last executing test programs:

6m53.660598698s ago: executing program 1 (id=901):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
ioprio_set$pid(0x1, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
write$cgroup_int(r1, &(0x7f0000000000), 0xffffff6a)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x3000004, 0x3032, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r2}, 0x0, &(0x7f0000000100)}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000280)={r2, <r3=>0xffffffffffffffff}, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x10, &(0x7f0000000800)=ANY=[@ANYRES8, @ANYRES32=r2, @ANYBLOB="0000000800000000b70500000800000085000000f0179500000000000000d7f353ff2788ea671d58d8d0403e0cc69bf100836b5f4806f1bf2c8df1f888f4c3d1fc2db5051bbd43d6d2597846a22c6c5a393b43d085364f63c4428efa01ce3529d04736a4c2634e20a010eb243472acf361e41d95b568cf6bce33456dc6c2b3cfae03fc81a991d7f0a6bb8260625f06d1a7896e4c0d2dea0644707e739423f927e6179f21bad1090f20c1499f7159b1b07200399f363cec", @ANYRES8=r3, @ANYRESDEC, @ANYRESOCT, @ANYRES32=0x0], &(0x7f0000000300)='GPL\x00', 0x5, 0xff8, &(0x7f0000001e00)=""/4088, 0x0, 0x10}, 0x94)
r4 = creat(&(0x7f0000000580)='./bus\x00', 0x0)
io_setup(0x1, &(0x7f0000000040)=<r5=>0x0)
io_submit(r5, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15, 0x0, 0x0, 0x1, 0x0, r4, &(0x7f0000000000), 0x1a00001a}])
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095", @ANYRESHEX, @ANYRES16], &(0x7f0000000080)='GPL\x00', 0x8, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff}, 0x94)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000002c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x3}, 0x50)
request_key(&(0x7f0000000080)='cifs.idmap\x00', &(0x7f0000000100)={'syz', 0x3}, &(0x7f0000000180)='blkio.bfq.io_service_bytes\x00', 0xfffffffffffffffa)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000001000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x8}, 0x94)
socket$netlink(0x10, 0x3, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x40, 0x7ffc1ffb}]})
munlockall()

6m53.187446525s ago: executing program 1 (id=912):
r0 = socket$inet(0x2b, 0x801, 0x0)
setsockopt$IP_VS_SO_SET_TIMEOUT(r0, 0x0, 0x48a, &(0x7f0000000140)={0x6, 0x80000000, 0x9}, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000003c0)='mm_page_free\x00'}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00'}, 0x10)
r3 = gettid()
process_vm_writev(r3, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)

6m53.026159218s ago: executing program 1 (id=916):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000640)={&(0x7f00000001c0)=ANY=[@ANYBLOB="9feb0100180000000000000c0000000c0000000a000000090000000000000b0500c4db5da12e302e30302e5f0000"], &(0x7f0000001180)=""/4096, 0x2e, 0x1000, 0x0, 0x9, 0x10000}, 0x28)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000680)={'pim6reg0\x00', <r2=>0x0})
r3 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000740)={0x0, r1}, 0x8)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x14, &(0x7f0000000c00)=ANY=[@ANYRESHEX=r3, @ANYRESHEX=r0, @ANYRES16=0x0], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', r2, @fallback=0x2a, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
r5 = getpid()
ptrace$peekuser(0x3, r5, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000a80)=ANY=[@ANYBLOB="9feb01001800000000000000180000001800000005000000fc000000010000840400000000000000040000000900000000612e5f00cef6c5c1caea60db130645f3fb60e3a955e704c241dbf411b53b10a4768609260e8f65457e6bfa7273258db909a9b26ffe512f2dad3b07fed5cfed0c66014fb019695896fa31dcc89f2e8574b38d8bf0e0cdcee5ec9ab56ce07eeb2d04142ade2688cc0ccb6a48268ef1df5d79b3520434db297652f37fd9045d0b1a402460b3a7bd47d2a2f7d88077cc0c2f9db39988e13ad4c673bcd75491531665d3c14dbec83ff20200b1cc9d64b71bedfd43bc23d82d3636d4bd2bce1ba172282a480489c180329570a82064936137ddb1d4207b0732ab1dd9a658f5457963ac60d165c55e624cedc77c4bafa552226d623751c9957ac58e378be136621311dcfc5dc4adc6259cc56534052721cb341c4f82a446872a"], &(0x7f0000000f40)=""/4089, 0x35, 0xff9, 0x1}, 0x28)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f00000003c0), &(0x7f0000000300)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = socket$nl_rdma(0x10, 0x3, 0x14)
setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0x7, &(0x7f0000000380)={0x7fff, 0x200, 0x5, 0x988}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8a49}, 0x94)
r7 = socket$kcm(0x10, 0x2, 0x0)
getdents(0xffffffffffffffff, &(0x7f0000000540)=""/194, 0xc2)
r8 = socket$netlink(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000004000000e27f000001"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r9}, 0x10)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r7, 0x8982, &(0x7f0000000700)={0x3, 'wg0\x00', {0x6}, 0x3d})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
socket$inet_mptcp(0x2, 0x1, 0x106)
personality(0x5400004)
sendmsg$nl_route(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000140)=ANY=[@ANYBLOB="480000001000030500000000fcdbdf0000000001", @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800b0001006d61637365630000180002800c0004000100000100c28000050006"], 0x48}, 0x1, 0x0, 0x0, 0x44804}, 0x0)
linkat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x400)

6m52.997743868s ago: executing program 1 (id=917):
r0 = socket$inet(0x2b, 0x801, 0x0)
setsockopt$IP_VS_SO_SET_TIMEOUT(r0, 0x0, 0x48a, &(0x7f0000000140)={0x6, 0x80000000, 0x9}, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000003c0)='mm_page_free\x00'}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00'}, 0x10)
r3 = gettid()
process_vm_writev(r3, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)

6m52.956520609s ago: executing program 1 (id=918):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1, 0x0, 0xffffffffffffffff}, 0x18)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)

6m52.935795129s ago: executing program 1 (id=919):
r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$IMADDTIMER(r0, 0x80044940, &(0x7f0000000040))
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
r1 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r1, 0x1, 0x3c, &(0x7f0000000100)={0x200000000000001}, 0x8)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)
mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x200000, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESDEC=0x0])
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x10514, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xc}, 0x2ef8, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x7, 0x4, 0x208, 0x21}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00'}, 0x18)
r2 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
ioctl$USBDEVFS_IOCTL(r2, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r2, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)

6m37.919815888s ago: executing program 32 (id=919):
r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$IMADDTIMER(r0, 0x80044940, &(0x7f0000000040))
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
r1 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r1, 0x1, 0x3c, &(0x7f0000000100)={0x200000000000001}, 0x8)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)
mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x200000, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESDEC=0x0])
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x10514, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xc}, 0x2ef8, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x7, 0x4, 0x208, 0x21}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00'}, 0x18)
r2 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
ioctl$USBDEVFS_IOCTL(r2, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r2, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)

1m56.004927145s ago: executing program 4 (id=6085):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000400)='kfree\x00', r0}, 0x10)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa8442, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = creat(&(0x7f0000000100)='./file0\x00', 0x3)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
write$qrtrtun(r1, &(0x7f0000000300)="ca0e808bb35bda", 0x7)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000004c0)=[0x7], &(0x7f0000000500)=[0x2], 0x0, 0x2000000000000088}}, 0x40)

1m55.967743825s ago: executing program 4 (id=6086):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x2, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r2, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x200000000000002f, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r5 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000180)={'bond_slave_1\x00', @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1d}})
r6 = dup(r3)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback, r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r7}, 0x10)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000010000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{r9}, &(0x7f0000000000), &(0x7f0000000040)='%ps    \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x21, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.sectors\x00', 0x26e1, 0x0)
close(r10)
r11 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a1202, 0x0)
ioctl$PPPIOCNEWUNIT(r11, 0xc004743e, &(0x7f0000000600)=0x2)
write$cgroup_subtree(r10, &(0x7f0000000000)=ANY=[@ANYBLOB="80fd"], 0x9)

1m55.750204029s ago: executing program 4 (id=6089):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x8})
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x2)
write(0xffffffffffffffff, &(0x7f0000000080)="d738", 0x2)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000000740), 0x20075}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000048c0)={0xffffffffffffffff, &(0x7f0000000840), &(0x7f0000004880)=@udp=r2}, 0x20)

1m55.493705492s ago: executing program 4 (id=6092):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="b80000001900674c0000000000000081d100ff010000000000000000000000000001fe8800000000000000000000000000010000000000800000020000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0xb8}}, 0x0)
open(&(0x7f0000000140)='./file2\x00', 0x147842, 0x184)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xb, &(0x7f0000000480)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x40, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
syz_clone(0x25000000, 0x0, 0x0, 0x0, 0x0, 0x0)
setns(0xffffffffffffffff, 0x20000000)
wait4(0x0, 0x0, 0x0, 0x0)

1m55.445425143s ago: executing program 4 (id=6095):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e0000000000000000180100", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f00000002c0)=ANY=[@ANYBLOB="a4000000", @ANYRES16=r1, @ANYBLOB="050427bd7000fcdbdf250100000008000100", @ANYRES32, @ANYBLOB="8800028040000100240001006d6f6465000000000000000000000000000000000200000000000000000000000500030005"], 0xa4}, 0x1, 0x0, 0x0, 0x4000401}, 0x44084)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_sctp(0xa, 0x5, 0x84)
request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000000180)={'syz', 0x0}, &(0x7f0000000200)='.]\x00', 0x0)

1m53.688404229s ago: executing program 4 (id=6113):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000440)=ANY=[@ANYBLOB="00000000ffffffffffffaaaaaaaaaabb08004500452c00002f9078ac1e0001e0000001000086dd00189078040000000000000086ddffff00000000"], 0xfdef)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000008c0), 0x252640, 0x0)
ioctl$PPPIOCSPASS(r2, 0x40107447, &(0x7f0000000340)={0x9, &(0x7f00000002c0)=[{0xfff9, 0xff, 0x8, 0x4}, {0x6, 0x2, 0x5, 0xc}, {0x7, 0x7, 0x6, 0x7}, {0x800, 0x7, 0x76, 0x81}, {0x9, 0x0, 0x1, 0x5f8}, {0x8e6, 0x9c, 0x2, 0x1fa98ef8}, {0x0, 0x4, 0x3, 0x2}, {0x3, 0x2, 0x85, 0x4}, {0xff, 0x1, 0x4, 0x7}]})
getpid()
setns(0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000440)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff, {0xb}}, './file0\x00'})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x4, 0x0, &(0x7f00000001c0)='GPL\x00', 0x7, 0x0, 0x0, 0x40f00, 0x9, '\x00', 0x0, 0x0, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000001}, 0x94)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
fcntl$lock(r4, 0x26, &(0x7f00000000c0)={0x1, 0x2, 0x9, 0x401})

1m53.688070009s ago: executing program 33 (id=6113):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000440)=ANY=[@ANYBLOB="00000000ffffffffffffaaaaaaaaaabb08004500452c00002f9078ac1e0001e0000001000086dd00189078040000000000000086ddffff00000000"], 0xfdef)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000008c0), 0x252640, 0x0)
ioctl$PPPIOCSPASS(r2, 0x40107447, &(0x7f0000000340)={0x9, &(0x7f00000002c0)=[{0xfff9, 0xff, 0x8, 0x4}, {0x6, 0x2, 0x5, 0xc}, {0x7, 0x7, 0x6, 0x7}, {0x800, 0x7, 0x76, 0x81}, {0x9, 0x0, 0x1, 0x5f8}, {0x8e6, 0x9c, 0x2, 0x1fa98ef8}, {0x0, 0x4, 0x3, 0x2}, {0x3, 0x2, 0x85, 0x4}, {0xff, 0x1, 0x4, 0x7}]})
getpid()
setns(0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000440)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff, {0xb}}, './file0\x00'})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x4, 0x0, &(0x7f00000001c0)='GPL\x00', 0x7, 0x0, 0x0, 0x40f00, 0x9, '\x00', 0x0, 0x0, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000001}, 0x94)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
fcntl$lock(r4, 0x26, &(0x7f00000000c0)={0x1, 0x2, 0x9, 0x401})

36.518640911s ago: executing program 0 (id=7346):
r0 = epoll_create1(0x0)
r1 = eventfd2(0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000d00000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='block_bio_remap\x00', r3}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0x40a85323, &(0x7f0000000000)={{0x40, 0x9}, 'port1\x00', 0x0, 0x31024, 0xd, 0x3, 0xf316, 0x0, 0x10, 0x0, 0xe, 0xbb})
epoll_pwait2(r0, &(0x7f0000000240)=[{}], 0x1, 0x0, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000b80))
epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000180)={0x20000005})

36.450724103s ago: executing program 0 (id=7348):
socket$inet6(0xa, 0x3, 0x2)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='./mnt\x00', 0x2200054, &(0x7f0000000000), 0x1, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='pids.current\x00', 0x275a, 0x0)
pwrite64(0xffffffffffffffff, &(0x7f0000000940)='2', 0x1, 0x8000c61)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
recvmsg(r2, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0xd68210}], 0x1, 0x0, 0x1f00000000000000, 0x200000}, 0x1f00)
sendmsg$tipc(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
pipe(&(0x7f00000005c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
write$cgroup_devices(r6, &(0x7f0000000080)=ANY=[@ANYBLOB='b *:* m'], 0x8)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r8 = openat$cgroup_devices(r7, &(0x7f00000001c0)='devices.deny\x00', 0x2, 0x0)
splice(r5, 0x0, r8, 0x0, 0x8, 0x0)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r9 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6}]})
close_range(r9, 0xffffffffffffffff, 0x0)
sendmsg$NLBL_CALIPSO_C_REMOVE(r4, &(0x7f0000000540)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=ANY=[@ANYRES16=0x0, @ANYBLOB="000226bd7000ffdbdf25020000000800020002003705000002000200000008000200020000000800010003000000"], 0x34}, 0x1, 0x0, 0x0, 0x1}, 0x40)

35.534537856s ago: executing program 0 (id=7357):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000100)={@dev={0xfe, 0x80, '\x00', 0x4}})
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
sendto$inet6(r0, 0x0, 0x0, 0x20000046, 0x0, 0x0)
getsockopt$inet6_mptcp_buf(r0, 0x29, 0x3, &(0x7f0000000100)=""/222, &(0x7f0000000000)=0x61637876)

35.533861487s ago: executing program 0 (id=7358):
syz_mount_image$vfat(&(0x7f00000005c0), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000000c0)=ANY=[], 0x1, 0x22d, &(0x7f0000000600)="$eJzs2r+LHGUYB/Bnzmjihcue+IsExBct1GbIbm2RQy4gLiiaFaIgmXizuuy4e+wsBytirtLWP8FaLO0ESWlzjX+Bhd01V6YQR5KN511YiyDeHubzaeZh3vnC8847vLzF7L/+zWfDfp33i2msZFmsXInduJPFeqzEX3bjtVeu//zCe9c/eGuj2918N6WrG9fanZTShRd/+vCL71+6PT3//g8Xfjwbe+sf7R90ftt7bu/i/h/XPh3UaVCn0XiainRzPJ4WN6sybQ3qYZ7SO1VZ1GUajOpycmy8X423t2epGG2trW5PyrpOxWiWhuUsTcdpOpml4pNiMEp5nqe11eDf6H13p2nioDm8cf52rP0arcieStnTV7Jnb2TP72YXD5qmtdQ++a/M1//xG9E0zZPfWv9HzZFN/VxE9fVOb6c3v87HN/oxiCrKuByt+D3ufib3zeurb3Y3L6d71uOr6tb9/K2d3mPH8+1oxfrifHueT8fzZ2P1aL4TrXhmcb6zMH8uXn35SD6PVvzycYyjiq24mz18BZtftlN64+3uA/lL954DAPi/ydOhhee3PP+n8Xn+Ic6HD5yvzsSlM8udOxH17PNhUVXlRKE4wSLLTkUbSy6eOB1tLCyWvTNxEv5e9GV3AgAAAAAAAAAAwMM4id8Jlz1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgdPszAAD//z8Wy5g=")
mount$9p_unix(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x12d7498, 0x0)
unshare(0x28000600)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r0, 0x40047438, &(0x7f0000000180)=""/246)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) (async)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x80)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) (async)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r3, 0x0, 0x8}, 0x18)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="1806000000000000000000000000000018"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000540)=ANY=[@ANYBLOB="9feb01001800000000000000f0000000f00000000c000000000000000100000d000000000f0000000100000007000000080000050000000005000000020000000a0b00000c00000003000000010000800500000000000000020000000700000000000000070000000800000002000000050000001000000001000000060000000c00000001000000000000000e000000030000000000000010000000010000050200000000000000020000004a43000004000000000000010000000020007b02050000000200008501000000030000000000000000ca00000f000000030000008f0800000eddffffffffff0802000000080000000000000b05000000040000000000000902000000005f2e5f002e2e2e"], 0x0, 0x114}, 0x20) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000540)=ANY=[@ANYBLOB="9feb01001800000000000000f0000000f00000000c000000000000000100000d000000000f0000000100000007000000080000050000000005000000020000000a0b00000c00000003000000010000800500000000000000020000000700000000000000070000000800000002000000050000001000000001000000060000000c00000001000000000000000e000000030000000000000010000000010000050200000000000000020000004a43000004000000000000010000000020007b02050000000200008501000000030000000000000000ca00000f000000030000008f0800000eddffffffffff0802000000080000000000000b05000000040000000000000902000000005f2e5f002e2e2e"], 0x0, 0x114}, 0x20)
chroot(&(0x7f0000000100)='./file0\x00') (async)
chroot(&(0x7f0000000100)='./file0\x00')
pivot_root(&(0x7f0000000240)='./file0\x00', &(0x7f0000000000)='./file0/../file0\x00') (async)
pivot_root(&(0x7f0000000240)='./file0\x00', &(0x7f0000000000)='./file0/../file0\x00')

35.464175298s ago: executing program 0 (id=7360):
r0 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
r1 = open(0x0, 0x60840, 0x0)
fcntl$setsig(r1, 0xa, 0x13)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
timer_create(0x0, &(0x7f00000005c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000280)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
truncate(0x0, 0x0)
r3 = syz_open_dev$usbfs(&(0x7f0000000000), 0x20000007d, 0x0)
ioctl$USBDEVFS_REAPURB(r3, 0x4008550c, &(0x7f0000000040))
dup3(r0, r3, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x18)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r5, 0x0, 0x60, &(0x7f0000000cc0)={'filter\x00', 0x3b, 0x4, 0x4c8, 0x3e0, 0x2f8, 0x3e0, 0x2f8, 0x3e0, 0x3e0, 0x4, 0x0, {[{{@uncond, 0xc0, 0x1e8}, @unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'system_u:object_r:update_modules_exec_t:s0\x00'}}}, {{@arp={@broadcast, @dev, 0x0, 0x0, 0x0, 0x0, {@mac=@broadcast}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_batadv\x00', 'veth1_to_hsr\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@remote, @empty, @multicast2, @loopback}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0xffffffffffffffff}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x520)
r6 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
sendmsg$tipc(r7, &(0x7f0000001500)={&(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x1, {0x40, 0x1, 0x3}}, 0x10, &(0x7f0000001780)=[{&(0x7f0000001280)="4733eff814a45e33", 0x8}, {&(0x7f00000012c0)="ecba21438d10feb6f07cce8b53ab9efaca11c211eb318c8edfc3006bb26a437017c8fb9f76f2184e2303d5890599e9b77cf171e0201548e483cbb9aa7fb4c10c454cae066968dab3ec0ad2b718bb6eb0ff643ed2f974f928f15a74c9ddeca6212fd823f1343c64", 0x67}, {&(0x7f00000013c0)}, {&(0x7f0000001400)="71ea7d8d48d9f77311675df6e4e2d014b6ab96e5da964db05e1ed285da81a52a885ed99796d0f2676419167cda81194f64d577000aafc55afadf6016e9e58222e7bf95db178ec51c0d9704f56a7b797cab69b3d3298d7f27339648b66147cd1bb06dd95052e03710cff02fd2993488f6eebefbb8e835e556aeb71237", 0x7c}, {&(0x7f00000015c0)="0c33a726b9131f1eb7b87307588a590ffddc65917f7b91a543cf2a416cd8e79238aa3f07f96116c3fc0501fa930c0bd32eed9b698f37f7d793b228704caa1073b35fa2fadab8af66ab", 0x49}, {&(0x7f0000001640)="cad1d444f5a6a84cae0f4fcd341e53223b9b4c9cb6ad93949ff484b72a5854378912d883f896f6144436707a097db00452e46cc390ddeb95246860966f5d19a5c40a049d28249fe7663e5768836de4d27e9e6fef9115929101174b", 0x5b}, {&(0x7f0000001480)="893ab5a8e05a", 0x6}, {&(0x7f00000016c0)="cb0dfda48c700e27846e455af11c411aa84510ba214e819d9cd1a60dbff915d93fd60efc7bb1da696ea4213c026ec7fe7490c03b76f5ec174be01c720633e049023249b09f58b0be6b082d1013903d22adf3cc8d9419cfb686fef276f3d61c325e1736e2aa7163576dd1694c6afb2f68f371437cfc58ae139b5834d386082ac38e2afd36a0c8", 0x86}], 0x8, &(0x7f0000001800)="847decf443367fed5bf1a157487435b6995917dd1b3955e7e48a677f67d8805a2f0fa73d6aa0d03e098419ab21c4755113be3dd1f3111df1a1e10e168f3b6d20ff5a047178260b4170e32816a8fcbd34ae2abb8bdbe7af008e91374f1f49d03f2765728d195ad24da0d4007a88e32fded59351ed2cd8", 0x76, 0x4004000}, 0x4000800)
write$binfmt_script(r6, &(0x7f0000000140)={'#! ', './file0'}, 0xb)

35.208648311s ago: executing program 0 (id=7365):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket(0x10, 0x3, 0x0)
connect$netlink(r2, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(r2, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000040)={&(0x7f0000000580)=@newtaction={0x18, 0x32, 0x829, 0x0, 0x0, {}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x52}, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x800, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r4)
sendmsg$TIPC_CMD_ENABLE_BEARER(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)

35.155798902s ago: executing program 34 (id=7365):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket(0x10, 0x3, 0x0)
connect$netlink(r2, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(r2, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000040)={&(0x7f0000000580)=@newtaction={0x18, 0x32, 0x829, 0x0, 0x0, {}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x52}, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x800, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r4)
sendmsg$TIPC_CMD_ENABLE_BEARER(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)

5.286342489s ago: executing program 5 (id=7872):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x200, 0xa)
sendfile(0xffffffffffffffff, r0, 0x0, 0x6)

5.22483169s ago: executing program 5 (id=7873):
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000000)={@multicast1, @local}, 0xc)
setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000100)={@multicast2, @local}, 0xc)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d40)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="2c00000010008100000000000080000000000000", @ANYRES32=0x0, @ANYBLOB="0a043cbf", @ANYRES32, @ANYBLOB="0a001b"], 0x2c}], 0x1}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x54, 0x10, 0x1, 0x70bdad, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1}}, [@TCA_INGRESS_BLOCK={0x8}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x40}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f00000000c0)={0x3, &(0x7f0000000040)=[{0x3c1, 0x2, 0x3b, 0x9}, {0x5, 0x6, 0x5, 0x4}, {0x7, 0xdb, 0x5, 0x40}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000900)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3000010, &(0x7f0000000300)={[{@barrier_val={'barrier', 0x3d, 0x10000}}, {@resuid}]}, 0x1, 0x524, &(0x7f00000010c0)="$eJzs3c9vI1cdAPDvTOLd7G6KXUCoVKJUtChbwdpJQ9sIISgXOFUCyn0JiRNFseModsomqiAV/0GFBBInTlyQ+AOQqh74A1ClSvSCOCBAIARbOCABHeTxmGYdO4loEmfjz0d68Xsz4/d9byw/z6/MBDCxnoyIFyNiKiKeiYhyMT0tUhz0Une5d++/utJNSWTZy39NIimm9evq1jEdEbeKt81ExDe+GvHt5Gjc9t7+5nKjUd8pyrVOc7vW3tu/s9FcXq+v17cWFxeeX3ph6bml+azwgfpZ6Wd++pUvvvHZ7/zu7p9vf7fbrC98LEox0I+z1Ot6KV8Xfd11tHMewcag/5mXxt0QAABOpbuN/+GI+FS+/V+OqXxrbsDUOFoGAAAAnJXsS7Px7yQiAwAAAK6sNCJmI0mrxbUAs5Gm14pjAx+Nm2mj1e58Zq21u7XanRdRiVK6ttGozxfXCleilHTLC8U1tv3yswPlxYh4NCJ+UL6Rl6srrcbqmI99AAAAwKS4NbD//49ymudPNuT/BAAAAIDLqzKyAAAAAFwVdvkBAADg6hvc/39jTO0AAAAAzsXXXnqpm7L+869XX9nb3Wy9cme13t6sNndXqiutne3qequ1nt+zr3lSfY1Wa/tzsbV7r9aptzu19t7+3WZrd6tzd+OBR2ADAAAAF+jRT775ThIRB5+/kaco7gMI8IA/jLsBwFmaGncDgLFxF2+YXKVxNwAYu+SE+S7eAQCAh9/cx4+e/+8//9+xAbjaXOsDAJPH+X+YXCVXAMJESyPiQ73s9VHLjDz//6vTRsmyiLfKh6c4vggAABdrNk9JWi32A2YjTavViEci0kqUkrWNRn2+2D/4dbl0vVteyN+ZnHjNMAAAAAAAAAAAAAAAAAAAAAAAAADQk2VJZAAAAMCVFpH+Kcnv5h8xV356dvD4wLXkn+X4Y1H48cs/vLfc6ewsdKf/LX+W17WI6PyomP7syMeHAQAAAGctORg5q7efXrwuXGirAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJgA795/daWfLjLuX74cEZVh8adjJn+diVJE3Px7EtOH3pdExNQZxD94LSIeGxY/ifeyLKsUrRiMn0bEjXOOX8lXzej4t84gPkyyN7vjz4vDvn9pPJm/Dv/+TRfpgxo9/qVF5MfycW7Y+PfIkdqaQ2M8/vbPayPjvxbx+PTw8ac//iYj4j91pLZ/ZVl2NMa3vrm/Pyp+9pOIuaG/P8kDsWqd5natvbd/Z6O5vF5fr28tLi48v/TC0nNL87W1jUa9+Ds0xuuf+MV7x/X/5pD4v/1Nb/w9rv9Pj6p0wH/evnf/I71saVj8208N/f2diRHx0+K379NFvjt/rp8/6OV73sn/PvGzt544rv+rI9b/SZ//7VP2/5mvf//3p1wUALgA7b39zeVGo75zTGbmFMs8jJlfzlxo0Nevj14mK45lnKKe7Hu9RS/HOvz/M92t1fen9Ht1CRp2KJOdT839L9+hWVNxSbr8v8zIISM95yEJAAA4J+9v9I+7JQAAAAAAAAAAAAAAAAAAADC5LuJ2YoMxD8bTVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAY/03AAD//+cM2tw=")

4.468518892s ago: executing program 5 (id=7887):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000000)={0x4, 0x5, 0x4, 0x20, 0x80, 0x3, 0xd, 0x7, 0x2, 0x31, 0xa2, 0xb, 0x81, 0x84}, 0xe)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f00000004c0)={0x2, 0x80, 0xfe, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x4, 0x4}, 0x40db, 0x0, 0x4, 0x8, 0xa, 0x100, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$USBDEVFS_CONTROL(r1, 0xc0185500, &(0x7f00000001c0)={0x20, 0x31, 0x6, 0x1ff, 0x7f, 0xcb2c, &(0x7f0000000240)="2a279d786bf61e97386934d1d5b73c9c04df3ddbd18a60057fbe1d74f0d1a63fa81e5e766eff64d38911985a18b5c70a368461690b7aa38906777996f72b3c72389506650a5eccabd8b5b9b71cc8cec48a6f91a2abcd987a0d711c561e72c16d346e2f74da855ec8f51773dbab24153b8b64fde0803ec730ba1010ed16ce44"})
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xb, &(0x7f0000000ec0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x87}, 0x94)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x74, &(0x7f0000000040)=[@in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}, @in6={0xa, 0x4e20, 0xfffffffb, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, 0xf}, @in={0x2, 0x4e23, @rand_addr=0x64010101}, @in6={0xa, 0x4e20, 0xf934, @private2, 0x200}, @in6={0xa, 0x4e24, 0x3, @dev={0xfe, 0x80, '\x00', 0x17}, 0x9}]}, &(0x7f0000000100)=0x10)

4.351900143s ago: executing program 5 (id=7890):
r0 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
r1 = open(0x0, 0x60840, 0x0)
fcntl$setsig(r1, 0xa, 0x13)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
timer_create(0x0, &(0x7f00000005c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000280)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
truncate(0x0, 0x0)
r3 = syz_open_dev$usbfs(&(0x7f0000000000), 0x20000007d, 0x0)
ioctl$USBDEVFS_REAPURB(r3, 0x4008550c, &(0x7f0000000040))
dup3(r0, r3, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x18)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r5, 0x0, 0x60, &(0x7f0000000cc0)={'filter\x00', 0x3b, 0x4, 0x4c8, 0x3e0, 0x2f8, 0x3e0, 0x2f8, 0x3e0, 0x3e0, 0x4, 0x0, {[{{@uncond, 0xc0, 0x1e8}, @unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'system_u:object_r:update_modules_exec_t:s0\x00'}}}, {{@arp={@broadcast, @dev, 0x0, 0x0, 0x0, 0x0, {@mac=@broadcast}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_batadv\x00', 'veth1_to_hsr\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@remote, @empty, @multicast2, @loopback}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0xffffffffffffffff}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x520)
r6 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
sendmsg$tipc(r7, &(0x7f0000001500)={&(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x1, {0x40, 0x1, 0x3}}, 0x10, &(0x7f0000001780)=[{&(0x7f0000001280)="4733eff814a45e33", 0x8}, {&(0x7f00000012c0)="ecba21438d10feb6f07cce8b53ab9efaca11c211eb318c8edfc3006bb26a437017c8fb9f76f2184e2303d5890599e9b77cf171e0201548e483cbb9aa7fb4c10c454cae066968dab3ec0ad2b718bb6eb0ff643ed2f974f928f15a74c9ddeca6212fd823f1343c648a5c01ec895f65e318e875472cee7f90152d2badb89b9e7e0d2f5b464fc84a0ac36a6a28d6b9b0ebb79a635b6df0f13633663a96a91105764a0c56f5e2fe9ac2e8bc6c4375e86e62694f95d07865d826434a0a0067684014767a1334196519c1ea5fcce5568a43", 0xce}, {&(0x7f00000013c0)}, {&(0x7f0000001400)="71ea7d8d48d9f77311675df6e4e2d014b6ab96e5da964db05e1ed285da81a52a885ed99796d0f2676419167cda81194f64d577000aafc55afadf6016e9e58222e7bf95db178ec51c0d9704f56a7b797cab69b3d3298d7f27339648b66147cd1bb06dd95052e03710cff02fd2993488f6eebefbb8e835e556aeb71237", 0x7c}, {&(0x7f00000015c0)="0c33a726b9131f1eb7b87307588a590ffddc65917f7b91a543cf2a416cd8e79238aa3f07f96116c3fc0501fa930c0bd32eed9b698f37f7d793b228704caa1073b35fa2fadab8af66ab", 0x49}, {&(0x7f0000001640)="cad1d444f5a6a84cae0f4fcd341e53223b9b4c9cb6ad93949ff484b72a5854378912d883f896f6144436707a097db00452e46cc390ddeb95246860966f5d19a5c40a049d28249fe7663e5768836de4d27e9e6fef9115929101174b", 0x5b}, {&(0x7f0000001480)="893ab5a8e05a", 0x6}, {&(0x7f00000016c0)="cb0dfda48c700e27846e455af11c411aa84510ba214e819d9cd1a60dbff915d93fd60efc7bb1da696ea4213c026ec7fe7490c03b76f5ec174be01c720633e049023249b09f58b0be6b082d1013903d22adf3cc8d9419cfb686fef276f3d61c325e1736e2aa7163576dd1694c6afb2f68f371437cfc58ae139b5834d386082ac38e2afd36a0c8", 0x86}], 0x8, &(0x7f0000001800), 0x0, 0x4004000}, 0x4000800)
write$binfmt_script(r6, &(0x7f0000000140)={'#! ', './file0'}, 0xb)

4.322153903s ago: executing program 5 (id=7891):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x8})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
ioctl$TCXONC(r1, 0x540a, 0x2)
ioctl$TIOCSPTLCK(r1, 0x40045431, &(0x7f0000000000)=0x6)
r2 = ioctl$TIOCGPTPEER(r1, 0x5441, 0x6)
write(r2, &(0x7f0000000100)="9e", 0x1)
write(r2, &(0x7f0000000080)="d738", 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="01000000050000000100000007"], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000000740), 0x20075, r3}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r4, 0x2000002, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)

2.846595466s ago: executing program 5 (id=7911):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
unshare(0x42000000)
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000500)='./bus\x00', 0x3804410, &(0x7f0000000b40)={[{@quota}, {@mblk_io_submit}, {@minixdf}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}, {@stripe={'stripe', 0x3d, 0x4}}, {@noauto_da_alloc}]}, 0x1, 0x585, &(0x7f0000000580)="$eJzs3U1rG9caAOB35K98XjsQwr2Xy60hi6akkWO7Hwl0ka5KaUMD7T41tmKC5ShYcojdQJNFs+mmhEIpDZSs2+67DP0D/RWBNhBKMC2lG5eRR45iS5bqyLYSPQ9Mcs7M2O95NXMOZ3wkFEDPGk3/yUX8JyK+SCKG6471R3ZwdO28lcc3ptMtidXVD39LIsn21c5Psv8PZpV/R8RPn0WczG2OW15anpsqFgsLWX2sMn91rLy0fOry/NRsYbZwZWJy8szrkxNn33yjY7m+cuGPrz+4/+6Zz4+vfPXDwyN3kjgXh7Jj9Xk8g5v1ldEYzV6TgTi34cTxDgTrJsleN4Bt6cv6+UCkY8Bw9GW9HnjxfRoRq0CPSvR/6FG1eUDt2b5Dz8HPjUdvrz0Abc6/f+1vI7Gv+mx0YCV56skofd4d6UD8NMaPv969k27Rub9DALR081ZEnO7v3zz+Jdn4t32n2zhnYwzjH+ye++n859VG85/c+vwnGsx/Djbou9vRuv/nHnYgTFPp/O+thvPf9UWrkb6sdrg65xtILl0uFtKx7V8RcSIGhtL6Vus5Z1YerDY7Vj//S7c0fm0umLXjYf/Q0z8zM1WZepac6z26FfHfhvPfZP36Jw2uf/p6XGgzxrHC3f83O9Y6/521ei/i5YbX/8mKVrL1+uRY9X4Yq90Vm/1++9jPzeLvdf7p9T+wlv+f2SPhhvxrN1+2Xlv+5zG+3fdXodmxtu//wSd70vt/MPmoWq7tvj5VqSyMRwwm72/eP/HkZ2v12vlp/ieObz3+Nbr/90fEx23mf/vo9//bfv47K81/Zuv7fySpX6/fRuHBe5980yx+e9f/tWrpRLannfGv3QY+y2sHAAAAAAAA3SYXEYciyeXXy7lcPr/2/o6jcSBXLJUrJy+VFq/MRPWzsiMxkKutdA/XvR9iPHs/bK0+saE+GRFHIuLLvv3Ven66VJzZ6+QBAAAAAAAAAAAAAAAAAACgSxxs8vn/1C99e906YMe1+srvey/tUkOAXdfyK/878U1PQFdq2f+BF5b+D71L/4fepf9D79L/oXfp/9C79H/oXfo/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNSF8+fTbXXl8Y3ptD5zbWlxrnTt1EyhPJefX5zOT5cWruZnS6XZYiE/XZpv9fuKpdLV8YlYvD5WKZQrY+Wl5YvzpcUrlYuX5787HFEY2JWsAAAAAAAAAAAAAAAAAAAA4PlSXlqemyoWCwvdXRjMmrvjsYZ2PsQ2CsPRFc1oWOjvjmb0UmEodiFW/Shx9p29GZ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYM3fAQAA//+7aTSM")
openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
write$RDMA_USER_CM_CMD_SET_OPTION(r5, &(0x7f0000000380)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)

2.708402078s ago: executing program 2 (id=7915):
r0 = openat$nvram(0xffffffffffffff9c, 0x0, 0x800, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff})
ioctl$int_in(r1, 0x5452, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34665c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbccbddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e712a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd13f4cec49669e443dcb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ef8dba2f23b01a9ae44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af40000000000000005f58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef07000000000000006da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405a07feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09c0e5a3bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea10d3cfb41b92ecbb422a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f74562adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b4412331d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd100fcffff007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711c6529ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a22c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29008000000000000005ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc030ea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efd936b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800001f00000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351b9332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a138d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fce43d8c53a8031e64026e0d36b6401064c49a729f11ab377f7132c5232bb80195dd5d43d29646a9378eea0761b7ed9d2172e33ed87c7413c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828b07f1dc7df9c8e5da22dfb9dacbf5529e4e994128d835f85465173ea7bbcc519a0c9798ce8b1b07567e3e07169c8c3e4da8bf725c050000000000000000000000000000000000000000004775abdf0c62728eb55a9e2849a1ce05bed60dfe4cc9fa43f9684297c02382c0a35829be7a86305792a9d2e80ca9e8fc50f3"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f00000001c0)=<r2=>0x0)
setpriority(0x0, r2, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000003c0)=0x1)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x2)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
tkill(0x0, 0x7)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="1800"/16], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81}, 0x94)
syz_emit_ethernet(0x36, &(0x7f0000000480)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000008"], 0x0)
pipe(0x0)
r3 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r3, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10)
r4 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x0, 0x1}, 0x10)
sendmsg$tipc(r4, &(0x7f00000008c0)={&(0x7f0000000600)=@name={0x1e, 0x2, 0x0, {{0xc03}}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x81}, 0x80)

1.89126986s ago: executing program 2 (id=7923):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)='%ps    \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, 0x0, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x21, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000006c0)='kmem_cache_free\x00', r1, 0x0, 0x2000}, 0x18)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.sectors\x00', 0x26e1, 0x0)
close(r2)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a1202, 0x0)
ioctl$PPPIOCNEWUNIT(r3, 0xc004743e, &(0x7f0000000600)=0x2)
write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="80fd"], 0x9)

1.548954236s ago: executing program 2 (id=7929):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x0, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESOCT=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$nci(r2, 0x0, 0xfffffeea)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYRES64=r1, @ANYRES32=r3, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r4}, 0x10)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a030000000000000000f0070000000900010073797a300000000080000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d3c00128014000180090001006c617374000000000400028010000180090001006c61737400000000140001800c000100636f756e746572000400028008000340000001"], 0xc8}, 0x1, 0x0, 0x0, 0x40000}, 0x20050800)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000480)='kfree\x00', r6}, 0x10)
r7 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0xa200)
r8 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r8, &(0x7f0000000040)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r10}, 0x18)
r11 = syz_io_uring_setup(0x497, &(0x7f0000000200)={0x0, 0x4661, 0x80, 0x3, 0x288}, &(0x7f0000000140)=<r12=>0x0, &(0x7f0000000380)=<r13=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r12, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r12, r13, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r8, 0x0, 0x0})
io_uring_enter(r11, 0x22d6, 0x4b34, 0x4, 0x0, 0x20)
close_range(r7, r8, 0x0)
r14 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r14, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000d40)=ANY=[@ANYBLOB="000000000500000a14000000090a010400000000000000000a000004140000000e0a070600000000000000000a00000a140000001100010000000000000000000100000a00"/80], 0x50}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
symlink(&(0x7f0000001780)='./file0/../file0\x00', &(0x7f0000000180)='./file0\x00')
r15 = memfd_create(&(0x7f0000001040)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1\x8c.?}jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x4)
write$binfmt_script(r15, &(0x7f0000000300)={'#! ', './file0'}, 0x17)

1.515187086s ago: executing program 3 (id=7930):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r0, &(0x7f00000025c0)=[{{&(0x7f0000000000)={0xa, 0x4e22, 0x0, @private1}, 0x1c, &(0x7f0000000300)=[{&(0x7f0000000040)='P', 0x1}], 0x1}}, {{&(0x7f0000000100)={0xa, 0x0, 0x0, @private1}, 0x1c, &(0x7f0000002400)=[{&(0x7f0000000140)='i', 0x1}], 0x1}}], 0x2, 0x0)
shutdown(r0, 0x1)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f00000000c0)=ANY=[], 0xa)

1.415143038s ago: executing program 2 (id=7931):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000500)={{}, &(0x7f0000000480), 0x0}, 0x20)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r4 = openat$cgroup_devices(r3, &(0x7f0000000300)='devices.allow\x00', 0x2, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="9feb0100180000000000"], &(0x7f00000001c0)=""/257, 0x2a, 0x101, 0x6}, 0x28)
write$cgroup_devices(r4, &(0x7f0000000200)=ANY=[@ANYBLOB='b 1223'], 0xa)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000300)={'bond0\x00', <r6=>0x0})
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000a0db000000000000000000850000000e000000c50000002a00000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='netlink_extack\x00', r7}, 0x10)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000340)=@newqdisc={0x34, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r6, {0x7fff}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x4}}]}, 0x34}}, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x2, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r9], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r10}, 0x10)
unshare(0x42000000)
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000500)='./bus\x00', 0x1800410, &(0x7f0000000b40)={[{@quota}, {@mblk_io_submit}, {@minixdf}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}, {@stripe={'stripe', 0x3d, 0x4}}, {@noauto_da_alloc}]}, 0x1, 0x585, &(0x7f0000000580)="$eJzs3U1rG9caAOB35K98XjsQwr2Xy60hi6akkWO7Hwl0ka5KaUMD7T41tmKC5ShYcojdQJNFs+mmhEIpDZSs2+67DP0D/RWBNhBKMC2lG5eRR45iS5bqyLYSPQ9Mcs7M2O95NXMOZ3wkFEDPGk3/yUX8JyK+SCKG6471R3ZwdO28lcc3ptMtidXVD39LIsn21c5Psv8PZpV/R8RPn0WczG2OW15anpsqFgsLWX2sMn91rLy0fOry/NRsYbZwZWJy8szrkxNn33yjY7m+cuGPrz+4/+6Zz4+vfPXDwyN3kjgXh7Jj9Xk8g5v1ldEYzV6TgTi34cTxDgTrJsleN4Bt6cv6+UCkY8Bw9GW9HnjxfRoRq0CPSvR/6FG1eUDt2b5Dz8HPjUdvrz0Abc6/f+1vI7Gv+mx0YCV56skofd4d6UD8NMaPv969k27Rub9DALR081ZEnO7v3zz+Jdn4t32n2zhnYwzjH+ye++n859VG85/c+vwnGsx/Djbou9vRuv/nHnYgTFPp/O+thvPf9UWrkb6sdrg65xtILl0uFtKx7V8RcSIGhtL6Vus5Z1YerDY7Vj//S7c0fm0umLXjYf/Q0z8zM1WZepac6z26FfHfhvPfZP36Jw2uf/p6XGgzxrHC3f83O9Y6/521ei/i5YbX/8mKVrL1+uRY9X4Yq90Vm/1++9jPzeLvdf7p9T+wlv+f2SPhhvxrN1+2Xlv+5zG+3fdXodmxtu//wSd70vt/MPmoWq7tvj5VqSyMRwwm72/eP/HkZ2v12vlp/ieObz3+Nbr/90fEx23mf/vo9//bfv47K81/Zuv7fySpX6/fRuHBe5980yx+e9f/tWrpRLannfGv3QY+y2sHAAAAAAAA3SYXEYciyeXXy7lcPr/2/o6jcSBXLJUrJy+VFq/MRPWzsiMxkKutdA/XvR9iPHs/bK0+saE+GRFHIuLLvv3Ven66VJzZ6+QBAAAAAAAAAAAAAAAAAACgSxxs8vn/1C99e906YMe1+srvey/tUkOAXdfyK/878U1PQFdq2f+BF5b+D71L/4fepf9D79L/oXfp/9C79H/oXfo/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNSF8+fTbXXl8Y3ptD5zbWlxrnTt1EyhPJefX5zOT5cWruZnS6XZYiE/XZpv9fuKpdLV8YlYvD5WKZQrY+Wl5YvzpcUrlYuX5787HFEY2JWsAAAAAAAAAAAAAAAAAAAA4PlSXlqemyoWCwvdXRjMmrvjsYZ2PsQ2CsPRFc1oWOjvjmb0UmEodiFW/Shx9p29GZ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYM3fAQAA//+7aTSM")
openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f00000001c0)={0xe, 0x18, 0xfa00, @id_tos={&(0x7f0000000000)=0x3d, 0xffffffffffffffff, 0x0, 0x0, 0x1}}, 0x20)

1.414478378s ago: executing program 3 (id=7932):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000005000000085000000"], &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, 0x2}, 0x94)
syz_mount_image$vfat(&(0x7f0000001200), &(0x7f0000001240)='./bus\x00', 0x0, &(0x7f0000002480)=ANY=[], 0x1, 0x11f4, &(0x7f0000001280)="$eJzs3M+LG2UYB/DHbWvr1v2h1moL0he96GXo7sGLgiyyBWlAaRuhFYSpO9GQMQmZsBARV09e/TvEozdBvOllL/4N3vbisQdxxMTapsRDqXTa8Plc8pD3/cLzkjDwDvPO0ZvffNrrVFknH8fKE2/FyjAi3UqRYiVu+zJee+PnX166ev3G5Z1Wa/dKSpd2rm29nlJav/DjB59/9/JP49Pvf7/+w8k43Pzw6Pft3w7PHp47+vPaJ90qdavUH4xTnm4OBuP8ZlmkvW7Vy1J6ryzyqkjdflWM5sY75WA4nKS8v7e2OhwVVZXy/iT1ikkaD9J4NEn5x3m3n7IsS2urwYNof3urruuIuj4RT0Zd1/VTsRqn4+lYi/XYiM14Jp6N5+JMPB9n44V4Mc5NZzXdNwAAAAAAAAAAAAAAAAAAACyXBzr/f6Hh5gEAAAAAAAAAAAAAAAAAAGBJXL1+4/JOq7V7JaVTEeXX++399uxzNr7TiW6UUcTF2Ig/Ynr6f2ZWX3qntXsxTW3GV+XBP/mD/fax+fzW9HUCC/Nbs3yaz5+M1bvz27ERZxbntxfmT8Wrr9yVz2Ijfv0oBlHGXvydvZP/Yiult99t3ZM/P50HAAAAyyBL/1q4f8+y/xqf5e/j/sA9++vjcf54s2snopp81svLshg1XtzuaPbNQUQ8Io0tcXHi0Wjj/y2Ozf2Rmu/nMS2auybx8Nz50ZvuBAAAAAAAAAAAgPvxMB4nbHqNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/MUOHAsAAAAACPO3TqNjAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//86R81g")
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000500)='kmem_cache_free\x00', r0}, 0x18)
r1 = timerfd_create(0x9, 0x0)
r2 = timerfd_create(0x9, 0x0)
timerfd_settime(r1, 0x1, &(0x7f0000007000)={{0x77359400}, {0x0, 0x989680}}, 0x0)
timerfd_settime(r2, 0x0, &(0x7f0000000380)={{}, {0x77359400}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_open_dev$sg(&(0x7f0000000000), 0x7, 0x4020)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x2, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8000000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
write$UHID_CREATE(r3, &(0x7f0000000a00)={0x0, {'syz0\x00', 'syz1\x00', 'syz0\x00', &(0x7f0000000940)=""/3, 0x3, 0x3, 0x4, 0x0, 0x0, 0xc08}}, 0x120)
readv(r3, &(0x7f0000000140)=[{&(0x7f0000000080)=""/155, 0x9b}, {0x0, 0x4}], 0x2)
socket$key(0xf, 0x3, 0x2)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)=ANY=[@ANYBLOB="04010000100007000000000000000000ff020000000000000000000000000001e00000020000000000000000000000004e200000000000000000000002000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="ac14140f000000000000000000000000000000002b000000fc0000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000200000000000070000000000000000000000000010000000040000000000e80a000000000000000000000a000200700000000002000014000e00fe8000000000000000000000000000bb"], 0x104}}, 0x0)

1.171061472s ago: executing program 3 (id=7936):
acct(0x0)

1.060716803s ago: executing program 3 (id=7937):
openat$sndseq(0xffffffffffffff9c, 0x0, 0x42002)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff95"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0100000004000000e27f000001"], 0x50)
r2 = io_uring_setup(0x4a85, &(0x7f00000004c0)={0x0, 0x4176, 0x1, 0x8001003, 0x3d7})
r3 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$sock_int(r3, 0x1, 0x4000000000000002, &(0x7f0000fee000)=0x3fa, 0x4)
bind$inet6(r3, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000080)='veth1_to_bond\x00', 0x10)
connect$inet6(r3, &(0x7f0000000240)={0xa, 0x4e22, 0x0, @private1}, 0x1c)
r4 = socket$inet6(0xa, 0x5, 0x0)
bind$inet6(r4, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
r5 = add_key$keyring(0x0, &(0x7f0000000600)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
add_key(&(0x7f0000000540)='user\x00', &(0x7f0000000580)={'syz', 0x1}, &(0x7f00000006c0)="b01f73a5621d3942d2016c6cfd1630555e4bf380eaabf694843c17936532f6647a5bde11f6b458c6e33b4f64e241859208de61266a129d539dac61e183f89c205c03c2475e3d558c504c9be39120cf9fe7b31607e55345e3869fcbc02808e2a63e9af5bf846a4a090bc61556a9a12df08fdff81c5e05f8f041ffff7b3f5f4016b6f9188ad5f39a2e240151061b63a56d2215f178ebccde22035a189c0b05e4c3637e43eef09b96b7fc250d39941db0ce06da9b17aebac3483813120c", 0xbc, r5)
r6 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000002680), 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000005c00000000de181100005bf41e", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90ef}, 0x94)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x10)
r9 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
ioctl$USBDEVFS_IOCTL(r9, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r9, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)
ioctl$SNAPSHOT_SET_SWAP_AREA(r6, 0x400c330d, &(0x7f00000026c0)={0x10, 0x2})
connect$inet6(r4, &(0x7f0000000240)={0xa, 0x4e22, 0x0, @private1}, 0x1c)
close_range(r2, 0xffffffffffffffff, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x8001000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x448, 0x318, 0x11, 0x148, 0x318, 0x0, 0x3b0, 0x2a8, 0x2a8, 0x3b0, 0x2a8, 0x3, 0x0, {[{{@ip={@empty, @multicast1, 0xff000000, 0x0, 'team_slave_1\x00', 'virt_wifi0\x00', {0xff}, {0xff}, 0xda, 0x2, 0x1b}, 0x0, 0x2f8, 0x318, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'ip_vti0\x00', {0x0, 0x0, 0x20009, 0x0, 0x0, 0x3, 0x7, 0x40, 0x20}}}, @common=@unspec=@bpf1={{0x230}, @pinned={0x2, 0x0, 0x0, './file0\x00'}}]}, @unspec=@TRACE={0x20}}, {{@ip={@private=0xa010100, @empty, 0xffffff00, 0xff0001fe, 'pim6reg0\x00', 'caif0\x00', {0xff}, {0xff}, 0x84, 0x2, 0x4}, 0x0, 0x70, 0x98}, @common=@unspec=@MARK={0x28, 'MARK\x00', 0x2, {0xb0f, 0x6}}}], {{'\x00', 0x0, 0x70, 0x98, 0x0, {0x8800000000000000}}, {0x28}}}}, 0x4a8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1.060401563s ago: executing program 7 (id=7938):
r0 = openat(0xffffffffffffff9c, 0x0, 0x200, 0xa)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x2, 0x0)
sendfile(r1, r0, 0x0, 0x6)

1.022297134s ago: executing program 7 (id=7939):
r0 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
r1 = open(0x0, 0x60840, 0x0)
fcntl$setsig(r1, 0xa, 0x13)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
timer_create(0x0, &(0x7f00000005c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000280)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
truncate(0x0, 0x0)
r3 = syz_open_dev$usbfs(&(0x7f0000000000), 0x20000007d, 0x0)
ioctl$USBDEVFS_REAPURB(r3, 0x4008550c, &(0x7f0000000040))
dup3(r0, r3, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x18)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r5, 0x0, 0x60, &(0x7f0000000cc0)={'filter\x00', 0x3b, 0x4, 0x4c8, 0x3e0, 0x2f8, 0x3e0, 0x2f8, 0x3e0, 0x3e0, 0x4, 0x0, {[{{@uncond, 0xc0, 0x1e8}, @unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'system_u:object_r:update_modules_exec_t:s0\x00'}}}, {{@arp={@broadcast, @dev, 0x0, 0x0, 0x0, 0x0, {@mac=@broadcast}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_batadv\x00', 'veth1_to_hsr\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@remote, @empty, @multicast2, @loopback}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0xffffffffffffffff}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x520)
r6 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
sendmsg$tipc(r7, &(0x7f0000001500)={&(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x1, {0x40, 0x1, 0x3}}, 0x10, &(0x7f0000001780)=[{&(0x7f0000001280)="4733eff814a45e33", 0x8}, {&(0x7f00000012c0)="ecba21438d10feb6f07cce8b53ab9efaca11c211eb318c8edfc3006bb26a437017c8fb9f76f2184e2303d5890599e9b77cf171e0201548e483cbb9aa7fb4c10c454cae066968dab3ec0ad2b718bb6eb0ff643ed2f974f928f15a74c9ddeca6212fd823f1343c648a5c01ec895f65e318e875472cee7f90152d2badb89b9e7e0d2f5b464fc84a0ac36a6a28d6b9b0ebb79a635b6df0f13633663a96a91105764a0c56f5e2fe9ac2e8bc6c4375e86e62694f95d07865d826434a0a0067684014767a1334196519c1ea5fcce5568a43", 0xce}, {&(0x7f00000013c0)}, {&(0x7f0000001400)="71ea7d8d48d9f77311675df6e4e2d014b6ab96e5da964db05e1ed285da81a52a885ed99796d0f2676419167cda81194f64d577000aafc55afadf6016e9e58222e7bf95db178ec51c0d9704f56a7b797cab69b3d3298d7f27339648b66147cd1bb06dd95052e03710cff02fd2993488f6eebefbb8e835e556aeb71237", 0x7c}, {&(0x7f00000015c0)="0c33a726b9131f1eb7b87307588a590ffddc65917f7b91a543cf2a416cd8e79238aa3f07f96116c3fc0501fa930c0bd32eed9b698f37f7d793b228704caa1073b35fa2fadab8af66ab", 0x49}, {&(0x7f0000001640)="cad1d444f5a6a84cae0f4fcd341e53223b9b4c9cb6ad93949ff484b72a5854378912d883f896f6144436707a097db00452e46cc390ddeb95246860966f5d19a5c40a049d28249fe7663e5768836de4d27e9e6fef9115929101174b", 0x5b}, {&(0x7f0000001480)="893ab5a8e05a", 0x6}, {&(0x7f00000016c0)="cb0dfda48c700e27846e455af11c411aa84510ba214e819d9cd1a60dbff915d93fd60efc7bb1da696ea4213c026ec7fe7490c03b76f5ec174be01c720633e049023249b09f58b0be6b082d1013903d22adf3cc8d9419cfb686fef276f3d61c325e1736e2aa7163576dd1694c6afb2f68f371437cfc58ae139b5834d386082ac38e2afd36a0c8", 0x86}], 0x8, &(0x7f0000001800)="847decf443367fed5bf1a157487435b6995917dd1b3955e7e48a677f67d8805a2f0fa73d6aa0d03e098419ab21c4755113be3dd1f3111df1a1e10e168f3b6d20ff5a047178260b4170e32816a8fcbd34ae2abb8bdbe7af008e", 0x59, 0x4004000}, 0x4000800)
write$binfmt_script(r6, &(0x7f0000000140)={'#! ', './file0'}, 0xb)

1.021368694s ago: executing program 7 (id=7940):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)='%ps    \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x21, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000006c0)='kmem_cache_free\x00', r1, 0x0, 0x2000}, 0x18)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.sectors\x00', 0x26e1, 0x0)
close(r2)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a1202, 0x0)
ioctl$PPPIOCNEWUNIT(r3, 0xc004743e, &(0x7f0000000600)=0x2)
write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="80fd"], 0x9)

904.917066ms ago: executing program 7 (id=7941):
socket$unix(0x1, 0x1, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x200008, &(0x7f0000000400)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x10000}}]}, 0x1, 0x504, &(0x7f0000001000)="$eJzs3c9vI1cdAPDveOPEyaZNWnoABO3SFha0WifxtlHVA5QTQqgSokeQtiHxRlHsOIqd0oQ9pGckTkhU4gRH/gDOPXHnguDGpRyQ+BGBGiQORjMep07W3gSS2FH8+UijeW/erL/vbXbei7/Z+AUwtu5ExEFETEbEuxExl19P8iPe6hzpfZ8cPl49Ony8mkS7/c7fk6w9vRY9fyZ1O3/NUkR871sRP0yejNvc299cqdWqO3l9oVXfXmju7d/fqK+sV9erW5XK8tLy4hsPXq9c2lhfqk/mpS9+/LuDr/047dZsfqV3HJepM/TicZzURER85yqCjcCtfDyTo+4I/5dCRDwfES9nz/9c3Mq+mgDATdZuz0V7rrd+LDlZBQBuikKWA0sK5TwXMBuFQrncyeG9EDOFWqPZuveosbu11smVzUex8GijVl3Mc4XzUUzS+lJW/rReOVV/EBHPRcTPpqazenm1UVsb5Tc+ADDGbp9a//811Vn/AYAbrjTqDgAAQ2f9B4DxY/0HgPFj/QeA8dNZ/6dH3Q0AYIi8/weA8WP9B4Cx8t23306P9lH++ddr7+3tbjbeu79WbW6W67ur5dXGznZ5vdFYzz6zp37W69Uaje2l12L3/fmvbzdbC829/Yf1xu5W62H2ud4Pq8XsroMhjAwAGOS5lz76Y5KuyG9OZ0f07OVQHGnPgKtWGHUHgJG5NeoOACNjty8YXxd4j1+M+KkUAdwAfbboPaHU7xeE2u12++q6BFyxu5+T/4dx1ZP/97+AYczI/8P4kv+H8dVuJ+fd5D/OeyMAcL3J8QMDfv7/fH7+df7DgR+snb7jw6vsFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFxv3f1/y/le4LNRKJTLEc9ExHwUk0cbtepiRDwbEX+YKk6l9aUR9xkAuKjCX5J8/6+7c6/Onmh68fZxcTIifvSLd37+/kqrtfP7iMnkH1Pd660P8+uV4fceADhbd53Ozj1v5D85fLzaPYbZn79+MyJKnfhHh5NxdBx/IiaycymKETHzzySvdyQ9uYuLOPggIj7bb/xJzGY5kM7Op6fjp7GfGWr8won4haytc07/Lj5zCX2BcfNROv+81e/5K8Sd7Nz/+S9lM9TF5fNf+lKrR9kc+Gn87vx3a8D8d+e8MV777bc7pekn2z6I+PxERDf2Uc/8042fDIj/6jnj/+kLL748qK39y4i70T9+b6yFVn17obm3f3+jvrJeXa9uVSrLS8uLbzx4vbKQ5agXBq8Gf3vz3rOD2tLxzwyIXzpj/F8+5/h/9Z93v/+lp8T/6iv94hfihafET9fEr5wz/srMb0qD2tL4awPGf9bX/94543/85/0ntg0HAEanube/uVKrVXcUFK5/If0new260bfwjWHFmoz+TT95pfNMn2rqfu//P8YaNGNcRtYNuA6OH/qI+PeoOwMAAAAAAAAAAAAAAPQ1jN9YGvUYAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLn+GwAA//+hm8cd")
quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f0000000040)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000100)={0x0, 0x100000000, 0x2000000000000000, 0x3, 0x0, 0xffffffffffffffff, 0x7b, 0xfffffffffffffffd, 0x9b})
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)

859.538186ms ago: executing program 7 (id=7942):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f000001fa00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c000000060a09040000000000000000020000000900010073797a30000000000900020073797a320000000020000000080a05000000000000000000020000000900010073797a300000000014000000020a5bec44000000000000000000000014000000110001"], 0x88}}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000020000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000340)='kmem_cache_free\x00', r2}, 0x18)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff)
r5 = gettid()
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r3, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x500, 0x0, 0x2000040}, 0xc, &(0x7f0000000240)={&(0x7f0000000800)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010028bd7000ffdbdf2514000000080001000100000008000300", @ANYRES32=0x0, @ANYBLOB="08001c00", @ANYRES32=r5], 0x2c}, 0x1, 0x0, 0x0, 0x20000040}, 0x4000000)
r6 = ioctl$TUNGETDEVNETNS(0xffffffffffffffff, 0x54e3, 0x0)
r7 = syz_clone(0x200011, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r7)
ptrace$poke(0x420f, r7, 0x0, 0xffffffffffeffffe)
r8 = getpgid(0x0)
r9 = getpgrp(0x0)
r10 = syz_open_procfs$userns(0xffffffffffffffff, &(0x7f00000001c0))
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x48, r4, 0x905, 0x70bd2c, 0x25dfdbff, {}, [@NL802154_ATTR_NETNS_FD={0x8, 0x1d, r6}, @NL802154_ATTR_PID={0x8, 0x1c, r7}, @NL802154_ATTR_PID={0x8, 0x1c, r8}, @NL802154_ATTR_PID={0x8, 0x1c, r9}, @NL802154_ATTR_NETNS_FD={0x8, 0x1d, r10}, @NL802154_ATTR_WPAN_DEV={0xc}]}, 0x48}, 0x1, 0x0, 0x0, 0x8}, 0x11)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x20c006, &(0x7f0000000480)={[{@grpjquota}, {@mblk_io_submit}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@discard}, {@grpquota}], [{@seclabel}]}, 0x1, 0x446, &(0x7f0000000d40)="$eJzs28tvG8UfAPDv2kn6/P1qqvLoAwgURMQjadJSeuACAokDSEhwKMeQpFWo26AmSLSKICBUjqgSd8QRib+AE1wQcELiCndUqUK5tMDFaOPdxHbttA5ONtSfj7TJzO44M1/vjj07kw2gbw2nP5KIvRHxa0Tsq2ebCwzXf91cXpz6c3lxKola7Y0/kpVyN5YXp/Ki+ev25JmBiNInSRxuU+/8pcvnJqvVmYtZfmzh/Ltj85cuPzN7fvLszNmZCxOnTp04Pv7cyYlnexJnGteNQx/MHTn4yltXX5s6ffXtH79O8vhb4uiR4fUOPl6r9bi6Yv2vIZ0MFNgQulKud9MYXOn/+6IcaydvX7z8caGNAzZVrVar3df58FINuIslUXQLgGLkX/Tp/W++bdHQY1u4/kL9BiiN+2a21Y8MRCkrM9hyf9tLwxFxeumvL9ItNmceAgCgybfp+OfpbPzXtPBTisZ5of9nayiViLgnIvZHxMmIOBAR90aslL0/Ih7osv7WRZJbxz+la13+ya6k47/ns7Wt5vFfPvqLSjni73y4XInB5MxsdeZY9p6MxOCOND++Th3fvfTLZ52ONY7/0i2tPx8LZu24NrCj+TXTkwuT/ybmRtc/ijg00C7+ZHUlIL0sDkbEoQ3WMfvkV0c6Hbt9/M2GGjM9WGeqfRnxRP38L0VL/Llk/fXJsZ1RnTk2ll8Vt/rp5yuvd6q/2/h7LT3/u9te/6vxV5LG9dr57uu48tunHe9pNnr9DyVvNu17f3Jh4eJ4xFDyar3RjfsnWspNrJVP4x852r7/74+1d+JwRKQX8YMR8VBEPJy1/ZGIeDQijq4T/w8vPvZO856ki/g3Vxr/dFfnfy0xFK172ifK577/pqnSSnQRf3r+T6ykRrI9d/L5dyft2tjVDAAAAP89pYjYG0lpdDVdKo2O1v+H/0DsLlXn5heeOjP33oXp+jMClRgs5TNd9fng+nzoeHZbn+cnWvLHs3njz8u7VvKjU3PV6aKDhz63p0P/T/1eLrp1wKbzvBb0L/0f+pf+D/1L/4f+1ab/7yqiHcDWa/f9/2EB7QC2Xkv/t+wHfcT9P/Qv/R/6l/4PfWl+V9z+Ifntmti5PZrRn4koFVd7PkNV+JtwFycK/mACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADokX8CAAD//2Ts5lU=")
creat(&(0x7f0000000040)='./file1\x00', 0x44)

738.904708ms ago: executing program 7 (id=7943):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400000008020000d900000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000000000000000000000a088869d"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRESDEC, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x3, 0x0, 0x0, 0x80000000000, 0x42071, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x2, @perf_config_ext={0x0, 0x10000}, 0x1030, 0x8, 0x3, 0x3, 0x2004, 0x1088f105, 0xe9, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r3 = socket$kcm(0x10, 0x5, 0x0)
sendmsg$kcm(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000ac0)="d800000018008103e00312ba0d8105040a600300ff0f040b067c55a1bc000900b80006990700000015000500fef32702d3001500030001400200000901ac040098007f6f94007100a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b11602b2a10c11ce1b14d6d930dfe1d9d322fe04000000730d7a5025ccca26203d40fad95667e04adcdf634c1f215ce3bb9ad809d5e1cace81ed0b66bce0b42a9ecbee5de6ccd40dd6e4edef3d93452a92307f00000e970300000000000000000000000000000000000000db75845824d75284", 0xe0}], 0x1}, 0x48002)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYRES16=r4], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x6, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000540)='sched_kthread_work_queue_work\x00', r2, 0x0, 0x3}, 0x18)
r6 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000640), 0x0, 0x0)
fchdir(r6)
exit(0x0)
symlink(&(0x7f0000001000)='./file0\x00', &(0x7f00000000c0)='./file0\x00')
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000009c0)=ANY=[@ANYBLOB, @ANYRESHEX=r5, @ANYBLOB="01030000b000000000001c00000018000180146864d30812fa0600020076657468300000000000000000000000a847f5e32ab9865ab6ce4bc8f22141606912f0bd31a257f273dab20f4203525e6af1994f20045c68aceffa90f488f357381e740900000000000000d35aa6df1c4b9451921de8d4ea575c31757d31cc94081565daf6b8849456b057df1c2e8c6710017cceee70c83494bdb0e0fcf02deecb8b66ad35b67e1fcab58c5bb57f7b5eef84483a0ad802cf1d449eca91dcde0ef1b3f348a6416a3e83a837be41a56b6defab3eaf8a58a91554b295ecdbe3c4166a7b"], 0x2c}, 0x1, 0x0, 0x0, 0x20040005}, 0x40040)
r7 = socket$rds(0x15, 0x5, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b70300000700000085000000110000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000340)='kfree\x00', r8, 0x0, 0x1}, 0x44)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000004400)='./file0\x00', 0x0, &(0x7f0000000380)={[{@usrquota}, {@noblock_validity}, {@bh}, {@max_batch_time={'max_batch_time', 0x3d, 0x8c9}}, {@debug}, {@inlinecrypt}], [{@smackfsroot={'smackfsroot', 0x3d, 'debug'}}]}, 0x6, 0x5fc, &(0x7f0000000c00)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHTQq2FkzBg4KCiFeRXvwHvEvv3kRQb56FKlJRUOnK7M62m2Q3XdPsTpr5fGCzz/PM7D7PdydP5pmZPDsBlNZ49iON2BVx51QSMdaybDQaC8fz9W7/du109kiiVnv91ySSvKy5fpI/b88zwxHx7dGIRyur6124cvXsdLXW8F7E/sVzF/cvXLm6b/7c9JnZM7Pnpw68cPDQ5ItTB6c2JM7t+fOx4689+fH7bz8/9111XxKH4+TguzOxIo6NMh7jcScPsbV8ICIOZYk2n8vDZguEUGqV/PdxMCIej7Go1HMNYzH/UaGNA3qqVomoASWV6P9QUs1xQPPYvrvj4JM9HpX0z60jjQOg1fEPNM6NxHD92Gjb7aTlyKhxbmPHBtSf1fHPtd2fZ49Ydh7iz7tbZ2AD6ulk6XpEPNEu/qTeth31SLP402XtSCJiMiKG8va98gBtSFrSvTgPs5b1xp9GxOH8OSs/us76x1fk+x0/AOV080i+I1/Kcvf2f9nYozn+iTbjn9E2+671KHr/13n819zfD9fPkacrxmHZmOVE+7ccXFnw04fHPu1Uf+v4L3tk9TfHgv1w63rE7hXxf5AFm49/sviTNts/W+XU4e7qePX7X451WlZ0/LUbEXvaHv/cG5VmqTWuT+6fm6/OTjZ+tq3j62/e+rJT/UXHn23/bR3ib9n+6crXZZ/JxS7r+OrEjXOdlo3eN/7056Gkcbw5lJe8M724eGkqYig5nq/SUn5g7bY012m+Rxb/3mfa9/9lv//Xl7/PSPNPZhcuvnH2dqdl69n+LReT79S6bEMnWfwz99/+q/p/VvZJl3X88eblpzotWyv+kQcJDAAAAAAAAEoorV+DTdKJu+k0nZhozJd9LLal1QsLi8/OXbh8fiZib/3/IQfT5pXusUY+yfJT+f/DNvMHVuSfi4idEfFZZaSenzh9oTpTdPAAAAAAAAAAAAAAAAAAAACwSWzP5/8371P9e6Ux/x8oiV7eYA7Y3PR/KK96/191iyegDOz/obz0fygv/R/KS/+H8tL/obz0fygv/R/KS/8HAAAAgC1p59M3f0wiYumlkfojM5QvMyMItrbBohsAFKZSdAOAwty99G+wD6XT1fj/r/zLAXvfHKAASbvC+uCgtnbnv9n2lQAAAAAAAAAAAABAD+zZ1Xn+v7nBsLWZ9gfl9QDz/311ADzkfPU/lJdjfOB+s/iHOy0w/x8AAAAAAAAAAAAA+ma0/kjSiXwu8Gik6cRExP8jYkcMJnPz1dnJiHgkIn6oDP4vy08V3WgAAAAAAAAAAAAAAAAAAADYYhauXD07Xa3OXmpN/L2qZGsnmndB7UNdL8d/fFUk/f9YRiKi8I3Ss8RAS0kSsZRt+U3RsEsLsTmaUU8U/IcJAAAAAAAAAAAAAAAAAABKqGXucXu7v+hziwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg/+7d/793iaJjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTv8GAAD//7V5QCw=")
bind$rds(r7, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r7, &(0x7f0000000300)={&(0x7f0000000040)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f00000006c0)=[@rdma_args={0x48, 0x114, 0x1, {{0x3, 0x2}, {&(0x7f00000000c0)=""/160, 0xa0}, &(0x7f0000000340)=[{&(0x7f0000001140)=""/102, 0x66}], 0x1, 0x60, 0xfffffffefffffffe}}], 0x48, 0x8004}, 0x0)
unshare(0x4020400)
getpid()
pidfd_send_signal(0xffffffffffffffff, 0x2, &(0x7f0000000000)={0x2, 0x1, 0x80}, 0x0)
r9 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r9, 0x107, 0x12, &(0x7f0000000100)={0x3, 0x3}, 0x4)

600.82733ms ago: executing program 2 (id=7944):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x5420, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x2a}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x5, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0xfffffffd}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r4, &(0x7f0000001200), 0x10)
syz_open_procfs(0x0, &(0x7f0000000200)='net/unix\x00')
close_range(r3, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, &(0x7f0000000580)='smaps_rollup\x00')
mlock(&(0x7f000056e000/0x8000)=nil, 0x8000)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)

526.742502ms ago: executing program 2 (id=7945):
bpf$MAP_CREATE(0x0, &(0x7f0000001280)=ANY=[@ANYBLOB="070000000400000008020000210000000000000036f8c0bc3ec8530a860c0c48622b44a5fdd5c916493974a7f982fd50e656bc9089b7fea151d6e8d60bd0478418eedc0bec9cabd8e33d010b3435bfc807ebf2453d149e3d34f5fde0319aa51cbf0cdd633693047ab36a6a54e245612ac98834095bced08bde00"/133, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r0}, 0x18)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6(0xa, 0x802, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0xb, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000f40000000000000020000018010000202070250000000000202020db1af8ff00000000bfa100000000000017010000f0ffffffb702000008000000b70300000080000085000000ca00000095"], &(0x7f0000000400)='GPL\x00', 0x8, 0xdd, &(0x7f0000000440)=""/221, 0x0, 0x40}, 0x94)
quotactl$Q_SYNC(0xffffffff80000101, 0x0, 0x0, 0x0)
pselect6(0x0, 0x0, 0x0, &(0x7f00000002c0)={0x3fe, 0x0, 0x0, 0x0, 0x0, 0x1ff}, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', 0xffffffffffffffff, 0x0, 0x5}, 0x18)
socket$inet6_mptcp(0xa, 0x1, 0x106)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000280)={[{@nogrpid}, {@jqfmt_vfsv0}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@debug}, {@nombcache}, {@quota}, {@nolazytime}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
openat(0xffffffffffffff9c, 0x0, 0x101442, 0x0)
socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f}, 0x94)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), r2)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000640)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010029bd7000fcdbdf250d00000018000180140002006261746164765f736c6176655f3000003b9282828afe1c5e1343033819b627013029da3901467ed485f4506a22ffab90f25d5e9265d2f1d540"], 0x2c}, 0x1, 0x0, 0x0, 0xc00}, 0x2de0d2a06d7aeea8)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r5}, 0x10)
r6 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000500)=ANY=[@ANYBLOB="38000000031401002dbd7000000000000900020073797a320000000008004100727865001400330076657468305f746f5f626f6e64"], 0x38}, 0x1, 0x0, 0x0, 0x20000854}, 0x4008004)
sendmsg$L2TP_CMD_SESSION_DELETE(r6, &(0x7f0000000600)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000400)={&(0x7f0000000700)=ANY=[@ANYBLOB="48000000a2fbcd4efb249de57238a5f922dc5214d24bc293b34e40a24dbc44bc64efa83f52665c328d908c036e00e482d6283483d05c281bb3f639328fb7ee3a5c261f880cae458063849894b3b7abd1497d09140380636a2de60b3a3e2cd064b943a625a61669d53515ed902fc4", @ANYRES16=r5, @ANYBLOB="020025bd7000ffdbdf250600050017000200030300000000020000d034fe6e9265ccdfd9080017000000000000000000020000000000000005b8b789b4071b7f00000094de4df35f2eb432e29fe33a2138f63e31fb84ea3ae34ea615432d72a50d9be025b545742b0e98018bd90cb39899fe3881b880f72eb7850837a883bf31ce0fa97f2ee9ac4418d1335260a9ba68784f62f9b7ea82a111620dcba4aa0b182e461c73fa050c43be36bcc0dc639a4168419256d5baeb5605d8e5122914777ed920ffe831aa4c461508ba64d7443e86681e058e2495e058adbf960a032a4db449b921f3514a8fa090612348ed80986cc04dd5f336406dcd5e16e23ae07b0bd000"/277, @ANYRES32, @ANYBLOB="08000a00040000000500050000000000"], 0x48}, 0x1, 0x0, 0x0, 0x48040}, 0x40408d4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r7 = socket(0x10, 0x3, 0x0)
connect$netlink(r7, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(r7, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000001540)=@newtaction={0x68, 0x30, 0x829, 0x0, 0x0, {}, [{0x54, 0x1, [@m_skbedit={0x50, 0x81, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18, 0x2, {0x0, 0x0, 0x10000000}}, @TCA_SKBEDIT_PRIORITY={0x8}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x20000000}, 0x200080c0)
sendmsg$ETHTOOL_MSG_RINGS_SET(r6, &(0x7f00000005c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x200010}, 0xc, &(0x7f0000000580)={&(0x7f0000000d80)=ANY=[@ANYBLOB="b1d6000000", @ANYRES16=r3, @ANYBLOB="000126bd7000fddbdf25100000000c00018008000300030000000800090000000000"], 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x4000)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)

500.548632ms ago: executing program 6 (id=7947):
acct(0x0)

440.723463ms ago: executing program 6 (id=7948):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000380)=[{0x200000000006, 0x1, 0x7, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x52}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000002c0)='./file0\x00', 0x10, &(0x7f0000000600), 0x1, 0x59d, &(0x7f0000001100)="$eJzs3c9vFGUfAPDvs7stlAItb97kfZGDTUiERG1pwWiMiRDx5sEfJJ5IrG0hhAUaWhNBjJDgf6B/gIk3E2M8EmOIevHqzcSriSESA714WzO7s2WB3f7cMsh8PsnQ55mnk+8zu3z7zDw7MxtAaY1l/1Qi9kbEfIoY6WirRd441vq9u3euzCzduTKTotF4568UKV/X/v2U/xzON94eEb/8kOI/1YfjLly6fHa6Xp+7mNcnFs/NTyxcuvz8mXPTp+dOz52fmnxx8oUjh6eOHOrLfu6KiJ/Gj9eun3pt3zczX+755LuvbqQ4Gjvz9s796JexGFt+TTplr+tL/Q5WkGq+P51vcaoV2CHWpf3+DUTE/2IkqnHvzRuJT98qtHPAlmqkiAZQUkn+Q0m1jwOy89/2UuwRCfCo3D7WmgC4m1pze0vL+V9rzQ3G9ubcwI6lFJ3TOiki+jEzl8WYfyaNZEts0Twc0N3VaxHx/27jf2rm5mhzFj/L/8p9+V+JiDfzn9n6tzcYf+yBuvyHR2cz+f9eR/6/v8H48h8AAAAAAAD65+axiHiu2+d/leXrf6LL9T/DEXG0D/FX//yvcqsPYYAubh+LeCUi2tf+LXXkf260mtd2Na8HGEinztTnDkXE7og4GAPbsvrkCjHG9v080LOt4/q/bMnit68FzPtxq7bt/m1mpxenN7PPQMvtaxFP1brlf1oe/1OX8T8b++fXGKNx/NUfe7Wtnv/AVml8EXGg6/h/78kVaeXnc0w0jwcm2kcFD/vo5I1ve8WX/1CcbPzfsXL+j6bO5/UsrD/Gx3/+ton87378P5hONB85M5iv+3B6cfHiZMRgeuPh9VPr7zM8idr50M6XLP8P7u9+/r/S8f9QRFxdY8wT379+vVeb8R+KM3QtYnZd4//6C/vf/fzvXvHXNv4faY7pB/M15v9gZWtN0KL7CQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/RpWI2BmpMr5crlTGxyOGI+K/saNSv7Cw+OypCx+cn83amt//X2l/0+9Iq57a3/8/2lGfeqB+OCL2RMRn1aFmfXzmQn226J0HAAAAAAAAAAAAAAAAAACAx8Rwj/v/M39Ui+4dsOVqRXcAKIz8h/KS/1Be8h/KS/5Decl/KC/5D+Ul/6G85D+UV7Xx9cmi+wAAAAAAAPTNnqdv/poi4urLQ80lM5i3DRTaM2CrHS26A0BhPOIHysulf1Beq53jmwOAJ19apX37hrcEAAAAAAAAAAAAAPrlwF73/0NZVYruAFCY3vf/ezIAPOnc/w/l5RwfcP8/AAAAAAAAAAAAADz+Fi5dPjtdr89d3Ghh2+Y2V1BYa+H33a3/s49Lf9ZfiNSHjHtEhaL/MgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG3/BAAA//9r5fVk")
openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1258438, &(0x7f0000000f80)=ANY=[], 0xb, 0x0, &(0x7f0000000000))
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0xfe, 0x0, 0x0, 0x0, 0x7, 0x4510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x1, @perf_bp={0x0, 0xa}, 0x0, 0x10004, 0x1000000, 0x0, 0x5, 0x20005, 0xb, 0x0, 0xc32, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = semget$private(0x0, 0x0, 0x42)
semctl$SETALL(r2, 0x0, 0x11, 0x0)
socket$nl_audit(0x10, 0x3, 0x9)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0x322, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r4}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
fspick(0xffffffffffffffff, 0x0, 0x1)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff})
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r7, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
close_range(r6, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='kmem_cache_free\x00'}, 0x10)
openat(0xffffffffffffffff, 0x0, 0x80, 0x17a)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0xc0a85320, &(0x7f00000003c0)={{0x80}, 'port0\x00', 0x511e3659902368a, 0x20001, 0x7, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x4})

432.403023ms ago: executing program 6 (id=7949):
r0 = openat(0xffffffffffffff9c, 0x0, 0x200, 0xa)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x2, 0x0)
sendfile(r1, r0, 0x0, 0x6)

366.192444ms ago: executing program 6 (id=7950):
r0 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
r1 = open(0x0, 0x60840, 0x0)
fcntl$setsig(r1, 0xa, 0x13)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
timer_create(0x0, &(0x7f00000005c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000280)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
truncate(0x0, 0x0)
r3 = syz_open_dev$usbfs(&(0x7f0000000000), 0x20000007d, 0x0)
ioctl$USBDEVFS_REAPURB(r3, 0x4008550c, &(0x7f0000000040))
dup3(r0, r3, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x18)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r5, 0x0, 0x60, &(0x7f0000000cc0)={'filter\x00', 0x3b, 0x4, 0x4c8, 0x3e0, 0x2f8, 0x3e0, 0x2f8, 0x3e0, 0x3e0, 0x4, 0x0, {[{{@uncond, 0xc0, 0x1e8}, @unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'system_u:object_r:update_modules_exec_t:s0\x00'}}}, {{@arp={@broadcast, @dev, 0x0, 0x0, 0x0, 0x0, {@mac=@broadcast}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_batadv\x00', 'veth1_to_hsr\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@remote, @empty, @multicast2, @loopback}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0xffffffffffffffff}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x520)
r6 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
sendmsg$tipc(r7, &(0x7f0000001500)={&(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x1, {0x40, 0x1, 0x3}}, 0x10, &(0x7f0000001780)=[{&(0x7f0000001280)="4733eff814a45e33", 0x8}, {&(0x7f00000012c0)="ecba21438d10feb6f07cce8b53ab9efaca11c211eb318c8edfc3006bb26a437017c8fb9f76f2184e2303d5890599e9b77cf171e0201548e483cbb9aa7fb4c10c454cae066968dab3ec0ad2b718bb6eb0ff643ed2f974f928f15a74c9ddeca6212fd823f1343c648a5c01ec895f65e318e875472cee7f90152d2badb89b9e7e0d2f5b464fc84a0ac36a6a28d6b9b0ebb79a635b6df0f13633663a96a91105764a0c56f5e2fe9ac2e8bc6c4375e86e62694f95d07865d826434a0a0067684014767a1334196519c1ea5fcce5568a43", 0xce}, {&(0x7f00000013c0)}, {&(0x7f0000001400)="71ea7d8d48d9f77311675df6e4e2d014b6ab96e5da964db05e1ed285da81a52a885ed99796d0f2676419167cda81194f64d577000aafc55afadf6016e9e58222e7bf95db178ec51c0d9704f56a7b797cab69b3d3298d7f27339648b66147cd1bb06dd95052e03710cff02fd2993488f6eebefbb8e835e556aeb71237", 0x7c}, {&(0x7f00000015c0)="0c33a726b9131f1eb7b87307588a590ffddc65917f7b91a543cf2a416cd8e79238aa3f07f96116c3fc0501fa930c0bd32eed9b698f37f7d793b228704caa1073b35fa2fadab8af66ab", 0x49}, {&(0x7f0000001640)="cad1d444f5a6a84cae0f4fcd341e53223b9b4c9cb6ad93949ff484b72a5854378912d883f896f6144436707a097db00452e46cc390ddeb95246860966f5d19a5c40a049d28249fe7663e5768836de4d27e9e6fef9115929101174b", 0x5b}, {&(0x7f0000001480)="893ab5a8e05a", 0x6}, {&(0x7f00000016c0)="cb0dfda48c700e27846e455af11c411aa84510ba214e819d9cd1a60dbff915d93fd60efc7bb1da696ea4213c026ec7fe7490c03b76f5ec174be01c720633e049023249b09f58b0be6b082d1013903d22adf3cc8d9419cfb686fef276f3d61c325e1736e2aa7163576dd1694c6afb2f68f371437cfc58ae139b5834d386082ac38e2afd36a0c8", 0x86}], 0x8, &(0x7f0000001800)="847decf443367fed5bf1a157487435b6995917dd1b3955e7e48a677f67d8805a2f0fa73d6aa0d03e098419ab21c4755113be3dd1f3111df1a1e10e168f3b6d20ff5a047178260b4170e32816a8fcbd34ae2abb8bdbe7af008e", 0x59, 0x4004000}, 0x4000800)
write$binfmt_script(r6, &(0x7f0000000140)={'#! ', './file0'}, 0xb)

328.372505ms ago: executing program 6 (id=7951):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)='%ps    \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x21, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000006c0)='kmem_cache_free\x00', r1, 0x0, 0x2000}, 0x18)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.sectors\x00', 0x26e1, 0x0)
close(r2)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a1202, 0x0)
ioctl$PPPIOCNEWUNIT(r3, 0xc004743e, &(0x7f0000000600)=0x2)
write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="80fd"], 0x9)

264.328326ms ago: executing program 3 (id=7952):
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000a40), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x167842, 0x19)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0xf292, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
r3 = socket(0x11, 0x3, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000005c0)={'gre0\x00', <r5=>0x0})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f000045b000/0x2000)=nil, 0x2000, 0x3, &(0x7f0000000000)=0x9, 0x7, 0x0)
get_mempolicy(0x0, 0x0, 0x73e, &(0x7f0000433000/0x2000)=nil, 0x3)
ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r0, 0x89fb, &(0x7f0000000380)={'sit0\x00', &(0x7f0000000300)={@empty, @multicast1, 0x8, 0x19}})
bind$packet(r3, &(0x7f0000000180)={0x11, 0x1b, r5, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14)
bind$packet(r3, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x9, 0x6, @dev}, 0x14)
ioctl$PPPIOCGCHAN(r3, 0x80047437, &(0x7f0000000200))
r6 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000002080)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffd98, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b0000000700000008000000a6ad6a1a05"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r9}, 0x10)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r10, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000000140)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r11, @ANYBLOB="dfffffffffffffff00001c00000018000180140002006c6f"], 0x2c}}, 0x0)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r12}, 0x10)
ioctl$USBDEVFS_FREE_STREAMS(r6, 0x8008551d, &(0x7f0000000340)=ANY=[@ANYBLOB="5266000001"])
pwritev2(r0, &(0x7f0000000240), 0x0, 0x1404, 0x1, 0x14)
connect$rxrpc(r0, &(0x7f0000000080)=@in6={0x21, 0x4, 0x2, 0x1c, {0xa, 0x4e20, 0x401, @ipv4={'\x00', '\xff\xff', @loopback}, 0x8000}}, 0x24)

112.875268ms ago: executing program 6 (id=7953):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0/../file0\x00', 0x434000, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='\x00\x00\x00\x00\x00')
r2 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000000314010000000000000000000900020073797a2f000000000800410072786500140033007465616d5f736c6176655f30"], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x8844)
r3 = syz_open_dev$evdev(&(0x7f0000000000), 0x500000, 0x200)
ioctl$EVIOCGNAME(r3, 0x80404506, &(0x7f00000000c0))
fchmodat(r0, &(0x7f0000000080)='./file0/../file0\x00', 0x8f)

0s ago: executing program 3 (id=7954):
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
setsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f0000000000)={@rand_addr=0x64010101, @remote}, 0xc) (async)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
move_mount(r0, 0x0, 0xffffffffffffff9c, 0x0, 0x244)

kernel console output (not intermixed with test programs):

[  484.987756][T30852] hsr_slave_0: entered promiscuous mode
[  484.988474][T30852] hsr_slave_1: entered promiscuous mode
[  485.098974][T31185] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7329'.
[  485.157226][T31226] FAULT_INJECTION: forcing a failure.
[  485.157226][T31226] name failslab, interval 1, probability 0, space 0, times 0
[  485.170037][T31226] CPU: 0 UID: 0 PID: 31226 Comm: syz.3.7330 Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(voluntary) 
[  485.170148][T31226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  485.170161][T31226] Call Trace:
[  485.170166][T31226]  <TASK>
[  485.170174][T31226]  __dump_stack+0x1d/0x30
[  485.170197][T31226]  dump_stack_lvl+0xe8/0x140
[  485.170226][T31226]  dump_stack+0x15/0x1b
[  485.170243][T31226]  should_fail_ex+0x265/0x280
[  485.170289][T31226]  should_failslab+0x8c/0xb0
[  485.170338][T31226]  __kmalloc_noprof+0xa5/0x3e0
[  485.170361][T31226]  ? genl_family_rcv_msg_attrs_parse+0x75/0x190
[  485.170449][T31226]  genl_family_rcv_msg_attrs_parse+0x75/0x190
[  485.170477][T31226]  genl_family_rcv_msg_doit+0x48/0x1b0
[  485.170505][T31226]  ? security_capable+0x83/0x90
[  485.170530][T31226]  ? ns_capable+0x7d/0xb0
[  485.170568][T31226]  genl_rcv_msg+0x422/0x460
[  485.170598][T31226]  ? __pfx_ethnl_default_set_doit+0x10/0x10
[  485.170706][T31226]  netlink_rcv_skb+0x120/0x220
[  485.170736][T31226]  ? __pfx_genl_rcv_msg+0x10/0x10
[  485.170771][T31226]  genl_rcv+0x28/0x40
[  485.170792][T31226]  netlink_unicast+0x5a5/0x680
[  485.170893][T31226]  netlink_sendmsg+0x58b/0x6b0
[  485.170915][T31226]  ? __pfx_netlink_sendmsg+0x10/0x10
[  485.170935][T31226]  __sock_sendmsg+0x145/0x180
[  485.170966][T31226]  ____sys_sendmsg+0x31e/0x4e0
[  485.171038][T31226]  ___sys_sendmsg+0x17b/0x1d0
[  485.171091][T31226]  __x64_sys_sendmsg+0xd4/0x160
[  485.171159][T31226]  x64_sys_call+0x2999/0x2fb0
[  485.171233][T31226]  do_syscall_64+0xd2/0x200
[  485.171262][T31226]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  485.171295][T31226]  ? clear_bhb_loop+0x40/0x90
[  485.171318][T31226]  ? clear_bhb_loop+0x40/0x90
[  485.171380][T31226]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  485.171401][T31226] RIP: 0033:0x7fc1dddee929
[  485.171436][T31226] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  485.171459][T31226] RSP: 002b:00007fc1dc457038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  485.171483][T31226] RAX: ffffffffffffffda RBX: 00007fc1de015fa0 RCX: 00007fc1dddee929
[  485.171517][T31226] RDX: 0000000000088010 RSI: 0000200000000540 RDI: 0000000000000011
[  485.171529][T31226] RBP: 00007fc1dc457090 R08: 0000000000000000 R09: 0000000000000000
[  485.171541][T31226] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  485.171553][T31226] R13: 0000000000000000 R14: 00007fc1de015fa0 R15: 00007ffd7f79de88
[  485.171611][T31226]  </TASK>
[  485.549121][  T153] bond0 (unregistering): Released all slaves
[  485.610867][  T153] tipc: Left network mode
[  485.615921][  T153] IPVS: stopping master sync thread 29766 ...
[  485.627019][  T153] veth1_macvtap: left promiscuous mode
[  485.632611][  T153] veth0_macvtap: left promiscuous mode
[  485.641812][  T153] veth1_vlan: left promiscuous mode
[  485.647621][  T153] veth0_vlan: left promiscuous mode
[  485.836095][T31264] loop0: detected capacity change from 0 to 512
[  485.842979][T31264] EXT4-fs: Ignoring removed bh option
[  485.849377][T31264] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  485.861394][T31264] EXT4-fs (loop0): 1 truncate cleaned up
[  485.868163][T31264] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  485.922220][T31265] x_tables: unsorted entry at hook 1
[  486.342688][T30852] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  486.363984][T30852] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  486.399482][T30852] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  486.403524][T25194] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  486.421481][  T153] IPVS: stop unused estimator thread 0...
[  486.427599][T30852] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  486.444679][T31321] x_tables: unsorted entry at hook 1
[  486.487572][T30852] 8021q: adding VLAN 0 to HW filter on device bond0
[  486.505039][T30852] 8021q: adding VLAN 0 to HW filter on device team0
[  486.514727][ T5781] bridge0: port 1(bridge_slave_0) entered blocking state
[  486.521982][ T5781] bridge0: port 1(bridge_slave_0) entered forwarding state
[  486.523627][T31335] FAULT_INJECTION: forcing a failure.
[  486.523627][T31335] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  486.535008][T31333] hub 6-0:1.0: USB hub found
[  486.542441][T31335] CPU: 0 UID: 0 PID: 31335 Comm: syz.0.7341 Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(voluntary) 
[  486.542598][T31335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  486.542615][T31335] Call Trace:
[  486.542626][T31335]  <TASK>
[  486.542637][T31335]  __dump_stack+0x1d/0x30
[  486.542666][T31335]  dump_stack_lvl+0xe8/0x140
[  486.542748][T31335]  dump_stack+0x15/0x1b
[  486.542770][T31335]  should_fail_ex+0x265/0x280
[  486.542812][T31335]  should_fail+0xb/0x20
[  486.542901][T31335]  should_fail_usercopy+0x1a/0x20
[  486.542944][T31335]  _copy_from_iter+0xcf/0xe40
[  486.542989][T31335]  ? __build_skb_around+0x1a0/0x200
[  486.543094][T31335]  ? __alloc_skb+0x223/0x320
[  486.543144][T31335]  netlink_sendmsg+0x471/0x6b0
[  486.543253][T31335]  ? __pfx_netlink_sendmsg+0x10/0x10
[  486.543280][T31335]  __sock_sendmsg+0x145/0x180
[  486.543314][T31335]  ____sys_sendmsg+0x31e/0x4e0
[  486.543424][T31335]  ___sys_sendmsg+0x17b/0x1d0
[  486.543488][T31335]  __x64_sys_sendmsg+0xd4/0x160
[  486.543566][T31335]  x64_sys_call+0x2999/0x2fb0
[  486.543659][T31335]  do_syscall_64+0xd2/0x200
[  486.543685][T31335]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  486.543723][T31335]  ? clear_bhb_loop+0x40/0x90
[  486.543754][T31335]  ? clear_bhb_loop+0x40/0x90
[  486.543786][T31335]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  486.543880][T31335] RIP: 0033:0x7f2078b1e929
[  486.543903][T31335] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  486.543932][T31335] RSP: 002b:00007f2077187038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  486.543958][T31335] RAX: ffffffffffffffda RBX: 00007f2078d45fa0 RCX: 00007f2078b1e929
[  486.543979][T31335] RDX: 0000000004000810 RSI: 0000200000000080 RDI: 0000000000000003
[  486.543997][T31335] RBP: 00007f2077187090 R08: 0000000000000000 R09: 0000000000000000
[  486.544014][T31335] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  486.544121][T31335] R13: 0000000000000000 R14: 00007f2078d45fa0 R15: 00007ffc10ae9948
[  486.544148][T31335]  </TASK>
[  486.755086][T31333] hub 6-0:1.0: 8 ports detected
[  486.807731][ T1093] bridge0: port 2(bridge_slave_1) entered blocking state
[  486.814853][ T1093] bridge0: port 2(bridge_slave_1) entered forwarding state
[  486.846002][T30852] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  486.856552][T30852] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  486.934789][T30852] 8021q: adding VLAN 0 to HW filter on device batadv0
[  487.011796][T31376] loop0: detected capacity change from 0 to 128
[  487.031531][T31376] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  487.047378][T31376] ext4 filesystem being mounted at /414/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  487.129445][T30852] veth0_vlan: entered promiscuous mode
[  487.138806][T30852] veth1_vlan: entered promiscuous mode
[  487.157586][T30852] veth0_macvtap: entered promiscuous mode
[  487.157922][T31391] x_tables: unsorted entry at hook 1
[  487.165404][T30852] veth1_macvtap: entered promiscuous mode
[  487.183002][T30852] batman_adv: batadv0: Interface activated: batadv_slave_0
[  487.194462][T30852] batman_adv: batadv0: Interface activated: batadv_slave_1
[  487.205468][T30852] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  487.214317][T30852] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  487.223127][T30852] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  487.232078][T30852] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  487.361710][T31404] FAULT_INJECTION: forcing a failure.
[  487.361710][T31404] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  487.375168][T31404] CPU: 1 UID: 0 PID: 31404 Comm: syz.5.7353 Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(voluntary) 
[  487.375241][T31404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  487.375256][T31404] Call Trace:
[  487.375263][T31404]  <TASK>
[  487.375272][T31404]  __dump_stack+0x1d/0x30
[  487.375295][T31404]  dump_stack_lvl+0xe8/0x140
[  487.375315][T31404]  dump_stack+0x15/0x1b
[  487.375332][T31404]  should_fail_ex+0x265/0x280
[  487.375365][T31404]  should_fail_alloc_page+0xf2/0x100
[  487.375399][T31404]  __alloc_frozen_pages_noprof+0xff/0x360
[  487.375437][T31404]  alloc_pages_mpol+0xb3/0x250
[  487.375468][T31404]  alloc_pages_noprof+0x90/0x130
[  487.375577][T31404]  pte_alloc_one+0x2d/0x120
[  487.375711][T31404]  __pte_alloc+0x32/0x2b0
[  487.375742][T31404]  handle_mm_fault+0x1c16/0x2be0
[  487.375778][T31404]  ? __rcu_read_unlock+0x4f/0x70
[  487.375843][T31404]  do_user_addr_fault+0x3fe/0x1090
[  487.375878][T31404]  ? __rcu_read_unlock+0x4f/0x70
[  487.375902][T31404]  exc_page_fault+0x62/0xa0
[  487.375934][T31404]  asm_exc_page_fault+0x26/0x30
[  487.375993][T31404] RIP: 0010:rep_movs_alternative+0xf/0x90
[  487.376025][T31404] Code: c4 10 c3 cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 3d f1 01 00 66 2e
[  487.376047][T31404] RSP: 0018:ffffc90003ecfc30 EFLAGS: 00050202
[  487.376062][T31404] RAX: ffff8881022bcb98 RBX: 0000000000000004 RCX: 0000000000000004
[  487.376118][T31404] RDX: 0000000000000001 RSI: 0000200000000080 RDI: ffffc90003ecfccc
[  487.376135][T31404] RBP: 0000200000000080 R08: 00000000000001c7 R09: 0000000000000000
[  487.376151][T31404] R10: 0001c90003ecfccc R11: 0001c90003ecfccf R12: ffff88810b477001
[  487.376181][T31404] R13: 0000000000000039 R14: ffffc90003ecfccc R15: 0000200000000080
[  487.376200][T31404]  _copy_from_user+0x6f/0xb0
[  487.376221][T31404]  do_ipv6_setsockopt+0x220/0x22e0
[  487.376401][T31404]  ? kstrtoull+0x111/0x140
[  487.376433][T31404]  ? __rcu_read_unlock+0x4f/0x70
[  487.376458][T31404]  ? avc_has_perm_noaudit+0x1b1/0x200
[  487.376550][T31404]  ? selinux_netlbl_socket_setsockopt+0x1f9/0x2d0
[  487.376590][T31404]  ipv6_setsockopt+0x59/0x130
[  487.376666][T31404]  sctp_setsockopt+0x116/0xe30
[  487.376793][T31404]  sock_common_setsockopt+0x69/0x80
[  487.376891][T31404]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  487.376919][T31404]  __sys_setsockopt+0x184/0x200
[  487.376981][T31404]  __x64_sys_setsockopt+0x64/0x80
[  487.377014][T31404]  x64_sys_call+0x2bd5/0x2fb0
[  487.377037][T31404]  do_syscall_64+0xd2/0x200
[  487.377054][T31404]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  487.377116][T31404]  ? clear_bhb_loop+0x40/0x90
[  487.377147][T31404]  ? clear_bhb_loop+0x40/0x90
[  487.377169][T31404]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  487.377238][T31404] RIP: 0033:0x7f0a5b82e929
[  487.377253][T31404] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  487.377272][T31404] RSP: 002b:00007f0a59e8f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  487.377291][T31404] RAX: ffffffffffffffda RBX: 00007f0a5ba55fa0 RCX: 00007f0a5b82e929
[  487.377303][T31404] RDX: 0000000000000039 RSI: 0000000000000029 RDI: 0000000000000003
[  487.377353][T31404] RBP: 00007f0a59e8f090 R08: 0000000000000018 R09: 0000000000000000
[  487.377365][T31404] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000001
[  487.377378][T31404] R13: 0000000000000000 R14: 00007f0a5ba55fa0 R15: 00007ffca87696e8
[  487.377398][T31404]  </TASK>
[  487.782351][T31402] x_tables: unsorted entry at hook 1
[  487.871921][T25194] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  487.922216][T31427] loop0: detected capacity change from 0 to 128
[  487.960964][T25194] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF
[  487.961553][T31432] netlink: 132 bytes leftover after parsing attributes in process `syz.5.7359'.
[  487.969599][T25194] FAT-fs (loop0): Filesystem has been set read-only
[  488.100027][T31437] hub 6-0:1.0: USB hub found
[  488.108489][T31437] hub 6-0:1.0: 8 ports detected
[  488.214476][T31447] tipc: Started in network mode
[  488.219662][T31447] tipc: Node identity 3e8bade5e2ff, cluster identity 4711
[  488.227009][T31447] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  488.251972][T27927] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  488.262384][T27927] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 51275 - 0
[  488.272998][T27927] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 2] type 2 family 0 port 45107 - 0
[  488.304275][T31446] tipc: Disabling bearer <eth:syzkaller0>
[  488.343657][T27927] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  488.354123][T27927] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 51275 - 0
[  488.364618][T27927] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 2] type 2 family 0 port 45107 - 0
[  488.439993][T27927] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  488.450386][T27927] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 51275 - 0
[  488.460838][T27927] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 2] type 2 family 0 port 45107 - 0
[  488.467156][T31464] FAULT_INJECTION: forcing a failure.
[  488.467156][T31464] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  488.484368][T31464] CPU: 1 UID: 0 PID: 31464 Comm: syz.3.7367 Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(voluntary) 
[  488.484444][T31464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  488.484460][T31464] Call Trace:
[  488.484469][T31464]  <TASK>
[  488.484479][T31464]  __dump_stack+0x1d/0x30
[  488.484505][T31464]  dump_stack_lvl+0xe8/0x140
[  488.484528][T31464]  dump_stack+0x15/0x1b
[  488.484548][T31464]  should_fail_ex+0x265/0x280
[  488.484637][T31464]  should_fail+0xb/0x20
[  488.484668][T31464]  should_fail_usercopy+0x1a/0x20
[  488.484775][T31464]  _copy_from_user+0x1c/0xb0
[  488.484807][T31464]  ___sys_sendmsg+0xc1/0x1d0
[  488.484867][T31464]  __sys_sendmmsg+0x178/0x300
[  488.484968][T31464]  __x64_sys_sendmmsg+0x57/0x70
[  488.485000][T31464]  x64_sys_call+0x2f2f/0x2fb0
[  488.485043][T31464]  do_syscall_64+0xd2/0x200
[  488.485083][T31464]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  488.485220][T31464]  ? clear_bhb_loop+0x40/0x90
[  488.485245][T31464]  ? clear_bhb_loop+0x40/0x90
[  488.485269][T31464]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  488.485293][T31464] RIP: 0033:0x7fc1dddee929
[  488.485311][T31464] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  488.485372][T31464] RSP: 002b:00007fc1dc436038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  488.485391][T31464] RAX: ffffffffffffffda RBX: 00007fc1de016080 RCX: 00007fc1dddee929
[  488.485403][T31464] RDX: 0400000000000181 RSI: 00002000000030c0 RDI: 0000000000000004
[  488.485419][T31464] RBP: 00007fc1dc436090 R08: 0000000000000000 R09: 0000000000000000
[  488.485465][T31464] R10: 9200000000000000 R11: 0000000000000246 R12: 0000000000000001
[  488.485480][T31464] R13: 0000000000000001 R14: 00007fc1de016080 R15: 00007ffd7f79de88
[  488.485501][T31464]  </TASK>
[  488.671800][   T29] kauditd_printk_skb: 213 callbacks suppressed
[  488.671815][   T29] audit: type=1326 audit(2000000060.900:43571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31457 comm="syz.6.7368" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcb26d9e929 code=0x0
[  488.723767][T27927] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  488.734191][T27927] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 51275 - 0
[  488.744704][T27927] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 2] type 2 family 0 port 45107 - 0
[  488.839162][T27927] bridge_slave_1: left allmulticast mode
[  488.845090][T27927] bridge_slave_1: left promiscuous mode
[  488.850999][T27927] bridge0: port 2(bridge_slave_1) entered disabled state
[  488.860508][T27927] bridge_slave_0: left allmulticast mode
[  488.866305][T27927] bridge_slave_0: left promiscuous mode
[  488.872102][T27927] bridge0: port 1(bridge_slave_0) entered disabled state
[  488.934816][T31517] 9pnet: Could not find request transport: fdĽ˙˙˙
[  488.984415][T27927] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  488.997061][T27927] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  489.009296][T27927] bond0 (unregistering): Released all slaves
[  489.065089][T31453] chnl_net:caif_netlink_parms(): no params data found
[  489.079203][T31529] x_tables: unsorted entry at hook 1
[  489.085026][T27927] tipc: Left network mode
[  489.115401][T27927] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  489.123043][T27927] batman_adv: batadv0: Removing interface: batadv_slave_0
[  489.143661][T27927] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  489.151261][T27927] batman_adv: batadv0: Removing interface: batadv_slave_1
[  489.162231][T27927] veth0_macvtap: left promiscuous mode
[  489.167873][T27927] veth1_vlan: left promiscuous mode
[  489.279711][T31624] FAULT_INJECTION: forcing a failure.
[  489.279711][T31624] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  489.293165][T31624] CPU: 0 UID: 0 PID: 31624 Comm: syz.3.7374 Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(voluntary) 
[  489.293248][T31624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  489.293299][T31624] Call Trace:
[  489.293305][T31624]  <TASK>
[  489.293315][T31624]  __dump_stack+0x1d/0x30
[  489.293341][T31624]  dump_stack_lvl+0xe8/0x140
[  489.293366][T31624]  dump_stack+0x15/0x1b
[  489.293386][T31624]  should_fail_ex+0x265/0x280
[  489.293468][T31624]  should_fail_alloc_page+0xf2/0x100
[  489.293492][T31624]  __alloc_frozen_pages_noprof+0xff/0x360
[  489.293531][T31624]  alloc_pages_mpol+0xb3/0x250
[  489.293564][T31624]  folio_alloc_mpol_noprof+0x39/0x80
[  489.293595][T31624]  shmem_get_folio_gfp+0x3cf/0xd60
[  489.293642][T31624]  shmem_fault+0xf6/0x250
[  489.293681][T31624]  __do_fault+0xb9/0x200
[  489.293744][T31624]  handle_mm_fault+0xd69/0x2be0
[  489.293769][T31624]  ? __rcu_read_unlock+0x4f/0x70
[  489.293808][T31624]  do_user_addr_fault+0x3fe/0x1090
[  489.293899][T31624]  exc_page_fault+0x62/0xa0
[  489.293951][T31624]  asm_exc_page_fault+0x26/0x30
[  489.293971][T31624] RIP: 0010:rep_movs_alternative+0x4a/0x90
[  489.294002][T31624] Code: f1 01 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 e9 0f f1 01 00 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[  489.294036][T31624] RSP: 0018:ffffc90004133ad8 EFLAGS: 00050206
[  489.294051][T31624] RAX: ffff88811a25cb98 RBX: 0000000000000100 RCX: 0000000000000100
[  489.294063][T31624] RDX: 0000000000000000 RSI: ffffc90004133cc0 RDI: 00002000000081fe
[  489.294075][T31624] RBP: 000000006162f778 R08: 00000000000001d9 R09: 0000000000000000
[  489.294090][T31624] R10: 0001c90004133cc0 R11: 0001c90004133dbf R12: 00002000000082fe
[  489.294121][T31624] R13: 00007ffffffff000 R14: 00002000000081fe R15: ffffc90004133cc0
[  489.294212][T31624]  _copy_to_user+0x7c/0xa0
[  489.294283][T31624]  mptcp_getsockopt+0xf56/0x1620
[  489.294322][T31624]  ? mntput+0x4b/0x80
[  489.294374][T31624]  ? terminate_walk+0x27f/0x2a0
[  489.294400][T31624]  ? path_openat+0x1bf8/0x2170
[  489.294429][T31624]  ? _parse_integer_limit+0x170/0x190
[  489.294488][T31624]  ? _parse_integer+0x27/0x40
[  489.294579][T31624]  ? __rcu_read_unlock+0x4f/0x70
[  489.294605][T31624]  ? avc_has_perm_noaudit+0x1b1/0x200
[  489.294659][T31624]  sock_common_getsockopt+0x5d/0x70
[  489.294692][T31624]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  489.294719][T31624]  do_sock_getsockopt+0x1fd/0x240
[  489.294751][T31624]  __x64_sys_getsockopt+0x11e/0x1a0
[  489.294866][T31624]  x64_sys_call+0x12aa/0x2fb0
[  489.294894][T31624]  do_syscall_64+0xd2/0x200
[  489.294910][T31624]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  489.294987][T31624]  ? clear_bhb_loop+0x40/0x90
[  489.295011][T31624]  ? clear_bhb_loop+0x40/0x90
[  489.295092][T31624]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  489.295117][T31624] RIP: 0033:0x7fc1dddee929
[  489.295131][T31624] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  489.295148][T31624] RSP: 002b:00007fc1dc457038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  489.295242][T31624] RAX: ffffffffffffffda RBX: 00007fc1de015fa0 RCX: 00007fc1dddee929
[  489.295257][T31624] RDX: 0000000000000003 RSI: 000000000000011c RDI: 0000000000000003
[  489.295365][T31624] RBP: 00007fc1dc457090 R08: 0000200000000000 R09: 0000000000000000
[  489.295380][T31624] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001
[  489.295396][T31624] R13: 0000000000000000 R14: 00007fc1de015fa0 R15: 00007ffd7f79de88
[  489.295420][T31624]  </TASK>
[  489.645142][T27927] team0 (unregistering): Port device team_slave_1 removed
[  489.683995][T27927] team0 (unregistering): Port device team_slave_0 removed
[  489.717309][T31630] x_tables: unsorted entry at hook 1
[  489.788421][   T29] audit: type=1326 audit(2000000062.010:43572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31633 comm="syz.6.7378" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcb26d9e929 code=0x0
[  489.827020][T31636] can: request_module (can-proto-4) failed.
[  489.950621][T31453] bridge0: port 1(bridge_slave_0) entered blocking state
[  489.957922][T31453] bridge0: port 1(bridge_slave_0) entered disabled state
[  489.979436][T31678] hub 6-0:1.0: USB hub found
[  489.985863][T31678] hub 6-0:1.0: 8 ports detected
[  489.992395][T31453] bridge_slave_0: entered allmulticast mode
[  490.006123][T31453] bridge_slave_0: entered promiscuous mode
[  490.021620][T31453] bridge0: port 2(bridge_slave_1) entered blocking state
[  490.028833][T31453] bridge0: port 2(bridge_slave_1) entered disabled state
[  490.048350][T31453] bridge_slave_1: entered allmulticast mode
[  490.059839][T31453] bridge_slave_1: entered promiscuous mode
[  490.065900][   T29] audit: type=1326 audit(2000000062.290:43573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31684 comm="syz.5.7381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a5b82e929 code=0x7ffc0000
[  490.123355][   T29] audit: type=1326 audit(2000000062.320:43574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31684 comm="syz.5.7381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f0a5b82e929 code=0x7ffc0000
[  490.147079][   T29] audit: type=1326 audit(2000000062.320:43575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31684 comm="syz.5.7381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a5b82e929 code=0x7ffc0000
[  490.170968][   T29] audit: type=1326 audit(2000000062.320:43576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31684 comm="syz.5.7381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f0a5b82e929 code=0x7ffc0000
[  490.214037][T31453] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  490.233214][T31713] FAULT_INJECTION: forcing a failure.
[  490.233214][T31713] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  490.246623][T31713] CPU: 1 UID: 0 PID: 31713 Comm: syz.3.7382 Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(voluntary) 
[  490.246660][T31713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  490.246755][T31713] Call Trace:
[  490.246762][T31713]  <TASK>
[  490.246772][T31713]  __dump_stack+0x1d/0x30
[  490.246799][T31713]  dump_stack_lvl+0xe8/0x140
[  490.246824][T31713]  dump_stack+0x15/0x1b
[  490.246844][T31713]  should_fail_ex+0x265/0x280
[  490.246958][T31713]  should_fail+0xb/0x20
[  490.247017][T31713]  should_fail_usercopy+0x1a/0x20
[  490.247047][T31713]  _copy_from_iter+0xcf/0xe40
[  490.247109][T31713]  ? __build_skb_around+0x1a0/0x200
[  490.247169][T31713]  ? __alloc_skb+0x223/0x320
[  490.247199][T31713]  netlink_sendmsg+0x471/0x6b0
[  490.247225][T31713]  ? __pfx_netlink_sendmsg+0x10/0x10
[  490.247244][T31713]  __sock_sendmsg+0x145/0x180
[  490.247326][T31713]  ____sys_sendmsg+0x31e/0x4e0
[  490.247388][T31713]  ___sys_sendmsg+0x17b/0x1d0
[  490.247448][T31713]  __x64_sys_sendmsg+0xd4/0x160
[  490.247507][T31713]  x64_sys_call+0x2999/0x2fb0
[  490.247529][T31713]  do_syscall_64+0xd2/0x200
[  490.247545][T31713]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  490.247574][T31713]  ? clear_bhb_loop+0x40/0x90
[  490.247610][T31713]  ? clear_bhb_loop+0x40/0x90
[  490.247665][T31713]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  490.247686][T31713] RIP: 0033:0x7fc1dddee929
[  490.247711][T31713] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  490.247729][T31713] RSP: 002b:00007fc1dc457038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  490.247751][T31713] RAX: ffffffffffffffda RBX: 00007fc1de015fa0 RCX: 00007fc1dddee929
[  490.247764][T31713] RDX: 0000000000000000 RSI: 0000200000000940 RDI: 0000000000000005
[  490.247777][T31713] RBP: 00007fc1dc457090 R08: 0000000000000000 R09: 0000000000000000
[  490.247789][T31713] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  490.247805][T31713] R13: 0000000000000000 R14: 00007fc1de015fa0 R15: 00007ffd7f79de88
[  490.247872][T31713]  </TASK>
[  490.252133][T31453] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  490.336170][   T29] audit: type=1326 audit(2000000062.430:43577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31684 comm="syz.5.7381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a5b82e929 code=0x7ffc0000
[  490.492303][   T29] audit: type=1326 audit(2000000062.430:43578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31684 comm="syz.5.7381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a5b82e929 code=0x7ffc0000
[  490.515912][   T29] audit: type=1400 audit(2000000062.450:43579): avc:  denied  { ioctl } for  pid=31684 comm="+}[@" path="/dev/nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  490.610130][   T29] audit: type=1400 audit(2000000062.620:43580): avc:  denied  { watch } for  pid=31716 comm="syz.5.7384" path="/syzcgroup/unified/syz5" dev="cgroup2" ino=181 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[  490.636894][T31724] FAULT_INJECTION: forcing a failure.
[  490.636894][T31724] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  490.650117][T31724] CPU: 1 UID: 0 PID: 31724 Comm: syz.5.7386 Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(voluntary) 
[  490.650154][T31724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  490.650168][T31724] Call Trace:
[  490.650175][T31724]  <TASK>
[  490.650184][T31724]  __dump_stack+0x1d/0x30
[  490.650203][T31724]  dump_stack_lvl+0xe8/0x140
[  490.650291][T31724]  dump_stack+0x15/0x1b
[  490.650309][T31724]  should_fail_ex+0x265/0x280
[  490.650338][T31724]  should_fail+0xb/0x20
[  490.650473][T31724]  should_fail_usercopy+0x1a/0x20
[  490.650510][T31724]  _copy_from_user+0x1c/0xb0
[  490.650535][T31724]  kstrtouint_from_user+0x69/0xf0
[  490.650651][T31724]  ? 0xffffffff81000000
[  490.650665][T31724]  ? selinux_file_permission+0x1e4/0x320
[  490.650690][T31724]  proc_fail_nth_write+0x50/0x160
[  490.650749][T31724]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  490.650854][T31724]  vfs_write+0x269/0x8e0
[  490.650936][T31724]  ? vfs_read+0x47f/0x6f0
[  490.650965][T31724]  ? __rcu_read_unlock+0x4f/0x70
[  490.650987][T31724]  ? __fget_files+0x184/0x1c0
[  490.651009][T31724]  ksys_write+0xda/0x1a0
[  490.651044][T31724]  __x64_sys_write+0x40/0x50
[  490.651076][T31724]  x64_sys_call+0x2cdd/0x2fb0
[  490.651097][T31724]  do_syscall_64+0xd2/0x200
[  490.651164][T31724]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  490.651190][T31724]  ? clear_bhb_loop+0x40/0x90
[  490.651211][T31724]  ? clear_bhb_loop+0x40/0x90
[  490.651233][T31724]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  490.651255][T31724] RIP: 0033:0x7f0a5b82d3df
[  490.651316][T31724] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  490.651411][T31724] RSP: 002b:00007f0a59e8f030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  490.651430][T31724] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f0a5b82d3df
[  490.651443][T31724] RDX: 0000000000000001 RSI: 00007f0a59e8f0a0 RDI: 0000000000000008
[  490.651455][T31724] RBP: 00007f0a59e8f090 R08: 0000000000000000 R09: 0000000000000000
[  490.651467][T31724] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  490.651479][T31724] R13: 0000000000000000 R14: 00007f0a5ba55fa0 R15: 00007ffca87696e8
[  490.651500][T31724]  </TASK>
[  490.924559][T31742] x_tables: unsorted entry at hook 1
[  490.966154][T31453] team0: Port device team_slave_0 added
[  490.980608][T27927] IPVS: stop unused estimator thread 0...
[  490.982186][T31453] team0: Port device team_slave_1 added
[  491.079092][T31453] batman_adv: batadv0: Adding interface: batadv_slave_0
[  491.086137][T31453] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  491.097205][T31783] x_tables: unsorted entry at hook 1
[  491.112255][T31453] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  491.145132][T31453] batman_adv: batadv0: Adding interface: batadv_slave_1
[  491.152295][T31453] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  491.178591][T31453] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  491.294889][T31453] hsr_slave_0: entered promiscuous mode
[  491.301672][T31453] hsr_slave_1: entered promiscuous mode
[  491.313789][T31453] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  491.338666][T31453] Cannot create hsr debugfs directory
[  491.514195][T31882] FAULT_INJECTION: forcing a failure.
[  491.514195][T31882] name failslab, interval 1, probability 0, space 0, times 0
[  491.526978][T31882] CPU: 0 UID: 0 PID: 31882 Comm: syz.2.7395 Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(voluntary) 
[  491.527095][T31882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  491.527108][T31882] Call Trace:
[  491.527114][T31882]  <TASK>
[  491.527122][T31882]  __dump_stack+0x1d/0x30
[  491.527148][T31882]  dump_stack_lvl+0xe8/0x140
[  491.527168][T31882]  dump_stack+0x15/0x1b
[  491.527184][T31882]  should_fail_ex+0x265/0x280
[  491.527237][T31882]  should_failslab+0x8c/0xb0
[  491.527264][T31882]  kmem_cache_alloc_noprof+0x50/0x310
[  491.527290][T31882]  ? __inet_hash_connect+0x7a2/0x1350
[  491.527399][T31882]  ? inet_sk_get_local_port_range+0x89/0x100
[  491.527472][T31882]  __inet_hash_connect+0x7a2/0x1350
[  491.527507][T31882]  ? __pfx___inet_check_established+0x10/0x10
[  491.527589][T31882]  inet_hash_connect+0xd1/0xf0
[  491.527624][T31882]  tcp_v4_connect+0x776/0xac0
[  491.527653][T31882]  __inet_stream_connect+0x166/0x7e0
[  491.527701][T31882]  ? _raw_spin_unlock_bh+0x36/0x40
[  491.527726][T31882]  ? lock_sock_nested+0x112/0x140
[  491.527806][T31882]  inet_stream_connect+0x44/0x70
[  491.527840][T31882]  kernel_connect+0x9c/0xf0
[  491.527868][T31882]  smc_connect+0x4f3/0x670
[  491.527888][T31882]  ? __pfx_smc_connect+0x10/0x10
[  491.527932][T31882]  __sys_connect+0x1ef/0x2b0
[  491.527967][T31882]  __x64_sys_connect+0x3f/0x50
[  491.528058][T31882]  x64_sys_call+0x1daa/0x2fb0
[  491.528079][T31882]  do_syscall_64+0xd2/0x200
[  491.528097][T31882]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  491.528124][T31882]  ? clear_bhb_loop+0x40/0x90
[  491.528183][T31882]  ? clear_bhb_loop+0x40/0x90
[  491.528205][T31882]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  491.528226][T31882] RIP: 0033:0x7f67e413e929
[  491.528242][T31882] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  491.528321][T31882] RSP: 002b:00007f67e279f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  491.528373][T31882] RAX: ffffffffffffffda RBX: 00007f67e4365fa0 RCX: 00007f67e413e929
[  491.528386][T31882] RDX: 0000000000000010 RSI: 0000200000000280 RDI: 0000000000000006
[  491.528399][T31882] RBP: 00007f67e279f090 R08: 0000000000000000 R09: 0000000000000000
[  491.528412][T31882] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  491.528424][T31882] R13: 0000000000000000 R14: 00007f67e4365fa0 R15: 00007ffcdb65c3f8
[  491.528517][T31882]  </TASK>
[  491.820083][T31896] x_tables: unsorted entry at hook 1
[  491.866536][T31453] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  491.875885][T31908] FAULT_INJECTION: forcing a failure.
[  491.875885][T31908] name failslab, interval 1, probability 0, space 0, times 0
[  491.888676][T31908] CPU: 0 UID: 0 PID: 31908 Comm: syz.6.7399 Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(voluntary) 
[  491.888714][T31908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  491.888730][T31908] Call Trace:
[  491.888737][T31908]  <TASK>
[  491.888745][T31908]  __dump_stack+0x1d/0x30
[  491.888838][T31908]  dump_stack_lvl+0xe8/0x140
[  491.888858][T31908]  dump_stack+0x15/0x1b
[  491.888874][T31908]  should_fail_ex+0x265/0x280
[  491.888903][T31908]  should_failslab+0x8c/0xb0
[  491.888972][T31908]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  491.889006][T31908]  ? sidtab_sid2str_get+0xa0/0x130
[  491.889029][T31908]  kmemdup_noprof+0x2b/0x70
[  491.889050][T31908]  sidtab_sid2str_get+0xa0/0x130
[  491.889071][T31908]  security_sid_to_context_core+0x1eb/0x2e0
[  491.889167][T31908]  security_sid_to_context+0x27/0x40
[  491.889189][T31908]  selinux_lsmprop_to_secctx+0x67/0xf0
[  491.889293][T31908]  security_lsmprop_to_secctx+0x43/0x80
[  491.889322][T31908]  audit_log_task_context+0x77/0x190
[  491.889412][T31908]  audit_log_task+0xf4/0x250
[  491.889443][T31908]  audit_seccomp+0x61/0x100
[  491.889528][T31908]  ? __seccomp_filter+0x68c/0x10d0
[  491.889558][T31908]  __seccomp_filter+0x69d/0x10d0
[  491.889588][T31908]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  491.889750][T31908]  ? vfs_write+0x75e/0x8e0
[  491.889786][T31908]  ? __rcu_read_unlock+0x4f/0x70
[  491.889811][T31908]  ? __fget_files+0x184/0x1c0
[  491.889831][T31908]  __secure_computing+0x82/0x150
[  491.889896][T31908]  syscall_trace_enter+0xcf/0x1e0
[  491.889927][T31908]  do_syscall_64+0xac/0x200
[  491.889949][T31908]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  491.890027][T31908]  ? clear_bhb_loop+0x40/0x90
[  491.890053][T31908]  ? clear_bhb_loop+0x40/0x90
[  491.890081][T31908]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  491.890107][T31908] RIP: 0033:0x7fcb26d9e929
[  491.890182][T31908] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  491.890206][T31908] RSP: 002b:00007fcb253ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000014e
[  491.890227][T31908] RAX: ffffffffffffffda RBX: 00007fcb26fc5fa0 RCX: 00007fcb26d9e929
[  491.890301][T31908] RDX: 0000000000000000 RSI: 0000000000000020 RDI: 0000200000000180
[  491.890320][T31908] RBP: 00007fcb253ff090 R08: 0000000000000000 R09: 0000000000000000
[  491.890336][T31908] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  491.890351][T31908] R13: 0000000000000000 R14: 00007fcb26fc5fa0 R15: 00007fff65d39d08
[  491.890374][T31908]  </TASK>
[  491.893530][T31453] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  491.980224][T31919] hub 6-0:1.0: USB hub found
[  492.157744][T31919] hub 6-0:1.0: 8 ports detected
[  492.161905][T31453] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  492.193491][T31453] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  492.207906][T31935] FAULT_INJECTION: forcing a failure.
[  492.207906][T31935] name failslab, interval 1, probability 0, space 0, times 0
[  492.211798][T31931] FAULT_INJECTION: forcing a failure.
[  492.211798][T31931] name failslab, interval 1, probability 0, space 0, times 0
[  492.220675][T31935] CPU: 1 UID: 0 PID: 31935 Comm: syz.6.7403 Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(voluntary) 
[  492.220823][T31935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  492.220841][T31935] Call Trace:
[  492.220850][T31935]  <TASK>
[  492.220860][T31935]  __dump_stack+0x1d/0x30
[  492.220912][T31935]  dump_stack_lvl+0xe8/0x140
[  492.220936][T31935]  dump_stack+0x15/0x1b
[  492.220952][T31935]  should_fail_ex+0x265/0x280
[  492.220980][T31935]  should_failslab+0x8c/0xb0
[  492.221008][T31935]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  492.221059][T31935]  ? sidtab_sid2str_get+0xa0/0x130
[  492.221258][T31935]  kmemdup_noprof+0x2b/0x70
[  492.221308][T31935]  sidtab_sid2str_get+0xa0/0x130
[  492.221340][T31935]  security_sid_to_context_core+0x1eb/0x2e0
[  492.221374][T31935]  security_sid_to_context+0x27/0x40
[  492.221438][T31935]  selinux_lsmprop_to_secctx+0x67/0xf0
[  492.221471][T31935]  security_lsmprop_to_secctx+0x43/0x80
[  492.221512][T31935]  audit_log_task_context+0x77/0x190
[  492.221592][T31935]  audit_log_task+0xf4/0x250
[  492.221630][T31935]  audit_seccomp+0x61/0x100
[  492.221665][T31935]  ? __seccomp_filter+0x68c/0x10d0
[  492.221748][T31935]  __seccomp_filter+0x69d/0x10d0
[  492.221779][T31935]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  492.221826][T31935]  ? vfs_write+0x75e/0x8e0
[  492.221936][T31935]  __secure_computing+0x82/0x150
[  492.221965][T31935]  syscall_trace_enter+0xcf/0x1e0
[  492.222000][T31935]  do_syscall_64+0xac/0x200
[  492.222025][T31935]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  492.222059][T31935]  ? clear_bhb_loop+0x40/0x90
[  492.222153][T31935]  ? clear_bhb_loop+0x40/0x90
[  492.222185][T31935]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  492.222214][T31935] RIP: 0033:0x7fcb26d9e929
[  492.222265][T31935] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  492.222291][T31935] RSP: 002b:00007fcb253ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000014c
[  492.222335][T31935] RAX: ffffffffffffffda RBX: 00007fcb26fc5fa0 RCX: 00007fcb26d9e929
[  492.222410][T31935] RDX: 0000000000006000 RSI: 0000000000000000 RDI: ffffffffffffffff
[  492.222435][T31935] RBP: 00007fcb253ff090 R08: 0000000000000000 R09: 0000000000000000
[  492.222450][T31935] R10: 0000000000000400 R11: 0000000000000246 R12: 0000000000000001
[  492.222461][T31935] R13: 0000000000000000 R14: 00007fcb26fc5fa0 R15: 00007fff65d39d08
[  492.222480][T31935]  </TASK>
[  492.326829][T31453] 8021q: adding VLAN 0 to HW filter on device bond0
[  492.328212][T31931] CPU: 0 UID: 0 PID: 31931 Comm: syz.3.7402 Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(voluntary) 
[  492.328250][T31931] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  492.328339][T31931] Call Trace:
[  492.328345][T31931]  <TASK>
[  492.328357][T31931]  __dump_stack+0x1d/0x30
[  492.328389][T31931]  dump_stack_lvl+0xe8/0x140
[  492.328469][T31931]  dump_stack+0x15/0x1b
[  492.328493][T31931]  should_fail_ex+0x265/0x280
[  492.328536][T31931]  should_failslab+0x8c/0xb0
[  492.328661][T31931]  kmem_cache_alloc_node_noprof+0x57/0x320
[  492.328707][T31931]  ? __alloc_skb+0x101/0x320
[  492.328747][T31931]  __alloc_skb+0x101/0x320
[  492.328788][T31931]  netlink_alloc_large_skb+0xba/0xf0
[  492.328907][T31931]  netlink_sendmsg+0x3cf/0x6b0
[  492.329010][T31931]  ? __pfx_netlink_sendmsg+0x10/0x10
[  492.329045][T31931]  __sock_sendmsg+0x145/0x180
[  492.329086][T31931]  ____sys_sendmsg+0x31e/0x4e0
[  492.329140][T31931]  ___sys_sendmsg+0x17b/0x1d0
[  492.329254][T31931]  __x64_sys_sendmsg+0xd4/0x160
[  492.329338][T31931]  x64_sys_call+0x2999/0x2fb0
[  492.329399][T31931]  do_syscall_64+0xd2/0x200
[  492.329484][T31931]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  492.329521][T31931]  ? clear_bhb_loop+0x40/0x90
[  492.329550][T31931]  ? clear_bhb_loop+0x40/0x90
[  492.329617][T31931]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  492.329646][T31931] RIP: 0033:0x7fc1dddee929
[  492.329740][T31931] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  492.329768][T31931] RSP: 002b:00007fc1dc457038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  492.329796][T31931] RAX: ffffffffffffffda RBX: 00007fc1de015fa0 RCX: 00007fc1dddee929
[  492.329815][T31931] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000005
[  492.329833][T31931] RBP: 00007fc1dc457090 R08: 0000000000000000 R09: 0000000000000000
[  492.329849][T31931] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  492.329920][T31931] R13: 0000000000000000 R14: 00007fc1de015fa0 R15: 00007ffd7f79de88
[  492.329948][T31931]  </TASK>
[  492.696372][T31453] 8021q: adding VLAN 0 to HW filter on device team0
[  492.722613][T31453] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  492.733109][T31453] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  492.760459][   T51] bridge0: port 1(bridge_slave_0) entered blocking state
[  492.767694][   T51] bridge0: port 1(bridge_slave_0) entered forwarding state
[  492.778214][   T51] bridge0: port 2(bridge_slave_1) entered blocking state
[  492.785336][   T51] bridge0: port 2(bridge_slave_1) entered forwarding state
[  492.802887][T31959] x_tables: unsorted entry at hook 1
[  492.827537][T31963] netlink: 132 bytes leftover after parsing attributes in process `syz.6.7409'.
[  492.863513][T31960] x_tables: unsorted entry at hook 1
[  492.893331][T31453] 8021q: adding VLAN 0 to HW filter on device batadv0
[  493.184349][T31453] veth0_vlan: entered promiscuous mode
[  493.192857][T31453] veth1_vlan: entered promiscuous mode
[  493.218748][T31453] veth0_macvtap: entered promiscuous mode
[  493.229581][T31453] veth1_macvtap: entered promiscuous mode
[  493.252443][T31453] batman_adv: batadv0: Interface activated: batadv_slave_0
[  493.264694][T31453] batman_adv: batadv0: Interface activated: batadv_slave_1
[  493.276179][T31453] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  493.284978][T31453] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  493.293749][T31453] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  493.302530][T31453] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  493.313648][T32001] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  493.322408][T32001] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  493.513309][T32015] No such timeout policy "syz0"
[  493.612104][T32027] hub 6-0:1.0: USB hub found
[  493.621508][T32027] hub 6-0:1.0: 8 ports detected
[  493.764143][T32047] x_tables: unsorted entry at hook 1
[  493.881128][   T29] kauditd_printk_skb: 158 callbacks suppressed
[  493.881143][   T29] audit: type=1326 audit(2000000066.110:43737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32056 comm="syz.7.7424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f538598e929 code=0x7ffc0000
[  493.914603][   T29] audit: type=1326 audit(2000000066.140:43738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32056 comm="syz.7.7424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f538598e929 code=0x7ffc0000
[  493.925492][T32063] xt_hashlimit: max too large, truncated to 1048576
[  493.938349][   T29] audit: type=1326 audit(2000000066.140:43739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32056 comm="syz.7.7424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f538598e929 code=0x7ffc0000
[  493.968613][   T29] audit: type=1326 audit(2000000066.140:43740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32056 comm="syz.7.7424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f538598e929 code=0x7ffc0000
[  493.992435][   T29] audit: type=1326 audit(2000000066.140:43741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32056 comm="syz.7.7424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f538598e929 code=0x7ffc0000
[  494.016227][   T29] audit: type=1326 audit(2000000066.140:43742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32056 comm="syz.7.7424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=105 compat=0 ip=0x7f538598e929 code=0x7ffc0000
[  494.039982][   T29] audit: type=1326 audit(2000000066.140:43743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32056 comm="syz.7.7424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f538598e929 code=0x7ffc0000
[  494.052335][ T6513] hid-generic 0003:0004:0000.001B: unknown main item tag 0x0
[  494.063760][   T29] audit: type=1326 audit(2000000066.140:43744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32056 comm="syz.7.7424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f538598e929 code=0x7ffc0000
[  494.071062][ T6513] hid-generic 0003:0004:0000.001B: unknown main item tag 0x0
[  494.071093][ T6513] hid-generic 0003:0004:0000.001B: unknown main item tag 0x0
[  494.074370][ T6513] hid-generic 0003:0004:0000.001B: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  494.094647][   T29] audit: type=1326 audit(2000000066.140:43745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32056 comm="syz.7.7424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f538598e929 code=0x7ffc0000
[  494.094686][   T29] audit: type=1326 audit(2000000066.140:43746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32056 comm="syz.7.7424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f538598e929 code=0x7ffc0000
[  494.317417][T32082] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  494.327856][T32082] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  494.448262][T32098] x_tables: unsorted entry at hook 1
[  494.723844][T32104] x_tables: unsorted entry at hook 1
[  494.905710][   T10] hid-generic 0003:0004:0000.001C: unknown main item tag 0x0
[  494.913356][   T10] hid-generic 0003:0004:0000.001C: unknown main item tag 0x0
[  494.920917][   T10] hid-generic 0003:0004:0000.001C: unknown main item tag 0x0
[  494.936993][   T10] hid-generic 0003:0004:0000.001C: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  495.208170][T32125] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  495.217077][T32125] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  495.260181][T32132] hub 6-0:1.0: USB hub found
[  495.269695][T32132] hub 6-0:1.0: 8 ports detected
[  495.376961][T32144] x_tables: unsorted entry at hook 1
[  495.692468][T32171] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  495.708140][T32171] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  495.928314][   T10] hid-generic 0003:0004:0000.001D: unknown main item tag 0x0
[  495.935845][   T10] hid-generic 0003:0004:0000.001D: unknown main item tag 0x0
[  495.943401][   T10] hid-generic 0003:0004:0000.001D: unknown main item tag 0x0
[  495.951384][   T10] hid-generic 0003:0004:0000.001D: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  496.010866][T32197] x_tables: unsorted entry at hook 1
[  496.128343][T32200] x_tables: unsorted entry at hook 1
[  496.487209][T32226] hub 6-0:1.0: USB hub found
[  496.497022][T32226] hub 6-0:1.0: 8 ports detected
[  496.510988][T32223] loop7: detected capacity change from 0 to 8192
[  496.631754][T32236] x_tables: unsorted entry at hook 1
[  496.700946][T32238] loop7: detected capacity change from 0 to 256
[  496.847193][T32250] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  496.857849][T32250] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  497.030382][T32262] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  497.064503][T32262] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  497.304278][   T36] hid-generic 0003:0004:0000.001E: unknown main item tag 0x0
[  497.311899][   T36] hid-generic 0003:0004:0000.001E: unknown main item tag 0x0
[  497.319437][   T36] hid-generic 0003:0004:0000.001E: unknown main item tag 0x0
[  497.323514][T32284] x_tables: unsorted entry at hook 1
[  497.328151][   T36] hid-generic 0003:0004:0000.001E: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  497.572535][T32315] x_tables: unsorted entry at hook 1
[  497.650714][T32325] hub 6-0:1.0: USB hub found
[  497.655575][T32325] hub 6-0:1.0: 8 ports detected
[  497.960972][   T36] hid-generic 0003:0004:0000.001F: unknown main item tag 0x0
[  497.968668][   T36] hid-generic 0003:0004:0000.001F: unknown main item tag 0x0
[  497.976160][   T36] hid-generic 0003:0004:0000.001F: unknown main item tag 0x0
[  497.999085][   T36] hid-generic 0003:0004:0000.001F: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  498.037148][T32342] x_tables: unsorted entry at hook 1
[  498.057927][T32348] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  498.089795][T32348] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  498.553513][ T3401] hid-generic 0003:0004:0000.0020: unknown main item tag 0x0
[  498.561081][ T3401] hid-generic 0003:0004:0000.0020: unknown main item tag 0x0
[  498.568691][ T3401] hid-generic 0003:0004:0000.0020: unknown main item tag 0x0
[  498.590980][ T3401] hid-generic 0003:0004:0000.0020: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  498.624128][T32388] x_tables: unsorted entry at hook 1
[  498.897230][   T29] kauditd_printk_skb: 442 callbacks suppressed
[  498.897322][   T29] audit: type=1326 audit(2000000071.130:44189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32393 comm="syz.5.7510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a5b82e929 code=0x7ffc0000
[  498.927456][   T29] audit: type=1326 audit(2000000071.130:44190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32393 comm="syz.5.7510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a5b82e929 code=0x7ffc0000
[  499.070025][T32405] x_tables: unsorted entry at hook 1
[  499.189158][T32419] hub 6-0:1.0: USB hub found
[  499.195191][T32419] hub 6-0:1.0: 8 ports detected
[  499.219192][   T29] audit: type=1326 audit(2000000071.450:44191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32422 comm="syz.6.7517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb26d9e929 code=0x7ffc0000
[  499.242885][   T29] audit: type=1326 audit(2000000071.450:44192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32422 comm="syz.6.7517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb26d9e929 code=0x7ffc0000
[  499.266557][   T29] audit: type=1326 audit(2000000071.450:44193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32422 comm="syz.6.7517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fcb26d9e929 code=0x7ffc0000
[  499.290179][   T29] audit: type=1326 audit(2000000071.460:44194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32422 comm="syz.6.7517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb26d9e929 code=0x7ffc0000
[  499.313919][   T29] audit: type=1326 audit(2000000071.460:44195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32422 comm="syz.6.7517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb26d9e929 code=0x7ffc0000
[  499.337724][   T29] audit: type=1326 audit(2000000071.460:44196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32422 comm="syz.6.7517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcb26d9e929 code=0x7ffc0000
[  499.361408][   T29] audit: type=1326 audit(2000000071.460:44197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32422 comm="syz.6.7517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb26d9e929 code=0x7ffc0000
[  499.385181][   T29] audit: type=1326 audit(2000000071.460:44198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32422 comm="syz.6.7517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fcb26d9e929 code=0x7ffc0000
[  499.439796][T32430] x_tables: unsorted entry at hook 1
[  499.468217][T32432] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  499.478190][T32432] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  499.483178][   T36] hid-generic 0003:0004:0000.0021: unknown main item tag 0x0
[  499.493496][   T36] hid-generic 0003:0004:0000.0021: unknown main item tag 0x0
[  499.501002][   T36] hid-generic 0003:0004:0000.0021: unknown main item tag 0x0
[  499.508952][   T36] hid-generic 0003:0004:0000.0021: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  500.204975][ T3401] hid-generic 0003:0004:0000.0022: unknown main item tag 0x0
[  500.212627][ T3401] hid-generic 0003:0004:0000.0022: unknown main item tag 0x0
[  500.220185][ T3401] hid-generic 0003:0004:0000.0022: unknown main item tag 0x0
[  500.258199][ T3401] hid-generic 0003:0004:0000.0022: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  500.391723][T32494] xt_check_table_hooks: 1 callbacks suppressed
[  500.391741][T32494] x_tables: unsorted entry at hook 1
[  500.588886][T32508] x_tables: unsorted entry at hook 1
[  500.710375][T32523] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  500.719187][T32523] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  500.809277][T32534] hub 6-0:1.0: USB hub found
[  500.814082][T32534] hub 6-0:1.0: 8 ports detected
[  500.857910][ T6513] hid-generic 0003:0004:0000.0023: unknown main item tag 0x0
[  500.865427][ T6513] hid-generic 0003:0004:0000.0023: unknown main item tag 0x0
[  500.872986][ T6513] hid-generic 0003:0004:0000.0023: unknown main item tag 0x0
[  500.881897][ T6513] hid-generic 0003:0004:0000.0023: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  500.911638][T32549] x_tables: unsorted entry at hook 1
[  501.635883][T32582] x_tables: unsorted entry at hook 1
[  501.777154][ T1079] hid-generic 0003:0004:0000.0024: unknown main item tag 0x0
[  501.784655][ T1079] hid-generic 0003:0004:0000.0024: unknown main item tag 0x0
[  501.792116][ T1079] hid-generic 0003:0004:0000.0024: unknown main item tag 0x0
[  501.802320][ T1079] hid-generic 0003:0004:0000.0024: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  501.874688][T32593] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  501.888628][T32593] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  501.938731][T32594] x_tables: unsorted entry at hook 1
[  502.091393][T32616] hub 6-0:1.0: USB hub found
[  502.096421][T32616] hub 6-0:1.0: 8 ports detected
[  502.664574][T32636] x_tables: unsorted entry at hook 1
[  502.740107][ T1079] hid-generic 0003:0004:0000.0025: unknown main item tag 0x0
[  502.747631][ T1079] hid-generic 0003:0004:0000.0025: unknown main item tag 0x0
[  502.755162][ T1079] hid-generic 0003:0004:0000.0025: unknown main item tag 0x0
[  502.770327][ T1079] hid-generic 0003:0004:0000.0025: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  502.803731][T32658] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  502.812866][T32658] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  503.065678][T32671] x_tables: unsorted entry at hook 1
[  503.304614][T32677] x_tables: unsorted entry at hook 1
[  503.523591][T32693] loop7: detected capacity change from 0 to 8192
[  503.535887][   T36] hid-generic 0003:0004:0000.0026: unknown main item tag 0x0
[  503.543534][   T36] hid-generic 0003:0004:0000.0026: unknown main item tag 0x0
[  503.551126][   T36] hid-generic 0003:0004:0000.0026: unknown main item tag 0x0
[  503.596592][   T36] hid-generic 0003:0004:0000.0026: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  503.747113][T32717] loop7: detected capacity change from 0 to 256
[  503.769548][T32715] hub 6-0:1.0: USB hub found
[  503.774313][T32715] hub 6-0:1.0: 8 ports detected
[  503.852622][T32726] x_tables: unsorted entry at hook 1
[  503.973123][T32730] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  503.983351][T32730] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  504.371726][   T29] kauditd_printk_skb: 64 callbacks suppressed
[  504.371749][   T29] audit: type=1326 audit(2000000076.630:44263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32746 comm="syz.3.7614" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc1dddee929 code=0x0
[  504.579418][T32763] x_tables: unsorted entry at hook 1
[  504.675785][ T3401] hid-generic 0003:0004:0000.0027: unknown main item tag 0x0
[  504.683342][ T3401] hid-generic 0003:0004:0000.0027: unknown main item tag 0x0
[  504.690787][ T3401] hid-generic 0003:0004:0000.0027: unknown main item tag 0x0
[  504.705464][ T3401] hid-generic 0003:0004:0000.0027: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  504.777044][  T320] loop7: detected capacity change from 0 to 128
[  504.930846][  T337] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  504.939941][  T320] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  504.952663][  T337] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  504.963944][  T320] ext4 filesystem being mounted at /38/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  505.008598][  T338] hub 6-0:1.0: USB hub found
[  505.013593][  T338] hub 6-0:1.0: 8 ports detected
[  505.074343][   T29] audit: type=1326 audit(2000000077.392:44264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=319 comm="syz.7.7625" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f538598e929 code=0x0
[  505.468120][  T349] xt_check_table_hooks: 1 callbacks suppressed
[  505.468140][  T349] x_tables: unsorted entry at hook 1
[  505.605509][ T6513] hid-generic 0003:0004:0000.0028: unknown main item tag 0x0
[  505.613056][ T6513] hid-generic 0003:0004:0000.0028: unknown main item tag 0x0
[  505.620482][ T6513] hid-generic 0003:0004:0000.0028: unknown main item tag 0x0
[  505.629571][ T6513] hid-generic 0003:0004:0000.0028: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  505.630490][T31453] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  505.696460][  T371] openvswitch: netlink: Flow key attr not present in new flow.
[  505.866383][  T389] netlink: 'syz.3.7642': attribute type 10 has an invalid length.
[  505.894850][  T394] x_tables: unsorted entry at hook 1
[  505.942205][  T396] x_tables: unsorted entry at hook 1
[  505.985139][   T23] hid-generic 0003:0004:0000.0029: unknown main item tag 0x0
[  505.992627][   T23] hid-generic 0003:0004:0000.0029: unknown main item tag 0x0
[  506.000102][   T23] hid-generic 0003:0004:0000.0029: unknown main item tag 0x0
[  506.010806][   T23] hid-generic 0003:0004:0000.0029: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  506.018138][   T29] audit: type=1326 audit(2000000078.400:44265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=391 comm="syz.2.7644" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f67e413e929 code=0x0
[  506.071448][  T404] hub 6-0:1.0: USB hub found
[  506.076722][  T404] hub 6-0:1.0: 8 ports detected
[  506.371011][   T29] audit: type=1400 audit(2000000078.647:44266): avc:  denied  { search } for  pid=443 comm="dhcpcd-run-hook" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  506.393280][   T29] audit: type=1400 audit(2000000078.647:44267): avc:  denied  { search } for  pid=443 comm="dhcpcd-run-hook" name="dhcpcd" dev="tmpfs" ino=477 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  506.416087][   T29] audit: type=1400 audit(2000000078.647:44268): avc:  denied  { search } for  pid=443 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=481 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  506.439257][   T29] audit: type=1400 audit(2000000078.647:44269): avc:  denied  { search } for  pid=443 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=482 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  506.463007][   T29] audit: type=1400 audit(2000000078.647:44270): avc:  denied  { read open } for  pid=446 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=482 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  506.488752][   T29] audit: type=1400 audit(2000000078.647:44271): avc:  denied  { getattr } for  pid=446 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=482 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  506.514109][   T29] audit: type=1400 audit(2000000078.658:44272): avc:  denied  { getattr } for  pid=446 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf/eth0.dhcp" dev="tmpfs" ino=508 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  506.597145][  T473] x_tables: unsorted entry at hook 1
[  506.879915][ T3401] hid-generic 0003:0004:0000.002A: unknown main item tag 0x0
[  506.887460][ T3401] hid-generic 0003:0004:0000.002A: unknown main item tag 0x0
[  506.895159][ T3401] hid-generic 0003:0004:0000.002A: unknown main item tag 0x0
[  506.977826][ T3401] hid-generic 0003:0004:0000.002A: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  507.027710][  T536] x_tables: unsorted entry at hook 1
[  507.117853][  T540] x_tables: unsorted entry at hook 1
[  507.428689][  T577] hub 6-0:1.0: USB hub found
[  507.438004][  T577] hub 6-0:1.0: 8 ports detected
[  507.541202][  T599] FAULT_INJECTION: forcing a failure.
[  507.541202][  T599] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  507.554578][  T599] CPU: 1 UID: 0 PID: 599 Comm: syz.5.7675 Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(voluntary) 
[  507.554622][  T599] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  507.554635][  T599] Call Trace:
[  507.554641][  T599]  <TASK>
[  507.554727][  T599]  __dump_stack+0x1d/0x30
[  507.554753][  T599]  dump_stack_lvl+0xe8/0x140
[  507.554778][  T599]  dump_stack+0x15/0x1b
[  507.554799][  T599]  should_fail_ex+0x265/0x280
[  507.554898][  T599]  should_fail+0xb/0x20
[  507.554931][  T599]  should_fail_usercopy+0x1a/0x20
[  507.555029][  T599]  _copy_from_user+0x1c/0xb0
[  507.555053][  T599]  ___sys_sendmsg+0xc1/0x1d0
[  507.555152][  T599]  __x64_sys_sendmsg+0xd4/0x160
[  507.555199][  T599]  x64_sys_call+0x2999/0x2fb0
[  507.555225][  T599]  do_syscall_64+0xd2/0x200
[  507.555246][  T599]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  507.555284][  T599]  ? clear_bhb_loop+0x40/0x90
[  507.555309][  T599]  ? clear_bhb_loop+0x40/0x90
[  507.555336][  T599]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  507.555361][  T599] RIP: 0033:0x7f0a5b82e929
[  507.555416][  T599] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  507.555439][  T599] RSP: 002b:00007f0a59e4d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  507.555471][  T599] RAX: ffffffffffffffda RBX: 00007f0a5ba56160 RCX: 00007f0a5b82e929
[  507.555487][  T599] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000010
[  507.555554][  T599] RBP: 00007f0a59e4d090 R08: 0000000000000000 R09: 0000000000000000
[  507.555570][  T599] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  507.555585][  T599] R13: 0000000000000000 R14: 00007f0a5ba56160 R15: 00007ffca87696e8
[  507.555626][  T599]  </TASK>
[  507.739710][  T599] netlink: 24 bytes leftover after parsing attributes in process `syz.5.7675'.
[  507.758080][  T599] netlink: 12 bytes leftover after parsing attributes in process `syz.5.7675'.
[  507.787688][  T619] smc: net device bond0 applied user defined pnetid SYZ0
[  507.802119][  T619] netlink: 24 bytes leftover after parsing attributes in process `syz.3.7677'.
[  507.839988][  T619] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7677'.
[  507.936007][   T23] hid-generic 0003:0004:0000.002B: unknown main item tag 0x0
[  507.943572][   T23] hid-generic 0003:0004:0000.002B: unknown main item tag 0x0
[  507.951057][   T23] hid-generic 0003:0004:0000.002B: unknown main item tag 0x0
[  507.970664][   T23] hid-generic 0003:0004:0000.002B: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  508.020691][  T656] x_tables: unsorted entry at hook 1
[  508.142203][  T674] netlink: 40 bytes leftover after parsing attributes in process `syz.6.7684'.
[  508.168209][  T674] netlink: 12 bytes leftover after parsing attributes in process `syz.6.7684'.
[  508.266258][  T679] x_tables: unsorted entry at hook 1
[  508.984054][  T688] FAULT_INJECTION: forcing a failure.
[  508.984054][  T688] name failslab, interval 1, probability 0, space 0, times 0
[  508.996988][  T688] CPU: 1 UID: 0 PID: 688 Comm: syz.6.7693 Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(voluntary) 
[  508.997055][  T688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  508.997071][  T688] Call Trace:
[  508.997078][  T688]  <TASK>
[  508.997088][  T688]  __dump_stack+0x1d/0x30
[  508.997110][  T688]  dump_stack_lvl+0xe8/0x140
[  508.997134][  T688]  dump_stack+0x15/0x1b
[  508.997155][  T688]  should_fail_ex+0x265/0x280
[  508.997197][  T688]  should_failslab+0x8c/0xb0
[  508.997226][  T688]  kmem_cache_alloc_noprof+0x50/0x310
[  508.997253][  T688]  ? dst_alloc+0xbd/0x100
[  508.997287][  T688]  dst_alloc+0xbd/0x100
[  508.997406][  T688]  ip_route_output_key_hash_rcu+0xf16/0x1440
[  508.997469][  T688]  ip_route_output_flow+0x7b/0x130
[  508.997502][  T688]  udp_sendmsg+0x1197/0x13b0
[  508.997532][  T688]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  508.997563][  T688]  ? avc_has_perm+0xd3/0x150
[  508.997593][  T688]  ? __pfx_udp_sendmsg+0x10/0x10
[  508.997615][  T688]  inet_sendmsg+0xac/0xd0
[  508.997695][  T688]  __sock_sendmsg+0x102/0x180
[  508.997804][  T688]  ____sys_sendmsg+0x345/0x4e0
[  508.997912][  T688]  ___sys_sendmsg+0x17b/0x1d0
[  508.998034][  T688]  __sys_sendmmsg+0x178/0x300
[  508.998149][  T688]  __x64_sys_sendmmsg+0x57/0x70
[  508.998182][  T688]  x64_sys_call+0x2f2f/0x2fb0
[  508.998209][  T688]  do_syscall_64+0xd2/0x200
[  508.998270][  T688]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  508.998295][  T688]  ? clear_bhb_loop+0x40/0x90
[  508.998315][  T688]  ? clear_bhb_loop+0x40/0x90
[  508.998337][  T688]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  508.998362][  T688] RIP: 0033:0x7fcb26d9e929
[  508.998459][  T688] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  508.998482][  T688] RSP: 002b:00007fcb253ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  508.998506][  T688] RAX: ffffffffffffffda RBX: 00007fcb26fc5fa0 RCX: 00007fcb26d9e929
[  508.998522][  T688] RDX: 0000000000000001 RSI: 0000200000004540 RDI: 0000000000000003
[  508.998537][  T688] RBP: 00007fcb253ff090 R08: 0000000000000000 R09: 0000000000000000
[  508.998553][  T688] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  508.998618][  T688] R13: 0000000000000000 R14: 00007fcb26fc5fa0 R15: 00007fff65d39d08
[  508.998639][  T688]  </TASK>
[  509.284677][  T690] x_tables: unsorted entry at hook 1
[  509.429360][   T29] kauditd_printk_skb: 9 callbacks suppressed
[  509.429380][   T29] audit: type=1326 audit(2000000082.070:44282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=706 comm="syz.3.7700" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1dddee929 code=0x7ffc0000
[  509.442288][  T711] FAULT_INJECTION: forcing a failure.
[  509.442288][  T711] name failslab, interval 1, probability 0, space 0, times 0
[  509.459204][   T29] audit: type=1326 audit(2000000082.070:44283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=706 comm="syz.3.7700" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1dddee929 code=0x7ffc0000
[  509.471917][  T711] CPU: 0 UID: 0 PID: 711 Comm: syz.6.7702 Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(voluntary) 
[  509.471957][  T711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  509.471975][  T711] Call Trace:
[  509.471993][  T711]  <TASK>
[  509.472005][  T711]  __dump_stack+0x1d/0x30
[  509.472036][  T711]  dump_stack_lvl+0xe8/0x140
[  509.472080][  T711]  dump_stack+0x15/0x1b
[  509.472111][  T711]  should_fail_ex+0x265/0x280
[  509.472154][  T711]  should_failslab+0x8c/0xb0
[  509.472185][  T711]  kmem_cache_alloc_noprof+0x50/0x310
[  509.472279][  T711]  ? audit_log_start+0x365/0x6c0
[  509.472323][  T711]  audit_log_start+0x365/0x6c0
[  509.472370][  T711]  audit_seccomp+0x48/0x100
[  509.472406][  T711]  ? __seccomp_filter+0x68c/0x10d0
[  509.472487][  T711]  __seccomp_filter+0x69d/0x10d0
[  509.472519][  T711]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  509.472604][  T711]  ? vfs_write+0x75e/0x8e0
[  509.472646][  T711]  ? __rcu_read_unlock+0x4f/0x70
[  509.472676][  T711]  ? __fget_files+0x184/0x1c0
[  509.472706][  T711]  __secure_computing+0x82/0x150
[  509.472740][  T711]  syscall_trace_enter+0xcf/0x1e0
[  509.472793][  T711]  do_syscall_64+0xac/0x200
[  509.472897][  T711]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  509.473005][  T711]  ? clear_bhb_loop+0x40/0x90
[  509.473078][  T711]  ? clear_bhb_loop+0x40/0x90
[  509.473157][  T711]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  509.473186][  T711] RIP: 0033:0x7fcb26d9e929
[  509.473209][  T711] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  509.473308][  T711] RSP: 002b:00007fcb253ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000146
[  509.473335][  T711] RAX: ffffffffffffffda RBX: 00007fcb26fc5fa0 RCX: 00007fcb26d9e929
[  509.473352][  T711] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: ffffffffffffffff
[  509.473370][  T711] RBP: 00007fcb253ff090 R08: 0000000000008001 R09: 0000000000000000
[  509.473390][  T711] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  509.473407][  T711] R13: 0000000000000000 R14: 00007fcb26fc5fa0 R15: 00007fff65d39d08
[  509.473446][  T711]  </TASK>
[  509.473494][  T711] audit: audit_lost=6 audit_rate_limit=0 audit_backlog_limit=64
[  509.495647][   T29] audit: type=1326 audit(2000000082.080:44284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=708 comm="syz.6.7702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb26d9e929 code=0x7ffc0000
[  509.507717][  T711] audit: out of memory in audit_log_start
[  509.530095][ T1079] hid-generic 0003:0004:0000.002C: unknown main item tag 0x0
[  509.533232][   T29] audit: type=1326 audit(2000000082.080:44285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=708 comm="syz.6.7702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fcb26d9d290 code=0x7ffc0000
[  509.537462][ T1079] hid-generic 0003:0004:0000.002C: unknown main item tag 0x0
[  509.542161][   T29] audit: type=1326 audit(2000000082.080:44286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=708 comm="syz.6.7702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fcb26d9d3df code=0x7ffc0000
[  509.546784][ T1079] hid-generic 0003:0004:0000.002C: unknown main item tag 0x0
[  509.551576][  T712] hub 6-0:1.0: USB hub found
[  509.552460][   T29] audit: type=1326 audit(2000000082.156:44287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=706 comm="syz.3.7700" exe="/root/syz-executor" sig=0 arch=c000003e syscall=326 compat=0 ip=0x7fc1dddee929 code=0x7ffc0000
[  509.558335][  T712] hub 6-0:1.0: 8 ports detected
[  509.562018][   T29] audit: type=1326 audit(2000000082.156:44288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=706 comm="syz.3.7700" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1dddee929 code=0x7ffc0000
[  509.582184][ T1079] hid-generic 0003:0004:0000.002C: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  509.582425][   T29] audit: type=1326 audit(2000000082.156:44289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=706 comm="syz.3.7700" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1dddee929 code=0x7ffc0000
[  509.850089][  T729] netlink: 36 bytes leftover after parsing attributes in process `syz.6.7704'.
[  509.878961][  T728] x_tables: unsorted entry at hook 1
[  509.890086][  T729] ip6erspan0: entered allmulticast mode
[  509.986604][  T738] lo speed is unknown, defaulting to 1000
[  509.992687][  T738] lo speed is unknown, defaulting to 1000
[  509.998726][  T738] lo speed is unknown, defaulting to 1000
[  510.006489][  T738] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  510.019467][  T738] lo speed is unknown, defaulting to 1000
[  510.025949][  T738] lo speed is unknown, defaulting to 1000
[  510.033721][  T738] lo speed is unknown, defaulting to 1000
[  510.040173][  T738] lo speed is unknown, defaulting to 1000
[  510.046420][  T738] lo speed is unknown, defaulting to 1000
[  510.198465][  T764] netlink: 44 bytes leftover after parsing attributes in process `syz.7.7714'.
[  510.237129][  T769] netlink: 'syz.5.7715': attribute type 10 has an invalid length.
[  510.323932][ T3401] hid-generic 0003:0004:0000.002D: unknown main item tag 0x0
[  510.331423][ T3401] hid-generic 0003:0004:0000.002D: unknown main item tag 0x0
[  510.331503][  T780] xt_check_table_hooks: 1 callbacks suppressed
[  510.331521][  T780] x_tables: unsorted entry at hook 1
[  510.338848][ T3401] hid-generic 0003:0004:0000.002D: unknown main item tag 0x0
[  510.343991][  T774] SELinux:  Context system_u:object_r:usr_t:s0 is not valid (left unmapped).
[  510.367221][ T3401] hid-generic 0003:0004:0000.002D: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  510.447033][  T796] FAULT_INJECTION: forcing a failure.
[  510.447033][  T796] name failslab, interval 1, probability 0, space 0, times 0
[  510.459736][  T796] CPU: 1 UID: 0 PID: 796 Comm: syz.5.7721 Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(voluntary) 
[  510.459768][  T796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  510.459784][  T796] Call Trace:
[  510.459799][  T796]  <TASK>
[  510.459809][  T796]  __dump_stack+0x1d/0x30
[  510.459836][  T796]  dump_stack_lvl+0xe8/0x140
[  510.459891][  T796]  dump_stack+0x15/0x1b
[  510.459912][  T796]  should_fail_ex+0x265/0x280
[  510.459987][  T796]  ? audit_log_d_path+0x8d/0x150
[  510.460029][  T796]  should_failslab+0x8c/0xb0
[  510.460057][  T796]  __kmalloc_cache_noprof+0x4c/0x320
[  510.460095][  T796]  audit_log_d_path+0x8d/0x150
[  510.460249][  T796]  audit_log_d_path_exe+0x42/0x70
[  510.460292][  T796]  audit_log_task+0x1e9/0x250
[  510.460403][  T796]  audit_seccomp+0x61/0x100
[  510.460434][  T796]  ? __seccomp_filter+0x68c/0x10d0
[  510.460455][  T796]  __seccomp_filter+0x69d/0x10d0
[  510.460556][  T796]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  510.460600][  T796]  ? vfs_write+0x75e/0x8e0
[  510.460649][  T796]  __secure_computing+0x82/0x150
[  510.460679][  T796]  syscall_trace_enter+0xcf/0x1e0
[  510.460795][  T796]  do_syscall_64+0xac/0x200
[  510.460812][  T796]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  510.460844][  T796]  ? clear_bhb_loop+0x40/0x90
[  510.460933][  T796]  ? clear_bhb_loop+0x40/0x90
[  510.460960][  T796]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  510.461030][  T796] RIP: 0033:0x7f0a5b82e929
[  510.461050][  T796] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  510.461121][  T796] RSP: 002b:00007f0a59e8f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000076
[  510.461139][  T796] RAX: ffffffffffffffda RBX: 00007f0a5ba55fa0 RCX: 00007f0a5b82e929
[  510.461151][  T796] RDX: 00002000000004c0 RSI: 0000200000000400 RDI: 00002000000003c0
[  510.461163][  T796] RBP: 00007f0a59e8f090 R08: 0000000000000000 R09: 0000000000000000
[  510.461174][  T796] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  510.461185][  T796] R13: 0000000000000000 R14: 00007f0a5ba55fa0 R15: 00007ffca87696e8
[  510.461216][  T796]  </TASK>
[  510.699014][  T799] FAULT_INJECTION: forcing a failure.
[  510.699014][  T799] name failslab, interval 1, probability 0, space 0, times 0
[  510.711857][  T799] CPU: 1 UID: 0 PID: 799 Comm: syz.6.7722 Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(voluntary) 
[  510.711894][  T799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  510.711910][  T799] Call Trace:
[  510.711917][  T799]  <TASK>
[  510.711927][  T799]  __dump_stack+0x1d/0x30
[  510.711954][  T799]  dump_stack_lvl+0xe8/0x140
[  510.712020][  T799]  dump_stack+0x15/0x1b
[  510.712041][  T799]  should_fail_ex+0x265/0x280
[  510.712150][  T799]  should_failslab+0x8c/0xb0
[  510.712177][  T799]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  510.712249][  T799]  ? sidtab_sid2str_get+0xa0/0x130
[  510.712280][  T799]  kmemdup_noprof+0x2b/0x70
[  510.712309][  T799]  sidtab_sid2str_get+0xa0/0x130
[  510.712338][  T799]  security_sid_to_context_core+0x1eb/0x2e0
[  510.712367][  T799]  security_sid_to_context+0x27/0x40
[  510.712445][  T799]  selinux_lsmprop_to_secctx+0x67/0xf0
[  510.712475][  T799]  security_lsmprop_to_secctx+0x43/0x80
[  510.712543][  T799]  audit_log_task_context+0x77/0x190
[  510.712587][  T799]  audit_log_task+0xf4/0x250
[  510.712638][  T799]  audit_seccomp+0x61/0x100
[  510.712670][  T799]  ? __seccomp_filter+0x68c/0x10d0
[  510.712697][  T799]  __seccomp_filter+0x69d/0x10d0
[  510.712726][  T799]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  510.712794][  T799]  ? vfs_write+0x75e/0x8e0
[  510.712840][  T799]  __secure_computing+0x82/0x150
[  510.712866][  T799]  syscall_trace_enter+0xcf/0x1e0
[  510.712896][  T799]  do_syscall_64+0xac/0x200
[  510.713029][  T799]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  510.713056][  T799]  ? clear_bhb_loop+0x40/0x90
[  510.713079][  T799]  ? clear_bhb_loop+0x40/0x90
[  510.713101][  T799]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  510.713122][  T799] RIP: 0033:0x7fcb26d9e929
[  510.713174][  T799] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  510.713193][  T799] RSP: 002b:00007fcb253ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  510.713212][  T799] RAX: ffffffffffffffda RBX: 00007fcb26fc5fa0 RCX: 00007fcb26d9e929
[  510.713230][  T799] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000008
[  510.713243][  T799] RBP: 00007fcb253ff090 R08: 0000000000000000 R09: 0000000000000000
[  510.713255][  T799] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  510.713268][  T799] R13: 0000000000000000 R14: 00007fcb26fc5fa0 R15: 00007fff65d39d08
[  510.713338][  T799]  </TASK>
[  511.018712][  T808] SELinux: failed to load policy
[  511.066864][  T807] hub 6-0:1.0: USB hub found
[  511.071691][  T807] hub 6-0:1.0: 8 ports detected
[  511.123128][  T824] FAULT_INJECTION: forcing a failure.
[  511.123128][  T824] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  511.136434][  T824] CPU: 1 UID: 0 PID: 824 Comm: syz.2.7728 Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(voluntary) 
[  511.136471][  T824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  511.136488][  T824] Call Trace:
[  511.136526][  T824]  <TASK>
[  511.136535][  T824]  __dump_stack+0x1d/0x30
[  511.136561][  T824]  dump_stack_lvl+0xe8/0x140
[  511.136587][  T824]  dump_stack+0x15/0x1b
[  511.136609][  T824]  should_fail_ex+0x265/0x280
[  511.136651][  T824]  should_fail+0xb/0x20
[  511.136683][  T824]  should_fail_usercopy+0x1a/0x20
[  511.136763][  T824]  _copy_to_user+0x20/0xa0
[  511.136787][  T824]  simple_read_from_buffer+0xb5/0x130
[  511.136907][  T824]  proc_fail_nth_read+0x100/0x140
[  511.136956][  T824]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  511.137054][  T824]  vfs_read+0x19d/0x6f0
[  511.137095][  T824]  ? __cond_resched+0x4e/0x90
[  511.137130][  T824]  ksys_read+0xda/0x1a0
[  511.137204][  T824]  __x64_sys_read+0x40/0x50
[  511.137261][  T824]  x64_sys_call+0x2d77/0x2fb0
[  511.137288][  T824]  do_syscall_64+0xd2/0x200
[  511.137381][  T824]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  511.137444][  T824]  ? clear_bhb_loop+0x40/0x90
[  511.137478][  T824]  ? clear_bhb_loop+0x40/0x90
[  511.137520][  T824]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  511.137629][  T824] RIP: 0033:0x7f67e413d33c
[  511.137649][  T824] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  511.137672][  T824] RSP: 002b:00007f67e279f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  511.137696][  T824] RAX: ffffffffffffffda RBX: 00007f67e4365fa0 RCX: 00007f67e413d33c
[  511.137712][  T824] RDX: 000000000000000f RSI: 00007f67e279f0a0 RDI: 0000000000000007
[  511.137763][  T824] RBP: 00007f67e279f090 R08: 0000000000000000 R09: 0000000000000000
[  511.137779][  T824] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  511.137795][  T824] R13: 0000000000000000 R14: 00007f67e4365fa0 R15: 00007ffcdb65c3f8
[  511.137821][  T824]  </TASK>
[  511.379266][  T833] x_tables: unsorted entry at hook 1
[  511.452589][ T1079] hid-generic 0003:0004:0000.002E: unknown main item tag 0x0
[  511.460120][ T1079] hid-generic 0003:0004:0000.002E: unknown main item tag 0x0
[  511.467585][ T1079] hid-generic 0003:0004:0000.002E: unknown main item tag 0x0
[  511.483201][ T1079] hid-generic 0003:0004:0000.002E: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  511.547048][  T849] x_tables: unsorted entry at hook 1
[  511.554661][  T863] FAULT_INJECTION: forcing a failure.
[  511.554661][  T863] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  511.567950][  T863] CPU: 1 UID: 0 PID: 863 Comm: syz.5.7738 Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(voluntary) 
[  511.567987][  T863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  511.568000][  T863] Call Trace:
[  511.568007][  T863]  <TASK>
[  511.568090][  T863]  __dump_stack+0x1d/0x30
[  511.568147][  T863]  dump_stack_lvl+0xe8/0x140
[  511.568173][  T863]  dump_stack+0x15/0x1b
[  511.568228][  T863]  should_fail_ex+0x265/0x280
[  511.568257][  T863]  should_fail+0xb/0x20
[  511.568314][  T863]  should_fail_usercopy+0x1a/0x20
[  511.568400][  T863]  _copy_from_user+0x1c/0xb0
[  511.568495][  T863]  get_user_ifreq+0x53/0x110
[  511.568521][  T863]  sock_ioctl+0x54e/0x610
[  511.568550][  T863]  ? __pfx_sock_ioctl+0x10/0x10
[  511.568649][  T863]  __se_sys_ioctl+0xcb/0x140
[  511.568676][  T863]  __x64_sys_ioctl+0x43/0x50
[  511.568783][  T863]  x64_sys_call+0x19a8/0x2fb0
[  511.568804][  T863]  do_syscall_64+0xd2/0x200
[  511.568890][  T863]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  511.568918][  T863]  ? clear_bhb_loop+0x40/0x90
[  511.568952][  T863]  ? clear_bhb_loop+0x40/0x90
[  511.568976][  T863]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  511.568996][  T863] RIP: 0033:0x7f0a5b82e929
[  511.569076][  T863] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  511.569094][  T863] RSP: 002b:00007f0a59e8f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  511.569117][  T863] RAX: ffffffffffffffda RBX: 00007f0a5ba55fa0 RCX: 00007f0a5b82e929
[  511.569133][  T863] RDX: 0000200000001a80 RSI: 00000000000089f3 RDI: 0000000000000003
[  511.569145][  T863] RBP: 00007f0a59e8f090 R08: 0000000000000000 R09: 0000000000000000
[  511.569156][  T863] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  511.569168][  T863] R13: 0000000000000000 R14: 00007f0a5ba55fa0 R15: 00007ffca87696e8
[  511.569256][  T863]  </TASK>
[  511.898482][  T871] hub 6-0:1.0: USB hub found
[  511.904362][  T871] hub 6-0:1.0: 8 ports detected
[  511.966018][  T890] x_tables: unsorted entry at hook 1
[  512.210457][  T904] SELinux: failed to load policy
[  512.259510][  T902] loop7: detected capacity change from 0 to 8192
[  512.317724][   T36] hid-generic 0003:0004:0000.002F: unknown main item tag 0x0
[  512.325225][   T36] hid-generic 0003:0004:0000.002F: unknown main item tag 0x0
[  512.332676][   T36] hid-generic 0003:0004:0000.002F: unknown main item tag 0x0
[  512.349261][   T36] hid-generic 0003:0004:0000.002F: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  512.498001][  T934] x_tables: unsorted entry at hook 1
[  512.577947][  T938] hub 6-0:1.0: USB hub found
[  512.584737][  T938] hub 6-0:1.0: 8 ports detected
[  512.696872][ T3401] hid-generic 0003:0004:0000.0030: unknown main item tag 0x0
[  512.704358][ T3401] hid-generic 0003:0004:0000.0030: unknown main item tag 0x0
[  512.711776][ T3401] hid-generic 0003:0004:0000.0030: unknown main item tag 0x0
[  512.720449][ T3401] hid-generic 0003:0004:0000.0030: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  512.730947][  T960] x_tables: unsorted entry at hook 1
[  512.767607][  T976] x_tables: unsorted entry at hook 1
[  513.032554][  T989] netlink: 104 bytes leftover after parsing attributes in process `syz.6.7775'.
[  513.055526][ T1001] FAULT_INJECTION: forcing a failure.
[  513.055526][ T1001] name failslab, interval 1, probability 0, space 0, times 0
[  513.068301][ T1001] CPU: 1 UID: 0 PID: 1001 Comm: syz.5.7777 Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(voluntary) 
[  513.068361][ T1001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  513.068377][ T1001] Call Trace:
[  513.068387][ T1001]  <TASK>
[  513.068396][ T1001]  __dump_stack+0x1d/0x30
[  513.068424][ T1001]  dump_stack_lvl+0xe8/0x140
[  513.068443][ T1001]  dump_stack+0x15/0x1b
[  513.068525][ T1001]  should_fail_ex+0x265/0x280
[  513.068566][ T1001]  should_failslab+0x8c/0xb0
[  513.068595][ T1001]  __kmalloc_noprof+0xa5/0x3e0
[  513.068628][ T1001]  ? security_prepare_creds+0x52/0x120
[  513.068660][ T1001]  security_prepare_creds+0x52/0x120
[  513.068689][ T1001]  prepare_creds+0x34a/0x4c0
[  513.068718][ T1001]  selinux_lsm_setattr+0x1a4/0x660
[  513.068770][ T1001]  selinux_setprocattr+0x4f/0x70
[  513.068807][ T1001]  security_setprocattr+0x1a4/0x1d0
[  513.068914][ T1001]  proc_pid_attr_write+0x1eb/0x220
[  513.069020][ T1001]  vfs_writev+0x406/0x8b0
[  513.069050][ T1001]  ? __pfx_proc_pid_attr_write+0x10/0x10
[  513.069101][ T1001]  ? mutex_lock+0xd/0x30
[  513.069205][ T1001]  do_writev+0xe7/0x210
[  513.069236][ T1001]  __x64_sys_writev+0x45/0x50
[  513.069261][ T1001]  x64_sys_call+0x2006/0x2fb0
[  513.069288][ T1001]  do_syscall_64+0xd2/0x200
[  513.069311][ T1001]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  513.069361][ T1001]  ? clear_bhb_loop+0x40/0x90
[  513.069411][ T1001]  ? clear_bhb_loop+0x40/0x90
[  513.069436][ T1001]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  513.069456][ T1001] RIP: 0033:0x7f0a5b82e929
[  513.069475][ T1001] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  513.069511][ T1001] RSP: 002b:00007f0a59e8f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  513.069562][ T1001] RAX: ffffffffffffffda RBX: 00007f0a5ba55fa0 RCX: 00007f0a5b82e929
[  513.069579][ T1001] RDX: 0000000000000008 RSI: 00002000000000c0 RDI: 0000000000000003
[  513.069640][ T1001] RBP: 00007f0a59e8f090 R08: 0000000000000000 R09: 0000000000000000
[  513.069652][ T1001] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  513.069667][ T1001] R13: 0000000000000000 R14: 00007f0a5ba55fa0 R15: 00007ffca87696e8
[  513.069693][ T1001]  </TASK>
[  513.204657][ T1079] hid-generic 0003:0004:0000.0031: unknown main item tag 0x0
[  513.305773][ T1079] hid-generic 0003:0004:0000.0031: unknown main item tag 0x0
[  513.313283][ T1079] hid-generic 0003:0004:0000.0031: unknown main item tag 0x0
[  513.325894][ T1079] hid-generic 0003:0004:0000.0031: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  513.344889][ T1020] x_tables: unsorted entry at hook 1
[  513.369933][ T1015] hub 6-0:1.0: USB hub found
[  513.374750][ T1015] hub 6-0:1.0: 8 ports detected
[  513.701175][ T1051] FAULT_INJECTION: forcing a failure.
[  513.701175][ T1051] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  513.714378][ T1051] CPU: 0 UID: 0 PID: 1051 Comm: syz.2.7791 Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(voluntary) 
[  513.714415][ T1051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  513.714432][ T1051] Call Trace:
[  513.714441][ T1051]  <TASK>
[  513.714511][ T1051]  __dump_stack+0x1d/0x30
[  513.714537][ T1051]  dump_stack_lvl+0xe8/0x140
[  513.714579][ T1051]  dump_stack+0x15/0x1b
[  513.714600][ T1051]  should_fail_ex+0x265/0x280
[  513.714639][ T1051]  should_fail+0xb/0x20
[  513.714672][ T1051]  should_fail_usercopy+0x1a/0x20
[  513.714732][ T1051]  fpu__restore_sig+0x12d/0xaa0
[  513.714780][ T1051]  ? probe_sched_wakeup+0x85/0xa0
[  513.714813][ T1051]  ? should_fail_ex+0xdb/0x280
[  513.714859][ T1051]  __ia32_sys_rt_sigreturn+0x29f/0x350
[  513.714902][ T1051]  x64_sys_call+0x2e8a/0x2fb0
[  513.714981][ T1051]  do_syscall_64+0xd2/0x200
[  513.715003][ T1051]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  513.715092][ T1051]  ? clear_bhb_loop+0x40/0x90
[  513.715145][ T1051]  ? clear_bhb_loop+0x40/0x90
[  513.715166][ T1051]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  513.715187][ T1051] RIP: 0033:0x7f67e413e929
[  513.715202][ T1051] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  513.715226][ T1051] RSP: 002b:00007f67e279f038 EFLAGS: 00000246
[  513.715267][ T1051] RAX: ffffffffffffffea RBX: 00007f67e4365fa0 RCX: 00007f67e413e929
[  513.715284][ T1051] RDX: 000000000000004e RSI: 00002000000002c0 RDI: 0000000000000005
[  513.715300][ T1051] RBP: 00007f67e279f090 R08: 0000000000000000 R09: 0000000000000000
[  513.715316][ T1051] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  513.715331][ T1051] R13: 0000000000000000 R14: 00007f67e4365fa0 R15: 00007ffcdb65c3f8
[  513.715350][ T1051]  </TASK>
[  513.777707][ T1043] 9pnet: Could not find request transport: tcp˙˙˙
[  513.861265][ T1058] loop7: detected capacity change from 0 to 512
[  513.862617][ T1058] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  513.921380][ T1058] EXT4-fs (loop7): 1 truncate cleaned up
[  513.927637][ T1058] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  513.941451][ T1048] netlink: 'syz.7.7790': attribute type 49 has an invalid length.
[  513.950762][ T1048] netlink: 32 bytes leftover after parsing attributes in process `syz.7.7790'.
[  513.992981][ T1065] wg2: entered promiscuous mode
[  513.997976][ T1065] wg2: entered allmulticast mode
[  514.019867][ T1058] lo speed is unknown, defaulting to 1000
[  514.076358][ T1090] x_tables: unsorted entry at hook 1
[  514.196935][ T1094] x_tables: unsorted entry at hook 1
[  514.380854][ T1079] hid-generic 0003:0004:0000.0032: unknown main item tag 0x0
[  514.388437][ T1079] hid-generic 0003:0004:0000.0032: unknown main item tag 0x0
[  514.396069][ T1079] hid-generic 0003:0004:0000.0032: unknown main item tag 0x0
[  514.404430][ T1079] hid-generic 0003:0004:0000.0032: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  514.435166][ T1114] netlink: 'syz.6.7801': attribute type 3 has an invalid length.
[  514.487608][ T1115] hub 6-0:1.0: USB hub found
[  514.498935][ T1115] hub 6-0:1.0: 8 ports detected
[  514.516447][T31453] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  514.605006][ T1134] tmpfs: Bad value for 'mpol'
[  514.612993][ T1134] tipc: Can't bind to reserved service type 1
[  514.653323][ T1139] FAULT_INJECTION: forcing a failure.
[  514.653323][ T1139] name failslab, interval 1, probability 0, space 0, times 0
[  514.666212][ T1139] CPU: 1 UID: 0 PID: 1139 Comm: syz.5.7806 Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(voluntary) 
[  514.666250][ T1139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  514.666263][ T1139] Call Trace:
[  514.666276][ T1139]  <TASK>
[  514.666283][ T1139]  __dump_stack+0x1d/0x30
[  514.666303][ T1139]  dump_stack_lvl+0xe8/0x140
[  514.666321][ T1139]  dump_stack+0x15/0x1b
[  514.666343][ T1139]  should_fail_ex+0x265/0x280
[  514.666382][ T1139]  should_failslab+0x8c/0xb0
[  514.666543][ T1139]  __kmalloc_noprof+0xa5/0x3e0
[  514.666577][ T1139]  ? security_inode_init_security+0xc5/0x330
[  514.666688][ T1139]  ? current_umask+0x2f/0x40
[  514.666718][ T1139]  security_inode_init_security+0xc5/0x330
[  514.666772][ T1139]  ? __pfx_shmem_initxattrs+0x10/0x10
[  514.666799][ T1139]  shmem_mknod+0xad/0x180
[  514.666832][ T1139]  shmem_mkdir+0x33/0x70
[  514.666858][ T1139]  vfs_mkdir+0x213/0x340
[  514.666898][ T1139]  do_mkdirat+0x132/0x3f0
[  514.666940][ T1139]  __x64_sys_mkdirat+0x4c/0x60
[  514.666994][ T1139]  x64_sys_call+0x2be0/0x2fb0
[  514.667079][ T1139]  do_syscall_64+0xd2/0x200
[  514.667102][ T1139]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  514.667173][ T1139]  ? clear_bhb_loop+0x40/0x90
[  514.667198][ T1139]  ? clear_bhb_loop+0x40/0x90
[  514.667227][ T1139]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  514.667302][ T1139] RIP: 0033:0x7f0a5b82e929
[  514.667323][ T1139] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  514.667347][ T1139] RSP: 002b:00007f0a59e8f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  514.667371][ T1139] RAX: ffffffffffffffda RBX: 00007f0a5ba55fa0 RCX: 00007f0a5b82e929
[  514.667388][ T1139] RDX: 0000000000000000 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  514.667403][ T1139] RBP: 00007f0a59e8f090 R08: 0000000000000000 R09: 0000000000000000
[  514.667440][ T1139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  514.667452][ T1139] R13: 0000000000000000 R14: 00007f0a5ba55fa0 R15: 00007ffca87696e8
[  514.667470][ T1139]  </TASK>
[  515.020749][ T3401] hid-generic 0003:0004:0000.0033: unknown main item tag 0x0
[  515.028266][ T3401] hid-generic 0003:0004:0000.0033: unknown main item tag 0x0
[  515.035814][ T3401] hid-generic 0003:0004:0000.0033: unknown main item tag 0x0
[  515.046259][ T3401] hid-generic 0003:0004:0000.0033: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  515.352876][ T1179] xt_check_table_hooks: 1 callbacks suppressed
[  515.352903][ T1179] x_tables: unsorted entry at hook 1
[  515.506964][ T1188] x_tables: unsorted entry at hook 1
[  515.553017][ T1194] x_tables: unsorted entry at hook 1
[  515.608018][ T1197] loop7: detected capacity change from 0 to 8192
[  515.619803][ T3401] hid-generic 0003:0004:0000.0034: unknown main item tag 0x0
[  515.627418][ T3401] hid-generic 0003:0004:0000.0034: unknown main item tag 0x0
[  515.634919][ T3401] hid-generic 0003:0004:0000.0034: unknown main item tag 0x0
[  515.643008][ T3401] hid-generic 0003:0004:0000.0034: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  515.718558][   T29] kauditd_printk_skb: 471 callbacks suppressed
[  515.718574][   T29] audit: type=1326 audit(2000000601.813:44758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1212 comm="syz.7.7826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f538598e929 code=0x7ffc0000
[  515.772570][   T29] audit: type=1326 audit(2000000601.813:44759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1212 comm="syz.7.7826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f538598e929 code=0x7ffc0000
[  515.796228][   T29] audit: type=1326 audit(2000000601.845:44760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1212 comm="syz.7.7826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f538598e929 code=0x7ffc0000
[  515.819742][   T29] audit: type=1326 audit(2000000601.845:44761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1212 comm="syz.7.7826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f538598e929 code=0x7ffc0000
[  515.843280][   T29] audit: type=1326 audit(2000000601.856:44762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1212 comm="syz.7.7826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f538598e929 code=0x7ffc0000
[  515.866970][   T29] audit: type=1326 audit(2000000601.856:44763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1212 comm="syz.7.7826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f538598e929 code=0x7ffc0000
[  515.886173][ T1220] x_tables: unsorted entry at hook 1
[  515.890590][   T29] audit: type=1326 audit(2000000601.856:44764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1212 comm="syz.7.7826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f538598e929 code=0x7ffc0000
[  515.906211][ T1216] hub 6-0:1.0: USB hub found
[  515.919532][   T29] audit: type=1326 audit(2000000601.856:44765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1212 comm="syz.7.7826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f538598e929 code=0x7ffc0000
[  515.926139][ T1216] hub 6-0:1.0: 8 ports detected
[  515.949863][   T29] audit: type=1326 audit(2000000601.877:44766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1212 comm="syz.7.7826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f538598e929 code=0x7ffc0000
[  515.976115][   T29] audit: type=1326 audit(2000000601.877:44767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1212 comm="syz.7.7826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f538598e929 code=0x7ffc0000
[  516.122228][ T1235] hub 6-0:1.0: USB hub found
[  516.136094][ T1235] hub 6-0:1.0: 8 ports detected
[  516.324934][   T36] hid-generic 0003:0004:0000.0035: unknown main item tag 0x0
[  516.332449][   T36] hid-generic 0003:0004:0000.0035: unknown main item tag 0x0
[  516.339925][   T36] hid-generic 0003:0004:0000.0035: unknown main item tag 0x0
[  516.407246][   T36] hid-generic 0003:0004:0000.0035: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  516.515602][ T1273] x_tables: unsorted entry at hook 1
[  516.673273][ T1285] x_tables: unsorted entry at hook 1
[  516.690838][ T1282] hub 6-0:1.0: USB hub found
[  516.698150][ T1282] hub 6-0:1.0: 8 ports detected
[  516.835797][ T1295] netlink: 'syz.5.7845': attribute type 4 has an invalid length.
[  516.911391][ T1291] netlink: 'syz.5.7845': attribute type 4 has an invalid length.
[  517.098457][ T1309] hub 6-0:1.0: USB hub found
[  517.103357][ T1309] hub 6-0:1.0: 8 ports detected
[  517.114139][ T1313] hub 6-0:1.0: USB hub found
[  517.119137][ T1313] hub 6-0:1.0: 8 ports detected
[  517.249241][ T1322] x_tables: unsorted entry at hook 1
[  517.360181][ T1332] netlink: 20 bytes leftover after parsing attributes in process `syz.3.7856'.
[  517.879803][ T1366] x_tables: unsorted entry at hook 1
[  518.155402][ T1380] x_tables: unsorted entry at hook 1
[  518.188393][ T1386] netlink: 'syz.5.7873': attribute type 27 has an invalid length.
[  518.223760][ T1386] bridge0: port 2(bridge_slave_1) entered disabled state
[  518.231133][ T1386] bridge0: port 1(bridge_slave_0) entered disabled state
[  518.245881][ T1387] netlink: 52 bytes leftover after parsing attributes in process `syz.5.7873'.
[  518.290807][ T1386] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  518.301502][ T1386] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  518.340295][ T1386] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  518.349329][ T1386] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  518.358422][ T1386] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  518.367368][ T1386] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  518.456717][ T1398] FAULT_INJECTION: forcing a failure.
[  518.456717][ T1398] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  518.469919][ T1398] CPU: 0 UID: 0 PID: 1398 Comm: syz.3.7876 Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(voluntary) 
[  518.469956][ T1398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  518.469973][ T1398] Call Trace:
[  518.469981][ T1398]  <TASK>
[  518.469990][ T1398]  __dump_stack+0x1d/0x30
[  518.470092][ T1398]  dump_stack_lvl+0xe8/0x140
[  518.470119][ T1398]  dump_stack+0x15/0x1b
[  518.470141][ T1398]  should_fail_ex+0x265/0x280
[  518.470179][ T1398]  should_fail+0xb/0x20
[  518.470213][ T1398]  should_fail_usercopy+0x1a/0x20
[  518.470243][ T1398]  _copy_from_user+0x1c/0xb0
[  518.470274][ T1398]  kstrtouint_from_user+0x69/0xf0
[  518.470312][ T1398]  ? 0xffffffff81000000
[  518.470330][ T1398]  ? selinux_file_permission+0x1e4/0x320
[  518.470362][ T1398]  proc_fail_nth_write+0x50/0x160
[  518.470439][ T1398]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  518.470518][ T1398]  vfs_write+0x269/0x8e0
[  518.470556][ T1398]  ? vfs_read+0x47f/0x6f0
[  518.470594][ T1398]  ? __rcu_read_unlock+0x4f/0x70
[  518.470686][ T1398]  ? __fget_files+0x184/0x1c0
[  518.470714][ T1398]  ksys_write+0xda/0x1a0
[  518.470757][ T1398]  __x64_sys_write+0x40/0x50
[  518.470798][ T1398]  x64_sys_call+0x2cdd/0x2fb0
[  518.470839][ T1398]  do_syscall_64+0xd2/0x200
[  518.470863][ T1398]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  518.470998][ T1398]  ? clear_bhb_loop+0x40/0x90
[  518.471023][ T1398]  ? clear_bhb_loop+0x40/0x90
[  518.471052][ T1398]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  518.471079][ T1398] RIP: 0033:0x7fc1ddded3df
[  518.471099][ T1398] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  518.471145][ T1398] RSP: 002b:00007fc1dc457030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  518.471170][ T1398] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc1ddded3df
[  518.471187][ T1398] RDX: 0000000000000001 RSI: 00007fc1dc4570a0 RDI: 0000000000000007
[  518.471203][ T1398] RBP: 00007fc1dc457090 R08: 0000000000000000 R09: 0000000000000000
[  518.471220][ T1398] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[  518.471236][ T1398] R13: 0000000000000000 R14: 00007fc1de015fa0 R15: 00007ffd7f79de88
[  518.471262][ T1398]  </TASK>
[  518.534708][ T4133] hid-generic 0003:0004:0000.0036: unknown main item tag 0x0
[  518.619307][ T1403] x_tables: unsorted entry at hook 1
[  518.623410][ T4133] hid-generic 0003:0004:0000.0036: unknown main item tag 0x0
[  518.714798][ T4133] hid-generic 0003:0004:0000.0036: unknown main item tag 0x0
[  518.755423][ T4133] hid-generic 0003:0004:0000.0036: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  518.870178][ T1417] netlink: 'syz.2.7882': attribute type 27 has an invalid length.
[  518.925205][ T1417] bridge0: port 2(bridge_slave_1) entered disabled state
[  518.932563][ T1417] bridge0: port 1(bridge_slave_0) entered disabled state
[  518.954692][ T1417] wg2: left promiscuous mode
[  518.959404][ T1417] wg2: left allmulticast mode
[  518.981456][ T1417] bond_slave_1: left allmulticast mode
[  519.002810][ T1417] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  519.013812][ T1417] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  519.025523][ T1438] netlink: 12 bytes leftover after parsing attributes in process `syz.6.7889'.
[  519.044998][ T1417] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  519.054172][ T1417] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  519.063445][ T1417] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  519.072652][ T1417] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  519.088037][ T1417] netdevsim netdevsim2 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  519.097165][ T1417] netdevsim netdevsim2 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  519.106091][ T1417] netdevsim netdevsim2 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  519.115093][ T1417] netdevsim netdevsim2 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  519.124421][ T1417] vxlan0: left promiscuous mode
[  519.152535][ T1426] 8021q: adding VLAN 0 to HW filter on device bond0
[  519.161065][ T1426] 8021q: adding VLAN 0 to HW filter on device team0
[  519.170643][ T1426] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  519.266995][ T3401] IPVS: starting estimator thread 0...
[  519.276824][ T1448] loop7: detected capacity change from 0 to 8192
[  519.296193][ T1451] lo speed is unknown, defaulting to 1000
[  519.306808][ T4133] hid-generic 0003:0004:0000.0037: unknown main item tag 0x0
[  519.314403][ T4133] hid-generic 0003:0004:0000.0037: unknown main item tag 0x0
[  519.322098][ T4133] hid-generic 0003:0004:0000.0037: unknown main item tag 0x0
[  519.342760][ T4133] hid-generic 0003:0004:0000.0037: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  519.359257][ T1453] IPVS: using max 2160 ests per chain, 108000 per kthread
[  519.617764][ T1512] netlink: 12 bytes leftover after parsing attributes in process `syz.2.7903'.
[  519.762461][ T1522] FAULT_INJECTION: forcing a failure.
[  519.762461][ T1522] name failslab, interval 1, probability 0, space 0, times 0
[  519.775195][ T1522] CPU: 1 UID: 0 PID: 1522 Comm: syz.2.7904 Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(voluntary) 
[  519.775289][ T1522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  519.775306][ T1522] Call Trace:
[  519.775316][ T1522]  <TASK>
[  519.775326][ T1522]  __dump_stack+0x1d/0x30
[  519.775415][ T1522]  dump_stack_lvl+0xe8/0x140
[  519.775434][ T1522]  dump_stack+0x15/0x1b
[  519.775452][ T1522]  should_fail_ex+0x265/0x280
[  519.775493][ T1522]  should_failslab+0x8c/0xb0
[  519.775523][ T1522]  kmem_cache_alloc_noprof+0x50/0x310
[  519.775573][ T1522]  ? __anon_vma_prepare+0xcd/0x2f0
[  519.775617][ T1522]  __anon_vma_prepare+0xcd/0x2f0
[  519.775661][ T1522]  handle_mm_fault+0x1d19/0x2be0
[  519.775687][ T1522]  ? __rcu_read_unlock+0x4f/0x70
[  519.775790][ T1522]  do_user_addr_fault+0x3fe/0x1090
[  519.775894][ T1522]  exc_page_fault+0x62/0xa0
[  519.775922][ T1522]  asm_exc_page_fault+0x26/0x30
[  519.775941][ T1522] RIP: 0010:rep_movs_alternative+0x4a/0x90
[  519.776005][ T1522] Code: f1 01 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 e9 0f f1 01 00 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[  519.776024][ T1522] RSP: 0018:ffffc9000554bc58 EFLAGS: 00050206
[  519.776039][ T1522] RAX: ffff88810b240a98 RBX: 0000000000000100 RCX: 0000000000000100
[  519.776051][ T1522] RDX: 0000000000000000 RSI: ffffc9000554bca0 RDI: 0000200000000a40
[  519.776063][ T1522] RBP: ffffc9000554bde0 R08: 000000000000058b R09: 0000000000000000
[  519.776076][ T1522] R10: 0001c9000554bca0 R11: 0001c9000554bd9f R12: 0000200000000b40
[  519.776092][ T1522] R13: 00007ffffffff000 R14: 0000200000000a40 R15: ffffc9000554bca0
[  519.776194][ T1522]  _copy_to_user+0x7c/0xa0
[  519.776215][ T1522]  con_get_trans_old+0x1f4/0x240
[  519.776296][ T1522]  vt_ioctl+0xf26/0x1880
[  519.776330][ T1522]  ? tty_jobctrl_ioctl+0x29e/0x810
[  519.776410][ T1522]  tty_ioctl+0x7db/0xb80
[  519.776446][ T1522]  ? __pfx_tty_ioctl+0x10/0x10
[  519.776532][ T1522]  __se_sys_ioctl+0xcb/0x140
[  519.776606][ T1522]  __x64_sys_ioctl+0x43/0x50
[  519.776639][ T1522]  x64_sys_call+0x19a8/0x2fb0
[  519.776669][ T1522]  do_syscall_64+0xd2/0x200
[  519.776686][ T1522]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  519.776721][ T1522]  ? clear_bhb_loop+0x40/0x90
[  519.776783][ T1522]  ? clear_bhb_loop+0x40/0x90
[  519.776813][ T1522]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  519.776873][ T1522] RIP: 0033:0x7f67e413e929
[  519.776892][ T1522] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  519.776910][ T1522] RSP: 002b:00007f67e279f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  519.776927][ T1522] RAX: ffffffffffffffda RBX: 00007f67e4365fa0 RCX: 00007f67e413e929
[  519.776939][ T1522] RDX: 0000200000000a40 RSI: 0000000000004b40 RDI: 0000000000000003
[  519.777000][ T1522] RBP: 00007f67e279f090 R08: 0000000000000000 R09: 0000000000000000
[  519.777017][ T1522] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  519.777031][ T1522] R13: 0000000000000000 R14: 00007f67e4365fa0 R15: 00007ffcdb65c3f8
[  519.777050][ T1522]  </TASK>
[  519.856347][ T1523] netlink: 'syz.3.7905': attribute type 39 has an invalid length.
[  520.092349][   T36] hid-generic 0003:0004:0000.0038: unknown main item tag 0x0
[  520.092387][   T36] hid-generic 0003:0004:0000.0038: unknown main item tag 0x0
[  520.092417][   T36] hid-generic 0003:0004:0000.0038: unknown main item tag 0x0
[  520.092942][   T36] hid-generic 0003:0004:0000.0038: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  520.187517][ T1542] FAULT_INJECTION: forcing a failure.
[  520.187517][ T1542] name failslab, interval 1, probability 0, space 0, times 0
[  520.187553][ T1542] CPU: 0 UID: 0 PID: 1542 Comm: syz.6.7907 Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(voluntary) 
[  520.187590][ T1542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  520.187602][ T1542] Call Trace:
[  520.187655][ T1542]  <TASK>
[  520.187665][ T1542]  __dump_stack+0x1d/0x30
[  520.187690][ T1542]  dump_stack_lvl+0xe8/0x140
[  520.187709][ T1542]  dump_stack+0x15/0x1b
[  520.187735][ T1542]  should_fail_ex+0x265/0x280
[  520.187773][ T1542]  ? audit_log_d_path+0x8d/0x150
[  520.187813][ T1542]  should_failslab+0x8c/0xb0
[  520.187842][ T1542]  __kmalloc_cache_noprof+0x4c/0x320
[  520.187913][ T1542]  audit_log_d_path+0x8d/0x150
[  520.187954][ T1542]  audit_log_d_path_exe+0x42/0x70
[  520.188040][ T1542]  audit_log_task+0x1e9/0x250
[  520.188074][ T1542]  audit_seccomp+0x61/0x100
[  520.188154][ T1542]  ? __seccomp_filter+0x68c/0x10d0
[  520.188180][ T1542]  __seccomp_filter+0x69d/0x10d0
[  520.188263][ T1542]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  520.188308][ T1542]  ? vfs_write+0x75e/0x8e0
[  520.188425][ T1542]  ? __rcu_read_unlock+0x4f/0x70
[  520.188520][ T1542]  ? __fget_files+0x184/0x1c0
[  520.188542][ T1542]  __secure_computing+0x82/0x150
[  520.188566][ T1542]  syscall_trace_enter+0xcf/0x1e0
[  520.188597][ T1542]  do_syscall_64+0xac/0x200
[  520.188663][ T1542]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  520.188702][ T1542]  ? clear_bhb_loop+0x40/0x90
[  520.188731][ T1542]  ? clear_bhb_loop+0x40/0x90
[  520.188755][ T1542]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  520.188796][ T1542] RIP: 0033:0x7fcb26d9e929
[  520.188869][ T1542] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  520.188969][ T1542] RSP: 002b:00007fcb253ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000076
[  520.188995][ T1542] RAX: ffffffffffffffda RBX: 00007fcb26fc5fa0 RCX: 00007fcb26d9e929
[  520.189007][ T1542] RDX: 00002000000004c0 RSI: 0000200000000400 RDI: 00002000000003c0
[  520.189019][ T1542] RBP: 00007fcb253ff090 R08: 0000000000000000 R09: 0000000000000000
[  520.189031][ T1542] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  520.189043][ T1542] R13: 0000000000000000 R14: 00007fcb26fc5fa0 R15: 00007fff65d39d08
[  520.189116][ T1542]  </TASK>
[  520.254524][ T1544] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  520.719106][ T1574] lo speed is unknown, defaulting to 1000
[  520.793622][ T1592] xt_check_table_hooks: 2 callbacks suppressed
[  520.793638][ T1592] x_tables: unsorted entry at hook 1
[  520.912576][   T29] kauditd_printk_skb: 49 callbacks suppressed
[  520.912596][   T29] audit: type=1400 audit(2000000607.381:44817): avc:  denied  { ioctl } for  pid=1594 comm="syz.7.7917" path="socket:[84251]" dev="sockfs" ino=84251 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  520.948116][ T1613] netlink: 132 bytes leftover after parsing attributes in process `syz.7.7917'.
[  521.016997][   T23] hid-generic 0003:0004:0000.0039: unknown main item tag 0x0
[  521.024579][   T23] hid-generic 0003:0004:0000.0039: unknown main item tag 0x0
[  521.032223][   T23] hid-generic 0003:0004:0000.0039: unknown main item tag 0x0
[  521.057733][   T23] hid-generic 0003:0004:0000.0039: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  521.080001][   T29] audit: type=1326 audit(2000000607.553:44818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1624 comm="syz.7.7920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f538598e929 code=0x7ffc0000
[  521.103650][   T29] audit: type=1326 audit(2000000607.553:44819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1624 comm="syz.7.7920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f538598e929 code=0x7ffc0000
[  521.127194][   T29] audit: type=1326 audit(2000000607.553:44820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1624 comm="syz.7.7920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f538598e929 code=0x7ffc0000
[  521.150758][   T29] audit: type=1326 audit(2000000607.553:44821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1624 comm="syz.7.7920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f538598e929 code=0x7ffc0000
[  521.174376][   T29] audit: type=1326 audit(2000000607.553:44822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1624 comm="syz.7.7920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f538598e929 code=0x7ffc0000
[  521.197942][   T29] audit: type=1326 audit(2000000607.553:44823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1624 comm="syz.7.7920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f538598e929 code=0x7ffc0000
[  521.221554][   T29] audit: type=1326 audit(2000000607.553:44824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1624 comm="syz.7.7920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f538598e929 code=0x7ffc0000
[  521.245165][   T29] audit: type=1326 audit(2000000607.553:44825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1624 comm="syz.7.7920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f538598e929 code=0x7ffc0000
[  521.268728][   T29] audit: type=1326 audit(2000000607.553:44826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1624 comm="syz.7.7920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f538598e929 code=0x7ffc0000
[  521.299066][ T1634] FAULT_INJECTION: forcing a failure.
[  521.299066][ T1634] name failslab, interval 1, probability 0, space 0, times 0
[  521.311767][ T1634] CPU: 1 UID: 0 PID: 1634 Comm: syz.7.7922 Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(voluntary) 
[  521.311869][ T1634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  521.311882][ T1634] Call Trace:
[  521.311889][ T1634]  <TASK>
[  521.311944][ T1634]  __dump_stack+0x1d/0x30
[  521.311972][ T1634]  dump_stack_lvl+0xe8/0x140
[  521.311998][ T1634]  dump_stack+0x15/0x1b
[  521.312094][ T1634]  should_fail_ex+0x265/0x280
[  521.312140][ T1634]  should_failslab+0x8c/0xb0
[  521.312192][ T1634]  kmem_cache_alloc_node_noprof+0x57/0x320
[  521.312227][ T1634]  ? __alloc_skb+0x101/0x320
[  521.312333][ T1634]  __alloc_skb+0x101/0x320
[  521.312436][ T1634]  netlink_alloc_large_skb+0xba/0xf0
[  521.312467][ T1634]  netlink_sendmsg+0x3cf/0x6b0
[  521.312487][ T1634]  ? __pfx_netlink_sendmsg+0x10/0x10
[  521.312509][ T1634]  __sock_sendmsg+0x145/0x180
[  521.312559][ T1634]  ____sys_sendmsg+0x31e/0x4e0
[  521.312605][ T1634]  ___sys_sendmsg+0x17b/0x1d0
[  521.312864][ T1634]  __x64_sys_sendmsg+0xd4/0x160
[  521.312911][ T1634]  x64_sys_call+0x2999/0x2fb0
[  521.312945][ T1634]  do_syscall_64+0xd2/0x200
[  521.312965][ T1634]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  521.313071][ T1634]  ? clear_bhb_loop+0x40/0x90
[  521.313099][ T1634]  ? clear_bhb_loop+0x40/0x90
[  521.313127][ T1634]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  521.313149][ T1634] RIP: 0033:0x7f538598e929
[  521.313171][ T1634] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  521.313214][ T1634] RSP: 002b:00007f5383fef038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  521.313238][ T1634] RAX: ffffffffffffffda RBX: 00007f5385bb5fa0 RCX: 00007f538598e929
[  521.313254][ T1634] RDX: 0000000000040040 RSI: 0000200000000240 RDI: 0000000000000003
[  521.313339][ T1634] RBP: 00007f5383fef090 R08: 0000000000000000 R09: 0000000000000000
[  521.313351][ T1634] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  521.313363][ T1634] R13: 0000000000000000 R14: 00007f5385bb5fa0 R15: 00007fff4baa36a8
[  521.313381][ T1634]  </TASK>
[  521.592055][ T1642] FAULT_INJECTION: forcing a failure.
[  521.592055][ T1642] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  521.605268][ T1642] CPU: 0 UID: 0 PID: 1642 Comm: syz.6.7925 Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(voluntary) 
[  521.605309][ T1642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  521.605349][ T1642] Call Trace:
[  521.605359][ T1642]  <TASK>
[  521.605369][ T1642]  __dump_stack+0x1d/0x30
[  521.605395][ T1642]  dump_stack_lvl+0xe8/0x140
[  521.605421][ T1642]  dump_stack+0x15/0x1b
[  521.605442][ T1642]  should_fail_ex+0x265/0x280
[  521.605483][ T1642]  should_fail+0xb/0x20
[  521.605564][ T1642]  should_fail_usercopy+0x1a/0x20
[  521.605600][ T1642]  _copy_from_user+0x1c/0xb0
[  521.605623][ T1642]  sctp_setsockopt+0x154/0xe30
[  521.605651][ T1642]  sock_common_setsockopt+0x69/0x80
[  521.605682][ T1642]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  521.605716][ T1642]  __sys_setsockopt+0x184/0x200
[  521.605758][ T1642]  __x64_sys_setsockopt+0x64/0x80
[  521.605789][ T1642]  x64_sys_call+0x2bd5/0x2fb0
[  521.605882][ T1642]  do_syscall_64+0xd2/0x200
[  521.605901][ T1642]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  521.605926][ T1642]  ? clear_bhb_loop+0x40/0x90
[  521.605949][ T1642]  ? clear_bhb_loop+0x40/0x90
[  521.606067][ T1642]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  521.606153][ T1642] RIP: 0033:0x7fcb26d9e929
[  521.606211][ T1642] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  521.606235][ T1642] RSP: 002b:00007fcb253ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  521.606311][ T1642] RAX: ffffffffffffffda RBX: 00007fcb26fc5fa0 RCX: 00007fcb26d9e929
[  521.606323][ T1642] RDX: 0000000000000077 RSI: 0000000000000084 RDI: 0000000000000003
[  521.606334][ T1642] RBP: 00007fcb253ff090 R08: 000000000000000a R09: 0000000000000000
[  521.606346][ T1642] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000001
[  521.606357][ T1642] R13: 0000000000000000 R14: 00007fcb26fc5fa0 R15: 00007fff65d39d08
[  521.606377][ T1642]  </TASK>
[  521.642322][ T1631] hub 6-0:1.0: USB hub found
[  521.644458][ T1640] loop7: detected capacity change from 0 to 512
[  521.649732][ T1631] hub 6-0:1.0: 8 ports detected
[  521.806449][ T1656] x_tables: unsorted entry at hook 1
[  521.832354][ T1640] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  521.847153][ T1640] ext4 filesystem being mounted at /85/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  522.045960][T31453] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  522.080044][ T1684] lo speed is unknown, defaulting to 1000
[  522.159184][    T9] hid-generic 0003:0004:0000.003A: unknown main item tag 0x0
[  522.166674][    T9] hid-generic 0003:0004:0000.003A: unknown main item tag 0x0
[  522.174131][    T9] hid-generic 0003:0004:0000.003A: unknown main item tag 0x0
[  522.185339][    T9] hid-generic 0003:0004:0000.003A: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  522.198025][ T1717] batman_adv: batadv0: Adding interface: dummy0
[  522.204424][ T1717] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  522.231403][ T1717] batman_adv: batadv0: Interface activated: dummy0
[  522.241525][ T1717] batadv0: mtu less than device minimum
[  522.247485][ T1717] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  522.258426][ T1717] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  522.269398][ T1717] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  522.280173][ T1717] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  522.291030][ T1717] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  522.301973][ T1717] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  522.312788][ T1717] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  522.323637][ T1717] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  522.334945][ T1718] x_tables: unsorted entry at hook 1
[  522.406889][ T1731] x_tables: unsorted entry at hook 1
[  522.443050][ T1732] hub 6-0:1.0: USB hub found
[  522.447954][ T1732] hub 6-0:1.0: 8 ports detected
[  522.501727][ T1742] loop7: detected capacity change from 0 to 512
[  522.529904][ T1742] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  522.544112][ T1742] ext4 filesystem being mounted at /91/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  522.558604][ T1742] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.7941: bg 0: block 217: padding at end of block bitmap is not set
[  522.587749][T31453] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  522.648696][ T1750] loop7: detected capacity change from 0 to 512
[  522.655472][ T1750] EXT4-fs: Ignoring removed mblk_io_submit option
[  522.662685][ T1750] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  522.676010][ T1750] EXT4-fs (loop7): 1 truncate cleaned up
[  522.682301][ T1750] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  522.709764][T31453] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  522.791273][ T1761] loop7: detected capacity change from 0 to 1024
[  522.823051][ T1761] rdma_op ffff888132f93180 conn xmit_rdma 0000000000000000
[  523.057090][ T1776] infiniband syz2: set down
[  523.061725][ T1776] infiniband syz2: added veth0_to_bond
[  523.082079][ T1776] RDS/IB: syz2: added
[  523.086133][ T1776] smc: adding ib device syz2 with port count 1
[  523.093399][ T1776] smc:    ib device syz2 port 1 has pnetid 
[  523.094926][ T1783] x_tables: unsorted entry at hook 1
[  523.384059][ T1796] infiniband syz!: set active
[  523.388881][ T1796] infiniband syz!: added team_slave_0
[  523.412955][ T1796] RDS/IB: syz!: added
[  523.418395][ T1796] smc: adding ib device syz! with port count 1
[  523.434505][ T1796] smc:    ib device syz! port 1 has pnetid 
[  523.456727][ T1805] ==================================================================
[  523.464886][ T1805] BUG: KCSAN: data-race in call_rcu / mas_state_walk
[  523.471616][ T1805] 
[  523.473960][ T1805] write to 0xffff888130e45c08 of 8 bytes by task 1803 on cpu 1:
[  523.481616][ T1805]  call_rcu+0x51/0x3f0
[  523.485724][ T1805]  mas_wmb_replace+0xf7a/0x14a0
[  523.490621][ T1805]  mas_wr_store_entry+0x1773/0x2b50
[  523.495876][ T1805]  mas_store_prealloc+0x74d/0x9e0
[  523.500930][ T1805]  vma_iter_store_new+0x1c5/0x200
[  523.505979][ T1805]  vma_complete+0x125/0x580
[  523.510497][ T1805]  __split_vma+0x591/0x650
[  523.514934][ T1805]  vma_modify+0x21e/0xc80
[  523.519283][ T1805]  vma_modify_flags+0x101/0x130
[  523.524248][ T1805]  mprotect_fixup+0x2cc/0x570
[  523.528959][ T1805]  do_mprotect_pkey+0x6d6/0x980
[  523.533841][ T1805]  __x64_sys_mprotect+0x48/0x60
[  523.538724][ T1805]  x64_sys_call+0x2794/0x2fb0
[  523.543434][ T1805]  do_syscall_64+0xd2/0x200
[  523.547956][ T1805]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  523.553871][ T1805] 
[  523.556212][ T1805] read to 0xffff888130e45c08 of 8 bytes by task 1805 on cpu 0:
[  523.563784][ T1805]  mas_state_walk+0x28f/0x650
[  523.568498][ T1805]  mas_walk+0x30/0x120
[  523.572608][ T1805]  lock_vma_under_rcu+0xa2/0x2f0
[  523.577581][ T1805]  do_user_addr_fault+0x233/0x1090
[  523.582727][ T1805]  exc_page_fault+0x62/0xa0
[  523.587275][ T1805]  asm_exc_page_fault+0x26/0x30
[  523.592151][ T1805] 
[  523.594485][ T1805] Reported by Kernel Concurrency Sanitizer on:
[  523.600709][ T1805] CPU: 0 UID: 0 PID: 1805 Comm: syz.3.7954 Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(voluntary) 
[  523.613144][ T1805] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  523.623274][ T1805] ==================================================================