last executing test programs:

1m3.422476953s ago: executing program 1 (id=398):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r0, @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r2}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x67, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x39, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)=@newqdisc={0xfffffffffffffd08, 0x24, 0xf0b, 0xffffffff, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
r6 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000000c0)={'dummy0\x00'})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005a40)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r6, @ANYBLOB='\b\x00\n\x00', @ANYRES16=r3], 0xb4}}, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', <r8=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="44000000100003042abd70000000000000000400", @ANYRES32=0x0, @ANYBLOB="ef0380002000040008000500", @ANYRES32=r8, @ANYBLOB="140012800b0001006970766c616e00000400028008000a00", @ANYRES32], 0x44}, 0x1, 0x0, 0x0, 0x4040800}, 0x4004850)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', r8, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, @void, @value}, 0x94)
connect$inet6(r1, &(0x7f0000000300)={0xa, 0x4e22, 0x7, @mcast1, 0x1}, 0x1c)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001880), 0xffffffffffffffff)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_REG(r11, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x1c, r10, 0x1, 0x70bd28, 0x25dfdbfe, {}, [@NL80211_ATTR_WIPHY={0x8, 0x1, 0x45}]}, 0x1c}, 0x1, 0x0, 0x0, 0x44800}, 0x4080004)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000040)='kmem_cache_free\x00', r9}, 0x18)
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000080)='./file1\x00', 0x8, &(0x7f0000000440)={[{@dots}, {@fat=@check_normal}, {@nodots}, {@dots}, {@nodots}, {@dots}, {@nodots}, {@fat=@quiet}, {@nodots}, {@nodots}, {@nodots}, {}, {@dots}, {@fat=@umask={'umask', 0x3d, 0x7fff}}, {@fat=@nfs}, {@dots}, {@fat=@tz_utc}, {@fat=@nfs}, {@dots}, {@fat=@umask={'umask', 0x3d, 0x100}}, {@dots}, {@dots}]}, 0xfd, 0x1bf, &(0x7f0000000840)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa")
mount$nfs(&(0x7f0000000000)='-:,*\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x101904a, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
rt_sigaction(0x19, &(0x7f0000000000)={0xfffffffffffffffc, 0x44000006, 0x0}, 0x0, 0x8, &(0x7f0000000440))
r12 = memfd_create(&(0x7f00000006c0)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\xf2\xed\x04\x00\x00\x00\xd4N\x12\x9b\x1f\t\xd1Z+\x86T\x16\xf8\x01\x00\x00\x00\x9f+\x8d!\x0fG\xab\xc2\xdc\xa3\xb3\xae8\x9f9?\xefo\xa4k\x01\xb2>\xa1\x9c\x86xm\xe6\x9bZ4\x91\x1a\xdb\xdd\x89\xb9\xc0LF;\xd6\x84\x195\x06\x00\x00\x00~\xf3S\x12\"p^\xc1jP\x8a\xc6[\xbd\xe7q]\xdd\r\x1aZS\x01*\x1b\xfd\xbcMA\xdcq\xa1\x00\xb3\xf9\x91r\x7f\xdc\xf1\xc3G,\xdb\xccS\x15\x95b\x17\xab\xe4?\x96\x95\xa4kP\x99YO\xb8V\xd5p\x90X\xaaf', 0x0)
fallocate(r12, 0x0, 0x400000000000000, 0x2)
ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f00000002c0)=0x800)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x15, 0xe, 0x0, &(0x7f00000001c0)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f00000000c0), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

1m3.309670124s ago: executing program 1 (id=400):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYRESOCT=r0, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$kcm(0xa, 0x3, 0x3a)
sendmsg$kcm(r2, &(0x7f00000031c0)={&(0x7f00000006c0)=@l2tp6={0xa, 0x0, 0x0, @mcast1}, 0x80, &(0x7f0000000540)=[{&(0x7f0000000b40)="b5640aae1e407af01eecff9e22e152a958b96c15ffd051d17c6c712f21a8abb26b561e7af56b164829c35642692c102092e1f43782559cb76acaa20f83d5e807ad43b3e153ccdf10b894d755e849d01e91b7b49af88a501bc937c19203d32e33610f090c9d9e0d5972ac64142f8f4b71f27cc89c43c9bec897b53fee3e5f94497031ff2e460d2c011dfd60030db5a289bde09ac884de124e62b5b6921c326a85bc8791473d2828d1e28b5f20e286b061c4dadef878b72e6095841189db4da6e671677ca72a3c1b69c2ec25d3ce", 0xcd}, {&(0x7f0000000e00)="5c6817db84aafc4ba93b3b7b773c1f5c014e2a4405abce2e2192542afa9748dcd0a777e403000000290d970e2f9a1d422ca71d4207e563f192538f527923b0f362103e5bbeda2dca0d9d2b5e5238329691753f1860286f1aaa0786be123a788ba8d0e1205af7751df76effba5cb644966e7b7566d2960bab4c5ba6da8e730af484c4850e243e0e95803437dfd6b95b5d3ffbb5d9fb8bc5b2358837f79985f063bfb4e982bdbd79b6aff84a010d1a97960158de81236aa66640e348b98794dd9ca277d910243cf4d9c6d38979981faac0930900000000000000420903fbc1", 0xde}, {&(0x7f0000000480)="9eb8a2c0e241fb0402ac8d04ecbc724648d79b443d283855fdba1e1dc6283591a8a07eb1436788b6b641ed5ea90be62fc7499c9b017d2e73973395411b7efb244a226ba0ae7657c57101711c5aa138abd03dec1e0899824e678aced03a92fec128f69d27d84ee2ff2e4ad7a3db73f4f12d0728bada715bf5abce312346bb7d7345e8df1fc10fa733c98030cb193341700961aa2ccb9f0f029190a1d34386c73e7017cf0fe0275d2d6f9531b12f12e29b903f", 0xb2}, {&(0x7f0000000740)="4f0461e980a3df614c952ba937542c3956c268ef9da7fc364c6d5c543c3bd84159a349884fb4df8936363169ce8541c090bb5871df329e56747592fa4d29a09dcb4c416503ec1113680af76cba6417576ac2c0d3570f91a9c661f10e9bdab3c038f68844db4a19a8a613d78adb0405e27a1dea217288306169ac437c2401514510725ff144e75b83b8c67735520151c1018c3542bdfa2cae78aeb5d328f7d134706eb4d03bf4018be0f581f55e82cc1e851b8585d48a881144bfd5e96b52b62e62abe7ace71093fe8779d41feea0eb401dc005f2e3fe47320e7f945fb04e06c713f062ca47794f9c0b7fa88ccfacc4a51a4e816e0cb832c42d9f60561d5086ff512190d1129892fd541a0fbc9a41d70cd0d4501fed5545cd04b7800814bcbf492339bbfe784baba895beda447447a447e088a8d7cb795b3543a8cd8d8efb830dabc88b5b6466cd1d903833fca0e1049480810da129e746e2c9726a846ce85003a6bb9949e5dd140ab97a001c91323d5cb6648d4f61d40d4951ae36a1a404ba3452ae9a969c16a0918b4afe0b7b6afe4d59d8abfed8e7b38ce7c6c4daf306d0136c353c109f0a63c26df5f8866e763dc2fcd93b7c9b7143823cd8272533aa2eb47f873da2e1aeba66332990f5033c712108f71bc055f29317d8dd9b227b524d61381ed55fdb83ee0849699dae2e0bb675bf07392f4b0303f2498c892988420f1e144e73eb89146ccde129625478ae391d7ed1d6f5fc03c603c699250ff4801890eda63df41b0b9d619b2dad24798faf47863f79ee52ee40e8550c52c28a795377d934e9b3cb2f9f0ae973055288f5ebbb6a193e5cf89d3dfff60d4e545abda64b1c55d315931540117b96e72a5cea284c4a9d99d165d19e12176acd226a9ec38d6889c913b8c98b3a1666ec9b378655838df06b8318691cded6314ce3bcdd3d1ac172c3ecd2f82879771034f5f1ebb3d6ee5b10c77f269954680acc2495c586cf6bc33b2c8b374cf64275cfb06a0ef5485c269b152cbdd6c0489307000000c5a28372a45f3c79f3e45ce94ffb14bf3aa8e5f0e54d942e8440c94bf5d2f0eb05e32337b6ee0087f8047e2a820b1fe6c4db3d9969f9705d9ef5df25e8373de300f04ce07cbda2e41459024d13fa2ee32103d00b6642e6fe0ae493a9ad418329deb60f9930dc", 0x344}], 0x4, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000002900000004"], 0x18}, 0x8080)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000440)='mm_page_free\x00', r3, 0x0, 0x1000}, 0x18)
r4 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$SG_IO(r4, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0xff, 0x0, @buffer={0x2, 0x5c, &(0x7f0000000340)=""/92}, &(0x7f0000000f00)="259374c96e4bfa28ae8277b5f529b9ad2abf6ecb9746d1a1f3c22b170eda3c844a6041fc39483a1ab1f6d59fbdb5b98d6eb6dcaa1ab82987ea8fefe0bc388bae4affbe0243b767a1c53ff36cbdd453b043a3ab34d27c3b0464951094c33af1928c1ae7c4dbb241e2088020f3738dc6976e092541da647f08551cee920479da7b2380ab244f47f2579c263bae67d950e8bf5ece62a7c739f066e986a6422a4895cd15d807ebb9ad0448d8557bbfbb9e67a937fb7283a792bd657f6e247164d55a537ba6ff0e63f2730988ce967781d9094d4f1038419d4f0efef36fa64e04b88276aee67d633b5a979204e80829db1f2efbed84d264cc04cd2e64d28a38e2be", 0x0, 0x301, 0x0, 0x0, 0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SCAN(r5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x3, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f00000000c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES16=r6, @ANYRESOCT=r2], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000004c0)={{r7}, &(0x7f0000000000), 0x0}, 0x20)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
unshare(0x22020400)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r8}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r9, 0x89f1, &(0x7f0000000000)={'ip6gre0\x00', &(0x7f00000009c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x1, 0x0, 0x40, @loopback, @loopback, 0x10}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r9, 0x89f3, &(0x7f0000000440)={'syztnl1\x00', 0x0})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syslog(0x2, &(0x7f0000000640)=""/88, 0x58)
sendmsg$kcm(r2, &(0x7f0000000440)={&(0x7f0000000100)=@l2tp6={0xa, 0x0, 0x0, @remote}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000180)="5300138e06d44d863d4eedd1", 0xc}], 0x1, 0x0, 0x0, 0x900}, 0x0)

1m3.239286745s ago: executing program 1 (id=401):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r0}, &(0x7f00000002c0), &(0x7f0000000300)=r1}, 0x20)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$binfmt_aout(r2, &(0x7f0000000340)=ANY=[], 0xff2e)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000100))
setuid(0xee01)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)="bb92703bc0105037bd784f64f009d7eb0648aee568d7ca1afed7a3db23a54b228c73ccd41e0034ed67619428844d40b09a59c116a37a5f924629b4ed6c50754847ced84f6418731e933cfe1dbe68d409621fe527d976ce3c", 0x58, 0x8085, &(0x7f0000000080)={0xa, 0x4e23, 0xfffffff9, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x3a}}, 0x80000000}, 0x1c)

1m3.124125727s ago: executing program 1 (id=402):
syz_mount_image$ext4(&(0x7f00000007c0)='ext4\x00', &(0x7f00000006c0)='./file1\x00', 0x40, &(0x7f00000000c0)={[{@user_xattr}, {@nodioread_nolock}]}, 0x1, 0x576, &(0x7f0000000140)="$eJzs3T1sG2UfAPD/neO3X3nf9JXeVwLUoQKkIlV1kn5AYWpXRKVKHZBYIHLcqIoTV7EDTZQh3StEBwSoS9lgYAQxMCAWRlYWEDNSRSOQmg5g5K80TZzglDouud9POvuee87+P8+d/499pzs5gMw62nhII56OiItJxMi6uqFoVx5trbe6slS8v7JUTKJev/RLEklE3FtZKnbWT9rPhyJiOSKeiohv8hHH081xqwuL0xPlcmmuXR6tzVwdrS4snrgyMzFVmirNnnrp5TNnT58ZPzm+/mX36+tL+Z319caPN9+98d2rt29++tmR5eL7E0mci+F23fp+PE6tbZKPcxuWn+5HsAFKBt0AHkmuneeNVPp/jESunfXd1Ed2tWlAn9X3RdSBjErkP2RU53dA4/i3M+3m748751sHII24q+2pVTPUOjcR+5vHJgd/TR46Mmkcbx7ezYayJy1fj4ixoaHNn/+k/fl7dGOPo4H01dfnWztq8/5P18af6DL+DHfOnf5NnfFvddP49yB+bovx72KPMX5/46ePtox/PeKZrvGTtfhJl/hpRLzVY/xbr395dqu6+scRx6J7/I5k+/PDo5evlEtjrceuMb46duSV7fp/cIv4rXO2+5tfM922f5fT2l198e3nzy5vE/+F57bf/922/4GIeK/H+P+998lrW9XduZ7cbfwK2On+TyIft3uM/+K5oz/0uCoAAAAAAAAAALADafNatiQtrM2naaHQuof3f3EwLVeqteOXK/Ozk61r3g5HPu1caTXSKieN8nj7etxO+eSG8qlcO2DuQLNcKFbKkwPuOwAAAAAAAAAAAAAAAAAAADwpDm24//+3XPP+/41/Vw3sVVv/5Tew18l/yK6H8z8ZWDuA3ef7HzKrLv8hu+Q/ZJf8h+yS/5Bd8h+yS/5Ddsl/AAAAAAAAAAAAAAAAAAAAAAAAAADoi4sXLjSm+v2VpWKjPDm0MD9defvEZKk6XZiZLxaKlbmrhalKZapcKhQrM3/1fkmlcnUsZuevjdZK1dpodWHxzZnK/GznP0VL+b73CAAAAAAAAAAAAAAAAAAAAP55hptTkhYiIm3Op2mhEPHviDicRHL5Srk0FhH/iYjvc/l9jfL4oBsNAAAAAAAAAAAAAAAAAAAAe0x1YXF6olwuzWVkZmgnK0fE8uNtRuMdd/yqfHtfPSnb0EwWZgY8MAEAAAAAAAAAAAAAAAAAQAY9uOm311f80d8GAQAAAAAAAAAAAAAAAAAAQCalPycR0ZiOjTw/vLH2X8lqrvkcEe/cuvTBtYlabW68sfzu2vLah+3lJwfRfqBXnTzt5DEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQHVhcXqiXC7N9XFm0H0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBR/BgAA///eANcP")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
r0 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec25, 0x8, 0x1, 0x40000333}, &(0x7f00000006c0)=<r1=>0x0, &(0x7f00000001c0)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
io_uring_enter(r0, 0x847ba, 0x0, 0xe, 0x0, 0x0)

1m2.93983652s ago: executing program 1 (id=404):
syz_mount_image$vfat(&(0x7f0000000340), &(0x7f0000000000)='./file1\x00', 0x280809a, &(0x7f0000000f40)=ANY=[], 0x1, 0x2b2, &(0x7f00000006c0)="$eJzs3U9rY1UUAPDz0jR9OosUcaMIPtCFqzJ166ZRRhC7UiKoCw3ODEgSBqYQmArGruYTuPR7+BHcuPEbDLgV3E0XlSfvX/7ga402VXR+v9Xh3nfuPXm3TbLJeZ+/Mh3ffZDE2dMnkaZJdI7iKM6T2I9ONL6JbgAA/x/neR6/5mWY5JUNM7udGy0MALgx1ef/X/rgBwD+4z78+JP3B8fHdz7IsjRe6j+eDZOImD6eDav5wf34MiZxL25HPy4i8oUqfve94zvRzQr78fp0PhsWmdPPfqzXH/wSUeYfRj/22/MPs8pK/nw23I3nI4vB/d2m1H682J7/Zkt+DHvxxmsr9R9EP376Ih7EJO5GkbvM//owy97Jv3361afFNkV+0onhXnldKfcFCQAAAAAAAAAAAAAAAAAAAACA7TrIsqRq31P27ymG6v47Oxfl/EHW2F/vz1PlJ81CVX+gvOmWM8/ju6a/zu0sy/L6wmV+N17uerAAAAAAAAAAAAAAAAAAAAAAFE4ePbk1mkzuPTx5dDq+dtB0A2h+1v931zlaGXk1TsejncsX3Nt8r9VuA0WtV14c3W5s6ba0B2eLkeeKera+xV4sRj6KKmgOZqt7vfB2tejpeJTVU81NHo+SP9srbQ7u+9WpXly3sLz8k7jI1880XZS6ntXb0t3o3Wqd+i3P883Weevn6ozqkaRssbHZ7rt10PoCiyAtziJd/OMXUz9cvuClbxk7137TAQAAAAAAAAAAAAAAAAAAWi1/9NsyeXZlaufGigIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf9jy+f9NkEbE+sgfgnmdfNU1ddCLhyf/8ksEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgGfB7AAAA//8rlFqg")
r0 = open(&(0x7f0000000080)='./file0\x00', 0x40c5, 0x130)
r1 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x51)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff5295e8cd6f55ce071b304aa0a588b3b7a2efa2f167dd9c1b8b016268d37d9a30983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402c76caf85d4569a75dde2f64", 0x200)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
sendfile(r0, r1, 0x0, 0xe065)

1m2.471899776s ago: executing program 1 (id=411):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYRESOCT=r0, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$kcm(0xa, 0x3, 0x3a)
sendmsg$kcm(r2, &(0x7f00000031c0)={&(0x7f00000006c0)=@l2tp6={0xa, 0x0, 0x0, @mcast1}, 0x80, &(0x7f0000000540)=[{&(0x7f0000000b40)="b5640aae1e407af01eecff9e22e152a958b96c15ffd051d17c6c712f21a8abb26b561e7af56b164829c35642692c102092e1f43782559cb76acaa20f83d5e807ad43b3e153ccdf10b894d755e849d01e91b7b49af88a501bc937c19203d32e33610f090c9d9e0d5972ac64142f8f4b71f27cc89c43c9bec897b53fee3e5f94497031ff2e460d2c011dfd60030db5a289bde09ac884de124e62b5b6921c326a85bc8791473d2828d1e28b5f20e286b061c4dadef878b72e6095841189db4da6e671677ca72a3c1b69c2ec25d3ce", 0xcd}, {&(0x7f0000000e00)="5c6817db84aafc4ba93b3b7b773c1f5c014e2a4405abce2e2192542afa9748dcd0a777e403000000290d970e2f9a1d422ca71d4207e563f192538f527923b0f362103e5bbeda2dca0d9d2b5e5238329691753f1860286f1aaa0786be123a788ba8d0e1205af7751df76effba5cb644966e7b7566d2960bab4c5ba6da8e730af484c4850e243e0e95803437dfd6b95b5d3ffbb5d9fb8bc5b2358837f79985f063bfb4e982bdbd79b6aff84a010d1a97960158de81236aa66640e348b98794dd9ca277d910243cf4d9c6d38979981faac0930900000000000000420903fbc1", 0xde}, {&(0x7f0000000480)="9eb8a2c0e241fb0402ac8d04ecbc724648d79b443d283855fdba1e1dc6283591a8a07eb1436788b6b641ed5ea90be62fc7499c9b017d2e73973395411b7efb244a226ba0ae7657c57101711c5aa138abd03dec1e0899824e678aced03a92fec128f69d27d84ee2ff2e4ad7a3db73f4f12d0728bada715bf5abce312346bb7d7345e8df1fc10fa733c98030cb193341700961aa2ccb9f0f029190a1d34386c73e7017cf0fe0275d2d6f9531b12f12e29b903f", 0xb2}, {&(0x7f0000000740)="4f0461e980a3df614c952ba937542c3956c268ef9da7fc364c6d5c543c3bd84159a349884fb4df8936363169ce8541c090bb5871df329e56747592fa4d29a09dcb4c416503ec1113680af76cba6417576ac2c0d3570f91a9c661f10e9bdab3c038f68844db4a19a8a613d78adb0405e27a1dea217288306169ac437c2401514510725ff144e75b83b8c67735520151c1018c3542bdfa2cae78aeb5d328f7d134706eb4d03bf4018be0f581f55e82cc1e851b8585d48a881144bfd5e96b52b62e62abe7ace71093fe8779d41feea0eb401dc005f2e3fe47320e7f945fb04e06c713f062ca47794f9c0b7fa88ccfacc4a51a4e816e0cb832c42d9f60561d5086ff512190d1129892fd541a0fbc9a41d70cd0d4501fed5545cd04b7800814bcbf492339bbfe784baba895beda447447a447e088a8d7cb795b3543a8cd8d8efb830dabc88b5b6466cd1d903833fca0e1049480810da129e746e2c9726a846ce85003a6bb9949e5dd140ab97a001c91323d5cb6648d4f61d40d4951ae36a1a404ba3452ae9a969c16a0918b4afe0b7b6afe4d59d8abfed8e7b38ce7c6c4daf306d0136c353c109f0a63c26df5f8866e763dc2fcd93b7c9b7143823cd8272533aa2eb47f873da2e1aeba66332990f5033c712108f71bc055f29317d8dd9b227b524d61381ed55fdb83ee0849699dae2e0bb675bf07392f4b0303f2498c892988420f1e144e73eb89146ccde129625478ae391d7ed1d6f5fc03c603c699250ff4801890eda63df41b0b9d619b2dad24798faf47863f79ee52ee40e8550c52c28a795377d934e9b3cb2f9f0ae973055288f5ebbb6a193e5cf89d3dfff60d4e545abda64b1c55d315931540117b96e72a5cea284c4a9d99d165d19e12176acd226a9ec38d6889c913b8c98b3a1666ec9b378655838df06b8318691cded6314ce3bcdd3d1ac172c3ecd2f82879771034f5f1ebb3d6ee5b10c77f269954680acc2495c586cf6bc33b2c8b374cf64275cfb06a0ef5485c269b152cbdd6c0489307000000c5a28372a45f3c79f3e45ce94ffb14bf3aa8e5f0e54d942e8440c94bf5d2f0eb05e32337b6ee0087f8047e2a820b1fe6c4db3d9969f9705d9ef5df25e8373de300f04ce07cbda2e41459024d13fa2ee32103d00b6642e6fe0ae493a9ad418329deb60f9930dc", 0x344}], 0x4, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000002900000004"], 0x18}, 0x8080)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000440)='mm_page_free\x00', r3, 0x0, 0x1000}, 0x18)
r4 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$SG_IO(r4, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0xff, 0x0, @buffer={0x2, 0x5c, &(0x7f0000000340)=""/92}, &(0x7f0000000f00)="259374c96e4bfa28ae8277b5f529b9ad2abf6ecb9746d1a1f3c22b170eda3c844a6041fc39483a1ab1f6d59fbdb5b98d6eb6dcaa1ab82987ea8fefe0bc388bae4affbe0243b767a1c53ff36cbdd453b043a3ab34d27c3b0464951094c33af1928c1ae7c4dbb241e2088020f3738dc6976e092541da647f08551cee920479da7b2380ab244f47f2579c263bae67d950e8bf5ece62a7c739f066e986a6422a4895cd15d807ebb9ad0448d8557bbfbb9e67a937fb7283a792bd657f6e247164d55a537ba6ff0e63f2730988ce967781d9094d4f1038419d4f0efef36fa64e04b88276aee67d633b5a979204e80829db1f2efbed84d264cc04cd2e64d28a38e2be", 0x0, 0x301, 0x0, 0x0, 0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SCAN(r5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x3, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f00000000c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES16=r6, @ANYRESOCT=r2], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000004c0)={{r7}, &(0x7f0000000000), 0x0}, 0x20)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
unshare(0x22020400)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r8}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r9, 0x89f1, &(0x7f0000000000)={'ip6gre0\x00', &(0x7f00000009c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x1, 0x0, 0x40, @loopback, @loopback, 0x10}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r9, 0x89f3, &(0x7f0000000440)={'syztnl1\x00', 0x0})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syslog(0x2, &(0x7f0000000640)=""/88, 0x58)
sendmsg$kcm(r2, &(0x7f0000000440)={&(0x7f0000000100)=@l2tp6={0xa, 0x0, 0x0, @remote}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000180)="5300138e06d44d863d4eedd1", 0xc}], 0x1, 0x0, 0x0, 0x900}, 0x0)

1m2.461136407s ago: executing program 32 (id=411):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYRESOCT=r0, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$kcm(0xa, 0x3, 0x3a)
sendmsg$kcm(r2, &(0x7f00000031c0)={&(0x7f00000006c0)=@l2tp6={0xa, 0x0, 0x0, @mcast1}, 0x80, &(0x7f0000000540)=[{&(0x7f0000000b40)="b5640aae1e407af01eecff9e22e152a958b96c15ffd051d17c6c712f21a8abb26b561e7af56b164829c35642692c102092e1f43782559cb76acaa20f83d5e807ad43b3e153ccdf10b894d755e849d01e91b7b49af88a501bc937c19203d32e33610f090c9d9e0d5972ac64142f8f4b71f27cc89c43c9bec897b53fee3e5f94497031ff2e460d2c011dfd60030db5a289bde09ac884de124e62b5b6921c326a85bc8791473d2828d1e28b5f20e286b061c4dadef878b72e6095841189db4da6e671677ca72a3c1b69c2ec25d3ce", 0xcd}, {&(0x7f0000000e00)="5c6817db84aafc4ba93b3b7b773c1f5c014e2a4405abce2e2192542afa9748dcd0a777e403000000290d970e2f9a1d422ca71d4207e563f192538f527923b0f362103e5bbeda2dca0d9d2b5e5238329691753f1860286f1aaa0786be123a788ba8d0e1205af7751df76effba5cb644966e7b7566d2960bab4c5ba6da8e730af484c4850e243e0e95803437dfd6b95b5d3ffbb5d9fb8bc5b2358837f79985f063bfb4e982bdbd79b6aff84a010d1a97960158de81236aa66640e348b98794dd9ca277d910243cf4d9c6d38979981faac0930900000000000000420903fbc1", 0xde}, {&(0x7f0000000480)="9eb8a2c0e241fb0402ac8d04ecbc724648d79b443d283855fdba1e1dc6283591a8a07eb1436788b6b641ed5ea90be62fc7499c9b017d2e73973395411b7efb244a226ba0ae7657c57101711c5aa138abd03dec1e0899824e678aced03a92fec128f69d27d84ee2ff2e4ad7a3db73f4f12d0728bada715bf5abce312346bb7d7345e8df1fc10fa733c98030cb193341700961aa2ccb9f0f029190a1d34386c73e7017cf0fe0275d2d6f9531b12f12e29b903f", 0xb2}, {&(0x7f0000000740)="4f0461e980a3df614c952ba937542c3956c268ef9da7fc364c6d5c543c3bd84159a349884fb4df8936363169ce8541c090bb5871df329e56747592fa4d29a09dcb4c416503ec1113680af76cba6417576ac2c0d3570f91a9c661f10e9bdab3c038f68844db4a19a8a613d78adb0405e27a1dea217288306169ac437c2401514510725ff144e75b83b8c67735520151c1018c3542bdfa2cae78aeb5d328f7d134706eb4d03bf4018be0f581f55e82cc1e851b8585d48a881144bfd5e96b52b62e62abe7ace71093fe8779d41feea0eb401dc005f2e3fe47320e7f945fb04e06c713f062ca47794f9c0b7fa88ccfacc4a51a4e816e0cb832c42d9f60561d5086ff512190d1129892fd541a0fbc9a41d70cd0d4501fed5545cd04b7800814bcbf492339bbfe784baba895beda447447a447e088a8d7cb795b3543a8cd8d8efb830dabc88b5b6466cd1d903833fca0e1049480810da129e746e2c9726a846ce85003a6bb9949e5dd140ab97a001c91323d5cb6648d4f61d40d4951ae36a1a404ba3452ae9a969c16a0918b4afe0b7b6afe4d59d8abfed8e7b38ce7c6c4daf306d0136c353c109f0a63c26df5f8866e763dc2fcd93b7c9b7143823cd8272533aa2eb47f873da2e1aeba66332990f5033c712108f71bc055f29317d8dd9b227b524d61381ed55fdb83ee0849699dae2e0bb675bf07392f4b0303f2498c892988420f1e144e73eb89146ccde129625478ae391d7ed1d6f5fc03c603c699250ff4801890eda63df41b0b9d619b2dad24798faf47863f79ee52ee40e8550c52c28a795377d934e9b3cb2f9f0ae973055288f5ebbb6a193e5cf89d3dfff60d4e545abda64b1c55d315931540117b96e72a5cea284c4a9d99d165d19e12176acd226a9ec38d6889c913b8c98b3a1666ec9b378655838df06b8318691cded6314ce3bcdd3d1ac172c3ecd2f82879771034f5f1ebb3d6ee5b10c77f269954680acc2495c586cf6bc33b2c8b374cf64275cfb06a0ef5485c269b152cbdd6c0489307000000c5a28372a45f3c79f3e45ce94ffb14bf3aa8e5f0e54d942e8440c94bf5d2f0eb05e32337b6ee0087f8047e2a820b1fe6c4db3d9969f9705d9ef5df25e8373de300f04ce07cbda2e41459024d13fa2ee32103d00b6642e6fe0ae493a9ad418329deb60f9930dc", 0x344}], 0x4, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000002900000004"], 0x18}, 0x8080)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000440)='mm_page_free\x00', r3, 0x0, 0x1000}, 0x18)
r4 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$SG_IO(r4, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0xff, 0x0, @buffer={0x2, 0x5c, &(0x7f0000000340)=""/92}, &(0x7f0000000f00)="259374c96e4bfa28ae8277b5f529b9ad2abf6ecb9746d1a1f3c22b170eda3c844a6041fc39483a1ab1f6d59fbdb5b98d6eb6dcaa1ab82987ea8fefe0bc388bae4affbe0243b767a1c53ff36cbdd453b043a3ab34d27c3b0464951094c33af1928c1ae7c4dbb241e2088020f3738dc6976e092541da647f08551cee920479da7b2380ab244f47f2579c263bae67d950e8bf5ece62a7c739f066e986a6422a4895cd15d807ebb9ad0448d8557bbfbb9e67a937fb7283a792bd657f6e247164d55a537ba6ff0e63f2730988ce967781d9094d4f1038419d4f0efef36fa64e04b88276aee67d633b5a979204e80829db1f2efbed84d264cc04cd2e64d28a38e2be", 0x0, 0x301, 0x0, 0x0, 0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SCAN(r5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x3, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f00000000c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES16=r6, @ANYRESOCT=r2], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000004c0)={{r7}, &(0x7f0000000000), 0x0}, 0x20)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
unshare(0x22020400)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r8}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r9, 0x89f1, &(0x7f0000000000)={'ip6gre0\x00', &(0x7f00000009c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x1, 0x0, 0x40, @loopback, @loopback, 0x10}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r9, 0x89f3, &(0x7f0000000440)={'syztnl1\x00', 0x0})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syslog(0x2, &(0x7f0000000640)=""/88, 0x58)
sendmsg$kcm(r2, &(0x7f0000000440)={&(0x7f0000000100)=@l2tp6={0xa, 0x0, 0x0, @remote}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000180)="5300138e06d44d863d4eedd1", 0xc}], 0x1, 0x0, 0x0, 0x900}, 0x0)

42.194735363s ago: executing program 3 (id=714):
socket$netlink(0x10, 0x3, 0xb)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)='proc\x00', 0x0, 0x0)
chroot(&(0x7f0000000000)='./file0/../file0\x00')
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
pivot_root(&(0x7f00000001c0)='./file0\x00', &(0x7f00000000c0)='./file0\x00')

42.108204854s ago: executing program 3 (id=717):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000140)=[@in={0x2, 0x0, @private=0xa018101}]}, &(0x7f0000000080)=0x10)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r1, 0x0, 0x60, &(0x7f0000000440)={'filter\x00', 0x104, 0x2, 0x3c8, 0xe8, 0xe8, 0x2e0, 0x2e0, 0x2e0, 0x2e0, 0x4, 0x0, {[{{@uncond, 0xc0, 0xe8}, @unspec=@MARK={0x28}}, {{@arp={@empty, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, {@mac, {[0x0, 0x0, 0x0, 0x0, 0x0, 0xff]}}, {@mac, {[0xff]}}, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 'nicvf0\x00', 'lo\x00'}, 0xc0, 0x110, 0x0, {0xb000000}}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@remote, @empty, @dev={0xac, 0x14, 0x14, 0xb}, @local, 0x8, 0x1}}}, {{@arp={@rand_addr, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x9, {@empty, {[0xff]}}, {@mac=@remote}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 'veth0_macvtap\x00', 'ipvlan1\x00', {}, {}, 0x0, 0x2}, 0xc0, 0xe8}, @unspec=@AUDIT={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28, '\x00', 0x0, 0xfffffffb}}}}, 0x418)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000001180)={0x1, [<r2=>0x0]}, &(0x7f00000000c0)=0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000080)={r2, 0x8001}, 0x8)
getsockopt$bt_hci(r1, 0x84, 0x3, &(0x7f0000000080)=""/4045, &(0x7f0000000000)=0xfcd)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r4=>r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
msgget$private(0x0, 0x8)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYRESOCT=r4], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x21, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000580)='kmem_cache_free\x00', r5}, 0x18)
unshare(0x2c060000)
r6 = syz_pidfd_open(0x0, 0x0)
socket$qrtr(0x2a, 0x2, 0x0)
r7 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="1400000035000b63d25a80648c2594f90124fc60", 0x14}], 0x1}, 0x0)
pidfd_send_signal(r6, 0x1b, &(0x7f0000001080)={0x14, 0x2, 0x6}, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000012c0)={0x3, 0xc, &(0x7f00000014c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000e996bcaa0e906dc771606b4551b0d4fb32a2f6366984cce4dc329425e38cbfb617a98ba006043bd417c87a79d833755eeae7f92d4d30531c32da396dc4c34668e0646c6e1b5590a99d96f1535be9b3c8fccdc2b1b0bac72ce3c700f678fbf6c89e4ef49c1db268efc7971348bd2e266772911baff482498dd7a713a6293f378736483578cc65717f1d0a256e668ef5492fe9d9f53277fa100200000094944ce9e766e7376c08f24330930c6e0b6cb59a35cece48f3439c9bbe830cabcd2813c6fe319d514aed1f45cdfabdfcb6e1a2eff0fc658af7908eff9acc1eded07ca927db25e5c3", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x37, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
newfstatat(0xffffffffffffff9c, 0x0, &(0x7f00000005c0), 0x0)

41.222553247s ago: executing program 3 (id=737):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x9}, 0x18)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
sendmmsg$inet(r0, &(0x7f0000000d00)=[{{0x0, 0x0, &(0x7f0000002c00)=[{&(0x7f0000002800)="cf", 0x1}, {&(0x7f0000000380)="08e0ac8fb1d99df61d7b518d0a62071e7ec69f658d5a52d7eb7ea31db43f8cf570f335a80860ac4cc240dc149d8468493db8aad089f590d62e0bcb9d1dcee636ee311ee51839b7201745baef82209b2ab741dc5ea481ae9dcebe39b1101a42a8c82de46107541c240ad0d9ee4a9340cffd72aaea692a60993637c81d23a0d0ebbae66f1eb2771df2482c043d8715ae788b56cc91eaa4d6bbdec82d8f91eb822d0b5f3ebd86", 0xa5}, {&(0x7f0000000180)="8a", 0x1}, {&(0x7f0000002b40)='-', 0x1}], 0x4}}, {{0x0, 0x0, &(0x7f0000002f00)=[{&(0x7f0000001580)="ce90bfdbcfb8a86a74f6799f98c36e23e210f053830ac8e978a0785884001a7099c4b9016f1a65a57390caf78c272cbf9711f94505dd525af1ff7d013438df5b844226f41b81e58eb73366", 0x4b}, {&(0x7f0000000540)="f2e659a0b00d26c2ee15", 0xa}, {&(0x7f0000002e40)="d4", 0x1}], 0x3}}, {{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000003000)="e1", 0x1}, {&(0x7f00000010c0)="fa", 0x1}, {&(0x7f0000001680)="d8", 0x1}, {&(0x7f0000001600)="f2964dd16e01d56b414499264923beda58d7da0313c1ccafe53965750f25bdaa6b56a87307ec23d48b6f35ce49a813a2bc3cb23fdf42826bdc16788ff466919594de5bf8a1fa5d825947271ade4a95efeb170c", 0x53}, {&(0x7f0000001340)="b8", 0x1}, {&(0x7f0000000500)="01", 0x1}, {&(0x7f0000000280)="87", 0x1}], 0x7}}, {{0x0, 0x0, &(0x7f0000001540)=[{&(0x7f0000000140)}, {&(0x7f0000000340)="e4", 0x1}], 0x2}}], 0x4, 0x4000000)
setsockopt$sock_int(r0, 0x1, 0x20, &(0x7f0000000000)=0x7fffffff, 0x4)
socket$nl_route(0x10, 0x3, 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, &(0x7f0000000200)='asymmetric\x00', &(0x7f0000000140)=@keyring)
keyctl$link(0x8, 0x0, 0x0)

41.215639307s ago: executing program 3 (id=739):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f0000000200)={[{@max_batch_time={'max_batch_time', 0x3d, 0x358}}, {@resuid}, {@stripe={'stripe', 0x3d, 0x9}}]}, 0x3, 0x44b, &(0x7f00000004c0)="$eJzs282PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rClJYO9PdLLpxz77lzztN7T3vOPW0AI2sq+yeJ2BoRf0bERD3bXGCq/t/Vy2cXrl0+u5BEtfruP0mt3JXLZxeKosV5W/LMdBqRfpHE7jb1rpw+c3y+Ulk6lednV098NLty+swLx07MH106unRy/6FDBw/MvfzS/hf7EmfWpiu7Pl3es/OtD755+/BXTfG3xNEnU90OPl2t9rm64drWkE7GhtgQ1qUUEdnlKtf6/0SUYu3iTcSbnw+1ccBAVavV6pbOh89VgXtYEs15XR5GRfFBn81/i611EPDq4IYfQ3fptfoEKIv7ar7Vj4xFmpcpt8xv+2kqIt4/9+932RaDeQ4BANDkp2z883y78V8aDzWUuy9fG5qMiPsjYntEPBAROyLiwYha2Ycj4pF11t+6SHLj+Ce92FNgtygb/72Sr201j/+K0V9MlvLctlr85eTIscrSvvw1mY7ypiw/16WOn9/44+tOxxrHf9mW1V+MBfN2XBzb1HzO4vzq/O3E3OjS+YhdY+3iT66vBCQRsTMidvVYx7Fnf9jT6djN4++iD+tM1e8jnqlf/3PREn8h6b4+Ofu/qCztmy3uihv99vuFdzrVf1vx90F2/f/f9v6/Hv9k0rheu7L+Oi789WXHOU2v9/948l4tPZ7v+2R+dfXUXMR4crje6Mb9+9fOLfJF+Sz+6b3t+//2WHsldkdEdhM/GhGPRcTjedufiIgnI2Jvl/h/ff2pD3uPf7Cy+BfXdf3XEuPRuqd9onT8lx+bKp28If5r3a//wVpqOt9zK+9/t9Ku3u5mAAAAuPukEbE1knTmejpNZ2bq35ffEZFWlldWnzuy/PHJxfpvBCYj0uJJ10TD89C5fFpfz5+PiPpXC4rjB/Lnxt+WNtfyMwvLlcVhBw8jbkuH/p/5uzTs1gED5/daMLr0fxhd+j+MLv0fRleb/r95GO0A7rx2n/+fDaEdwJ3X0v8t+8EIMf+H0aX/w+jS/2EkrWyOm/9Ivmui+Es9nn7PJqK8IZoxsESkG6IZGzZRvsv7xfDekwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPrpvwAAAP//9gndaw==")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8006, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1e1f7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b0000000000000000000000004000", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x10000200, 0xfffffffffffffffe]})
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000080)={<r2=>0x0, @in={{0x2, 0x4e22, @private=0xa010101}}, 0x2, 0x8}, &(0x7f00000001c0)=0x90)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x5}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0xfffd, 0x0, 0x0, 0x0, 0x8000000000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x9)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0))
gettid()
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x1d, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r4 = io_uring_setup(0x191a, &(0x7f0000000000)={0x0, 0x761, 0x10, 0x1, 0x11cb})
io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000001c0)="d8000000180081064e81f782db44b904021d005c06007c09e8fe55a10a0015400100142603600e120800060000000401a800080008000c4003000000206010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r3}, 0x10)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f00000002c0)={r2, @in={{0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x2e}}}, 0xb, 0xfff9}, 0x90)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040), 0x208e24b)

40.128226482s ago: executing program 3 (id=760):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071000000850000000800000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
rmdir(&(0x7f0000000540)='./cgroup/../file0\x00')

40.008222254s ago: executing program 3 (id=763):
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x3, 0xd, &(0x7f0000000a40)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000850000002a0000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000081000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)

40.007836094s ago: executing program 33 (id=763):
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x3, 0xd, &(0x7f0000000a40)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000850000002a0000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000081000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)

3.53262218s ago: executing program 6 (id=1435):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e000000000000000400"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffc89, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
newfstatat(0xffffffffffffff9c, 0x0, &(0x7f00000005c0), 0x0)

3.50508814s ago: executing program 6 (id=1437):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0600000004000000080000000800000000000000", @ANYRES32, @ANYBLOB="000000000000770900000000000000000040f200", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r1 = socket$kcm(0xa, 0x2, 0x0)
setsockopt$sock_attach_bpf(r1, 0x0, 0x1a, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x200008, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@quota}]}, 0x1, 0x504, &(0x7f0000001000)="$eJzs3c9vI1cdAPDveOPEyaZNWnoABO3SFha0WifxtlHVA5QTQqgSokeQtiHxRlHsOIqd0oQ9pGckTkhU4gRH/gDOPXHnguDGpRyQ+BGBGiQORjMep07W3gSS2FH8+UijeW/erL/vbXbei7/Z+AUwtu5ExEFETEbEuxExl19P8iPe6hzpfZ8cPl49Ony8mkS7/c7fk6w9vRY9fyZ1O3/NUkR871sRP0yejNvc299cqdWqO3l9oVXfXmju7d/fqK+sV9erW5XK8tLy4hsPXq9c2lhfqk/mpS9+/LuDr/047dZsfqV3HJepM/TicZzURER85yqCjcCtfDyTo+4I/5dCRDwfES9nz/9c3Mq+mgDATdZuz0V7rrd+LDlZBQBuikKWA0sK5TwXMBuFQrncyeG9EDOFWqPZuveosbu11smVzUex8GijVl3Mc4XzUUzS+lJW/rReOVV/EBHPRcTPpqazenm1UVsb5Tc+ADDGbp9a//811Vn/AYAbrjTqDgAAQ2f9B4DxY/0HgPFj/QeA8dNZ/6dH3Q0AYIi8/weA8WP9B4Cx8t23306P9lH++ddr7+3tbjbeu79WbW6W67ur5dXGznZ5vdFYzz6zp37W69Uaje2l12L3/fmvbzdbC829/Yf1xu5W62H2ud4Pq8XsroMhjAwAGOS5lz76Y5KuyG9OZ0f07OVQHGnPgKtWGHUHgJG5NeoOACNjty8YXxd4j1+M+KkUAdwAfbboPaHU7xeE2u12++q6BFyxu5+T/4dx1ZP/97+AYczI/8P4kv+H8dVuJ+fd5D/OeyMAcL3J8QMDfv7/fH7+df7DgR+snb7jw6vsFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFxv3f1/y/le4LNRKJTLEc9ExHwUk0cbtepiRDwbEX+YKk6l9aUR9xkAuKjCX5J8/6+7c6/Onmh68fZxcTIifvSLd37+/kqrtfP7iMnkH1Pd660P8+uV4fceADhbd53Ozj1v5D85fLzaPYbZn79+MyJKnfhHh5NxdBx/IiaycymKETHzzySvdyQ9uYuLOPggIj7bb/xJzGY5kM7Op6fjp7GfGWr8won4haytc07/Lj5zCX2BcfNROv+81e/5K8Sd7Nz/+S9lM9TF5fNf+lKrR9kc+Gn87vx3a8D8d+e8MV777bc7pekn2z6I+PxERDf2Uc/8042fDIj/6jnj/+kLL748qK39y4i70T9+b6yFVn17obm3f3+jvrJeXa9uVSrLS8uLbzx4vbKQ5agXBq8Gf3vz3rOD2tLxzwyIXzpj/F8+5/h/9Z93v/+lp8T/6iv94hfihafET9fEr5wz/srMb0qD2tL4awPGf9bX/94543/85/0ntg0HAEanube/uVKrVXcUFK5/If0new260bfwjWHFmoz+TT95pfNMn2rqfu//P8YaNGNcRtYNuA6OH/qI+PeoOwMAAAAAAAAAAAAAAPQ1jN9YGvUYAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLn+GwAA//+hm8cd")
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000400)='kfree\x00', r4}, 0x18)
r5 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/attr/current\x00', 0x2, 0x0)
write$selinux_attr(r5, &(0x7f0000000300)='system_u:object_r:var_run_t:s0\x00', 0x1f)
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1a4a438, &(0x7f00000008c0)=ANY=[], 0xb, 0x0, &(0x7f0000000000))
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r6, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x400, 0x0, 0x32}, 0x9c)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000000000de850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000003c0)='f2fs_truncate_data_blocks_range\x00', r7}, 0x18)
mlockall(0x3)
prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000001000/0x4000)=nil)
brk(0x400000ffc000)
sendto$inet6(r6, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
readlink(&(0x7f00000002c0)='./file1\x00', &(0x7f0000000300)=""/92, 0x5c)
r8 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_PKTINFO(r8, 0x10e, 0xc, &(0x7f0000000180)=0x8, 0x4)

2.217090939s ago: executing program 6 (id=1463):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x10001, 0x8}, 0xc8101339d8526d22}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r3}, 0x18)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r4, &(0x7f0000000340)={0x2, 0x4e24, @loopback}, 0x10)
sendmmsg(r4, &(0x7f0000004380)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000740)="f5", 0x1}], 0x1}}], 0x1, 0x44810)
recvmmsg(r4, &(0x7f00000048c0)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000001a00)=""/4099, 0x1003}], 0x1}}], 0x1, 0x10122, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000003c0)=0x1)

2.086594431s ago: executing program 2 (id=1465):
timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f0000000040)={{0x77359400}, {0x0, 0x989680}}, 0x0)
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
bind$bt_hci(r0, &(0x7f0000000000)={0x27}, 0x74)
sendmmsg$unix(r0, &(0x7f0000000c40)=[{{&(0x7f0000000e80)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000740)=[{&(0x7f0000001dc0)="bb", 0x1}], 0x1}}], 0x1, 0x0)

2.086038551s ago: executing program 2 (id=1466):
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000001080)={0x200000, 0x200000})
r0 = getpid()
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000020000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
unshare(0x22020600)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_pidfd_open(r0, 0x0)
setns(r2, 0x24020000)

2.085627551s ago: executing program 2 (id=1467):
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x48)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(0xffffffffffffffff, 0x0, 0x44)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000000c0)='./file2\x00', 0x280880f, &(0x7f0000000040), 0x3a, 0x527, &(0x7f0000000100)="$eJzs3c9vHFcdAPDvjL1tNnFZt/RQKtFWtMiOIGu7Jq3VQ6ESglOlQrkHY2+M5bU3stdpbBXqiD8ACSFAQkJwgQsSB46VUP4EhBSJ3BEgEIIEDhwCg3Z3NjjOrn80u57E/nyk8bx5O7vf79NoZ+e9Gc8EcGq9FBGTEZGlWXY+Iip5fZpPsdOZWuvduf3+QmtKIsve/Xs5kryu+1lP5vNz+dvORMRXvxzxjeTBuBtb2yvz9XptPV+eaq4md7Ns+8Ly6vxSbam2Njs789rc63MX56YH0s7xiHjzi3/+wXd/8aU3f/PZ9/5w6a+T3+40sGN3OwYpifIDdaMRsT6MYAVptaeUly8etPL14ecDAEB/reP9ZyLiUxFxPiox0j6aAwAAAE6S7PNjcTeJyAAAAIATK42IsUjSakRcfbZVTtNqtXMN77NxNq03NpqfySr3xgvGo5ReXq7XpvNrB8ajlLSWZ/JrbLvLr+5Zno2IpyPi+5Vye7m60KgvFjryAQAAAKfHuV39/zQi/lXp9P8BAACAE2b8iOuPDCkPAAAAYHiO2v8HAAAAHj9H7f+/tfnr2SGlAgAAAAzeO2+/3X5Yd/f514tXtzZXGlcvLNY2VqqrmwvVhcb6lepSo7HUvmff6kGfV280rnwu1javTTVrG82pja3tS6uNzbXmpeX248ABAACAAjz94o1bSUTsvFFOu3VP5PNSRNb9V/8Pf/6T54rJEBiW9Cgr/2l4eQDHz6184PQaLToBoDClohMACvfgfuD+I4O+F+/89uDPTu5m2UdMCwAAGKCJT9y41T3U33mj3J53z/8nHxSXFzB8+fn/JCk6EeDYOf8Pp1dn3P+b5aLzAI5fab8jAJ0COPHSQ3zVH+b8f4drAAAAoGhj7SlJq3k/YOzFNK1WI55qPxaglFxertemI+JjEfH7SunJ1vJM+52J4QEAAAAAAAAAAAAAAAAAAAAAAAAAOKQsSyIDAAAATrSI9C9JexxgJCYqr4ztHR94Ivl3pT2PiPd+/O4Pr803m+szrfp/3Ktv/iivf7WIEQwAAABgr24/vduPBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBBunP7/YXudJxx//ZWRIz3ij8aZ9rzM1GKiLP/TGJ01/uSiBgZQPyd6xHxXK/4SSutGM+z2Bs/jYhywfHPDSA+nGY3WvufL/T6/qXxUnve+/s3mk8Pq//+L723/xvps/976pAxnr/5q6m+8a9HPD/ae//TjZ/0if/yIeN//Wvb2/1ey34WMdHz9ye5L9ZUc/XK1MbW9oXl1fml2lJtbXZ25rW51+cuzk1PXV6u1/K/PWN875Mf/ne/9p/tE3/8gPa/csj2/+fmtdsf7xRLe14qxU+zbPLlXvG/9U7WVsn2xu/+9n06/x1oLU90yzud8m4v/PJ3L+zX/sU+7T9o+08esv3nv/KdPx5yVQDgGGxsba/M1+u19cep8Ew8Emk80oU038A9Xiofez7lXmkMqzAfj8gm+KD/JngMCgXulAAAgKH4/0H/fdVpYQkBAAAAAAAAAAAAAAAAAADAKXTQbcBiALcT2xtzp5imAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADs638BAAD//2PM4P8=")
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4000000)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r4}, 0x17)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r5, 0xffffffffffffffff, 0x0)
syz_clone(0xc6820080, 0x0, 0x0, 0x0, 0x0, 0x0)

1.913576193s ago: executing program 0 (id=1468):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x10, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000711036000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)
bind$bt_hci(r0, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file1/file4\x00', 0x1c0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
clock_adjtime(0x0, &(0x7f0000000000)={0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3b9ac9ff})
socket(0x10, 0x3, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x103042, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x121c00, 0x0)
ioctl$EXT4_IOC_CLEAR_ES_CACHE(r3, 0x6628)
ioctl$SG_GET_REQUEST_TABLE(r3, 0x2286, &(0x7f0000000340))
r4 = socket$inet6(0xa, 0x2, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000100)=ANY=[@ANYBLOB="9feb01001800000000000000240000002400000004000000000000000000000a03000000000000000000000400000000020000000000000f0200000000005f"], 0x0, 0x40, 0x0, 0x8, 0x0, 0x0, @void, @value}, 0x28)
bind$inet6(r4, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x80, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000040)=0x11)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x5, 0x0, 0x0, &(0x7f0000000000), 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
recvmmsg(r4, &(0x7f00000057c0)=[{{0x0, 0x0, 0x0}, 0x3}, {{0x0, 0x0, &(0x7f0000002cc0)=[{0x0}, {&(0x7f00000017c0)=""/130, 0x94}], 0x2}, 0xa1}], 0x2, 0x0, 0x0)

937.732437ms ago: executing program 0 (id=1471):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1600000000000000040000000100000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/16, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000980)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f0800034000000004640000000e0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000380003803400008028000180230001"], 0xf0}, 0x1, 0x0, 0x0, 0x80}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'macvlan1\x00'})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'vlan0\x00'})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x14441, 0x0)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x68, 0x0, 0x0, 0x0, 0x0, 0x8, 0x8, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x2804, 0x0, 0x0, 0x0, 0x400, 0x10001, 0x1, 0x0, 0x0, 0x0, 0x1c0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NL80211_CMD_START_SCHED_SCAN(r4, &(0x7f0000000480)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000200)={&(0x7f00000002c0)={0x1a0, 0x0, 0xb00, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x3ba, 0x19}}}}, [@NL80211_ATTR_SCAN_FLAGS={0x8, 0x9e, 0x8}, @NL80211_ATTR_SCHED_SCAN_MULTI={0x4}, @NL80211_ATTR_SCAN_FLAGS={0x8, 0x9e, 0x128}, @NL80211_ATTR_TX_NO_CCK_RATE={0x4}, @NL80211_ATTR_BSSID={0xa, 0xf5, @from_mac}, @NL80211_ATTR_SCAN_SUPP_RATES={0x14c, 0x7d, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x2e, 0x3, "830deb2eced28fe1ec0e7f46d8d3d15b65ce2c7daf0c8d790efe8bb0b12a502bd6f6e89dfd0938647111"}, @NL80211_BAND_5GHZ={0xa9, 0x1, "2795ae8ced1236f8d1a718597fd90f9f5dc6aab8799c969b64af9427edab7a79a1105bfb60126fc48bc7aea5e656670e99c58df416e6c6013b9e1ad5d4539a11fce00fe5887e5cff4c4d06d6f112876cc0ff48c609822724bf7f32192fab458d17319b2b0e11d1809b65acce848559d657f7f77b8e1d7cd610506f95353f7d4eedc5fa641d33fd505a2b643e4735c75d21d99ea43bdfb613f7be5451c7ee41fea5c3a16ef6"}, @NL80211_BAND_60GHZ={0x61, 0x2, "7c525714fe84995add06e53f5847b2218e1b94596cae1ea978a307187e4e335b94d11253ee8d448f84c31418cbeefa00285ef9af7eb528befb7d9fc0a808e744be98c8ca8175374362b34d9ce90c94bad8e658af3c50e61d56845a8a7a"}, @NL80211_BAND_2GHZ={0x6, 0x0, "6ebb"}]}, @NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST={0x6, 0xf7, {0x9, 0x7}}]}, 0x1a0}, 0x1, 0x0, 0x0, 0x10}, 0x10)
flock(r4, 0x5)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000006c0f00000a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = open(&(0x7f0000000000)='./file1\x00', 0x109042, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r7, 0x0, 0xffffffffffffffff}, 0x18)
truncate(0x0, 0x7fffffff)
r8 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r8}, &(0x7f0000bbdffc))
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
r10 = dup(r9)
mount$9p_fd(0x0, &(0x7f0000000140)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r10, @ANYBLOB=',wfdno=', @ANYRESDEC=r9])
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r11 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
flock(r11, 0x2)

724.26571ms ago: executing program 6 (id=1474):
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETOBJ(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x24040800)

712.20854ms ago: executing program 6 (id=1475):
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000013c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000f40), 0x48a41, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f0000000440)={@val, @void, @eth={@broadcast, @remote, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x3, 0x0, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x0, 0x6558, 0x18, 0x0, @wg=@data={0x4, 0x0, 0xffffdd86}}}}}}}, 0x3e)

643.700201ms ago: executing program 0 (id=1476):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000280)='kfree\x00', r1}, 0x18)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010007000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000048000000090a010400000000000000000100000008000a40000000000900020073797a32250000000900010073797a3000000000080005400000001f"], 0xec}, 0x1, 0x0, 0x0, 0x20048811}, 0x0)

609.510902ms ago: executing program 0 (id=1477):
r0 = socket$netlink(0x10, 0x3, 0x10)
setsockopt$sock_int(r0, 0x1, 0x8, 0x0, 0x0)
r1 = getpid()
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), r0)
sendmsg$DEVLINK_CMD_RELOAD(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x3c, r2, 0x1, 0x70bd26, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r1}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$sock_int(r5, 0x1, 0x1, 0x0, 0x0)

591.899392ms ago: executing program 6 (id=1478):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
sendmmsg$inet(r0, &(0x7f0000000d00)=[{{0x0, 0x1e, &(0x7f0000002c00)=[{&(0x7f0000001500)="b25b365cfe54a7c6fc7ea6155a71b613b02d1645aab67271075189c3540c4dd19ebfb3c4acf87f2eeb258e62cc6ae96db360d874500cb86b4185ee533bf708", 0x3f}, {&(0x7f0000002800)="cf", 0xfffe}, {&(0x7f0000000380)="08e0ac8fb1d99df61d7b518d0a62071e7ec69f658d5a52d7eb7ea31db43f8cf570f335a80860ac4cc240dc149d8468493db8aad089f590d62e0bcb9d1dcee636ee311ee51839b7201745baef82209b2ab741dc5ea481ae9dcebe39b1101a42a8c82de46107541c240ad0d9ee4a9340cffd72aaea692a60993637c81d23a0d0ebbae66f1eb2771df2482c043d8715ae788b56cc91eaa4d6bbdec82d8f91eb822d0b5f3ebd86", 0x1}, {&(0x7f0000000180)="8a", 0x1}, {&(0x7f0000002b40)='-', 0x1}], 0x5}}, {{0x0, 0x0, &(0x7f0000002f00)=[{&(0x7f0000001580)="ce90bfdbcfb8a86a74f6799f98c36e23e210f053830ac8e978a0785884001a7099c4b9016f1a65a57390caf78c272cbf9711f94505dd525af1ff7d013438df5b844226f41b81e58eb73366", 0x4b}, {&(0x7f0000000540)="f2e659a0b00d26c2ee15", 0xa}, {&(0x7f0000002e40)="d4", 0x1}], 0x3}}, {{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000003000)="e1", 0x1}, {&(0x7f00000010c0)="fa", 0x1}, {&(0x7f0000001680)="d8", 0x1}, {&(0x7f0000001600)="f2964dd16e01d56b414499264923beda58d7da0313c1ccafe53965750f25bdaa6b56a87307ec23d48b6f35ce49a813a2bc3cb23fdf42826bdc16788ff466919594de5bf8a1fa5d825947271ade4a95efeb170c", 0xfffffd57}, {&(0x7f0000001340)="b8", 0x1}, {&(0x7f0000000500)="01", 0x1}, {&(0x7f0000000280)="87", 0x1}], 0x7}}, {{0x0, 0x0, &(0x7f0000001540)=[{&(0x7f0000000140), 0x1}, {&(0x7f0000000340)="e4", 0xfffffec2}], 0x2, 0x0, 0xffffff84}}], 0x5f, 0x4000000)
setsockopt$sock_int(r0, 0x1, 0x20, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
keyctl$link(0x8, 0x0, 0x0)

515.944813ms ago: executing program 5 (id=1479):
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xae, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
socket$netlink(0x10, 0x3, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
r0 = socket$tipc(0x1e, 0x5, 0x0)
r1 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r1, 0x0, 0x4)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000480)=ANY=[@ANYBLOB="0209000002"], 0x10}}, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000140)="2e00000010008188040f80ec59acbc0413a1f8480d0000005e140602000000000e000a00100000000280607ee622", 0x2e}], 0x1}, 0x24000044)
bpf$TOKEN_CREATE(0x24, &(0x7f00000000c0)={0x0, r3}, 0x8)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000080)=ANY=[@ANYRESDEC=r0, @ANYRES32=r0, @ANYRESOCT=r3, @ANYRES64=r5], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kmem_cache_free\x00', r6, 0x0, 0xffffffffffffffff}, 0x32)
r7 = socket(0x1e, 0x4, 0x0)
r8 = socket(0x1e, 0x2, 0x0)
setsockopt$packet_tx_ring(r7, 0x10f, 0x87, &(0x7f00000002c0)=@req3={0x8001, 0xfc, 0x1, 0x3, 0x6, 0xcb, 0x4}, 0x1c)
dup3(r8, r7, 0x0)

482.744663ms ago: executing program 4 (id=1481):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$EXT4_IOC_GETSTATE(r0, 0x40046629, &(0x7f0000000040))
sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0x800, 0x70bd29, 0x25dfdbfc, {0x60, 0x0, 0x0, 0x0, {0x4, 0xfff2}, {0x1}, {0x8, 0x8}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_MEMORY={0x8, 0xa, 0x80000000}, @TCA_CAKE_FWMARK={0x8, 0x12, 0x786}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x44045}, 0x10)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0), 0x1412c0, 0x0)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="b40800000000000073119e00000000008510000002000000b7000000000000009500c200000000009500001200000000"], &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4, 0x0, 0xfffffffff7ffffe9}, 0x18)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff})
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
symlink(0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, 0x0)
r6 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
r7 = fsmount(r6, 0x0, 0x0)
fchdir(r7)
open(&(0x7f0000000280)='.\x00', 0x0, 0x8)
close_range(r5, 0xffffffffffffffff, 0x0)
connect$pppl2tp(r2, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r3, {0x2, 0x0, @broadcast}, 0x2}}, 0x2e)
socket$kcm(0x29, 0x5, 0x0)
getpeername(r2, 0x0, &(0x7f0000000200))
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r1, 0xc0189378, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r0, {r2}}, './file0\x00'})
sendmsg$TIPC_NL_MON_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x4800)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e"], 0x50}}, 0x4000000)

396.607915ms ago: executing program 5 (id=1482):
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x106, 0x40001, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x2, @perf_config_ext={0x0, 0x10000}, 0x1320, 0xfffffffd, 0x3, 0x7, 0x4, 0x1088f105, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002380)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000000012000000000000"], &(0x7f00000001c0)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000c40)={{0x14}, [@NFT_MSG_NEWRULE={0x268, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x23c, 0x4, 0x0, 0x1, [{0x238, 0x1, 0x0, 0x1, @match={{0xa}, @val={0x228, 0x2, 0x0, 0x1, [@NFTA_MATCH_REV={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_MATCH_INFO={0x214, 0x3, "d67a8527f76ec1d39e537c4c3060c6a405106c72848aa8bcb429b3a20d532452032d5f166334739d1719a5778bd4f724ee4ca57f2527aeeb0c75755d68fc6fa55f4825682ee95e581039823e5963beedcf65b8b005623d90772b8b6ebd2498b0aff725a3eabb6c99cb2edfe10b9c33be8a971e08401bc0807e75a2ff376b7934473bc1f02bb512b77414daf260c9c7d4e1f0758b56ec5823892af310e6252fcfb1d9dbaddefdaa26f43f12f831fd221926d6536eeff641db46920ae0e48f3ff5de599714ba6510ce479d4116a519792281736f39c9fc0e10ef557392c43389271cebcf36543fcf6f83bf74b93ee4eb5e8c82e35bb4784cc1ed0ad291b16e8368487589f7590bf5896f340a36555a1cf69736da230a809176dbdfba3d47efb9a6932e5503d277532b7d4e6f7c7373a298e5843a9f74d5fd07fbc6ad22bc644ba9b3c94ec3c8f0b9321b16e5826b1f058f781760a5d4b6a8880202b41689139c37cd51f65a92d883f8901add03b650c9ec182fb565a4d657ebba9d6a5eb426b22d5933b72362e6ec327fb679aa8034b8b3b6680ad138be47652a3e77981187d2921cebfc1639aa280e3d38dba9b1af49ceded79c78a2d656b3a3e946e17e6257def6679f70f11aa01a2d906aecf4dbc7d1a332a8932ed719ce7eecb5450f494f944b3f6b637502ddba609c6e45dcfad1db7c7dda3e2c755ddcf27132985442e9b8df16f96c82e72e3e2491856d07756b9f"}, @NFTA_MATCH_NAME={0x8, 0x1, 'bpf\x00'}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x290}}, 0x4048010)

347.983686ms ago: executing program 4 (id=1483):
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000001080)={0x200000, 0x200000})
r0 = getpid()
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000200000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
unshare(0x22020600)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_pidfd_open(r0, 0x0)
setns(r2, 0x24020000)

346.912715ms ago: executing program 4 (id=1484):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000202300800000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x7, 0x0, 0x0, 0x40f00, 0x49, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000300)=@generic={0x0, r1}, 0x18)
r2 = accept4$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @initdev}, &(0x7f00000000c0)=0x1c, 0x800)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x18)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000340)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$tipc(r5, &(0x7f0000001540)={0x0, 0x0, &(0x7f00000014c0)=[{&(0x7f0000000040)="9c", 0x1}], 0x1, 0x0, 0x0, 0x20000000}, 0x884)
recvmsg(r4, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000600)=""/203, 0xcb}], 0x1}, 0x0)
r6 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCETHTOOL(r6, 0x89f0, &(0x7f0000000080)={'bridge0\x00', &(0x7f00000000c0)=@ethtool_regs={0x4, 0x0, 0xd, "f42a97706b23b6a31f9f75fdcb"}})
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000540)=@filter={'filter\x00', 0xe, 0x4, 0xd80, 0xffffffff, 0x3d8, 0x0, 0x208, 0xffffffff, 0xffffffff, 0xcb0, 0xcb0, 0xcb0, 0xffffffff, 0x4, &(0x7f0000000100), {[{{@uncond, 0x0, 0x1e0, 0x208, 0x0, {}, [@common=@rt={{0x138}, {0x1, [0x340000, 0x101], 0x8, 0x20, 0x2, [@empty, @dev={0xfe, 0x80, '\x00', 0x2d}, @loopback, @private2, @private2={0xfc, 0x2, '\x00', 0x1}, @remote, @mcast1, @mcast1, @rand_addr=' \x01\x00', @local, @private2={0xfc, 0x2, '\x00', 0x1}, @mcast1, @dev={0xfe, 0x80, '\x00', 0x34}, @private2, @local, @loopback], 0x3}}]}, @common=@inet=@SYNPROXY={0x28, 'SYNPROXY\x00', 0x0, {0x0, 0x0, 0x8001}}}, {{@ipv6={@loopback, @dev={0xfe, 0x80, '\x00', 0x2d}, [0xff000000, 0xff, 0xffffff00, 0xffffffff], [0xffffff00, 0xff, 0xffffffff, 0xffffff00], 'dummy0\x00', 'wg1\x00', {}, {}, 0x0, 0x7, 0x6, 0x10}, 0x0, 0xa8, 0x1d0}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x1, 0x7, 'system_u:object_r:netlabel_mgmt_exec_t:s0\x00'}}}, {{@ipv6={@private2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', [0x0, 0xffffffff, 0x7562978dd54a43db], [0xffffff00, 0xffffff00, 0xff, 0xff], 'rose0\x00', 'team0\x00', {0xff}, {}, 0x2c, 0x6, 0x4, 0x20}, 0x0, 0x8b0, 0x8d8, 0x0, {}, [@common=@unspec=@u32={{0x7e0}, {[{[{0x9, 0x2}, {0x9}, {0x5, 0x3}, {0x8, 0x1}, {0xb6, 0x3}, {0x8f8b}, {0x4, 0x3}, {0xfffffffe, 0x2}, {0x3f920fa6, 0x2}, {0xd, 0x2}, {0x9, 0x2}], [{0x5, 0x8}, {0xb759}, {0x1, 0x4}, {0x4, 0x20a}, {0x8, 0x3ff}, {0x5, 0x1}, {0x45d5, 0x4}, {0xc, 0x3ff}, {0x10001}, {0x8, 0x6}, {0x7, 0x4}], 0x4, 0x5}, {[{0xa2d, 0x1}, {0xd730, 0x2}, {0x3, 0x3}, {0x5}, {0x6, 0x1}, {0x1, 0x1}, {0x8001, 0x2}, {0x5, 0x2}, {0x8, 0x3}, {0x9, 0x2}, {0x5, 0x2}], [{0x9, 0x8}, {0xfffffeff, 0x400}, {0x5, 0xd}, {0x400, 0x3974}, {0x100, 0x8}, {0x9, 0x4}, {0x5, 0x29b}, {0xb49, 0xfffffffd}, {0x501445a4, 0x6}, {0x6, 0x1}, {0x8, 0x2}], 0x7, 0x8}, {[{0x6, 0x1}, {0x3ff, 0x1}, {0xfffffff2, 0x3}, {0x5, 0x1}, {0x7f, 0x1}, {0x460e, 0x2}, {0x1000, 0x3}, {0x1cd, 0x3}, {0x5}, {0x5c7e}, {0x6, 0x3}], [{0x1, 0x7}, {0x0, 0xc000}, {0x2, 0xf95}, {0x3592, 0x7}, {0x4, 0x1}, {0xcb02, 0xd}, {0xffffffff, 0x7}, {0x2, 0x24f}, {0x1ff, 0xe}, {0x200, 0x800}, {0x51f, 0x8}], 0x8, 0x1}, {[{0x7, 0x2}, {0x4}, {0x7, 0x2}, {0x80, 0x1}, {0x2, 0x2}, {0x3, 0x2}, {0x5a, 0x2}, {0x6, 0x2}, {0x7, 0x2}, {0x8}, {0x80, 0x1}], [{0x0, 0x8}, {0x7f, 0x3}, {0x4, 0x2}, {0x7, 0x2}, {0x446, 0x2}, {0x1839, 0x9fe5}, {0x7, 0x7}, {0xfffffeff, 0x401}, {0x7f2b, 0xb}, {0x2, 0x1}, {0x8, 0x8}], 0x1, 0x4}, {[{0x5, 0x1}, {0x2}, {0xb0, 0x2}, {0x8, 0x1}, {0x5, 0x2}, {0xc, 0x2}, {0x8}, {0xfff, 0x1}, {0x0, 0x1}, {0x10001}, {0x3, 0x3}], [{0x400, 0x400}, {0x2, 0x6}, {0x3, 0x6}, {0x584e, 0x800}, {0x0, 0x26}, {0xd3, 0xffffffff}, {0x4, 0x20cc}, {0x50, 0x4}, {0x9, 0xff}, {0x7, 0x4}, {0x80000000, 0x7}], 0x0, 0x6}, {[{0x6, 0x2}, {0x3, 0x2}, {0x3ff, 0x1}, {0x5, 0x1}, {0x8, 0x2}, {0x100, 0x1}, {0x9}, {0xcad}, {0x5, 0x1}, {0x1}, {0xff, 0x2}], [{0x3100000, 0x2}, {0x6, 0x100}, {0x401, 0xffff0001}, {0x7f, 0x6}, {0x10001, 0x100}, {0xf0d}, {0x4, 0x6}, {0x5, 0x4}, {0x3, 0x9}, {0x0, 0x4}, {0x73e, 0x7fffffff}], 0x4, 0xb}, {[{0x40, 0x2}, {0x5}, {0x11a6, 0x2}, {0x9, 0x3}, {0x4, 0x3}, {0xe90d}, {0x7}, {0x80000001, 0x1}, {0xc, 0x2}, {0x2, 0x3}, {0xed, 0x1}], [{0x7fffffff, 0x3ff}, {0xd8e, 0x5}, {0x6, 0x2}, {0x2, 0x5a}, {0x8, 0x5}, {0x2, 0xffff}, {0x8, 0x7000000}, {0x8, 0x5}, {0xe}, {0x6, 0x9}, {0x1, 0xe}], 0x9, 0x3}, {[{0x4}, {0x7, 0x1}, {0x7fffffff, 0x1}, {0x6, 0x2}, {0x3, 0x1}, {0x5, 0x1}, {0x4, 0x3}, {0x3, 0x2}, {0x80000000, 0x2}, {0x4, 0x3}, {0x7, 0x1}], [{0x4, 0x8}, {0x5, 0x6}, {0x800, 0x101}, {0x40, 0x2}, {0x1, 0x1}, {0x7b61, 0x8}, {0x7fffffff, 0x2}, {0x9, 0x9}, {0x0, 0x6}, {0x5, 0x1}, {0x8, 0x1}], 0x8, 0x5}, {[{0x1}, {0x8000, 0x1}, {0x45c8, 0x3}, {0xfffffffa, 0x2}, {0x9}, {0x1ff, 0x2}, {0x4, 0x2}, {0x7, 0x3}, {0x1, 0x3}, {0xf, 0x2}, {0x3ff}], [{0x6, 0xfffffff1}, {0xfffffffe, 0x26a}, {0x7ca, 0x50}, {0xb}, {0x81, 0x8}, {0x1, 0xfffffffa}, {0xffffffff, 0x5}, {0x1, 0x2}, {0x1, 0x7}, {0x80, 0x3}, {0x9, 0x1}], 0x8, 0x7}, {[{0x7, 0x1}, {0x3, 0x2}, {0x8000, 0x2}, {0x400, 0x2}, {0x4a, 0x2}, {0x4d, 0x1}, {0x800, 0x2}, {0x8, 0x3}, {0xf, 0x3}, {0xc882, 0x1}, {0x5, 0x2}], [{0x4, 0x2}, {0x80000001, 0x7}, {0x10000, 0x10001}, {0xff, 0x80}, {0xfffffffc, 0x4}, {0x4a6, 0x8ec4}, {0x8001, 0x81}, {0xf, 0x7}, {0x7f, 0x4}, {0x6, 0xfff}, {0x80000000, 0x101}], 0x5, 0xa}, {[{}, {0x0, 0x2}, {0xffffff81}, {0x40, 0x3}, {0x7fff}, {0xf66}, {0x1, 0x2}, {0x81, 0x2}, {0x2, 0x3}, {0x8000}, {0xaf}], [{0x4, 0x1}, {0x4}, {0xd9, 0x6}, {0x212b, 0x2}, {0x8, 0x1}, {0x25a, 0x81}, {0x3ff, 0x7fffffff}, {0x1000, 0x1ff}, {0xb, 0x200}, {0x1, 0xd73}, {0xff3, 0x9}], 0x1, 0x4}], 0x9}}, @common=@icmp6={{0x28}, {0x10, '(R'}}]}, @common=@inet=@SYNPROXY={0x28, 'SYNPROXY\x00', 0x0, {0x1c, 0x6, 0xfeff}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0xde0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8)

320.812895ms ago: executing program 5 (id=1485):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000001e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x10)
rmdir(0x0)

244.131667ms ago: executing program 5 (id=1486):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000001e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x10)
r2 = epoll_create1(0x80000)
r3 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f00000001c0)={0x60000015})
epoll_wait(r2, &(0x7f0000000000)=[{}], 0x1, 0x502)

221.340867ms ago: executing program 4 (id=1487):
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
syz_io_uring_setup(0x12da, &(0x7f0000000040)={0x0, 0x7226, 0x1000, 0x2, 0x356, 0x0, r1}, &(0x7f00000000c0), &(0x7f0000000100))
r2 = getpgid(0xffffffffffffffff)
tgkill(r2, 0x0, 0x1d)
accept4$x25(r1, &(0x7f0000000140), &(0x7f0000000180)=0x12, 0x800)
syz_genetlink_get_family_id$mptcp(&(0x7f00000001c0), r0)
accept4$llc(r1, &(0x7f0000000200)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, &(0x7f0000000240)=0x10, 0x800)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f00000002c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000280), 0x111, 0x5}}, 0x20)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
lchown(&(0x7f0000000300)='./file0\x00', 0xee00, 0xee01)
getsockopt$inet6_mreq(r0, 0x29, 0x1c, &(0x7f0000000500)={@initdev, <r4=>0x0}, &(0x7f0000000540)=0x14)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000600)={0x4dbe, <r5=>0x0}, 0x8)
r6 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000640)={0x3, 0x4, 0x4, 0xa, 0x0, r0, 0x3, '\x00', 0x0, r0, 0x2, 0x0, 0x5, 0x0, @void, @value, @void, @value}, 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x14, 0x9, &(0x7f0000000340)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @call={0x85, 0x0, 0x0, 0xa1}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x7a45f7dd}, @tail_call={{0x18, 0x2, 0x1, 0x0, r0}}, @ldst={0x1, 0x2, 0x1, 0x6, 0x3, 0x8}], &(0x7f00000003c0)='syzkaller\x00', 0x7, 0xe1, &(0x7f0000000400)=""/225, 0x40f00, 0x0, '\x00', r4, @fallback=0xa, r0, 0x8, &(0x7f0000000580)={0x1, 0x3}, 0x8, 0x10, &(0x7f00000005c0)={0x3, 0xc, 0xff, 0x8}, 0x10, r5, r0, 0x1, &(0x7f00000006c0)=[r0, r6], &(0x7f0000000700)=[{0x2, 0x2, 0x9, 0x4}], 0x10, 0x6, @void, @value}, 0x94)
sendmmsg$unix(r0, &(0x7f0000000800), 0x0, 0x4000)
r8 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000880)=@generic={&(0x7f0000000840)='./file0\x00'}, 0x18)
fcntl$setflags(r8, 0x2, 0x0)
r9 = socket$caif_stream(0x25, 0x1, 0x3)
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r0, 0xd000943e, &(0x7f00000008c0)={0x0, <r10=>0x0, "991530dd4045cc50611b080c4fa39d168aa6d80561201a0524005ee7065845a27149cf1e4a3254d255bb400842aa90845e279169304e9fc8a79d6d2bebbf86e466530effec4064c2046a21b00adf1d5410ce4c73257cce5c435ad0958d4d72fc1a2f613f19f3a96328c640f39c72e6016921538de68a1bb53394453f5a5d5f4d8d74185daf3de9c37db893682487817ddc01b833dde494e0ee767fc9c3d4048d5ddb5bca6a9698ec75da57f256430866a8c9c2518f69e3dfc6218847a2fcd0a7e1a84f10f14349956a99dd861049e2f5297038ee2c88d091845e7ed96172f38fe22eabd1a5a7be42e44185b7d11400ca7198c246a4ac551e314c30230a54dd2b", "21a6216e2554868a5beb771ccd91ab7c48cb0de980777437e35b4d332f498458d43683d877761d380835155a285b1f545d739cb9030849e4a35d6528a2c20c2a3746162ac1d461d77dbaa52cb89fcdca4bb742ed516d069fb04a0d1063fb90ad370b697be0165448be7ae6589c75e27b1bc1262f3efe29cf33eb2500e6719ac1a3d0d19c967f283a311647a4618458bedc44b7155d53e1edfecdc20a2ca26e4f4b58ab6e986a1a3d4d5e2d78db0bde60de36594a32db11dfcec146dafd52de56b2e1d8d3ec4d113852b8531c7695336de5b8b66e32264fea1469b52f3feb177b12ccf5e180b6dc41bf92896c13884e5379e56dc2d04dd2ae030e60a858c4661a9073548576abbcb2fcfef6a7fc81304b77a2ecaee5ef0de0fd5c1d64b5e5b3f3b07c212c2c03391c11f05a8f893648e0947e8dfbe700d74437783c4c0df84dc7e4ae6d5bbe99f76e08c95bd529fee453f3b1e667fa3ac8bf92c27ef5c6cecfaa0b9183934f6c7612ee53e8249a0ad3960e57256f9fe0753b4e16c089c9e64501c64d15f984f93e3212dd7baa5e0e0203f2f16f994333ed5326f09d2b0bb59357ab1ca9791ac87592f7ddea161bfbefe175c72707b1f33bb0ca9bd029920a6d1d79d2e0bd73f81c047b40a848441ea66c3d3cfd8d0781925192b017a0aaeaad901c23a179ebebbab80e9cea320c41a44a58f760d5d0f736a505949617caeee319be107e5937aba5c5054617c6512186b7a9f957334b98340354f9cf9e88a5d0413cbbeb82197fcd93f0473f128e251ea11f384cb2b18a81137d84e3e971b7e119863b3ccfe028868e164c7906bda6bb936b91048b8c0ac91b795ca786245bff06fa14200bbc81c424aa09df4c87714a1776187a040bc4a45a6e3c87186d1f63a8cc92309de5bc197d716471e8e5e83aa27462071901cedee28f78061e6d6b383a4a081c316ea40b6a0ecb1d55cad880df0fee0afae7206725dd05ed4e11aca826ecde43071e053bfa2ab1f36d9e758688dfa0011ebb9dc84ff0a1408fb9dfe0493c0ed8940d2fbcc367d955792502a989d5d438ffcdcdd9b985d1a616d47a90efa30365f940ea348304320c7123a84fc250185bb034498a73864b2115192f77399982cd44805cd086bba8164533bb13b6f9f3291ea96969e2fca6777ffea5a0316e141acd688dcc40a507f1f772c00b5bfff3fe0d1db2d7899d77f5d1cb23c04b06c0167b3648bcc61a6f04a30854a776a8e6c306fbc961c280c86e95313b64fb939744a70745e0b64ac8cb104eb5fff827598d179ebc0150f6aeb07ee032b01f51e1bec5b3f93de6abea4d2f1c52be2bec3070176b37649d2d8cc1e32399838b71928159665e335679c5298859e542b77e124de2e893408a11eb3bbc54e3774cd6f5998618facfda2c6b4b9f9dbce2d33baca81cc7fa83e2b40404602eb85a55a67e4e52c74360d09670e7c211c35c05b7ca0a17ed7c9bff1ed45b9f7c90c5c99431d5cea8504e05b32f946634bf9cb5769710d4c512ae6337d349c030e14c2fd99b6d14096321787ee7d883c0a2f0f828cfeaebc59e33d1d43c1ebbe656daca6b7d4c36b8c277dcd0b53d46f252db6a455ef362136b4c11c0e90e8c49d996e3319468dc85c85d5109bfdafdbb4fdc8334e049f53189585e3b2eb23dc82fcf853464296d40244b189c6fb46e249bc51cb0556d4bcf7d15b6435371728b1c58b8400c3b2c98305b0ea70dd949546eb0f9a3eb968d1d0bb8a19301dd96a7bc8d0e49aeaf339f0110b2ee82d320a58f86ebafde0e9a54f7dc5e523289b90ad6f72cdb57de17c0d36591aed15acf39ae976943b07935732f693dd684bff86ebaea48e3fad2281c2876c6b01142f9150219a4699650916c709f3ea7f4be4d451509d9c34f2b1d0481d6163c8c4d6fc3da6b2204129a3be2e21da74925feadfe509193fb8ec82bd6fa223703e1ae416435182ae2c72d817f4335fe27f2ca5776698b75ec12a274bee3f108bad62f42485c8f8fd75ab31146efab5af7803ed8a35b804b984eaeb183fecafe662c2524fdd48bcf783271462017ade98f91408091e5e7ccdcc7d0a4948c432f2648f779c73293019f041337f6f9f2dcd616a20a84b9694490e8939ed2fec1036a5f112b4ca7b4b568d7c64ef0a05107609e01b35255aed7cd6da3c29392de8849a062a60bc902e45c4b6e494f2470931e70b47e68bd3a09fcc50ae094a685e303ff0c18deb071685b31dcbabb5db388b1ecce96dd8c4ff099021c688b3c4bccaaf3935c0a28e844866c6bf31887648a1b41ed7b271e2f11a05265617f42b3b31731e710705a55485e06a5b5a771f9410c5e802ad229fead5cb896d6d1ce49e92ebc59ff16121f020cfde768876d4629dc04975f23958c682a456fbc7567682941d004fe7b9354a91a82397350b6cf9e3a84e80b7bd79ef74cc568290898f47e9ecdd832d26d4f2c2ad029e30fe09e031834d540535d16c49607e19900534afc9cb1135e5a613c9e25d9dec4272b5cfc311c9cd95b1c2ce819924507723bb8ee76150c264f18725f2c3ab8733fa94822dcbb12eec3648142f098780779ab3318a0f7b909ed19b6ddf5935228eb4c4818e4e096b3d46cbfba170b657cbccc0fa10a840c73256377fecea89c7160689b9eff34ac9e320254c49c64842cc67d18125b7510272abf8873c21988d890e87f8938d62a55ca5ba23942312fc1de1e37aa534e58952decce6743ac490247710df0dded099e1420ebe351371aebe95d8383b529735a398eb7907bc580519f920eb24e407d024f0c265038e3ad0f6e72edd380e8c64c41930280be7a46e86c3e971c7069244e9c5ee23c3fcc45e8c701e959da48771d9ce2edee1f49192789abad427dda8ab6badbacd4ecd48b61c3f129c32956419aade6eba51b8ad8651f20254880b7959e0b37e44e26fdde4d0083d86f6ad335d9215665204704d06f006c870a2e43023ec2575e46c688312526ad4fb277f60ce35a89212892de59551c0dd36f400c385fc9d43a456b716b30033ff1e43e61dbb76734e6b1100badd3513710368310f479e464c88438ccfa1c7f16cc828944ef08063bc4fe6b1febea1f91a6e89621e535227cdc686a6015d43e923eb7e3714914c6fc64714fbd2a32724ee89ec5a3a49b7969a057e3e027ff93534626e43550ee5ca5558557de98558167b3fa32011399763f415e38555018b6b627c5d8c9683b60bb60ee392634cc550e2ac55d71a79ab2284b18338f068f8ef1d5ef1281d9054a0e85c7572648db17929064471262bc714cdd386b83b4e1fe139ec31558ea680c5b630f1f4fe1ee2e9e86f1a43f148837381bfc28289dd0c24b6823bb41a15da0fff58320a44d585083aa81cf14d068ff87723abad7e5cb91d5fc4a844d3288783b34678024e5aad94c61cd9f50509e1be877d74a8812267e844fb12d3d1ae2929b42bd188bf4e569c72fb0631ff7c475c5f6db09d09ba8b72e33b16da3950a999a7baa1107d1753dd9303dec8f0f7c161bc001d6d3e9f0b08b614414d6cbcf5a01dc62716bb8b8e813dd7efd0e8b1a49ffde98b686a07773b81107488a97418544a7840b8157978ac3a604b2e2687c5b4c9eb22654111e2ad892e0eed0cce1296ab9c6ddb3e0a5229da4242f90842812705fbdaa0436b64e0566104c0e5ea35074cc9cb2b16b211f952f0f2d3aa786c6ef98a3db6438a9ef17f861391b5db16a24263a45424f267c708de6fe45f85b384cd3e258ab0510497a46d3d711ae7e4eeb2d8dc5933d05ecb61e7c0119ec3dbf5c895a645f71e52db2bbcca1d42a71f48109bfdb1af71293068e7df4307bdd39f1e1084549b11b92b87aa7a67002524d96ee88b96226b8b58a9d73bda5025edfd3dfe71c7c38d5b42ebe6e9fc74776b0fcccd10c83a73a27c1c1e455084faf332386152e6b8837ceb49666c3ec1791560dfd4ab8a270bf0819a1a8282dc0b9be62ad11e520569629c87b8976fcf62f79c0beee6f5087836c13765783936b464bc9c29ca604b374f868c3895a807ee0ce67f5b69c4359b71d02ff981260a8d4e392d305f102c922d7465b08d99575074227ddd1c910318db719dd55d2e1b610dab63c59ca4bd1de185160a068d74b426abe142b08a0871da3d9de8ee63acd20ca2c23981179743b188a7a33d5eb82f899236ba9aa464d9f84b4a3600cb55d61a90f7e32e778ebba5dfb2a4abf968d1bdc2e7402ac93a1019e3d3949bb76d802dac0d1a8609f2eb78eb1d521c0ef2d7a99133b5f0b0226112116fc5ebfef65635f28d416591eaa26bf7772ef216feae24a76e19fa12351f1fffd65fa86bab08c574de9061b534a28ed3bcb0e4bbd385a53390cbe19b69694705a06671985780d4a3ac194c25841370ece578a2e4e63c647282b33085fbc9b88d5e7c097e59bc8e0ad00ac3c3cbacd702f094823a9a12d198b16de87499a54e67d4b0dea4112d154e1d90426da2f5c654af9cc269fc3df7a937d1a0dabf1f37cbd769031ec005db3c97cbe2f3f56d62309ea2b9d44de1e9497c9d54a7d9b94d0489aa76e7c7248e731c6470de2ef3cb77c15dd7b6967c885cf4ac374379e672bebe1288fb8f2c568b011ccaeb2a3eb7ce510115a6af427ed074e963c9da41a6eac2ed63bad2decd7236ea0bf7de754c4dde29d33ea6059e469e7af3151303d2c4df466209d4d24d32c7e27e8523ee4aa79a40b6a880dfe2245d6a369410c00b28aaf89b34d1c172d3320293a518c4bc32fc9a62e60fc290a170bce186a9269f8d0b2ac937efe97eace3d5a9f90968b4f1f3caaadaf76f2d6ddf7b84eadfbc3e711d73276e4625f8fc69dfcffdee0c41c6107c109e0718b9213d04854ad5e9c6fdca27d6092e50ea93d30231ec01fea5c3f46d010afcdcfc5a980180189f674d823a1fc8b4519c1b0689cbad8139f72da2b50733de484b570c5038f583f70a75594d2e8bf327a417ec229140f4516b6b98b8c4a00dafa5c847ddb196d35d046c55a73f64c288abf5411a05f10b0d8bda5e9e003c2bda5c70f43cc19e60c1d6c08683dee53904b0a69639bcf271c0c8e395797b4fdadb92a53482e2bba8a54dd21e4c26082438be7bef4ee364298f99bb187ac7078e1c8b52b69932c2b6163ad61bf8d899594c35c52de2d65ecc29052e06bc0d41c7e61490dcb6ddf7ef1829588b419c2655d3bcd3fbfe4130c98d5e8ffb21f23f0ae3eb6999c85b6b39573501e23c8204782eebbc653a793a196e56d6ac667d0ccc3592d36d4703982db5ca8c04300ddb5ac78ad7cc555bc54bc5666a4e26cc5a52d72334cc7462404726785f026393ab54fb5d89749c9296a879bd6f14f61f9888211f5d5fbdc36bf013992732f1bbd360138ae26003b0b59c40bf44faf86103b2a471f561de7ea"})
ioctl$BTRFS_IOC_TREE_SEARCH_V2(r9, 0xc0709411, &(0x7f00000018c0)={{r10, 0x7, 0x3, 0xc792, 0x0, 0xfffffffffffffff6, 0x97, 0x81, 0x6, 0x5, 0x80000000, 0x2, 0x1a7b781b, 0x9, 0x9}, 0x18, [0x0, 0x0, 0x0]})
r11 = syz_open_dev$tty20(0xc, 0x4, 0x1)
perf_event_open(&(0x7f00000019c0)={0x4, 0x80, 0x6, 0x4, 0x9, 0x4, 0x0, 0x0, 0x210, 0x4, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x9d1a, 0x4, @perf_bp={&(0x7f0000001980), 0x6}, 0x8000, 0x7, 0x3ff, 0x1, 0x0, 0x8, 0xffff, 0x0, 0x5, 0x0, 0xffffffffffffffff}, r2, 0xc, r0, 0x8)
sendmsg$IPCTNL_MSG_CT_GET_UNCONFIRMED(r0, &(0x7f0000001b00)={&(0x7f0000001a40)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000001ac0)={&(0x7f0000001a80)={0x14, 0x7, 0x1, 0x201, 0x0, 0x0, {0x1, 0x0, 0xa}, ["", "", ""]}, 0x14}}, 0x8081)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001bc0)={{r6, <r12=>0xffffffffffffffff}, &(0x7f0000001b40), &(0x7f0000001b80)=r7}, 0x20)
r13 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001dc0)=@bpf_tracing={0x1a, 0xf, &(0x7f0000001c40)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x3e}, [@exit, @cb_func={0x18, 0x3, 0x4, 0x0, 0x3}, @cb_func={0x18, 0x9, 0x4, 0x0, 0xfffffffffffffff8}, @map_val={0x18, 0x8, 0x2, 0x0, r6, 0x0, 0x0, 0x0, 0x7f}, @map_idx_val={0x18, 0xb, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, @map_idx={0x18, 0xb, 0x5, 0x0, 0x3}, @generic={0x8, 0x3, 0x5, 0x6, 0x8}]}, &(0x7f0000001cc0)='GPL\x00', 0x8, 0x0, 0x0, 0x40f00, 0x1, '\x00', r4, 0x17, r3, 0x8, &(0x7f0000001d00)={0x1, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x1f241, r7, 0x2, &(0x7f0000001d40)=[r6, r1], &(0x7f0000001d80)=[{0x5, 0x2, 0xa, 0x8}, {0x0, 0x1, 0x8}], 0x10, 0xd, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001ec0)={{r12}, &(0x7f0000001c00), &(0x7f0000001e80)=r13}, 0x20)
ioctl$VT_RESIZEX(r11, 0x560a, &(0x7f0000001f00)={0x81, 0xf, 0xfff, 0x1, 0xfeff, 0x200})
syz_clone3(&(0x7f0000002140)={0x8000200, &(0x7f0000001f40), &(0x7f0000001f80), &(0x7f0000001fc0)=<r14=>0x0, {0x3e}, &(0x7f0000002000)=""/62, 0x3e, &(0x7f0000002040)=""/162, &(0x7f0000002100)=[r2, r2, r2, r2, r2], 0x5, {r1}}, 0x58)
sched_setscheduler(r14, 0x5, &(0x7f00000021c0)=0xf42)
bpf$PROG_LOAD(0x5, &(0x7f00000024c0)={0xe, 0x4, &(0x7f0000002200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x8}, [@generic={0x9, 0x3, 0xf, 0x6, 0x5}]}, &(0x7f0000002240)='GPL\x00', 0x4, 0x6c, &(0x7f0000002280)=""/108, 0x41100, 0xb, '\x00', r4, @fallback=0x15, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002300)={0x1, 0x4, 0xc, 0x296}, 0x10, r5, r1, 0xa, &(0x7f00000023c0)=[0xffffffffffffffff, r8], &(0x7f0000002400)=[{0x5, 0x5, 0x3, 0x9}, {0x2, 0x3, 0x10, 0x8}, {0x0, 0x1, 0x6, 0x7}, {0x4, 0x5, 0xf, 0x4}, {0x2, 0x1, 0x7, 0x6}, {0x4, 0x1, 0xc, 0xb}, {0x5, 0x4, 0x1, 0x6}, {0x0, 0x1, 0x4}, {0x0, 0x3, 0x10, 0x1}, {0x0, 0x5, 0xe, 0x7}], 0x10, 0x800, @void, @value}, 0x94)

178.410098ms ago: executing program 2 (id=1488):
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000013c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000f40), 0x48a41, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f0000000440)={@val, @void, @eth={@broadcast, @remote, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x3, 0x0, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x0, 0x6558, 0x18, 0x0, @wg=@data={0x4, 0x0, 0xffffdd86}}}}}}}, 0x3e)

131.482528ms ago: executing program 4 (id=1489):
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x12, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$kcm(0xa, 0x3, 0x3a)
sendmsg$kcm(r0, &(0x7f00000031c0)={&(0x7f00000006c0)=@l2tp6={0xa, 0x0, 0x0, @mcast1}, 0x80, &(0x7f0000000540)=[{&(0x7f0000000b40)="b5640aae1e407af01eecff9e22e152a958b96c15ffd051d17c6c712f21a8abb26b561e7af56b164829c35642692c102092e1f43782559cb76acaa20f83d5e807ad43b3e153ccdf10b894d755e849d01e91b7b49af88a501bc937c19203d32e33610f090c9d9e0d5972ac64142f8f4b71f27cc89c43c9bec897b53fee3e5f94497031ff2e460d2c011dfd60030db5a289bde09ac884de124e62b5b6921c326a85bc8791473d2828d1e28b5f20e286b061c4dadef878b72e6095841189db4da6e671677ca72a3c1b69c2ec25d3ce", 0xcd}, {&(0x7f0000000e00)}, {&(0x7f0000000480)="9eb8a2c0e241fb0402ac8d04ecbc724648d79b443d283855fdba1e1dc6283591a8a07eb1436788b6b641ed5ea90be62fc7499c9b017d2e73973395411b7efb244a226ba0ae7657c57101711c5aa138abd03dec1e0899824e678aced03a92fec128f69d27d84ee2ff2e4ad7a3db73f4f12d0728bada715bf5abce312346bb7d7345e8df1fc10fa733c98030cb193341700961aa2ccb9f0f029190a1d34386c73e7017cf0fe0275d2d6f9531b12f12e29b903f", 0xb2}, {&(0x7f0000000740)="4f0461e980a3df614c952ba937542c3956c268ef9da7fc364c6d5c543c3bd84159a349884fb4df8936363169ce8541c090bb5871df329e56747592fa4d29a09dcb4c416503ec1113680af76cba6417576ac2c0d3570f91a9c661f10e9bdab3c038f68844db4a19a8a613d78adb0405e27a1dea217288306169ac437c2401514510725ff144e75b83b8c67735520151c1018c3542bdfa2cae78aeb5d328f7d134706eb4d03bf4018be0f581f55e82cc1e851b8585d48a881144bfd5e96b52b62e62abe7ace71093fe8779d41feea0eb401dc005f2e3fe47320e7f945fb04e06c713f062ca47794f9c0b7fa88ccfacc4a51a4e816e0cb832c42d9f60561d5086ff512190d1129892fd541a0fbc9a41d70cd0d4501fed5545cd04b7800814bcbf492339bbfe784baba895beda447447a447e088a8d7cb795b3543a8cd8d8efb830dabc88b5b6466cd1d903833fca0e1049480810da129e746e2c9726a846ce85003a6bb9949e5dd140ab97a001c91323d5cb6648d4f61d40d4951ae36a1a404ba3452ae9a969c16a0918b4afe0b7b6afe4d59d8abfed8e7b38ce7c6c4daf306d0136c353c109f0a63c26df5f8866e763dc2fcd93b7c9b7143823cd8272533aa2eb47f873da2e1aeba66332990f5033c712108f71bc055f29317d8dd9b227b524d61381ed55fdb83ee0849699dae2e0bb675bf07392f4b0303f2498c892988420f1e144e73eb89146ccde129625478ae391d7ed1d6f5fc03c603c699250ff4801890eda63df41b0b9d619b2dad24798faf47863f79ee52ee40e8550c52c28a795377d934e9b3cb2f9f0ae973055288f5ebbb6a193e5cf89d3dfff60d4e545abda64b1c55d315931540117b96e72a5cea284c4a9d99d165d19e12176acd226a9ec38d6889c913b8c98b3a1666ec9b378655838df06b8318691cded6314ce3bcdd3d1ac172c3ecd2f82879771034f5f1ebb3d6ee5b10c77f269954680acc2495c586cf6bc33b2c8b374cf64275cfb06a0ef5485c269b152cbdd6c0489307000000c5a28372a45f3c79f3e45ce94ffb14bf3aa8e5f0e54d942e8440c94bf5d2f0eb05e32337b6ee0087f8047e2a820b1fe6c4db3d9969f9705d9ef5df25e8373de300f04ce07cbda2e41459024d13fa2ee32103d00b6642e6fe0ae493a9ad418329deb60f9930dc", 0x344}], 0x4, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000002900000004"], 0x18}, 0x8080)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000440)='mm_page_free\x00', r1, 0x0, 0x1000}, 0x18)
r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$SG_IO(r2, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0xff, 0x0, @buffer={0x2, 0x5c, &(0x7f0000000340)=""/92}, &(0x7f0000000f00)="259374c96e4bfa28ae8277b5f529b9ad2abf6ecb9746d1a1f3c22b170eda3c844a6041fc39483a1ab1f6d59fbdb5b98d6eb6dcaa1ab82987ea8fefe0bc388bae4affbe0243b767a1c53ff36cbdd453b043a3ab34d27c3b0464951094c33af1928c1ae7c4dbb241e2088020f3738dc6976e092541da647f08551cee920479da7b2380ab244f47f2579c263bae67d950e8bf5ece62a7c739f066e986a6422a4895cd15d807ebb9ad0448d8557bbfbb9e67a937fb7283a792bd657f6e247164d55a537ba6ff0e63f2730988ce967781d9094d4f1038419d4f0efef36fa64e04b88276aee67d633b5a979204e80829db1f2efbed84d264cc04cd2e64d28a38e2be", 0x0, 0x301, 0x0, 0x0, 0x0})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SCAN(r3, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x3, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f00000000c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES16=r4, @ANYRESOCT=r0], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
unshare(0x22020400)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r6, 0x89f1, &(0x7f0000000000)={'ip6gre0\x00', &(0x7f00000009c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x1, 0x0, 0x40, @loopback, @loopback, 0x10}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r6, 0x89f3, &(0x7f0000000440)={'syztnl1\x00', 0x0})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syslog(0x2, &(0x7f0000000640)=""/88, 0x58)
sendmsg$kcm(r0, &(0x7f0000000440)={&(0x7f0000000100)=@l2tp6={0xa, 0x0, 0x0, @remote}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000180)="5300138e06d44d863d4eedd1", 0xc}], 0x1, 0x0, 0x0, 0x900}, 0x0)

131.098658ms ago: executing program 5 (id=1490):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = dup(r2)
ioctl$PIO_UNIMAPCLR(r3, 0x4b68, &(0x7f00000003c0)={0x205, 0x6, 0x3})

128.616388ms ago: executing program 0 (id=1491):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x106, 0x40001, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x2, @perf_config_ext={0x0, 0x10000}, 0x1320, 0xfffffffd, 0x3, 0x7, 0x4, 0x1088f105, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000c40)={{0x14}, [@NFT_MSG_NEWRULE={0x268, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x23c, 0x4, 0x0, 0x1, [{0x238, 0x1, 0x0, 0x1, @match={{0xa}, @val={0x228, 0x2, 0x0, 0x1, [@NFTA_MATCH_REV={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_MATCH_INFO={0x214, 0x3, "d67a8527f76ec1d39e537c4c3060c6a405106c72848aa8bcb429b3a20d532452032d5f166334739d1719a5778bd4f724ee4ca57f2527aeeb0c75755d68fc6fa55f4825682ee95e581039823e5963beedcf65b8b005623d90772b8b6ebd2498b0aff725a3eabb6c99cb2edfe10b9c33be8a971e08401bc0807e75a2ff376b7934473bc1f02bb512b77414daf260c9c7d4e1f0758b56ec5823892af310e6252fcfb1d9dbaddefdaa26f43f12f831fd221926d6536eeff641db46920ae0e48f3ff5de599714ba6510ce479d4116a519792281736f39c9fc0e10ef557392c43389271cebcf36543fcf6f83bf74b93ee4eb5e8c82e35bb4784cc1ed0ad291b16e8368487589f7590bf5896f340a36555a1cf69736da230a809176dbdfba3d47efb9a6932e5503d277532b7d4e6f7c7373a298e5843a9f74d5fd07fbc6ad22bc644ba9b3c94ec3c8f0b9321b16e5826b1f058f781760a5d4b6a8880202b41689139c37cd51f65a92d883f8901add03b650c9ec182fb565a4d657ebba9d6a5eb426b22d5933b72362e6ec327fb679aa8034b8b3b6680ad138be47652a3e77981187d2921cebfc1639aa280e3d38dba9b1af49ceded79c78a2d656b3a3e946e17e6257def6679f70f11aa01a2d906aecf4dbc7d1a332a8932ed719ce7eecb5450f494f944b3f6b637502ddba609c6e45dcfad1db7c7dda3e2c755ddcf27132985442e9b8df16f96c82e72e3e2491856d07756b9f"}, @NFTA_MATCH_NAME={0x8, 0x1, 'bpf\x00'}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x290}}, 0x4048010)

120.756768ms ago: executing program 2 (id=1492):
r0 = creat(0x0, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000500)=@newsa={0x150, 0x10, 0x413, 0x70bd29, 0x0, {{@in6=@dev={0xfe, 0x80, '\x00', 0x2f}, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x4e20, 0x0, 0xa, 0x0, 0x20, 0x21}, {@in=@multicast2, 0x0, 0x32}, @in=@broadcast, {0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x8, 0x80000, 0x81}, {0x3, 0x5, 0x4, 0x4000006}, {0x0, 0xfffffff9, 0x80020}, 0x70bd2c, 0x0, 0x2, 0x4, 0x81, 0x68}, [@algo_aead={0x60, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0xa0, 0x40, "25cac5216d3c8af0aa763c9a18bf448c5d9f5459"}}]}, 0x150}, 0x1, 0x0, 0x0, 0x612fc0b6c779297b}, 0x0)
getrlimit(0xd, &(0x7f0000000040)) (async, rerun: 64)
r2 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f00000001c0), 0xffffffffffffffff)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f0000000200)=<r4=>0x0)
sendmsg$NFC_CMD_DISABLE_SE(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000180), 0xc, &(0x7f0000000300)={&(0x7f0000000240)={0x24, r3, 0x20, 0x70bd2b, 0x25dfdbfc, {}, [@NFC_ATTR_SE_INDEX={0x8, 0x15, 0xc0}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r4}]}, 0x24}}, 0x0)
r5 = socket$qrtr(0x2a, 0x2, 0x0) (async)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
alarm(0x5)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r7}, 0x18) (async)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r8}, 0x18) (async, rerun: 32)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000140)={0x28, 0x0, 0x0, @host}, 0x10) (async, rerun: 32)
sendto(r5, 0x0, 0x0, 0x0, &(0x7f0000000000)=@qipcrtr={0x2a, 0x1}, 0x80) (async)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, r9, 0xc4fc9e906872338b, 0x70bd29, 0x0, {{0x5}, {@val={0x8}, @void}}}, 0x1c}}, 0x0) (async)
socket$kcm(0x10, 0x2, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000380), 0xffffffffffffffff) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, &(0x7f0000000040)}) (async)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48) (async)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) (async)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r11}, 0x10) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)

90.163569ms ago: executing program 5 (id=1493):
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x0)
ioctl$sock_inet_udp_SIOCINQ(0xffffffffffffffff, 0x541b, 0x0)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000700)={<r0=>0x0, @in6={{0xa, 0x4e23, 0x100, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x5}}}, &(0x7f0000000140)=0x84)
setsockopt$inet_sctp_SCTP_AUTH_DEACTIVATE_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f0000000240)={r0, 0x2}, 0x8)
shutdown(0xffffffffffffffff, 0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1d, 0x0, 0x0, &(0x7f0000000b80)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, @lsm=0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'bridge0\x00', 0x1})
setsockopt$inet6_udp_encap(0xffffffffffffffff, 0x11, 0x64, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000040)={0x100000011, @multicast2, 0x0, 0x0, 'sed\x00', 0x2d, 0x40085, 0x13}, 0x2c)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioperm(0x0, 0xd, 0x4000000000000020)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="11000000040000000400000005"], 0x50)
r6 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$inet_mreqsrc(r6, 0x0, 0x53, &(0x7f0000000200)={@dev, @local, @broadcast}, &(0x7f0000000040)=0xc)

89.413389ms ago: executing program 4 (id=1494):
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x0)
ioctl$sock_inet_udp_SIOCINQ(0xffffffffffffffff, 0x541b, 0x0)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000700)={<r0=>0x0, @in6={{0xa, 0x4e23, 0x100, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x5}}}, &(0x7f0000000140)=0x84)
setsockopt$inet_sctp_SCTP_AUTH_DEACTIVATE_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f0000000240)={r0, 0x2}, 0x8)
shutdown(0xffffffffffffffff, 0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1d, 0x0, 0x0, &(0x7f0000000b80)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, @lsm=0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'bridge0\x00', 0x1})
setsockopt$inet6_udp_encap(0xffffffffffffffff, 0x11, 0x64, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000040)={0x100000011, @multicast2, 0x0, 0x0, 'sed\x00', 0x2d, 0x40085, 0x13}, 0x2c)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioperm(0x0, 0xd, 0x4000000000000020)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="11000000040000000400000005"], 0x50)
r6 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$inet_mreqsrc(r6, 0x0, 0x53, &(0x7f0000000200)={@dev, @local, @broadcast}, &(0x7f0000000040)=0xc)

65.76288ms ago: executing program 0 (id=1495):
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x106, 0x40001, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x2, @perf_config_ext={0x0, 0x10000}, 0x1320, 0xfffffffd, 0x3, 0x7, 0x4, 0x1088f105, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002380)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="180000000000120000000000000000"], &(0x7f00000001c0)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000c40)={{0x14}, [@NFT_MSG_NEWRULE={0x268, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x23c, 0x4, 0x0, 0x1, [{0x238, 0x1, 0x0, 0x1, @match={{0xa}, @val={0x228, 0x2, 0x0, 0x1, [@NFTA_MATCH_REV={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_MATCH_INFO={0x214, 0x3, "d67a8527f76ec1d39e537c4c3060c6a405106c72848aa8bcb429b3a20d532452032d5f166334739d1719a5778bd4f724ee4ca57f2527aeeb0c75755d68fc6fa55f4825682ee95e581039823e5963beedcf65b8b005623d90772b8b6ebd2498b0aff725a3eabb6c99cb2edfe10b9c33be8a971e08401bc0807e75a2ff376b7934473bc1f02bb512b77414daf260c9c7d4e1f0758b56ec5823892af310e6252fcfb1d9dbaddefdaa26f43f12f831fd221926d6536eeff641db46920ae0e48f3ff5de599714ba6510ce479d4116a519792281736f39c9fc0e10ef557392c43389271cebcf36543fcf6f83bf74b93ee4eb5e8c82e35bb4784cc1ed0ad291b16e8368487589f7590bf5896f340a36555a1cf69736da230a809176dbdfba3d47efb9a6932e5503d277532b7d4e6f7c7373a298e5843a9f74d5fd07fbc6ad22bc644ba9b3c94ec3c8f0b9321b16e5826b1f058f781760a5d4b6a8880202b41689139c37cd51f65a92d883f8901add03b650c9ec182fb565a4d657ebba9d6a5eb426b22d5933b72362e6ec327fb679aa8034b8b3b6680ad138be47652a3e77981187d2921cebfc1639aa280e3d38dba9b1af49ceded79c78a2d656b3a3e946e17e6257def6679f70f11aa01a2d906aecf4dbc7d1a332a8932ed719ce7eecb5450f494f944b3f6b637502ddba609c6e45dcfad1db7c7dda3e2c755ddcf27132985442e9b8df16f96c82e72e3e2491856d07756b9f"}, @NFTA_MATCH_NAME={0x8, 0x1, 'bpf\x00'}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x290}}, 0x4048010)

0s ago: executing program 2 (id=1496):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000840)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fcae68da850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)
syz_emit_ethernet(0x7e, &(0x7f0000000300)={@random="bf1037eb4bd0", @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3d}, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "061000", 0x48, 0x11, 0x0, @remote, @local, {[], {0x4e20, 0xe22, 0x48, 0x0, @wg=@cookie={0x3, 0x2, "23926e0bf267636d01dbe5712c1c941e1cdafbbb43f09c70", "e13808ca72380641e5fff9620995b6f78670dfaf9a2038083179cf6b7931c9b4"}}}}}}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000380)='mm_page_alloc\x00', r5}, 0x10)
r6 = perf_event_open(&(0x7f0000000380)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x8)
mmap$perf(&(0x7f0000ffd000/0x1000)=nil, 0x10fd, 0x1000009, 0x11, r6, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
sendmsg$nl_route_sched(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffff}, {0xf}, {0xe, 0xd}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0x9}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0x0, 0x1, 0x0, 0x3, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$USBDEVFS_CLEAR_HALT(0xffffffffffffffff, 0x80045515, &(0x7f0000000080)={0xd, 0x1})
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d0000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='tlb_flush\x00', r7}, 0x18)
mremap(&(0x7f0000000000/0x9000)=nil, 0x200003, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil)

kernel console output (not intermixed with test programs):

0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   92.049834][ T6193] R13: 0000000000000000 R14: 00007f2dc6ee5fa0 R15: 00007ffcea4ba2a8
[   92.049854][ T6193]  </TASK>
[   92.262943][ T6196] tipc: Node identity 4, cluster identity 4711
[   92.269184][ T6196] tipc: Node number set to 4
[   92.271142][ T6204] loop4: detected capacity change from 0 to 256
[   92.290595][ T6202] netlink: 64535 bytes leftover after parsing attributes in process `syz.0.875'.
[   92.313217][ T6202] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.875'.
[   92.328223][ T6202] ieee802154 phy0 wpan0: encryption failed: -22
[   92.462607][ T6214] FAULT_INJECTION: forcing a failure.
[   92.462607][ T6214] name failslab, interval 1, probability 0, space 0, times 0
[   92.475366][ T6214] CPU: 1 UID: 0 PID: 6214 Comm: syz.0.882 Not tainted 6.15.0-syzkaller-11121-gfe4281644c62 #0 PREEMPT(voluntary) 
[   92.475399][ T6214] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   92.475414][ T6214] Call Trace:
[   92.475419][ T6214]  <TASK>
[   92.475426][ T6214]  __dump_stack+0x1d/0x30
[   92.475447][ T6214]  dump_stack_lvl+0xe8/0x140
[   92.475466][ T6214]  dump_stack+0x15/0x1b
[   92.475550][ T6214]  should_fail_ex+0x265/0x280
[   92.475576][ T6214]  should_failslab+0x8c/0xb0
[   92.475602][ T6214]  kmem_cache_alloc_node_noprof+0x57/0x320
[   92.475630][ T6214]  ? __alloc_skb+0x101/0x320
[   92.475691][ T6214]  __alloc_skb+0x101/0x320
[   92.475750][ T6214]  alloc_skb_with_frags+0x7d/0x470
[   92.475791][ T6214]  ? should_fail_ex+0xdb/0x280
[   92.475816][ T6214]  sock_alloc_send_pskb+0x43a/0x4f0
[   92.475930][ T6214]  ? __rcu_read_unlock+0x4f/0x70
[   92.475955][ T6214]  ? __rcu_read_unlock+0x4f/0x70
[   92.475977][ T6214]  packet_sendmsg+0x225b/0x3240
[   92.475997][ T6214]  ? __rcu_read_unlock+0x4f/0x70
[   92.476025][ T6214]  ? avc_has_perm+0xd3/0x150
[   92.476131][ T6214]  ? selinux_socket_sendmsg+0x175/0x1b0
[   92.476155][ T6214]  ? __pfx_packet_sendmsg+0x10/0x10
[   92.476231][ T6214]  __sock_sendmsg+0x142/0x180
[   92.476257][ T6214]  __sys_sendto+0x268/0x330
[   92.476315][ T6214]  __x64_sys_sendto+0x76/0x90
[   92.476346][ T6214]  x64_sys_call+0x2eb6/0x2fb0
[   92.476371][ T6214]  do_syscall_64+0xd2/0x200
[   92.476405][ T6214]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   92.476439][ T6214]  ? clear_bhb_loop+0x40/0x90
[   92.476512][ T6214]  ? clear_bhb_loop+0x40/0x90
[   92.476533][ T6214]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.476554][ T6214] RIP: 0033:0x7f2dc6cbe969
[   92.476647][ T6214] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   92.476676][ T6214] RSP: 002b:00007f2dc5327038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   92.476701][ T6214] RAX: ffffffffffffffda RBX: 00007f2dc6ee5fa0 RCX: 00007f2dc6cbe969
[   92.476718][ T6214] RDX: 0000000000010000 RSI: 0000200000000180 RDI: 0000000000000003
[   92.476787][ T6214] RBP: 00007f2dc5327090 R08: 0000200000000140 R09: 0000000000000014
[   92.476800][ T6214] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   92.476866][ T6214] R13: 0000000000000000 R14: 00007f2dc6ee5fa0 R15: 00007ffcea4ba2a8
[   92.476939][ T6214]  </TASK>
[   92.771696][ T6216] netlink: 'syz.2.880': attribute type 21 has an invalid length.
[   92.780912][ T6216] netlink: 'syz.2.880': attribute type 1 has an invalid length.
[   92.788603][ T6216] netlink: 144 bytes leftover after parsing attributes in process `syz.2.880'.
[   92.809416][ T6228] xt_hashlimit: max too large, truncated to 1048576
[   92.879165][ T6233] binfmt_misc: register: failed to install interpreter file ./file2
[   93.046619][ T6247] loop2: detected capacity change from 0 to 256
[   93.106996][ T6251] serio: Serial port ptm0
[   93.176518][ T6261] FAULT_INJECTION: forcing a failure.
[   93.176518][ T6261] name failslab, interval 1, probability 0, space 0, times 0
[   93.189433][ T6261] CPU: 1 UID: 0 PID: 6261 Comm: syz.4.897 Not tainted 6.15.0-syzkaller-11121-gfe4281644c62 #0 PREEMPT(voluntary) 
[   93.189475][ T6261] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   93.189525][ T6261] Call Trace:
[   93.189533][ T6261]  <TASK>
[   93.189542][ T6261]  __dump_stack+0x1d/0x30
[   93.189607][ T6261]  dump_stack_lvl+0xe8/0x140
[   93.189629][ T6261]  dump_stack+0x15/0x1b
[   93.189727][ T6261]  should_fail_ex+0x265/0x280
[   93.189750][ T6261]  should_failslab+0x8c/0xb0
[   93.189777][ T6261]  kmem_cache_alloc_noprof+0x50/0x310
[   93.189805][ T6261]  ? __anon_vma_prepare+0xcd/0x2f0
[   93.189836][ T6261]  __anon_vma_prepare+0xcd/0x2f0
[   93.189860][ T6261]  handle_mm_fault+0x1d19/0x2be0
[   93.189893][ T6261]  ? check_vma_flags+0x26e/0x340
[   93.189918][ T6261]  __get_user_pages+0x1036/0x1fb0
[   93.189977][ T6261]  get_user_pages_remote+0x1dc/0x7a0
[   93.190008][ T6261]  get_arg_page+0x8e/0x1e0
[   93.190030][ T6261]  copy_string_kernel+0x134/0x340
[   93.190063][ T6261]  do_execveat_common+0x5ad/0x750
[   93.190103][ T6261]  ? getname_flags+0x154/0x3b0
[   93.190135][ T6261]  __x64_sys_execveat+0x73/0x90
[   93.190160][ T6261]  x64_sys_call+0x2dae/0x2fb0
[   93.190188][ T6261]  do_syscall_64+0xd2/0x200
[   93.190295][ T6261]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   93.190324][ T6261]  ? clear_bhb_loop+0x40/0x90
[   93.190347][ T6261]  ? clear_bhb_loop+0x40/0x90
[   93.190372][ T6261]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.190460][ T6261] RIP: 0033:0x7f449533e969
[   93.190480][ T6261] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.190501][ T6261] RSP: 002b:00007f44939a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[   93.190557][ T6261] RAX: ffffffffffffffda RBX: 00007f4495565fa0 RCX: 00007f449533e969
[   93.190570][ T6261] RDX: 0000000000000000 RSI: 0000200000000140 RDI: ffffffffffffff9c
[   93.190583][ T6261] RBP: 00007f44939a7090 R08: 0000000000000000 R09: 0000000000000000
[   93.190596][ T6261] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   93.190610][ T6261] R13: 0000000000000000 R14: 00007f4495565fa0 R15: 00007fff721bf6b8
[   93.190653][ T6261]  </TASK>
[   93.437487][ T6272] FAULT_INJECTION: forcing a failure.
[   93.437487][ T6272] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   93.450772][ T6272] CPU: 0 UID: 0 PID: 6272 Comm: syz.5.899 Not tainted 6.15.0-syzkaller-11121-gfe4281644c62 #0 PREEMPT(voluntary) 
[   93.450838][ T6272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   93.450852][ T6272] Call Trace:
[   93.450860][ T6272]  <TASK>
[   93.450868][ T6272]  __dump_stack+0x1d/0x30
[   93.450890][ T6272]  dump_stack_lvl+0xe8/0x140
[   93.450981][ T6272]  dump_stack+0x15/0x1b
[   93.450999][ T6272]  should_fail_ex+0x265/0x280
[   93.451103][ T6272]  should_fail+0xb/0x20
[   93.451122][ T6272]  should_fail_usercopy+0x1a/0x20
[   93.451220][ T6272]  _copy_from_user+0x1c/0xb0
[   93.451248][ T6272]  restore_altstack+0x4b/0x2d0
[   93.451355][ T6272]  ? __set_task_blocked+0x23a/0x2a0
[   93.451380][ T6272]  __ia32_sys_rt_sigreturn+0xdc/0x350
[   93.451403][ T6272]  ? _raw_spin_unlock_irq+0x26/0x50
[   93.451461][ T6272]  ? signal_setup_done+0x266/0x290
[   93.451481][ T6272]  ? xfd_validate_state+0x45/0xf0
[   93.451542][ T6272]  ? fpu__clear_user_states+0x63/0x1e0
[   93.451575][ T6272]  ? fpregs_mark_activate+0x66/0x140
[   93.451606][ T6272]  ? fpu__clear_user_states+0x63/0x1e0
[   93.451635][ T6272]  ? arch_do_signal_or_restart+0x2f3/0x480
[   93.451699][ T6272]  ? __rcu_read_unlock+0x4f/0x70
[   93.451726][ T6272]  x64_sys_call+0x2e8a/0x2fb0
[   93.451761][ T6272]  do_syscall_64+0xd2/0x200
[   93.451851][ T6272]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   93.451876][ T6272]  ? clear_bhb_loop+0x40/0x90
[   93.451900][ T6272]  ? clear_bhb_loop+0x40/0x90
[   93.451921][ T6272]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.451976][ T6272] RIP: 0033:0x7f17838eab39
[   93.451993][ T6272] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
[   93.452015][ T6272] RSP: 002b:00007f1781fb6a80 EFLAGS: 00000202 ORIG_RAX: 000000000000000f
[   93.452045][ T6272] RAX: ffffffffffffffda RBX: 00007f1783b75fa0 RCX: 00007f17838eab39
[   93.452058][ T6272] RDX: 00007f1781fb6a80 RSI: 00007f1781fb6bb0 RDI: 0000000000000021
[   93.452071][ T6272] RBP: 00007f1781fb7090 R08: 0000000000000000 R09: 0000000000000000
[   93.452083][ T6272] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001
[   93.452183][ T6272] R13: 0000000000000000 R14: 00007f1783b75fa0 R15: 00007ffc390fc268
[   93.452264][ T6272]  </TASK>
[   93.685566][ T6274] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   93.696079][ T6274] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[   93.777302][ T6274] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   93.787738][ T6274] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[   93.834007][ T6274] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   93.844428][ T6274] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[   93.855175][   T29] kauditd_printk_skb: 167 callbacks suppressed
[   93.855191][   T29] audit: type=1326 audit(1748956413.471:2728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6295 comm="syz.5.909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178394e969 code=0x7ffc0000
[   93.886698][   T29] audit: type=1326 audit(1748956413.471:2729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6295 comm="syz.5.909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f178394e969 code=0x7ffc0000
[   93.910463][   T29] audit: type=1326 audit(1748956413.471:2730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6295 comm="syz.5.909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178394e969 code=0x7ffc0000
[   93.934049][   T29] audit: type=1326 audit(1748956413.471:2731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6295 comm="syz.5.909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178394e969 code=0x7ffc0000
[   93.957523][   T29] audit: type=1326 audit(1748956413.471:2732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6295 comm="syz.5.909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f178394e969 code=0x7ffc0000
[   93.980992][   T29] audit: type=1326 audit(1748956413.471:2733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6295 comm="syz.5.909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178394e969 code=0x7ffc0000
[   94.013987][ T6274] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   94.024397][ T6274] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[   94.046924][ T6299] loop5: detected capacity change from 0 to 128
[   94.063557][ T6301] loop6: detected capacity change from 0 to 128
[   94.099320][ T6274] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 256 - 0
[   94.107634][ T6274] netdevsim netdevsim4 eth0: set [1, 1] type 2 family 0 port 6081 - 0
[   94.116142][ T6303] Cannot find del_set index 1 as target
[   94.132994][ T6274] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 256 - 0
[   94.141303][ T6274] netdevsim netdevsim4 eth1: set [1, 1] type 2 family 0 port 6081 - 0
[   94.149835][ T6303] pim6reg1: entered promiscuous mode
[   94.155189][ T6303] pim6reg1: entered allmulticast mode
[   94.165294][ T6274] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 256 - 0
[   94.173537][ T6274] netdevsim netdevsim4 eth2: set [1, 1] type 2 family 0 port 6081 - 0
[   94.188521][ T6305] bridge1: entered promiscuous mode
[   94.194925][ T6303] netlink: 'syz.6.912': attribute type 27 has an invalid length.
[   94.215556][   T29] audit: type=1400 audit(1748956413.831:2734): avc:  denied  { read } for  pid=2992 comm="acpid" name="mouse7" dev="devtmpfs" ino=775 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1
[   94.234243][ T6299] syz.5.910: attempt to access beyond end of device
[   94.234243][ T6299] loop5: rw=2049, sector=129, nr_sectors = 8 limit=128
[   94.237426][   T29] audit: type=1400 audit(1748956413.831:2735): avc:  denied  { open } for  pid=2992 comm="acpid" path="/dev/input/mouse7" dev="devtmpfs" ino=775 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1
[   94.273528][   T29] audit: type=1400 audit(1748956413.831:2736): avc:  denied  { ioctl } for  pid=2992 comm="acpid" path="/dev/input/mouse7" dev="devtmpfs" ino=775 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1
[   94.273579][ T6299] syz.5.910: attempt to access beyond end of device
[   94.273579][ T6299] loop5: rw=2049, sector=145, nr_sectors = 8 limit=128
[   94.273629][ T6299] syz.5.910: attempt to access beyond end of device
[   94.273629][ T6299] loop5: rw=2049, sector=161, nr_sectors = 8 limit=128
[   94.273711][ T6299] syz.5.910: attempt to access beyond end of device
[   94.273711][ T6299] loop5: rw=2049, sector=177, nr_sectors = 8 limit=128
[   94.273752][ T6299] syz.5.910: attempt to access beyond end of device
[   94.273752][ T6299] loop5: rw=2049, sector=193, nr_sectors = 8 limit=128
[   94.273786][ T6299] syz.5.910: attempt to access beyond end of device
[   94.273786][ T6299] loop5: rw=2049, sector=209, nr_sectors = 8 limit=128
[   94.273823][ T6299] syz.5.910: attempt to access beyond end of device
[   94.273823][ T6299] loop5: rw=2049, sector=225, nr_sectors = 8 limit=128
[   94.273911][ T6299] syz.5.910: attempt to access beyond end of device
[   94.273911][ T6299] loop5: rw=2049, sector=241, nr_sectors = 8 limit=128
[   94.273955][ T6299] syz.5.910: attempt to access beyond end of device
[   94.273955][ T6299] loop5: rw=2049, sector=257, nr_sectors = 8 limit=128
[   94.273993][ T6299] syz.5.910: attempt to access beyond end of device
[   94.273993][ T6299] loop5: rw=2049, sector=273, nr_sectors = 8 limit=128
[   94.306363][ T6303] bridge0: port 2(bridge_slave_1) entered disabled state
[   94.306521][ T6303] bridge0: port 1(bridge_slave_0) entered disabled state
[   94.345138][ T6303] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   94.347761][ T6303] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   94.376074][ T6303] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   94.376116][ T6303] netdevsim netdevsim6 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   94.376292][ T6303] netdevsim netdevsim6 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   94.376327][ T6303] netdevsim netdevsim6 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   94.383811][ T6303] pim6reg1: left promiscuous mode
[   94.383831][ T6303] pim6reg1: left allmulticast mode
[   94.387177][ T6274] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 256 - 0
[   94.387216][ T6274] netdevsim netdevsim4 eth3: set [1, 1] type 2 family 0 port 6081 - 0
[   94.432683][ T6311] FAULT_INJECTION: forcing a failure.
[   94.432683][ T6311] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   94.432723][ T6311] CPU: 1 UID: 0 PID: 6311 Comm: syz.4.914 Not tainted 6.15.0-syzkaller-11121-gfe4281644c62 #0 PREEMPT(voluntary) 
[   94.432754][ T6311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   94.432849][ T6311] Call Trace:
[   94.432856][ T6311]  <TASK>
[   94.432864][ T6311]  __dump_stack+0x1d/0x30
[   94.432889][ T6311]  dump_stack_lvl+0xe8/0x140
[   94.432911][ T6311]  dump_stack+0x15/0x1b
[   94.432930][ T6311]  should_fail_ex+0x265/0x280
[   94.433010][ T6311]  should_fail+0xb/0x20
[   94.433031][ T6311]  should_fail_usercopy+0x1a/0x20
[   94.433096][ T6311]  _copy_to_user+0x20/0xa0
[   94.433126][ T6311]  simple_read_from_buffer+0xb5/0x130
[   94.433151][ T6311]  proc_fail_nth_read+0x100/0x140
[   94.433179][ T6311]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   94.433218][ T6311]  vfs_read+0x1a0/0x6f0
[   94.433240][ T6311]  ? __rcu_read_unlock+0x4f/0x70
[   94.433265][ T6311]  ? __rcu_read_unlock+0x4f/0x70
[   94.433289][ T6311]  ? __fget_files+0x184/0x1c0
[   94.433363][ T6311]  ksys_read+0xda/0x1a0
[   94.433389][ T6311]  __x64_sys_read+0x40/0x50
[   94.433413][ T6311]  x64_sys_call+0x2d77/0x2fb0
[   94.433485][ T6311]  do_syscall_64+0xd2/0x200
[   94.433518][ T6311]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   94.433548][ T6311]  ? clear_bhb_loop+0x40/0x90
[   94.433580][ T6311]  ? clear_bhb_loop+0x40/0x90
[   94.433674][ T6311]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.433705][ T6311] RIP: 0033:0x7f449533d37c
[   94.433723][ T6311] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   94.433744][ T6311] RSP: 002b:00007f44939a7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   94.433767][ T6311] RAX: ffffffffffffffda RBX: 00007f4495565fa0 RCX: 00007f449533d37c
[   94.433858][ T6311] RDX: 000000000000000f RSI: 00007f44939a70a0 RDI: 0000000000000003
[   94.433873][ T6311] RBP: 00007f44939a7090 R08: 0000000000000000 R09: 0000000000000000
[   94.433888][ T6311] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   94.433902][ T6311] R13: 0000000000000000 R14: 00007f4495565fa0 R15: 00007fff721bf6b8
[   94.433972][ T6311]  </TASK>
[   94.458743][   T29] audit: type=1326 audit(1748956414.071:2737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6308 comm="syz.2.913" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ac43ce969 code=0x7ffc0000
[   94.468507][ T6299] infiniband syz!: set down
[   94.468559][ T6299] infiniband syz!: added team_slave_0
[   94.501086][ T6299] RDS/IB: syz!: added
[   94.501105][ T6299] smc: adding ib device syz! with port count 1
[   94.501118][ T6299] smc:    ib device syz! port 1 has pnetid 
[   95.119254][ T6340] SELinux: failed to load policy
[   95.142423][ T6342] loop4: detected capacity change from 0 to 512
[   95.149212][ T6346] loop5: detected capacity change from 0 to 512
[   95.159101][ T6346] EXT4-fs (loop5): revision level too high, forcing read-only mode
[   95.159844][ T6342] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[   95.167245][ T6346] EXT4-fs (loop5): orphan cleanup on readonly fs
[   95.178685][ T6342] EXT4-fs (loop4): orphan cleanup on readonly fs
[   95.183512][ T6346] EXT4-fs warning (device loop5): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[   95.190520][ T6342] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.926: bg 0: block 64: padding at end of block bitmap is not set
[   95.204295][ T6346] EXT4-fs (loop5): Cannot turn on quotas: error -22
[   95.219400][ T6342] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.926: Failed to acquire dquot type 0
[   95.224876][ T6346] EXT4-fs error (device loop5): ext4_orphan_get:1393: inode #16: comm syz.5.928: iget: immutable or append flags not allowed on symlinks
[   95.237363][ T6342] EXT4-fs (loop4): 1 truncate cleaned up
[   95.250263][ T6346] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.928: couldn't read orphan inode 16 (err -117)
[   95.476428][ T6359] lo speed is unknown, defaulting to 1000
[   95.625054][ T6357] __nla_validate_parse: 5 callbacks suppressed
[   95.625074][ T6357] netlink: 8 bytes leftover after parsing attributes in process `syz.4.932'.
[   96.074456][ T6366] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5123 sclass=netlink_route_socket pid=6366 comm=syz.2.935
[   96.229903][ T6369] loop4: detected capacity change from 0 to 512
[   96.359086][ T6374] openvswitch: netlink: Message has 6 unknown bytes.
[   96.462508][ T6382] xt_hashlimit: max too large, truncated to 1048576
[   96.512712][ T6384] netlink: 16 bytes leftover after parsing attributes in process `syz.4.942'.
[   96.530992][ T6386] netlink: 4 bytes leftover after parsing attributes in process `syz.6.943'.
[   96.579359][ T6387] binfmt_misc: register: failed to install interpreter file ./file2
[   97.105600][ T4823] EXT4-fs unmount: 17 callbacks suppressed
[   97.105619][ T4823] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.129398][ T6417] netlink: 'syz.4.957': attribute type 27 has an invalid length.
[   97.201169][ T6428] loop5: detected capacity change from 0 to 256
[   97.241122][ T6435] loop2: detected capacity change from 0 to 128
[   97.263347][ T6417] bridge0: port 2(bridge_slave_1) entered disabled state
[   97.270830][ T6417] bridge0: port 1(bridge_slave_0) entered disabled state
[   97.279153][ T6435] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   97.287566][ T6448] netlink: 4 bytes leftover after parsing attributes in process `syz.6.959'.
[   97.309914][ T6435] ext4 filesystem being mounted at /195/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   97.396797][ T6417] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   97.419920][ T6417] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   97.443698][ T3321] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   97.454058][ T6460] netlink: 'syz.4.957': attribute type 13 has an invalid length.
[   97.481831][ T6464] loop2: detected capacity change from 0 to 512
[   97.492946][ T6464] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   97.501150][ T6464] EXT4-fs (loop2): orphan cleanup on readonly fs
[   97.508144][ T6464] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[   97.523811][ T6464] EXT4-fs (loop2): Cannot turn on quotas: error -22
[   97.532666][ T6464] EXT4-fs error (device loop2): ext4_orphan_get:1393: inode #16: comm syz.2.966: iget: immutable or append flags not allowed on symlinks
[   97.546926][ T6464] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.966: couldn't read orphan inode 16 (err -117)
[   97.559140][ T6417] netdevsim netdevsim4 eth0: unset [1, 1] type 2 family 0 port 6081 - 0
[   97.559524][ T6464] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   97.568103][ T6417] netdevsim netdevsim4 eth1: unset [1, 1] type 2 family 0 port 6081 - 0
[   97.588527][ T6417] netdevsim netdevsim4 eth2: unset [1, 1] type 2 family 0 port 6081 - 0
[   97.597004][ T6417] netdevsim netdevsim4 eth3: unset [1, 1] type 2 family 0 port 6081 - 0
[   97.651571][ T6417] netdevsim netdevsim4 eth0: unset [1, 0] type 2 family 0 port 256 - 0
[   97.659998][ T6417] netdevsim netdevsim4 eth1: unset [1, 0] type 2 family 0 port 256 - 0
[   97.668299][ T6417] netdevsim netdevsim4 eth2: unset [1, 0] type 2 family 0 port 256 - 0
[   97.676769][ T6417] netdevsim netdevsim4 eth3: unset [1, 0] type 2 family 0 port 256 - 0
[   97.700151][ T6417] geneve2: left promiscuous mode
[   97.705173][ T6417] geneve2: left allmulticast mode
[   97.745131][ T6426] 8021q: adding VLAN 0 to HW filter on device bond0
[   97.755283][ T6426] 8021q: adding VLAN 0 to HW filter on device team0
[   97.766393][ T6426] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   97.795425][ T6453] FAULT_INJECTION: forcing a failure.
[   97.795425][ T6453] name failslab, interval 1, probability 0, space 0, times 0
[   97.808143][ T6453] CPU: 1 UID: 0 PID: 6453 Comm: syz.5.964 Not tainted 6.15.0-syzkaller-11121-gfe4281644c62 #0 PREEMPT(voluntary) 
[   97.808171][ T6453] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   97.808185][ T6453] Call Trace:
[   97.808193][ T6453]  <TASK>
[   97.808203][ T6453]  __dump_stack+0x1d/0x30
[   97.808350][ T6453]  dump_stack_lvl+0xe8/0x140
[   97.808371][ T6453]  dump_stack+0x15/0x1b
[   97.808392][ T6453]  should_fail_ex+0x265/0x280
[   97.808418][ T6453]  ? register_netdevice+0x1e8/0xf00
[   97.808485][ T6453]  should_failslab+0x8c/0xb0
[   97.808512][ T6453]  __kmalloc_cache_noprof+0x4c/0x320
[   97.808549][ T6453]  register_netdevice+0x1e8/0xf00
[   97.808581][ T6453]  ? sysvec_reschedule_ipi+0x4f/0x70
[   97.808670][ T6453]  ? __rcu_read_unlock+0x4f/0x70
[   97.808692][ T6453]  ? ip6_tnl_locate+0x338/0x4a0
[   97.808741][ T6453]  ip6_tnl_create2+0x8a/0x290
[   97.808775][ T6453]  ip6_tnl_newlink+0x1b4/0x340
[   97.808859][ T6453]  ? __pfx_ip6_tnl_newlink+0x10/0x10
[   97.808894][ T6453]  rtnl_newlink_create+0x1bc/0x620
[   97.808923][ T6453]  ? __list_del_entry_valid_or_report+0x65/0x130
[   97.809022][ T6453]  rtnl_newlink+0xf29/0x12d0
[   97.809052][ T6453]  ? rb_commit+0x3e9/0x420
[   97.809098][ T6453]  ? __rcu_read_unlock+0x4f/0x70
[   97.809119][ T6453]  ? avc_has_perm_noaudit+0x1b1/0x200
[   97.809155][ T6453]  ? selinux_capable+0x1f9/0x270
[   97.809183][ T6453]  ? security_capable+0x83/0x90
[   97.809242][ T6453]  ? ns_capable+0x7d/0xb0
[   97.809264][ T6453]  ? __pfx_rtnl_newlink+0x10/0x10
[   97.809285][ T6453]  rtnetlink_rcv_msg+0x5fe/0x6d0
[   97.809304][ T6453]  ? avc_has_perm_noaudit+0x1b1/0x200
[   97.809395][ T6453]  netlink_rcv_skb+0x123/0x220
[   97.809456][ T6453]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   97.809486][ T6453]  rtnetlink_rcv+0x1c/0x30
[   97.809507][ T6453]  netlink_unicast+0x5a1/0x670
[   97.809591][ T6453]  netlink_sendmsg+0x58b/0x6b0
[   97.809622][ T6453]  ? __pfx_netlink_sendmsg+0x10/0x10
[   97.809669][ T6453]  __sock_sendmsg+0x142/0x180
[   97.809690][ T6453]  ____sys_sendmsg+0x31e/0x4e0
[   97.809785][ T6453]  ___sys_sendmsg+0x17b/0x1d0
[   97.809843][ T6453]  __x64_sys_sendmsg+0xd4/0x160
[   97.809883][ T6453]  x64_sys_call+0x2999/0x2fb0
[   97.809908][ T6453]  do_syscall_64+0xd2/0x200
[   97.809989][ T6453]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   97.810039][ T6453]  ? clear_bhb_loop+0x40/0x90
[   97.810134][ T6453]  ? clear_bhb_loop+0x40/0x90
[   97.810225][ T6453]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.810252][ T6453] RIP: 0033:0x7f178394e969
[   97.810343][ T6453] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.810365][ T6453] RSP: 002b:00007f1781fb7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   97.810433][ T6453] RAX: ffffffffffffffda RBX: 00007f1783b75fa0 RCX: 00007f178394e969
[   97.810447][ T6453] RDX: 0000000004000044 RSI: 00002000000000c0 RDI: 0000000000000007
[   97.810463][ T6453] RBP: 00007f1781fb7090 R08: 0000000000000000 R09: 0000000000000000
[   97.810478][ T6453] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   97.810491][ T6453] R13: 0000000000000000 R14: 00007f1783b75fa0 R15: 00007ffc390fc268
[   97.810509][ T6453]  </TASK>
[   98.238897][ T6478] loop6: detected capacity change from 0 to 8192
[   98.270951][ T6478]  loop6: p1 p2 p3
[   98.384686][ T6476] lo speed is unknown, defaulting to 1000
[   98.662915][ T6489] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   98.881275][   T29] kauditd_printk_skb: 104 callbacks suppressed
[   98.881293][   T29] audit: type=1326 audit(1748956419.491:2840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6492 comm="syz.4.971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449533e969 code=0x7ffc0000
[   98.916398][ T6495] loop5: detected capacity change from 0 to 128
[   98.996862][ T6495] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   99.043504][   T29] audit: type=1326 audit(1748956419.531:2841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6492 comm="syz.4.971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f449533e969 code=0x7ffc0000
[   99.067144][   T29] audit: type=1326 audit(1748956419.531:2842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6492 comm="syz.4.971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449533e969 code=0x7ffc0000
[   99.090789][   T29] audit: type=1326 audit(1748956419.531:2843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6492 comm="syz.4.971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f449533e969 code=0x7ffc0000
[   99.114353][   T29] audit: type=1326 audit(1748956419.531:2844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6492 comm="syz.4.971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449533e969 code=0x7ffc0000
[   99.137792][   T29] audit: type=1326 audit(1748956419.541:2845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6492 comm="syz.4.971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=305 compat=0 ip=0x7f449533e969 code=0x7ffc0000
[   99.161404][   T29] audit: type=1326 audit(1748956420.546:2846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6492 comm="syz.4.971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449533e969 code=0x7ffc0000
[   99.184990][   T29] audit: type=1326 audit(1748956420.546:2847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6492 comm="syz.4.971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f449533e969 code=0x7ffc0000
[   99.208492][   T29] audit: type=1326 audit(1748956420.546:2848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6492 comm="syz.4.971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449533e969 code=0x7ffc0000
[   99.232500][   T29] audit: type=1326 audit(1748956420.546:2849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6492 comm="syz.4.971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f449533e969 code=0x7ffc0000
[   99.282013][ T6495] ext4 filesystem being mounted at /117/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   99.466912][ T4823] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   99.504592][ T6511] netlink: 4 bytes leftover after parsing attributes in process `syz.0.977'.
[   99.614477][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.628301][ T6515] loop6: detected capacity change from 0 to 1024
[   99.645469][ T6515] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   99.649288][ T6522] netlink: 'syz.2.980': attribute type 27 has an invalid length.
[   99.681288][ T6525] netlink: 12 bytes leftover after parsing attributes in process `syz.5.982'.
[   99.723454][ T6522] bridge0: port 2(bridge_slave_1) entered disabled state
[   99.730827][ T6522] bridge0: port 1(bridge_slave_0) entered disabled state
[   99.765659][ T6533] netlink: 48 bytes leftover after parsing attributes in process `syz.4.981'.
[   99.783213][ T6535] netlink: 'syz.2.980': attribute type 13 has an invalid length.
[   99.923850][ T6522] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   99.934200][ T6522] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   99.957773][ T6522] netdevsim netdevsim2 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[   99.966174][ T6522] netdevsim netdevsim2 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[   99.974698][ T6522] netdevsim netdevsim2 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[   99.983210][ T6522] netdevsim netdevsim2 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[   99.993592][ T6447] lo speed is unknown, defaulting to 1000
[  100.017358][ T6529] 8021q: adding VLAN 0 to HW filter on device bond0
[  100.026099][ T6529] 8021q: adding VLAN 0 to HW filter on device team0
[  100.039379][ T5854] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.049807][ T6529] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  100.081556][ T6540] loop5: detected capacity change from 0 to 512
[  100.088272][ T6542] loop4: detected capacity change from 0 to 128
[  100.097504][ T6542] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  100.110968][ T6542] ext4 filesystem being mounted at /194/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  100.115738][ T6540] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.158350][ T6540] ext4 filesystem being mounted at /121/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  100.213427][ T6540] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000.
[  100.221779][ T6458] lo speed is unknown, defaulting to 1000
[  100.223589][ T3317] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  100.227515][ T6458] syz0: Port: 1 Link DOWN
[  100.241191][ T6468] lo speed is unknown, defaulting to 1000
[  100.253917][ T6550] netlink: 'syz.6.987': attribute type 10 has an invalid length.
[  100.267884][ T6550] team0: Device hsr_slave_0 failed to register rx_handler
[  100.384391][ T6559] loop6: detected capacity change from 0 to 512
[  100.405689][ T6559] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  100.413802][ T6559] EXT4-fs (loop6): orphan cleanup on readonly fs
[  100.430922][ T6559] EXT4-fs warning (device loop6): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  100.446030][ T6559] EXT4-fs (loop6): Cannot turn on quotas: error -22
[  100.452969][ T6559] EXT4-fs error (device loop6): ext4_orphan_get:1393: inode #16: comm syz.6.991: iget: immutable or append flags not allowed on symlinks
[  100.468612][ T6559] EXT4-fs error (device loop6): ext4_orphan_get:1398: comm syz.6.991: couldn't read orphan inode 16 (err -117)
[  100.482906][ T6559] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  100.602532][ T6571] xt_hashlimit: max too large, truncated to 1048576
[  100.723874][ T6573] lo speed is unknown, defaulting to 1000
[  100.878254][ T6539] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.984: bg 0: block 217: padding at end of block bitmap is not set
[  100.944571][ T6575] loop2: detected capacity change from 0 to 512
[  101.095062][ T6575] EXT4-fs (loop2): orphan cleanup on readonly fs
[  101.169774][ T6575] EXT4-fs error (device loop2): ext4_orphan_get:1419: comm syz.2.995: bad orphan inode 13
[  101.308743][ T6575] ext4_test_bit(bit=12, block=18) = 1
[  101.314411][ T6575] is_bad_inode(inode)=0
[  101.318576][ T6575] NEXT_ORPHAN(inode)=2130706432
[  101.323658][ T6575] max_ino=32
[  101.326931][ T6575] i_nlink=1
[  101.420768][ T6575] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  101.492399][ T6575] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  101.517767][ T6588] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  101.542003][ T6575] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.995: bg 0: block 248: padding at end of block bitmap is not set
[  101.611892][ T6575] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.995: Failed to acquire dquot type 1
[  101.641629][ T6596] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1001'.
[  101.663343][ T6575] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  101.731631][ T4823] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.762854][ T6600] lo speed is unknown, defaulting to 1000
[  101.794338][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.894670][ T6609] loop5: detected capacity change from 0 to 1024
[  101.955685][ T6609] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.086722][ T6624] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5123 sclass=netlink_route_socket pid=6624 comm=syz.2.1010
[  102.117489][ T4823] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.142778][ T5854] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.175559][ T6632] netlink: 36 bytes leftover after parsing attributes in process `gtp'.
[  102.184285][ T6632] netlink: 16 bytes leftover after parsing attributes in process `gtp'.
[  102.192751][ T6632] netlink: 36 bytes leftover after parsing attributes in process `gtp'.
[  102.201564][ T6632] netlink: 36 bytes leftover after parsing attributes in process `gtp'.
[  102.291590][ T6650] FAULT_INJECTION: forcing a failure.
[  102.291590][ T6650] name failslab, interval 1, probability 0, space 0, times 0
[  102.304306][ T6650] CPU: 0 UID: 0 PID: 6650 Comm: syz.0.1016 Not tainted 6.15.0-syzkaller-11121-gfe4281644c62 #0 PREEMPT(voluntary) 
[  102.304335][ T6650] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  102.304349][ T6650] Call Trace:
[  102.304357][ T6650]  <TASK>
[  102.304367][ T6650]  __dump_stack+0x1d/0x30
[  102.304472][ T6650]  dump_stack_lvl+0xe8/0x140
[  102.304492][ T6650]  dump_stack+0x15/0x1b
[  102.304513][ T6650]  should_fail_ex+0x265/0x280
[  102.304539][ T6650]  should_failslab+0x8c/0xb0
[  102.304570][ T6650]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  102.304669][ T6650]  ? sidtab_sid2str_get+0xa0/0x130
[  102.304698][ T6650]  kmemdup_noprof+0x2b/0x70
[  102.304730][ T6650]  sidtab_sid2str_get+0xa0/0x130
[  102.304763][ T6650]  security_sid_to_context_core+0x1eb/0x2e0
[  102.304863][ T6650]  security_sid_to_context+0x27/0x40
[  102.304893][ T6650]  selinux_lsmprop_to_secctx+0x67/0xf0
[  102.304937][ T6650]  security_lsmprop_to_secctx+0x43/0x80
[  102.304982][ T6650]  audit_log_task_context+0x77/0x190
[  102.305006][ T6650]  audit_log_task+0xf4/0x250
[  102.305043][ T6650]  audit_seccomp+0x61/0x100
[  102.305097][ T6650]  ? __seccomp_filter+0x68c/0x10d0
[  102.305120][ T6650]  __seccomp_filter+0x69d/0x10d0
[  102.305145][ T6650]  ? save_fpregs_to_fpstate+0x100/0x160
[  102.305179][ T6650]  ? _raw_spin_unlock+0x26/0x50
[  102.305279][ T6650]  __secure_computing+0x82/0x150
[  102.305308][ T6650]  syscall_trace_enter+0xcf/0x1e0
[  102.305337][ T6650]  do_syscall_64+0xac/0x200
[  102.305423][ T6650]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  102.305463][ T6650]  ? clear_bhb_loop+0x40/0x90
[  102.305524][ T6650]  ? clear_bhb_loop+0x40/0x90
[  102.305546][ T6650]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.305567][ T6650] RIP: 0033:0x7f2dc6cbd37c
[  102.305583][ T6650] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  102.305606][ T6650] RSP: 002b:00007f2dc5327030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  102.305631][ T6650] RAX: ffffffffffffffda RBX: 00007f2dc6ee5fa0 RCX: 00007f2dc6cbd37c
[  102.305647][ T6650] RDX: 000000000000000f RSI: 00007f2dc53270a0 RDI: 0000000000000005
[  102.305663][ T6650] RBP: 00007f2dc5327090 R08: 0000000000000000 R09: 0000000000000000
[  102.305677][ T6650] R10: 00000000000000e8 R11: 0000000000000246 R12: 0000000000000002
[  102.305691][ T6650] R13: 0000000000000000 R14: 00007f2dc6ee5fa0 R15: 00007ffcea4ba2a8
[  102.305779][ T6650]  </TASK>
[  102.552577][ T6642] x_tables: duplicate underflow at hook 1
[  102.620330][ T6658] netlink: 'syz.4.1018': attribute type 10 has an invalid length.
[  102.628207][ T6658] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1018'.
[  102.675426][ T6658] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  102.683734][ T6658] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  102.691982][ T6658] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  102.700196][ T6658] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  102.744432][ T6658] team0: Port device geneve1 added
[  102.805252][ T6673] serio: Serial port ptm0
[  102.840741][ T6676] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1021'.
[  102.962234][ T6708] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1029'.
[  103.076852][ T6733] xt_CT: You must specify a L4 protocol and not use inversions on it
[  103.199858][ T6468] hid-generic 0000:0000:0000.0001: unknown main item tag 0x1
[  103.207465][ T6468] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  103.214916][ T6468] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  103.222528][ T6468] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  103.230238][ T6468] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  103.237833][ T6468] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  103.250095][ T6468] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  103.257601][ T6468] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  103.265173][ T6468] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  103.272796][ T6468] hid-generic 0000:0000:0000.0001: unknown main item tag 0x2
[  103.280220][ T6468] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  103.287715][ T6468] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  103.295145][ T6468] hid-generic 0000:0000:0000.0001: unknown main item tag 0x4
[  103.302561][ T6468] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  103.310056][ T6468] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  103.317660][ T6468] hid-generic 0000:0000:0000.0001: unknown main item tag 0x2
[  103.325142][ T6468] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  103.332779][ T6468] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  103.340220][ T6468] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  103.347686][ T6468] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  103.355172][ T6468] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  103.362662][ T6468] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  103.370077][ T6468] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  103.377518][ T6468] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  103.385009][ T6468] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  103.392516][ T6468] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  103.399897][ T6468] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  103.407283][ T6468] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  103.414788][ T6468] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  103.422331][ T6468] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  103.429758][ T6468] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  103.437136][ T6468] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  103.444546][ T6468] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  103.452067][ T6468] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  103.459493][ T6468] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  103.466889][ T6468] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  103.474287][ T6468] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  103.482376][ T6468] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  103.528046][ T6757] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1035'.
[  103.593629][ T6771] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1041'.
[  103.722899][ T6782] loop6: detected capacity change from 0 to 512
[  103.729319][ T6789] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  103.749521][ T6782] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.764031][ T6782] ext4 filesystem being mounted at /39/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  103.804714][ T6798] FAULT_INJECTION: forcing a failure.
[  103.804714][ T6798] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  103.817855][ T6798] CPU: 1 UID: 0 PID: 6798 Comm: syz.2.1052 Not tainted 6.15.0-syzkaller-11121-gfe4281644c62 #0 PREEMPT(voluntary) 
[  103.817888][ T6798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  103.817901][ T6798] Call Trace:
[  103.817908][ T6798]  <TASK>
[  103.817917][ T6798]  __dump_stack+0x1d/0x30
[  103.817950][ T6798]  dump_stack_lvl+0xe8/0x140
[  103.817972][ T6798]  dump_stack+0x15/0x1b
[  103.818009][ T6798]  should_fail_ex+0x265/0x280
[  103.818032][ T6798]  should_fail+0xb/0x20
[  103.818052][ T6798]  should_fail_usercopy+0x1a/0x20
[  103.818078][ T6798]  _copy_from_user+0x1c/0xb0
[  103.818108][ T6798]  ___sys_sendmsg+0xc1/0x1d0
[  103.818236][ T6798]  __x64_sys_sendmsg+0xd4/0x160
[  103.818350][ T6798]  x64_sys_call+0x2999/0x2fb0
[  103.818373][ T6798]  do_syscall_64+0xd2/0x200
[  103.818483][ T6798]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  103.818531][ T6798]  ? clear_bhb_loop+0x40/0x90
[  103.818721][ T6798]  ? clear_bhb_loop+0x40/0x90
[  103.818748][ T6798]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.818775][ T6798] RIP: 0033:0x7f3ac43ce969
[  103.818794][ T6798] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  103.818815][ T6798] RSP: 002b:00007f3ac2a37038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  103.818957][ T6798] RAX: ffffffffffffffda RBX: 00007f3ac45f5fa0 RCX: 00007f3ac43ce969
[  103.818973][ T6798] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000005
[  103.818989][ T6798] RBP: 00007f3ac2a37090 R08: 0000000000000000 R09: 0000000000000000
[  103.819004][ T6798] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  103.819018][ T6798] R13: 0000000000000000 R14: 00007f3ac45f5fa0 R15: 00007fff73e78c88
[  103.819040][ T6798]  </TASK>
[  103.819349][ T6782] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000.
[  103.931761][ T6806] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=6806 comm=syz.4.1048
[  104.018630][   T29] kauditd_printk_skb: 145 callbacks suppressed
[  104.018658][   T29] audit: type=1326 audit(1748956425.636:2992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6804 comm="syz.2.1054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ac43ce969 code=0x7ffc0000
[  104.079913][   T29] audit: type=1326 audit(1748956425.636:2993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6804 comm="syz.2.1054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ac43ce969 code=0x7ffc0000
[  104.104087][   T29] audit: type=1326 audit(1748956425.676:2994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6804 comm="syz.2.1054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3ac43ce969 code=0x7ffc0000
[  104.127845][   T29] audit: type=1326 audit(1748956425.676:2995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6804 comm="syz.2.1054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ac43ce969 code=0x7ffc0000
[  104.151992][   T29] audit: type=1326 audit(1748956425.676:2996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6804 comm="syz.2.1054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3ac43ce969 code=0x7ffc0000
[  104.175582][   T29] audit: type=1326 audit(1748956425.676:2997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6804 comm="syz.2.1054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ac43ce969 code=0x7ffc0000
[  104.199091][   T29] audit: type=1326 audit(1748956425.676:2998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6804 comm="syz.2.1054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3ac43ce969 code=0x7ffc0000
[  104.222541][   T29] audit: type=1326 audit(1748956425.676:2999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6804 comm="syz.2.1054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ac43ce969 code=0x7ffc0000
[  104.246147][   T29] audit: type=1326 audit(1748956425.686:3000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6804 comm="syz.2.1054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=439 compat=0 ip=0x7f3ac43ce969 code=0x7ffc0000
[  104.269609][   T29] audit: type=1326 audit(1748956425.686:3001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6804 comm="syz.2.1054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ac43ce969 code=0x7ffc0000
[  104.300447][ T6789] bond1: entered promiscuous mode
[  104.305541][ T6789] bond1: entered allmulticast mode
[  104.317601][ T6789] 8021q: adding VLAN 0 to HW filter on device bond1
[  104.325198][ T6813] serio: Serial port ptm0
[  104.465440][ T6780] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.1047: bg 0: block 217: padding at end of block bitmap is not set
[  104.512926][ T6825] netlink: 'syz.4.1061': attribute type 10 has an invalid length.
[  104.536081][ T6825] 8021q: adding VLAN 0 to HW filter on device batadv0
[  104.567656][ T6825] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  104.876931][ T5854] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.974563][ T6859] batadv_slave_0: entered promiscuous mode
[  104.980869][ T6859] netlink: 'syz.4.1072': attribute type 2 has an invalid length.
[  105.096414][ T6867] xt_hashlimit: max too large, truncated to 1048576
[  105.175837][ T6873] loop6: detected capacity change from 0 to 512
[  105.184261][ T6873] EXT4-fs (loop6): orphan cleanup on readonly fs
[  105.192990][ T6873] EXT4-fs error (device loop6): ext4_orphan_get:1419: comm syz.6.1077: bad orphan inode 13
[  105.277323][ T6873] ext4_test_bit(bit=12, block=18) = 1
[  105.282796][ T6873] is_bad_inode(inode)=0
[  105.286982][ T6873] NEXT_ORPHAN(inode)=2130706432
[  105.291999][ T6873] max_ino=32
[  105.295238][ T6873] i_nlink=1
[  105.299509][ T6873] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  105.314464][ T6873] EXT4-fs (loop6): warning: mounting fs with errors, running e2fsck is recommended
[  105.358671][ T6873] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.1077: bg 0: block 248: padding at end of block bitmap is not set
[  105.408706][ T6873] EXT4-fs error (device loop6): ext4_acquire_dquot:6933: comm syz.6.1077: Failed to acquire dquot type 1
[  105.448587][ T6873] EXT4-fs warning (device loop6): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  105.618748][ T6895] FAULT_INJECTION: forcing a failure.
[  105.618748][ T6895] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  105.632198][ T6895] CPU: 0 UID: 0 PID: 6895 Comm: syz.5.1086 Not tainted 6.15.0-syzkaller-11121-gfe4281644c62 #0 PREEMPT(voluntary) 
[  105.632281][ T6895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  105.632294][ T6895] Call Trace:
[  105.632301][ T6895]  <TASK>
[  105.632309][ T6895]  __dump_stack+0x1d/0x30
[  105.632390][ T6895]  dump_stack_lvl+0xe8/0x140
[  105.632475][ T6895]  dump_stack+0x15/0x1b
[  105.632491][ T6895]  should_fail_ex+0x265/0x280
[  105.632512][ T6895]  should_fail+0xb/0x20
[  105.632534][ T6895]  should_fail_usercopy+0x1a/0x20
[  105.632561][ T6895]  _copy_to_user+0x20/0xa0
[  105.632643][ T6895]  simple_read_from_buffer+0xb5/0x130
[  105.632664][ T6895]  proc_fail_nth_read+0x100/0x140
[  105.632691][ T6895]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  105.632718][ T6895]  vfs_read+0x1a0/0x6f0
[  105.632740][ T6895]  ? __sys_setsockopt+0x18e/0x200
[  105.632815][ T6895]  ? __rcu_read_unlock+0x4f/0x70
[  105.632841][ T6895]  ? __fget_files+0x184/0x1c0
[  105.632931][ T6895]  ksys_read+0xda/0x1a0
[  105.632956][ T6895]  __x64_sys_read+0x40/0x50
[  105.632978][ T6895]  x64_sys_call+0x2d77/0x2fb0
[  105.633000][ T6895]  do_syscall_64+0xd2/0x200
[  105.633033][ T6895]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  105.633135][ T6895]  ? clear_bhb_loop+0x40/0x90
[  105.633156][ T6895]  ? clear_bhb_loop+0x40/0x90
[  105.633180][ T6895]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.633205][ T6895] RIP: 0033:0x7f178394d37c
[  105.633224][ T6895] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  105.633244][ T6895] RSP: 002b:00007f1781fb7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  105.633294][ T6895] RAX: ffffffffffffffda RBX: 00007f1783b75fa0 RCX: 00007f178394d37c
[  105.633307][ T6895] RDX: 000000000000000f RSI: 00007f1781fb70a0 RDI: 000000000000000d
[  105.633318][ T6895] RBP: 00007f1781fb7090 R08: 0000000000000000 R09: 0000000000000000
[  105.633333][ T6895] R10: 0000200000000740 R11: 0000000000000246 R12: 0000000000000001
[  105.633348][ T6895] R13: 0000000000000000 R14: 00007f1783b75fa0 R15: 00007ffc390fc268
[  105.633420][ T6895]  </TASK>
[  105.934329][ T5854] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.011831][ T6908] netlink: 'syz.5.1090': attribute type 13 has an invalid length.
[  106.102214][ T6908] gretap0: refused to change device tx_queue_len
[  106.108927][ T6908] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  106.323644][ T6933] smc: net device bond0 applied user defined pnetid SYZ2
[  106.448457][ T6940] loop6: detected capacity change from 0 to 1024
[  106.464485][ T6940] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  106.501165][ T5854] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.602317][ T6957] loop6: detected capacity change from 0 to 256
[  106.724576][ T6961] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5123 sclass=netlink_route_socket pid=6961 comm=syz.6.1113
[  106.998288][ T6967] loop4: detected capacity change from 0 to 1024
[  107.041010][ T6967] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  107.118222][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.203840][ T6973] loop4: detected capacity change from 0 to 512
[  107.242804][ T6973] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  107.265726][ T6973] ext4 filesystem being mounted at /212/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  107.289632][ T6973] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000.
[  107.719280][ T6988] loop6: detected capacity change from 0 to 512
[  107.726539][ T6988] EXT4-fs: Ignoring removed i_version option
[  107.733954][ T6988] ext4: Unknown parameter 'audit'
[  107.840624][ T6996] __nla_validate_parse: 7 callbacks suppressed
[  107.840668][ T6996] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1125'.
[  107.866518][ T6993] loop6: detected capacity change from 0 to 8192
[  107.890519][ T6996] FAULT_INJECTION: forcing a failure.
[  107.890519][ T6996] name failslab, interval 1, probability 0, space 0, times 0
[  107.903326][ T6996] CPU: 1 UID: 0 PID: 6996 Comm: syz.0.1125 Not tainted 6.15.0-syzkaller-11121-gfe4281644c62 #0 PREEMPT(voluntary) 
[  107.903429][ T6996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  107.903441][ T6996] Call Trace:
[  107.903448][ T6996]  <TASK>
[  107.903537][ T6996]  __dump_stack+0x1d/0x30
[  107.903562][ T6996]  dump_stack_lvl+0xe8/0x140
[  107.903584][ T6996]  dump_stack+0x15/0x1b
[  107.903601][ T6996]  should_fail_ex+0x265/0x280
[  107.903620][ T6996]  ? shmem_init_fs_context+0x36/0xf0
[  107.903675][ T6996]  should_failslab+0x8c/0xb0
[  107.903764][ T6996]  __kmalloc_cache_noprof+0x4c/0x320
[  107.903873][ T6996]  shmem_init_fs_context+0x36/0xf0
[  107.903909][ T6996]  alloc_fs_context+0x3ec/0x4e0
[  107.903935][ T6996]  fs_context_for_mount+0x22/0x30
[  107.903955][ T6996]  do_new_mount+0xe9/0x680
[  107.903982][ T6996]  path_mount+0x4a4/0xb20
[  107.904031][ T6996]  ? user_path_at+0x109/0x130
[  107.904066][ T6996]  __se_sys_mount+0x28f/0x2e0
[  107.904089][ T6996]  ? fput+0x8f/0xc0
[  107.904119][ T6996]  ? arch_syscall_is_vdso_sigreturn+0xc6/0x110
[  107.904170][ T6996]  __x64_sys_mount+0x67/0x80
[  107.904196][ T6996]  x64_sys_call+0xd36/0x2fb0
[  107.904220][ T6996]  do_syscall_64+0xd2/0x200
[  107.904249][ T6996]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  107.904309][ T6996]  ? clear_bhb_loop+0x40/0x90
[  107.904329][ T6996]  ? clear_bhb_loop+0x40/0x90
[  107.904349][ T6996]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.904374][ T6996] RIP: 0033:0x7f2dc6cbe969
[  107.904424][ T6996] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  107.904445][ T6996] RSP: 002b:00007f2dc5327038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  107.904468][ T6996] RAX: ffffffffffffffda RBX: 00007f2dc6ee5fa0 RCX: 00007f2dc6cbe969
[  107.904482][ T6996] RDX: 0000200000000300 RSI: 00002000000002c0 RDI: 0000000000000000
[  107.904494][ T6996] RBP: 00007f2dc5327090 R08: 00002000000003c0 R09: 0000000000000000
[  107.904507][ T6996] R10: 0000000002004000 R11: 0000000000000246 R12: 0000000000000001
[  107.904520][ T6996] R13: 0000000000000000 R14: 00007f2dc6ee5fa0 R15: 00007ffcea4ba2a8
[  107.904540][ T6996]  </TASK>
[  108.225000][ T7003] loop5: detected capacity change from 0 to 1024
[  108.232918][ T6972] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1116: bg 0: block 217: padding at end of block bitmap is not set
[  108.323894][ T7003] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  108.440539][ T4823] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.535255][ T7010] loop5: detected capacity change from 0 to 1024
[  108.578443][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.601873][ T7010] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  108.628473][ T7016] FAULT_INJECTION: forcing a failure.
[  108.628473][ T7016] name failslab, interval 1, probability 0, space 0, times 0
[  108.641345][ T7016] CPU: 0 UID: 0 PID: 7016 Comm: syz.6.1130 Not tainted 6.15.0-syzkaller-11121-gfe4281644c62 #0 PREEMPT(voluntary) 
[  108.641377][ T7016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  108.641389][ T7016] Call Trace:
[  108.641396][ T7016]  <TASK>
[  108.641404][ T7016]  __dump_stack+0x1d/0x30
[  108.641426][ T7016]  dump_stack_lvl+0xe8/0x140
[  108.641449][ T7016]  dump_stack+0x15/0x1b
[  108.641475][ T7016]  should_fail_ex+0x265/0x280
[  108.641530][ T7016]  ? tcf_pedit_init+0x448/0x970
[  108.641559][ T7016]  should_failslab+0x8c/0xb0
[  108.641583][ T7016]  __kmalloc_cache_noprof+0x4c/0x320
[  108.641691][ T7016]  tcf_pedit_init+0x448/0x970
[  108.641803][ T7016]  ? should_fail_ex+0xdb/0x280
[  108.641832][ T7016]  tcf_action_init_1+0x367/0x4a0
[  108.641898][ T7016]  tcf_action_init+0x267/0x6d0
[  108.641949][ T7016]  tc_ctl_action+0x291/0x830
[  108.641989][ T7016]  ? __pfx_tc_ctl_action+0x10/0x10
[  108.642071][ T7016]  rtnetlink_rcv_msg+0x657/0x6d0
[  108.642095][ T7016]  ? avc_has_perm_noaudit+0x1b1/0x200
[  108.642135][ T7016]  netlink_rcv_skb+0x123/0x220
[  108.642165][ T7016]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  108.642242][ T7016]  rtnetlink_rcv+0x1c/0x30
[  108.642264][ T7016]  netlink_unicast+0x5a1/0x670
[  108.642299][ T7016]  netlink_sendmsg+0x58b/0x6b0
[  108.642335][ T7016]  ? __pfx_netlink_sendmsg+0x10/0x10
[  108.642424][ T7016]  __sock_sendmsg+0x142/0x180
[  108.642494][ T7016]  ____sys_sendmsg+0x31e/0x4e0
[  108.642533][ T7016]  ___sys_sendmsg+0x17b/0x1d0
[  108.642596][ T7016]  __x64_sys_sendmsg+0xd4/0x160
[  108.642688][ T7016]  x64_sys_call+0x2999/0x2fb0
[  108.642714][ T7016]  do_syscall_64+0xd2/0x200
[  108.642750][ T7016]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  108.642779][ T7016]  ? clear_bhb_loop+0x40/0x90
[  108.642848][ T7016]  ? clear_bhb_loop+0x40/0x90
[  108.642894][ T7016]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.642920][ T7016] RIP: 0033:0x7fc2b8b0e969
[  108.642940][ T7016] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  108.642958][ T7016] RSP: 002b:00007fc2b7177038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  108.642979][ T7016] RAX: ffffffffffffffda RBX: 00007fc2b8d35fa0 RCX: 00007fc2b8b0e969
[  108.642995][ T7016] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000006
[  108.643020][ T7016] RBP: 00007fc2b7177090 R08: 0000000000000000 R09: 0000000000000000
[  108.643036][ T7016] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  108.643080][ T7016] R13: 0000000000000000 R14: 00007fc2b8d35fa0 R15: 00007ffee8b58af8
[  108.643098][ T7016]  </TASK>
[  108.910766][ T7017] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1129'.
[  108.919714][ T7010] FAULT_INJECTION: forcing a failure.
[  108.919714][ T7010] name failslab, interval 1, probability 0, space 0, times 0
[  108.932435][ T7010] CPU: 1 UID: 0 PID: 7010 Comm: syz.5.1128 Not tainted 6.15.0-syzkaller-11121-gfe4281644c62 #0 PREEMPT(voluntary) 
[  108.932462][ T7010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  108.932522][ T7010] Call Trace:
[  108.932528][ T7010]  <TASK>
[  108.932536][ T7010]  __dump_stack+0x1d/0x30
[  108.932557][ T7010]  dump_stack_lvl+0xe8/0x140
[  108.932578][ T7010]  dump_stack+0x15/0x1b
[  108.932594][ T7010]  should_fail_ex+0x265/0x280
[  108.932636][ T7010]  should_failslab+0x8c/0xb0
[  108.932663][ T7010]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  108.932718][ T7010]  ? posix_acl_create+0x14c/0x280
[  108.932755][ T7010]  kmemdup_noprof+0x2b/0x70
[  108.932785][ T7010]  posix_acl_create+0x14c/0x280
[  108.932848][ T7010]  ext4_init_acl+0x67/0x270
[  108.932879][ T7010]  __ext4_new_inode+0x1f17/0x22e0
[  108.933045][ T7010]  ext4_mkdir+0x28b/0x740
[  108.933068][ T7010]  vfs_mkdir+0x213/0x340
[  108.933091][ T7010]  do_mkdirat+0x132/0x3f0
[  108.933185][ T7010]  __x64_sys_mkdir+0x42/0x50
[  108.933221][ T7010]  x64_sys_call+0x2289/0x2fb0
[  108.933247][ T7010]  do_syscall_64+0xd2/0x200
[  108.933310][ T7010]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  108.933413][ T7010]  ? clear_bhb_loop+0x40/0x90
[  108.933438][ T7010]  ? clear_bhb_loop+0x40/0x90
[  108.933611][ T7010]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.933634][ T7010] RIP: 0033:0x7f178394e969
[  108.933654][ T7010] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  108.933675][ T7010] RSP: 002b:00007f1781fb7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  108.933698][ T7010] RAX: ffffffffffffffda RBX: 00007f1783b75fa0 RCX: 00007f178394e969
[  108.933714][ T7010] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000
[  108.933728][ T7010] RBP: 00007f1781fb7090 R08: 0000000000000000 R09: 0000000000000000
[  108.933769][ T7010] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  108.933781][ T7010] R13: 0000000000000000 R14: 00007f1783b75fa0 R15: 00007ffc390fc268
[  108.933799][ T7010]  </TASK>
[  109.187367][ T4823] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.219415][ T7025] netlink: 'syz.0.1134': attribute type 298 has an invalid length.
[  109.231337][   T29] kauditd_printk_skb: 431 callbacks suppressed
[  109.231355][   T29] audit: type=1326 audit(1748956430.836:3427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7022 comm="syz.5.1133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178394e969 code=0x7ffc0000
[  109.261102][   T29] audit: type=1326 audit(1748956430.836:3428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7022 comm="syz.5.1133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f178394e969 code=0x7ffc0000
[  109.284601][   T29] audit: type=1326 audit(1748956430.836:3429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7022 comm="syz.5.1133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178394e969 code=0x7ffc0000
[  109.308087][   T29] audit: type=1326 audit(1748956430.836:3430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7022 comm="syz.5.1133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f178394e969 code=0x7ffc0000
[  109.331545][   T29] audit: type=1326 audit(1748956430.836:3431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7022 comm="syz.5.1133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178394e969 code=0x7ffc0000
[  109.355158][   T29] audit: type=1326 audit(1748956430.836:3432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7022 comm="syz.5.1133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f178394e969 code=0x7ffc0000
[  109.378631][   T29] audit: type=1326 audit(1748956430.836:3433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7022 comm="syz.5.1133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178394e969 code=0x7ffc0000
[  109.402194][   T29] audit: type=1326 audit(1748956430.836:3434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7022 comm="syz.5.1133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f178394e969 code=0x7ffc0000
[  109.425669][   T29] audit: type=1326 audit(1748956430.846:3435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7022 comm="syz.5.1133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178394e969 code=0x7ffc0000
[  109.449092][   T29] audit: type=1326 audit(1748956430.846:3436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7022 comm="syz.5.1133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=439 compat=0 ip=0x7f178394e969 code=0x7ffc0000
[  109.506023][ T7032] loop6: detected capacity change from 0 to 512
[  109.532471][ T7032] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  109.545045][ T7032] ext4 filesystem being mounted at /60/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  109.561582][ T7032] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000.
[  109.734196][ T7040] netlink: 'syz.4.1141': attribute type 10 has an invalid length.
[  109.761269][ T7040] team0: Port device hsr_slave_0 added
[  109.915008][ T7060] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  109.943879][ T7060] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  109.955267][ T7031] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.1139: bg 0: block 217: padding at end of block bitmap is not set
[  110.001145][ T7060] loop5: detected capacity change from 0 to 1024
[  110.036651][ T7060] EXT4-fs: Ignoring removed nomblk_io_submit option
[  110.074416][ T7060] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  110.089256][ T7071] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5123 sclass=netlink_route_socket pid=7071 comm=syz.4.1151
[  110.112078][ T5854] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.123038][ T7060] bond_slave_1: default FDB implementation only supports local addresses
[  110.139035][ T7073] netlink: 100 bytes leftover after parsing attributes in process `syz.6.1152'.
[  110.201787][ T7076] loop6: detected capacity change from 0 to 256
[  110.314201][ T7083] netlink: 'syz.0.1154': attribute type 10 has an invalid length.
[  110.324207][ T7083] team0: Device hsr_slave_0 failed to register rx_handler
[  110.349859][ T7086] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5123 sclass=netlink_route_socket pid=7086 comm=syz.6.1157
[  110.563872][ T7100] FAULT_INJECTION: forcing a failure.
[  110.563872][ T7100] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  110.577121][ T7100] CPU: 0 UID: 0 PID: 7100 Comm: syz.0.1163 Not tainted 6.15.0-syzkaller-11121-gfe4281644c62 #0 PREEMPT(voluntary) 
[  110.577154][ T7100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  110.577167][ T7100] Call Trace:
[  110.577174][ T7100]  <TASK>
[  110.577183][ T7100]  __dump_stack+0x1d/0x30
[  110.577207][ T7100]  dump_stack_lvl+0xe8/0x140
[  110.577254][ T7100]  dump_stack+0x15/0x1b
[  110.577273][ T7100]  should_fail_ex+0x265/0x280
[  110.577297][ T7100]  should_fail+0xb/0x20
[  110.577317][ T7100]  should_fail_usercopy+0x1a/0x20
[  110.577365][ T7100]  _copy_from_iter+0xcf/0xe40
[  110.577462][ T7100]  ? should_failslab+0x8c/0xb0
[  110.577490][ T7100]  ? __kvmalloc_node_noprof+0x263/0x4f0
[  110.577523][ T7100]  ? proc_sys_call_handler+0x243/0x4a0
[  110.577556][ T7100]  proc_sys_call_handler+0x26c/0x4a0
[  110.577703][ T7100]  proc_sys_write+0x22/0x30
[  110.577732][ T7100]  do_iter_readv_writev+0x421/0x4c0
[  110.577764][ T7100]  vfs_writev+0x2df/0x8b0
[  110.577807][ T7100]  __se_sys_pwritev2+0xfc/0x1c0
[  110.577853][ T7100]  __x64_sys_pwritev2+0x67/0x80
[  110.577879][ T7100]  x64_sys_call+0x1cea/0x2fb0
[  110.577899][ T7100]  do_syscall_64+0xd2/0x200
[  110.577997][ T7100]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  110.578023][ T7100]  ? clear_bhb_loop+0x40/0x90
[  110.578043][ T7100]  ? clear_bhb_loop+0x40/0x90
[  110.578064][ T7100]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.578083][ T7100] RIP: 0033:0x7f2dc6cbe969
[  110.578163][ T7100] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  110.578181][ T7100] RSP: 002b:00007f2dc5327038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  110.578201][ T7100] RAX: ffffffffffffffda RBX: 00007f2dc6ee5fa0 RCX: 00007f2dc6cbe969
[  110.578220][ T7100] RDX: 0000000000000001 RSI: 0000200000003d80 RDI: 0000000000000005
[  110.578268][ T7100] RBP: 00007f2dc5327090 R08: 0000000000000000 R09: 0000000000000015
[  110.578280][ T7100] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001
[  110.578292][ T7100] R13: 0000000000000000 R14: 00007f2dc6ee5fa0 R15: 00007ffcea4ba2a8
[  110.578409][ T7100]  </TASK>
[  110.817344][ T7102] loop6: detected capacity change from 0 to 512
[  110.824471][ T7102] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  110.837140][ T7102] EXT4-fs (loop6): 1 truncate cleaned up
[  110.843545][ T7102] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  110.857241][ T7102] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.875516][ T4823] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.892884][ T7111] loop5: detected capacity change from 0 to 512
[  110.909453][ T7111] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  110.931735][ T7113] FAULT_INJECTION: forcing a failure.
[  110.931735][ T7113] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  110.944950][ T7113] CPU: 0 UID: 0 PID: 7113 Comm: syz.2.1168 Not tainted 6.15.0-syzkaller-11121-gfe4281644c62 #0 PREEMPT(voluntary) 
[  110.945051][ T7113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  110.945134][ T7113] Call Trace:
[  110.945142][ T7113]  <TASK>
[  110.945151][ T7113]  __dump_stack+0x1d/0x30
[  110.945177][ T7113]  dump_stack_lvl+0xe8/0x140
[  110.945200][ T7113]  dump_stack+0x15/0x1b
[  110.945221][ T7113]  should_fail_ex+0x265/0x280
[  110.945247][ T7113]  should_fail+0xb/0x20
[  110.945284][ T7113]  should_fail_usercopy+0x1a/0x20
[  110.945306][ T7113]  _copy_from_iter+0xcf/0xe40
[  110.945332][ T7113]  ? kernelmode_fixup_or_oops+0x59/0xb0
[  110.945365][ T7113]  tun_get_user+0x144/0x2500
[  110.945440][ T7113]  ? ref_tracker_alloc+0x1f2/0x2f0
[  110.945465][ T7113]  ? selinux_file_permission+0x1e4/0x320
[  110.945514][ T7113]  tun_chr_write_iter+0x15e/0x210
[  110.945550][ T7113]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  110.945619][ T7113]  vfs_write+0x4a0/0x8e0
[  110.945650][ T7113]  ksys_write+0xda/0x1a0
[  110.945677][ T7113]  __x64_sys_write+0x40/0x50
[  110.945704][ T7113]  x64_sys_call+0x2cdd/0x2fb0
[  110.945731][ T7113]  do_syscall_64+0xd2/0x200
[  110.945788][ T7113]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  110.945911][ T7113]  ? clear_bhb_loop+0x40/0x90
[  110.945938][ T7113]  ? clear_bhb_loop+0x40/0x90
[  110.945962][ T7113]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.945982][ T7113] RIP: 0033:0x7f3ac43ce969
[  110.945998][ T7113] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  110.946020][ T7113] RSP: 002b:00007f3ac2a37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  110.946045][ T7113] RAX: ffffffffffffffda RBX: 00007f3ac45f5fa0 RCX: 00007f3ac43ce969
[  110.946058][ T7113] RDX: 000000000000fdef RSI: 0000200000000600 RDI: 0000000000000005
[  110.946072][ T7113] RBP: 00007f3ac2a37090 R08: 0000000000000000 R09: 0000000000000000
[  110.946084][ T7113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  110.946099][ T7113] R13: 0000000000000000 R14: 00007f3ac45f5fa0 R15: 00007fff73e78c88
[  110.946248][ T7113]  </TASK>
[  111.189136][ T7111] EXT4-fs error (device loop5): ext4_orphan_get:1393: inode #15: comm syz.5.1167: casefold flag without casefold feature
[  111.220344][ T7111] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.1167: couldn't read orphan inode 15 (err -117)
[  111.237261][ T7111] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  111.284120][ T7118] lo speed is unknown, defaulting to 1000
[  111.348976][ T4823] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.456888][ T7131] loop5: detected capacity change from 0 to 1024
[  111.482635][ T7131] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  111.501505][ T7131] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.556183][ T7131] FAULT_INJECTION: forcing a failure.
[  111.556183][ T7131] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  111.569706][ T7131] CPU: 0 UID: 0 PID: 7131 Comm: syz.5.1173 Not tainted 6.15.0-syzkaller-11121-gfe4281644c62 #0 PREEMPT(voluntary) 
[  111.569734][ T7131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  111.569747][ T7131] Call Trace:
[  111.569755][ T7131]  <TASK>
[  111.569765][ T7131]  __dump_stack+0x1d/0x30
[  111.569791][ T7131]  dump_stack_lvl+0xe8/0x140
[  111.569837][ T7131]  dump_stack+0x15/0x1b
[  111.569857][ T7131]  should_fail_ex+0x265/0x280
[  111.569931][ T7131]  should_fail_alloc_page+0xf2/0x100
[  111.569969][ T7131]  __alloc_frozen_pages_noprof+0xff/0x360
[  111.569999][ T7131]  alloc_pages_mpol+0xb3/0x250
[  111.570036][ T7131]  folio_alloc_mpol_noprof+0x39/0x80
[  111.570073][ T7131]  __read_swap_cache_async+0x10e/0x350
[  111.570188][ T7131]  swap_cluster_readahead+0x376/0x3e0
[  111.570226][ T7131]  swapin_readahead+0xde/0x6f0
[  111.570291][ T7131]  ? __filemap_get_folio+0x49f/0x650
[  111.570314][ T7131]  ? swap_cache_get_folio+0x77/0x200
[  111.570358][ T7131]  do_swap_page+0x301/0x2430
[  111.570445][ T7131]  ? __rcu_read_unlock+0x4f/0x70
[  111.570467][ T7131]  ? kvm_sched_clock_read+0x11/0x20
[  111.570491][ T7131]  ? __pfx_default_wake_function+0x10/0x10
[  111.570558][ T7131]  handle_mm_fault+0x9a5/0x2be0
[  111.570580][ T7131]  ? __rcu_read_unlock+0x4f/0x70
[  111.570681][ T7131]  do_user_addr_fault+0x3fe/0x1090
[  111.570714][ T7131]  exc_page_fault+0x62/0xa0
[  111.570796][ T7131]  asm_exc_page_fault+0x26/0x30
[  111.570869][ T7131] RIP: 0010:__get_user_4+0x14/0x20
[  111.570893][ T7131] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 ba 00 f0 ff ff ff 7f 00 00 48 39 d0 48 0f 47 c2 0f 01 cb <8b> 10 31 c0 0f 01 ca e9 90 de 01 00 90 90 90 90 90 90 90 90 90 90
[  111.570915][ T7131] RSP: 0018:ffffc90001857d00 EFLAGS: 00050283
[  111.570936][ T7131] RAX: 00002000000013c4 RBX: ffffc90001857dd0 RCX: 0000000000000000
[  111.570952][ T7131] RDX: 00007ffffffff000 RSI: 0000000000000000 RDI: ffffc90001857e58
[  111.570968][ T7131] RBP: ffffc90001857ea0 R08: ffff8881019abb58 R09: 0000000000000000
[  111.570983][ T7131] R10: ffffc90001857dd0 R11: 0001c90001857dd0 R12: 00002000000013c4
[  111.571031][ T7131] R13: ffff888237c25830 R14: ffff88811a3cec10 R15: 00002000000013c0
[  111.571048][ T7131]  perf_copy_attr+0x34/0x610
[  111.571073][ T7131]  ? perf_event_ctx_lock_nested+0x108/0x120
[  111.571099][ T7131]  perf_ioctl+0x266/0x12e0
[  111.571132][ T7131]  ? ioctl_has_perm+0x289/0x2a0
[  111.571224][ T7131]  ? do_vfs_ioctl+0xd1e/0x11d0
[  111.571246][ T7131]  ? __pfx_perf_ioctl+0x10/0x10
[  111.571308][ T7131]  __se_sys_ioctl+0xcb/0x140
[  111.571326][ T7131]  __x64_sys_ioctl+0x43/0x50
[  111.571382][ T7131]  x64_sys_call+0x19a8/0x2fb0
[  111.571407][ T7131]  do_syscall_64+0xd2/0x200
[  111.571488][ T7131]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  111.571588][ T7131]  ? clear_bhb_loop+0x40/0x90
[  111.571612][ T7131]  ? clear_bhb_loop+0x40/0x90
[  111.571689][ T7131]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.571710][ T7131] RIP: 0033:0x7f178394e969
[  111.571724][ T7131] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  111.571778][ T7131] RSP: 002b:00007f1781f96038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  111.571801][ T7131] RAX: ffffffffffffffda RBX: 00007f1783b76080 RCX: 00007f178394e969
[  111.571815][ T7131] RDX: 00002000000013c0 RSI: 000000004008240b RDI: 0000000000000003
[  111.571827][ T7131] RBP: 00007f1781f96090 R08: 0000000000000000 R09: 0000000000000000
[  111.571871][ T7131] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  111.571883][ T7131] R13: 0000000000000000 R14: 00007f1783b76080 R15: 00007ffc390fc268
[  111.571919][ T7131]  </TASK>
[  112.010211][ T7143] netlink: 'syz.6.1177': attribute type 10 has an invalid length.
[  112.018506][ T7143] team0: Device hsr_slave_0 failed to register rx_handler
[  112.028054][ T7130] syz.5.1173 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  112.042386][ T7130] CPU: 0 UID: 0 PID: 7130 Comm: syz.5.1173 Not tainted 6.15.0-syzkaller-11121-gfe4281644c62 #0 PREEMPT(voluntary) 
[  112.042458][ T7130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  112.042472][ T7130] Call Trace:
[  112.042479][ T7130]  <TASK>
[  112.042489][ T7130]  __dump_stack+0x1d/0x30
[  112.042514][ T7130]  dump_stack_lvl+0xe8/0x140
[  112.042537][ T7130]  dump_stack+0x15/0x1b
[  112.042587][ T7130]  dump_header+0x81/0x220
[  112.042691][ T7130]  oom_kill_process+0x334/0x3f0
[  112.042731][ T7130]  out_of_memory+0x979/0xb80
[  112.042765][ T7130]  try_charge_memcg+0x5e6/0x9e0
[  112.042853][ T7130]  obj_cgroup_charge_pages+0xa6/0x150
[  112.042891][ T7130]  __memcg_kmem_charge_page+0x9f/0x170
[  112.042927][ T7130]  __alloc_frozen_pages_noprof+0x188/0x360
[  112.043000][ T7130]  alloc_pages_mpol+0xb3/0x250
[  112.043043][ T7130]  alloc_pages_noprof+0x90/0x130
[  112.043121][ T7130]  __vmalloc_node_range_noprof+0x6f2/0xe00
[  112.043201][ T7130]  __kvmalloc_node_noprof+0x312/0x4f0
[  112.043237][ T7130]  ? ip_set_alloc+0x1f/0x30
[  112.043266][ T7130]  ? ip_set_alloc+0x1f/0x30
[  112.043372][ T7130]  ? __kmalloc_cache_noprof+0x189/0x320
[  112.043406][ T7130]  ip_set_alloc+0x1f/0x30
[  112.043429][ T7130]  hash_netiface_create+0x282/0x740
[  112.043537][ T7130]  ? __pfx_hash_netiface_create+0x10/0x10
[  112.043567][ T7130]  ip_set_create+0x3c9/0x960
[  112.043603][ T7130]  ? __nla_parse+0x40/0x60
[  112.043632][ T7130]  nfnetlink_rcv_msg+0x4c3/0x590
[  112.043678][ T7130]  ? selinux_capable+0x1f9/0x270
[  112.043703][ T7130]  netlink_rcv_skb+0x123/0x220
[  112.043758][ T7130]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  112.043863][ T7130]  nfnetlink_rcv+0x16b/0x1690
[  112.043891][ T7130]  ? inat_get_opcode_attribute+0xc/0x20
[  112.043983][ T7130]  ? insn_get_opcode+0x750/0x790
[  112.044084][ T7130]  ? __list_add_valid_or_report+0x38/0xe0
[  112.044117][ T7130]  ? merge_sched_in+0x605/0xa60
[  112.044139][ T7130]  ? cmp_ex_search+0x25/0x40
[  112.044156][ T7130]  ? bsearch+0x95/0xc0
[  112.044213][ T7130]  ? __pfx_cmp_ex_search+0x10/0x10
[  112.044234][ T7130]  ? rep_movs_alternative+0x11/0x90
[  112.044327][ T7130]  ? search_extable+0x53/0x80
[  112.044347][ T7130]  ? rep_movs_alternative+0x11/0x90
[  112.044376][ T7130]  ? should_fail_ex+0x30/0x280
[  112.044401][ T7130]  ? selinux_nlmsg_lookup+0x99/0x890
[  112.044438][ T7130]  ? selinux_netlink_send+0x59f/0x5f0
[  112.044458][ T7130]  ? __rcu_read_unlock+0x34/0x70
[  112.044480][ T7130]  ? __netlink_lookup+0x266/0x2a0
[  112.044533][ T7130]  netlink_unicast+0x5a1/0x670
[  112.044565][ T7130]  netlink_sendmsg+0x58b/0x6b0
[  112.044595][ T7130]  ? __pfx_netlink_sendmsg+0x10/0x10
[  112.044625][ T7130]  __sock_sendmsg+0x142/0x180
[  112.044673][ T7130]  ____sys_sendmsg+0x31e/0x4e0
[  112.044738][ T7130]  ___sys_sendmsg+0x17b/0x1d0
[  112.044770][ T7130]  ? _raw_spin_unlock_irqrestore+0x2b/0x60
[  112.044876][ T7130]  __x64_sys_sendmsg+0xd4/0x160
[  112.044913][ T7130]  x64_sys_call+0x2999/0x2fb0
[  112.044939][ T7130]  do_syscall_64+0xd2/0x200
[  112.045030][ T7130]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  112.045077][ T7130]  ? clear_bhb_loop+0x40/0x90
[  112.045107][ T7130]  ? clear_bhb_loop+0x40/0x90
[  112.045132][ T7130]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.045157][ T7130] RIP: 0033:0x7f178394e969
[  112.045176][ T7130] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  112.045197][ T7130] RSP: 002b:00007f1781fb7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  112.045297][ T7130] RAX: ffffffffffffffda RBX: 00007f1783b75fa0 RCX: 00007f178394e969
[  112.045312][ T7130] RDX: 0000000000000810 RSI: 0000200000000040 RDI: 0000000000000004
[  112.045327][ T7130] RBP: 00007f17839d0ab1 R08: 0000000000000000 R09: 0000000000000000
[  112.045343][ T7130] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  112.045358][ T7130] R13: 0000000000000000 R14: 00007f1783b75fa0 R15: 00007ffc390fc268
[  112.045388][ T7130]  </TASK>
[  112.045395][ T7130] memory: usage 307200kB, limit 307200kB, failcnt 108
[  112.048403][ T7145] netlink: 'syz.0.1178': attribute type 3 has an invalid length.
[  112.057538][ T7130] memory+swap: usage 307504kB, limit 9007199254740988kB, failcnt 0
[  112.067683][ T7145] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1178'.
[  112.070970][ T7130] kmem: usage 307076kB, limit 9007199254740988kB, failcnt 0
[  112.469922][ T7130] Memory cgroup stats for /syz5:
[  112.470255][ T7130] cache 0
[  112.478191][ T7130] rss 0
[  112.481105][ T7130] shmem 0
[  112.484057][ T7130] mapped_file 0
[  112.487533][ T7130] dirty 0
[  112.490559][ T7130] writeback 0
[  112.493864][ T7130] workingset_refault_anon 27
[  112.498567][ T7130] workingset_refault_file 0
[  112.503257][ T7130] swap 311296
[  112.506587][ T7130] swapcached 114688
[  112.510516][ T7130] nr_memmap_boot_pages 117364
[  112.515264][ T7130] pgpgin 117333
[  112.518799][ T7130] pglazyfree 102654
[  112.522710][ T7130] pgfault 15
[  112.525979][ T7130] a_other 0
[  112.529106][ T7130] inactive_anon 114688
[  112.533295][ T7130] active_anon 0
[  112.536759][ T7130] inactive_file 12288
[  112.540757][ T7130] active_file 0
[  112.544264][ T7130] hierarchical_memory_limit 314572800
[  112.549613][ T7130] hierarchical_memsw_limit 9223372036854771712
[  112.555877][ T7130] total_cache 0
[  112.559324][ T7130] total_rss 0
[  112.562599][ T7130] total_shmem 0
[  112.566052][ T7130] total_mapped_file 0
[  112.570032][ T7130] total_dirty 0
[  112.573475][ T7130] total_writeback 0
[  112.577257][ T7130] total_workingset_refault_anon 27
[  112.582355][ T7130] total_workingset_refault_file 0
[  112.587430][ T7130] total_swap 311296
[  112.591234][ T7130] total_swapcached 114688
[  112.595600][ T7130] total_nr_memmap_boot_pages 117364
[  112.600898][ T7130] total_pgpgin 117333
[  112.604884][ T7130] total_pglazyfree 102654
[  112.609184][ T7130] total_pgfault 15
[  112.612898][ T7130] total_a_other 0
[  112.616514][ T7130] total_inactive_anon 114688
[  112.621169][ T7130] total_active_anon 0
[  112.625139][ T7130] total_inactive_file 12288
[  112.629628][ T7130] total_active_file 0
[  112.633635][ T7130] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz5,task_memcg=/syz5,task=syz.5.1173,pid=7129,uid=0
[  112.648573][ T7130] Memory cgroup out of memory: Killed process 7129 (syz.5.1173) total-vm:89908kB, anon-rss:1064kB, file-rss:21668kB, shmem-rss:0kB, UID:0 pgtables:112kB oom_score_adj:1000
[  112.803888][ T6458] IPVS: starting estimator thread 0...
[  112.829192][ T7171] FAULT_INJECTION: forcing a failure.
[  112.829192][ T7171] name failslab, interval 1, probability 0, space 0, times 0
[  112.842010][ T7171] CPU: 1 UID: 0 PID: 7171 Comm: syz.6.1186 Not tainted 6.15.0-syzkaller-11121-gfe4281644c62 #0 PREEMPT(voluntary) 
[  112.842038][ T7171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  112.842052][ T7171] Call Trace:
[  112.842059][ T7171]  <TASK>
[  112.842068][ T7171]  __dump_stack+0x1d/0x30
[  112.842094][ T7171]  dump_stack_lvl+0xe8/0x140
[  112.842193][ T7171]  dump_stack+0x15/0x1b
[  112.842213][ T7171]  should_fail_ex+0x265/0x280
[  112.842234][ T7171]  should_failslab+0x8c/0xb0
[  112.842308][ T7171]  kmem_cache_alloc_noprof+0x50/0x310
[  112.842341][ T7171]  ? getname_flags+0x80/0x3b0
[  112.842373][ T7171]  getname_flags+0x80/0x3b0
[  112.842401][ T7171]  __x64_sys_rmdir+0x21/0x40
[  112.842443][ T7171]  x64_sys_call+0x2ae3/0x2fb0
[  112.842468][ T7171]  do_syscall_64+0xd2/0x200
[  112.842500][ T7171]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  112.842608][ T7171]  ? clear_bhb_loop+0x40/0x90
[  112.842633][ T7171]  ? clear_bhb_loop+0x40/0x90
[  112.842682][ T7171]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.842820][ T7171] RIP: 0033:0x7fc2b8b0e969
[  112.842838][ T7171] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  112.842860][ T7171] RSP: 002b:00007fc2b7177038 EFLAGS: 00000246 ORIG_RAX: 0000000000000054
[  112.842882][ T7171] RAX: ffffffffffffffda RBX: 00007fc2b8d35fa0 RCX: 00007fc2b8b0e969
[  112.842898][ T7171] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  112.842938][ T7171] RBP: 00007fc2b7177090 R08: 0000000000000000 R09: 0000000000000000
[  112.842952][ T7171] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  112.842967][ T7171] R13: 0000000000000000 R14: 00007fc2b8d35fa0 R15: 00007ffee8b58af8
[  112.842989][ T7171]  </TASK>
[  113.082966][ T7169] IPVS: using max 2544 ests per chain, 127200 per kthread
[  113.137329][ T7182] loop6: detected capacity change from 0 to 512
[  113.150706][ T7182] EXT4-fs warning (device loop6): ext4_multi_mount_protect:398: Unable to create kmmpd thread for loop6.
[  113.213527][ T7130] syz.5.1173 (7130) used greatest stack depth: 7000 bytes left
[  113.384586][ T7203] netlink: 52 bytes leftover after parsing attributes in process `syz.5.1196'.
[  113.666716][ T7219] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1200'.
[  113.736066][ T7229] loop5: detected capacity change from 0 to 1024
[  113.744619][ T7229] ext4: Unknown parameter 'uid<00000000000000000000'
[  113.839643][ T7250] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1208'.
[  113.865375][ T7254] loop6: detected capacity change from 0 to 164
[  113.876061][ T7254] bio_check_eod: 104 callbacks suppressed
[  113.876097][ T7254] syz.6.1212: attempt to access beyond end of device
[  113.876097][ T7254] loop6: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  113.884174][ T7236] netlink: 64 bytes leftover after parsing attributes in process `syz.5.1208'.
[  113.896010][ T7254] syz.6.1212: attempt to access beyond end of device
[  113.896010][ T7254] loop6: rw=0, sector=263328, nr_sectors = 4 limit=164
[  113.907296][ T7236] netlink: 208 bytes leftover after parsing attributes in process `syz.5.1208'.
[  114.035578][ T7271] loop6: detected capacity change from 0 to 1024
[  114.042805][ T7271] EXT4-fs: Ignoring removed orlov option
[  114.048876][ T7271] EXT4-fs (loop6): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  114.066988][ T7273] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5123 sclass=netlink_route_socket pid=7273 comm=syz.5.1220
[  114.087974][ T7271] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  114.127462][ T7271] FAULT_INJECTION: forcing a failure.
[  114.127462][ T7271] name failslab, interval 1, probability 0, space 0, times 0
[  114.140250][ T7271] CPU: 0 UID: 0 PID: 7271 Comm: syz.6.1219 Not tainted 6.15.0-syzkaller-11121-gfe4281644c62 #0 PREEMPT(voluntary) 
[  114.140284][ T7271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  114.140374][ T7271] Call Trace:
[  114.140382][ T7271]  <TASK>
[  114.140393][ T7271]  __dump_stack+0x1d/0x30
[  114.140417][ T7271]  dump_stack_lvl+0xe8/0x140
[  114.140442][ T7271]  dump_stack+0x15/0x1b
[  114.140459][ T7271]  should_fail_ex+0x265/0x280
[  114.140498][ T7271]  should_failslab+0x8c/0xb0
[  114.140527][ T7271]  __kmalloc_noprof+0xa5/0x3e0
[  114.140560][ T7271]  ? ext4_xattr_block_set+0x24f/0x1a30
[  114.140652][ T7271]  ext4_xattr_block_set+0x24f/0x1a30
[  114.140679][ T7271]  ? errseq_check+0x2c/0x50
[  114.140717][ T7271]  ext4_xattr_set_handle+0xa4f/0xe70
[  114.140815][ T7271]  ext4_initxattrs+0x62/0xc0
[  114.140847][ T7271]  security_inode_init_security+0x25c/0x330
[  114.140868][ T7271]  ? __pfx_ext4_initxattrs+0x10/0x10
[  114.141007][ T7271]  ext4_init_security+0x34/0x50
[  114.141062][ T7271]  __ext4_new_inode+0x20fb/0x22e0
[  114.141140][ T7271]  ext4_symlink+0x284/0x660
[  114.141169][ T7271]  vfs_symlink+0xd4/0x1e0
[  114.141313][ T7271]  do_symlinkat+0xc7/0x3c0
[  114.141341][ T7271]  __x64_sys_symlink+0x50/0x60
[  114.141384][ T7271]  x64_sys_call+0x2d8d/0x2fb0
[  114.141411][ T7271]  do_syscall_64+0xd2/0x200
[  114.141507][ T7271]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  114.141534][ T7271]  ? clear_bhb_loop+0x40/0x90
[  114.141560][ T7271]  ? clear_bhb_loop+0x40/0x90
[  114.141611][ T7271]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.141637][ T7271] RIP: 0033:0x7fc2b8b0e969
[  114.141656][ T7271] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  114.141676][ T7271] RSP: 002b:00007fc2b7177038 EFLAGS: 00000246 ORIG_RAX: 0000000000000058
[  114.141696][ T7271] RAX: ffffffffffffffda RBX: 00007fc2b8d35fa0 RCX: 00007fc2b8b0e969
[  114.141709][ T7271] RDX: 0000000000000000 RSI: 0000200000000540 RDI: 0000200000000340
[  114.141764][ T7271] RBP: 00007fc2b7177090 R08: 0000000000000000 R09: 0000000000000000
[  114.141780][ T7271] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  114.141867][ T7271] R13: 0000000000000000 R14: 00007fc2b8d35fa0 R15: 00007ffee8b58af8
[  114.141944][ T7271]  </TASK>
[  114.147906][ T7271] usb usb1: usbfs: interface 0 claimed by hub while 'syz.6.1219' sets config #0
[  114.393772][   T29] kauditd_printk_skb: 156 callbacks suppressed
[  114.393789][   T29] audit: type=1326 audit(1748956437.008:3593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7268 comm="syz.6.1219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2b8b0e969 code=0x7ffc0000
[  114.423773][   T29] audit: type=1326 audit(1748956437.008:3594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7268 comm="syz.6.1219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2b8b0e969 code=0x7ffc0000
[  114.451947][ T7296] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1227'.
[  114.463180][ T7296] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1227'.
[  114.478342][ T5854] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.491788][   T29] audit: type=1326 audit(1748956437.098:3595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7297 comm="syz.5.1229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178394e969 code=0x7ffc0000
[  114.515361][   T29] audit: type=1400 audit(1748956437.108:3597): avc:  denied  { write } for  pid=7292 comm="syz.0.1227" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  114.536016][   T29] audit: type=1326 audit(1748956437.098:3596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7297 comm="syz.5.1229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f178394e969 code=0x7ffc0000
[  114.605598][ T7309] netlink: 'syz.6.1228': attribute type 1 has an invalid length.
[  114.635752][   T29] audit: type=1400 audit(1748956437.248:3598): avc:  denied  { create } for  pid=7308 comm="syz.6.1228" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[  114.658217][   T29] audit: type=1400 audit(1748956437.268:3599): avc:  denied  { sys_admin } for  pid=7308 comm="syz.6.1228" capability=21  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1
[  114.693645][ T7309] lo speed is unknown, defaulting to 1000
[  114.870680][ T7323] syzkaller0: entered promiscuous mode
[  114.876214][ T7323] syzkaller0: entered allmulticast mode
[  114.949721][ T7325] syzkaller0: entered promiscuous mode
[  114.955285][ T7325] syzkaller0: entered allmulticast mode
[  114.963997][ T7325] FAULT_INJECTION: forcing a failure.
[  114.963997][ T7325] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  114.977140][ T7325] CPU: 1 UID: 0 PID: 7325 Comm: syz.4.1239 Not tainted 6.15.0-syzkaller-11121-gfe4281644c62 #0 PREEMPT(voluntary) 
[  114.977235][ T7325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  114.977248][ T7325] Call Trace:
[  114.977299][ T7325]  <TASK>
[  114.977401][ T7325]  __dump_stack+0x1d/0x30
[  114.977425][ T7325]  dump_stack_lvl+0xe8/0x140
[  114.977446][ T7325]  dump_stack+0x15/0x1b
[  114.977464][ T7325]  should_fail_ex+0x265/0x280
[  114.977486][ T7325]  should_fail+0xb/0x20
[  114.977580][ T7325]  should_fail_usercopy+0x1a/0x20
[  114.977682][ T7325]  _copy_from_user+0x1c/0xb0
[  114.977708][ T7325]  ___sys_recvmsg+0xaa/0x370
[  114.977740][ T7325]  ? _parse_integer+0x27/0x40
[  114.977779][ T7325]  do_recvmmsg+0x1ef/0x540
[  114.977884][ T7325]  ? fput+0x8f/0xc0
[  114.977914][ T7325]  __x64_sys_recvmmsg+0xe5/0x170
[  114.977981][ T7325]  x64_sys_call+0x1c6a/0x2fb0
[  114.978005][ T7325]  do_syscall_64+0xd2/0x200
[  114.978035][ T7325]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  114.978127][ T7325]  ? clear_bhb_loop+0x40/0x90
[  114.978149][ T7325]  ? clear_bhb_loop+0x40/0x90
[  114.978172][ T7325]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.978273][ T7325] RIP: 0033:0x7f449533e969
[  114.978290][ T7325] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  114.978323][ T7325] RSP: 002b:00007f44939a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  114.978346][ T7325] RAX: ffffffffffffffda RBX: 00007f4495565fa0 RCX: 00007f449533e969
[  114.978437][ T7325] RDX: 0000000000001b00 RSI: 0000200000005140 RDI: 0000000000000007
[  114.978451][ T7325] RBP: 00007f44939a7090 R08: 0000000000000000 R09: 0000000000000000
[  114.978464][ T7325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  114.978520][ T7325] R13: 0000000000000000 R14: 00007f4495565fa0 R15: 00007fff721bf6b8
[  114.978540][ T7325]  </TASK>
[  115.231128][ T7343] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1244'.
[  115.255296][ T7350] netlink: 'syz.4.1246': attribute type 13 has an invalid length.
[  115.268342][ T7350] gretap0: refused to change device tx_queue_len
[  115.277164][ T7350] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  115.328690][ T7343] netlink: 'syz.2.1244': attribute type 21 has an invalid length.
[  115.337990][   T29] audit: type=1326 audit(1748956437.938:3600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7349 comm="syz.4.1246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449533e969 code=0x7ffc0000
[  115.361610][   T29] audit: type=1326 audit(1748956437.938:3601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7349 comm="syz.4.1246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f449533e969 code=0x7ffc0000
[  115.385171][   T29] audit: type=1326 audit(1748956437.938:3602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7349 comm="syz.4.1246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449533e969 code=0x7ffc0000
[  115.413346][ T7343] netlink: 'syz.2.1244': attribute type 1 has an invalid length.
[  115.564325][ T7362] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  115.574729][ T6458] IPVS: starting estimator thread 0...
[  115.605165][ T7365] loop5: detected capacity change from 0 to 512
[  115.680341][ T7365] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  115.680384][ T7368] IPVS: using max 2736 ests per chain, 136800 per kthread
[  115.703992][ T7365] EXT4-fs (loop5): 1 truncate cleaned up
[  115.710526][ T7365] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  115.745879][ T7377] openvswitch: netlink: Message has 6 unknown bytes.
[  115.833296][ T7384] xt_hashlimit: max too large, truncated to 1048576
[  115.846028][ T4823] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.913409][ T7392] binfmt_misc: register: failed to install interpreter file ./file2
[  116.061094][ T7406] netlink: 'syz.2.1266': attribute type 13 has an invalid length.
[  116.115566][ T7406] gretap0: refused to change device tx_queue_len
[  116.126463][ T7402] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=15628 sclass=netlink_route_socket pid=7402 comm=syz.4.1263
[  116.148656][ T7406] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  116.164896][ T6458] lo speed is unknown, defaulting to 1000
[  116.170789][ T6458] syz0: Port: 1 Link ACTIVE
[  116.180247][ T7402] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1263'.
[  116.197399][ T7402] batadv1: entered promiscuous mode
[  116.203853][ T7402] 8021q: adding VLAN 0 to HW filter on device batadv1
[  116.387693][ T7420] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1271'.
[  116.484070][ T7422] lo speed is unknown, defaulting to 1000
[  117.146229][ T7439] netlink: 'syz.4.1278': attribute type 13 has an invalid length.
[  117.188649][ T7439] gretap0: refused to change device tx_queue_len
[  117.215749][ T7439] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  117.306664][ T7442] netlink: 'syz.2.1279': attribute type 13 has an invalid length.
[  117.318188][ T7444] netlink: 'syz.6.1280': attribute type 13 has an invalid length.
[  117.341075][ T7442] gretap0: refused to change device tx_queue_len
[  117.361094][ T7442] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  117.440372][ T7446] random: crng reseeded on system resumption
[  117.709146][ T7457] lo speed is unknown, defaulting to 1000
[  118.594296][ T7508] FAULT_INJECTION: forcing a failure.
[  118.594296][ T7508] name failslab, interval 1, probability 0, space 0, times 0
[  118.607076][ T7508] CPU: 1 UID: 0 PID: 7508 Comm: syz.5.1307 Not tainted 6.15.0-syzkaller-11121-gfe4281644c62 #0 PREEMPT(voluntary) 
[  118.607156][ T7508] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  118.607170][ T7508] Call Trace:
[  118.607178][ T7508]  <TASK>
[  118.607186][ T7508]  __dump_stack+0x1d/0x30
[  118.607209][ T7508]  dump_stack_lvl+0xe8/0x140
[  118.607283][ T7508]  dump_stack+0x15/0x1b
[  118.607301][ T7508]  should_fail_ex+0x265/0x280
[  118.607470][ T7508]  should_failslab+0x8c/0xb0
[  118.607499][ T7508]  kmem_cache_alloc_noprof+0x50/0x310
[  118.607533][ T7508]  ? alloc_empty_file+0x76/0x200
[  118.607568][ T7508]  alloc_empty_file+0x76/0x200
[  118.607639][ T7508]  alloc_file_pseudo+0xc6/0x160
[  118.607724][ T7508]  aio_setup_ring+0x133/0x760
[  118.607751][ T7508]  ioctx_alloc+0x2c4/0x4e0
[  118.607772][ T7508]  ? fput+0x8f/0xc0
[  118.607800][ T7508]  __se_sys_io_setup+0x6b/0x1b0
[  118.607850][ T7508]  __x64_sys_io_setup+0x31/0x40
[  118.607873][ T7508]  x64_sys_call+0x2f0e/0x2fb0
[  118.607914][ T7508]  do_syscall_64+0xd2/0x200
[  118.607984][ T7508]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  118.608060][ T7508]  ? clear_bhb_loop+0x40/0x90
[  118.608085][ T7508]  ? clear_bhb_loop+0x40/0x90
[  118.608109][ T7508]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.608134][ T7508] RIP: 0033:0x7f178394e969
[  118.608153][ T7508] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  118.608173][ T7508] RSP: 002b:00007f1781fb7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce
[  118.608197][ T7508] RAX: ffffffffffffffda RBX: 00007f1783b75fa0 RCX: 00007f178394e969
[  118.608211][ T7508] RDX: 0000000000000000 RSI: 0000200000000680 RDI: 0000000000002004
[  118.608224][ T7508] RBP: 00007f1781fb7090 R08: 0000000000000000 R09: 0000000000000000
[  118.608245][ T7508] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  118.608260][ T7508] R13: 0000000000000000 R14: 00007f1783b75fa0 R15: 00007ffc390fc268
[  118.608280][ T7508]  </TASK>
[  118.826471][ T7497] lo speed is unknown, defaulting to 1000
[  118.951662][ T7522] FAULT_INJECTION: forcing a failure.
[  118.951662][ T7522] name failslab, interval 1, probability 0, space 0, times 0
[  118.964429][ T7522] CPU: 0 UID: 0 PID: 7522 Comm: syz.2.1313 Not tainted 6.15.0-syzkaller-11121-gfe4281644c62 #0 PREEMPT(voluntary) 
[  118.964462][ T7522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  118.964477][ T7522] Call Trace:
[  118.964484][ T7522]  <TASK>
[  118.964492][ T7522]  __dump_stack+0x1d/0x30
[  118.964513][ T7522]  dump_stack_lvl+0xe8/0x140
[  118.964532][ T7522]  dump_stack+0x15/0x1b
[  118.964607][ T7522]  should_fail_ex+0x265/0x280
[  118.964631][ T7522]  ? audit_log_d_path+0x8d/0x150
[  118.964689][ T7522]  should_failslab+0x8c/0xb0
[  118.964718][ T7522]  __kmalloc_cache_noprof+0x4c/0x320
[  118.964798][ T7522]  audit_log_d_path+0x8d/0x150
[  118.964834][ T7522]  audit_log_d_path_exe+0x42/0x70
[  118.964857][ T7522]  audit_log_task+0x1e9/0x250
[  118.964892][ T7522]  audit_seccomp+0x61/0x100
[  118.964944][ T7522]  ? __seccomp_filter+0x68c/0x10d0
[  118.964969][ T7522]  __seccomp_filter+0x69d/0x10d0
[  118.964999][ T7522]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  118.965021][ T7522]  ? __rcu_read_unlock+0x4f/0x70
[  118.965088][ T7522]  ? __fget_files+0x184/0x1c0
[  118.965150][ T7522]  __secure_computing+0x82/0x150
[  118.965172][ T7522]  syscall_trace_enter+0xcf/0x1e0
[  118.965220][ T7522]  do_syscall_64+0xac/0x200
[  118.965247][ T7522]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  118.965276][ T7522]  ? clear_bhb_loop+0x40/0x90
[  118.965297][ T7522]  ? clear_bhb_loop+0x40/0x90
[  118.965317][ T7522]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.965337][ T7522] RIP: 0033:0x7f3ac43cd37c
[  118.965411][ T7522] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  118.965429][ T7522] RSP: 002b:00007f3ac2a37030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  118.965448][ T7522] RAX: ffffffffffffffda RBX: 00007f3ac45f5fa0 RCX: 00007f3ac43cd37c
[  118.965462][ T7522] RDX: 000000000000000f RSI: 00007f3ac2a370a0 RDI: 0000000000000006
[  118.965474][ T7522] RBP: 00007f3ac2a37090 R08: 0000000000000000 R09: 0000000000000000
[  118.965485][ T7522] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  118.965497][ T7522] R13: 0000000000000000 R14: 00007f3ac45f5fa0 R15: 00007fff73e78c88
[  118.965515][ T7522]  </TASK>
[  118.966180][ T7510] __nla_validate_parse: 1 callbacks suppressed
[  118.966193][ T7510] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1308'.
[  118.967048][ T7520] loop6: detected capacity change from 0 to 512
[  119.144243][ T7524] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1314'.
[  119.246078][ T7510] bridge_slave_1: left allmulticast mode
[  119.251801][ T7510] bridge_slave_1: left promiscuous mode
[  119.257642][ T7510] bridge0: port 2(bridge_slave_1) entered disabled state
[  119.271634][ T7520] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  119.280751][ T7520] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem
[  119.291803][ T7510] bridge_slave_0: left allmulticast mode
[  119.292133][ T7520] EXT4-fs (loop6): warning: mounting unchecked fs, running e2fsck is recommended
[  119.297475][ T7510] bridge_slave_0: left promiscuous mode
[  119.307623][ T7520] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  119.312574][ T7510] bridge0: port 1(bridge_slave_0) entered disabled state
[  119.321915][ T7520] System zones: 0-2, 18-18, 34-35
[  119.351150][ T7520] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  119.413749][ T7524] ipvlan2: entered promiscuous mode
[  119.419519][ T7524] bridge0: port 3(ipvlan2) entered blocking state
[  119.419749][ T5854] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.425982][ T7524] bridge0: port 3(ipvlan2) entered disabled state
[  119.441763][ T7524] ipvlan2: entered allmulticast mode
[  119.447081][ T7524] bridge0: entered allmulticast mode
[  119.453032][ T7524] ipvlan2: left allmulticast mode
[  119.458160][ T7524] bridge0: left allmulticast mode
[  119.492629][   T29] kauditd_printk_skb: 173 callbacks suppressed
[  119.492647][   T29] audit: type=1400 audit(1748956442.108:3776): avc:  denied  { getopt } for  pid=7538 comm="syz.6.1318" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  119.496479][ T7535] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  119.581278][ T7541] lo speed is unknown, defaulting to 1000
[  119.651535][ T7545] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1321'.
[  119.660489][ T7545] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1321'.
[  119.879536][ T7558] netlink: 'syz.0.1325': attribute type 10 has an invalid length.
[  119.904630][ T7558] team0: Device hsr_slave_0 failed to register rx_handler
[  120.394670][ T7601] netlink: 'syz.4.1344': attribute type 21 has an invalid length.
[  120.402699][ T7601] netlink: 128 bytes leftover after parsing attributes in process `syz.4.1344'.
[  120.434051][ T7601] netlink: 'syz.4.1344': attribute type 4 has an invalid length.
[  120.441889][ T7601] netlink: 'syz.4.1344': attribute type 5 has an invalid length.
[  120.449641][ T7601] netlink: 3 bytes leftover after parsing attributes in process `syz.4.1344'.
[  120.701517][   T29] audit: type=1326 audit(1748956443.308:3777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7616 comm="syz.6.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2b8b0e969 code=0x7ffc0000
[  120.725110][   T29] audit: type=1326 audit(1748956443.308:3778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7616 comm="syz.6.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2b8b0e969 code=0x7ffc0000
[  120.748688][   T29] audit: type=1326 audit(1748956443.308:3779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7616 comm="syz.6.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc2b8b0e969 code=0x7ffc0000
[  120.772233][   T29] audit: type=1326 audit(1748956443.308:3780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7616 comm="syz.6.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2b8b0e969 code=0x7ffc0000
[  120.796993][   T29] audit: type=1326 audit(1748956443.308:3781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7616 comm="syz.6.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc2b8b0e969 code=0x7ffc0000
[  120.820444][   T29] audit: type=1326 audit(1748956443.308:3782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7616 comm="syz.6.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2b8b0e969 code=0x7ffc0000
[  120.844229][   T29] audit: type=1326 audit(1748956443.308:3783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7616 comm="syz.6.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2b8b0e969 code=0x7ffc0000
[  120.844281][   T29] audit: type=1326 audit(1748956443.308:3784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7616 comm="syz.6.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc2b8b0e969 code=0x7ffc0000
[  120.891307][   T29] audit: type=1326 audit(1748956443.308:3785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7616 comm="syz.6.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2b8b0e969 code=0x7ffc0000
[  120.951108][ T7626] FAULT_INJECTION: forcing a failure.
[  120.951108][ T7626] name failslab, interval 1, probability 0, space 0, times 0
[  120.963874][ T7626] CPU: 1 UID: 0 PID: 7626 Comm: syz.0.1354 Not tainted 6.15.0-syzkaller-11121-gfe4281644c62 #0 PREEMPT(voluntary) 
[  120.963951][ T7626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  120.963963][ T7626] Call Trace:
[  120.963969][ T7626]  <TASK>
[  120.963976][ T7626]  __dump_stack+0x1d/0x30
[  120.963997][ T7626]  dump_stack_lvl+0xe8/0x140
[  120.964015][ T7626]  dump_stack+0x15/0x1b
[  120.964030][ T7626]  should_fail_ex+0x265/0x280
[  120.964153][ T7626]  should_failslab+0x8c/0xb0
[  120.964185][ T7626]  kmem_cache_alloc_noprof+0x50/0x310
[  120.964235][ T7626]  ? radix_tree_node_alloc+0x8a/0x1f0
[  120.964262][ T7626]  radix_tree_node_alloc+0x8a/0x1f0
[  120.964323][ T7626]  ? multiq_tune+0x4c1/0x840
[  120.964352][ T7626]  ? multiq_init+0x17c/0x1a0
[  120.964383][ T7626]  idr_get_free+0x1fa/0x550
[  120.964409][ T7626]  idr_alloc_u32+0xca/0x180
[  120.964439][ T7626]  basic_change+0x273/0x840
[  120.964516][ T7626]  ? __pfx_basic_change+0x10/0x10
[  120.964542][ T7626]  tc_new_tfilter+0xde4/0x10a0
[  120.964585][ T7626]  ? __pfx_tc_new_tfilter+0x10/0x10
[  120.964676][ T7626]  rtnetlink_rcv_msg+0x5fe/0x6d0
[  120.964698][ T7626]  netlink_rcv_skb+0x123/0x220
[  120.964725][ T7626]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  120.964761][ T7626]  rtnetlink_rcv+0x1c/0x30
[  120.964776][ T7626]  netlink_unicast+0x5a1/0x670
[  120.964846][ T7626]  netlink_sendmsg+0x58b/0x6b0
[  120.964900][ T7626]  ? __pfx_netlink_sendmsg+0x10/0x10
[  120.964929][ T7626]  __sock_sendmsg+0x142/0x180
[  120.964950][ T7626]  ____sys_sendmsg+0x31e/0x4e0
[  120.964980][ T7626]  ___sys_sendmsg+0x17b/0x1d0
[  120.965090][ T7626]  __x64_sys_sendmsg+0xd4/0x160
[  120.965121][ T7626]  x64_sys_call+0x2999/0x2fb0
[  120.965177][ T7626]  do_syscall_64+0xd2/0x200
[  120.965205][ T7626]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  120.965230][ T7626]  ? clear_bhb_loop+0x40/0x90
[  120.965300][ T7626]  ? clear_bhb_loop+0x40/0x90
[  120.965326][ T7626]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.965346][ T7626] RIP: 0033:0x7f2dc6cbe969
[  120.965361][ T7626] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  120.965379][ T7626] RSP: 002b:00007f2dc5327038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  120.965398][ T7626] RAX: ffffffffffffffda RBX: 00007f2dc6ee5fa0 RCX: 00007f2dc6cbe969
[  120.965459][ T7626] RDX: 0000000004008000 RSI: 0000200000006040 RDI: 0000000000000004
[  120.965471][ T7626] RBP: 00007f2dc5327090 R08: 0000000000000000 R09: 0000000000000000
[  120.965573][ T7626] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  120.965585][ T7626] R13: 0000000000000000 R14: 00007f2dc6ee5fa0 R15: 00007ffcea4ba2a8
[  120.965602][ T7626]  </TASK>
[  121.272059][ T7633] netlink: 100 bytes leftover after parsing attributes in process `syz.5.1357'.
[  121.300711][ T7628] netlink: 'syz.2.1355': attribute type 13 has an invalid length.
[  121.314914][ T7614] netlink: 'syz.4.1349': attribute type 10 has an invalid length.
[  121.354327][ T7628] gretap0: refused to change device tx_queue_len
[  121.360959][ T7628] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  121.437999][ T7649] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1364'.
[  121.649433][ T7662] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1370'.
[  121.717899][ T7672] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1374'.
[  121.872962][ T7691] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  122.045988][ T7722] netlink: 'syz.4.1396': attribute type 13 has an invalid length.
[  122.054781][ T7722] gretap0: refused to change device tx_queue_len
[  122.069422][ T7722] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  122.351199][ T7757] FAULT_INJECTION: forcing a failure.
[  122.351199][ T7757] name failslab, interval 1, probability 0, space 0, times 0
[  122.364068][ T7757] CPU: 1 UID: 0 PID: 7757 Comm: syz.5.1410 Not tainted 6.15.0-syzkaller-11121-gfe4281644c62 #0 PREEMPT(voluntary) 
[  122.364098][ T7757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  122.364143][ T7757] Call Trace:
[  122.364151][ T7757]  <TASK>
[  122.364160][ T7757]  __dump_stack+0x1d/0x30
[  122.364187][ T7757]  dump_stack_lvl+0xe8/0x140
[  122.364207][ T7757]  dump_stack+0x15/0x1b
[  122.364224][ T7757]  should_fail_ex+0x265/0x280
[  122.364246][ T7757]  should_failslab+0x8c/0xb0
[  122.364373][ T7757]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  122.364402][ T7757]  ? sidtab_sid2str_get+0xa0/0x130
[  122.364433][ T7757]  kmemdup_noprof+0x2b/0x70
[  122.364452][ T7757]  sidtab_sid2str_get+0xa0/0x130
[  122.364537][ T7757]  security_sid_to_context_core+0x1eb/0x2e0
[  122.364559][ T7757]  security_sid_to_context+0x27/0x40
[  122.364663][ T7757]  selinux_lsmprop_to_secctx+0x67/0xf0
[  122.364691][ T7757]  security_lsmprop_to_secctx+0x43/0x80
[  122.364762][ T7757]  audit_log_task_context+0x77/0x190
[  122.364786][ T7757]  audit_log_task+0xf4/0x250
[  122.364862][ T7757]  audit_seccomp+0x61/0x100
[  122.364893][ T7757]  ? __seccomp_filter+0x68c/0x10d0
[  122.364918][ T7757]  __seccomp_filter+0x69d/0x10d0
[  122.364943][ T7757]  ? user_path_at+0x59/0x130
[  122.364982][ T7757]  __secure_computing+0x82/0x150
[  122.365005][ T7757]  syscall_trace_enter+0xcf/0x1e0
[  122.365036][ T7757]  do_syscall_64+0xac/0x200
[  122.365083][ T7757]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  122.365115][ T7757]  ? clear_bhb_loop+0x40/0x90
[  122.365177][ T7757]  ? clear_bhb_loop+0x40/0x90
[  122.365202][ T7757]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.365228][ T7757] RIP: 0033:0x7f178394d37c
[  122.365247][ T7757] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  122.365267][ T7757] RSP: 002b:00007f1781fb7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  122.365332][ T7757] RAX: ffffffffffffffda RBX: 00007f1783b75fa0 RCX: 00007f178394d37c
[  122.365379][ T7757] RDX: 000000000000000f RSI: 00007f1781fb70a0 RDI: 0000000000000006
[  122.365417][ T7757] RBP: 00007f1781fb7090 R08: 0000000000000000 R09: 0000000000000000
[  122.365432][ T7757] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  122.365445][ T7757] R13: 0000000000000000 R14: 00007f1783b75fa0 R15: 00007ffc390fc268
[  122.365464][ T7757]  </TASK>
[  122.651166][ T7763] netlink: 'syz.6.1412': attribute type 4 has an invalid length.
[  122.660306][ T7763] netlink: 'syz.6.1412': attribute type 4 has an invalid length.
[  122.858051][ T7788] FAULT_INJECTION: forcing a failure.
[  122.858051][ T7788] name failslab, interval 1, probability 0, space 0, times 0
[  122.870959][ T7788] CPU: 1 UID: 0 PID: 7788 Comm: syz.5.1424 Not tainted 6.15.0-syzkaller-11121-gfe4281644c62 #0 PREEMPT(voluntary) 
[  122.870992][ T7788] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  122.871003][ T7788] Call Trace:
[  122.871010][ T7788]  <TASK>
[  122.871017][ T7788]  __dump_stack+0x1d/0x30
[  122.871085][ T7788]  dump_stack_lvl+0xe8/0x140
[  122.871108][ T7788]  dump_stack+0x15/0x1b
[  122.871126][ T7788]  should_fail_ex+0x265/0x280
[  122.871206][ T7788]  should_failslab+0x8c/0xb0
[  122.871230][ T7788]  kmem_cache_alloc_node_noprof+0x57/0x320
[  122.871275][ T7788]  ? __alloc_skb+0x101/0x320
[  122.871304][ T7788]  __alloc_skb+0x101/0x320
[  122.871331][ T7788]  ? audit_log_start+0x365/0x6c0
[  122.871449][ T7788]  audit_log_start+0x380/0x6c0
[  122.871490][ T7788]  audit_seccomp+0x48/0x100
[  122.871528][ T7788]  ? __seccomp_filter+0x68c/0x10d0
[  122.871557][ T7788]  __seccomp_filter+0x69d/0x10d0
[  122.871587][ T7788]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  122.871613][ T7788]  ? vfs_write+0x75e/0x8e0
[  122.871645][ T7788]  __secure_computing+0x82/0x150
[  122.871698][ T7788]  syscall_trace_enter+0xcf/0x1e0
[  122.871726][ T7788]  do_syscall_64+0xac/0x200
[  122.871756][ T7788]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  122.871802][ T7788]  ? clear_bhb_loop+0x40/0x90
[  122.871823][ T7788]  ? clear_bhb_loop+0x40/0x90
[  122.871849][ T7788]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.871874][ T7788] RIP: 0033:0x7f178394e969
[  122.871900][ T7788] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  122.871923][ T7788] RSP: 002b:00007f1781fb7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  122.871943][ T7788] RAX: ffffffffffffffda RBX: 00007f1783b75fa0 RCX: 00007f178394e969
[  122.871956][ T7788] RDX: 0000200000000080 RSI: 0000000000002284 RDI: 0000000000000004
[  122.871984][ T7788] RBP: 00007f1781fb7090 R08: 0000000000000000 R09: 0000000000000000
[  122.871996][ T7788] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  122.872008][ T7788] R13: 0000000000000000 R14: 00007f1783b75fa0 R15: 00007ffc390fc268
[  122.872027][ T7788]  </TASK>
[  122.872518][ T7788] sd 0:0:1:0: device reset
[  123.097720][ T7797] netlink: 'syz.4.1420': attribute type 13 has an invalid length.
[  123.108914][ T7797] gretap0: refused to change device tx_queue_len
[  123.118442][ T7797] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  123.277329][ T7823] wireguard0: entered promiscuous mode
[  123.283039][ T7823] wireguard0: entered allmulticast mode
[  123.371406][ T7828] netem: change failed
[  123.507739][ T7837] gretap0: refused to change device tx_queue_len
[  123.520241][ T7837] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  124.833391][   T29] kauditd_printk_skb: 394 callbacks suppressed
[  124.833408][   T29] audit: type=1326 audit(1748956448.445:4177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7908 comm="syz.0.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2dc6cbe969 code=0x7ffc0000
[  124.873272][   T29] audit: type=1326 audit(1748956448.485:4178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7908 comm="syz.0.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2dc6cbe969 code=0x7ffc0000
[  124.896824][   T29] audit: type=1326 audit(1748956448.485:4179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7908 comm="syz.0.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2dc6cbe969 code=0x7ffc0000
[  124.920722][   T29] audit: type=1326 audit(1748956448.485:4180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7908 comm="syz.0.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2dc6cbe969 code=0x7ffc0000
[  124.944472][   T29] audit: type=1326 audit(1748956448.485:4181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7908 comm="syz.0.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2dc6cbe969 code=0x7ffc0000
[  124.967976][   T29] audit: type=1326 audit(1748956448.485:4182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7908 comm="syz.0.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=305 compat=0 ip=0x7f2dc6cbe969 code=0x7ffc0000
[  124.991548][   T29] audit: type=1326 audit(1748956449.488:4183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7908 comm="syz.0.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2dc6cbe969 code=0x7ffc0000
[  125.015047][   T29] audit: type=1326 audit(1748956449.488:4184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7908 comm="syz.0.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2dc6cbe969 code=0x7ffc0000
[  125.038809][   T29] audit: type=1326 audit(1748956449.488:4185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7908 comm="syz.0.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2dc6cbe969 code=0x7ffc0000
[  125.062319][   T29] audit: type=1326 audit(1748956449.488:4186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7908 comm="syz.0.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2dc6cbe969 code=0x7ffc0000
[  125.110243][ T7911] lo speed is unknown, defaulting to 1000
[  125.832086][ T7920] __nla_validate_parse: 7 callbacks suppressed
[  125.832106][ T7920] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1471'.
[  125.847335][ T7920] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1471'.
[  125.954677][ T7920] 9pnet_fd: Insufficient options for proto=fd
[  126.115476][ T7933] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1476'.
[  126.127756][ T7925] SELinux: failed to load policy
[  126.165331][ T7935] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  126.197879][ T7939] validate_nla: 1 callbacks suppressed
[  126.197896][ T7939] netlink: 'syz.5.1479': attribute type 10 has an invalid length.
[  126.237945][ T7939] team0: Port device bridge0 added
[  126.264448][ T7935] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  126.299617][ T7945] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1481'.
[  126.308587][ T7945] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1481'.
[  126.317510][ T7945] netlink: 'syz.4.1481': attribute type 18 has an invalid length.
[  126.335347][ T7935] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  126.401554][ T7935] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  126.467033][ T7935] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  126.497385][ T7935] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  126.534219][ T7935] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  126.559738][ T7935] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  126.697197][ T6443] IPVS: starting estimator thread 0...
[  126.697193][ T7974] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  126.697335][ T6443] ==================================================================
[  126.697363][ T6443] BUG: KCSAN: data-race in data_push_tail / vsnprintf
[  126.697391][ T6443] 
[  126.697400][ T6443] write to 0xffffffff88e59668 of 1 bytes by task 7974 on cpu 0:
[  126.697421][ T6443]  vsnprintf+0x2ce/0x890
[  126.697444][ T6443]  vscnprintf+0x41/0x90
[  126.697468][ T6443]  printk_sprint+0x30/0x2d0
[  126.697489][ T6443]  vprintk_store+0x599/0x860
[  126.697511][ T6443]  vprintk_emit+0x178/0x650
[  126.697533][ T6443]  vprintk_default+0x26/0x30
[  126.697556][ T6443]  vprintk+0x1d/0x30
[  126.697584][ T6443]  _printk+0x79/0xa0
[  126.697616][ T6443]  ip_vs_scheduler_err+0x190/0x1a0
[  126.697648][ T6443]  ip_vs_sed_schedule+0xa0/0x1a0
[  126.697683][ T6443]  ip_vs_schedule+0x892/0xe20
[  126.697714][ T6443]  udp_conn_schedule+0x230/0x3b0
[  126.697740][ T6443]  ip_vs_in_hook+0x5e2/0x1250
[  126.697772][ T6443]  nf_hook_slow+0x78/0x180
[  126.697808][ T6443]  __ip_local_out+0x2cb/0x2f0
[  126.697828][ T6443]  ip_send_skb+0x32/0x140
[  126.697858][ T6443]  udp_send_skb+0x6e3/0xa40
[  126.697894][ T6443]  udp_sendmsg+0x1050/0x13b0
[  126.697914][ T6443]  inet_sendmsg+0xac/0xd0
[  126.697947][ T6443]  __sock_sendmsg+0x102/0x180
[  126.697970][ T6443]  ____sys_sendmsg+0x345/0x4e0
[  126.698004][ T6443]  ___sys_sendmsg+0x17b/0x1d0
[  126.698037][ T6443]  __sys_sendmmsg+0x178/0x300
[  126.698071][ T6443]  __x64_sys_sendmmsg+0x57/0x70
[  126.698106][ T6443]  x64_sys_call+0x2f2f/0x2fb0
[  126.698131][ T6443]  do_syscall_64+0xd2/0x200
[  126.698166][ T6443]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.698201][ T6443] 
[  126.698211][ T6443] read to 0xffffffff88e59668 of 8 bytes by task 6443 on cpu 1:
[  126.698232][ T6443]  data_push_tail+0xfd/0x420
[  126.698256][ T6443]  data_alloc+0xbf/0x2b0
[  126.698289][ T6443]  prb_reserve+0x808/0xaf0
[  126.698324][ T6443]  vprintk_store+0x56d/0x860
[  126.698347][ T6443]  vprintk_emit+0x178/0x650
[  126.698369][ T6443]  vprintk_default+0x26/0x30
[  126.698392][ T6443]  vprintk+0x1d/0x30
[  126.698422][ T6443]  _printk+0x79/0xa0
[  126.698451][ T6443]  ip_vs_est_kthread_start+0x1a6/0x1c0
[  126.698471][ T6443]  est_reload_work_handler+0x1ab/0x3b0
[  126.698495][ T6443]  process_scheduled_works+0x4cb/0x9d0
[  126.698530][ T6443]  worker_thread+0x582/0x770
[  126.698564][ T6443]  kthread+0x486/0x510
[  126.698588][ T6443]  ret_from_fork+0xda/0x150
[  126.698609][ T6443]  ret_from_fork_asm+0x1a/0x30
[  126.698631][ T6443] 
[  126.698637][ T6443] value changed: 0x00000000ffffeab1 -> 0x302e302e34323220
[  126.698650][ T6443] 
[  126.698656][ T6443] Reported by Kernel Concurrency Sanitizer on:
[  126.698671][ T6443] CPU: 1 UID: 0 PID: 6443 Comm: kworker/1:13 Not tainted 6.15.0-syzkaller-11121-gfe4281644c62 #0 PREEMPT(voluntary) 
[  126.698704][ T6443] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  126.698723][ T6443] Workqueue: events_long est_reload_work_handler
[  126.698763][ T6443] ==================================================================
[  126.874697][ T6458] IPVS: starting estimator thread 0...
[  126.960005][ T7983] IPVS: using max 3312 ests per chain, 165600 per kthread
[  127.003682][ T7987] netlink: 'syz.2.1496': attribute type 13 has an invalid length.
[  127.035086][ T7987] gretap0: refused to change device tx_queue_len
[  127.041765][ T7987] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  127.110120][ T7991] IPVS: using max 3360 ests per chain, 168000 per kthread