last executing test programs:

13.45284819s ago: executing program 1 (id=2343):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x2, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000000000f6000000006debff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0a00000004000000080000000800000000000000", @ANYRES32, @ANYBLOB="0000000c00000000000000000000000000000000246eae85735de6d046b19260c8680bb1ee199bef559b2d4bcab6eaac", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r3}, 0x10)
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x18, 0x0, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@NL80211_ATTR_SOCKET_OWNER={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x80}, 0x1)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{r2}, &(0x7f0000000000), &(0x7f0000000040)='%pB    \x00'}, 0x20)
setitimer(0x0, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000b00)=@ipv6_newrule={0xa4, 0x20, 0x10, 0x70bd29, 0x25dfdbff, {0xa, 0x0, 0x80, 0xb, 0x62, 0x0, 0x0, 0x4, 0xe}, [@FRA_DST={0x14, 0x1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @FIB_RULE_POLICY=@FRA_TABLE={0x8, 0xf, 0x4}, @FRA_DST={0x14, 0x1, @local}, @FIB_RULE_POLICY=@FRA_TABLE={0x8, 0xf, 0x3}, @FRA_SRC={0x14, 0x2, @mcast1}, @FRA_SRC={0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @FRA_DST={0x14, 0x1, @dev={0xfe, 0x80, '\x00', 0x9}}, @FRA_SRC={0x14, 0x2, @private2}]}, 0xa4}, 0x1, 0x0, 0x0, 0x40000}, 0xc001)
r5 = dup3(r3, r0, 0x80000)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x1, 0xc, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESOCT=r5, @ANYRES8=r1], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000007c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000400)={&(0x7f0000002040)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_NEWSET={0x30, 0x9, 0xa, 0x3, 0x0, 0x0, {0xa, 0x0, 0xa}, [@NFTA_SET_OBJ_TYPE={0x8, 0xf, 0x1, 0x0, 0x3}, @NFTA_SET_OBJ_TYPE={0x8, 0xf, 0x1, 0x0, 0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}]}, @NFT_MSG_NEWSET={0x160, 0x9, 0xa, 0x801, 0x0, 0x0, {0x0, 0x0, 0x3}, [@NFTA_SET_POLICY={0x8}, @NFTA_SET_DATA_LEN={0x8, 0x7, 0x1, 0x0, 0x3}, @NFTA_SET_EXPRESSIONS={0x114, 0x12, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @dynset={{0xb}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_DYNSET_TIMEOUT={0xc, 0x6, 0x1, 0x0, 0x6}]}}}, {0x10, 0x1, 0x0, 0x1, @target={{0xb}, @void}}, {0xd0, 0x1, 0x0, 0x1, @range={{0xa}, @val={0xc0, 0x2, 0x0, 0x1, [@NFTA_RANGE_TO_DATA={0xb4, 0x4, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x58, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}]}, @NFTA_DATA_VERDICT={0x58, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}]}]}, @NFTA_RANGE_OP={0x8}]}}}, {0x10, 0x1, 0x0, 0x1, @lookup={{0xb}, @void}}]}, @NFTA_SET_TIMEOUT={0xc}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x80}, @NFTA_SET_DATA_TYPE={0x8, 0x6, 0x1, 0x0, 0xffffff00}]}, @NFT_MSG_NEWCHAIN={0x88, 0x3, 0xa, 0x107, 0x0, 0x0, {0x0, 0x0, 0xa}, [@NFTA_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x1}, @NFTA_CHAIN_COUNTERS={0x4c, 0x8, 0x0, 0x1, [@NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x9}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x7}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x8000000000000001}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x6}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x4}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x3}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_POLICY={0x8, 0x5, 0x1, 0x0, 0xfffffffffffffffe}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x240}, 0x1, 0x0, 0x0, 0x80}, 0x20008888)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
r8 = open(0x0, 0x0, 0x0)
fchdir(r7)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001900)={&(0x7f0000000140)='kmem_cache_free\x00', r9}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
eventfd2(0xfffffff8, 0x80800)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
lremovexattr(&(0x7f0000002d00)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', &(0x7f0000000300)=@random={'os2.', '\x00'})
r10 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r10}, &(0x7f0000bbdffc))
perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x10, 0x4, 0x0, 0xf, 0x0, 0xfffffffffffffff0, 0x9400, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3ff, 0x1, @perf_bp={&(0x7f0000000040), 0x1}, 0x100000, 0x0, 0xa, 0x7, 0x0, 0xfffffffc, 0x3, 0x0, 0x7, 0x0, 0x4}, r10, 0xe, r8, 0x1)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x1, 0x0, 0x0, 0x3)

13.282496496s ago: executing program 1 (id=2349):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x200000000000009b, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
close(r2)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
close(r2)
r5 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r5, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
r6 = accept$unix(0xffffffffffffffff, &(0x7f00000002c0), &(0x7f0000000040)=0x6e)
r7 = openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000800)='devices.deny\x00', 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
fstat(r2, 0x0)
getresgid(&(0x7f0000002a40), 0x0, 0x0)
sendmmsg$unix(r6, &(0x7f0000002b40)=[{{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000340)="56de385dd36014fcb0327b43343f275f4f", 0x11}, {&(0x7f0000000380)="2e0c63fcf8ba43482501385713de8cd6b01f278370379567d9c22aa64676b3dbf63e13aa5ef7799362720a791bfd5f6639e21383564b27908b1e3165923cb3adc6f0c5d330b2ee26d11e175e68ba7e6723581ac6d7d2ee23add04ccf2cb6fc70969a84727144a0009ad6573549b1e5aabb38f89e4328956374f32b946f3b248c419b65a4bb36f153ced372daa090b182faf203052a580569045ad7480e141c13d79da1820d4231f641ddc7819a0c562ed02315f0df853c9c98", 0xb9}, {&(0x7f00000004c0)="1b1a58dc652e8f1b14fdaf379a17180d0e0553491bbe554aa00f259515fe48a560490c2727e25ece8359bd66b0696e12fa97a6749f77e8fba8428dbe030cc214c2a39cb49eaed90762b3844cd107cc73aafcd01b0803", 0x56}, {&(0x7f0000000540)="0cb136fc387031fdb9993f8c8777e4b407dbf638415853028722366def505a149809308a86f99c4e08a12c28fcb267397dbee3ed9b1bf21cc0d8c3edc147f7b6c1a0b8c18a3f0a1f23d7f89c0adabdc47d6ea8a2e187af7551527aff076487b88ba8a1b3caffe26bd08ab7ca547d3494086609a95315e35d61ff2be13b2824e79285045836986aaff96bac19ccc733c70f051b61cab022de23e44a3876f1", 0x9e}, {&(0x7f0000000600)="bbc5f6", 0x3}, {&(0x7f0000000640)="659402865b7bc594a81519140e28829e6ef47372c18a9663a826af691c0a42083c614f6220bd1bef7a0ebe7e0eb50e2d64e07a5d80f590372908d34e41dd8c251b3170b196cb3105fe9800c17dd820ea5d6a39a0c66dc0b93c39dfb1edeb48994c", 0x61}, {&(0x7f00000006c0)="77c91176ebcde67ea130f69ca22b6b2d9dada9bdd7a163e99aa1c3a55046c6785949513202b62a95cb3a97507a8665758c3df8639ab4c0f32315fb6b3db97907d050be3fb2f909c6baf9e253e8acf98718c38d4bf55ae4476bcc87ce25282c48b813b1c27f321e0a13bd431bdfca37c49addd7d380bb98f127dab9a81f110fc61ba70f59d7d6b857226f9400242d608f0434939e06b533b3ebad9adcd8db947ae4bce962934804569c", 0xa9}], 0x7, &(0x7f0000000840)=[@rights={{0x34, 0x1, 0x1, [r3, r7, 0xffffffffffffffff, r1, r1, r5, r0, 0xffffffffffffffff, r3]}}, @rights={{0x14, 0x1, 0x1, [r3]}}, @rights={{0x18, 0x1, 0x1, [r4, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x80, 0x20000800}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000002b00)=[@cred={{0x1c}}], 0x20, 0xe001}}], 0x2, 0x20000000)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000180)={'rose0\x00', 0x112})
r9 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000002bc0), 0x2200, 0x0)
ioctl$TCSETAF(r9, 0x5408, &(0x7f0000002c00)={0x1, 0x6, 0xff, 0x8001, 0x10, "a4934cd099fdabc7"})
ioctl$TUNSETQUEUE(r8, 0x400454d9, &(0x7f0000000100)={'vlan0\x00', 0x400})

13.193707005s ago: executing program 1 (id=2355):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x9, 0x8, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x31, 0xffffffffffffffff, 0x0)

13.167144817s ago: executing program 1 (id=2357):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
ioctl(r0, 0x4, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r2, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

13.119499552s ago: executing program 1 (id=2359):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x9, 0x4, 0x1, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYRES32, @ANYBLOB="0000000000000000b7020000f3ffff"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
ioctl$SG_NEXT_CMD_LEN(r2, 0xc0481273, &(0x7f0000000000))

13.118688362s ago: executing program 1 (id=2361):
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f0000000240), 0x20, 0x4b9, &(0x7f0000000540)="$eJzs3UFvU8kdAPD/e0lICIGElkNbtYVSKK0QdmIgQpzopVWFkKqinnqANDFRFDuOYoeSlEP4Bj1UKlJP7UfooVIPlTj13lt72wt7WIndRbsiK+3BKz8/hyQkEJZsjOLfTxq9mXnm/WdsvRkzSd4E0LPORMRaRByJiLsRMZrXJ3mKG+3Uet2L5w+n158/nE6i2bz9SZKdb9XFpn/Tciy/5lBE/OaXEb9PXo1bX1mdn6pUykt5udioLhbrK6uX5qpTs+XZ8kKpNDkxOX7t8tXSvvX1dPUfz34xd/O3//7XD57+d+1nf2w1ayQ/t7kfHQP7EDPJrzSyqa4/Im7uw7XfB315f450uyF8LWlEfCsizmb3/2j0ZZ8mAHCYNZuj0RzdXAYADrs0WwNL0kK+FjASaVootNfwTsVwWqnVGxfv1ZYXZtprZWMxkN6bq5TH87XCsRhIWuWJLP+yXNpWvhwRJyPiz4NHs3JhulaZ6eYXHwDoYce2zf+fD7bnfwDgkBvqdgMAgANn/geA3mP+B4DeY/4HgN5j/geA3mP+B4DeY/4HgJ7y61u3Wqm5nj//eub+yvJ87f6lmXJ9vlBdni5M15YWC7O12mz2zJ7qm65XqdUWJ67E8oNio1xvFOsrq3eqteWFxp3sud53ylueqb0fD9gGAN7aydNP/p9ExNr1o1mKTXs5mJ7hcEu73QCga/q63QCga+z2Bb3L//GBHbbo3WLXXxF6vP9tAQ7Ghe9a/4deZf0fepf1f+hd1v+hdzWbiT3/AaDHWOMH/PwfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3t5IlpK0kO8FPhJpWihEHI+IsRhI7s1VyuMRcSIi/jc4MNgqT3S70QDAO0o/SvL9vy6MnhvZfvZI8sVgdoyIP/z19l8eTDUaSxOt+k836huP8/pSpwYAeJ905unOPN7x4vnD6U46yPY8+3l7c9FW3PU8tc/0R392HIqBiBj+LMnLba3vK337EH/tUUR8Z6f+J9nayFi+8+n2+K3Yxw80frolfpqdax9b78W396Et0GuetMafGzvdf2mcyY473/9D2Qj17jrj3/or41+6Mf717TL+ndlrjCv/+dWu5x5FfK9/p/jJRvxkl/jn9hj/g+//8OzWmvN/ajbbuebfIi7EzvE3xyo2qovF+srqpbnq1Gx5trxQKk1OTI5fu3y1VMzWqIudlepXfXz94onX9X94c/y+2Ig/9Ib+n99j///+5d3f/eg18X/6450//1Ovid+aE3+yx/hTw//cdfvuVvyZXd7/N33+F/cY/+mHqzN7fCkAcADqK6vzU5VKeUlGRkZmI9PtkQn4pr286bvdEgAAAAAAAAAAAAAAYDcH8edE3e4jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAh9dXAQAA//8ymNqa") (async)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0) (async)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) (async)
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
ptrace(0x10, 0x1) (async)
syz_usb_connect(0x0, 0x24, 0x0, 0x0) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
gettid() (async)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0xde02}) (async)
preadv(r2, &(0x7f0000000400)=[{&(0x7f00000004c0)=""/248, 0xf8}], 0x1, 0x0, 0xc) (async)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000000000de850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = openat(0xffffffffffffff9c, 0x0, 0x281c2, 0x0)
fcntl$setlease(r4, 0x400, 0x1) (async)
r5 = socket(0x11, 0x80a, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000300)={'bond0\x00', <r6=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000380)=ANY=[@ANYRES16=r0, @ANYRES32=r6, @ANYRES8=r3], 0x3c}}, 0x20040000)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYRES32, @ANYBLOB="de000000002c000000000000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/10], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, 0x0, &(0x7f00000002c0)}, 0x20) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6tnl0\x00', 0x210})
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000180)='fib6_table_lookup\x00', r8}, 0x10)

3.931698578s ago: executing program 3 (id=2676):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1, 0x110, 0xffffffffffffffff, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0xa, 0x10, 0xffffffffffffffff, 0x10000000)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000080)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x31, 0x5, r1, 0x0, 0x0, 0x0, 0x10000, 0x0, {0x0, r4}})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
personality(0x500006)
syz_open_procfs(0x0, &(0x7f0000000480)='net/ip6_tables_names\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00'}, 0x10)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x6)

3.931004568s ago: executing program 0 (id=2678):
r0 = socket$kcm(0x10, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x7d}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r2, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e00000010008188e6b62aa73f72cc9f0ba1f848140000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0) (fail_nth: 1)

3.711540419s ago: executing program 0 (id=2681):
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='cgroup.stat\x00', 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000f55aff940000009e6200000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'sit0\x00', <r2=>0x0})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x49, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x30, r7, 0x1, 0x0, 0x0, {{}, {}, {0x14, 0x19, {0xfffffffe, 0x0, 0x8003, 0xc5}}}}, 0x30}}, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="340000001c00070c000000000000000005000000", @ANYRES32=r2, @ANYBLOB="080000000a000200aaaaaaaaaabb00000a000100"], 0x34}}, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
sendmsg$DEVLINK_CMD_RATE_GET(0xffffffffffffffff, 0x0, 0x0)
r9 = gettid()
r10 = eventfd2(0x0, 0x0)
write$eventfd(r10, &(0x7f0000000140)=0xfffffffffffffff8, 0x8)
write$eventfd(r10, &(0x7f0000000040)=0x8, 0x8)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r9}, &(0x7f0000bbdffc))

3.471665992s ago: executing program 2 (id=2692):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x11, 0x5, &(0x7f0000000500)=ANY=[@ANYBLOB="18080000000000000000000000000000850000006d000000850000007d00000095"], &(0x7f00000000c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x11, &(0x7f0000000140)=ANY=[@ANYRESDEC=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e00000000000000001801"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SURVEY(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r6, 0x3a9, 0x3, 0x0, {{}, {@val={0x8, 0x140}, @void}}}, 0x1c}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r7=>0x0})
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="3400000011000100000000000000000007000000", @ANYRES32=r7, @ANYBLOB="000000000000000014001a80100004800c000380"], 0x34}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r9=>r1}, './file0\x00'})
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000240)={0x1b, 0x0, 0x0, 0x6, 0x0, 0xffffffffffffffff, 0x10000, '\x00', r7, r9, 0x2, 0x2, 0x5, 0x0, @void, @value, @void, @value}, 0x50)
r10 = fcntl$dupfd(r2, 0x0, r2)
ioctl$SG_IO(r10, 0x2285, &(0x7f0000000040)={0x53, 0x0, 0x6, 0x0, @buffer={0x17, 0x51, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0})

3.469975492s ago: executing program 2 (id=2694):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000340)={'gre0\x00', 0x0})
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
sched_setscheduler(0x0, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
socket$tipc(0x1e, 0x5, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)

3.458863953s ago: executing program 4 (id=2696):
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000071f3d3a81af1461a865815d8d8917f9b009500000000000000"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'veth1_to_hsr\x00'})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000c80)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket(0x25, 0x801, 0x0)
sendto$inet6(r1, &(0x7f0000000200)="91", 0x1, 0x20004044, 0x0, 0x0)
mount$9p_tcp(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x400, &(0x7f0000000580)=ANY=[@ANYBLOB="74060000003d7463702c706f72743d301f9fa57c1564f4bc42340f4ec330303030e564f61e8bbfb01c302c646f6e745f6d6561737572652c006d07bcd6080dc216104ca759a960b35be1ebf88af2d0d6edc2caa96d6c54fb77b155e27e2b228c76b1cb088d46e8af19f3eeaa29cde995156ebd26b7c56b5bad40f00abd7457229dc35a0b3362a1f83a73b72335ed48f8e777e1f99a04aa555550cf32d79771c1c02b649c90b42aa1aef273ea9555132bdf64dcd1f18fb4897b"])
socketpair$unix(0x1, 0x0, 0x0, 0x0)
r2 = socket(0x0, 0x0, 0x0)
bind$unix(r2, &(0x7f0000000300)=@file={0x1, './file0\x00'}, 0x6e)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="160000000000000004010000ff00000000000000b5690f867ef6aa3bb1534ce86b6d", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1b0000000000000000000000000004000000000043b4be2919ae5a9f011b6b52fe2aa36a788547172bbe5389f3ff3d8e2c4362b8b73302335c6a1f5f5ada5da54291d44c9b5f", @ANYRES32, @ANYRES8, @ANYRESDEC=r0, @ANYRES32=0x0, @ANYRES16=r0], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000008500000023000000850000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
io_uring_setup(0x142a, &(0x7f000009df80)={0x0, 0xc969, 0x0, 0x0, 0x4000251})
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r4, &(0x7f0000000b80)=ANY=[], 0xff2e)
ioctl$TCSETS(r4, 0x40045431, &(0x7f0000000000)={0x0, 0xfffffffd, 0x1000000, 0xfffffffc, 0x1b, "df3f0400000000000000000000000609000040"})
syz_open_pts(r4, 0x0)
r5 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f0000000080)={0x8})
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f00000000c0))

3.142424003s ago: executing program 4 (id=2697):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000040000000000080000100850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000400)='./bus\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYRES8=0x0, @ANYRES16, @ANYRES64], 0x1, 0x36a, &(0x7f00000004c0)="$eJzs3c2LG3UYwPEn2WxetnSTgygKsg960cuwGz2rQVoQA5ZtI7aCMO1ONGRMlpkQiYi7nryKN/8BwdJjwUNB/Qf24q1evHhyLwVBi4hT5i2bZCdJk6Zsdvf7gd08ye/3zMwvbzxPIJPDD775tFl3jbrZkXReJSUi8lCkJGmJpcKLrCTYl1cv/HX/xavXb7xbqVYvbaterlx7rayq6xs/ffZFIZp2LycHpY8OH5T/OHj24PnD/6990nC14Wqr3VFTb7Z/75g3bUt3Gm7TUL1iW6ZraaPlWk443g7H63Z7d7enZmvn4tquY7mumq2eNq2edtracXpqfmw2WmoYhl5cSzrcMyw/R07t9va2WZlzh7fmzMOi/et53oRhx6mYKyJG4dhI7fZTPS4AALCURur/7+IaoSTpfkGZinqBbBAPtwF+/R/HQf3vNwtH9f+dl37pXHj/7npU/9/LJtX/r/8W5g/V//7eF17//zBy/XhFdOrtzTL5iep/LIeN4Vfkn0cde8Sv//1XQ7+j/+rDO5tBQP0PAAAAAAAAAAAAAAAAAAAAAMBp8NDzip7nFePL+O/oKwTR9fjapC8a49QZ9/jnojMK9J8POJOuXr8h+eCLe5l1Efvrbq1bCy+j8XjiphTlv+D5EAlPOLEfDKqvJD/be93aapSwEvyviKjYYsmWFKU0lB/El9+pXtrSUJgf7H+vW0tl1vz8ujSC/LIU5Znk/HJiflZeeXkg35Ci/HpL2mLLTvQ+Fud/uaX69nvVkfxCMC/Jm0/3IQEAAAAAYOEM1XzUPpeG+9+wfzcM1aRxv5eXwf78+OcD/f56M7E/zxRfyJzs2gEAAAAAOC/c7OdN07Ytx+2NDQoybU4u2trk7SQHmVkm+8H9IFidNGdlYIWPu+Vs9AsaMxy8zLZS07b/zkninRmfwnVoKP8E96ppx+t/jMn5WR8Cx03PvnbLcTf849G5ljMQxB8bjZsjV+bd8rggPnPutMnPffv9P/PtIhWdtXdw6I27+SkrDYLUyC37U560Dzxv6vGsJr9b/DjPj8wAAAAAWBJx0V9w41veOtkDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAADgHFroadLGBCe9RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGBZPAoAAP//zbj3kg==")
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001840)=@newtaction={0xe70, 0x30, 0x25, 0x0, 0x0, {}, [{0xe5c, 0x1, [@m_pedit={0xe58, 0x1, 0x0, 0x0, {{0xa}, {0xfffffffffffffd0f, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS_EX={0xe20}, @TCA_PEDIT_KEYS_EX={0x8, 0x5, 0x0, 0x1, [{0x4}]}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe70}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1e0000000000000b010000006d261847840700000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0xfe, 0x0, &(0x7f0000000100)="b9ff03316844268cb89e14f086dd65e0ffff00122c00631177fbac141416e000030a44079f03b180006000000000845013f2325f1a3984050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0, 0x60}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='hrtimer_start\x00', r3}, 0x3d)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000001640)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xec)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
open(0x0, 0x0, 0x0)
prctl$PR_MCE_KILL(0x35, 0x1, 0x8)
prctl$PR_MCE_KILL(0x35, 0x1, 0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000d, 0x4008031, 0xffffffffffffffff, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00')
openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0)

3.123076535s ago: executing program 4 (id=2698):
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000003000000070000000900000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00deff0000000000ffffffff00000000000000000f00000000000000"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000004e8100000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = syz_io_uring_setup(0xec5, &(0x7f00000008c0), &(0x7f0000000080)=<r3=>0x0, &(0x7f0000000200))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_enter(0xffffffffffffffff, 0x2bc2, 0x869a, 0x8, 0x0, 0xffffffffffffffff)
io_uring_enter(r2, 0x81e, 0xfffffff9, 0x1, 0x0, 0x0)
io_uring_enter(r2, 0xde5, 0x0, 0x0, 0x0, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x11, 0x80a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESDEC=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0b00000005000000010001000900000001000000", @ANYRES32, @ANYBLOB="0000010000f8d6ca51000000000000091b508c25bd17dd31950000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r7, &(0x7f0000000080), &(0x7f0000001540)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r7], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r8}, 0x10)
r9 = socket$nl_route(0x10, 0x3, 0x0)
r10 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000040)={'lo\x00', <r11=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=@newqdisc={0x7c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r11, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x4c, 0x2, {{}, [@TCA_NETEM_LOSS={0x30, 0xd, 0x0, 0x1, [@NETEM_LOSS_GI={0x18}, @NETEM_LOSS_GE={0x14}]}]}}}]}, 0x7c}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000300)={'bond0\x00', <r12=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="70000000100001042bbd70000000000000000000", @ANYRES32=r12, @ANYBLOB="00000000000000002c00128009000100626f6e64000000001c000280080003000400000008000500"], 0x70}}, 0x0)
sendmsg$kcm(r4, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1000, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x2, 0x9}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
socket$netlink(0x10, 0x3, 0x9)
rt_sigprocmask(0x0, 0x0, 0x0, 0x0)
r13 = signalfd(0xffffffffffffffff, 0x0, 0x0)
readv(r13, 0x0, 0x0)

2.64890943s ago: executing program 0 (id=2700):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000400)={0x0, &(0x7f0000000040)})
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x3020}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
futex(0x0, 0xc, 0x1, &(0x7f0000000280)={0x77359400}, &(0x7f0000048000), 0x0)

2.64209433s ago: executing program 3 (id=2701):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000001811000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000001540)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
timer_getoverrun(0x0)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={0xffffffffffffffff, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000e8ff0000000000ff000044850000000e000000de0000000000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x24d8, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r3, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f0000000040), 0x4)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x2, &(0x7f0000000b80)=@gcm_256={{0x304}, "76f7bc3e4ae1c84c", "af193cff4810ba5ac120d096eb00b40752095b4285514ca312c52e3a08756735", "5d362ced", "bc3a20b10f4ad11e"}, 0x38)
close(r3)

2.138244398s ago: executing program 0 (id=2702):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000188500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000004c0)='kmem_cache_free\x00', r2}, 0x10)
connect$vsock_stream(r0, &(0x7f0000000080)={0x28, 0x0, 0x0, @my=0x0}, 0x10)

2.137412798s ago: executing program 2 (id=2703):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000080000000600000000000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r1}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000006c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r2, &(0x7f0000000500), &(0x7f0000000b80)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
socket$kcm(0x29, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2000008, &(0x7f00000001c0)={[{@grpid}, {@auto_da_alloc}, {@minixdf}, {@noinit_itable}, {@init_itable}]}, 0xff, 0x52e, &(0x7f0000000640)="$eJzs3cFvI1cZAPBvnDib7GabFDhApZZCi7IVrJ00tI04lCIhOFVClPsSEieK4sRR7LSbqILsX4CEECBxggsXJP4AJLQSF44IqRKcQSoCIdiCBAfoINvjJDjjxFuceNf5/aTZeW/GM9/3vHnjGc/TOIAr69mIeC0i3k/T9IWImMmWF7IpDttT83XvPXh7pTklkaZv/DWJJFvW2VeSzW9km01GxFe/HPGN5HTc+v7B5nK1WtnN6uXG1k65vn9we2Nreb2yXtleXFx4eemVpZeW5gfSzpsR8eoX//i9b//kS6/+4jNv/eHOn299s5nWdLb+ZDse0vhZK9tNL16b7Npg9wMGexQ121PsVKb62+beBeYDAEBvzXP8D0XEJyPihZiJsbNPZwEAAIDHUPr56fh3EpHmm+ixHAAAAHiMFFpjYJNCKRsLMB2FQqnUHsP7kbheqNbqjU+v1fa2V9tjZWejWFjbqFbms7HCs1FMmvWFVvm4/mJXfTEinoyI785MteqllVp1ddhffgAAAMAVcaPr+v8fM+3rfwAAAGDEzA47AQAAAODCuf4HAACA0ef6HwAAAEbaV15/vTmlnd+/Xn1zf2+z9ubt1Up9s7S1t1Jaqe3ulNZrtfXWM/u2zttftVbb+Wxs790tNyr1Rrm+f3Bnq7a33bizEZOX0iAAAADglCc/fv93SUQcfm6qNTVNDDsp4FKMH5WSbJ7T+3//RHv+7iUlBVyKsT5e8+61/OXOE+DxNt69oEdfB0ZPcdgJAEOXnLO+5+CdX2fzTww2HwAAYPDmPpZ////8+wKHhUtID7hAOjFcXV2f8+nMsBIBLl3r/n+/A3mcLMBIKfY1AhAYZf/3/f9zpelDJQQAAAzcdGtKCqXs673pKBRKpYibrZ8FKCZrG9XKfEQ8ERG/nSlea9YXWlsm514zAAAAAAAAAAAAAAAAAAAAAAAAAABtaZpECgAAAIy0iMKfkl+2n+U/N/P8dPf3AxPJv1o/CTwREW/98I3v311uNHYXmsv/drS88YNs+YvD+AYDAAAA6Na5Tm/N/znsbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNe89eHulM/Xx8qlBxf3LFyJiNi/+eEy25pNRjIjrf09i/MR2SUSMDSD+4b2I+Ghe/KSZ1lHIvPiDeBPOiR+z2buQF//GAOLDVXa/efx5La//FeLZ1jy//41H/E/9g+p9/Iuj499Yj/5/s88YT73zs3LP+PcinhrPP/504ic94j/XZ/yvf+3goNe69EcRc53Pn9YR72SE41K5sbVTru8f3N7YWl6vrFe2FxcXXl56Zemlpfny2ka1kv2bG+M7T//8/bPafz338y/Jsund/udz9pf3mfSfd+4++HCncng6/q3ncuL/6sfZK07HL2RxPpWVm+vnOuXDdvmkZ376m2fOav/qcfuLD/P/f6vXTrud6ihP9/unAwBcgPr+weZytVrZHdlC8yr9EUhD4REsfGugO0zTNG32qZxV9yOin/0kMeCWFvLzOS70PAIM+8gEAAAM2vFJ/7AzAQAAAAAAAAAAAAAAAAAAgKvrMp6y1h3z+BHIySAeoQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBD/DQAA///dpdP7")
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r4 = socket$inet6(0xa, 0x806, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = open(&(0x7f0000000100)='./bus\x00', 0x141042, 0x0)
fallocate(r6, 0x20, 0x7fffffffffffffff, 0x10000)
r7 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x800, &(0x7f00000002c0), 0x0, 0x236, &(0x7f0000000540)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
capset(0x0, &(0x7f0000000080))
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r5, &(0x7f0000000480)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000440)={&(0x7f0000000340)=ANY=[@ANYBLOB="e8000000", @ANYRES16=0x0, @ANYBLOB="0091baa535673a762b20", @ANYRES32=r8, @ANYBLOB="0c00990006000000230000000400cc00080005000c000000080005000c0000000a00e80008021100000100000a00e80008021100000000001c00e70080083702a847153efe0bcd091b8d12b37fc07f97ba77211808001780040006000a00e80008021100000100000a00e80008021100000000001c00e70091bec3f2d6bfccaed71f54db86663366e2831f38651ad6c70a00e80008021100000100000c0017800400010004000500050053000100000014000400766972745f7769666930000000000000"], 0xe8}, 0x1, 0x0, 0x0, 0x80}, 0x10)
ioctl$EXT4_IOC_CHECKPOINT(r7, 0x4004662b, &(0x7f0000000000)=0x7)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bind$inet6(r4, &(0x7f0000000100)={0xa, 0x4e23}, 0x1c)
listen(r4, 0x3)

2.137117878s ago: executing program 3 (id=2704):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000188500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000004c0)='kmem_cache_free\x00', r2}, 0x10)
connect$vsock_stream(r0, &(0x7f0000000080)={0x28, 0x0, 0x0, @my=0x0}, 0x10) (fail_nth: 1)

2.136751748s ago: executing program 4 (id=2705):
r0 = memfd_create(&(0x7f0000000900)='prodM\xb0\xea\a\x06\xbe\xaen/\xce4\xb7\xc1\xef\xba!\x9d\rSt\xa24\t\x00\xae\x00\x00\x00\x00\x00\xff\xff\x10\x04\x00\x00\x1dz\xd05\xe2e,\xb1\x84\xea\x91^%\xb0#R\x04\x06\xae\xebA;Y\xeb\x8f\xec\xb4\xf9\x17\xb7\x04\xc2\xc0\xc6\xb4\v\xff\xfc\x88\x90\xabC\x02\x00\xf04\x03\x88\xae9\'>R^P{Vr!\xe2W\xc72\xea\xb7Wp\xc36\x96\xffZ\\A@\x00\x00\x00\xc9\xf3Y\xb8\x89#\xa1\xb1)Dk\xeb\xa1\t\x00{u[\xbd\x9d\xf4\xbf\\\xce\x02P\xf2MY\x05^\xffj\x9c\x14\xb7\xb6v\x1d*1>\x00 \x00\x00\x00\x00\x14C?]\x8c\xb4Y\xcf\x80\x85\xd6\x036\xc8~\xa8\f\x00\x00:s>\xd7s\xef\xb3\x9f#\x15)\xf9\xe10\xc7\xb262<k\xa8\x88\x01\x00fhD\xe7\xb6\x17\x80\x95\xa8\x1e\t\xb01KB\xcb\x00\x1e\x7fE\x7f\x02\x00\x00\x00y<nGR\x94\x99\xb8\x89\x9b\x8f\xd5\xe6\x02\xb5C\xad\"u\xf4>-\x00\x00\x00\x00\xc8X\xdaNz\x0eu\x8f\x01\x00\xdd\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\xc3\xa7/\x88\x9b`\xa5\x98\x81a\xeev\x00\x00\x00\x00\a\x00\x00m2\xf2\xd8,\x17\xf8\x8e\xae\xc8\xad\xed<\"\x8e\n\x9d\xb13\x8d\xef\x96\xd2I\"8=tg\xdfU\xd0q\x95/f\xec\xdc\xa3\xe1[\xc0\xaa\xefz\xc9\xf4[R\xc36b\xf0~\xd9>\x13\xc0\x83E\xd27)\xd5yQ\xff}5\x94\x88\xa1\xdc\xa1g\xe0q\xc5:\xe4\xdf\x80\xb3,\xb9\xb2\xdc\x81\x9f6\x0f\x84WY\xbfSY`\xb8\a\x19\xb1\x058\xa4\xc3\xbb\xf8aB:\x84\x02?\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf3o-GU\xb0\x00F\xb3o(aI[\xd6\x9fG\xaeI\x83\x93\x8cC\xc0#\xe0q\xd0Ex|\xdb\xa8\x16\xfe>:\t0\xfd\x8a\xc7\x84\xb5\xc7M-0A\xf0\x94\xf3\xcc\x8d\xbb3\\\"\x882\xb3\xa84\xac\x00\xdd}Ft\xc6\xcc\f}!X#\xe4\xe1\x94i\xce\xa1\xff\x95\x80\xb4T\x9c\x01\xf3\x1cLB\x94m(m\f\xbc\xebY\xa0\xf7\xf0\x9d\x10\xbd\x86\x1by\xe6\xdf\xc0\xc5\xb9\xb9\xbf\xdf~9\nC\xe9\xc5\x0e\xda\x9c(\x9b\"\xc7\x97\xfc\b\xd9\xc2T\xa7*}]\xc8\xb3 .\x9b\x89\x0f\xf8$\xdd>lU\x13EG\xbb1] \xda\x19\xc5\x9b\x15\x95\xc4\xfcw\xbb\x92\x91\xc4\xa6\x907XK\xfc\x17]\xfa\xff\'\xef\x92\x1c\xb8\x1fK\xb2o \xd1\xbd\xb2\x11+\xa3R\xefQ\xc2\xbdW\x05\xec\xb3=@\x03\xc6^\xa2\x15D\xb0\'D#\xb6Q\x8f\x82?S>\x00P\x9cE\x92{d\xe6\x9cj1\x87\xb3\x01\xde\xe8\x89\xc4s\xb7\x14~}\xaa\x8c\xc3\x95BAE\xf2.\x8fC\x91W\xadi\x00\xf2k\xd5v\xd3\x84d\xf4\x134\xa6XI\xe5h\xaa\x15\x9a\xf7Z\xe3%\x88\x7f\x90\xbb\x9dt\xa3\xe1\r\x8d\x94\"\x19\x8b\x17)\xea\xd5\x17\xeb\xe4\x1b\x0fBZ1\xbe\xee\xfa\x1c\xf9\xa6\x11\x94\x1a\\P:\xaf\xcex\xc2\x82\x9a\x16\xfc\xa1\xf9\xbba\b\xbb\xed\xb2\xd1W\xe2\x8b\x8d8}\xf0V\xbd\xa60A\xc3\x03\xfa\x890\x86#\bQ\xcb)\xf6]\x9e\x14\xd2\xea\x82\xa8\xb7ZG\x15r\xf1n 1\x8d \xc1\xaf\x19\\\x91\x13\x1b8\xe1\xc3\xa4\v\x94\xbfJ\xb5\xde\x95\x82\x00]B|\xe2[%\xe3\xf0\x04\xba\xed\xdb\xf5\x7f\x9d\xfe>\xf6m$M&\x7fq]\xe4\xf6\x82\xc3\x00\xb1zg}\x99E\xa4\x19\xe9\x1a4a\xd75D-k\x84\xa6\x12+\xebk\xa1\xfek\x89\xef\x18\xc1)6\xa65\xe2D\xbe\xe1\xdfq\xdd68\xf37g\xab9m\xe7\xddO\v?\xe0\xbe}\xa9U\xc7{\xd3\x16W\xbb\xe5\xd2\x93\xfe\xa4\x9d\r$\xe91c8`\x86\xbc)\xe29\xc3}\xb9P\xbbF\xc6\x12\x8c_x\xa8\xf2\xb5K\x03\x85\x92k\xe1\x8e\x1f)\".\xcc\'\v\xa6\x1bj\\\n\xe98\x1eG\x11:\x85\x80\xc4\xcbo\x99\x99\xeb)r\x1a\xce\x18(\x185LL\xbcOeO\'\xe2\x86&\xe4\xe2\xe7~\x92\xa2\xb2\x1b\xc3\x00\x85\xce\xad7\x87\xa0\xfcc\xf5\xf8\xaf\v,q\xd4\x18\xbdM\x1a\xde\xba*L\x05m6\xecH\xd0T\xb8m\xdb\b\xa6\x02\xfb\x13\xac\x91\x8a\x8d\x94\x93\x8d=\xb1\x84\x9c\x9b\xe5\xc7\xa6\xc9Q\xc1eUc\xcc\x180^\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00KT2\x1b\x16=\x10\xd3\x9a\xf0\xb7\x00\x00\x00\x00\x00\x00\x00\xc3k\xc2\xb6\x06+s^\xe3\xbf\x89\xe1\xbd\"\x81\x9f\xd4\xb1\x1b\xf4\n\x87\xf8\xc3(*\xc8\xcd\x13)\xdd$<\xeb\x8c\xa0\x88\xe6MT\x86\xaaA\xcd\x1c\xad\x8fTZ\xa8_\xda\xf9\x8b\x90\x0f\xe1\r\x1b_\"9m\xe2]B\x8exQ\x92w$\x12a\x85\x92\x82_]\xaf\t\xdc\xd8\xa5&\xd4\xd0\x98\x98\xeb\x00\x00i\x00\x00\x00\x00\x00\x00\x00^\xaeLz\xe9\xc6\f\x12\x17C\xe9\x03JmJ\xa5\x9f\x8ea=P\xdb\xa1u\x9d\xa7e\xaed=B\x8b\x8f\x92-\x93~\a\x1d\xb5y\x8b\xea\xa3\xf1\x06\x8c\xda\x01vC\xf8#\x9c\x9a\"%n\xc29\x00\xca>\b\xf1M\xe3\x14\xf7v\xe8\xf8\xc4\x85\xdaz=\x03\xc4d8\x11~\"|\xf1\xaf>\x9b\xabNR\xc5R\xa6\x91\x9d\xc6\xe1\x94\x93\x0e\xed~\x1c\xd9}\xbf\nD\xe9pf}\x15\xae\x11u(\x94x\x00}\x1dS\xb9I\x17m~\x16\x85\xc7\x87#e\x97\x86\x84\"\xa5\xd9\x12\x15\x95\xe4\xbc\x9a\xb6\xdd\x89.f\r\x85h,-\x94?\xc8\xb7h<f\x95\xcd\xc8\xb0\xa9\x94FMC\"H\xaeWq\xf4@\xfd\t\xf4\x92fY4\x8a\xda\x97\x1a\xfb/\xec\x1eg\xa1\xa1\xf9\x1c\xffF\xdf&\xc1\xf5*@q&q\xb9\x14\x9e[\xf7yW\x10g\xf2\x91\xf1\xa9z\xbf\xde\xa0\xde\x1f\xe3Y\xf1\xa4\x1b\xe5\xd4-\x97\xe3', 0x7)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800004, 0x0, 0x12, r0, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000005, 0xc3072, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2000008, 0x200000005c831, 0xffffffffffffffff, 0x78e2c000) (fail_nth: 1)

1.527186305s ago: executing program 0 (id=2706):
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x40082, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="4c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002c00128009000100626f6e64000000001c00028005001d00000000000500010004000000050015"], 0x4c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
ioctl$PPPIOCNEWUNIT(r3, 0xc004743e, &(0x7f0000000140))
pwritev(r3, &(0x7f0000000040)=[{&(0x7f0000000180)="80fd02000040", 0x42}], 0x2, 0x0, 0x0)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000001c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000000700000200ebffffff080006001a000000c174b9dab895530fb4f0ba17db83eb6c1807"], 0x28}}, 0x0)
r6 = epoll_create1(0x0)
io_setup(0x1, &(0x7f0000000000)=<r7=>0x0)
io_submit(r7, 0x1, &(0x7f0000000040))
r8 = socket$inet_udp(0x2, 0x2, 0x0)
r9 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r9, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x4, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x43, 0x0, 0x0, 0x0, 0x14, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r11}, 0x10)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r8, &(0x7f0000000000)={0x10000004})
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="596d9fd4e1b11f000000b25f5cf0543a0a697619aca77f8f3f374b910401456f94eb3a7f378fbd9d85a7a575cce026242a16e34d0634ba3e7b3eb77f1bfc9c5cf068fbdc53c30bdfc5b37794aede95bf595cdbf4120c7429cc59a18f8810875bc91e8e42100cba39dbeda0acb8fa4965db7fa01765e17c86", @ANYRES16=r5, @ANYBLOB="000427bd7000fcdbdf250400000005000500020000000800020000000000"], 0x24}, 0x1, 0x0, 0x0, 0x2040041}, 0x24040840)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="1809000000000000000000000001000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r0}, &(0x7f0000000540), &(0x7f0000000580)=r12}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000007c0)={r0, &(0x7f0000000780)}, 0x20)

1.526898935s ago: executing program 2 (id=2707):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
utimes(&(0x7f0000000040)='./file0\x00', 0x0)

1.526563685s ago: executing program 3 (id=2708):
r0 = socket$kcm(0x29, 0x2, 0x0)
close(r0) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffd6a, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000003c0)=ANY=[@ANYRESOCT=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = dup3(r0, r0, 0x80000) (async)
r4 = syz_open_dev$usbmon(&(0x7f00000005c0), 0x0, 0x0)
read$usbmon(r4, &(0x7f0000000140)=""/196, 0xc4) (async)
r5 = syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x0)
r6 = dup3(r4, r5, 0x0)
preadv(r6, &(0x7f0000000280)=[{&(0x7f0000000100)=""/24, 0x30}, {0x0, 0x2}], 0x2, 0x0, 0x0) (async, rerun: 32)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000380)={r3, &(0x7f0000000280)="2fe9f5b64db7f6e446946db4b7909eddb79de1109211c0a6482a040e04eb2a83ca47349fff297d7eb5bf460be53e59d9cdb2cbcf2f0f0bfcd30412e5c127c60a5087f369d3eeb31cc461d257101dd4db59fa86a6d9f0f5cfa392ad73a6fbc516c04ae4d14d5d0d2b6fa8bdfadb52aec16fcf42a333aeb6dc3b3cd9c16764f67e6231fb846ad2e09aede512bfe886b619234567883c271be8149ac62f66900fe7b9903917344091098a1509f4c1e52194e100d9c0cc7e6ce4cab6ed92a0eccd7f379e34a438b68cf48cd71f142b87ad569b5c626751fcc3544f01decf05ebe9b9fe260a4f7253d302b7a37e701fe1c291f7acfc71ba09", &(0x7f0000000000)=@tcp=r6, 0x1}, 0x20) (rerun: 32)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x31, 0xffffffffffffffff, 0x0) (async, rerun: 32)
kexec_load(0x0, 0x1, &(0x7f0000000580)=[{0x0, 0x0, 0x3ff, 0x8}], 0x3e0000) (async, rerun: 32)
close(0xffffffffffffffff) (async)
r7 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r7, &(0x7f00000007c0)={&(0x7f0000000040)={0x2, 0x0, @private=0xa010102}, 0x10, &(0x7f0000000900)=[{&(0x7f0000000080)="92", 0x1}], 0x1, &(0x7f0000000640)=ANY=[@ANYBLOB="2400000000000000840000000700000044140823e000000200000002e00000010000100000000000dc00000000000000000000000700000094040000863900000001000cb2ffb69602013567ffcb060f19367d2b99bdc0f59e428bc33a050a3660f2bb77c7045b050a31efe0215e235d56060495ae0144243471ac14142700000006ac1414bb00000001ac1414bb0000ffff0a01010200000009009404010000866000000000000c253d78b48f9458beb62d0102000d3bf9f2dbdddfea00b260f00503db010436b20603c70109e35e3ab5244a640709675e60e1799f870512e123b12c8654130f6a1f80f526064d12061127d9c9821b1bfe4b42fcb33e2e2d2594040000000000001400000000000000000000000200000022a20000000000001400000000000000000000000200000005000000000000001c"], 0x158}, 0x40)
close(0xffffffffffffffff)

1.525769015s ago: executing program 4 (id=2709):
r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000100), 0x60000, 0x0)
preadv(r0, &(0x7f0000002440)=[{&(0x7f0000000200)=""/218, 0xda}, {0x0}], 0x2, 0x0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000180), 0x0, 0x0)
ioctl$EVIOCGRAB(r1, 0x40044590, &(0x7f00000001c0))
ioctl$EVIOCGRAB(r1, 0x40044590, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000080)={0x9, &(0x7f0000000000)=[{0x7f, 0x3, 0xb0, 0x12}, {0xb975, 0x9, 0x8, 0x4}, {0x9, 0xd, 0x9, 0x3}, {0xffd1, 0x9, 0x4, 0x5}, {0x9, 0x0, 0x0, 0x5}, {0x0, 0x6, 0x7, 0x10001}, {0x1ff, 0x4, 0x7}, {0x5, 0x0, 0x2, 0x5}, {0x400, 0xf, 0x40, 0x30}]})
r2 = socket$phonet(0x23, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'veth0_vlan\x00'})

815.294003ms ago: executing program 0 (id=2710):
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='cgroup.stat\x00', 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000f55aff940000009e6200000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'sit0\x00', <r2=>0x0})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x49, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x30, r7, 0x1, 0x0, 0x0, {{}, {}, {0x14, 0x19, {0xfffffffe, 0x0, 0x8003, 0xc5}}}}, 0x30}}, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="340000001c00070c000000000000000005000000", @ANYRES32=r2, @ANYBLOB="080000000a000200aaaaaaaaaabb00000a000100"], 0x34}}, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
sendmsg$DEVLINK_CMD_RATE_GET(0xffffffffffffffff, 0x0, 0x0)
gettid()
r9 = eventfd2(0x0, 0x0)
write$eventfd(r9, &(0x7f0000000140)=0xfffffffffffffff8, 0x8)
write$eventfd(r9, &(0x7f0000000040)=0x8, 0x8)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

814.678573ms ago: executing program 2 (id=2711):
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, @perf_config_ext, 0x101188, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r0, &(0x7f0000000040)=@abs={0x1}, 0x6e)
r1 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r1, &(0x7f0000000040)=@abs={0x1}, 0x5c)
r2 = socket$netlink(0x10, 0x3, 0x4)
write(r2, &(0x7f00000002c0)="29000000140005b7ff00000004eabdeb0101b6ff02159f7e5520756b1933b49db96ad24d12595fbea5", 0x29)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r7}, 0x10)
sendmsg$tipc(r5, &(0x7f00000003c0)={&(0x7f0000000180), 0x10, &(0x7f0000000380)=[{&(0x7f0000000480)="c3e972bd85a6d84136d6dd55048d3593a74f338ce6772ab9a6f64041c2f6fbbecdc08ebcd3192b6a53662dae7c8e9c665e80a5d0925f728dcac30c29793992e588952653d414cb8ccdabc38767fee819ec5af0c5ee936880fe8549b4ed347779cab4ffd4e0b62c53a1c01db28f2b3f91c34211c9353bc1dece61511917c2245fd66cb8dffeacb4d46d627c97b498bf1ff6b313bfbc9765457c831771d5eec7997ec242e4505f01c1bb3e069b2e630f42a2be86598a61", 0x64}, {&(0x7f0000000300)='V', 0x1}, {&(0x7f0000001600)="3eed50d0125719a810f88e3f47186fe4dae74182dfd109a2587c4797410c9b8e39bd3d9aa144d5908647c30c8db69b5c17084c9b1bfbb8680737c4f88abcdbc7d294d72ab1b344270915df9ddf5635644c351c22b29d948ac4106bce7107570beed63077cfbc98ef71699eae65d37724d995b553e7a3ade619b522313ab382caf879feb48942878e605ee3ee2872794e3abe22a3f025068b628a5d92468092a5cc649bbbd978b5772e537939432a502122235ced312dafd108c9ffeb0b38cc16da9418ca01d485a6afb5827da4df6e1121ec307de14bb32b6a977608e4576a998182dd93d592ff43e55bfdbbce23ecd501e43b3e93ef8d9d01711dff54c301e299d3801a3cffe6c9883fbd0e47124dc02569f62d48b878fcb58ce99fcffcd2a5166eff3ad93cf1d137274993d86a3b3730d63ded759f6ca88fa449e5575b15321e5a58a1f888eed7466db4976ce35f6d2efb5ad05d99a66482dc607cb5acb24d326803bd337519cc98103f59c63b5962cd72e4497d1b00817d6e09de70270a09b493c2226617b1c9ef9d506be00d6e07f14633a966f04ecca90fb8d2b963ad6f3817935bd6534fa3da1c5dc468789cbf1192f3c0bff3777f1edd2ada5d35f88f12f29e952c44445ce623509d66811c80a9e0f13ad85aba37d86ff0da4dda601d9e8acb264233bc939fb056316612cff687d5c44157be05bcc88b333ff2a40041d98f1acfe6e2231a84e09bd7a54a0442cf87ce3ee8fd8da39da1862862ae40fc3cb3055c8b70e62f243850707341f51426bb3e71c7a4fffefab060db786000618b05eb087a424a2f30f6a232ff44b605f70ceec0a8f70e37907f6e0bbba21e9d5b7ecb6d287742b75c101ba79525918c3473eae38f3c177249dfa8816661c9921f0b0c858d53ab87c8407b97950c842111002edd1d1e80b801b495da28bcd5409bc971e55dab1857e188ac9728efc8f9a4543945f86ade13b445eacecbbf848a96410ac37c57e3e9e8bc8b8fadd559d225c7468639da2b5d1208558b51e94c14faa7947a7c60e81a96bb5d194cc7289adbc02ebb4b49be1f1efc429db2f9b79b5a22919dba0c35341042c5776942c52365367c4bfc95b42be383cca7107161ded7e851d0126da33d581f1e2b08d0c061e86d31e7a83f9b51c79b4034c7deda7697034e1404c6e8e459f76c2efe64350146c7437ef808e04ca14df5f6f500264fd977272bbf8fc096774e8eb61d0963430751ac1425a073f84346b0eba368cba7fa34adc420800d4f99927280eba199f9695cf88124fafc3a2b1226d2f2ab3ea27c69a127650cf5c725b54c02bd8729033cf699ce7f030f9a3442056244da3cfb61a8126dba11377624f39eb009242152fd7b8b88de7dd86057f29bfcb7b7df0e65e7e9ac9eeaa41afa62743698bff03d5b2d51fb6bca2d92294e8e177cfa3661b26f1c040e9bed983b7bc0aa154eb9c92e4ee25091318c53113a1c23ac62d2d71504cba99041f29a4f332133292cf20abec9222a2acca57cac48fa6c0668ee5eecb494741a64d33b011dcca74696d4614c5b45a5d20983b1708d365ed3ffa60f9161972a611c22642c3c259b41f943f6d7a8b60f284d325e38fe76f0645e069ff70cae38850ccf973193b6232c987df26239a574691f7f07fffa6deae1eb0324fe546573c36f2a2c31cd442517a9b036ae6a2a491e7343864693c107a5dc2585820863c146c1ba6caa4fea9b87d567716f4c8ca1a9d2848055cd750512d3b7415d090019dc8a04a1a1d28931093cd8f00e94c407ca1fa2a5ce903d9df26e008c07cd13afa783220e1bd5e6b60645f3dbb6ecb4156fedafa2dd25498c6a99d94f0b38125ea7741b75109dcac9f80635f79f5c8a0483bb9f05a3a5bf721c7541edb252449f8b13e63c370a6146332f03ca1f1b6fe0bed984f13744bb7fa0fe322e83ddf9ffb2083e94f33604a0a199220c450dad94bf154805e7f9e4350ca2d81adf2978c87dcc8a8a7d56297ec124bfef0d28f35777205e973272c87e01070f14f5b14daa3b5104d9ff6b296c4f16ed49eb42d35e7ba3bccb7a26c33a263df88aadd596e9d9de0abbd4d449df11081f2cd62e1d8962b9b9feb25a3b8e03537d61a61c11ac22b7211d12c84e60a6abcc219e558b2513d8c530b3c7a57cdc47de545aafbb2a13c0e6c75b1b92fa241c713c83a09c92b2b61d565120372a9143415583c9596f27a663d4967cd653b08cebd6cb96c1f0dc80d57267ac9a8281d7149bde880828ee27d69a6818db58320db29d1b044eaf6ab8a5108bc522de406990b5393b1f7e7bab71bf6cf8eed1cd59c7607d662e8b313f5c4fce0f59b1027371381011b63dd5b2b09739082c0d62ffad96e30153a395234937d377c32fe7af82aca3a19d0ebc4a5c5fb5ff190f14d5695c703b571fb4bf03756635cafc6cf6267eab836c347a9d07e8089fc105346934cf3364e5be370b3c42b94bc5ae3d17a817398566a2953251eb91697d67278145df9a4b917bcca1bf211780b22f4caacfcb7604c84f943d05f6fdf8edbd258d7d8dbf84f9d99e57472c5b1c2337d749a1f345e662e2536d23c7a63bbbbf00f8b5b0a2106a0342ab27b9a10b82e82668cd49e0cbb09d7be0217645f1dda3be59c8232fa290d34791cda52aa5b5cec6339ab96a2eb3f5328cc7c0e6717c2824344547a2ed518f6b2b4e4fe5b684596aa6a9d3988fc5d5ff4cb46cec99d951b8386b10949a163af974b7543df97b4882a4ed60e927a1deb67c5f814235bef65fea79a2c712815be7403c93a3707fb90d4604ec3a6a3b0928f253f6ab6bd56c958e026c8c58172c4ac2a3efe2ecd5cea70c8313f9ac2d638bc296ba99e2ca86d2fd06b5402cdcddc3f3c9845d5ae77f6f36963b91e8f6cdccd17abe8d40ed02463af4bb0e496344f350097f1cc13313fa1e172b63556ed2b8a8121c01a5fb343ff7767821626fc49b0d6bd522e1c9bf137d5a5bccb4bc8dbb64c83a82ef6c2894f3896c9f6bf0c3764011d53eeb6db9ea9dae22d3ebcca4942d5828c0bca0d9ea37701d5a06c066ac4fe318e11e9c0d6c658ac810fb5d7836cfffe4ccbb0934e5567d74695980a156d4bf1c18861c5a29ccd349999dc20562d00e1f6c1851ae563541086438d60b975c8ceb466414ff60efa0b2dee790fd0659ffa98b92414c13d5a6825368f56c4984412205041cd8e006c7127d4395ecdffb5addf80ef938ce54a367154c4fc286d5f969325c12b13655a9a956dd3b98281f537e837669fc55d8930676e807aa8cd046e0f4583d59f86cb99f3f7a7ddde1fb39111fdec7677d2fee4b8f4814a5def5ebcc67c653384ce80eaffd880405f7edf8fd3ea049f040595df4a75e2f892e7a85e0ba351fb8d263bfff7168bb85017b360fcd2ba89346682a6ea7ccc46afbdb5ab444e3f477238b2ab503bde914d3cf1789539cde9c0621152cd97bff9f235d88a1ef4ea4309db3a05d401af7fb82784b050ef529dab4f1f003eb29710a962f7538c521e617e2f0efac36182d09985e1d725cc38c3833a53742a02f76fb2854a9e45f0febacf3bda83f11183ef5b9fef02ebcdf56d4104b175bad937d8f61964f97d673577cdcbbb48d8eb62b063ee6563b9ff053719baff871bcd83822d865b2f7ef023076425ac5cd71b1f2309de0c6f14cc9c4d3e8fad945f756a7c8a084ea1bfdf5ac6e740043e7f7bdaca06774b084ae314c2636529d4fdcd965c7f8c07156572620b827d694efdc9d2bfc5aa9391220a83765f2c71fcd48d4acaed60afb53d1013fa3b15e948ec4159f7d130ef85b594018346e99034c18738285223ea53a6b1d5cf11a607de2e19608ba03ec970a915b773824261f3fc931dd6d3b934d89f07baf14776314c3eeb8cd0537ef5736f565fbd14e520d4ab2f77ed9597b76ff91f8d1f99ebd6e473efda7accb273975a06944d1037032129992b994ca791a09b4d83980a1e494b0f97098df5f6fb6bbb02722adb11dc319c565c2c363cbd19d9fb3efb4613b62d6584cd53f7bd80e3e89304f444ce9dd1835661e3bb4de02ccf568a2a5daaf0d56898d4286c3fb62e22af62d7ac318685834467f337561dde2e0c1e2827cdffcf42c17728ee64b3ff4ccc0227590badd0bd7e448b8cca0892d6a5e0130d2ac665f47c6b28daa101c1b319869bdd39fa924d6d9ba7d72feda5f21ac78641c7d4801d41c7879721b3be4dab40d9c4a78552440101f373489cc5240b0144a9ce32691a784b6dfe971a21bb5980ff67da2d1bb90b223c9e192a39c1aeadd1f5c790811079c0b51a97105c99b6f95d71bb3ea47c33d9dcb0a53c929c44499e184a3cd722c908d3b0d157e28ffdeb2ed7192e780d96a7a2f0fd5a87bdc973e049da0caf931f26f5a21813e2e602ceb2259997e0205ce48fd9424bd6d4d75dd4301f429ee30745cd839a40dbeab4c3db2f0f10bbaea071ca41d1392385681730a3678a5f60f604dbe19cb9d7dd234337e327451b8cc65394af399432ef7fc3765d055874ebdca14e5999292d6f72f31e92bacf25db5ef8f5212952c1910de06ddbe1687a0e1837922f2228289916ed3aeb7b9cc24da3ae47139e371930afa6d3573df6732c26c0c7ae06d9cedfa77160711bcb06e6553338deae4c5731cf53cc154113096d02f3036d7d9edfcdc331e4bb860c5208489212e904eab70e7f860b0379895cbdecbf7a0b7a25e5b853c7dbe08a4e296a30afec8cf5a9f6ea4aef32a508655d539a770b21e660c9ee1d7688c56abeb7cf1afccc8d59780cf26312589e0c8e1bc00ad7b1325cd9a5dd69246e0b33407c381ea09265154aec297e4ccdf9785a1042a83e77c13d4ce4360782f2428f9916b5cd123b089eb683d30c1e895b9944aa905a1a5b52301d8cc5e4741834ead6ebdb5dc05c9c49c5e883e99d40b9838037beaf876534d747856103e59caf6266fbbe760b6ef83d004634b74f14f8eb4aef93c4cc9cbbd78d83d532c70feef51ea3f170b25d81a6a9b074bfca7e9b3771bf83517e0dd9d0600f70b86b20f61fe36076f8bada334b2390fa954973bc901619a3cfd039349cb328625f495ab288dbdd6dbfd022c2a83f59e0b998619a12e35891b5ae9e83a71765507b4a571cd2241e5885c705244c1022688bef7c5065fbcf219fc01753adb611b3fbc09403dcb10a4f99d788667eff75fa27074ca8481a633530e26163ccf7dada049d23e717e067b6fa5b2f652bc50abda9e7ccdc5f2f3c35ecc2c4431c819c9691be4422e379750774e9f39dae06f26423c8a4278789c9f3111b43f6dd25b0ad47c4cc5fda3f3ed82079c9366e0adced883488f429c1d7e1b351fd0bb204dd7977ef224c4df6d7a5f7697bc6500a7d03a8a914154779fa7092bf1be6bad4092367ce5d295a5d5d0e7c469f372ca2011d612637025e89f178ae9ada0c5b73bcb7d7c034ff595263cd4216e3c76ba5f3d81932a088a90bf8043e877e299c670ef1622a098d5519d9adc4ee7d4cd00e5934a4375fa83fdb81214b892482b31bdde59a70aaf25cb7f417c3a2a91c4e54b48149f6c41d9d396ee6ff13e3028c64a7c9b1f2e7c6e67184a3d52d6f570db3d225c947423c4c6533f22df57d15c5e5a3183422bd378b06fe4732a9401dcb19840fb8fa5c50a0ff497fef362c507753e46b8881d3e767f3b1d893a3805941c94f2efa05ce34b9ea81d716984af6834230d4707a87089d40779503ee6a9bb245d7d997f14acb80e89731c042bbbbe3dcd05177b0ee0eec23455830ef5b65aca357f2b0b887e0b9821c0", 0x1000}, {&(0x7f0000000340)="b768eb20304f2fdc5a9694a4867840d93170ca1a86406f", 0xfffffec0}], 0x4, 0x0, 0x0, 0x8010}, 0x0)
sendmmsg(r6, &(0x7f0000003b00)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x3, 0x0)
r8 = dup2(r6, r5)
sendmsg$nl_route_sched(r8, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000000440)={0x0}}, 0x0)
setsockopt$sock_attach_bpf(r5, 0x1, 0x21, &(0x7f0000000040), 0x4)
sendmsg$tipc(r8, &(0x7f0000003e80)={0x0, 0x0, 0x0}, 0x0)

814.603533ms ago: executing program 3 (id=2712):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000400)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
futex(0x0, 0xc, 0x1, &(0x7f0000000280)={0x77359400}, &(0x7f0000048000), 0x0)

6.201459ms ago: executing program 2 (id=2713):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000340)={'gre0\x00', 0x0})
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
sched_setscheduler(0x0, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
socket$tipc(0x1e, 0x5, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)

474.599µs ago: executing program 3 (id=2714):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000001811000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000001540)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
timer_getoverrun(0x0)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={0xffffffffffffffff, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000e8ff0000000000ff000044850000000e000000de0000000000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x24d8, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r3, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f0000000040), 0x4)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x2, &(0x7f0000000b80)=@gcm_256={{0x304}, "76f7bc3e4ae1c84c", "af193cff4810ba5ac120d096eb00b40752095b4285514ca312c52e3a08756735", "5d362ced", "bc3a20b10f4ad11e"}, 0x38)
close(r3)

0s ago: executing program 4 (id=2715):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x9, 0x4, 0x1, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYRES32, @ANYBLOB="0000000000000000b7020000f3ffff"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
ioctl$SG_NEXT_CMD_LEN(r1, 0xc0481273, &(0x7f0000000000))

kernel console output (not intermixed with test programs):

ysadm_t tclass=llc_socket permissive=1
[  138.156267][ T8608] loop0: detected capacity change from 0 to 4096
[  138.166033][ T8597] IPVS: using max 2016 ests per chain, 100800 per kthread
[  138.189422][ T8608] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  138.235620][ T8612] loop3: detected capacity change from 0 to 8192
[  138.266304][ T8619] (unnamed net_device) (uninitialized): option lacp_rate: invalid value (64)
[  138.286075][ T8619] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1768'.
[  138.301139][ T8621] netlink: 'syz.1.1771': attribute type 29 has an invalid length.
[  138.301364][ T8623] xt_hashlimit: max too large, truncated to 1048576
[  138.311313][ T8621] netlink: 'syz.1.1771': attribute type 29 has an invalid length.
[  138.326786][ T3268] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.339683][ T8621] netlink: 500 bytes leftover after parsing attributes in process `syz.1.1771'.
[  138.353368][ T8626] netlink: 'syz.0.1770': attribute type 29 has an invalid length.
[  138.362137][ T8626] netlink: 'syz.0.1770': attribute type 29 has an invalid length.
[  138.362713][ T8623] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1769'.
[  138.372012][ T8626] netlink: 500 bytes leftover after parsing attributes in process `syz.0.1770'.
[  138.404246][ T8623] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.427589][ T8633] atomic_op ffff88810ea08928 conn xmit_atomic 0000000000000000
[  138.437552][ T8635] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1775'.
[  138.457849][ T8623] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.520188][ T8623] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.522637][ T8651] can: request_module (can-proto-5) failed.
[  138.574308][ T8661] syz.1.1780[8661] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  138.574399][ T8661] syz.1.1780[8661] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  138.587772][ T8623] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.589279][ T8661] loop1: detected capacity change from 0 to 128
[  138.632365][ T8659] loop4: detected capacity change from 0 to 8192
[  138.714406][ T8673] FAULT_INJECTION: forcing a failure.
[  138.714406][ T8673] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  138.727597][ T8673] CPU: 1 UID: 0 PID: 8673 Comm: syz.0.1783 Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0
[  138.738454][ T8673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  138.748710][ T8673] Call Trace:
[  138.752008][ T8673]  <TASK>
[  138.755063][ T8673]  dump_stack_lvl+0xf2/0x150
[  138.759840][ T8673]  dump_stack+0x15/0x20
[  138.764164][ T8673]  should_fail_ex+0x229/0x230
[  138.764199][ T8673]  should_fail+0xb/0x10
[  138.764226][ T8673]  should_fail_usercopy+0x1a/0x20
[  138.764252][ T8673]  _copy_from_iter+0xd3/0xd20
[  138.764277][ T8673]  ? kmalloc_reserve+0x16e/0x190
[  138.764313][ T8673]  ? __build_skb_around+0x196/0x1f0
[  138.794469][ T8673]  ? __alloc_skb+0x21f/0x310
[  138.799333][ T8673]  ? __virt_addr_valid+0x1ed/0x250
[  138.805091][ T8673]  ? __check_object_size+0x35b/0x510
[  138.810569][ T8673]  netlink_sendmsg+0x460/0x6e0
[  138.815410][ T8673]  ? __pfx_netlink_sendmsg+0x10/0x10
[  138.820716][ T8673]  __sock_sendmsg+0x140/0x180
[  138.825581][ T8673]  ____sys_sendmsg+0x312/0x410
[  138.830574][ T8673]  __sys_sendmsg+0x1dd/0x270
[  138.835333][ T8673]  __x64_sys_sendmsg+0x46/0x50
[  138.840203][ T8673]  x64_sys_call+0x2689/0x2d60
[  138.844950][ T8673]  do_syscall_64+0xc9/0x1c0
[  138.849561][ T8673]  ? clear_bhb_loop+0x55/0xb0
[  138.854285][ T8673]  ? clear_bhb_loop+0x55/0xb0
[  138.859055][ T8673]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.864991][ T8673] RIP: 0033:0x7fc6995bdef9
[  138.869471][ T8673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  138.889135][ T8673] RSP: 002b:00007fc698231038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  138.899084][ T8673] RAX: ffffffffffffffda RBX: 00007fc699775f80 RCX: 00007fc6995bdef9
[  138.907081][ T8673] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000003
[  138.915227][ T8673] RBP: 00007fc698231090 R08: 0000000000000000 R09: 0000000000000000
[  138.923250][ T8673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  138.931320][ T8673] R13: 0000000000000000 R14: 00007fc699775f80 R15: 00007ffe0b5861b8
[  138.939312][ T8673]  </TASK>
[  138.944130][ T7651] usb 1-1: enqueue for inactive port 0
[  138.950163][ T7651] usb 1-1: enqueue for inactive port 0
[  139.007701][ T8683] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1787'.
[  139.018279][ T7651] vhci_hcd: vhci_device speed not set
[  139.032208][   T29] audit: type=1326 audit(1726879147.155:7204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8684 comm="syz.0.1788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6995bdef9 code=0x7ffc0000
[  139.062070][   T29] audit: type=1326 audit(1726879147.155:7205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8684 comm="syz.0.1788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=265 compat=0 ip=0x7fc6995bdef9 code=0x7ffc0000
[  139.062386][ T8689] FAULT_INJECTION: forcing a failure.
[  139.062386][ T8689] name failslab, interval 1, probability 0, space 0, times 0
[  139.086213][   T29] audit: type=1326 audit(1726879147.155:7206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8684 comm="syz.0.1788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6995bdef9 code=0x7ffc0000
[  139.098813][ T8689] CPU: 1 UID: 0 PID: 8689 Comm: syz.1.1789 Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0
[  139.098846][ T8689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  139.122976][   T29] audit: type=1326 audit(1726879147.155:7207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8684 comm="syz.0.1788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc6995bdef9 code=0x7ffc0000
[  139.133524][ T8689] Call Trace:
[  139.133538][ T8689]  <TASK>
[  139.133549][ T8689]  dump_stack_lvl+0xf2/0x150
[  139.143709][   T29] audit: type=1326 audit(1726879147.155:7208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8684 comm="syz.0.1788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6995bdef9 code=0x7ffc0000
[  139.143740][   T29] audit: type=1326 audit(1726879147.155:7209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8684 comm="syz.0.1788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc6995bdef9 code=0x7ffc0000
[  139.167166][ T8689]  dump_stack+0x15/0x20
[  139.170535][   T29] audit: type=1326 audit(1726879147.155:7210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8684 comm="syz.0.1788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6995bdef9 code=0x7ffc0000
[  139.173432][ T8689]  should_fail_ex+0x229/0x230
[  139.257586][ T8689]  ? __alloc_skb+0x10b/0x310
[  139.262233][ T8689]  should_failslab+0x8f/0xb0
[  139.266909][ T8689]  kmem_cache_alloc_node_noprof+0x51/0x2b0
[  139.272751][ T8689]  ? __check_object_size+0x95/0x510
[  139.278138][ T8689]  __alloc_skb+0x10b/0x310
[  139.282611][ T8689]  tcp_v6_send_response+0x1e0/0xe80
[  139.287829][ T8689]  ? stack_trace_consume_entry+0xa4/0xc0
[  139.293606][ T8689]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  139.300034][ T8689]  ? arch_stack_walk+0x10e/0x150
[  139.305333][ T8689]  ? find_stack+0xcf/0x170
[  139.309941][ T8689]  tcp_v6_send_reset+0x7b1/0x9f0
[  139.314943][ T8689]  ? xfrm6_policy_check+0x25e/0x320
[  139.320155][ T8689]  ? tcp_v6_fill_cb+0x176/0x190
[  139.325017][ T8689]  tcp_v6_rcv+0x14f2/0x1ca0
[  139.329601][ T8689]  ? __pfx_tcp_v6_rcv+0x10/0x10
[  139.334524][ T8689]  ip6_protocol_deliver_rcu+0x9f5/0x1060
[  139.340189][ T8689]  ip6_input+0xbf/0x1c0
[  139.344391][ T8689]  ? __pfx_ip6_input_finish+0x10/0x10
[  139.349783][ T8689]  ? __pfx_ip6_input+0x10/0x10
[  139.354578][ T8689]  ip6_rcv_finish+0x1fa/0x330
[  139.359273][ T8689]  ipv6_rcv+0x74/0x150
[  139.363447][ T8689]  ? __pfx_ip6_rcv_finish+0x10/0x10
[  139.368755][ T8689]  __netif_receive_skb+0xa2/0x280
[  139.373803][ T8689]  netif_receive_skb+0x4a/0x320
[  139.378869][ T8689]  ? virtio_net_hdr_to_skb+0x6d4/0xb90
[  139.384344][ T8689]  ? tun_rx_batched+0xba/0x410
[  139.389114][ T8689]  tun_rx_batched+0xf0/0x410
[  139.393728][ T8689]  tun_get_user+0x1eaf/0x24e0
[  139.398451][ T8689]  ? ref_tracker_alloc+0x1f5/0x2f0
[  139.403665][ T8689]  tun_chr_write_iter+0x188/0x240
[  139.408710][ T8689]  vfs_write+0x76a/0x910
[  139.412964][ T8689]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  139.418555][ T8689]  ksys_write+0xeb/0x1b0
[  139.422879][ T8689]  __x64_sys_write+0x42/0x50
[  139.427570][ T8689]  x64_sys_call+0x27dd/0x2d60
[  139.432363][ T8689]  do_syscall_64+0xc9/0x1c0
[  139.436880][ T8689]  ? clear_bhb_loop+0x55/0xb0
[  139.441639][ T8689]  ? clear_bhb_loop+0x55/0xb0
[  139.446471][ T8689]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.452464][ T8689] RIP: 0033:0x7f6ad554c9df
[  139.456952][ T8689] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[  139.476829][ T8689] RSP: 002b:00007f6ad41c7000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  139.485267][ T8689] RAX: ffffffffffffffda RBX: 00007f6ad5705f80 RCX: 00007f6ad554c9df
[  139.493272][ T8689] RDX: 000000000000004a RSI: 0000000020000200 RDI: 00000000000000c8
[  139.501263][ T8689] RBP: 00007f6ad41c7090 R08: 0000000000000000 R09: 0000000000000000
[  139.509238][ T8689] R10: 000000000000004a R11: 0000000000000293 R12: 0000000000000001
[  139.517215][ T8689] R13: 0000000000000000 R14: 00007f6ad5705f80 R15: 00007ffca7ea02a8
[  139.525433][ T8689]  </TASK>
[  139.549613][ T8691] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  139.585256][ T8701] FAULT_INJECTION: forcing a failure.
[  139.585256][ T8701] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  139.598696][ T8701] CPU: 1 UID: 0 PID: 8701 Comm: syz.1.1794 Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0
[  139.609051][ T8701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  139.619412][ T8701] Call Trace:
[  139.622697][ T8701]  <TASK>
[  139.625716][ T8701]  dump_stack_lvl+0xf2/0x150
[  139.630597][ T8701]  dump_stack+0x15/0x20
[  139.634794][ T8701]  should_fail_ex+0x229/0x230
[  139.639589][ T8701]  should_fail+0xb/0x10
[  139.643770][ T8701]  should_fail_usercopy+0x1a/0x20
[  139.648829][ T8701]  _copy_from_user+0x1e/0xd0
[  139.653449][ T8701]  memdup_user+0x64/0xc0
[  139.657758][ T8701]  strndup_user+0x68/0xa0
[  139.662106][ T8701]  keyctl_restrict_keyring+0x153/0x1b0
[  139.667690][ T8701]  ? proc_fail_nth_write+0x12a/0x150
[  139.673083][ T8701]  __se_sys_keyctl+0x20f/0xbb0
[  139.677870][ T8701]  ? __fget_files+0x1d4/0x210
[  139.682581][ T8701]  ? fput+0x14e/0x190
[  139.686608][ T8701]  ? ksys_write+0x178/0x1b0
[  139.691134][ T8701]  __x64_sys_keyctl+0x67/0x80
[  139.695997][ T8701]  x64_sys_call+0x971/0x2d60
[  139.700606][ T8701]  do_syscall_64+0xc9/0x1c0
[  139.705194][ T8701]  ? clear_bhb_loop+0x55/0xb0
[  139.709893][ T8701]  ? clear_bhb_loop+0x55/0xb0
[  139.714632][ T8701]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.720794][ T8701] RIP: 0033:0x7f6ad554def9
[  139.725244][ T8701] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  139.744968][ T8701] RSP: 002b:00007f6ad41c7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa
[  139.753395][ T8701] RAX: ffffffffffffffda RBX: 00007f6ad5705f80 RCX: 00007f6ad554def9
[  139.761509][ T8701] RDX: 0000000020000000 RSI: 000000002d051eb1 RDI: 000000000000001d
[  139.769594][ T8701] RBP: 00007f6ad41c7090 R08: 0000000000000000 R09: 0000000000000000
[  139.777572][ T8701] R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000001
[  139.785997][ T8701] R13: 0000000000000000 R14: 00007f6ad5705f80 R15: 00007ffca7ea02a8
[  139.794387][ T8701]  </TASK>
[  139.808704][    T8] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  139.817473][ T8704] FAULT_INJECTION: forcing a failure.
[  139.817473][ T8704] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  139.833645][ T8704] CPU: 1 UID: 0 PID: 8704 Comm: syz.1.1795 Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0
[  139.845047][ T8704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  139.855325][ T8704] Call Trace:
[  139.858837][ T8704]  <TASK>
[  139.861885][ T8704]  dump_stack_lvl+0xf2/0x150
[  139.866736][ T8704]  dump_stack+0x15/0x20
[  139.870927][ T8704]  should_fail_ex+0x229/0x230
[  139.875659][ T8704]  should_fail+0xb/0x10
[  139.880020][ T8704]  should_fail_usercopy+0x1a/0x20
[  139.885456][ T8704]  _copy_to_user+0x1e/0xa0
[  139.890038][ T8704]  simple_read_from_buffer+0xa0/0x110
[  139.895617][ T8704]  proc_fail_nth_read+0xf9/0x140
[  139.900626][ T8704]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  139.906232][ T8704]  vfs_read+0x195/0x720
[  139.910513][ T8704]  ? __rcu_read_unlock+0x4e/0x70
[  139.915482][ T8704]  ? __fget_files+0x1d4/0x210
[  139.920188][ T8704]  ksys_read+0xeb/0x1b0
[  139.924411][ T8704]  __x64_sys_read+0x42/0x50
[  139.928984][ T8704]  x64_sys_call+0x27d3/0x2d60
[  139.933768][ T8704]  do_syscall_64+0xc9/0x1c0
[  139.938295][ T8704]  ? clear_bhb_loop+0x55/0xb0
[  139.943121][ T8704]  ? clear_bhb_loop+0x55/0xb0
[  139.947882][ T8704]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.953798][ T8704] RIP: 0033:0x7f6ad554c93c
[  139.958221][ T8704] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  139.977842][ T8704] RSP: 002b:00007f6ad41c7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  139.986359][ T8704] RAX: ffffffffffffffda RBX: 00007f6ad5705f80 RCX: 00007f6ad554c93c
[  139.994426][ T8704] RDX: 000000000000000f RSI: 00007f6ad41c70a0 RDI: 0000000000000004
[  140.002491][ T8704] RBP: 00007f6ad41c7090 R08: 0000000000000000 R09: 0000000000000000
[  140.010807][ T8704] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  140.018806][ T8704] R13: 0000000000000000 R14: 00007f6ad5705f80 R15: 00007ffca7ea02a8
[  140.026853][ T8704]  </TASK>
[  140.032855][ T8702] llcp: llcp_sock_recvmsg: Recv datagram failed state 3 -6 0
[  140.069055][ T8707] xt_addrtype: both incoming and outgoing interface limitation cannot be selected
[  140.599891][ T8733] loop0: detected capacity change from 0 to 8192
[  140.614884][ T8735] syz.2.1807[8735] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  140.614943][ T8735] syz.2.1807[8735] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  140.629163][ T8735] loop2: detected capacity change from 0 to 164
[  140.660014][ T8735] Unable to read rock-ridge attributes
[  140.682679][ T8739] loop4: detected capacity change from 0 to 512
[  140.739048][ T8739] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c11c, mo2=0002]
[  140.747125][ T8739] System zones: 0-2, 18-18, 34-34
[  140.762791][ T8739] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1803: bg 0: block 248: padding at end of block bitmap is not set
[  140.777972][ T8739] EXT4-fs error (device loop4): ext4_acquire_dquot:6848: comm syz.4.1803: Failed to acquire dquot type 1
[  140.790827][ T8739] EXT4-fs (loop4): 1 truncate cleaned up
[  140.796842][ T8739] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  140.809515][ T8739] ext4 filesystem being mounted at /382/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  141.389303][ T3272] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.684620][ T8623] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  141.849723][ T8780] loop2: detected capacity change from 0 to 1024
[  141.863408][ T8623] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  141.970614][ T8623] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  142.001954][ T8780] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  142.020880][ T8623] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  142.178671][ T2478] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  142.198138][ T2478] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 64 with error 28
[  142.210558][ T2478] EXT4-fs (loop2): This should not happen!! Data will be lost
[  142.210558][ T2478] 
[  142.220228][ T2478] EXT4-fs (loop2): Total free blocks count 0
[  142.226380][ T2478] EXT4-fs (loop2): Free/Dirty block details
[  142.232384][ T2478] EXT4-fs (loop2): free_blocks=68451041280
[  142.238225][ T2478] EXT4-fs (loop2): dirty_blocks=64
[  142.243479][ T2478] EXT4-fs (loop2): Block reservation details
[  142.249492][ T2478] EXT4-fs (loop2): i_reserved_data_blocks=4
[  142.259583][ T4021] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.392685][ T8809] EXT4-fs (sda1): resizing filesystem from 262144 to 262144 blocks
[  142.593471][ T8832] FAULT_INJECTION: forcing a failure.
[  142.593471][ T8832] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  142.606665][ T8832] CPU: 0 UID: 0 PID: 8832 Comm: syz.4.1838 Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0
[  142.617157][ T8832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  142.627363][ T8832] Call Trace:
[  142.630738][ T8832]  <TASK>
[  142.633673][ T8832]  dump_stack_lvl+0xf2/0x150
[  142.638358][ T8832]  dump_stack+0x15/0x20
[  142.642537][ T8832]  should_fail_ex+0x229/0x230
[  142.647225][ T8832]  should_fail+0xb/0x10
[  142.651390][ T8832]  should_fail_usercopy+0x1a/0x20
[  142.656461][ T8832]  _copy_from_user+0x1e/0xd0
[  142.661067][ T8832]  __se_sys_add_key+0x1ec/0x320
[  142.666046][ T8832]  ? fput+0x14e/0x190
[  142.670053][ T8832]  __x64_sys_add_key+0x67/0x80
[  142.674875][ T8832]  x64_sys_call+0x157d/0x2d60
[  142.679691][ T8832]  do_syscall_64+0xc9/0x1c0
[  142.684310][ T8832]  ? clear_bhb_loop+0x55/0xb0
[  142.689085][ T8832]  ? clear_bhb_loop+0x55/0xb0
[  142.693932][ T8832]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  142.700088][ T8832] RIP: 0033:0x7f1b273adef9
[  142.704536][ T8832] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  142.724176][ T8832] RSP: 002b:00007f1b26027038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8
[  142.732596][ T8832] RAX: ffffffffffffffda RBX: 00007f1b27565f80 RCX: 00007f1b273adef9
[  142.740579][ T8832] RDX: 0000000020000f80 RSI: 0000000000000000 RDI: 00000000200003c0
[  142.748601][ T8832] RBP: 00007f1b26027090 R08: 000000001b6eb2fe R09: 0000000000000000
[  142.756585][ T8832] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[  142.764659][ T8832] R13: 0000000000000000 R14: 00007f1b27565f80 R15: 00007ffc32b8eb58
[  142.772643][ T8832]  </TASK>
[  142.937047][   T29] kauditd_printk_skb: 238 callbacks suppressed
[  142.937065][   T29] audit: type=1326 audit(1726879151.055:7447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8857 comm="syz.1.1847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ad554def9 code=0x7ffc0000
[  142.967172][   T29] audit: type=1326 audit(1726879151.055:7448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8857 comm="syz.1.1847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ad554def9 code=0x7ffc0000
[  142.990674][   T29] audit: type=1326 audit(1726879151.055:7449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8857 comm="syz.1.1847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6ad554def9 code=0x7ffc0000
[  143.014374][   T29] audit: type=1326 audit(1726879151.055:7450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8857 comm="syz.1.1847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ad554def9 code=0x7ffc0000
[  143.037925][   T29] audit: type=1326 audit(1726879151.055:7451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8857 comm="syz.1.1847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6ad554def9 code=0x7ffc0000
[  143.061467][   T29] audit: type=1326 audit(1726879151.055:7452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8857 comm="syz.1.1847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ad554def9 code=0x7ffc0000
[  143.084907][   T29] audit: type=1326 audit(1726879151.065:7453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8857 comm="syz.1.1847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7f6ad554def9 code=0x7ffc0000
[  143.108410][   T29] audit: type=1326 audit(1726879151.065:7454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8857 comm="syz.1.1847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ad554def9 code=0x7ffc0000
[  143.132092][   T29] audit: type=1326 audit(1726879151.065:7455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8857 comm="syz.1.1847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6ad554c890 code=0x7ffc0000
[  143.155769][   T29] audit: type=1326 audit(1726879151.065:7456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8857 comm="syz.1.1847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6ad554c890 code=0x7ffc0000
[  143.194863][ T8860] FAULT_INJECTION: forcing a failure.
[  143.194863][ T8860] name failslab, interval 1, probability 0, space 0, times 0
[  143.207686][ T8860] CPU: 0 UID: 0 PID: 8860 Comm: syz.4.1848 Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0
[  143.218036][ T8860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  143.228214][ T8860] Call Trace:
[  143.231678][ T8860]  <TASK>
[  143.234606][ T8860]  dump_stack_lvl+0xf2/0x150
[  143.239277][ T8860]  dump_stack+0x15/0x20
[  143.243532][ T8860]  should_fail_ex+0x229/0x230
[  143.248233][ T8860]  ? security_inode_alloc+0x32/0x100
[  143.253540][ T8860]  should_failslab+0x8f/0xb0
[  143.258286][ T8860]  kmem_cache_alloc_noprof+0x4c/0x290
[  143.263747][ T8860]  security_inode_alloc+0x32/0x100
[  143.268951][ T8860]  inode_init_always+0x438/0x480
[  143.273971][ T8860]  alloc_inode+0x7d/0x160
[  143.278382][ T8860]  new_inode_pseudo+0x15/0x20
[  143.283246][ T8860]  alloc_anon_inode+0x1e/0x170
[  143.288027][ T8860]  aio_setup_ring+0x96/0x6a0
[  143.292641][ T8860]  ioctx_alloc+0x2b2/0x4c0
[  143.297068][ T8860]  __se_sys_io_setup+0x6b/0x1b0
[  143.302091][ T8860]  __x64_sys_io_setup+0x31/0x40
[  143.307278][ T8860]  x64_sys_call+0x2639/0x2d60
[  143.312266][ T8860]  do_syscall_64+0xc9/0x1c0
[  143.316777][ T8860]  ? clear_bhb_loop+0x55/0xb0
[  143.321512][ T8860]  ? clear_bhb_loop+0x55/0xb0
[  143.326344][ T8860]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  143.332252][ T8860] RIP: 0033:0x7f1b273adef9
[  143.336701][ T8860] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  143.356327][ T8860] RSP: 002b:00007f1b26027038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce
[  143.364970][ T8860] RAX: ffffffffffffffda RBX: 00007f1b27565f80 RCX: 00007f1b273adef9
[  143.373030][ T8860] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000003
[  143.381039][ T8860] RBP: 00007f1b26027090 R08: 0000000000000000 R09: 0000000000000000
[  143.389044][ T8860] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  143.397113][ T8860] R13: 0000000000000000 R14: 00007f1b27565f80 R15: 00007ffc32b8eb58
[  143.405158][ T8860]  </TASK>
[  143.436215][ T8871] SELinux: security_context_str_to_sid (ñ£) failed with errno=-22
[  143.444686][ T8869] nftables ruleset with unbound chain
[  143.457324][ T8866] loop2: detected capacity change from 0 to 8192
[  143.506612][ T8878] netlink: 'syz.4.1857': attribute type 10 has an invalid length.
[  143.514536][ T8878] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1857'.
[  143.526744][ T8878] vlan0: entered promiscuous mode
[  143.532009][ T8878] vlan0: entered allmulticast mode
[  143.537322][ T8878] veth0_vlan: entered allmulticast mode
[  143.544294][ T8878] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[  143.560293][ T8875] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1855'.
[  143.569341][ T8875] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1855'.
[  143.579417][ T8875] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8875 comm=syz.3.1855
[  143.681857][ T8893] loop3: detected capacity change from 0 to 512
[  143.690128][ T8893] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  143.700827][ T8891] €: renamed from bond0 (while UP)
[  143.717945][ T8893] EXT4-fs error (device loop3): ext4_orphan_get:1417: comm syz.3.1861: bad orphan inode 15
[  143.729466][ T8893] EXT4-fs (loop3): Remounting filesystem read-only
[  143.736347][ T8893] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  143.748990][ T8893] SELinux: (dev loop3, type ext4) getxattr errno 5
[  143.756026][ T8893] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.819795][ T8889] loop3: detected capacity change from 0 to 8192
[  143.826566][ T8889] vfat: Unknown parameter ''
[  143.917670][ T8907] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1866'.
[  144.056464][ T8922] loop1: detected capacity change from 0 to 512
[  144.071730][ T8922] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  144.085655][ T8922] ext4 filesystem being mounted at /324/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  144.168319][ T3841] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.242557][ T8940] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1878'.
[  144.403689][ T8958] loop1: detected capacity change from 0 to 1024
[  144.412200][ T8958] EXT4-fs error (device loop1): ext4_quota_enable:7022: inode #4: comm syz.1.1885: iget: bogus i_mode (3600)
[  144.424127][ T8958] EXT4-fs error (device loop1): ext4_quota_enable:7025: comm syz.1.1885: Bad quota inode: 4, type: 1
[  144.435328][ T8958] EXT4-fs warning (device loop1): ext4_enable_quotas:7066: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  144.450142][ T8958] EXT4-fs (loop1): mount failed
[  144.616955][ T8975] loop1: detected capacity change from 0 to 512
[  144.630489][ T8975] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  144.644165][ T8972] loop2: detected capacity change from 0 to 8192
[  144.651179][ T8975] ext4 filesystem being mounted at /331/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  144.672484][ T8977] loop4: detected capacity change from 0 to 512
[  144.690068][ T8977] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  144.703282][ T8977] ext4 filesystem being mounted at /401/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  144.724672][ T3272] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.842491][ T9000] tipc: Started in network mode
[  144.847528][ T9000] tipc: Node identity 101, cluster identity 4711
[  144.854322][ T9000] tipc: Node number set to 257
[  144.894469][ T9003] sit0: entered promiscuous mode
[  144.899560][ T9003] vlan2: entered promiscuous mode
[  144.904715][ T9003] vlan2: entered allmulticast mode
[  144.909880][ T9003] sit0: entered allmulticast mode
[  144.916385][ T9003] sit0: left allmulticast mode
[  144.921523][ T9003] sit0: left promiscuous mode
[  145.172562][ T9022] netlink: 'syz.0.1904': attribute type 10 has an invalid length.
[  145.182338][ T9022] geneve1: entered promiscuous mode
[  145.192681][ T9022] bond0: (slave geneve1): Enslaving as an active interface with an up link
[  145.221711][ T9032] FAULT_INJECTION: forcing a failure.
[  145.221711][ T9032] name failslab, interval 1, probability 0, space 0, times 0
[  145.234508][ T9032] CPU: 0 UID: 0 PID: 9032 Comm: syz.0.1906 Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0
[  145.244874][ T9032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  145.254995][ T9032] Call Trace:
[  145.258292][ T9032]  <TASK>
[  145.261718][ T9032]  dump_stack_lvl+0xf2/0x150
[  145.266350][ T9032]  dump_stack+0x15/0x20
[  145.270577][ T9032]  should_fail_ex+0x229/0x230
[  145.275290][ T9032]  ? audit_log_start+0x34c/0x6b0
[  145.280310][ T9032]  should_failslab+0x8f/0xb0
[  145.285048][ T9032]  kmem_cache_alloc_noprof+0x4c/0x290
[  145.290490][ T9032]  audit_log_start+0x34c/0x6b0
[  145.295363][ T9032]  audit_seccomp+0x4b/0x130
[  145.299951][ T9032]  __seccomp_filter+0x6fa/0x1180
[  145.304984][ T9032]  ? proc_fail_nth_write+0x12a/0x150
[  145.310321][ T9032]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  145.316016][ T9032]  ? vfs_write+0x580/0x910
[  145.320466][ T9032]  __secure_computing+0x9f/0x1c0
[  145.325455][ T9032]  syscall_trace_enter+0xd1/0x1f0
[  145.330728][ T9032]  do_syscall_64+0xaa/0x1c0
[  145.335321][ T9032]  ? clear_bhb_loop+0x55/0xb0
[  145.340216][ T9032]  ? clear_bhb_loop+0x55/0xb0
[  145.344935][ T9032]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.350938][ T9032] RIP: 0033:0x7fc6995bdef9
[  145.355404][ T9032] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  145.375137][ T9032] RSP: 002b:00007fc698231038 EFLAGS: 00000246 ORIG_RAX: 0000000000000105
[  145.383561][ T9032] RAX: ffffffffffffffda RBX: 00007fc699775f80 RCX: 00007fc6995bdef9
[  145.391609][ T9032] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffffff
[  145.399590][ T9032] RBP: 00007fc698231090 R08: 0000000000000000 R09: 0000000000000000
[  145.407737][ T9032] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  145.415802][ T9032] R13: 0000000000000000 R14: 00007fc699775f80 R15: 00007ffe0b5861b8
[  145.423815][ T9032]  </TASK>
[  145.436485][ T3841] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.794030][ T9075] loop0: detected capacity change from 0 to 512
[  145.823946][ T9075] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  145.851394][ T9075] ext4 filesystem being mounted at /408/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  145.867659][ T9078] loop4: detected capacity change from 0 to 512
[  145.879744][ T9078] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  145.893537][ T9078] ext4 filesystem being mounted at /406/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  145.910660][ T9090] loop2: detected capacity change from 0 to 256
[  145.917613][ T3272] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.917842][ T9090] vfat: Unknown parameter '00000000000000000000003'
[  146.017232][ T9097] SELinux: failed to load policy
[  146.067852][ T9101] tls_set_device_offload: netdev not found
[  146.424890][ T9117] loop3: detected capacity change from 0 to 1024
[  146.431813][ T9117] EXT4-fs: dax option not supported
[  146.440116][ T9117] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  146.467698][ T3268] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.479978][ T9119] netlink: 'syz.3.1938': attribute type 27 has an invalid length.
[  146.541768][ T9122] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1938'.
[  146.565550][ T9119] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  146.576190][ T9119] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  146.613210][ T9119] netdevsim netdevsim3 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  146.621780][ T9119] netdevsim netdevsim3 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  146.630358][ T9119] netdevsim netdevsim3 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  146.638944][ T9119] netdevsim netdevsim3 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  146.649524][ T9119] veth3: left allmulticast mode
[  146.671582][ T9122] 8021q: adding VLAN 0 to HW filter on device bond0
[  146.679738][ T9122] 8021q: adding VLAN 0 to HW filter on device team0
[  146.689941][ T9122] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  146.760060][ T9133] IPVS: set_ctl: invalid protocol: 60 127.0.0.1:20002
[  146.920152][ T9156] loop3: detected capacity change from 0 to 512
[  146.928782][ T9156] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.1949: corrupted in-inode xattr: invalid ea_ino
[  146.942679][ T9156] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.1949: couldn't read orphan inode 15 (err -117)
[  146.956086][ T9156] EXT4-fs (loop3): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  146.975348][ T9161] xt_hashlimit: max too large, truncated to 1048576
[  146.995053][ T9161] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1950'.
[  147.019926][ T5314] EXT4-fs (loop3): unmounting filesystem 00000007-0000-0000-0000-000000000000.
[  147.025638][ T9161] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.045812][ T9166] loop4: detected capacity change from 0 to 512
[  147.070315][ T9166] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  147.083631][ T9166] ext4 filesystem being mounted at /413/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  147.099118][ T9161] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.141919][ T9161] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.187004][ T3272] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.208274][ T9174] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  147.232476][ T9161] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.277654][ T9161] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  147.289760][ T9161] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  147.303984][ T9161] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  147.316218][ T9161] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  147.364530][ T9186] loop2: detected capacity change from 0 to 512
[  147.371341][ T9186] EXT4-fs: Ignoring removed i_version option
[  147.377898][ T9186] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  147.400085][ T9186] EXT4-fs (loop2): 1 truncate cleaned up
[  147.406035][ T9186] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  147.420362][ T9186] FAULT_INJECTION: forcing a failure.
[  147.420362][ T9186] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  147.433574][ T9186] CPU: 0 UID: 0 PID: 9186 Comm: syz.2.1958 Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0
[  147.444135][ T9186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  147.454293][ T9186] Call Trace:
[  147.457682][ T9186]  <TASK>
[  147.460822][ T9186]  dump_stack_lvl+0xf2/0x150
[  147.465445][ T9186]  dump_stack+0x15/0x20
[  147.469619][ T9186]  should_fail_ex+0x229/0x230
[  147.474413][ T9186]  should_fail+0xb/0x10
[  147.478601][ T9186]  should_fail_usercopy+0x1a/0x20
[  147.483729][ T9186]  strncpy_from_user+0x25/0x270
[  147.488605][ T9186]  ? kmem_cache_alloc_noprof+0x10c/0x290
[  147.494348][ T9186]  getname_flags+0xb0/0x3b0
[  147.498968][ T9186]  getname+0x17/0x20
[  147.502973][ T9186]  io_openat2_prep+0x1a0/0x310
[  147.507742][ T9186]  io_submit_sqes+0x64c/0x1080
[  147.512612][ T9186]  ? __rcu_read_unlock+0x4e/0x70
[  147.517678][ T9186]  ? xa_load+0xb9/0xe0
[  147.522418][ T9186]  __se_sys_io_uring_enter+0x1cd/0x1790
[  147.527985][ T9186]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  147.533655][ T9186]  ? vfs_write+0x580/0x910
[  147.538096][ T9186]  ? __fget_files+0x1d4/0x210
[  147.542806][ T9186]  ? fput+0x14e/0x190
[  147.546951][ T9186]  ? ksys_write+0x178/0x1b0
[  147.551491][ T9186]  __x64_sys_io_uring_enter+0x78/0x90
[  147.556953][ T9186]  x64_sys_call+0x2567/0x2d60
[  147.561723][ T9186]  do_syscall_64+0xc9/0x1c0
[  147.566251][ T9186]  ? clear_bhb_loop+0x55/0xb0
[  147.570982][ T9186]  ? clear_bhb_loop+0x55/0xb0
[  147.575905][ T9186]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.581946][ T9186] RIP: 0033:0x7f0ce2b6def9
[  147.586571][ T9186] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  147.606283][ T9186] RSP: 002b:00007f0ce17e1038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  147.615055][ T9186] RAX: ffffffffffffffda RBX: 00007f0ce2d25f80 RCX: 00007f0ce2b6def9
[  147.623071][ T9186] RDX: 0000000000000000 RSI: 00000000000047f6 RDI: 0000000000000004
[  147.631126][ T9186] RBP: 00007f0ce17e1090 R08: 0000000000000000 R09: 0000000000000000
[  147.639128][ T9186] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  147.647210][ T9186] R13: 0000000000000000 R14: 00007f0ce2d25f80 R15: 00007ffda25f66d8
[  147.655224][ T9186]  </TASK>
[  147.664803][ T9189] xt_hashlimit: max too large, truncated to 1048576
[  147.673640][ T4021] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.695889][ T9189] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1959'.
[  147.709507][ T9189] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.750651][ T9189] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.772708][ T9200] loop2: detected capacity change from 0 to 8192
[  147.790454][ T9189] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.804521][ T9206] SELinux:  policydb version 1302396298 does not match my version range 15-33
[  147.813696][ T9206] SELinux: failed to load policy
[  147.840067][ T9213] loop2: detected capacity change from 0 to 128
[  147.841398][ T9189] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.851920][ T9213] FAULT_INJECTION: forcing a failure.
[  147.851920][ T9213] name failslab, interval 1, probability 0, space 0, times 0
[  147.869181][ T9213] CPU: 0 UID: 0 PID: 9213 Comm: syz.2.1968 Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0
[  147.879525][ T9213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  147.889590][ T9213] Call Trace:
[  147.892924][ T9213]  <TASK>
[  147.895912][ T9213]  dump_stack_lvl+0xf2/0x150
[  147.900532][ T9213]  dump_stack+0x15/0x20
[  147.904723][ T9213]  should_fail_ex+0x229/0x230
[  147.909411][ T9213]  ? __alloc_skb+0x10b/0x310
[  147.914063][ T9213]  should_failslab+0x8f/0xb0
[  147.918800][ T9213]  kmem_cache_alloc_node_noprof+0x51/0x2b0
[  147.924694][ T9213]  __alloc_skb+0x10b/0x310
[  147.929136][ T9213]  tcp_v6_send_response+0x1e0/0xe80
[  147.934353][ T9213]  ? queue_work_on+0xf4/0x180
[  147.939101][ T9213]  ? _find_next_zero_bit+0x65/0xf0
[  147.944289][ T9213]  tcp_v6_send_reset+0x7b1/0x9f0
[  147.949261][ T9213]  ? tcp_rcv_state_process+0x299/0x1ee0
[  147.954872][ T9213]  tcp_v6_do_rcv+0x60c/0xa80
[  147.959508][ T9213]  tcp_v6_rcv+0x165d/0x1ca0
[  147.964033][ T9213]  ? __pfx_tcp_v6_rcv+0x10/0x10
[  147.968922][ T9213]  ip6_protocol_deliver_rcu+0x9f5/0x1060
[  147.974676][ T9213]  ip6_input+0xbf/0x1c0
[  147.978927][ T9213]  ? __pfx_ip6_input_finish+0x10/0x10
[  147.984397][ T9213]  ? __pfx_ip6_input+0x10/0x10
[  147.989178][ T9213]  ip6_rcv_finish+0x1fa/0x330
[  147.993881][ T9213]  ipv6_rcv+0x74/0x150
[  147.998094][ T9213]  ? __pfx_ip6_rcv_finish+0x10/0x10
[  148.003678][ T9213]  __netif_receive_skb+0xa2/0x280
[  148.008792][ T9213]  netif_receive_skb+0x4a/0x320
[  148.013906][ T9213]  ? virtio_net_hdr_to_skb+0x6d4/0xb90
[  148.019398][ T9213]  ? tun_rx_batched+0xba/0x410
[  148.024182][ T9213]  tun_rx_batched+0xf0/0x410
[  148.029224][ T9213]  tun_get_user+0x1eaf/0x24e0
[  148.033937][ T9213]  ? ref_tracker_alloc+0x1f5/0x2f0
[  148.039068][ T9213]  tun_chr_write_iter+0x188/0x240
[  148.044267][ T9213]  vfs_write+0x76a/0x910
[  148.048532][ T9213]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  148.054173][ T9213]  ksys_write+0xeb/0x1b0
[  148.058444][ T9213]  __x64_sys_write+0x42/0x50
[  148.063111][ T9213]  x64_sys_call+0x27dd/0x2d60
[  148.067873][ T9213]  do_syscall_64+0xc9/0x1c0
[  148.072466][ T9213]  ? clear_bhb_loop+0x55/0xb0
[  148.077318][ T9213]  ? clear_bhb_loop+0x55/0xb0
[  148.082105][ T9213]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.088157][ T9213] RIP: 0033:0x7f0ce2b6c9df
[  148.092608][ T9213] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[  148.112437][ T9213] RSP: 002b:00007f0ce17e1000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  148.120956][ T9213] RAX: ffffffffffffffda RBX: 00007f0ce2d25f80 RCX: 00007f0ce2b6c9df
[  148.128960][ T9213] RDX: 000000000000004a RSI: 0000000020000840 RDI: 00000000000000c8
[  148.136947][ T9213] RBP: 00007f0ce17e1090 R08: 0000000000000000 R09: 0000000000000000
[  148.144945][ T9213] R10: 000000000000004a R11: 0000000000000293 R12: 0000000000000001
[  148.152972][ T9213] R13: 0000000000000000 R14: 00007f0ce2d25f80 R15: 00007ffda25f66d8
[  148.161329][ T9213]  </TASK>
[  148.180242][ T9220] FAULT_INJECTION: forcing a failure.
[  148.180242][ T9220] name failslab, interval 1, probability 0, space 0, times 0
[  148.193127][ T9220] CPU: 0 UID: 0 PID: 9220 Comm: syz.1.1972 Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0
[  148.203692][ T9220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  148.214085][ T9220] Call Trace:
[  148.217381][ T9220]  <TASK>
[  148.220322][ T9220]  dump_stack_lvl+0xf2/0x150
[  148.225204][ T9220]  dump_stack+0x15/0x20
[  148.229386][ T9220]  should_fail_ex+0x229/0x230
[  148.234090][ T9220]  ? __alloc_skb+0x10b/0x310
[  148.238711][ T9220]  should_failslab+0x8f/0xb0
[  148.243417][ T9220]  kmem_cache_alloc_node_noprof+0x51/0x2b0
[  148.249256][ T9220]  ? security_capable+0x81/0x90
[  148.254129][ T9220]  __alloc_skb+0x10b/0x310
[  148.258647][ T9220]  netlink_ack+0xef/0x4f0
[  148.263026][ T9220]  ? avc_has_perm_noaudit+0x1cc/0x210
[  148.268523][ T9220]  netlink_rcv_skb+0x19c/0x230
[  148.273312][ T9220]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  148.278926][ T9220]  rtnetlink_rcv+0x1c/0x30
[  148.283393][ T9220]  netlink_unicast+0x599/0x670
[  148.288191][ T9220]  netlink_sendmsg+0x5cc/0x6e0
[  148.293070][ T9220]  ? __pfx_netlink_sendmsg+0x10/0x10
[  148.298381][ T9220]  __sock_sendmsg+0x140/0x180
[  148.303087][ T9220]  ____sys_sendmsg+0x312/0x410
[  148.307907][ T9220]  __sys_sendmmsg+0x25d/0x500
[  148.312718][ T9220]  __x64_sys_sendmmsg+0x57/0x70
[  148.317692][ T9220]  x64_sys_call+0xa49/0x2d60
[  148.322310][ T9220]  do_syscall_64+0xc9/0x1c0
[  148.326842][ T9220]  ? clear_bhb_loop+0x55/0xb0
[  148.331585][ T9220]  ? clear_bhb_loop+0x55/0xb0
[  148.336820][ T9220]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.342862][ T9220] RIP: 0033:0x7f6ad554def9
[  148.347285][ T9220] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  148.366916][ T9220] RSP: 002b:00007f6ad41c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  148.375348][ T9220] RAX: ffffffffffffffda RBX: 00007f6ad5705f80 RCX: 00007f6ad554def9
[  148.383352][ T9220] RDX: 04000000000001f2 RSI: 0000000020000000 RDI: 0000000000000003
[  148.391332][ T9220] RBP: 00007f6ad41c7090 R08: 0000000000000000 R09: 0000000000000000
[  148.399345][ T9220] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  148.407406][ T9220] R13: 0000000000000000 R14: 00007f6ad5705f80 R15: 00007ffca7ea02a8
[  148.415400][ T9220]  </TASK>
[  148.432512][ T9189] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  148.447570][ T9189] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  148.449493][ T9224] 9pnet: p9_errstr2errno: server reported unknown error œæçæÎsÅ‚Ün02ÖÌü䧑̼§6þ
[  148.460690][ T9189] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  148.477702][ T9189] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  148.478946][ T9217] loop4: detected capacity change from 0 to 1024
[  148.494030][ T9217] EXT4-fs (loop4): stripe (8) is not aligned with cluster size (16), stripe is disabled
[  148.530836][ T9217] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  148.570649][ T9231] loop0: detected capacity change from 0 to 512
[  148.595726][ T9237] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1977'.
[  148.608126][   T29] kauditd_printk_skb: 462 callbacks suppressed
[  148.608146][   T29] audit: type=1326 audit(1726879156.715:7917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9233 comm="syz.2.1978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ce2b6def9 code=0x7ffc0000
[  148.637898][   T29] audit: type=1326 audit(1726879156.715:7918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9233 comm="syz.2.1978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ce2b6def9 code=0x7ffc0000
[  148.661556][   T29] audit: type=1326 audit(1726879156.715:7919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9233 comm="syz.2.1978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0ce2b6def9 code=0x7ffc0000
[  148.685072][   T29] audit: type=1326 audit(1726879156.715:7920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9233 comm="syz.2.1978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ce2b6def9 code=0x7ffc0000
[  148.709011][   T29] audit: type=1326 audit(1726879156.715:7921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9233 comm="syz.2.1978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0ce2b6def9 code=0x7ffc0000
[  148.732490][   T29] audit: type=1326 audit(1726879156.715:7922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9233 comm="syz.2.1978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ce2b6def9 code=0x7ffc0000
[  148.756104][   T29] audit: type=1326 audit(1726879156.715:7923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9233 comm="syz.2.1978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ce2b6def9 code=0x7ffc0000
[  148.779637][   T29] audit: type=1326 audit(1726879156.715:7924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9233 comm="syz.2.1978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0ce2b6def9 code=0x7ffc0000
[  148.789753][ T9231] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  148.803347][   T29] audit: type=1326 audit(1726879156.715:7925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9233 comm="syz.2.1978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ce2b6def9 code=0x7ffc0000
[  148.824396][ T9231] ext4 filesystem being mounted at /413/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  148.839259][   T29] audit: type=1326 audit(1726879156.715:7926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9233 comm="syz.2.1978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f0ce2b6def9 code=0x7ffc0000
[  148.871892][ T9244] loop2: detected capacity change from 0 to 8192
[  148.875702][ T9231] FAULT_INJECTION: forcing a failure.
[  148.875702][ T9231] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  148.881902][ T3272] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.893097][ T9231] CPU: 1 UID: 0 PID: 9231 Comm: syz.0.1976 Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0
[  148.912558][ T9231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  148.922668][ T9231] Call Trace:
[  148.925950][ T9231]  <TASK>
[  148.928886][ T9231]  dump_stack_lvl+0xf2/0x150
[  148.933610][ T9231]  dump_stack+0x15/0x20
[  148.937862][ T9231]  should_fail_ex+0x229/0x230
[  148.942557][ T9231]  should_fail+0xb/0x10
[  148.946749][ T9231]  should_fail_usercopy+0x1a/0x20
[  148.951864][ T9231]  _copy_from_user+0x1e/0xd0
[  148.956482][ T9231]  vmemdup_user+0x12e/0x1b0
[  148.961095][ T9231]  path_setxattr+0x134/0x360
[  148.965711][ T9231]  ? get_pid_task+0x8e/0xc0
[  148.970262][ T9231]  __x64_sys_lsetxattr+0x6a/0x80
[  148.975217][ T9231]  x64_sys_call+0x2931/0x2d60
[  148.979926][ T9231]  do_syscall_64+0xc9/0x1c0
[  148.984464][ T9231]  ? clear_bhb_loop+0x55/0xb0
[  148.989220][ T9231]  ? clear_bhb_loop+0x55/0xb0
[  148.993920][ T9231]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.999906][ T9231] RIP: 0033:0x7fc6995bdef9
[  149.004333][ T9231] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  149.024039][ T9231] RSP: 002b:00007fc698231038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[  149.032548][ T9231] RAX: ffffffffffffffda RBX: 00007fc699775f80 RCX: 00007fc6995bdef9
[  149.040530][ T9231] RDX: 0000000020000040 RSI: 00000000200001c0 RDI: 00000000200002c0
[  149.048512][ T9231] RBP: 00007fc698231090 R08: 0000000000000000 R09: 0000000000000000
[  149.056535][ T9231] R10: 0000000000000e01 R11: 0000000000000246 R12: 0000000000000001
[  149.064526][ T9231] R13: 0000000000000000 R14: 00007fc699775f80 R15: 00007ffe0b5861b8
[  149.072554][ T9231]  </TASK>
[  149.103643][ T3268] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.109645][ T9253] loop2: detected capacity change from 0 to 512
[  149.134540][ T9253] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  149.151553][ T9255] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap1
[  149.163466][ T9253] ext4 filesystem being mounted at /393/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  149.241599][ T9253] coredump: 958(syz.2.1982): Error writing out the process memory
[  149.249661][ T9253] coredump: 958(syz.2.1982): written to core: VMAs: 29, size 89030656; core: 186738 bytes, pos 630784
[  149.294414][ T9271] loop4: detected capacity change from 0 to 512
[  149.305393][ T4021] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.320730][ T9273] xt_hashlimit: max too large, truncated to 1048576
[  149.339907][ T9271] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  149.354497][ T9273] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1990'.
[  149.364191][ T9271] ext4 filesystem being mounted at /420/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  149.376504][ T9273] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  149.408184][    T8] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  149.419169][ T4621] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  149.432847][ T9273] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  149.494705][ T9273] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  149.511528][ T3272] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.550138][ T9273] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  149.572934][ T9285] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1993'.
[  149.602078][ T9291] loop2: detected capacity change from 0 to 256
[  149.609497][ T9291] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  149.622751][ T9291] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  149.634563][ T9293] loop3: detected capacity change from 0 to 1024
[  149.641673][ T9293] EXT4-fs: Ignoring removed oldalloc option
[  149.661049][ T9293] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  149.679646][ T9297] loop4: detected capacity change from 0 to 512
[  149.702848][ T9297] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  149.726106][ T9297] ext4 filesystem being mounted at /425/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  149.740900][ T9293] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[  149.893686][ T9313] --map-set only usable from mangle table
[  150.219856][ T9343] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2006'.
[  150.412257][ T9362] netlink: 2 bytes leftover after parsing attributes in process `syz.4.2012'.
[  150.442431][ T9362] veth0_vlan: left allmulticast mode
[  150.506089][ T9371] loop3: detected capacity change from 0 to 2048
[  150.571967][ T9371]  loop3: p1 < > p3
[  150.589670][ T9371] loop3: p3 size 134217728 extends beyond EOD, truncated
[  150.639134][ T9288] syz.2.1996 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  150.650273][ T9288] CPU: 1 UID: 0 PID: 9288 Comm: syz.2.1996 Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0
[  150.660630][ T9288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  150.670798][ T9288] Call Trace:
[  150.674094][ T9288]  <TASK>
[  150.677107][ T9288]  dump_stack_lvl+0xf2/0x150
[  150.681907][ T9288]  dump_stack+0x15/0x20
[  150.686200][ T9288]  dump_header+0x83/0x2d0
[  150.690641][ T9288]  oom_kill_process+0x341/0x4c0
[  150.695693][ T9288]  out_of_memory+0x9af/0xbe0
[  150.700411][ T9288]  ? __rcu_read_unlock+0x4e/0x70
[  150.705387][ T9288]  mem_cgroup_out_of_memory+0x13e/0x190
[  150.711003][ T9288]  try_charge_memcg+0x51b/0x810
[  150.715983][ T9288]  mem_cgroup_swapin_charge_folio+0x107/0x1a0
[  150.722073][ T9288]  __read_swap_cache_async+0x2b7/0x520
[  150.727592][ T9288]  swap_cluster_readahead+0x276/0x3f0
[  150.733052][ T9288]  swapin_readahead+0xe4/0x760
[  150.737934][ T9288]  ? __filemap_get_folio+0x420/0x5b0
[  150.743314][ T9288]  ? swap_cache_get_folio+0x77/0x210
[  150.748639][ T9288]  do_swap_page+0x3da/0x1ef0
[  150.753331][ T9288]  ? cgroup_rstat_updated+0x99/0x550
[  150.759252][ T9288]  ? __rcu_read_lock+0x36/0x50
[  150.764039][ T9288]  ? pte_offset_map_nolock+0x124/0x1d0
[  150.769537][ T9288]  handle_mm_fault+0x8c5/0x2a40
[  150.774419][ T9288]  exc_page_fault+0x3b9/0x650
[  150.779126][ T9288]  asm_exc_page_fault+0x26/0x30
[  150.783997][ T9288] RIP: 0033:0x7f0ce2a41a1e
[  150.788453][ T9288] Code: 0c 85 c0 74 e7 48 89 df 48 81 c3 d8 00 00 00 e8 18 ed ff ff 48 39 dd 75 df 0f 1f 00 8b 05 76 60 2e 00 85 c0 0f 8e 35 fd ff ff <e8> bd e4 fe ff 49 39 c4 73 a0 48 8d 1d 51 45 2e 00 83 3d 56 60 2e
[  150.808109][ T9288] RSP: 002b:00007ffda25f6840 EFLAGS: 00010202
[  150.814540][ T9288] RAX: 0000000000000001 RBX: 00007f0ce2d27a80 RCX: 0000000000000000
[  150.822523][ T9288] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000055556d04e808
[  150.830555][ T9288] RBP: 00007f0ce2d27a80 R08: 0000000000000000 R09: 7fffffffffffffff
[  150.838607][ T9288] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000024ba0
[  150.846589][ T9288] R13: 00007ffda25f6940 R14: 0000000000000226 R15: ffffffffffffffff
[  150.854608][ T9288]  </TASK>
[  150.857732][ T9288] memory: usage 307200kB, limit 307200kB, failcnt 6837
[  150.864830][ T9288] memory+swap: usage 307728kB, limit 9007199254740988kB, failcnt 0
[  150.872892][ T9288] kmem: usage 306712kB, limit 9007199254740988kB, failcnt 0
[  150.880252][ T9288] Memory cgroup stats for /syz2:
[  150.895072][ T9288] cache 495616
[  150.903827][ T9288] rss 4096
[  150.906907][ T9288] shmem 0
[  150.909906][ T9288] mapped_file 1507328
[  150.913892][ T9288] dirty 495616
[  150.917877][ T9288] writeback 4096
[  150.921546][ T9288] workingset_refault_anon 44
[  150.926143][ T9288] workingset_refault_file 127
[  150.930853][ T9288] swap 540672
[  150.934144][ T9288] swapcached 4096
[  150.937778][ T9288] pgpgin 171847
[  150.941320][ T9288] pgpgout 171725
[  150.945133][ T9288] pgfault 171283
[  150.948952][ T9288] pgmajfault 27
[  150.952603][ T9288] inactive_anon 0
[  150.956248][ T9288] active_anon 4096
[  150.960018][ T9288] inactive_file 0
[  150.963772][ T9288] active_file 495616
[  150.967707][ T9288] unevictable 0
[  150.971380][ T9288] hierarchical_memory_limit 314572800
[  150.976855][ T9288] hierarchical_memsw_limit 9223372036854771712
[  150.983082][ T9288] total_cache 495616
[  150.987136][ T9288] total_rss 4096
[  150.990712][ T9288] total_shmem 0
[  150.994180][ T9288] total_mapped_file 1507328
[  150.998783][ T9288] total_dirty 495616
[  151.002867][ T9288] total_writeback 4096
[  151.007012][ T9288] total_workingset_refault_anon 44
[  151.012227][ T9288] total_workingset_refault_file 127
[  151.017427][ T9288] total_swap 540672
[  151.021326][ T9288] total_swapcached 4096
[  151.025555][ T9288] total_pgpgin 171847
[  151.029588][ T9288] total_pgpgout 171725
[  151.033683][ T9288] total_pgfault 171283
[  151.037752][ T9288] total_pgmajfault 27
[  151.041890][ T9288] total_inactive_anon 0
[  151.046047][ T9288] total_active_anon 4096
[  151.050337][ T9288] total_inactive_file 0
[  151.054504][ T9288] total_active_file 495616
[  151.058955][ T9288] total_unevictable 0
[  151.063090][ T9288] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.1996,pid=9288,uid=0
[  151.077916][ T9288] Memory cgroup out of memory: Killed process 9288 (syz.2.1996) total-vm:90192kB, anon-rss:616kB, file-rss:17056kB, shmem-rss:0kB, UID:0 pgtables:112kB oom_score_adj:1000
[  151.115051][ T9380] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2017'.
[  151.192604][ T9391] loop3: detected capacity change from 0 to 2048
[  151.208438][ T9391] EXT4-fs: Ignoring removed nomblk_io_submit option
[  151.231595][ T9392] EXT4-fs error (device loop3): __ext4_remount:6491: comm syz.3.2022: Abort forced by user
[  151.252189][ T9392] EXT4-fs (loop3): Remounting filesystem read-only
[  151.268499][ T9392] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: none.
[  151.534094][ T9424] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2032'.
[  151.701959][ T9435] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  151.710733][ T9435] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  151.721766][ T9435] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2036'.
[  151.733799][ T9435] batadv0: entered promiscuous mode
[  151.740072][ T9435] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  151.748737][ T9435] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2036'.
[  151.758362][ T9435] batadv0: left promiscuous mode
[  152.104675][ T9454] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2043'.
[  152.333892][ T9469] loop1: detected capacity change from 0 to 1764
[  152.343142][ T9469] iso9660: Corrupted directory entry in block 2 of inode 1920
[  152.424187][ T9474] loop4: detected capacity change from 0 to 4096
[  152.450587][ T9474] FAULT_INJECTION: forcing a failure.
[  152.450587][ T9474] name failslab, interval 1, probability 0, space 0, times 0
[  152.463410][ T9474] CPU: 0 UID: 0 PID: 9474 Comm: syz.4.2052 Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0
[  152.473768][ T9474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  152.483888][ T9474] Call Trace:
[  152.487188][ T9474]  <TASK>
[  152.490130][ T9474]  dump_stack_lvl+0xf2/0x150
[  152.494773][ T9474]  dump_stack+0x15/0x20
[  152.498966][ T9474]  should_fail_ex+0x229/0x230
[  152.503770][ T9474]  ? ext4_mb_new_blocks+0x2fc/0x2020
[  152.509090][ T9474]  should_failslab+0x8f/0xb0
[  152.513810][ T9474]  kmem_cache_alloc_noprof+0x4c/0x290
[  152.519437][ T9474]  ext4_mb_new_blocks+0x2fc/0x2020
[  152.524988][ T9474]  ? ext4_find_extent+0x75e/0x860
[  152.530185][ T9474]  ? ext4_inode_to_goal_block+0x1cb/0x1f0
[  152.535937][ T9474]  ext4_ext_map_blocks+0x10a1/0x33b0
[  152.541334][ T9474]  ? invalidate_inode_pages2_range+0x6d3/0x720
[  152.547625][ T9474]  ? __find_get_block+0x66e/0x8a0
[  152.552857][ T9474]  ext4_map_blocks+0x72a/0xf50
[  152.557976][ T9474]  ext4_iomap_begin+0x4a9/0x5d0
[  152.562860][ T9474]  iomap_iter+0x3cc/0x800
[  152.567231][ T9474]  ? __pfx_ext4_iomap_begin+0x10/0x10
[  152.572667][ T9474]  __iomap_dio_rw+0x697/0x1090
[  152.577513][ T9474]  ? __vfs_getxattr+0x29f/0x2b0
[  152.582420][ T9474]  iomap_dio_rw+0x40/0x90
[  152.586810][ T9474]  ext4_file_write_iter+0xa8c/0xe10
[  152.589707][ T9479] 9pnet_fd: Insufficient options for proto=fd
[  152.592040][ T9474]  do_iter_readv_writev+0x3a5/0x460
[  152.603549][ T9474]  vfs_writev+0x2d4/0x880
[  152.608216][ T9474]  __se_sys_pwritev2+0x10c/0x1d0
[  152.613318][ T9474]  __x64_sys_pwritev2+0x78/0x90
[  152.618242][ T9474]  x64_sys_call+0x271f/0x2d60
[  152.623491][ T9474]  do_syscall_64+0xc9/0x1c0
[  152.628286][ T9474]  ? clear_bhb_loop+0x55/0xb0
[  152.633454][ T9474]  ? clear_bhb_loop+0x55/0xb0
[  152.638236][ T9474]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.644180][ T9474] RIP: 0033:0x7f1b273adef9
[  152.648623][ T9474] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  152.668393][ T9474] RSP: 002b:00007f1b26027038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  152.676839][ T9474] RAX: ffffffffffffffda RBX: 00007f1b27565f80 RCX: 00007f1b273adef9
[  152.684886][ T9474] RDX: 0000000000000002 RSI: 0000000020000240 RDI: 0000000000000004
[  152.692887][ T9474] RBP: 00007f1b26027090 R08: 0000000000000000 R09: 0000000000000003
[  152.700974][ T9474] R10: 0000000000001800 R11: 0000000000000246 R12: 0000000000000001
[  152.709059][ T9474] R13: 0000000000000000 R14: 00007f1b27565f80 R15: 00007ffc32b8eb58
[  152.717120][ T9474]  </TASK>
[  152.744186][ T9273] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  152.756388][ T9273] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  152.779881][ T9273] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  152.800425][ T9273] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  152.841598][ T9502] IPVS: Error joining to the multicast group
[  152.861178][ T9501] netlink: 'syz.0.2056': attribute type 27 has an invalid length.
[  152.952835][ T9501] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  152.969112][ T9501] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  153.051711][ T9501] netdevsim netdevsim0 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  153.060406][ T9501] netdevsim netdevsim0 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  153.068925][ T9501] netdevsim netdevsim0 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  153.077732][ T9501] netdevsim netdevsim0 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  153.092496][ T9501] geneve1: left promiscuous mode
[  153.114432][ T9521] 8021q: adding VLAN 0 to HW filter on device bond0
[  153.122749][ T9521] 8021q: adding VLAN 0 to HW filter on device team0
[  153.133900][ T9521] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  153.654125][   T29] kauditd_printk_skb: 223 callbacks suppressed
[  153.654143][   T29] audit: type=1400 audit(1726879161.775:8150): avc:  denied  { create } for  pid=9541 comm="syz.3.2072" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  153.712449][   T29] audit: type=1400 audit(1726879161.775:8151): avc:  denied  { ioctl } for  pid=9541 comm="syz.3.2072" path="socket:[25477]" dev="sockfs" ino=25477 ioctlcmd=0x890b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  153.737494][   T29] audit: type=1400 audit(1726879161.805:8152): avc:  denied  { ioctl } for  pid=9541 comm="syz.3.2072" path="socket:[25480]" dev="sockfs" ino=25480 ioctlcmd=0x8943 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  153.762389][   T29] audit: type=1400 audit(1726879161.835:8153): avc:  denied  { create } for  pid=9546 comm="syz.0.2074" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  153.783847][   T29] audit: type=1400 audit(1726879161.845:8154): avc:  denied  { setopt } for  pid=9546 comm="syz.0.2074" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  153.803287][   T29] audit: type=1400 audit(1726879161.855:8155): avc:  denied  { map } for  pid=9549 comm="syz.3.2076" path="socket:[25506]" dev="sockfs" ino=25506 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1
[  153.826499][   T29] audit: type=1400 audit(1726879161.875:8156): avc:  denied  { create } for  pid=9548 comm="syz.1.2075" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  153.846338][   T29] audit: type=1400 audit(1726879161.875:8157): avc:  denied  { setopt } for  pid=9548 comm="syz.1.2075" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  153.896725][   T29] audit: type=1400 audit(1726879161.975:8158): avc:  denied  { ioctl } for  pid=9546 comm="syz.0.2074" path="socket:[25518]" dev="sockfs" ino=25518 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  153.922548][   T29] audit: type=1326 audit(1726879161.985:8159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9514 comm="syz.4.2063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b273adef9 code=0x7ffc0000
[  153.948111][ T9568] bridge_slave_0: default FDB implementation only supports local addresses
[  153.961183][ T9562] FAULT_INJECTION: forcing a failure.
[  153.961183][ T9562] name failslab, interval 1, probability 0, space 0, times 0
[  153.973921][ T9562] CPU: 1 UID: 0 PID: 9562 Comm: syz.4.2079 Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0
[  153.984366][ T9562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  153.994444][ T9562] Call Trace:
[  153.997728][ T9562]  <TASK>
[  154.000670][ T9562]  dump_stack_lvl+0xf2/0x150
[  154.005380][ T9562]  dump_stack+0x15/0x20
[  154.009571][ T9562]  should_fail_ex+0x229/0x230
[  154.014263][ T9562]  ? security_inode_alloc+0x32/0x100
[  154.019718][ T9562]  should_failslab+0x8f/0xb0
[  154.024336][ T9562]  kmem_cache_alloc_noprof+0x4c/0x290
[  154.029838][ T9562]  security_inode_alloc+0x32/0x100
[  154.035108][ T9562]  inode_init_always+0x438/0x480
[  154.040117][ T9562]  alloc_inode+0x7d/0x160
[  154.044542][ T9562]  new_inode_pseudo+0x15/0x20
[  154.049417][ T9562]  alloc_anon_inode+0x1e/0x170
[  154.054236][ T9562]  aio_setup_ring+0x96/0x6a0
[  154.058845][ T9562]  ioctx_alloc+0x2b2/0x4c0
[  154.063308][ T9562]  __se_sys_io_setup+0x6b/0x1b0
[  154.068186][ T9562]  __x64_sys_io_setup+0x31/0x40
[  154.073087][ T9562]  x64_sys_call+0x2639/0x2d60
[  154.077802][ T9562]  do_syscall_64+0xc9/0x1c0
[  154.082372][ T9562]  ? clear_bhb_loop+0x55/0xb0
[  154.087149][ T9562]  ? clear_bhb_loop+0x55/0xb0
[  154.091936][ T9562]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.097898][ T9562] RIP: 0033:0x7f1b273adef9
[  154.102340][ T9562] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  154.122175][ T9562] RSP: 002b:00007f1b26027038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce
[  154.130631][ T9562] RAX: ffffffffffffffda RBX: 00007f1b27565f80 RCX: 00007f1b273adef9
[  154.138645][ T9562] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000003
[  154.146702][ T9562] RBP: 00007f1b26027090 R08: 0000000000000000 R09: 0000000000000000
[  154.154701][ T9562] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  154.162681][ T9562] R13: 0000000000000000 R14: 00007f1b27565f80 R15: 00007ffc32b8eb58
[  154.170672][ T9562]  </TASK>
[  154.191585][ T9570] loop3: detected capacity change from 0 to 512
[  154.192569][ T9568] 
: renamed from ipvlan1
[  154.221960][ T9570] ext4 filesystem being mounted at /291/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  154.331067][ T9581] loop3: detected capacity change from 0 to 512
[  154.337822][ T9581] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  154.363148][ T9581] __nla_validate_parse: 1 callbacks suppressed
[  154.363165][ T9581] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2086'.
[  154.427502][ T9587] Unsupported ieee802154 address type: 0
[  154.733129][ T9596] loop2: detected capacity change from 0 to 8192
[  155.092580][ T9620] FAULT_INJECTION: forcing a failure.
[  155.092580][ T9620] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  155.105790][ T9620] CPU: 1 UID: 0 PID: 9620 Comm: syz.4.2101 Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0
[  155.116231][ T9620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  155.126327][ T9620] Call Trace:
[  155.129624][ T9620]  <TASK>
[  155.132664][ T9620]  dump_stack_lvl+0xf2/0x150
[  155.137422][ T9620]  dump_stack+0x15/0x20
[  155.141671][ T9620]  should_fail_ex+0x229/0x230
[  155.146483][ T9620]  should_fail+0xb/0x10
[  155.150674][ T9620]  should_fail_usercopy+0x1a/0x20
[  155.155724][ T9620]  _copy_from_user+0x1e/0xd0
[  155.160422][ T9620]  memdup_user+0x64/0xc0
[  155.164804][ T9620]  strndup_user+0x68/0xa0
[  155.169194][ T9620]  keyctl_restrict_keyring+0x153/0x1b0
[  155.174738][ T9620]  ? proc_fail_nth_write+0x12a/0x150
[  155.180191][ T9620]  __se_sys_keyctl+0x20f/0xbb0
[  155.180676][ T9622] loop0: detected capacity change from 0 to 128
[  155.184996][ T9620]  ? __fget_files+0x1d4/0x210
[  155.191924][ T9622] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  155.195915][ T9620]  ? fput+0x14e/0x190
[  155.208595][ T9622] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  155.212013][ T9620]  ? ksys_write+0x178/0x1b0
[  155.225757][ T9620]  __x64_sys_keyctl+0x67/0x80
[  155.230504][ T9620]  x64_sys_call+0x971/0x2d60
[  155.235149][ T9620]  do_syscall_64+0xc9/0x1c0
[  155.239699][ T9620]  ? clear_bhb_loop+0x55/0xb0
[  155.244413][ T9620]  ? clear_bhb_loop+0x55/0xb0
[  155.249296][ T9620]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.255263][ T9620] RIP: 0033:0x7f1b273adef9
[  155.259711][ T9620] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  155.278449][ T9624] netlink: 'syz.1.2104': attribute type 178 has an invalid length.
[  155.279323][ T9620] RSP: 002b:00007f1b26027038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa
[  155.279353][ T9620] RAX: ffffffffffffffda RBX: 00007f1b27565f80 RCX: 00007f1b273adef9
[  155.303855][ T9620] RDX: 0000000020000000 RSI: 000000000253261d RDI: 000000000000001d
[  155.311923][ T9620] RBP: 00007f1b26027090 R08: 0000000000000000 R09: 0000000000000000
[  155.319903][ T9620] R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000001
[  155.327891][ T9620] R13: 0000000000000000 R14: 00007f1b27565f80 R15: 00007ffc32b8eb58
[  155.335927][ T9620]  </TASK>
[  155.374116][ T9632] loop1: detected capacity change from 0 to 512
[  155.382611][ T9632] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  155.400161][ T9632] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.2106: bg 0: block 248: padding at end of block bitmap is not set
[  155.414877][ T9632] EXT4-fs (loop1): Remounting filesystem read-only
[  155.421700][ T9632] EXT4-fs (loop1): 1 truncate cleaned up
[  155.427987][ T9632] SELinux: (dev loop1, type ext4) getxattr errno 5
[  155.513002][ T9650] vlan3: entered promiscuous mode
[  155.518156][ T9650] ip6gretap0: entered promiscuous mode
[  155.553818][ T9645] loop3: detected capacity change from 0 to 128
[  155.563190][ T9645] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  155.575756][ T9645] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  155.690947][ T9656] loop3: detected capacity change from 0 to 8192
[  155.778318][ T9663] loop2: detected capacity change from 0 to 512
[  155.789518][ T9663] loop2: detected capacity change from 0 to 512
[  155.799086][ T9663] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -13
[  155.807668][ T9663] EXT4-fs warning (device loop2): ext4_block_to_path:107: block 3279945729 > max in inode 13
[  155.820223][ T9663] EXT4-fs warning (device loop2): ext4_block_to_path:107: block 3279945730 > max in inode 13
[  155.830910][ T9663] EXT4-fs (loop2): 1 truncate cleaned up
[  155.840209][ T9663] IPv6: Can't replace route, no match found
[  155.962162][ T9677] loop4: detected capacity change from 0 to 512
[  155.990229][ T9677] ext4 filesystem being mounted at /449/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  156.282258][ T9692] loop2: detected capacity change from 0 to 2048
[  156.456408][ T9696] netlink: 84 bytes leftover after parsing attributes in process `syz.0.2126'.
[  156.465692][ T9696] netem: invalid attributes len -16
[  156.470953][ T9696] netem: change failed
[  156.512083][ T9707] loop0: detected capacity change from 0 to 512
[  156.529671][ T9714] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2132'.
[  156.684141][ T9726] netlink: 84 bytes leftover after parsing attributes in process `syz.4.2137'.
[  156.693331][ T9726] netem: invalid attributes len -16
[  156.698685][ T9726] netem: change failed
[  156.771992][ T9731] netlink: 84 bytes leftover after parsing attributes in process `syz.2.2138'.
[  156.792269][ T9731] netem: invalid attributes len -16
[  156.798087][ T9731] netem: change failed
[  156.812034][ T9733] loop4: detected capacity change from 0 to 512
[  156.821416][ T9733] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  156.834776][ T9733] EXT4-fs (loop4): 1 truncate cleaned up
[  156.940446][ T9741] loop4: detected capacity change from 0 to 512
[  156.943066][ T9743] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2143'.
[  156.961183][ T9741] ext4 filesystem being mounted at /458/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  156.975663][ T9741] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2144'.
[  156.987188][ T9741] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=9741 comm=syz.4.2144
[  157.053955][ T9756] loop4: detected capacity change from 0 to 512
[  157.070045][ T9756] ext4 filesystem being mounted at /460/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  157.110831][ T9764] (unnamed net_device) (uninitialized): option lacp_rate: invalid value (64)
[  157.125670][ T9764] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2151'.
[  157.392399][ T9776] FAULT_INJECTION: forcing a failure.
[  157.392399][ T9776] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  157.405753][ T9776] CPU: 1 UID: 0 PID: 9776 Comm: syz.4.2156 Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0
[  157.416169][ T9776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  157.426245][ T9776] Call Trace:
[  157.429593][ T9776]  <TASK>
[  157.432538][ T9776]  dump_stack_lvl+0xf2/0x150
[  157.437176][ T9776]  dump_stack+0x15/0x20
[  157.441367][ T9776]  should_fail_ex+0x229/0x230
[  157.446063][ T9776]  should_fail_alloc_page+0xfd/0x110
[  157.451553][ T9776]  __alloc_pages_noprof+0x109/0x360
[  157.456826][ T9776]  alloc_pages_mpol_noprof+0xb1/0x1e0
[  157.462317][ T9776]  vma_alloc_folio_noprof+0x1a0/0x2f0
[  157.468012][ T9776]  handle_mm_fault+0xdbe/0x2a40
[  157.472908][ T9776]  exc_page_fault+0x296/0x650
[  157.477647][ T9776]  ? __rcu_read_unlock+0x4e/0x70
[  157.482609][ T9776]  asm_exc_page_fault+0x26/0x30
[  157.487556][ T9776] RIP: 0010:rep_movs_alternative+0x33/0x70
[  157.493405][ T9776] Code: 40 83 f9 08 73 21 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb
[  157.513041][ T9776] RSP: 0018:ffffc90001307d40 EFLAGS: 00050216
[  157.519266][ T9776] RAX: 0000000000000000 RBX: 0000000020004600 RCX: 0000000000000020
[  157.527491][ T9776] RDX: 0000000000000000 RSI: ffff88813afb3020 RDI: 0000000020004600
[  157.535571][ T9776] RBP: 0000000000000020 R08: 0000000080000000 R09: 0000000000000000
[  157.543758][ T9776] R10: 000188813afb3020 R11: 000188813afb303f R12: 0000000020004620
[  157.551738][ T9776] R13: ffff88813afb3020 R14: 0000000000000020 R15: ffff88813afb3020
[  157.559801][ T9776]  _copy_to_user+0x77/0xa0
[  157.564396][ T9776]  aio_read_events+0x1fa/0x3c0
[  157.569247][ T9776]  do_io_getevents+0x29c/0x400
[  157.574123][ T9776]  ? __pfx_autoremove_wake_function+0x10/0x10
[  157.580225][ T9776]  ? __pfx_hrtimer_wakeup+0x10/0x10
[  157.585520][ T9776]  __x64_sys_io_getevents+0xca/0x190
[  157.590816][ T9776]  x64_sys_call+0x2bc5/0x2d60
[  157.595625][ T9776]  do_syscall_64+0xc9/0x1c0
[  157.600134][ T9776]  ? clear_bhb_loop+0x55/0xb0
[  157.604878][ T9776]  ? clear_bhb_loop+0x55/0xb0
[  157.609590][ T9776]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.615511][ T9776] RIP: 0033:0x7f1b273adef9
[  157.619932][ T9776] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  157.639765][ T9776] RSP: 002b:00007f1b26027038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d0
[  157.648219][ T9776] RAX: ffffffffffffffda RBX: 00007f1b27565f80 RCX: 00007f1b273adef9
[  157.656210][ T9776] RDX: 0000000000000001 RSI: 0000000000000001 RDI: 00007f1b25ff7000
[  157.664186][ T9776] RBP: 00007f1b26027090 R08: 0000000000000000 R09: 0000000000000000
[  157.672172][ T9776] R10: 0000000020004600 R11: 0000000000000246 R12: 0000000000000001
[  157.680164][ T9776] R13: 0000000000000000 R14: 00007f1b27565f80 R15: 00007ffc32b8eb58
[  157.688159][ T9776]  </TASK>
[  157.817426][ T9786] loop1: detected capacity change from 0 to 8192
[  158.074585][ T9804] netlink: 'syz.2.2166': attribute type 4 has an invalid length.
[  158.137786][ T9807] netlink: 'syz.2.2166': attribute type 4 has an invalid length.
[  158.234219][ T9811] netlink: 'syz.2.2168': attribute type 10 has an invalid length.
[  158.246149][ T9811] 8021q: adding VLAN 0 to HW filter on device batadv0
[  158.255762][ T9811] €: (slave batadv0): Enslaving as an active interface with an up link
[  158.719214][   T29] kauditd_printk_skb: 148 callbacks suppressed
[  158.719233][   T29] audit: type=1400 audit(1726879166.845:8304): avc:  denied  { create } for  pid=9817 comm="syz.0.2171" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  158.748954][ T9816] loop1: detected capacity change from 0 to 8192
[  158.769771][   T29] audit: type=1400 audit(1726879166.885:8305): avc:  denied  { audit_write } for  pid=9817 comm="syz.0.2171" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  158.791128][   T29] audit: type=1107 audit(1726879166.885:8306): pid=9817 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[  158.804577][   T29] audit: type=1326 audit(1726879166.905:8307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9819 comm="syz.1.2172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ad554def9 code=0x7ffc0000
[  158.828636][   T29] audit: type=1326 audit(1726879166.905:8308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9819 comm="syz.1.2172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ad554def9 code=0x7ffc0000
[  158.852241][   T29] audit: type=1326 audit(1726879166.905:8309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9819 comm="syz.1.2172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6ad554def9 code=0x7ffc0000
[  158.876223][   T29] audit: type=1326 audit(1726879166.905:8310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9819 comm="syz.1.2172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ad554def9 code=0x7ffc0000
[  158.899923][   T29] audit: type=1326 audit(1726879166.905:8311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9819 comm="syz.1.2172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6ad554def9 code=0x7ffc0000
[  158.923381][   T29] audit: type=1326 audit(1726879166.905:8312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9819 comm="syz.1.2172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ad554def9 code=0x7ffc0000
[  158.947195][   T29] audit: type=1326 audit(1726879166.905:8313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9819 comm="syz.1.2172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=137 compat=0 ip=0x7f6ad554def9 code=0x7ffc0000
[  158.978861][ T9822] netlink: 'syz.1.2173': attribute type 12 has an invalid length.
[  158.989702][ T9824] syz.1.2173 (9824) used obsolete PPPIOCDETACH ioctl
[  159.002540][ T9822] loop1: detected capacity change from 0 to 1024
[  159.009752][ T2478] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  159.010843][ T9822] ext4: Unknown parameter 'mask'
[  160.528298][ T9939] FAULT_INJECTION: forcing a failure.
[  160.528298][ T9939] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  160.541458][ T9939] CPU: 0 UID: 0 PID: 9939 Comm: syz.4.2222 Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0
[  160.552090][ T9939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  160.562459][ T9939] Call Trace:
[  160.565776][ T9939]  <TASK>
[  160.568805][ T9939]  dump_stack_lvl+0xf2/0x150
[  160.573763][ T9939]  dump_stack+0x15/0x20
[  160.578133][ T9939]  should_fail_ex+0x229/0x230
[  160.582858][ T9939]  should_fail+0xb/0x10
[  160.587223][ T9939]  should_fail_usercopy+0x1a/0x20
[  160.587261][ T9939]  _copy_from_user+0x1e/0xd0
[  160.587364][ T9939]  copy_msghdr_from_user+0x54/0x2a0
[  160.587400][ T9939]  __sys_sendmmsg+0x21e/0x500
[  160.587509][ T9939]  __x64_sys_sendmmsg+0x57/0x70
[  160.587548][ T9939]  x64_sys_call+0xa49/0x2d60
[  160.587626][ T9939]  do_syscall_64+0xc9/0x1c0
[  160.587646][ T9939]  ? clear_bhb_loop+0x55/0xb0
[  160.587678][ T9939]  ? clear_bhb_loop+0x55/0xb0
[  160.587721][ T9939]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.587784][ T9939] RIP: 0033:0x7f1b273adef9
[  160.587801][ T9939] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  160.587825][ T9939] RSP: 002b:00007f1b26027038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  160.587846][ T9939] RAX: ffffffffffffffda RBX: 00007f1b27565f80 RCX: 00007f1b273adef9
[  160.587859][ T9939] RDX: 000000000800001d RSI: 0000000020007fc0 RDI: 0000000000000003
[  160.587875][ T9939] RBP: 00007f1b26027090 R08: 0000000000000000 R09: 0000000000000000
[  160.587893][ T9939] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  160.587910][ T9939] R13: 0000000000000000 R14: 00007f1b27565f80 R15: 00007ffc32b8eb58
[  160.587998][ T9939]  </TASK>
[  160.710172][ T9950] netlink: 'syz.1.2227': attribute type 29 has an invalid length.
[  160.804685][ T9951] netlink: 'syz.0.2226': attribute type 29 has an invalid length.
[  160.813008][ T9950] netlink: 'syz.1.2227': attribute type 29 has an invalid length.
[  160.829635][ T9957] netlink: 'syz.0.2226': attribute type 29 has an invalid length.
[  160.993125][ T9990] netlink: 'syz.1.2244': attribute type 29 has an invalid length.
[  161.001699][ T9990] netlink: 'syz.1.2244': attribute type 29 has an invalid length.
[  161.791133][T10031] FAULT_INJECTION: forcing a failure.
[  161.791133][T10031] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  161.805328][T10031] CPU: 1 UID: 0 PID: 10031 Comm: syz.3.2260 Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0
[  161.816087][T10031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  161.826445][T10031] Call Trace:
[  161.830673][T10031]  <TASK>
[  161.833812][T10031]  dump_stack_lvl+0xf2/0x150
[  161.838472][T10031]  dump_stack+0x15/0x20
[  161.842785][T10031]  should_fail_ex+0x229/0x230
[  161.847672][T10031]  should_fail+0xb/0x10
[  161.851859][T10031]  should_fail_usercopy+0x1a/0x20
[  161.857036][T10031]  _copy_to_user+0x1e/0xa0
[  161.861651][T10031]  simple_read_from_buffer+0xa0/0x110
[  161.867188][T10031]  proc_fail_nth_read+0xf9/0x140
[  161.872180][T10031]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  161.877814][T10031]  vfs_read+0x195/0x720
[  161.882079][T10031]  ? __traceiter_kmem_cache_free+0x33/0x50
[  161.887973][T10031]  ? __rcu_read_unlock+0x4e/0x70
[  161.893069][T10031]  ? __fget_files+0x1d4/0x210
[  161.897794][T10031]  ksys_read+0xeb/0x1b0
[  161.902036][T10031]  __x64_sys_read+0x42/0x50
[  161.906661][T10031]  x64_sys_call+0x27d3/0x2d60
[  161.911492][T10031]  do_syscall_64+0xc9/0x1c0
[  161.916027][T10031]  ? clear_bhb_loop+0x55/0xb0
[  161.920930][T10031]  ? clear_bhb_loop+0x55/0xb0
[  161.925860][T10031]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  161.931917][T10031] RIP: 0033:0x7f5d0fffc93c
[  161.936357][T10031] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  161.956534][T10031] RSP: 002b:00007f5d0ec71030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  161.965072][T10031] RAX: ffffffffffffffda RBX: 00007f5d101b5f80 RCX: 00007f5d0fffc93c
[  161.973384][T10031] RDX: 000000000000000f RSI: 00007f5d0ec710a0 RDI: 0000000000000005
[  161.981888][T10031] RBP: 00007f5d0ec71090 R08: 0000000000000000 R09: 0000000000000000
[  161.990168][T10031] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  161.998475][T10031] R13: 0000000000000000 R14: 00007f5d101b5f80 R15: 00007ffc17701fb8
[  162.006586][T10031]  </TASK>
[  162.417521][T10113] FAULT_INJECTION: forcing a failure.
[  162.417521][T10113] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  162.430982][T10113] CPU: 1 UID: 0 PID: 10113 Comm: syz.3.2296 Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0
[  162.441622][T10113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  162.451873][T10113] Call Trace:
[  162.455153][T10113]  <TASK>
[  162.458103][T10113]  dump_stack_lvl+0xf2/0x150
[  162.462762][T10113]  dump_stack+0x15/0x20
[  162.466980][T10113]  should_fail_ex+0x229/0x230
[  162.471692][T10113]  should_fail+0xb/0x10
[  162.475929][T10113]  should_fail_usercopy+0x1a/0x20
[  162.480964][T10113]  _copy_from_user+0x1e/0xd0
[  162.485585][T10113]  kstrtouint_from_user+0x76/0xe0
[  162.490653][T10113]  ? 0xffffffff81000000
[  162.494930][T10113]  proc_fail_nth_write+0x4f/0x150
[  162.499999][T10113]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  162.505671][T10113]  vfs_write+0x26c/0x910
[  162.509964][T10113]  ? __fget_files+0x1d4/0x210
[  162.514721][T10113]  ksys_write+0xeb/0x1b0
[  162.518982][T10113]  __x64_sys_write+0x42/0x50
[  162.523626][T10113]  x64_sys_call+0x27dd/0x2d60
[  162.528331][T10113]  do_syscall_64+0xc9/0x1c0
[  162.532943][T10113]  ? clear_bhb_loop+0x55/0xb0
[  162.537677][T10113]  ? clear_bhb_loop+0x55/0xb0
[  162.542373][T10113]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.548518][T10113] RIP: 0033:0x7f5d0fffc9df
[  162.552934][T10113] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[  162.572584][T10113] RSP: 002b:00007f5d0ec71030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  162.581379][T10113] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f5d0fffc9df
[  162.589877][T10113] RDX: 0000000000000001 RSI: 00007f5d0ec710a0 RDI: 0000000000000004
[  162.597975][T10113] RBP: 00007f5d0ec71090 R08: 0000000000000000 R09: 0000000000000000
[  162.605984][T10113] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  162.614071][T10113] R13: 0000000000000000 R14: 00007f5d101b5f80 R15: 00007ffc17701fb8
[  162.622295][T10113]  </TASK>
[  163.082918][T10169] FAULT_INJECTION: forcing a failure.
[  163.082918][T10169] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  163.096242][T10169] CPU: 1 UID: 0 PID: 10169 Comm: syz.4.2321 Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0
[  163.106812][T10169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  163.117137][T10169] Call Trace:
[  163.120480][T10169]  <TASK>
[  163.123434][T10169]  dump_stack_lvl+0xf2/0x150
[  163.128105][T10169]  dump_stack+0x15/0x20
[  163.132373][T10169]  should_fail_ex+0x229/0x230
[  163.137074][T10169]  should_fail+0xb/0x10
[  163.141365][T10169]  should_fail_usercopy+0x1a/0x20
[  163.146425][T10169]  _copy_to_user+0x1e/0xa0
[  163.150964][T10169]  simple_read_from_buffer+0xa0/0x110
[  163.156415][T10169]  proc_fail_nth_read+0xf9/0x140
[  163.161580][T10169]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  163.167281][T10169]  vfs_read+0x195/0x720
[  163.171552][T10169]  ? __rcu_read_unlock+0x4e/0x70
[  163.176825][T10169]  ? __fget_files+0x1d4/0x210
[  163.181561][T10169]  ksys_read+0xeb/0x1b0
[  163.185989][T10169]  __x64_sys_read+0x42/0x50
[  163.190633][T10169]  x64_sys_call+0x27d3/0x2d60
[  163.195804][T10169]  do_syscall_64+0xc9/0x1c0
[  163.200384][T10169]  ? clear_bhb_loop+0x55/0xb0
[  163.205119][T10169]  ? clear_bhb_loop+0x55/0xb0
[  163.210242][T10169]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.216194][T10169] RIP: 0033:0x7f1b273ac93c
[  163.220646][T10169] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  163.240394][T10169] RSP: 002b:00007f1b26027030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  163.240424][T10169] RAX: ffffffffffffffda RBX: 00007f1b27565f80 RCX: 00007f1b273ac93c
[  163.256994][T10169] RDX: 000000000000000f RSI: 00007f1b260270a0 RDI: 0000000000000003
[  163.264997][T10169] RBP: 00007f1b26027090 R08: 0000000000000000 R09: 0000000000000000
[  163.272997][T10169] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  163.281168][T10169] R13: 0000000000000000 R14: 00007f1b27565f80 R15: 00007ffc32b8eb58
[  163.289248][T10169]  </TASK>
[  163.306910][T10185] validate_nla: 2 callbacks suppressed
[  163.306925][T10185] netlink: 'syz.1.2328': attribute type 29 has an invalid length.
[  163.321710][T10185] netlink: 'syz.1.2328': attribute type 29 has an invalid length.
[  163.705026][T10216] netlink: 'syz.2.2342': attribute type 29 has an invalid length.
[  163.713761][T10216] netlink: 'syz.2.2342': attribute type 29 has an invalid length.
[  163.733276][   T29] kauditd_printk_skb: 1185 callbacks suppressed
[  163.733295][   T29] audit: type=1400 audit(1726879171.855:9499): avc:  denied  { map_create } for  pid=10218 comm="syz.1.2343" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  163.760984][   T29] audit: type=1400 audit(1726879171.855:9500): avc:  denied  { read write } for  pid=4021 comm="syz-executor" name="loop2" dev="devtmpfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  163.785530][   T29] audit: type=1400 audit(1726879171.865:9501): avc:  denied  { prog_load } for  pid=10218 comm="syz.1.2343" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  163.805491][   T29] audit: type=1400 audit(1726879171.865:9502): avc:  denied  { map_create } for  pid=10218 comm="syz.1.2343" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  163.817644][T10223] audit: audit_backlog=65 > audit_backlog_limit=64
[  163.825160][   T29] audit: type=1400 audit(1726879171.865:9503): avc:  denied  { prog_load } for  pid=10218 comm="syz.1.2343" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  163.825193][   T29] audit: type=1400 audit(1726879171.865:9504): avc:  denied  { prog_load } for  pid=10218 comm="syz.1.2343" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  163.825274][   T29] audit: type=1400 audit(1726879171.865:9505): avc:  denied  { prog_load } for  pid=10218 comm="syz.1.2343" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  163.831978][T10223] audit: audit_lost=6 audit_rate_limit=0 audit_backlog_limit=64
[  163.851148][   T29] audit: type=1400 audit(1726879171.865:9506): avc:  denied  { prog_load } for  pid=10218 comm="syz.1.2343" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  164.009915][T10241] macvtap0: refused to change device tx_queue_len
[  164.768838][  T497] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  164.871400][T10421] FAULT_INJECTION: forcing a failure.
[  164.871400][T10421] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  164.884931][T10421] CPU: 0 UID: 0 PID: 10421 Comm: syz.2.2433 Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0
[  164.895021][T10425] can0: slcan on ttyS3.
[  164.895348][T10421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  164.909625][T10421] Call Trace:
[  164.912906][T10421]  <TASK>
[  164.915914][T10421]  dump_stack_lvl+0xf2/0x150
[  164.920651][T10421]  dump_stack+0x15/0x20
[  164.925000][T10421]  should_fail_ex+0x229/0x230
[  164.929720][T10421]  should_fail+0xb/0x10
[  164.933894][T10421]  should_fail_usercopy+0x1a/0x20
[  164.939000][T10421]  _copy_to_user+0x1e/0xa0
[  164.943432][T10421]  simple_read_from_buffer+0xa0/0x110
[  164.949380][T10421]  proc_fail_nth_read+0xf9/0x140
[  164.954479][T10421]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  164.960109][T10421]  vfs_read+0x195/0x720
[  164.964320][T10421]  ? __rcu_read_unlock+0x4e/0x70
[  164.969279][T10421]  ? __fget_files+0x1d4/0x210
[  164.974148][T10421]  ksys_read+0xeb/0x1b0
[  164.978320][T10421]  __x64_sys_read+0x42/0x50
[  164.982901][T10421]  x64_sys_call+0x27d3/0x2d60
[  164.987958][T10421]  do_syscall_64+0xc9/0x1c0
[  164.992560][T10421]  ? clear_bhb_loop+0x55/0xb0
[  164.997317][T10421]  ? clear_bhb_loop+0x55/0xb0
[  165.002179][T10421]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.008174][T10421] RIP: 0033:0x7f0ce2b6c93c
[  165.012794][T10421] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  165.032561][T10421] RSP: 002b:00007f0ce17e1030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  165.041018][T10421] RAX: ffffffffffffffda RBX: 00007f0ce2d25f80 RCX: 00007f0ce2b6c93c
[  165.049010][T10421] RDX: 000000000000000f RSI: 00007f0ce17e10a0 RDI: 0000000000000004
[  165.057029][T10421] RBP: 00007f0ce17e1090 R08: 0000000000000000 R09: 0000000000000000
[  165.065101][T10421] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  165.073153][T10421] R13: 0000000000000000 R14: 00007f0ce2d25f80 R15: 00007ffda25f66d8
[  165.081154][T10421]  </TASK>
[  165.254032][T10447] FAULT_INJECTION: forcing a failure.
[  165.254032][T10447] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  165.267283][T10447] CPU: 0 UID: 0 PID: 10447 Comm: syz.2.2444 Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0
[  165.277729][T10447] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  165.288177][T10447] Call Trace:
[  165.291509][T10447]  <TASK>
[  165.294462][T10447]  dump_stack_lvl+0xf2/0x150
[  165.299114][T10447]  dump_stack+0x15/0x20
[  165.303403][T10447]  should_fail_ex+0x229/0x230
[  165.308289][T10447]  should_fail+0xb/0x10
[  165.312492][T10447]  should_fail_usercopy+0x1a/0x20
[  165.317542][T10447]  _copy_from_user+0x1e/0xd0
[  165.322185][T10447]  kstrtouint_from_user+0x76/0xe0
[  165.327317][T10447]  ? 0xffffffff81000000
[  165.331496][T10447]  proc_fail_nth_write+0x4f/0x150
[  165.336578][T10447]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  165.342274][T10447]  vfs_write+0x26c/0x910
[  165.346615][T10447]  ? __fget_files+0x1d4/0x210
[  165.351369][T10447]  ksys_write+0xeb/0x1b0
[  165.355748][T10447]  __x64_sys_write+0x42/0x50
[  165.360675][T10447]  x64_sys_call+0x27dd/0x2d60
[  165.365653][T10447]  do_syscall_64+0xc9/0x1c0
[  165.370267][T10447]  ? clear_bhb_loop+0x55/0xb0
[  165.375155][T10447]  ? clear_bhb_loop+0x55/0xb0
[  165.379882][T10447]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.385898][T10447] RIP: 0033:0x7f0ce2b6c9df
[  165.390400][T10447] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[  165.413047][T10447] RSP: 002b:00007f0ce17e1030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  165.421552][T10447] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f0ce2b6c9df
[  165.421570][T10447] RDX: 0000000000000001 RSI: 00007f0ce17e10a0 RDI: 0000000000000004
[  165.421584][T10447] RBP: 00007f0ce17e1090 R08: 0000000000000000 R09: 0000000000000000
[  165.421616][T10447] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  165.421632][T10447] R13: 0000000000000000 R14: 00007f0ce2d25f80 R15: 00007ffda25f66d8
[  165.461734][T10447]  </TASK>
[  165.666020][T10425] coredump: 1214(syz.4.2435): written to core: VMAs: 32, size 89161728; core: 60027151 bytes, pos 89174016
[  165.744474][T10466] FAULT_INJECTION: forcing a failure.
[  165.744474][T10466] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  165.758109][T10466] CPU: 1 UID: 0 PID: 10466 Comm: syz.2.2451 Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0
[  165.768560][T10466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  165.778635][T10466] Call Trace:
[  165.781924][T10466]  <TASK>
[  165.785008][T10466]  dump_stack_lvl+0xf2/0x150
[  165.789714][T10466]  dump_stack+0x15/0x20
[  165.793986][T10466]  should_fail_ex+0x229/0x230
[  165.798903][T10466]  should_fail_alloc_page+0xfd/0x110
[  165.804536][T10466]  alloc_pages_bulk_noprof+0x106/0x6b0
[  165.810495][T10466]  ? __kmalloc_noprof+0x165/0x370
[  165.815690][T10466]  copy_splice_read+0xfa/0x5d0
[  165.820780][T10466]  ? alloc_pipe_info+0x1cb/0x360
[  165.825961][T10466]  ? __kmalloc_noprof+0x203/0x370
[  165.831338][T10466]  ? __pfx_copy_splice_read+0x10/0x10
[  165.837735][T10466]  splice_direct_to_actor+0x269/0x670
[  165.843454][T10466]  ? __pfx_direct_splice_actor+0x10/0x10
[  165.849407][T10466]  do_splice_direct+0xd7/0x150
[  165.854266][T10466]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  165.860354][T10466]  do_sendfile+0x39b/0x970
[  165.864832][T10466]  __x64_sys_sendfile64+0x110/0x150
[  165.870169][T10466]  x64_sys_call+0xed5/0x2d60
[  165.874981][T10466]  do_syscall_64+0xc9/0x1c0
[  165.879615][T10466]  ? clear_bhb_loop+0x55/0xb0
[  165.884354][T10466]  ? clear_bhb_loop+0x55/0xb0
[  165.889069][T10466]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.895143][T10466] RIP: 0033:0x7f0ce2b6def9
[  165.899962][T10466] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  165.920638][T10466] RSP: 002b:00007f0ce17e1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  165.930915][T10466] RAX: ffffffffffffffda RBX: 00007f0ce2d25f80 RCX: 00007f0ce2b6def9
[  165.939227][T10466] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000005
[  165.949281][T10466] RBP: 00007f0ce17e1090 R08: 0000000000000000 R09: 0000000000000000
[  165.957636][T10466] R10: 0000000080000000 R11: 0000000000000246 R12: 0000000000000001
[  165.965851][T10466] R13: 0000000000000000 R14: 00007f0ce2d25f80 R15: 00007ffda25f66d8
[  165.973987][T10466]  </TASK>
[  165.988190][T10425] can0 (unregistered): slcan off ttyS3.
[  166.721376][T10579] FAULT_INJECTION: forcing a failure.
[  166.721376][T10579] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  166.734665][T10579] CPU: 1 UID: 0 PID: 10579 Comm: syz.4.2503 Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0
[  166.745322][T10579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  166.755423][T10579] Call Trace:
[  166.758821][T10579]  <TASK>
[  166.761770][T10579]  dump_stack_lvl+0xf2/0x150
[  166.766508][T10579]  dump_stack+0x15/0x20
[  166.770716][T10579]  should_fail_ex+0x229/0x230
[  166.775410][T10579]  should_fail+0xb/0x10
[  166.779612][T10579]  should_fail_usercopy+0x1a/0x20
[  166.784739][T10579]  _copy_from_user+0x1e/0xd0
[  166.789355][T10579]  kstrtouint_from_user+0x76/0xe0
[  166.794502][T10579]  ? 0xffffffff81000000
[  166.798787][T10579]  proc_fail_nth_write+0x4f/0x150
[  166.803936][T10579]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  166.810208][T10579]  vfs_write+0x26c/0x910
[  166.814791][T10579]  ? __fget_files+0x1d4/0x210
[  166.819573][T10579]  ksys_write+0xeb/0x1b0
[  166.824059][T10579]  __x64_sys_write+0x42/0x50
[  166.828673][T10579]  x64_sys_call+0x27dd/0x2d60
[  166.833563][T10579]  do_syscall_64+0xc9/0x1c0
[  166.838101][T10579]  ? clear_bhb_loop+0x55/0xb0
[  166.842879][T10579]  ? clear_bhb_loop+0x55/0xb0
[  166.847603][T10579]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.853596][T10579] RIP: 0033:0x7f1b273ac9df
[  166.858033][T10579] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[  166.877854][T10579] RSP: 002b:00007f1b26027030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  166.886583][T10579] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f1b273ac9df
[  166.894565][T10579] RDX: 0000000000000001 RSI: 00007f1b260270a0 RDI: 0000000000000005
[  166.902654][T10579] RBP: 00007f1b26027090 R08: 0000000000000000 R09: 0000000000000000
[  166.910732][T10579] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  166.918787][T10579] R13: 0000000000000000 R14: 00007f1b27565f80 R15: 00007ffc32b8eb58
[  166.926981][T10579]  </TASK>
[  167.069445][T10615] FAULT_INJECTION: forcing a failure.
[  167.069445][T10615] name failslab, interval 1, probability 0, space 0, times 0
[  167.082573][T10615] CPU: 1 UID: 0 PID: 10615 Comm: syz.3.2519 Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0
[  167.093127][T10615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  167.103254][T10615] Call Trace:
[  167.106576][T10615]  <TASK>
[  167.109574][T10615]  dump_stack_lvl+0xf2/0x150
[  167.114327][T10615]  dump_stack+0x15/0x20
[  167.118753][T10615]  should_fail_ex+0x229/0x230
[  167.123564][T10615]  ? vm_area_dup+0x98/0x130
[  167.128184][T10615]  should_failslab+0x8f/0xb0
[  167.132848][T10615]  kmem_cache_alloc_noprof+0x4c/0x290
[  167.138432][T10615]  vm_area_dup+0x98/0x130
[  167.142807][T10615]  __split_vma+0xf7/0x690
[  167.147407][T10615]  do_vmi_align_munmap+0x227/0xa60
[  167.152622][T10615]  do_vmi_munmap+0x1fb/0x250
[  167.157274][T10615]  do_munmap+0x7a/0xb0
[  167.161412][T10615]  __se_sys_mremap+0xab6/0xf10
[  167.166231][T10615]  __x64_sys_mremap+0x67/0x80
[  167.171051][T10615]  x64_sys_call+0x2747/0x2d60
[  167.176384][T10615]  do_syscall_64+0xc9/0x1c0
[  167.181528][T10615]  ? clear_bhb_loop+0x55/0xb0
[  167.186382][T10615]  ? clear_bhb_loop+0x55/0xb0
[  167.191141][T10615]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.198469][T10615] RIP: 0033:0x7f5d0fffdef9
[  167.203195][T10615] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  167.223060][T10615] RSP: 002b:00007f5d0ec71038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[  167.232040][T10615] RAX: ffffffffffffffda RBX: 00007f5d101b5f80 RCX: 00007f5d0fffdef9
[  167.240122][T10615] RDX: 0000000000200000 RSI: 0000000000600600 RDI: 0000000020000000
[  167.248555][T10615] RBP: 00007f5d0ec71090 R08: 0000000020a00000 R09: 0000000000000000
[  167.256944][T10615] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000002
[  167.264951][T10615] R13: 0000000000000000 R14: 00007f5d101b5f80 R15: 00007ffc17701fb8
[  167.273087][T10615]  </TASK>
[  167.329330][  T497] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  167.358521][T10636] dccp_v6_rcv: dropped packet with invalid checksum
[  167.638481][T10670] FAULT_INJECTION: forcing a failure.
[  167.638481][T10670] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  167.651728][T10670] CPU: 1 UID: 0 PID: 10670 Comm: syz.2.2542 Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0
[  167.662277][T10670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  167.672530][T10670] Call Trace:
[  167.675838][T10670]  <TASK>
[  167.678790][T10670]  dump_stack_lvl+0xf2/0x150
[  167.679897][T10621] coredump: 1275(+}[@): written to core: VMAs: 29, size 89030656; core: 60019374 bytes, pos 89038848
[  167.683574][T10670]  dump_stack+0x15/0x20
[  167.698576][T10670]  should_fail_ex+0x229/0x230
[  167.703362][T10670]  should_fail+0xb/0x10
[  167.707581][T10670]  should_fail_usercopy+0x1a/0x20
[  167.712680][T10670]  _copy_from_user+0x1e/0xd0
[  167.717499][T10670]  __sys_bpf+0x14e/0x7a0
[  167.721947][T10670]  __x64_sys_bpf+0x43/0x50
[  167.726392][T10670]  x64_sys_call+0x2625/0x2d60
[  167.731164][T10670]  do_syscall_64+0xc9/0x1c0
[  167.735776][T10670]  ? clear_bhb_loop+0x55/0xb0
[  167.740598][T10670]  ? clear_bhb_loop+0x55/0xb0
[  167.745419][T10670]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.751397][T10670] RIP: 0033:0x7f0ce2b6def9
[  167.755822][T10670] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  167.776229][T10670] RSP: 002b:00007f0ce17e1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  167.784675][T10670] RAX: ffffffffffffffda RBX: 00007f0ce2d25f80 RCX: 00007f0ce2b6def9
[  167.792751][T10670] RDX: 0000000000000010 RSI: 0000000020000300 RDI: 000000000000000f
[  167.800906][T10670] RBP: 00007f0ce17e1090 R08: 0000000000000000 R09: 0000000000000000
[  167.808925][T10670] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  167.816921][T10670] R13: 0000000000000000 R14: 00007f0ce2d25f80 R15: 00007ffda25f66d8
[  167.824922][T10670]  </TASK>
[  167.838259][T10673] syz.3.2543(10673): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored.
[  168.747127][T10689] coredump: 1277(+}[@): written to core: VMAs: 31, size 78544896; core: 62130676 bytes, pos 78561280
[  168.759711][   T29] kauditd_printk_skb: 2020 callbacks suppressed
[  168.759737][   T29] audit: type=1400 audit(1726879176.875:11526): avc:  denied  { read write } for  pid=5314 comm="syz-executor" name="loop3" dev="devtmpfs" ino=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  168.796311][   T29] audit: type=1326 audit(1726879176.915:11527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10729 comm="syz.3.2571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d0fffdef9 code=0x7ffc0000
[  168.820766][   T29] audit: type=1326 audit(1726879176.915:11528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10729 comm="syz.3.2571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d0fffdef9 code=0x7ffc0000
[  168.846038][   T29] audit: type=1326 audit(1726879176.965:11529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10729 comm="syz.3.2571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=235 compat=0 ip=0x7f5d0fffdef9 code=0x7ffc0000
[  168.870274][   T29] audit: type=1326 audit(1726879176.985:11530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10729 comm="syz.3.2571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d0fffdef9 code=0x7ffc0000
[  168.894562][   T29] audit: type=1326 audit(1726879176.985:11531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10729 comm="syz.3.2571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d0fffdef9 code=0x7ffc0000
[  168.920616][   T29] audit: type=1400 audit(1726879177.045:11532): avc:  denied  { read write } for  pid=5314 comm="syz-executor" name="loop3" dev="devtmpfs" ino=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  168.951203][   T29] audit: type=1400 audit(1726879177.075:11533): avc:  denied  { prog_load } for  pid=10731 comm="syz.3.2573" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  168.970686][   T29] audit: type=1400 audit(1726879177.075:11534): avc:  denied  { read write } for  pid=4021 comm="syz-executor" name="loop2" dev="devtmpfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  168.995425][   T29] audit: type=1400 audit(1726879177.085:11535): avc:  denied  { prog_load } for  pid=10733 comm="syz.2.2572" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  169.069790][T10742] netlink: 'syz.3.2576': attribute type 29 has an invalid length.
[  169.078671][T10742] netlink: 'syz.3.2576': attribute type 29 has an invalid length.
[  169.888686][ T2478] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  170.677666][T10815] netlink: 'syz.3.2605': attribute type 29 has an invalid length.
[  170.688544][T10815] netlink: 'syz.3.2605': attribute type 29 has an invalid length.
[  170.736737][T10825] netlink: 'syz.2.2610': attribute type 29 has an invalid length.
[  170.745494][T10825] netlink: 'syz.2.2610': attribute type 29 has an invalid length.
[  172.793956][T10951] FAULT_INJECTION: forcing a failure.
[  172.793956][T10951] name failslab, interval 1, probability 0, space 0, times 0
[  172.807313][T10951] CPU: 0 UID: 0 PID: 10951 Comm: syz.3.2663 Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0
[  172.817805][T10951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  172.827901][T10951] Call Trace:
[  172.831200][T10951]  <TASK>
[  172.834152][T10951]  dump_stack_lvl+0xf2/0x150
[  172.838860][T10951]  dump_stack+0x15/0x20
[  172.843103][T10951]  should_fail_ex+0x229/0x230
[  172.847895][T10951]  ? getname_flags+0x81/0x3b0
[  172.852619][T10951]  should_failslab+0x8f/0xb0
[  172.857254][T10951]  kmem_cache_alloc_noprof+0x4c/0x290
[  172.862680][T10951]  getname_flags+0x81/0x3b0
[  172.867340][T10951]  __x64_sys_unlink+0x21/0x40
[  172.872184][T10951]  x64_sys_call+0x280f/0x2d60
[  172.876950][T10951]  do_syscall_64+0xc9/0x1c0
[  172.881479][T10951]  ? clear_bhb_loop+0x55/0xb0
[  172.886436][T10951]  ? clear_bhb_loop+0x55/0xb0
[  172.891152][T10951]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  172.897166][T10951] RIP: 0033:0x7f5d0fffdef9
[  172.901640][T10951] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  172.921539][T10951] RSP: 002b:00007f5d0ec71038 EFLAGS: 00000246 ORIG_RAX: 0000000000000057
[  172.929985][T10951] RAX: ffffffffffffffda RBX: 00007f5d101b5f80 RCX: 00007f5d0fffdef9
[  172.938009][T10951] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020001480
[  172.946011][T10951] RBP: 00007f5d0ec71090 R08: 0000000000000000 R09: 0000000000000000
[  172.954017][T10951] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  172.962026][T10951] R13: 0000000000000000 R14: 00007f5d101b5f80 R15: 00007ffc17701fb8
[  172.962074][T10951]  </TASK>
[  172.982937][T10965] FAULT_INJECTION: forcing a failure.
[  172.982937][T10965] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  172.996048][T10965] CPU: 0 UID: 0 PID: 10965 Comm: syz.4.2670 Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0
[  173.006543][T10965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  173.016955][T10965] Call Trace:
[  173.020279][T10965]  <TASK>
[  173.023299][T10965]  dump_stack_lvl+0xf2/0x150
[  173.028019][T10965]  dump_stack+0x15/0x20
[  173.032250][T10965]  should_fail_ex+0x229/0x230
[  173.036998][T10965]  should_fail+0xb/0x10
[  173.041178][T10965]  should_fail_usercopy+0x1a/0x20
[  173.046348][T10965]  _copy_from_user+0x1e/0xd0
[  173.051005][T10965]  __tun_chr_ioctl+0x162/0x1860
[  173.055949][T10965]  tun_chr_ioctl+0x27/0x30
[  173.060405][T10965]  ? __pfx_tun_chr_ioctl+0x10/0x10
[  173.065706][T10965]  __se_sys_ioctl+0xcd/0x140
[  173.070332][T10965]  __x64_sys_ioctl+0x43/0x50
[  173.074955][T10965]  x64_sys_call+0x15cc/0x2d60
[  173.080475][T10965]  do_syscall_64+0xc9/0x1c0
[  173.085013][T10965]  ? clear_bhb_loop+0x55/0xb0
[  173.089868][T10965]  ? clear_bhb_loop+0x55/0xb0
[  173.094599][T10965]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.100897][T10965] RIP: 0033:0x7f1b273adef9
[  173.105350][T10965] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  173.125705][T10965] RSP: 002b:00007f1b26027038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  173.134243][T10965] RAX: ffffffffffffffda RBX: 00007f1b27565f80 RCX: 00007f1b273adef9
[  173.142471][T10965] RDX: 0000000020000100 RSI: 00000000400454d9 RDI: 0000000000000004
[  173.150570][T10965] RBP: 00007f1b26027090 R08: 0000000000000000 R09: 0000000000000000
[  173.158581][T10965] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  173.166677][T10965] R13: 0000000000000000 R14: 00007f1b27565f80 R15: 00007ffc32b8eb58
[  173.174940][T10965]  </TASK>
[  173.179643][   T36] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  173.237052][T10986] FAULT_INJECTION: forcing a failure.
[  173.237052][T10986] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  173.250257][T10986] CPU: 1 UID: 0 PID: 10986 Comm: syz.0.2678 Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0
[  173.256627][T10990] FAULT_INJECTION: forcing a failure.
[  173.256627][T10990] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  173.260691][T10986] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  173.260713][T10986] Call Trace:
[  173.260721][T10986]  <TASK>
[  173.260731][T10986]  dump_stack_lvl+0xf2/0x150
[  173.260782][T10986]  dump_stack+0x15/0x20
[  173.299221][T10986]  should_fail_ex+0x229/0x230
[  173.304025][T10986]  should_fail+0xb/0x10
[  173.308233][T10986]  should_fail_usercopy+0x1a/0x20
[  173.313384][T10986]  _copy_from_user+0x1e/0xd0
[  173.318029][T10986]  copy_msghdr_from_user+0x54/0x2a0
[  173.323340][T10986]  __sys_sendmsg+0x171/0x270
[  173.328161][T10986]  __x64_sys_sendmsg+0x46/0x50
[  173.332957][T10986]  x64_sys_call+0x2689/0x2d60
[  173.337648][T10986]  do_syscall_64+0xc9/0x1c0
[  173.342222][T10986]  ? clear_bhb_loop+0x55/0xb0
[  173.347014][T10986]  ? clear_bhb_loop+0x55/0xb0
[  173.351726][T10986]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.357641][T10986] RIP: 0033:0x7fc6995bdef9
[  173.362078][T10986] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  173.381793][T10986] RSP: 002b:00007fc698231038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  173.390322][T10986] RAX: ffffffffffffffda RBX: 00007fc699775f80 RCX: 00007fc6995bdef9
[  173.398386][T10986] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[  173.406534][T10986] RBP: 00007fc698231090 R08: 0000000000000000 R09: 0000000000000000
[  173.414718][T10986] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  173.422791][T10986] R13: 0000000000000000 R14: 00007fc699775f80 R15: 00007ffe0b5861b8
[  173.431100][T10986]  </TASK>
[  173.434125][T10990] CPU: 0 UID: 0 PID: 10990 Comm: syz.2.2680 Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0
[  173.444704][T10990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  173.454924][T10990] Call Trace:
[  173.458220][T10990]  <TASK>
[  173.461166][T10990]  dump_stack_lvl+0xf2/0x150
[  173.465807][T10990]  dump_stack+0x15/0x20
[  173.470063][T10990]  should_fail_ex+0x229/0x230
[  173.474838][T10990]  should_fail+0xb/0x10
[  173.479045][T10990]  should_fail_usercopy+0x1a/0x20
[  173.484259][T10990]  _copy_from_user+0x1e/0xd0
[  173.484305][T10990]  __sys_bpf+0x14e/0x7a0
[  173.493346][T10990]  __x64_sys_bpf+0x43/0x50
[  173.497818][T10990]  x64_sys_call+0x2625/0x2d60
[  173.502598][T10990]  do_syscall_64+0xc9/0x1c0
[  173.507154][T10990]  ? clear_bhb_loop+0x55/0xb0
[  173.511952][T10990]  ? clear_bhb_loop+0x55/0xb0
[  173.516770][T10990]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.522858][T10990] RIP: 0033:0x7f0ce2b6def9
[  173.527331][T10990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  173.547203][T10990] RSP: 002b:00007f0ce17e1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  173.555709][T10990] RAX: ffffffffffffffda RBX: 00007f0ce2d25f80 RCX: 00007f0ce2b6def9
[  173.563796][T10990] RDX: 0000000000000090 RSI: 0000000020001080 RDI: 0000000000000005
[  173.571791][T10990] RBP: 00007f0ce17e1090 R08: 0000000000000000 R09: 0000000000000000
[  173.580055][T10990] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  173.588289][T10990] R13: 0000000000000000 R14: 00007f0ce2d25f80 R15: 00007ffda25f66d8
[  173.596325][T10990]  </TASK>
[  173.788390][   T29] kauditd_printk_skb: 1135 callbacks suppressed
[  173.788407][   T29] audit: type=1400 audit(1726879181.915:12671): avc:  denied  { map_create } for  pid=11026 comm="syz.2.2694" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  173.840967][   T29] audit: type=1400 audit(1726879181.935:12672): avc:  denied  { prog_load } for  pid=11026 comm="syz.2.2694" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  173.860357][   T29] audit: type=1400 audit(1726879181.935:12673): avc:  denied  { prog_load } for  pid=11026 comm="syz.2.2694" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  173.879582][   T29] audit: type=1400 audit(1726879181.935:12674): avc:  denied  { create } for  pid=11026 comm="syz.2.2694" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=0
[  173.928022][   T29] audit: type=1326 audit(1726879182.045:12675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11030 comm="syz.4.2696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b273adef9 code=0x7ffc0000
[  173.951718][   T29] audit: type=1326 audit(1726879182.045:12676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11030 comm="syz.4.2696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b273adef9 code=0x7ffc0000
[  173.975806][   T29] audit: type=1400 audit(1726879182.075:12677): avc:  denied  { read write } for  pid=3272 comm="syz-executor" name="loop4" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  174.002889][   T29] audit: type=1400 audit(1726879182.125:12678): avc:  denied  { prog_load } for  pid=11035 comm="syz.4.2697" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  174.023591][   T29] audit: type=1400 audit(1726879182.145:12679): avc:  denied  { read write } for  pid=11035 comm="syz.4.2697" name="loop4" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  174.048386][   T29] audit: type=1400 audit(1726879182.145:12680): avc:  denied  { prog_load } for  pid=11035 comm="syz.4.2697" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  175.035123][T11056] FAULT_INJECTION: forcing a failure.
[  175.035123][T11056] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  175.048417][T11056] CPU: 1 UID: 0 PID: 11056 Comm: syz.3.2704 Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0
[  175.058893][T11056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  175.069021][T11056] Call Trace:
[  175.072302][T11056]  <TASK>
[  175.075314][T11056]  dump_stack_lvl+0xf2/0x150
[  175.080002][T11056]  dump_stack+0x15/0x20
[  175.084329][T11056]  should_fail_ex+0x229/0x230
[  175.089007][T11056]  should_fail+0xb/0x10
[  175.093182][T11056]  should_fail_usercopy+0x1a/0x20
[  175.098210][T11056]  _copy_to_user+0x1e/0xa0
[  175.102806][T11056]  simple_read_from_buffer+0xa0/0x110
[  175.108271][T11056]  proc_fail_nth_read+0xf9/0x140
[  175.113249][T11056]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  175.118929][T11056]  vfs_read+0x195/0x720
[  175.123101][T11056]  ? __rcu_read_unlock+0x4e/0x70
[  175.128296][T11056]  ? __fget_files+0x1d4/0x210
[  175.133051][T11056]  ksys_read+0xeb/0x1b0
[  175.137416][T11056]  __x64_sys_read+0x42/0x50
[  175.141962][T11056]  x64_sys_call+0x27d3/0x2d60
[  175.146754][T11056]  do_syscall_64+0xc9/0x1c0
[  175.151269][T11056]  ? clear_bhb_loop+0x55/0xb0
[  175.155985][T11056]  ? clear_bhb_loop+0x55/0xb0
[  175.160707][T11056]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  175.166821][T11056] RIP: 0033:0x7f5d0fffc93c
[  175.171409][T11056] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  175.191067][T11056] RSP: 002b:00007f5d0ec71030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  175.199485][T11056] RAX: ffffffffffffffda RBX: 00007f5d101b5f80 RCX: 00007f5d0fffc93c
[  175.207518][T11056] RDX: 000000000000000f RSI: 00007f5d0ec710a0 RDI: 0000000000000003
[  175.215522][T11056] RBP: 00007f5d0ec71090 R08: 0000000000000000 R09: 0000000000000000
[  175.223609][T11056] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  175.231624][T11056] R13: 0000000000000000 R14: 00007f5d101b5f80 R15: 00007ffc17701fb8
[  175.239688][T11056]  </TASK>
[  175.243572][T11055] FAULT_INJECTION: forcing a failure.
[  175.243572][T11055] name failslab, interval 1, probability 0, space 0, times 0
[  175.256330][T11055] CPU: 0 UID: 0 PID: 11055 Comm: syz.4.2705 Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0
[  175.266841][T11055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  175.277057][T11055] Call Trace:
[  175.280426][T11055]  <TASK>
[  175.283362][T11055]  dump_stack_lvl+0xf2/0x150
[  175.288095][T11055]  dump_stack+0x15/0x20
[  175.292559][T11055]  should_fail_ex+0x229/0x230
[  175.297273][T11055]  ? resv_map_alloc+0x32/0x190
[  175.302126][T11055]  should_failslab+0x8f/0xb0
[  175.306851][T11055]  __kmalloc_cache_noprof+0x4b/0x2a0
[  175.312184][T11055]  resv_map_alloc+0x32/0x190
[  175.316968][T11055]  hugetlbfs_get_inode+0x6e/0x2b0
[  175.322027][T11055]  hugetlb_file_setup+0x188/0x3c0
[  175.327094][T11055]  ksys_mmap_pgoff+0x172/0x330
[  175.331877][T11055]  x64_sys_call+0x1884/0x2d60
[  175.336640][T11055]  do_syscall_64+0xc9/0x1c0
[  175.341178][T11055]  ? clear_bhb_loop+0x55/0xb0
[  175.345865][T11055]  ? clear_bhb_loop+0x55/0xb0
[  175.350869][T11055]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  175.356809][T11055] RIP: 0033:0x7f1b273adef9
[  175.361239][T11055] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  175.381227][T11055] RSP: 002b:00007f1b26027038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  175.389727][T11055] RAX: ffffffffffffffda RBX: 00007f1b27565f80 RCX: 00007f1b273adef9
[  175.397798][T11055] RDX: 0000000002000008 RSI: 0000000000ff5000 RDI: 0000000020000000
[  175.405775][T11055] RBP: 00007f1b26027090 R08: ffffffffffffffff R09: 0000000078e2c000
[  175.413843][T11055] R10: 000200000005c831 R11: 0000000000000246 R12: 0000000000000001
[  175.421823][T11055] R13: 0000000000000000 R14: 00007f1b27565f80 R15: 00007ffc32b8eb58
[  175.429958][T11055]  </TASK>
[  175.648626][  T497] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  177.502262][T11081] ==================================================================
[  177.510356][T11081] BUG: KCSAN: assert: race in dequeue_entities+0x6df/0x760
[  177.517572][T11081] 
[  177.519917][T11081] race at unknown origin, with assert no writes to 0xffff8881045090e8 of 4 bytes by task 11081 on cpu 0:
[  177.531200][T11081]  dequeue_entities+0x6df/0x760
[  177.536083][T11081]  pick_next_task_fair+0x7d/0x410
[  177.541118][T11081]  __schedule+0x27c/0x940
[  177.545455][T11081]  schedule+0x55/0xc0
[  177.549457][T11081]  do_nanosleep+0xa3/0x300
[  177.553964][T11081]  hrtimer_nanosleep+0xc4/0x1c0
[  177.558841][T11081]  common_nsleep+0x68/0x90
[  177.563281][T11081]  __se_sys_clock_nanosleep+0x20a/0x240
[  177.568850][T11081]  __x64_sys_clock_nanosleep+0x55/0x70
[  177.574517][T11081]  x64_sys_call+0x253f/0x2d60
[  177.579217][T11081]  do_syscall_64+0xc9/0x1c0
[  177.583747][T11081]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  177.589669][T11081] 
[  177.592022][T11081] value changed: 0x00000000 -> 0x00000001
[  177.597745][T11081] 
[  177.600069][T11081] Reported by Kernel Concurrency Sanitizer on:
[  177.606222][T11081] CPU: 0 UID: 0 PID: 11081 Comm: syz.2.2713 Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0
[  177.616650][T11081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  177.626814][T11081] ==================================================================
[  178.075932][T11091] netlink: 'syz.0.2716': attribute type 29 has an invalid length.
[  178.092969][T11091] netlink: 'syz.0.2716': attribute type 29 has an invalid length.
Sep 21 00:39:46 [  178.127030][T10548] syz_tun (unregistering): left promiscuous mode
syzkaller auth.info sshd[3251]: Received disconnect from 10.128.0.163 port 43412:11: disconnected by user
Sep 21 00:39:46 syzkaller auth.info sshd[3251]: Disconnected from user root 10.128.0.163 port 43412
[  178.295156][ T2478] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.369467][ T2478] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.409626][ T2478] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.469869][ T2478] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.798662][ T2478] bond0 (unregistering): (slave geneve1): Releasing backup interface
[  178.812423][ T2478] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  178.822915][ T2478] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  178.834061][ T2478] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  178.843645][ T2478] bond0 (unregistering): Released all slaves
[  178.852309][ T2478] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  178.861915][ T2478] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  178.871508][ T2478] bond0 (unregistering): Released all slaves
[  178.911625][ T2478] tipc: Left network mode
[  178.917256][ T2478] IPVS: stopping backup sync thread 7202 ...
[  178.924159][ T2478] batadv_slave_1: left promiscuous mode
[  178.932032][ T2478] hsr_slave_0: left promiscuous mode
[  178.937962][ T2478] hsr_slave_1: left promiscuous mode
[  178.945596][ T2478] hsr_slave_0: left promiscuous mode
[  178.951427][ T2478] hsr_slave_1: left promiscuous mode
[  178.957153][ T2478] batman_adv: batadv0: Removing interface: batadv_slave_0
[  178.964790][ T2478] batman_adv: batadv0: Removing interface: batadv_slave_1
[  178.973594][ T2478] veth1_macvtap: left promiscuous mode
[  179.036235][ T2478] team0 (unregistering): Port device team_slave_1 removed
[  179.047792][ T2478] team0 (unregistering): Port device team_slave_0 removed
[  179.108611][ T2478] team0 (unregistering): Port device team_slave_1 removed
[  179.119029][ T2478] team0 (unregistering): Port device team_slave_0 removed