a/0x20
[  185.416828][    C0] 
[  185.416835][    C0] RAX: e138bd6fd5390d00 RBX: ffff88811721a1e4 RCX: ffff8881001d0000
[  185.436405][T15024]  _copy_from_user+0x1e/0xb0
[  185.440565][    C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[  185.446591][T15024]  kstrtouint_from_user+0x76/0xe0
[  185.451782][    C0] RBP: 0000000000000003 R08: ffffffff81121c87 R09: 0000000000000000
[  185.454162][T15024]  ? 0xffffffff81000000
[  185.462126][    C0] R10: 0001ffffffffffff R11: ffff8881001d0000 R12: 0000000000000001
[  185.466669][T15024]  ? selinux_file_permission+0x22a/0x360
[  185.474637][    C0] R13: ffff8881177e9a00 R14: ffff88811721a1e4 R15: 0000000000000000
[  185.479619][T15024]  proc_fail_nth_write+0x4f/0x150
[  185.479641][T15024]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  185.487595][    C0] FS:  0000000000000000(0000) GS:ffff888237c00000(0000) knlGS:0000000000000000
[  185.491707][T15024]  vfs_write+0x281/0x920
[  185.499842][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  185.505433][T15024]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  185.513415][    C0] CR2: 000055557f2cd4a8 CR3: 000000012b5c8000 CR4: 00000000003506f0
[  185.518376][T15024]  ? __fget_files+0x17c/0x1c0
[  185.523990][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  185.532891][T15024]  ksys_write+0xe8/0x1b0
[  185.537132][    C0] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  185.543707][T15024]  __x64_sys_write+0x42/0x50
[  185.549242][    C0] Call Trace:
[  185.557186][T15024]  x64_sys_call+0x287e/0x2dc0
[  185.561847][    C0]  <TASK>
[  185.569793][T15024]  do_syscall_64+0xc9/0x1c0
[  185.569814][T15024]  ? clear_bhb_loop+0x55/0xb0
[  185.574114][    C0]  ? __warn+0x141/0x350
[  185.582057][T15024]  ? clear_bhb_loop+0x55/0xb0
[  185.582076][T15024]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  185.586639][    C0]  ? report_bug+0x315/0x420
[  185.589904][T15024] RIP: 0033:0x7f0ac912f2bf
[  185.589921][T15024] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 8e 02 00 48
[  185.589937][T15024] RSP: 002b:00007f0ac77a7050 EFLAGS: 00000293
[  185.594756][    C0]  ? refcount_warn_saturate+0x1c6/0x230
[  185.597669][T15024]  ORIG_RAX: 0000000000000001
[  185.597678][T15024] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f0ac912f2bf
[  185.602331][    C0]  ? handle_bug+0x60/0x90
[  185.602354][    C0]  ? exc_invalid_op+0x1a/0x50
[  185.607017][T15024] RDX: 0000000000000001 RSI: 00007f0ac77a70b0 RDI: 0000000000000006
[  185.607031][T15024] RBP: 00007f0ac77a70a0 R08: 0000000000000000 R09: 0000000000000000
[  185.607044][T15024] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  185.611168][    C0]  ? asm_exc_invalid_op+0x1a/0x20
[  185.611203][    C0]  ? __warn_printk+0x167/0x1b0
[  185.611220][    C0]  ? refcount_warn_saturate+0x1c6/0x230
[  185.615876][T15024] R13: 0000000000000000 R14: 00007f0ac92f5fa0 R15: 00007fff153768f8
[  185.621756][    C0]  ? refcount_warn_saturate+0x1c5/0x230
[  185.621791][    C0]  sk_skb_reason_drop+0xe9/0x290
[  185.621812][    C0]  j1939_xtp_rx_cts+0x3c4/0x6c0
[  185.626296][T15024]  </TASK>
[  185.745679][T15028] dccp_invalid_packet: P.Data Offset(100) too large
[  185.746593][    C0]  j1939_tp_recv+0x699/0xa80
[  185.761163][    C0]  j1939_can_recv+0x45f/0x550
[  185.765865][    C0]  ? __pfx_j1939_can_recv+0x10/0x10
[  185.771102][    C0]  can_rcv_filter+0x225/0x4c0
[  185.775799][    C0]  can_receive+0x182/0x1f0
[  185.780233][    C0]  ? __pfx_ip_rcv+0x10/0x10
[  185.784750][    C0]  can_rcv+0xe7/0x180
[  185.788773][    C0]  ? __pfx_can_rcv+0x10/0x10
[  185.793372][    C0]  __netif_receive_skb+0x123/0x280
[  185.798522][    C0]  process_backlog+0x22e/0x440
[  185.803320][    C0]  __napi_poll+0x63/0x3c0
[  185.807710][    C0]  ? net_rx_action+0x376/0x7f0
[  185.812512][    C0]  net_rx_action+0x3a1/0x7f0
[  185.817132][    C0]  handle_softirqs+0xbf/0x280
[  185.821822][    C0]  ? __pfx_run_ksoftirqd+0x10/0x10
[  185.826934][    C0]  run_ksoftirqd+0x1c/0x30
[  185.831381][    C0]  smpboot_thread_fn+0x31c/0x4c0
[  185.836333][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  185.841817][    C0]  kthread+0x1d1/0x210
[  185.845943][    C0]  ? __pfx_kthread+0x10/0x10
[  185.850566][    C0]  ret_from_fork+0x4b/0x60
[  185.854996][    C0]  ? __pfx_kthread+0x10/0x10
[  185.859604][    C0]  ret_from_fork_asm+0x1a/0x30
[  185.864394][    C0]  </TASK>
[  185.867424][    C0] ---[ end trace 0000000000000000 ]---
[  185.984212][T15028] bond0: (slave bond_slave_0): Releasing backup interface
[  186.002755][T15037] loop1: detected capacity change from 0 to 512
[  186.028246][T15028] bond0: (slave bond_slave_1): Releasing backup interface
[  186.036274][T15037] EXT4-fs: Ignoring removed orlov option
[  186.045402][T15037] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  186.056684][T15037] EXT4-fs (loop1): 1 orphan inode deleted
[  186.062499][T15037] EXT4-fs (loop1): 1 truncate cleaned up
[  186.070656][T15037] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  186.160481][T14235] EXT4-fs unmount: 57 callbacks suppressed
[  186.160566][T14235] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.188495][T15028] team0: Port device team_slave_0 removed
[  186.197516][T15042] syz.1.3312: attempt to access beyond end of device
[  186.197516][T15042] md34: rw=2048, sector=0, nr_sectors = 8 limit=0
[  186.207952][T15028] team0: Port device team_slave_1 removed
[  186.222508][T15028] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  186.230285][T15028] batman_adv: batadv0: Removing interface: batadv_slave_0
[  186.239120][T15028] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  186.246527][T15028] batman_adv: batadv0: Removing interface: batadv_slave_1
[  186.269190][T15046] syz.1.3314: attempt to access beyond end of device
[  186.269190][T15046] md34: rw=2048, sector=0, nr_sectors = 8 limit=0
[  186.289332][T15048] vhci_hcd: invalid port number 13
[  186.294572][T15048] vhci_hcd: default hub control req: 0014 v0000 i000d l0
[  186.378663][T15059] loop2: detected capacity change from 0 to 256
[  186.466857][T15071] dccp_invalid_packet: P.Data Offset(100) too large
[  186.476061][T15073] vhci_hcd: invalid port number 13
[  186.481295][T15073] vhci_hcd: default hub control req: 0014 v0000 i000d l0
[  186.547823][T15077] syz.1.3327[15077] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  186.547954][T15077] syz.1.3327[15077] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  186.565598][T15077] syz.1.3327[15077] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  186.578288][T15077] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3327'.
[  186.599899][T15083] IPv6: Can't replace route, no match found
[  186.606187][T15083] syz.2.3330: attempt to access beyond end of device
[  186.606187][T15083] md34: rw=2048, sector=0, nr_sectors = 8 limit=0
[  186.642526][T15086] tmpfs: Unknown parameter 'mp'
[  186.651227][T15086] serio: Serial port pts0
[  186.666667][T15090] loop2: detected capacity change from 0 to 164
[  186.673237][T15090] iso9660: Unexpected value for 'nocompress'
[  186.705985][T15093] loop2: detected capacity change from 0 to 256
[  186.830334][T15103] netlink: 'syz.2.3336': attribute type 1 has an invalid length.
[  186.842708][T15103] 8021q: adding VLAN 0 to HW filter on device bond1
[  186.905482][    C0] vcan0: j1939_tp_rxtimer: 0xffff8881177e9a00: rx timeout, send abort
[  186.913736][    C0] vcan0: j1939_tp_rxtimer: 0xffff8881177e8200: rx timeout, send abort
[  186.921987][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff8881177e9a00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  186.936267][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff8881177e8200: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  187.007795][T15111] vhci_hcd: invalid port number 13
[  187.012962][T15111] vhci_hcd: default hub control req: 0014 v0000 i000d l0
[  187.110082][T15122] loop0: detected capacity change from 0 to 256
[  187.165667][T15131] loop2: detected capacity change from 0 to 256
[  187.189926][T15131] FAT-fs (loop2): Directory bread(block 64) failed
[  187.199818][T15131] FAT-fs (loop2): Directory bread(block 65) failed
[  187.206482][T15131] FAT-fs (loop2): Directory bread(block 66) failed
[  187.207540][T15133] loop0: detected capacity change from 0 to 1024
[  187.213311][T15131] FAT-fs (loop2): Directory bread(block 67) failed
[  187.226193][T15131] FAT-fs (loop2): Directory bread(block 68) failed
[  187.240655][T15131] FAT-fs (loop2): Directory bread(block 69) failed
[  187.248589][T15131] FAT-fs (loop2): Directory bread(block 70) failed
[  187.255273][T15131] FAT-fs (loop2): Directory bread(block 71) failed
[  187.257381][T15133] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  187.264260][T15131] FAT-fs (loop2): Directory bread(block 72) failed
[  187.282821][T15131] FAT-fs (loop2): Directory bread(block 73) failed
[  187.301631][T15133] EXT4-fs: Cannot change quota options when quota turned on
[  187.312186][T15131] syz.2.3348: attempt to access beyond end of device
[  187.312186][T15131] loop2: rw=524288, sector=1736, nr_sectors = 32 limit=256
[  187.326170][T15131] syz.2.3348: attempt to access beyond end of device
[  187.326170][T15131] loop2: rw=0, sector=1736, nr_sectors = 8 limit=256
[  187.395261][T15140] vhci_hcd: invalid port number 13
[  187.400451][T15140] vhci_hcd: default hub control req: 0014 v0000 i000d l0
[  187.426123][T15142] loop2: detected capacity change from 0 to 512
[  187.445276][T15142] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  187.489074][T15142] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  187.505826][T15142] EXT4-fs error (device loop2): ext4_do_update_inode:5153: inode #2: comm syz.2.3352: corrupted inode contents
[  187.520855][T15142] EXT4-fs error (device loop2): ext4_dirty_inode:6041: inode #2: comm syz.2.3352: mark_inode_dirty error
[  187.540720][T15156] loop3: detected capacity change from 0 to 256
[  187.558782][T15142] EXT4-fs error (device loop2): ext4_do_update_inode:5153: inode #2: comm syz.2.3352: corrupted inode contents
[  187.601007][T15161] syz.4.3360: attempt to access beyond end of device
[  187.601007][T15161] md34: rw=2048, sector=0, nr_sectors = 8 limit=0
[  187.631695][T13359] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  187.637368][T15163] hub 9-0:1.0: USB hub found
[  187.645402][T15163] hub 9-0:1.0: 8 ports detected
[  187.704808][T15169] syz.2.3362: attempt to access beyond end of device
[  187.704808][T15169] md34: rw=2048, sector=0, nr_sectors = 8 limit=0
[  187.760209][T15173] netlink: 80 bytes leftover after parsing attributes in process `syz.1.3366'.
[  188.319120][   T29] kauditd_printk_skb: 999 callbacks suppressed
[  188.319134][   T29] audit: type=1326 audit(1732760934.209:24916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15132 comm="syz.0.3349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fdf205c77a7 code=0x7ffc0000
[  188.348820][   T29] audit: type=1326 audit(1732760934.209:24917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15132 comm="syz.0.3349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdf2056c149 code=0x7ffc0000
[  188.372355][   T29] audit: type=1326 audit(1732760934.209:24918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15132 comm="syz.0.3349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7fdf205d0809 code=0x7ffc0000
[  188.396308][   T29] audit: type=1326 audit(1732760934.209:24919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15132 comm="syz.0.3349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fdf205c77a7 code=0x7ffc0000
[  188.419914][   T29] audit: type=1326 audit(1732760934.209:24920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15132 comm="syz.0.3349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdf2056c149 code=0x7ffc0000
[  188.443386][   T29] audit: type=1326 audit(1732760934.209:24921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15132 comm="syz.0.3349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7fdf205d0809 code=0x7ffc0000
[  188.470074][T13130] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  188.484690][   T29] audit: type=1326 audit(1732760934.389:24922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15185 comm="syz.1.3368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ffb3d0809 code=0x7ffc0000
[  188.508390][   T29] audit: type=1326 audit(1732760934.389:24923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15185 comm="syz.1.3368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ffb3d0809 code=0x7ffc0000
[  188.531972][   T29] audit: type=1326 audit(1732760934.389:24924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15185 comm="syz.1.3368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=66 compat=0 ip=0x7f2ffb3d0809 code=0x7ffc0000
[  188.555495][   T29] audit: type=1326 audit(1732760934.389:24925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15185 comm="syz.1.3368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ffb3d0809 code=0x7ffc0000
[  188.833663][T15206] dccp_invalid_packet: P.Data Offset(100) too large
[  188.865749][T15208] loop0: detected capacity change from 0 to 256
[  188.889153][T15206] hub 9-0:1.0: USB hub found
[  188.919017][T15206] hub 9-0:1.0: 8 ports detected
[  188.994502][T15214] syz.0.3377: attempt to access beyond end of device
[  188.994502][T15214] md34: rw=2048, sector=0, nr_sectors = 8 limit=0
[  189.090434][T15217] FAULT_INJECTION: forcing a failure.
[  189.090434][T15217] name failslab, interval 1, probability 0, space 0, times 0
[  189.103381][T15217] CPU: 1 UID: 0 PID: 15217 Comm: syz.3.3379 Tainted: G        W          6.12.0-syzkaller-10313-g7d4050728c83 #0
[  189.115290][T15217] Tainted: [W]=WARN
[  189.119091][T15217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  189.129266][T15217] Call Trace:
[  189.132557][T15217]  <TASK>
[  189.135503][T15217]  dump_stack_lvl+0xf2/0x150
[  189.140145][T15217]  dump_stack+0x15/0x20
[  189.144294][T15217]  should_fail_ex+0x223/0x230
[  189.149041][T15217]  should_failslab+0x8f/0xb0
[  189.153625][T15217]  __kmalloc_noprof+0xab/0x3f0
[  189.158392][T15217]  ? security_sk_alloc+0x53/0x120
[  189.163485][T15217]  ? should_failslab+0x8f/0xb0
[  189.168319][T15217]  security_sk_alloc+0x53/0x120
[  189.173234][T15217]  sk_prot_alloc+0xc6/0x190
[  189.177869][T15217]  sk_alloc+0x33/0x360
[  189.181934][T15217]  ? bpf_prog_test_run_skb+0x1da/0xc00
[  189.187558][T15217]  bpf_prog_test_run_skb+0x244/0xc00
[  189.192852][T15217]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  189.198734][T15217]  bpf_prog_test_run+0x20f/0x3a0
[  189.203754][T15217]  __sys_bpf+0x400/0x7a0
[  189.208061][T15217]  __x64_sys_bpf+0x43/0x50
[  189.212480][T15217]  x64_sys_call+0x2914/0x2dc0
[  189.217169][T15217]  do_syscall_64+0xc9/0x1c0
[  189.221670][T15217]  ? clear_bhb_loop+0x55/0xb0
[  189.226355][T15217]  ? clear_bhb_loop+0x55/0xb0
[  189.231085][T15217]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.237045][T15217] RIP: 0033:0x7ffa805d0809
[  189.241489][T15217] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  189.261127][T15217] RSP: 002b:00007ffa7ec47058 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  189.269603][T15217] RAX: ffffffffffffffda RBX: 00007ffa80795fa0 RCX: 00007ffa805d0809
[  189.277667][T15217] RDX: 000000000000001e RSI: 0000000020000080 RDI: 000000000000000a
[  189.285639][T15217] RBP: 00007ffa7ec470a0 R08: 0000000000000000 R09: 0000000000000000
[  189.293608][T15217] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  189.301641][T15217] R13: 0000000000000000 R14: 00007ffa80795fa0 R15: 00007ffd8850e4a8
[  189.309619][T15217]  </TASK>
[  189.313940][T15219] netlink: 'syz.0.3380': attribute type 9 has an invalid length.
[  189.321742][T15219] netlink: 'syz.0.3380': attribute type 7 has an invalid length.
[  189.329547][T15219] netlink: 'syz.0.3380': attribute type 8 has an invalid length.
[  189.449562][T15226] loop4: detected capacity change from 0 to 1024
[  189.471389][T15226] EXT4-fs: Ignoring removed nobh option
[  189.476969][T15226] EXT4-fs: Ignoring removed orlov option
[  189.505166][T15215] loop1: detected capacity change from 0 to 1024
[  189.522237][T15226] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  189.560314][T15215] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  189.578723][T13899] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  189.597229][T15242] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.610562][T15243] vhci_hcd: invalid port number 13
[  189.615702][T15243] vhci_hcd: default hub control req: 0014 v0000 i000d l0
[  189.628646][T15245] loop4: detected capacity change from 0 to 256
[  189.635482][T15245] msdos: Bad value for 'gid'
[  189.640182][T15245] msdos: Bad value for 'gid'
[  189.678260][T15242] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.725216][T15252] dccp_invalid_packet: P.Data Offset(100) too large
[  189.739172][T15242] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.760306][T15252] hub 9-0:1.0: USB hub found
[  189.767167][T15252] hub 9-0:1.0: 8 ports detected
[  189.847458][T15242] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.847958][T14235] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  189.936605][T15242] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  189.947880][T15242] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  189.965710][T15242] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  189.978926][T15242] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  190.039101][T15265] syz.2.3395: attempt to access beyond end of device
[  190.039101][T15265] md34: rw=2048, sector=0, nr_sectors = 8 limit=0
[  190.080602][T15269] IPv6: Can't replace route, no match found
[  190.086910][T15269] syz.2.3396: attempt to access beyond end of device
[  190.086910][T15269] md34: rw=2048, sector=0, nr_sectors = 8 limit=0
[  190.165462][T15277] loop2: detected capacity change from 0 to 1024
[  190.194759][T15277] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  190.210589][T15277] FAULT_INJECTION: forcing a failure.
[  190.210589][T15277] name failslab, interval 1, probability 0, space 0, times 0
[  190.223330][T15277] CPU: 0 UID: 0 PID: 15277 Comm: syz.2.3397 Tainted: G        W          6.12.0-syzkaller-10313-g7d4050728c83 #0
[  190.235285][T15277] Tainted: [W]=WARN
[  190.239155][T15277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  190.249325][T15277] Call Trace:
[  190.252664][T15277]  <TASK>
[  190.255592][T15277]  dump_stack_lvl+0xf2/0x150
[  190.260229][T15277]  dump_stack+0x15/0x20
[  190.264392][T15277]  should_fail_ex+0x223/0x230
[  190.269115][T15277]  should_failslab+0x8f/0xb0
[  190.273708][T15277]  kmem_cache_alloc_noprof+0x52/0x320
[  190.279129][T15277]  ? getname_flags+0x81/0x3b0
[  190.283900][T15277]  getname_flags+0x81/0x3b0
[  190.288421][T15277]  getname+0x17/0x20
[  190.292335][T15277]  path_setxattrat+0x23a/0x310
[  190.297128][T15277]  __x64_sys_setxattr+0x6e/0x90
[  190.301994][T15277]  x64_sys_call+0x2247/0x2dc0
[  190.306697][T15277]  do_syscall_64+0xc9/0x1c0
[  190.311211][T15277]  ? clear_bhb_loop+0x55/0xb0
[  190.315895][T15277]  ? clear_bhb_loop+0x55/0xb0
[  190.320607][T15277]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.326525][T15277] RIP: 0033:0x7f0ac9130809
[  190.330951][T15277] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  190.350771][T15277] RSP: 002b:00007f0ac77a7058 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[  190.359283][T15277] RAX: ffffffffffffffda RBX: 00007f0ac92f5fa0 RCX: 00007f0ac9130809
[  190.367323][T15277] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000020000040
[  190.375392][T15277] RBP: 00007f0ac77a70a0 R08: 0000000000000001 R09: 0000000000000000
[  190.383501][T15277] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  190.391607][T15277] R13: 0000000000000000 R14: 00007f0ac92f5fa0 R15: 00007fff153768f8
[  190.399602][T15277]  </TASK>
[  190.417783][T13359] EXT4-fs error (device loop2): ext4_expand_extra_isize_ea:2793: inode #2: comm syz-executor: corrupted in-inode xattr: bad e_name length
[  190.433497][T13359] EXT4-fs (loop2): Remounting filesystem read-only
[  190.440282][T13359] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=11
[  190.449242][T13359] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=11
[  190.462589][T13359] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=11
[  190.471428][T13359] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=11
[  190.480520][T13359] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=11
[  190.489781][T13359] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=11
[  190.506589][T13359] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=11
[  190.525681][T13359] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=11
[  190.598735][T15249] syz.4.3389 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  190.609738][T15249] CPU: 0 UID: 0 PID: 15249 Comm: syz.4.3389 Tainted: G        W          6.12.0-syzkaller-10313-g7d4050728c83 #0
[  190.621666][T15249] Tainted: [W]=WARN
[  190.625475][T15249] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  190.635539][T15249] Call Trace:
[  190.638935][T15249]  <TASK>
[  190.641877][T15249]  dump_stack_lvl+0xf2/0x150
[  190.646515][T15249]  dump_stack+0x15/0x20
[  190.650687][T15249]  dump_header+0x83/0x2d0
[  190.655039][T15249]  oom_kill_process+0x341/0x4c0
[  190.659962][T15249]  out_of_memory+0x9af/0xbe0
[  190.664572][T15249]  ? css_next_descendant_pre+0x11c/0x140
[  190.670318][T15249]  mem_cgroup_out_of_memory+0x13e/0x190
[  190.675877][T15249]  try_charge_memcg+0x508/0x7f0
[  190.680752][T15249]  charge_memcg+0x50/0xc0
[  190.685115][T15249]  mem_cgroup_swapin_charge_folio+0xd0/0x150
[  190.691192][T15249]  __read_swap_cache_async+0x236/0x480
[  190.696711][T15249]  swap_cluster_readahead+0x381/0x3f0
[  190.702112][T15249]  swapin_readahead+0xe4/0x6f0
[  190.706896][T15249]  ? bio_free+0x153/0x1f0
[  190.711327][T15249]  ? swap_cache_get_folio+0x77/0x210
[  190.716668][T15249]  do_swap_page+0x31b/0x2550
[  190.721277][T15249]  ? blk_mq_free_request+0x1b0/0x200
[  190.726594][T15249]  ? __rcu_read_lock+0x36/0x50
[  190.731357][T15249]  ? __pfx_default_wake_function+0x10/0x10
[  190.737195][T15249]  handle_mm_fault+0x8e4/0x2ac0
[  190.742121][T15249]  exc_page_fault+0x3b9/0x650
[  190.746804][T15249]  asm_exc_page_fault+0x26/0x30
[  190.751756][T15249] RIP: 0033:0x7f6e910b7779
[  190.756264][T15249] Code: 39 f0 73 46 49 89 34 24 48 89 ce 48 89 4f f8 49 8b 14 24 49 8b 4c 24 08 eb 85 0f 1f 80 00 00 00 00 48 89 fe 4c 89 ea 48 89 df <e8> f2 fe ff ff 48 89 d8 4c 29 e0 48 3d 80 00 00 00 7e 7f 4d 85 ed
[  190.775909][T15249] RSP: 002b:00007fffff3cafd0 EFLAGS: 00010212
[  190.781977][T15249] RAX: 00007f6e909b3de8 RBX: 00007f6e909b3df0 RCX: ffffffff81531e0f
[  190.789946][T15249] RDX: 0000000000000022 RSI: 00007f6e90b99d90 RDI: 00007f6e909b3df0
[  190.797908][T15249] RBP: 00007f6e9085f010 R08: 00007f6e909fc6c8 R09: 00007f6e91392000
[  190.805925][T15249] R10: 00007f6e9085f008 R11: 0000000000000016 R12: 00007f6e9085f008
[  190.813885][T15249] R13: 0000000000000022 R14: 0000000000000032 R15: 00007f6e9085f008
[  190.821854][T15249]  ? lru_gen_update_size+0x14f/0x400
[  190.827134][T15249]  </TASK>
[  190.830278][T15249] memory: usage 307200kB, limit 307200kB, failcnt 215
[  190.837296][T15249] memory+swap: usage 307408kB, limit 9007199254740988kB, failcnt 0
[  190.845198][T15249] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[  190.852619][T15249] Memory cgroup stats for /syz4:
[  190.880462][T15327] loop1: detected capacity change from 0 to 512
[  190.891937][T15249] cache 0
[  190.894874][T15249] rss 0
[  190.897749][T15249] shmem 0
[  190.900678][T15249] mapped_file 0
[  190.904212][T15249] dirty 0
[  190.907218][T15249] writeback 0
[  190.910502][T15249] workingset_refault_anon 25
[  190.915086][T15249] workingset_refault_file 94
[  190.919796][T15249] swap 212992
[  190.923115][T15249] swapcached 0
[  190.926489][T15249] pgpgin 99082
[  190.929888][T15249] pgpgout 99082
[  190.933349][T15249] pgfault 147410
[  190.936896][T15249] pgmajfault 41
[  190.940420][T15249] inactive_anon 0
[  190.944057][T15249] active_anon 0
[  190.947605][T15249] inactive_file 0
[  190.951234][T15249] active_file 0
[  190.954702][T15249] unevictable 0
[  190.958198][T15249] hierarchical_memory_limit 314572800
[  190.963565][T15249] hierarchical_memsw_limit 9223372036854771712
[  190.969826][T15249] total_cache 0
[  190.973283][T15249] total_rss 0
[  190.976575][T15249] total_shmem 0
[  190.980084][T15249] total_mapped_file 0
[  190.984110][T15249] total_dirty 0
[  190.987626][T15249] total_writeback 0
[  190.991433][T15249] total_workingset_refault_anon 25
[  190.996577][T15249] total_workingset_refault_file 94
[  191.001732][T15249] total_swap 212992
[  191.005541][T15249] total_swapcached 0
[  191.009460][T15249] total_pgpgin 99082
[  191.013383][T15249] total_pgpgout 99082
[  191.017683][T15249] total_pgfault 147410
[  191.021750][T15249] total_pgmajfault 41
[  191.025741][T15249] total_inactive_anon 0
[  191.030115][T15249] total_active_anon 0
[  191.034095][T15249] total_inactive_file 0
[  191.038297][T15249] total_active_file 0
[  191.042276][T15249] total_unevictable 0
[  191.046254][T15249] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.3389,pid=15249,uid=0
[  191.048536][T15327] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  191.061044][T15249] Memory cgroup out of memory: Killed process 15249 (syz.4.3389) total-vm:95328kB, anon-rss:744kB, file-rss:22464kB, shmem-rss:0kB, UID:0 pgtables:120kB oom_score_adj:1000
[  191.131239][T15327] ext4 filesystem being mounted at /74/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  191.198176][T14235] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.241482][T15362] hub 9-0:1.0: USB hub found
[  191.246364][T15362] hub 9-0:1.0: 8 ports detected
[  191.412675][T15369] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3402'.
[  191.456275][T15391] loop4: detected capacity change from 0 to 256
[  191.488574][T15395] loop4: detected capacity change from 0 to 512
[  191.499700][T15395] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.3405: corrupted in-inode xattr: invalid ea_ino
[  191.524107][T15395] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.3405: couldn't read orphan inode 15 (err -117)
[  191.531838][T15381] lo speed is unknown, defaulting to 1000
[  191.542630][T15395] EXT4-fs (loop4): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  191.564534][T15395] EXT4-fs error (device loop4): ext4_lookup:1813: inode #13: comm syz.4.3405: iget: bad extended attribute block 7177
[  191.582928][T15381] lo speed is unknown, defaulting to 1000
[  191.586919][T15395] EXT4-fs error (device loop4): ext4_lookup:1813: inode #13: comm syz.4.3405: iget: bad extended attribute block 7177
[  191.608657][T15395] EXT4-fs error (device loop4): ext4_lookup:1813: inode #13: comm syz.4.3405: iget: bad extended attribute block 7177
[  191.647844][T13899] EXT4-fs (loop4): unmounting filesystem 00000007-0000-0000-0000-000000000000.
[  191.919084][T15451] syz.1.3412: attempt to access beyond end of device
[  191.919084][T15451] md34: rw=2048, sector=0, nr_sectors = 8 limit=0
[  191.961241][T15449] netlink: 'syz.3.3411': attribute type 1 has an invalid length.
[  191.976047][T15449] 8021q: adding VLAN 0 to HW filter on device bond3
[  192.017868][T15458] SELinux:  Context Ü is not valid (left unmapped).
[  192.020080][T15457] macvlan2: entered promiscuous mode
[  192.029985][T15457] bridge0: entered promiscuous mode
[  192.036150][T15457] bridge0: port 1(macvlan2) entered blocking state
[  192.042809][T15457] bridge0: port 1(macvlan2) entered disabled state
[  192.050091][T15457] macvlan2: entered allmulticast mode
[  192.055495][T15457] bridge0: entered allmulticast mode
[  192.061525][T15457] macvlan2: left allmulticast mode
[  192.066636][T15457] bridge0: left allmulticast mode
[  192.072371][T15457] bridge0: left promiscuous mode
[  192.156163][T15465] loop1: detected capacity change from 0 to 512
[  192.165292][T15467] loop3: detected capacity change from 0 to 512
[  192.183308][T15465] EXT4-fs (loop1): orphan cleanup on readonly fs
[  192.183693][T15467] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  192.190470][T15465] EXT4-fs warning (device loop1): ext4_enable_quotas:7156: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  192.202262][T15467] ext4 filesystem being mounted at /122/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  192.218897][T15465] EXT4-fs (loop1): Cannot turn on quotas: error -22
[  192.237156][T15465] EXT4-fs error (device loop1): ext4_ext_check_inode:524: inode #13: comm syz.1.3417: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  192.256897][T15465] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.3417: couldn't read orphan inode 13 (err -117)
[  192.270793][T15465] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  192.283980][T13240] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.294122][T15465] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[  192.303924][T15465] EXT4-fs warning (device loop1): read_mmp_block:115: Error -117 while reading MMP block 2
[  192.321799][T15479] loop3: detected capacity change from 0 to 512
[  192.340083][T15479] EXT4-fs error (device loop3): ext4_xattr_inode_iget:436: comm syz.3.3422: Parent and EA inode have the same ino 15
[  192.352718][T15479] EXT4-fs (loop3): 1 orphan inode deleted
[  192.359028][T15479] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  192.396309][T15479] netlink: 92 bytes leftover after parsing attributes in process `syz.3.3422'.
[  192.413555][T13240] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.547536][T15488] netlink: 248 bytes leftover after parsing attributes in process `syz.3.3424'.
[  192.559214][T15488] loop3: detected capacity change from 0 to 512
[  192.568528][T15488] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  192.581283][T15488] ext4 filesystem being mounted at /126/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  192.603197][T13240] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.620526][T15492] dccp_invalid_packet: P.Data Offset(100) too large
[  192.648782][T15494] netlink: 100 bytes leftover after parsing attributes in process `syz.3.3426'.
[  192.666566][T15494] ALSA: seq fatal error: cannot create timer (-19)
[  192.674262][T15494] x_tables: ip_tables: udp match: only valid for protocol 17
[  192.733251][T15502] lo speed is unknown, defaulting to 1000
[  192.769034][T15502] lo speed is unknown, defaulting to 1000
[  192.769670][T15507] loop0: detected capacity change from 0 to 512
[  192.781746][T15507] EXT4-fs: Ignoring removed orlov option
[  192.788747][T15507] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  192.812144][T15507] EXT4-fs (loop0): 1 orphan inode deleted
[  192.817918][T15507] EXT4-fs (loop0): 1 truncate cleaned up
[  192.824280][T15507] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  192.839733][T15513] vhci_hcd: invalid port number 13
[  192.844862][T15513] vhci_hcd: default hub control req: 0014 v0000 i000d l0
[  192.854011][T13130] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.873890][T15515] hsr_slave_0: left promiscuous mode
[  192.880845][T15515] hsr_slave_1: left promiscuous mode
[  192.898290][T15517] IPv6: Can't replace route, no match found
[  192.904524][T15517] syz.3.3435: attempt to access beyond end of device
[  192.904524][T15517] md34: rw=2048, sector=0, nr_sectors = 8 limit=0
[  192.932429][T15519] dccp_invalid_packet: P.Data Offset(100) too large
[  192.984320][T15525] loop3: detected capacity change from 0 to 1024
[  193.008074][T15525] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  193.008204][T14235] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.047474][T15525] EXT4-fs: Cannot change quota options when quota turned on
[  193.049507][T15528] ucma_write: process 198 (syz.1.3440) changed security contexts after opening file descriptor, this is not allowed.
[  193.071111][T15528] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  193.079871][T15528] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  193.090863][T15530] FAULT_INJECTION: forcing a failure.
[  193.090863][T15530] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  193.104067][T15530] CPU: 1 UID: 0 PID: 15530 Comm: syz.4.3441 Tainted: G        W          6.12.0-syzkaller-10313-g7d4050728c83 #0
[  193.116032][T15530] Tainted: [W]=WARN
[  193.119818][T15530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  193.129948][T15530] Call Trace:
[  193.133216][T15530]  <TASK>
[  193.136164][T15530]  dump_stack_lvl+0xf2/0x150
[  193.140881][T15530]  dump_stack+0x15/0x20
[  193.145052][T15530]  should_fail_ex+0x223/0x230
[  193.149801][T15530]  should_fail+0xb/0x10
[  193.153954][T15530]  should_fail_usercopy+0x1a/0x20
[  193.158973][T15530]  _copy_from_user+0x1e/0xb0
[  193.163613][T15530]  restore_sigcontext+0x64/0x220
[  193.168544][T15530]  __do_sys_rt_sigreturn+0xfd/0x160
[  193.173862][T15530]  x64_sys_call+0x2982/0x2dc0
[  193.178533][T15530]  do_syscall_64+0xc9/0x1c0
[  193.183200][T15530]  ? clear_bhb_loop+0x55/0xb0
[  193.187859][T15530]  ? clear_bhb_loop+0x55/0xb0
[  193.192557][T15530]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  193.198529][T15530] RIP: 0033:0x7f6e9117c149
[  193.202978][T15530] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
[  193.222579][T15530] RSP: 002b:00007f6e8f856ac0 EFLAGS: 00000202 ORIG_RAX: 000000000000000f
[  193.231054][T15530] RAX: ffffffffffffffda RBX: 00007f6e913a5fa0 RCX: 00007f6e9117c149
[  193.239030][T15530] RDX: 00007f6e8f856ac0 RSI: 00007f6e8f856bf0 RDI: 0000000000000021
[  193.247002][T15530] RBP: 00007f6e8f8570a0 R08: 0000000000000000 R09: 0000000000000000
[  193.254968][T15530] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001
[  193.262968][T15530] R13: 0000000000000000 R14: 00007f6e913a5fa0 R15: 00007fffff3caf48
[  193.270946][T15530]  </TASK>
[  193.294550][T15532] hub 9-0:1.0: USB hub found
[  193.299473][T15532] hub 9-0:1.0: 8 ports detected
[  193.306607][T15532] bridge_slave_0: left allmulticast mode
[  193.312478][T15532] bridge_slave_0: left promiscuous mode
[  193.318136][T15532] bridge0: port 1(bridge_slave_0) entered disabled state
[  193.325773][T15532] bridge_slave_1: left allmulticast mode
[  193.331537][T15532] bridge_slave_1: left promiscuous mode
[  193.336729][   T29] kauditd_printk_skb: 926 callbacks suppressed
[  193.336742][   T29] audit: type=1326 audit(1732760939.259:25852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15524 comm="syz.3.3439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7ffa805c77a7 code=0x7ffc0000
[  193.337257][T15532] bridge0: port 2(bridge_slave_1) entered disabled state
[  193.345432][   T29] audit: type=1326 audit(1732760939.259:25853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15524 comm="syz.3.3439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7ffa8056c149 code=0x7ffc0000
[  193.397370][   T29] audit: type=1326 audit(1732760939.259:25854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15524 comm="syz.3.3439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7ffa805d0809 code=0x7ffc0000
[  193.421145][   T29] audit: type=1326 audit(1732760939.289:25855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15524 comm="syz.3.3439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7ffa805c77a7 code=0x7ffc0000
[  193.444638][   T29] audit: type=1326 audit(1732760939.289:25856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15524 comm="syz.3.3439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7ffa8056c149 code=0x7ffc0000
[  193.468206][   T29] audit: type=1326 audit(1732760939.289:25857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15524 comm="syz.3.3439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7ffa805d0809 code=0x7ffc0000
[  193.491779][   T29] audit: type=1326 audit(1732760939.289:25858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15524 comm="syz.3.3439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7ffa805c77a7 code=0x7ffc0000
[  193.515338][   T29] audit: type=1326 audit(1732760939.289:25859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15524 comm="syz.3.3439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7ffa8056c149 code=0x7ffc0000
[  193.538791][   T29] audit: type=1326 audit(1732760939.289:25860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15524 comm="syz.3.3439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7ffa805d0809 code=0x7ffc0000
[  193.562347][   T29] audit: type=1326 audit(1732760939.299:25861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15524 comm="syz.3.3439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7ffa805c77a7 code=0x7ffc0000
[  193.587297][T15532] bond0: (slave bond_slave_0): Releasing backup interface
[  193.595677][T15532] bond0: (slave bond_slave_1): Releasing backup interface
[  193.604924][T15532] team0: Port device team_slave_0 removed
[  193.611543][T15532] team0: Port device team_slave_1 removed
[  193.617685][T15532] batman_adv: batadv0: Removing interface: batadv_slave_0
[  193.625415][T15532] batman_adv: batadv0: Removing interface: batadv_slave_1
[  193.635216][T15533] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  193.643520][T15533] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  193.651883][T15533] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  193.660289][T15533] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  193.668766][T15533] geneve2: entered promiscuous mode
[  193.673967][T15533] geneve2: entered allmulticast mode
[  193.697541][T15538] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3444'.
[  193.700425][T15539] loop4: detected capacity change from 0 to 512
[  193.714459][T15538] hsr_slave_1 (unregistering): left promiscuous mode
[  193.718449][T15539] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  193.733942][T15539] ext4 filesystem being mounted at /54/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  193.759185][T15542] loop1: detected capacity change from 0 to 256
[  193.765822][T15542] vfat: Unknown parameter ''
[  193.766436][T13899] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.793068][T15544] vhci_hcd: invalid port number 13
[  193.798282][T15544] vhci_hcd: default hub control req: 0014 v0000 i000d l0
[  193.845348][T13240] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.845435][T15552] syz.4.3448: attempt to access beyond end of device
[  193.845435][T15552] md34: rw=2048, sector=0, nr_sectors = 8 limit=0
[  193.890014][T15558] loop4: detected capacity change from 0 to 512
[  193.896215][T15556] loop3: detected capacity change from 0 to 164
[  193.910649][T15558] EXT4-fs (loop4): orphan cleanup on readonly fs
[  193.923589][T15558] EXT4-fs warning (device loop4): ext4_enable_quotas:7156: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  193.950824][T15558] EXT4-fs (loop4): Cannot turn on quotas: error -22
[  193.957676][T15558] EXT4-fs error (device loop4): ext4_ext_check_inode:524: inode #13: comm syz.4.3451: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  193.991592][T15563] netlink: 'syz.1.3452': attribute type 1 has an invalid length.
[  194.004417][T15558] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.3451: couldn't read orphan inode 13 (err -117)
[  194.019580][T15558] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  194.033940][T15558] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[  194.040515][T15563] 8021q: adding VLAN 0 to HW filter on device bond2
[  194.047798][T15558] EXT4-fs warning (device loop4): read_mmp_block:115: Error -117 while reading MMP block 2
[  194.071078][T15573] dccp_invalid_packet: P.Data Offset(100) too large
[  194.083075][T15573] hub 9-0:1.0: USB hub found
[  194.087810][T15573] hub 9-0:1.0: 8 ports detected
[  194.108688][T15573] bridge_slave_0: left allmulticast mode
[  194.114376][T15573] bridge_slave_0: left promiscuous mode
[  194.120200][T15573] bridge0: port 1(bridge_slave_0) entered disabled state
[  194.130407][T15573] bridge_slave_1: left allmulticast mode
[  194.136112][T15573] bridge_slave_1: left promiscuous mode
[  194.141912][T15573] bridge0: port 2(bridge_slave_1) entered disabled state
[  194.153928][T15573] bond0: (slave bond_slave_0): Releasing backup interface
[  194.155257][T15580] FAULT_INJECTION: forcing a failure.
[  194.155257][T15580] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  194.174318][T15580] CPU: 0 UID: 0 PID: 15580 Comm: syz.0.3458 Tainted: G        W          6.12.0-syzkaller-10313-g7d4050728c83 #0
[  194.186224][T15580] Tainted: [W]=WARN
[  194.190037][T15580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  194.200338][T15580] Call Trace:
[  194.203613][T15580]  <TASK>
[  194.206627][T15580]  dump_stack_lvl+0xf2/0x150
[  194.211208][T15580]  dump_stack+0x15/0x20
[  194.215392][T15580]  should_fail_ex+0x223/0x230
[  194.220187][T15580]  should_fail+0xb/0x10
[  194.224332][T15580]  should_fail_usercopy+0x1a/0x20
[  194.229426][T15580]  _copy_from_user+0x1e/0xb0
[  194.234008][T15580]  copy_from_sockptr_offset+0x6b/0xb0
[  194.239390][T15580]  do_ip6t_set_ctl+0x6a4/0x8c0
[  194.244215][T15580]  ? kstrtouint+0x77/0xc0
[  194.248533][T15580]  ? __rcu_read_unlock+0x4e/0x70
[  194.253468][T15580]  nf_setsockopt+0x195/0x1b0
[  194.258045][T15580]  ipv6_setsockopt+0x10f/0x130
[  194.262860][T15580]  udpv6_setsockopt+0x95/0xb0
[  194.267577][T15580]  sock_common_setsockopt+0x64/0x80
[  194.272808][T15580]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  194.278697][T15580]  __sys_setsockopt+0x187/0x200
[  194.283561][T15580]  __x64_sys_setsockopt+0x66/0x80
[  194.288619][T15580]  x64_sys_call+0x282e/0x2dc0
[  194.293287][T15580]  do_syscall_64+0xc9/0x1c0
[  194.297858][T15580]  ? clear_bhb_loop+0x55/0xb0
[  194.302520][T15580]  ? clear_bhb_loop+0x55/0xb0
[  194.307189][T15580]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.313090][T15580] RIP: 0033:0x7fdf205d0809
[  194.317490][T15580] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  194.337086][T15580] RSP: 002b:00007fdf1ec47058 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  194.345547][T15580] RAX: ffffffffffffffda RBX: 00007fdf20795fa0 RCX: 00007fdf205d0809
[  194.353504][T15580] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000007
[  194.361469][T15580] RBP: 00007fdf1ec470a0 R08: 00000000000003b8 R09: 0000000000000000
[  194.369939][T15580] R10: 0000000020000500 R11: 0000000000000246 R12: 0000000000000001
[  194.377900][T15580] R13: 0000000000000000 R14: 00007fdf20795fa0 R15: 00007ffd3de5d8d8
[  194.385873][T15580]  </TASK>
[  194.392914][T15573] bond0: (slave bond_slave_1): Releasing backup interface
[  194.405246][T15573] team0: Port device team_slave_0 removed
[  194.412214][T15583] loop0: detected capacity change from 0 to 512
[  194.421283][T15573] team0: Port device team_slave_1 removed
[  194.428560][T15573] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  194.436303][T15573] batman_adv: batadv0: Removing interface: batadv_slave_0
[  194.446030][T15573] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  194.448878][T15583] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  194.453508][T15573] batman_adv: batadv0: Removing interface: batadv_slave_1
[  194.466142][T15583] ext4 filesystem being mounted at /121/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  194.502552][T13130] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.563456][T15592] FAULT_INJECTION: forcing a failure.
[  194.563456][T15592] name failslab, interval 1, probability 0, space 0, times 0
[  194.576160][T15592] CPU: 0 UID: 0 PID: 15592 Comm: syz.0.3463 Tainted: G        W          6.12.0-syzkaller-10313-g7d4050728c83 #0
[  194.588102][T15592] Tainted: [W]=WARN
[  194.591911][T15592] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  194.602060][T15592] Call Trace:
[  194.605357][T15592]  <TASK>
[  194.608344][T15592]  dump_stack_lvl+0xf2/0x150
[  194.613067][T15592]  dump_stack+0x15/0x20
[  194.617226][T15592]  should_fail_ex+0x223/0x230
[  194.621906][T15592]  should_failslab+0x8f/0xb0
[  194.626571][T15592]  kmem_cache_alloc_noprof+0x52/0x320
[  194.631940][T15592]  ? p9_client_prepare_req+0xf9/0x870
[  194.637363][T15592]  p9_client_prepare_req+0xf9/0x870
[  194.642634][T15592]  ? __rcu_read_unlock+0x4e/0x70
[  194.647555][T15592]  ? delete_node+0x40b/0x450
[  194.652194][T15592]  p9_client_rpc+0xf0/0x710
[  194.656756][T15592]  ? radix_tree_iter_tag_clear+0x109/0x180
[  194.662696][T15592]  p9_client_walk+0xfb/0x4e0
[  194.667361][T15592]  v9fs_file_open+0x163/0x530
[  194.672041][T15592]  ? __pfx_v9fs_file_open+0x10/0x10
[  194.677254][T15592]  do_dentry_open+0x621/0xa20
[  194.681939][T15592]  vfs_open+0x38/0x1f0
[  194.686061][T15592]  path_openat+0x1ac2/0x1fa0
[  194.690662][T15592]  ? _parse_integer+0x27/0x30
[  194.695349][T15592]  ? kstrtoull+0x110/0x140
[  194.699751][T15592]  do_filp_open+0x107/0x230
[  194.704273][T15592]  do_sys_openat2+0xab/0x120
[  194.708847][T15592]  __x64_sys_creat+0x66/0x90
[  194.713484][T15592]  x64_sys_call+0x1084/0x2dc0
[  194.718154][T15592]  do_syscall_64+0xc9/0x1c0
[  194.722641][T15592]  ? clear_bhb_loop+0x55/0xb0
[  194.727310][T15592]  ? clear_bhb_loop+0x55/0xb0
[  194.731985][T15592]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.737934][T15592] RIP: 0033:0x7fdf205d0809
[  194.742355][T15592] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  194.762116][T15592] RSP: 002b:00007fdf1ec47058 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[  194.770525][T15592] RAX: ffffffffffffffda RBX: 00007fdf20795fa0 RCX: 00007fdf205d0809
[  194.778558][T15592] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 0000000020002200
[  194.786580][T15592] RBP: 00007fdf1ec470a0 R08: 0000000000000000 R09: 0000000000000000
[  194.794538][T15592] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  194.802519][T15592] R13: 0000000000000000 R14: 00007fdf20795fa0 R15: 00007ffd3de5d8d8
[  194.810506][T15592]  </TASK>
[  194.836956][T15601] loop1: detected capacity change from 0 to 512
[  194.845321][T15601] EXT4-fs: Ignoring removed orlov option
[  194.851746][T15601] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  194.862754][T15603] 
: renamed from bond0 (while UP)
[  194.864846][T15601] EXT4-fs (loop1): 1 orphan inode deleted
[  194.873782][T15601] EXT4-fs (loop1): 1 truncate cleaned up
[  194.882336][T13899] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.883852][T15601] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  194.921285][T14235] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.948324][T15614] loop4: detected capacity change from 0 to 512
[  194.948425][T15612] loop1: detected capacity change from 0 to 1024
[  194.963206][T15606] netlink: 'syz.0.3466': attribute type 1 has an invalid length.
[  194.964363][T15612] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  194.978023][T15606] 8021q: adding VLAN 0 to HW filter on device bond5
[  194.988235][T15614] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  195.002872][T15614] ext4 filesystem being mounted at /59/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  195.335430][T13899] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.353353][T15612] EXT4-fs: Cannot change quota options when quota turned on
[  195.486150][T15624] loop0: detected capacity change from 0 to 164
[  195.494002][T15624] iso9660: Unknown parameter ''
[  195.535795][T15624] loop0: detected capacity change from 0 to 512
[  195.545189][T15624] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[  195.592388][T15624] loop0: detected capacity change from 0 to 512
[  195.602034][T15624] EXT4-fs: Ignoring removed oldalloc option
[  195.610110][T15624] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  195.625959][T15624] EXT4-fs (loop0): 1 truncate cleaned up
[  195.633583][T13359] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.648423][T15624] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  195.769218][ T3417] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.799150][T14235] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.821316][T13130] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.833809][ T3417] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.878552][ T3417] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.938387][ T3417] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  196.055811][ T3417] bond0 (unregistering): Released all slaves
[  196.064983][ T3417] bond1 (unregistering): Released all slaves
[  196.141540][ T3417] veth1_macvtap: left promiscuous mode
[  196.147178][ T3417] veth0_macvtap: left promiscuous mode
[  196.152870][ T3417] veth1_vlan: left promiscuous mode
[  196.158189][ T3417] veth0_vlan: left promiscuous mode
[  196.555592][T15634] FAULT_INJECTION: forcing a failure.
[  196.555592][T15634] name failslab, interval 1, probability 0, space 0, times 0
[  196.568277][T15634] CPU: 0 UID: 0 PID: 15634 Comm: syz.3.3477 Tainted: G        W          6.12.0-syzkaller-10313-g7d4050728c83 #0
[  196.580253][T15634] Tainted: [W]=WARN
[  196.584053][T15634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  196.594109][T15634] Call Trace:
[  196.597383][T15634]  <TASK>
[  196.600308][T15634]  dump_stack_lvl+0xf2/0x150
[  196.604901][T15634]  dump_stack+0x15/0x20
[  196.609044][T15634]  should_fail_ex+0x223/0x230
[  196.613720][T15634]  ? audit_log_d_path+0x96/0x250
[  196.618711][T15634]  should_failslab+0x8f/0xb0
[  196.623393][T15634]  __kmalloc_cache_noprof+0x4e/0x320
[  196.628729][T15634]  audit_log_d_path+0x96/0x250
[  196.633490][T15634]  ? __rcu_read_unlock+0x4e/0x70
[  196.638420][T15634]  audit_log_d_path_exe+0x42/0x70
[  196.643451][T15634]  audit_log_task+0x192/0x1c0
[  196.648260][T15634]  audit_seccomp+0x68/0x130
[  196.652781][T15634]  __seccomp_filter+0x6fa/0x1180
[  196.657714][T15634]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  196.663354][T15634]  ? vfs_write+0x596/0x920
[  196.667831][T15634]  ? putname+0xcf/0xf0
[  196.671897][T15634]  __secure_computing+0x9f/0x1c0
[  196.676908][T15634]  syscall_trace_enter+0xd1/0x1f0
[  196.681926][T15634]  ? fpregs_assert_state_consistent+0x83/0xa0
[  196.687997][T15634]  do_syscall_64+0xaa/0x1c0
[  196.692573][T15634]  ? clear_bhb_loop+0x55/0xb0
[  196.697240][T15634]  ? clear_bhb_loop+0x55/0xb0
[  196.701906][T15634]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.707840][T15634] RIP: 0033:0x7ffa805d0809
[  196.712281][T15634] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  196.731879][T15634] RSP: 002b:00007ffa7ec47058 EFLAGS: 00000246 ORIG_RAX: 0000000000000076
[  196.740375][T15634] RAX: ffffffffffffffda RBX: 00007ffa80795fa0 RCX: 00007ffa805d0809
[  196.748338][T15634] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  196.756298][T15634] RBP: 00007ffa7ec470a0 R08: 0000000000000000 R09: 0000000000000000
[  196.764314][T15634] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  196.772276][T15634] R13: 0000000000000000 R14: 00007ffa80795fa0 R15: 00007ffd8850e4a8
[  196.780262][T15634]  </TASK>
[  196.786001][T15642] loop1: detected capacity change from 0 to 128
[  196.828735][T15648] loop1: detected capacity change from 0 to 512
[  196.838106][T15648] EXT4-fs: Ignoring removed orlov option
[  196.852061][T15641] netlink: 100 bytes leftover after parsing attributes in process `syz.4.3472'.
[  196.870809][T15641] ALSA: seq fatal error: cannot create timer (-19)
[  196.877982][T15648] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  196.888562][T15641] x_tables: ip_tables: udp match: only valid for protocol 17
[  196.904442][T15640] lo speed is unknown, defaulting to 1000
[  196.912523][T15648] EXT4-fs (loop1): 1 orphan inode deleted
[  196.918417][T15648] EXT4-fs (loop1): 1 truncate cleaned up
[  196.924489][T15648] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  196.935182][T15640] lo speed is unknown, defaulting to 1000
[  196.983064][T14235] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.996856][T15665] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  197.019946][T15640] chnl_net:caif_netlink_parms(): no params data found
[  197.043399][T15675] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3490'.
[  197.060415][T15665] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.052186][T15665] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.065005][T15640] bridge0: port 1(bridge_slave_0) entered blocking state
[  198.072210][T15640] bridge0: port 1(bridge_slave_0) entered disabled state
[  198.082100][T15640] bridge_slave_0: entered allmulticast mode
[  198.088631][T15640] bridge_slave_0: entered promiscuous mode
[  198.098688][T15640] bridge0: port 2(bridge_slave_1) entered blocking state
[  198.105950][T15640] bridge0: port 2(bridge_slave_1) entered disabled state
[  198.113902][T15640] bridge_slave_1: entered allmulticast mode
[  198.122187][T15640] bridge_slave_1: entered promiscuous mode
[  198.129521][T15665] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.159240][T15640] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  198.169977][T15640] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  198.199185][T15665] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  198.208820][T15640] team0: Port device team_slave_0 added
[  198.218927][T15665] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  198.230678][T15640] team0: Port device team_slave_1 added
[  198.246687][T15665] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  198.265406][T15665] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  198.275300][T15640] batman_adv: batadv0: Adding interface: batadv_slave_0
[  198.282349][T15640] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  198.308318][T15640] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  198.335585][T15640] batman_adv: batadv0: Adding interface: batadv_slave_1
[  198.342715][T15640] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  198.368774][T15640] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  198.408531][T15640] hsr_slave_0: entered promiscuous mode
[  198.416263][T15640] hsr_slave_1: entered promiscuous mode
[  198.546315][T15698] vhci_hcd: invalid port number 13
[  198.551553][T15698] vhci_hcd: default hub control req: 0014 v0000 i000d l0
[  198.573442][T15700] loop1: detected capacity change from 0 to 1024
[  198.589995][   T29] kauditd_printk_skb: 663 callbacks suppressed
[  198.590007][   T29] audit: type=1326 audit(1732760944.489:26525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15699 comm="syz.1.3495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ffb3d0809 code=0x7ffc0000
[  198.619032][T15640] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  198.619908][   T29] audit: type=1326 audit(1732760944.489:26526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15699 comm="syz.1.3495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ffb3d0809 code=0x7ffc0000
[  198.650192][   T29] audit: type=1326 audit(1732760944.489:26527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15699 comm="syz.1.3495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=208 compat=0 ip=0x7f2ffb3d0809 code=0x7ffc0000
[  198.673878][   T29] audit: type=1326 audit(1732760944.489:26528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15699 comm="syz.1.3495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ffb3d0809 code=0x7ffc0000
[  198.697519][   T29] audit: type=1326 audit(1732760944.489:26529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15699 comm="syz.1.3495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ffb3d0809 code=0x7ffc0000
[  198.721267][   T29] audit: type=1326 audit(1732760944.489:26530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15699 comm="syz.1.3495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f2ffb3d0809 code=0x7ffc0000
[  198.726437][T15700] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  198.744925][   T29] audit: type=1326 audit(1732760944.489:26531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15699 comm="syz.1.3495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f2ffb3d0843 code=0x7ffc0000
[  198.744973][   T29] audit: type=1326 audit(1732760944.489:26532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15699 comm="syz.1.3495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f2ffb3cf2bf code=0x7ffc0000
[  198.800819][T15700] EXT4-fs: Cannot change quota options when quota turned on
[  198.804180][   T29] audit: type=1326 audit(1732760944.489:26533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15699 comm="syz.1.3495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f2ffb3d0897 code=0x7ffc0000
[  198.804205][   T29] audit: type=1326 audit(1732760944.489:26534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15699 comm="syz.1.3495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2ffb3cf170 code=0x7ffc0000
[  198.814754][T15702] loop3: detected capacity change from 0 to 512
[  198.848190][T15640] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  198.870595][T15702] EXT4-fs: Ignoring removed orlov option
[  198.877862][T15702] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  198.887888][T15705] netdevsim netdevsim4 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  198.890177][T15702] EXT4-fs (loop3): 1 orphan inode deleted
[  198.896334][T15705] netdevsim netdevsim4 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  198.902061][T15702] EXT4-fs (loop3): 1 truncate cleaned up
[  198.910425][T15705] netdevsim netdevsim4 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  198.917111][T15702] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  198.924429][T15705] netdevsim netdevsim4 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  198.946849][T15705] geneve2: left promiscuous mode
[  198.951879][T15705] geneve2: left allmulticast mode
[  198.957967][T13240] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.966981][T15640] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  198.977888][T15640] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  199.025769][T15640] 8021q: adding VLAN 0 to HW filter on device bond0
[  199.039933][T15640] 8021q: adding VLAN 0 to HW filter on device team0
[  199.051229][ T3417] bridge0: port 1(bridge_slave_0) entered blocking state
[  199.058385][ T3417] bridge0: port 1(bridge_slave_0) entered forwarding state
[  199.079823][T15640] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  199.090356][T15640] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  199.186104][T15713] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  199.195056][T15713] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  199.204063][T15713] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  199.212960][T15713] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  199.222584][T15713] geneve2: left promiscuous mode
[  199.227642][T15713] geneve2: left allmulticast mode
[  199.250183][ T3417] bridge0: port 2(bridge_slave_1) entered blocking state
[  199.257272][ T3417] bridge0: port 2(bridge_slave_1) entered forwarding state
[  199.299983][T15715] loop4: detected capacity change from 0 to 512
[  199.310952][T15715] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  199.331792][T15715] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  199.344544][T15715] ext4 filesystem being mounted at /66/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  199.373529][T15640] 8021q: adding VLAN 0 to HW filter on device batadv0
[  199.425941][T14235] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.471727][T15737] loop1: detected capacity change from 0 to 512
[  199.496430][T15737] EXT4-fs (loop1): orphan cleanup on readonly fs
[  199.503475][T15737] EXT4-fs warning (device loop1): ext4_enable_quotas:7156: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  199.520536][T15737] EXT4-fs (loop1): Cannot turn on quotas: error -22
[  199.530349][T15737] EXT4-fs error (device loop1): ext4_ext_check_inode:524: inode #13: comm syz.1.3502: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  199.548995][T15737] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.3502: couldn't read orphan inode 13 (err -117)
[  199.576247][T15737] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  199.597648][T15640] veth0_vlan: entered promiscuous mode
[  199.623120][T15640] veth1_vlan: entered promiscuous mode
[  199.641473][T15737] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[  199.652791][T15640] veth0_macvtap: entered promiscuous mode
[  199.663013][T15640] veth1_macvtap: entered promiscuous mode
[  199.669757][T15737] EXT4-fs warning (device loop1): read_mmp_block:115: Error -117 while reading MMP block 2
[  199.689188][T15640] batman_adv: batadv0: Interface activated: batadv_slave_0
[  199.701758][T15640] batman_adv: batadv0: Interface activated: batadv_slave_1
[  199.713281][T15640] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  199.722065][T15640] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  199.730916][T15640] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  199.739740][T15640] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  199.940113][T13899] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.983637][T15761] loop4: detected capacity change from 0 to 512
[  199.992014][T15761] EXT4-fs: Ignoring removed orlov option
[  199.998651][T15761] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  200.440211][T15761] EXT4-fs (loop4): 1 orphan inode deleted
[  200.446090][T15761] EXT4-fs (loop4): 1 truncate cleaned up
[  200.470672][T15761] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  200.526291][T14235] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.542198][T15768] vhci_hcd: invalid port number 13
[  200.547552][T15768] vhci_hcd: default hub control req: 0014 v0000 i000d l0
[  200.574123][T13899] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.640284][T15770] loop3: detected capacity change from 0 to 1024
[  200.658752][T15770] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  200.700084][T15770] EXT4-fs: Cannot change quota options when quota turned on
[  200.755802][T15777] FAULT_INJECTION: forcing a failure.
[  200.755802][T15777] name failslab, interval 1, probability 0, space 0, times 0
[  200.768631][T15777] CPU: 1 UID: 0 PID: 15777 Comm: syz.0.3514 Tainted: G        W          6.12.0-syzkaller-10313-g7d4050728c83 #0
[  200.780527][T15777] Tainted: [W]=WARN
[  200.784407][T15777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  200.794535][T15777] Call Trace:
[  200.797813][T15777]  <TASK>
[  200.800833][T15777]  dump_stack_lvl+0xf2/0x150
[  200.805431][T15777]  dump_stack+0x15/0x20
[  200.809622][T15777]  should_fail_ex+0x223/0x230
[  200.814362][T15777]  should_failslab+0x8f/0xb0
[  200.819040][T15777]  kmem_cache_alloc_node_noprof+0x59/0x320
[  200.824849][T15777]  ? __alloc_skb+0x10b/0x310
[  200.829435][T15777]  __alloc_skb+0x10b/0x310
[  200.833852][T15777]  netlink_alloc_large_skb+0xad/0xe0
[  200.839227][T15777]  netlink_sendmsg+0x3b4/0x6e0
[  200.843994][T15777]  ? __pfx_netlink_sendmsg+0x10/0x10
[  200.849314][T15777]  __sock_sendmsg+0x140/0x180
[  200.853995][T15777]  ____sys_sendmsg+0x312/0x410
[  200.858780][T15777]  __sys_sendmsg+0x19d/0x230
[  200.863373][T15777]  __x64_sys_sendmsg+0x46/0x50
[  200.868233][T15777]  x64_sys_call+0x2734/0x2dc0
[  200.872950][T15777]  do_syscall_64+0xc9/0x1c0
[  200.877458][T15777]  ? clear_bhb_loop+0x55/0xb0
[  200.882148][T15777]  ? clear_bhb_loop+0x55/0xb0
[  200.886849][T15777]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  200.892745][T15777] RIP: 0033:0x7fdf205d0809
[  200.897156][T15777] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  200.916801][T15777] RSP: 002b:00007fdf1ec47058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  200.925252][T15777] RAX: ffffffffffffffda RBX: 00007fdf20795fa0 RCX: 00007fdf205d0809
[  200.933218][T15777] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003
[  200.941221][T15777] RBP: 00007fdf1ec470a0 R08: 0000000000000000 R09: 0000000000000000
[  200.949233][T15777] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  200.957270][T15777] R13: 0000000000000000 R14: 00007fdf20795fa0 R15: 00007ffd3de5d8d8
[  200.965249][T15777]  </TASK>
[  201.066885][T15788] hub 9-0:1.0: USB hub found
[  201.090447][T15791] loop1: detected capacity change from 0 to 256
[  201.112627][T15788] hub 9-0:1.0: 8 ports detected
[  201.225164][T15799] x_tables: duplicate underflow at hook 3
[  201.234196][T15802] FAULT_INJECTION: forcing a failure.
[  201.234196][T15802] name failslab, interval 1, probability 0, space 0, times 0
[  201.246993][T15802] CPU: 0 UID: 0 PID: 15802 Comm: syz.0.3521 Tainted: G        W          6.12.0-syzkaller-10313-g7d4050728c83 #0
[  201.258993][T15802] Tainted: [W]=WARN
[  201.262787][T15802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  201.272924][T15802] Call Trace:
[  201.276200][T15802]  <TASK>
[  201.279138][T15802]  dump_stack_lvl+0xf2/0x150
[  201.283874][T15802]  dump_stack+0x15/0x20
[  201.288097][T15802]  should_fail_ex+0x223/0x230
[  201.292796][T15802]  should_failslab+0x8f/0xb0
[  201.297387][T15802]  kmem_cache_alloc_noprof+0x52/0x320
[  201.302829][T15802]  ? vm_area_alloc+0xac/0x130
[  201.307506][T15802]  vm_area_alloc+0xac/0x130
[  201.312083][T15802]  alloc_bprm+0x25d/0x5d0
[  201.316439][T15802]  do_execveat_common+0x134/0x800
[  201.321464][T15802]  ? getname_flags+0x15a/0x3b0
[  201.326235][T15802]  __x64_sys_execveat+0x75/0x90
[  201.331088][T15802]  x64_sys_call+0x291e/0x2dc0
[  201.335877][T15802]  do_syscall_64+0xc9/0x1c0
[  201.340383][T15802]  ? clear_bhb_loop+0x55/0xb0
[  201.345098][T15802]  ? clear_bhb_loop+0x55/0xb0
[  201.349789][T15802]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  201.355733][T15802] RIP: 0033:0x7fdf205d0809
[  201.360144][T15802] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  201.379751][T15802] RSP: 002b:00007fdf1ec47058 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[  201.388224][T15802] RAX: ffffffffffffffda RBX: 00007fdf20795fa0 RCX: 00007fdf205d0809
[  201.396215][T15802] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005
[  201.404193][T15802] RBP: 00007fdf1ec470a0 R08: 0000000000001000 R09: 0000000000000000
[  201.412173][T15802] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  201.420201][T15802] R13: 0000000000000000 R14: 00007fdf20795fa0 R15: 00007ffd3de5d8d8
[  201.428189][T15802]  </TASK>
[  201.463325][T15799] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3520'.
[  201.528802][T13240] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.646484][T15821] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.669807][T15829] loop0: detected capacity change from 0 to 256
[  201.724493][T15840] loop0: detected capacity change from 0 to 512
[  201.814228][T15840] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  201.828081][T15840] ext4 filesystem being mounted at /139/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  201.902597][T13130] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  202.162559][T15871] loop0: detected capacity change from 0 to 256
[  202.516663][T15933] loop3: detected capacity change from 0 to 1024
[  202.526115][T15933] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  202.536377][T15937] loop1: detected capacity change from 0 to 512
[  202.549530][T15937] EXT4-fs (loop1): orphan cleanup on readonly fs
[  202.553328][T15933] EXT4-fs: Cannot change quota options when quota turned on
[  202.556187][T15937] EXT4-fs warning (device loop1): ext4_enable_quotas:7156: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  202.580468][T15937] EXT4-fs (loop1): Cannot turn on quotas: error -22
[  202.589062][T15937] EXT4-fs error (device loop1): ext4_ext_check_inode:524: inode #13: comm syz.1.3534: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  202.609498][T15937] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.3534: couldn't read orphan inode 13 (err -117)
[  202.622508][T15937] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  202.650644][T15937] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[  202.660681][T15937] EXT4-fs warning (device loop1): read_mmp_block:115: Error -117 while reading MMP block 2
[  203.347798][T13240] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  203.394924][T14235] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  203.531866][T16011] loop3: detected capacity change from 0 to 256
[  203.724223][T16023] tipc: Started in network mode
[  203.729277][T16023] tipc: Node identity aaaaaaaaaa34, cluster identity 4711
[  203.736544][T16023] tipc: Enabled bearer <eth:macvlan0>, priority 10
[  204.396429][T16043] netlink: 'syz.1.3557': attribute type 1 has an invalid length.
[  204.409514][T16043] 8021q: adding VLAN 0 to HW filter on device bond3
[  204.599319][   T29] kauditd_printk_skb: 824 callbacks suppressed
[  204.599334][   T29] audit: type=1326 audit(1732760950.519:27359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16054 comm="syz.3.3562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa805d0809 code=0x7ffc0000
[  204.604247][T16055] hub 9-0:1.0: USB hub found
[  204.605570][   T29] audit: type=1326 audit(1732760950.519:27360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16054 comm="syz.3.3562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7ffa805cf2bf code=0x7ffc0000
[  204.631375][T16055] hub 9-0:1.0: 8 ports detected
[  204.633696][   T29] audit: type=1326 audit(1732760950.519:27361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16054 comm="syz.3.3562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa805d0809 code=0x7ffc0000
[  204.685920][   T29] audit: type=1326 audit(1732760950.519:27362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16054 comm="syz.3.3562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ffa805d0809 code=0x7ffc0000
[  204.709685][   T29] audit: type=1326 audit(1732760950.519:27363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16054 comm="syz.3.3562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa805d0809 code=0x7ffc0000
[  204.733491][   T29] audit: type=1326 audit(1732760950.519:27364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16054 comm="syz.3.3562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ffa805d2727 code=0x7ffc0000
[  204.757114][   T29] audit: type=1326 audit(1732760950.519:27365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16054 comm="syz.3.3562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7ffa805d269c code=0x7ffc0000
[  204.781110][   T29] audit: type=1326 audit(1732760950.519:27366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16054 comm="syz.3.3562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7ffa805d25d4 code=0x7ffc0000
[  204.804907][   T29] audit: type=1326 audit(1732760950.519:27367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16054 comm="syz.3.3562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7ffa805d25d4 code=0x7ffc0000
[  204.828403][   T29] audit: type=1326 audit(1732760950.519:27368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16054 comm="syz.3.3562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7ffa805cf46a code=0x7ffc0000
[  204.851946][ T3395] tipc: Node number set to 10398378
[  205.110447][T16116] macvtap0: entered promiscuous mode
[  205.116524][T16116] macvtap0: left promiscuous mode
[  205.215775][T16136] hub 9-0:1.0: USB hub found
[  205.220812][T16136] hub 9-0:1.0: 8 ports detected
[  205.227284][T16142] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4)
[  205.233813][T16142] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  205.241286][T16142] vhci_hcd vhci_hcd.0: Device attached
[  205.260450][T16143] usbip_core: unknown command
[  205.265158][T16143] vhci_hcd: unknown pdu 751233417
[  205.270224][T16143] usbip_core: unknown command
[  205.280511][   T11] vhci_hcd: stop threads
[  205.284793][   T11] vhci_hcd: release socket
[  205.289435][   T11] vhci_hcd: disconnect device
[  205.509619][T15821] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.559714][T15821] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.609881][T15821] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.677897][T15821] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  205.702660][T15821] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  205.734724][T15821] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  205.762519][T15821] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  205.883215][T16235] loop0: detected capacity change from 0 to 256
[  206.003623][T16263] vhci_hcd: invalid port number 13
[  206.008839][T16263] vhci_hcd: default hub control req: 0014 v0000 i000d l0
[  206.389336][T16275] x_tables: duplicate underflow at hook 3
[  206.405297][T16276] hub 9-0:1.0: USB hub found
[  206.418023][T16276] hub 9-0:1.0: 8 ports detected
[  206.476762][T16275] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3589'.
[  206.622394][T16293] loop4: detected capacity change from 0 to 512
[  206.649130][T16293] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  206.663546][T16293] ext4 filesystem being mounted at /88/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  206.714415][T13899] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  207.019663][T16323] loop3: detected capacity change from 0 to 512
[  207.039829][T16323] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  207.053891][T16323] ext4 filesystem being mounted at /181/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  207.118380][T16329] loop1: detected capacity change from 0 to 128
[  207.131534][T16329] dvmrp0: entered allmulticast mode
[  207.154777][T16329] dvmrp0: left allmulticast mode
[  207.284528][T16336] lo speed is unknown, defaulting to 1000
[  207.318160][T16336] lo speed is unknown, defaulting to 1000
[  207.654338][T16346] bridge0: port 2(bridge_slave_1) entered disabled state
[  207.661531][T16346] bridge0: port 1(bridge_slave_0) entered disabled state
[  207.704591][T16346] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  207.706830][T16352] loop3: detected capacity change from 0 to 512
[  207.721029][T16346] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  207.729977][T16352] ext4 filesystem being mounted at /185/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  207.755269][T16346] netdevsim netdevsim5 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  207.763759][T16346] netdevsim netdevsim5 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  207.772210][T16346] netdevsim netdevsim5 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  207.780570][T16346] netdevsim netdevsim5 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  207.818439][T16356] lo speed is unknown, defaulting to 1000
[  207.844988][T16356] lo speed is unknown, defaulting to 1000
[  208.910968][T16386] loop3: detected capacity change from 0 to 512
[  208.919788][T16386] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  208.927159][T16383] netlink: 'syz.4.3633': attribute type 1 has an invalid length.
[  208.931148][T16386] EXT4-fs (loop3): 1 truncate cleaned up
[  208.948387][T16383] 8021q: adding VLAN 0 to HW filter on device bond1
[  208.982298][T16386] EXT4-fs error (device loop3): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz.3.3634: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  209.075827][T16407] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3641'.
[  209.088875][T16406] loop4: detected capacity change from 0 to 1024
[  209.114406][T16406] EXT4-fs: Cannot change quota options when quota turned on
[  209.142333][T16416] 9pnet: Could not find request transport: r
[  209.182326][T16421] hub 9-0:1.0: USB hub found
[  209.193325][T16421] hub 9-0:1.0: 8 ports detected
[  209.237099][T16436] FAULT_INJECTION: forcing a failure.
[  209.237099][T16436] name failslab, interval 1, probability 0, space 0, times 0
[  209.249831][T16436] CPU: 0 UID: 0 PID: 16436 Comm: syz.0.3655 Tainted: G        W          6.12.0-syzkaller-10313-g7d4050728c83 #0
[  209.261760][T16436] Tainted: [W]=WARN
[  209.265560][T16436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  209.275618][T16436] Call Trace:
[  209.279044][T16436]  <TASK>
[  209.281971][T16436]  dump_stack_lvl+0xf2/0x150
[  209.286557][T16436]  dump_stack+0x15/0x20
[  209.290702][T16436]  should_fail_ex+0x223/0x230
[  209.295379][T16436]  should_failslab+0x8f/0xb0
[  209.299959][T16436]  __kmalloc_cache_node_noprof+0x56/0x320
[  209.305684][T16436]  ? page_pool_create_percpu+0x4d/0x650
[  209.311364][T16436]  page_pool_create_percpu+0x4d/0x650
[  209.316803][T16436]  page_pool_create+0x1a/0x20
[  209.321485][T16436]  bpf_test_run_xdp_live+0x138/0x1040
[  209.327314][T16436]  ? __pfx_autoremove_wake_function+0x10/0x10
[  209.333403][T16436]  ? 0xffffffffa0003a40
[  209.337546][T16436]  ? synchronize_rcu+0x46/0x320
[  209.342480][T16436]  ? 0xffffffffa0003a40
[  209.346620][T16436]  ? bpf_dispatcher_change_prog+0x747/0x840
[  209.352512][T16436]  ? 0xffffffffa0003a40
[  209.356697][T16436]  ? 0xffffffffa0000914
[  209.360870][T16436]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  209.366809][T16436]  bpf_prog_test_run_xdp+0x51d/0x8b0
[  209.372088][T16436]  ? __rcu_read_unlock+0x4e/0x70
[  209.377030][T16436]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  209.382882][T16436]  bpf_prog_test_run+0x20f/0x3a0
[  209.387819][T16436]  __sys_bpf+0x400/0x7a0
[  209.392061][T16436]  __x64_sys_bpf+0x43/0x50
[  209.396473][T16436]  x64_sys_call+0x2914/0x2dc0
[  209.401149][T16436]  do_syscall_64+0xc9/0x1c0
[  209.405645][T16436]  ? clear_bhb_loop+0x55/0xb0
[  209.410317][T16436]  ? clear_bhb_loop+0x55/0xb0
[  209.414992][T16436]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.421007][T16436] RIP: 0033:0x7fdf205d0809
[  209.425410][T16436] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  209.445010][T16436] RSP: 002b:00007fdf1ec47058 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  209.453415][T16436] RAX: ffffffffffffffda RBX: 00007fdf20795fa0 RCX: 00007fdf205d0809
[  209.461397][T16436] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  209.469360][T16436] RBP: 00007fdf1ec470a0 R08: 0000000000000000 R09: 0000000000000000
[  209.477328][T16436] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  209.485351][T16436] R13: 0000000000000000 R14: 00007fdf20795fa0 R15: 00007ffd3de5d8d8
[  209.493327][T16436]  </TASK>
[  209.499755][T16430] netlink: 'syz.3.3651': attribute type 1 has an invalid length.
[  209.515916][T16430] 8021q: adding VLAN 0 to HW filter on device bond0
[  210.290805][   T29] kauditd_printk_skb: 594 callbacks suppressed
[  210.290820][   T29] audit: type=1326 audit(1732760956.209:27963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16460 comm="syz.4.3664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e911e0809 code=0x7ffc0000
[  210.335180][   T29] audit: type=1326 audit(1732760956.249:27964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16460 comm="syz.4.3664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6e911e0809 code=0x7ffc0000
[  210.358878][   T29] audit: type=1326 audit(1732760956.249:27965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16460 comm="syz.4.3664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e911e0809 code=0x7ffc0000
[  210.382550][   T29] audit: type=1326 audit(1732760956.249:27966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16460 comm="syz.4.3664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6e911e0809 code=0x7ffc0000
[  210.406264][   T29] audit: type=1326 audit(1732760956.249:27967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16460 comm="syz.4.3664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e911e0809 code=0x7ffc0000
[  210.429905][   T29] audit: type=1326 audit(1732760956.249:27968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16460 comm="syz.4.3664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=33 compat=0 ip=0x7f6e911e0809 code=0x7ffc0000
[  210.453404][   T29] audit: type=1326 audit(1732760956.249:27969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16460 comm="syz.4.3664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e911e0809 code=0x7ffc0000
[  210.477025][   T29] audit: type=1326 audit(1732760956.249:27970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16460 comm="syz.4.3664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=244 compat=0 ip=0x7f6e911e0809 code=0x7ffc0000
[  210.500605][   T29] audit: type=1326 audit(1732760956.249:27971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16460 comm="syz.4.3664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e911e0809 code=0x7ffc0000
[  210.546248][T16470] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  210.558430][T16470] netlink: 20 bytes leftover after parsing attributes in process `+}[@'.
[  210.590769][T16474] syz.1.3668: attempt to access beyond end of device
[  210.590769][T16474] md34: rw=2048, sector=0, nr_sectors = 8 limit=0
[  210.619896][   T29] audit: type=1326 audit(1732760956.539:27972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16475 comm="syz.1.3671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ffb3d0809 code=0x7ffc0000
[  210.649662][T16477] loop1: detected capacity change from 0 to 1024
[  210.677838][T16477] EXT4-fs: Cannot change quota options when quota turned on
[  210.769066][T16489] lo speed is unknown, defaulting to 1000
[  210.814394][T16489] lo speed is unknown, defaulting to 1000
[  211.108549][T16493] netlink: 'syz.3.3670': attribute type 1 has an invalid length.
[  211.145300][T16493] 8021q: adding VLAN 0 to HW filter on device bond4
[  211.556293][T16519] FAULT_INJECTION: forcing a failure.
[  211.556293][T16519] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  211.569445][T16519] CPU: 1 UID: 0 PID: 16519 Comm: syz.3.3689 Tainted: G        W          6.12.0-syzkaller-10313-g7d4050728c83 #0
[  211.581406][T16519] Tainted: [W]=WARN
[  211.585200][T16519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  211.595300][T16519] Call Trace:
[  211.598570][T16519]  <TASK>
[  211.601535][T16519]  dump_stack_lvl+0xf2/0x150
[  211.606120][T16519]  dump_stack+0x15/0x20
[  211.610267][T16519]  should_fail_ex+0x223/0x230
[  211.614946][T16519]  should_fail+0xb/0x10
[  211.619097][T16519]  should_fail_usercopy+0x1a/0x20
[  211.624119][T16519]  copy_fpstate_to_sigframe+0x5db/0x780
[  211.629772][T16519]  ? copy_fpstate_to_sigframe+0xe7/0x780
[  211.635541][T16519]  ? dequeue_signal+0x332/0x370
[  211.640389][T16519]  ? fpu__alloc_mathframe+0x95/0xd0
[  211.645660][T16519]  get_sigframe+0x2f3/0x430
[  211.650182][T16519]  x64_setup_rt_frame+0xad/0x590
[  211.655112][T16519]  arch_do_signal_or_restart+0x287/0x4b0
[  211.660829][T16519]  syscall_exit_to_user_mode+0x62/0x120
[  211.666382][T16519]  do_syscall_64+0xd6/0x1c0
[  211.670904][T16519]  ? clear_bhb_loop+0x55/0xb0
[  211.675571][T16519]  ? clear_bhb_loop+0x55/0xb0
[  211.680237][T16519]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  211.686180][T16519] RIP: 0033:0x7ffa805cf2bf
[  211.690584][T16519] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 8e 02 00 48
[  211.710189][T16519] RSP: 002b:00007ffa7ec47050 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  211.718594][T16519] RAX: 0000000000000001 RBX: 0000000000000005 RCX: 00007ffa805cf2bf
[  211.726649][T16519] RDX: 0000000000000001 RSI: 00007ffa7ec470a0 RDI: 0000000000000005
[  211.734608][T16519] RBP: 00007ffa7ec470a0 R08: 0000000000000000 R09: 00007ffa7ec46e17
[  211.742577][T16519] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  211.750541][T16519] R13: 0000000000000000 R14: 00007ffa80795fa0 R15: 00007ffd8850e4a8
[  211.758559][T16519]  </TASK>
[  211.826052][T16532] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3693'.
[  211.855239][T16534] loop0: detected capacity change from 0 to 1024
[  211.879924][T16534] EXT4-fs: Cannot change quota options when quota turned on
[  211.936462][T16550] FAULT_INJECTION: forcing a failure.
[  211.936462][T16550] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  211.949634][T16550] CPU: 0 UID: 0 PID: 16550 Comm: syz.3.3703 Tainted: G        W          6.12.0-syzkaller-10313-g7d4050728c83 #0
[  211.961553][T16550] Tainted: [W]=WARN
[  211.965480][T16550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  211.975567][T16550] Call Trace:
[  211.978833][T16550]  <TASK>
[  211.981802][T16550]  dump_stack_lvl+0xf2/0x150
[  211.986383][T16550]  dump_stack+0x15/0x20
[  211.990528][T16550]  should_fail_ex+0x223/0x230
[  211.995214][T16550]  should_fail+0xb/0x10
[  211.999369][T16550]  should_fail_usercopy+0x1a/0x20
[  212.004442][T16550]  _copy_to_user+0x20/0xa0
[  212.008895][T16550]  simple_read_from_buffer+0xa0/0x110
[  212.014277][T16550]  proc_fail_nth_read+0xf9/0x140
[  212.019304][T16550]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  212.024864][T16550]  vfs_read+0x1a2/0x700
[  212.029145][T16550]  ? __rcu_read_unlock+0x4e/0x70
[  212.034075][T16550]  ? __fget_files+0x17c/0x1c0
[  212.038799][T16550]  ksys_read+0xe8/0x1b0
[  212.043007][T16550]  __x64_sys_read+0x42/0x50
[  212.047508][T16550]  x64_sys_call+0x2874/0x2dc0
[  212.052237][T16550]  do_syscall_64+0xc9/0x1c0
[  212.056733][T16550]  ? clear_bhb_loop+0x55/0xb0
[  212.061400][T16550]  ? clear_bhb_loop+0x55/0xb0
[  212.066142][T16550]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  212.072042][T16550] RIP: 0033:0x7ffa805cf21c
[  212.076448][T16550] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 8e 02 00 48
[  212.096058][T16550] RSP: 002b:00007ffa7ec47050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  212.104651][T16550] RAX: ffffffffffffffda RBX: 00007ffa80795fa0 RCX: 00007ffa805cf21c
[  212.112624][T16550] RDX: 000000000000000f RSI: 00007ffa7ec470b0 RDI: 0000000000000003
[  212.120598][T16550] RBP: 00007ffa7ec470a0 R08: 0000000000000000 R09: 0000000000000000
[  212.128586][T16550] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  212.136558][T16550] R13: 0000000000000000 R14: 00007ffa80795fa0 R15: 00007ffd8850e4a8
[  212.144652][T16550]  </TASK>
[  212.167504][T16554] loop3: detected capacity change from 0 to 512
[  212.178957][T16554] EXT4-fs warning (device loop3): ext4_enable_quotas:7156: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  212.194337][T16554] EXT4-fs (loop3): mount failed
[  212.373154][T16588] loop4: detected capacity change from 0 to 512
[  212.379933][T16588] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  212.391136][T16588] EXT4-fs (loop4): 1 truncate cleaned up
[  212.399134][T16588] 
@ÿ: renamed from veth0_vlan
[  212.484969][T16594] syz.3.3718: attempt to access beyond end of device
[  212.484969][T16594] md34: rw=2048, sector=0, nr_sectors = 8 limit=0
[  212.778457][T16621] loop0: detected capacity change from 0 to 128
[  212.852628][T16628] loop0: detected capacity change from 0 to 512
[  212.863451][T16625] FAULT_INJECTION: forcing a failure.
[  212.863451][T16625] name failslab, interval 1, probability 0, space 0, times 0
[  212.876106][T16625] CPU: 1 UID: 0 PID: 16625 Comm: syz.1.3730 Tainted: G        W          6.12.0-syzkaller-10313-g7d4050728c83 #0
[  212.888094][T16625] Tainted: [W]=WARN
[  212.891900][T16625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  212.901996][T16625] Call Trace:
[  212.905282][T16625]  <TASK>
[  212.908253][T16625]  dump_stack_lvl+0xf2/0x150
[  212.912896][T16625]  dump_stack+0x15/0x20
[  212.917072][T16625]  should_fail_ex+0x223/0x230
[  212.921834][T16625]  should_failslab+0x8f/0xb0
[  212.926451][T16625]  kmem_cache_alloc_noprof+0x52/0x320
[  212.931888][T16625]  ? audit_log_start+0x34c/0x6b0
[  212.936841][T16625]  audit_log_start+0x34c/0x6b0
[  212.941604][T16625]  audit_seccomp+0x4b/0x130
[  212.946107][T16625]  __seccomp_filter+0x6fa/0x1180
[  212.951072][T16625]  ? vfs_write+0x596/0x920
[  212.955510][T16625]  __secure_computing+0x9f/0x1c0
[  212.960454][T16625]  syscall_trace_enter+0xd1/0x1f0
[  212.965592][T16625]  ? fpregs_assert_state_consistent+0x83/0xa0
[  212.971663][T16625]  do_syscall_64+0xaa/0x1c0
[  212.976158][T16625]  ? clear_bhb_loop+0x55/0xb0
[  212.980826][T16625]  ? clear_bhb_loop+0x55/0xb0
[  212.985542][T16625]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  212.991502][T16625] RIP: 0033:0x7f2ffb3d0809
[  212.995909][T16625] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  213.015615][T16625] RSP: 002b:00007f2ff9a47058 EFLAGS: 00000246 ORIG_RAX: 000000000000004d
[  213.024030][T16625] RAX: ffffffffffffffda RBX: 00007f2ffb595fa0 RCX: 00007f2ffb3d0809
[  213.031995][T16625] RDX: 0000000000000000 RSI: 000000000000c17a RDI: 0000000000000005
[  213.039981][T16625] RBP: 00007f2ff9a470a0 R08: 0000000000000000 R09: 0000000000000000
[  213.047976][T16625] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  213.055967][T16625] R13: 0000000000000000 R14: 00007f2ffb595fa0 R15: 00007ffc0892f488
[  213.063955][T16625]  </TASK>
[  213.075890][T16628] ext4 filesystem being mounted at /171/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  213.094968][T16628] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  213.134204][T13130] EXT4-fs error (device loop0): ext4_readdir:261: inode #12: block 32: comm syz-executor: path /171/file0/file0/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  213.191356][T16642] loop1: detected capacity change from 0 to 1024
[  213.201765][T16642] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  213.225297][T16642] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  213.233958][T16642] EXT4-fs (loop1): orphan cleanup on readonly fs
[  213.245277][T16654] FAULT_INJECTION: forcing a failure.
[  213.245277][T16654] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  213.258401][T16654] CPU: 0 UID: 0 PID: 16654 Comm: syz.4.3742 Tainted: G        W          6.12.0-syzkaller-10313-g7d4050728c83 #0
[  213.270349][T16654] Tainted: [W]=WARN
[  213.274144][T16654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  213.284197][T16654] Call Trace:
[  213.287492][T16654]  <TASK>
[  213.290435][T16654]  dump_stack_lvl+0xf2/0x150
[  213.295064][T16654]  dump_stack+0x15/0x20
[  213.299221][T16654]  should_fail_ex+0x223/0x230
[  213.303960][T16654]  should_fail+0xb/0x10
[  213.308194][T16654]  should_fail_usercopy+0x1a/0x20
[  213.313295][T16654]  _copy_from_user+0x1e/0xb0
[  213.317890][T16654]  copy_msghdr_from_user+0x54/0x2a0
[  213.323105][T16654]  ? __fget_files+0x17c/0x1c0
[  213.327827][T16654]  __sys_sendmsg+0x13e/0x230
[  213.332522][T16654]  __x64_sys_sendmsg+0x46/0x50
[  213.337325][T16654]  x64_sys_call+0x2734/0x2dc0
[  213.342095][T16654]  do_syscall_64+0xc9/0x1c0
[  213.346613][T16654]  ? clear_bhb_loop+0x55/0xb0
[  213.351285][T16654]  ? clear_bhb_loop+0x55/0xb0
[  213.355956][T16654]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.361865][T16654] RIP: 0033:0x7f6e911e0809
[  213.366272][T16654] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  213.385895][T16654] RSP: 002b:00007f6e8f857058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  213.394374][T16654] RAX: ffffffffffffffda RBX: 00007f6e913a5fa0 RCX: 00007f6e911e0809
[  213.402340][T16654] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 000000000000000a
[  213.410303][T16654] RBP: 00007f6e8f8570a0 R08: 0000000000000000 R09: 0000000000000000
[  213.418272][T16654] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  213.426234][T16654] R13: 0000000000000000 R14: 00007f6e913a5fa0 R15: 00007fffff3caf48
[  213.434201][T16654]  </TASK>
[  213.440218][T16642] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5837: Corrupt filesystem
[  213.463916][T16642] EXT4-fs (loop1): Remounting filesystem read-only
[  213.471187][T16642] EXT4-fs (loop1): 1 orphan inode deleted
[  213.494678][T16642] SELinux: (dev loop1, type ext4) getxattr errno 5
[  213.561527][T16658] netlink: 'syz.3.3744': attribute type 1 has an invalid length.
[  213.615959][T16658] 8021q: adding VLAN 0 to HW filter on device bond5
[  213.675310][T16670] netlink: 'syz.4.3749': attribute type 39 has an invalid length.
[  213.806281][T16674] loop3: detected capacity change from 0 to 512
[  213.814627][T16674] EXT4-fs: Ignoring removed bh option
[  213.820687][T16674] EXT4-fs (loop3): bad geometry: first data block is 0 with a 1k block and cluster size
[  213.894295][T16676] hsr_slave_0: left promiscuous mode
[  213.945733][T16684] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 20001 - 0
[  213.954578][T16684] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 20001 - 0
[  213.963426][T16684] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 20001 - 0
[  213.972316][T16684] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 20001 - 0
[  214.032142][T16692] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3759'.
[  214.105713][T16700] loop3: detected capacity change from 0 to 128
[  214.309645][T16724] FAULT_INJECTION: forcing a failure.
[  214.309645][T16724] name failslab, interval 1, probability 0, space 0, times 0
[  214.322350][T16724] CPU: 1 UID: 0 PID: 16724 Comm: syz.4.3771 Tainted: G        W          6.12.0-syzkaller-10313-g7d4050728c83 #0
[  214.336365][T16731] usb usb4: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  214.336640][T16724] Tainted: [W]=WARN
[  214.347710][T16724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  214.357839][T16724] Call Trace:
[  214.361113][T16724]  <TASK>
[  214.364043][T16724]  dump_stack_lvl+0xf2/0x150
[  214.368638][T16724]  dump_stack+0x15/0x20
[  214.372829][T16724]  should_fail_ex+0x223/0x230
[  214.377653][T16724]  should_failslab+0x8f/0xb0
[  214.382251][T16724]  kmem_cache_alloc_noprof+0x52/0x320
[  214.387687][T16724]  ? audit_log_start+0x34c/0x6b0
[  214.392754][T16724]  audit_log_start+0x34c/0x6b0
[  214.397672][T16724]  audit_seccomp+0x4b/0x130
[  214.402228][T16724]  __seccomp_filter+0x6fa/0x1180
[  214.407235][T16724]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  214.412885][T16724]  ? vfs_write+0x596/0x920
[  214.417334][T16724]  __secure_computing+0x9f/0x1c0
[  214.422336][T16724]  syscall_trace_enter+0xd1/0x1f0
[  214.427368][T16724]  ? fpregs_assert_state_consistent+0x83/0xa0
[  214.433495][T16724]  do_syscall_64+0xaa/0x1c0
[  214.438003][T16724]  ? clear_bhb_loop+0x55/0xb0
[  214.442733][T16724]  ? clear_bhb_loop+0x55/0xb0
[  214.447407][T16724]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.453353][T16724] RIP: 0033:0x7f6e911e0809
[  214.457805][T16724] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  214.477474][T16724] RSP: 002b:00007f6e8f857058 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  214.485888][T16724] RAX: ffffffffffffffda RBX: 00007f6e913a5fa0 RCX: 00007f6e911e0809
[  214.493934][T16724] RDX: 0000000000000012 RSI: 0000000000000107 RDI: 0000000000000004
[  214.501903][T16724] RBP: 00007f6e8f8570a0 R08: 0000000000000004 R09: 0000000000000000
[  214.509868][T16724] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000001
[  214.517896][T16724] R13: 0000000000000000 R14: 00007f6e913a5fa0 R15: 00007fffff3caf48
[  214.525875][T16724]  </TASK>
[  214.618895][T16739] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3775'.
[  214.679681][T16745] loop4: detected capacity change from 0 to 256
[  215.225190][T16760] loop1: detected capacity change from 0 to 1024
[  215.273787][T16760] EXT4-fs: Cannot change quota options when quota turned on
[  215.303936][   T29] kauditd_printk_skb: 775 callbacks suppressed
[  215.303953][   T29] audit: type=1326 audit(1732760961.219:28739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16759 comm="syz.1.3781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f2ffb3c77a7 code=0x7ffc0000
[  215.333763][   T29] audit: type=1326 audit(1732760961.219:28740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16759 comm="syz.1.3781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2ffb36c149 code=0x7ffc0000
[  215.357442][   T29] audit: type=1326 audit(1732760961.219:28741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16759 comm="syz.1.3781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7f2ffb3d0809 code=0x7ffc0000
[  215.383232][   T29] audit: type=1326 audit(1732760961.299:28742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16759 comm="syz.1.3781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f2ffb3c77a7 code=0x7ffc0000
[  215.406884][   T29] audit: type=1326 audit(1732760961.299:28743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16759 comm="syz.1.3781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2ffb36c149 code=0x7ffc0000
[  215.430442][   T29] audit: type=1326 audit(1732760961.299:28744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16759 comm="syz.1.3781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7f2ffb3d0809 code=0x7ffc0000
[  215.454502][   T29] audit: type=1326 audit(1732760961.369:28745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16759 comm="syz.1.3781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f2ffb3c77a7 code=0x7ffc0000
[  215.478051][   T29] audit: type=1326 audit(1732760961.369:28746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16759 comm="syz.1.3781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2ffb36c149 code=0x7ffc0000
[  215.501574][   T29] audit: type=1326 audit(1732760961.369:28747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16759 comm="syz.1.3781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7f2ffb3d0809 code=0x7ffc0000
[  215.525347][   T29] audit: type=1326 audit(1732760961.419:28748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16759 comm="syz.1.3781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f2ffb3c77a7 code=0x7ffc0000
[  216.764016][T16924] hub 9-0:1.0: USB hub found
[  216.770241][T16924] hub 9-0:1.0: 8 ports detected
[  216.781878][T16924] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  216.790154][T16924] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  216.798425][T16924] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  216.806647][T16924] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  216.817670][T16924] geneve2: entered promiscuous mode
[  216.822884][T16924] geneve2: entered allmulticast mode
[  216.851078][T16928] loop5: detected capacity change from 0 to 128
[  216.859568][T16928] EXT4-fs mount: 18 callbacks suppressed
[  216.859582][T16928] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  216.881003][T16928] ext4 filesystem being mounted at /16/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  216.919197][T16928] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  216.934551][T16928] netlink: 20 bytes leftover after parsing attributes in process `+}[@'.
[  216.954491][T15640] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  217.614358][T16957] syz.3.3801: attempt to access beyond end of device
[  217.614358][T16957] md34: rw=2048, sector=0, nr_sectors = 8 limit=0
[  217.650917][T16959] hub 9-0:1.0: USB hub found
[  217.655612][T16959] hub 9-0:1.0: 8 ports detected
[  217.728530][T16963] loop4: detected capacity change from 0 to 128
[  217.830489][T16974] loop4: detected capacity change from 0 to 1024
[  217.840199][T16974] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  217.860264][T16974] EXT4-fs: Cannot change quota options when quota turned on
[  218.001979][T16988] hub 9-0:1.0: USB hub found
[  218.007071][T16988] hub 9-0:1.0: 8 ports detected
[  218.128547][T16998] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3818'.
[  218.198840][T17007] syz.1.3822[17007] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  218.198921][T17007] syz.1.3822[17007] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  218.210897][T17007] syz.1.3822[17007] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  218.211066][T17008] syz.1.3822[17008] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  218.236121][T17008] syz.1.3822[17008] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  218.249458][T17008] syz.1.3822[17008] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  218.389176][T17014] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3823'.
[  218.679433][T13899] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  218.703802][T17019] loop3: detected capacity change from 0 to 128
[  218.753826][T17025] loop4: detected capacity change from 0 to 764
[  218.936410][T17036] hub 9-0:1.0: USB hub found
[  218.950092][T17036] hub 9-0:1.0: 8 ports detected
[  218.967197][T17036] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3833'.
[  219.051463][T17038] hub 9-0:1.0: USB hub found
[  219.058971][T17038] hub 9-0:1.0: 8 ports detected
[  219.150490][T17042] hub 9-0:1.0: USB hub found
[  219.156343][T17042] hub 9-0:1.0: 8 ports detected
[  219.220003][T17046] loop4: detected capacity change from 0 to 512
[  219.335423][T17050] loop4: detected capacity change from 0 to 128
[  219.396770][T17052] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=17052 comm=syz.1.3841
[  219.434744][T17052] netlink: 'syz.1.3841': attribute type 1 has an invalid length.
[  219.477222][T17052] 8021q: adding VLAN 0 to HW filter on device bond4
[  219.504091][T17057] bond4: entered allmulticast mode
[  219.560404][T17060] hub 9-0:1.0: USB hub found
[  219.572526][T17062] loop1: detected capacity change from 0 to 512
[  219.583967][T17060] hub 9-0:1.0: 8 ports detected
[  219.596140][T17062] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  219.611091][T17060] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3844'.
[  219.634250][T17062] EXT4-fs (loop1): 1 truncate cleaned up
[  219.645162][T17062] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  219.722386][T17066] hub 9-0:1.0: USB hub found
[  219.748901][T17066] hub 9-0:1.0: 8 ports detected
[  219.811969][T17069] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  219.830707][T17029] syz.3.3830 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_NOWARN|__GFP_ZERO), order=0, oom_score_adj=1000
[  219.844937][T17029] CPU: 1 UID: 0 PID: 17029 Comm: syz.3.3830 Tainted: G        W          6.12.0-syzkaller-10313-g7d4050728c83 #0
[  219.856868][T17029] Tainted: [W]=WARN
[  219.860670][T17029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  219.870720][T17029] Call Trace:
[  219.874077][T17029]  <TASK>
[  219.877011][T17029]  dump_stack_lvl+0xf2/0x150
[  219.881695][T17029]  dump_stack+0x15/0x20
[  219.885881][T17029]  dump_header+0x83/0x2d0
[  219.890240][T17029]  oom_kill_process+0x341/0x4c0
[  219.895117][T17029]  out_of_memory+0x9af/0xbe0
[  219.899787][T17029]  ? css_next_descendant_pre+0x11c/0x140
[  219.905447][T17029]  mem_cgroup_out_of_memory+0x13e/0x190
[  219.911088][T17029]  try_charge_memcg+0x508/0x7f0
[  219.915966][T17029]  obj_cgroup_charge_pages+0xbd/0x1a0
[  219.921420][T17029]  __memcg_kmem_charge_page+0x9d/0x170
[  219.926979][T17029]  __alloc_pages_noprof+0x1bc/0x340
[  219.932187][T17029]  alloc_pages_mpol_noprof+0xb1/0x1e0
[  219.937645][T17029]  alloc_pages_noprof+0xe1/0x100
[  219.942601][T17029]  __vmalloc_node_range_noprof+0x6eb/0xe80
[  219.948418][T17029]  __kvmalloc_node_noprof+0x121/0x170
[  219.953792][T17029]  ? ip_set_alloc+0x1f/0x30
[  219.958383][T17029]  ip_set_alloc+0x1f/0x30
[  219.962759][T17029]  hash_netiface_create+0x273/0x730
[  219.967975][T17029]  ? __nla_parse+0x40/0x60
[  219.972432][T17029]  ? __pfx_hash_netiface_create+0x10/0x10
[  219.978162][T17029]  ip_set_create+0x359/0x8a0
[  219.982797][T17029]  ? strnstr+0x61/0x100
[  219.987065][T17029]  ? __nla_parse+0x40/0x60
[  219.991489][T17029]  nfnetlink_rcv_msg+0x4a9/0x570
[  219.996498][T17029]  netlink_rcv_skb+0x12c/0x230
[  220.001274][T17029]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  220.006770][T17029]  nfnetlink_rcv+0x16c/0x15d0
[  220.011523][T17029]  ? insn_get_modrm+0x321/0x350
[  220.016366][T17029]  ? ebitmap_get_bit+0x35/0xf0
[  220.021151][T17029]  ? constraint_expr_eval+0x913/0x9c0
[  220.026685][T17029]  ? avtab_search_node+0x49/0x290
[  220.031725][T17029]  ? put_dec_trunc8+0x10e/0x130
[  220.036641][T17029]  ? put_dec+0xcd/0xe0
[  220.040718][T17029]  ? number+0x98d/0xa90
[  220.044916][T17029]  ? number+0x98d/0xa90
[  220.049077][T17029]  ? cgroup_rstat_updated+0x9f/0x570
[  220.054405][T17029]  ? bpf_send_signal_common+0x2a5/0x2e0
[  220.059948][T17029]  ? should_fail_ex+0x31/0x230
[  220.064770][T17029]  ? selinux_nlmsg_lookup+0x119/0x8c0
[  220.070271][T17029]  ? __rcu_read_unlock+0x34/0x70
[  220.075396][T17029]  ? __netlink_lookup+0x253/0x290
[  220.080438][T17029]  netlink_unicast+0x599/0x670
[  220.085276][T17029]  netlink_sendmsg+0x5cc/0x6e0
[  220.090070][T17029]  ? __pfx_netlink_sendmsg+0x10/0x10
[  220.095441][T17029]  __sock_sendmsg+0x140/0x180
[  220.100132][T17029]  ____sys_sendmsg+0x312/0x410
[  220.104979][T17029]  __sys_sendmsg+0x19d/0x230
[  220.109584][T17029]  __x64_sys_sendmsg+0x46/0x50
[  220.114353][T17029]  x64_sys_call+0x2734/0x2dc0
[  220.119054][T17029]  do_syscall_64+0xc9/0x1c0
[  220.123629][T17029]  ? clear_bhb_loop+0x55/0xb0
[  220.128304][T17029]  ? clear_bhb_loop+0x55/0xb0
[  220.132989][T17029]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.138959][T17029] RIP: 0033:0x7ffa805d0809
[  220.143377][T17029] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  220.163080][T17029] RSP: 002b:00007ffa7ec47058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  220.171638][T17029] RAX: ffffffffffffffda RBX: 00007ffa80795fa0 RCX: 00007ffa805d0809
[  220.179616][T17029] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 000000000000000b
[  220.187589][T17029] RBP: 00007ffa8064393e R08: 0000000000000000 R09: 0000000000000000
[  220.195560][T17029] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  220.203526][T17029] R13: 0000000000000000 R14: 00007ffa80795fa0 R15: 00007ffd8850e4a8
[  220.211599][T17029]  </TASK>
[  220.214757][T17029] memory: usage 307200kB, limit 307200kB, failcnt 275
[  220.221596][T17029] memory+swap: usage 307404kB, limit 9007199254740988kB, failcnt 0
[  220.229535][T17029] kmem: usage 307192kB, limit 9007199254740988kB, failcnt 0
[  220.236888][T17029] Memory cgroup stats for /syz3:
[  220.242555][T17029] cache 0
[  220.250612][T17029] rss 4096
[  220.253673][T17029] shmem 0
[  220.256597][T17029] mapped_file 0
[  220.260095][T17029] dirty 0
[  220.263021][T17029] writeback 0
[  220.266301][T17029] workingset_refault_anon 58
[  220.270908][T17029] workingset_refault_file 71
[  220.275485][T17029] swap 208896
[  220.278819][T17029] swapcached 4096
[  220.282441][T17029] pgpgin 183513
[  220.285907][T17029] pgpgout 183511
[  220.289469][T17029] pgfault 250191
[  220.293102][T17029] pgmajfault 28
[  220.296556][T17029] inactive_anon 4096
[  220.300530][T17029] active_anon 0
[  220.303981][T17029] inactive_file 4096
[  220.307887][T17029] active_file 0
[  220.311405][T17029] unevictable 0
[  220.314853][T17029] hierarchical_memory_limit 314572800
[  220.320272][T17029] hierarchical_memsw_limit 9223372036854771712
[  220.326417][T17029] total_cache 0
[  220.329941][T17029] total_rss 4096
[  220.333490][T17029] total_shmem 0
[  220.336939][T17029] total_mapped_file 0
[  220.340941][T17029] total_dirty 0
[  220.344401][T17029] total_writeback 0
[  220.348234][T17029] total_workingset_refault_anon 58
[  220.353340][T17029] total_workingset_refault_file 71
[  220.358467][T17029] total_swap 208896
[  220.362259][T17029] total_swapcached 4096
[  220.366406][T17029] total_pgpgin 183513
[  220.370461][T17029] total_pgpgout 183511
[  220.374576][T17029] total_pgfault 250191
[  220.378703][T17029] total_pgmajfault 28
[  220.382675][T17029] total_inactive_anon 4096
[  220.387097][T17029] total_active_anon 0
[  220.391076][T17029] total_inactive_file 4096
[  220.395480][T17029] total_active_file 0
[  220.399536][T17029] total_unevictable 0
[  220.403542][T17029] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.3830,pid=17028,uid=0
[  220.418306][T17029] Memory cgroup out of memory: Killed process 17028 (syz.3.3830) total-vm:95328kB, anon-rss:616kB, file-rss:22464kB, shmem-rss:0kB, UID:0 pgtables:120kB oom_score_adj:1000
[  220.437118][T17029] ==================================================================
[  220.445213][T17029] BUG: KCSAN: data-race in mem_cgroup_flush_stats_ratelimited / tick_do_update_jiffies64
[  220.446278][   T29] kauditd_printk_skb: 1079 callbacks suppressed
[  220.446299][   T29] audit: type=1400 audit(1732760966.359:29828): avc:  denied  { unmount } for  pid=14235 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  220.455020][T17029] 
[  220.455030][T17029] read-write to 0xffffffff866089c0 of 8 bytes by interrupt on cpu 0:
[  220.455046][T17029]  tick_do_update_jiffies64+0x112/0x1b0
[  220.455072][T17029]  tick_nohz_handler+0x7c/0x2d0
[  220.455093][T17029]  __hrtimer_run_queues+0x20d/0x5e0
[  220.506986][T17029]  hrtimer_interrupt+0x235/0x4a0
[  220.511938][T17029]  __sysvec_apic_timer_interrupt+0x5c/0x1d0
[  220.518025][T17029]  sysvec_apic_timer_interrupt+0x6e/0x80
[  220.523669][T17029]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  220.529664][T17029]  __tsan_read8+0x42/0x180
[  220.534096][T17029]  _raw_spin_unlock+0x14/0x50
[  220.538777][T17029]  free_unref_folios+0x706/0x730
[  220.543736][T17029]  folios_put_refs+0x25e/0x2b0
[  220.548504][T17029]  free_pages_and_swap_cache+0x291/0x410
[  220.554146][T17029]  tlb_flush_mmu+0x2cf/0x440
[  220.558741][T17029]  unmap_page_range+0x1fc8/0x2380
[  220.563764][T17029]  unmap_single_vma+0x142/0x1d0
[  220.568618][T17029]  unmap_vmas+0x18d/0x2b0
[  220.572945][T17029]  exit_mmap+0x18a/0x680
[  220.577194][T17029]  __mmput+0x28/0x1d0
[  220.581182][T17029]  mmput+0x4c/0x60
[  220.584904][T17029]  exit_mm+0xe4/0x190
[  220.588901][T17029]  do_exit+0x55e/0x17f0
[  220.593066][T17029]  do_group_exit+0x102/0x150
[  220.597660][T17029]  get_signal+0xeb9/0x1000
[  220.602072][T17029]  arch_do_signal_or_restart+0x95/0x4b0
[  220.607625][T17029]  syscall_exit_to_user_mode+0x62/0x120
[  220.613177][T17029]  do_syscall_64+0xd6/0x1c0
[  220.617686][T17029]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.623596][T17029] 
[  220.625913][T17029] read to 0xffffffff866089c0 of 8 bytes by task 17029 on cpu 1:
[  220.633538][T17029]  mem_cgroup_flush_stats_ratelimited+0x29/0x70
[  220.639781][T17029]  count_shadow_nodes+0x6b/0x230
[  220.644737][T17029]  do_shrink_slab+0x5a/0x680
[  220.649332][T17029]  shrink_slab+0x4ea/0x850
[  220.653751][T17029]  shrink_node+0x63f/0x1d80
[  220.658251][T17029]  do_try_to_free_pages+0x3c6/0xc50
[  220.663453][T17029]  try_to_free_mem_cgroup_pages+0x1e3/0x490
[  220.669359][T17029]  try_charge_memcg+0x2bc/0x7f0
[  220.674248][T17029]  obj_cgroup_charge_pages+0xbd/0x1a0
[  220.679642][T17029]  __memcg_kmem_charge_page+0x9d/0x170
[  220.685122][T17029]  __alloc_pages_noprof+0x1bc/0x340
[  220.690327][T17029]  alloc_pages_mpol_noprof+0xb1/0x1e0
[  220.695706][T17029]  alloc_pages_noprof+0xe1/0x100
[  220.700663][T17029]  __vmalloc_node_range_noprof+0x6eb/0xe80
[  220.706481][T17029]  __kvmalloc_node_noprof+0x121/0x170
[  220.711855][T17029]  ip_set_alloc+0x1f/0x30
[  220.716194][T17029]  hash_netiface_create+0x273/0x730
[  220.721840][T17029]  ip_set_create+0x359/0x8a0
[  220.726437][T17029]  nfnetlink_rcv_msg+0x4a9/0x570
[  220.731381][T17029]  netlink_rcv_skb+0x12c/0x230
[  220.736148][T17029]  nfnetlink_rcv+0x16c/0x15d0
[  220.740835][T17029]  netlink_unicast+0x599/0x670
[  220.745597][T17029]  netlink_sendmsg+0x5cc/0x6e0
[  220.750363][T17029]  __sock_sendmsg+0x140/0x180
[  220.755078][T17029]  ____sys_sendmsg+0x312/0x410
[  220.759847][T17029]  __sys_sendmsg+0x19d/0x230
[  220.764441][T17029]  __x64_sys_sendmsg+0x46/0x50
[  220.769214][T17029]  x64_sys_call+0x2734/0x2dc0
[  220.773904][T17029]  do_syscall_64+0xc9/0x1c0
[  220.778405][T17029]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.784305][T17029] 
[  220.786629][T17029] value changed: 0x00000000ffffe0bd -> 0x00000000ffffe0be
[  220.793734][T17029] 
[  220.796048][T17029] Reported by Kernel Concurrency Sanitizer on:
[  220.802195][T17029] CPU: 1 UID: 0 PID: 17029 Comm: syz.3.3830 Tainted: G        W          6.12.0-syzkaller-10313-g7d4050728c83 #0
[  220.814095][T17029] Tainted: [W]=WARN
[  220.817900][T17029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  220.827952][T17029] ==================================================================
[  220.840433][T14235] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  220.909709][   T29] audit: type=1400 audit(1732760966.829:29829): avc:  denied  { write } for  pid=17082 comm="syz.1.3850" name="rdma_cm" dev="devtmpfs" ino=251 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  220.936257][T17083] tipc: Failed to remove unknown binding: 66,1,1/0:347503406/347503408
[  220.946345][T17083] tipc: Started in network mode
[  220.951285][T17083] tipc: Node identity 101, cluster identity 4711
[  220.957626][T17083] tipc: Node number set to 257
[  220.986881][   T29] audit: type=1400 audit(1732760966.859:29830): avc:  denied  { create } for  pid=17082 comm="syz.1.3850" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  221.006647][   T29] audit: type=1400 audit(1732760966.859:29831): avc:  denied  { create } for  pid=17082 comm="syz.1.3850" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  221.026529][   T29] audit: type=1400 audit(1732760966.859:29832): avc:  denied  { ioctl } for  pid=17082 comm="syz.1.3850" path="socket:[46604]" dev="sockfs" ino=46604 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  221.051589][   T29] audit: type=1400 audit(1732760966.859:29833): avc:  denied  { bind } for  pid=17082 comm="syz.1.3850" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  221.071278][   T29] audit: type=1400 audit(1732760966.859:29834): avc:  denied  { bind } for  pid=17082 comm="syz.1.3850" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  221.090933][   T29] audit: type=1400 audit(1732760966.859:29835): avc:  denied  { setopt } for  pid=17082 comm="syz.1.3850" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  221.110663][   T29] audit: type=1400 audit(1732760966.859:29836): avc:  denied  { write } for  pid=17082 comm="syz.1.3850" path="socket:[46605]" dev="sockfs" ino=46605 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  221.134132][   T29] audit: type=1400 audit(1732760966.899:29837): avc:  denied  { setopt } for  pid=17082 comm="syz.1.3850" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1