last executing test programs:

22.568270094s ago: executing program 2 (id=4209):
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x6, 0x8, &(0x7f0000006680))
rename(0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r0, 0x0, 0x80000}, 0x18)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r5 = socket$netlink(0x10, 0x3, 0x4)
r6 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x7f, 0xfffffffc, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x11, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r7}, &(0x7f0000000000), &(0x7f00000001c0)=r6}, 0x20)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r8}, 0x10)
r9 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r9, &(0x7f0000001140)=ANY=[], 0xff2e)
shmget$private(0x0, 0x2000, 0x80, &(0x7f0000ffe000/0x2000)=nil)
writev(r5, &(0x7f0000000300)=[{&(0x7f0000000340)="580000001500192340834b80040d8c560a117436c379000000000000000058000b4824ca945f6400940f6a0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100050c100000000000224e0000", 0x58}], 0x1)
sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=ANY=[], 0x44}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYRES8=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r10 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800019f00000000000000000a000000000000000800010001000000040004"], 0x24}}, 0x0)
sendmmsg(r10, &(0x7f0000000000), 0x4000000000001f2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000580)=@bpf_tracing={0x1a, 0xd, &(0x7f0000000280)=@raw=[@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}], &(0x7f0000000080)='syzkaller\x00', 0x7, 0x51, &(0x7f0000000300)=""/81, 0x41000, 0x20, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x1, 0x4}, 0x8, 0x10, &(0x7f0000000380)={0x1, 0x9, 0x8, 0x3}, 0x10, 0x17d8d, 0xffffffffffffffff, 0x4, &(0x7f00000003c0)=[r2, r1, 0xffffffffffffffff, r2], &(0x7f0000000480)=[{0x5, 0x3, 0xf, 0x2}, {0x0, 0x4, 0x10, 0xc}, {0x5, 0x3, 0x5, 0x3}, {0x5, 0x3, 0xd, 0x7}], 0x10, 0x3, @void, @value}, 0x94)

21.716329976s ago: executing program 2 (id=4250):
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setitimer(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, &(0x7f0000000300)=[{&(0x7f0000000380)=""/4096, 0x1000}], 0x1)
syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
bind$unix(0xffffffffffffffff, &(0x7f00000001c0)=@abs={0x1}, 0x6e)
bind$unix(0xffffffffffffffff, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r0 = openat$uhid(0xffffffffffffff9c, 0x0, 0x802, 0x0)
r1 = syz_io_uring_setup(0x70ca, 0x0, &(0x7f0000000100), &(0x7f00000007c0))
syz_emit_ethernet(0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000014c0)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYRES64=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r2, &(0x7f0000000140)=[{&(0x7f0000000080)}], 0x1)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'sit0\x00', <r4=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="4400000010000104fcffffff8000000000000000", @ANYRES32=r3, @ANYBLOB="031500000000000012800b0001006d6163736563000004000280080005000000", @ANYRES32=r4, @ANYBLOB='\b\x00\n\x00', @ANYRES16=r1, @ANYBLOB], 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
poll(0x0, 0x0, 0x7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000280)='svcrdma_decode_short_err\x00', 0xffffffffffffffff, 0x0, 0x7}, 0x18)
r5 = syz_open_dev$evdev(&(0x7f00000002c0), 0x2, 0x400840)
ioctl$EVIOCSCLOCKID(r5, 0x400445a0, &(0x7f0000001380)=0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r6, 0x1, 0x4c, &(0x7f0000000300), 0x4)
prlimit64(0x0, 0x7, &(0x7f0000000140), 0x0)
write$binfmt_elf64(r7, &(0x7f0000000580)=ANY=[], 0x78)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000bc0)=ANY=[@ANYBLOB="1808000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b70300000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
recvmmsg(r6, &(0x7f0000000500)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=""/8, 0x14}}], 0x4b, 0x0, 0x0)
r8 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r8, &(0x7f0000000180)={0x400000080ffffff, 0x0, 0x0}, 0x0)

21.607245207s ago: executing program 2 (id=4255):
ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x20000009, 0x1, 0x0, 0x0, 0x7, 0x7, 0x0, 0x1, 0x6, 0x0})
setrlimit(0x9, &(0x7f0000000000))
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000740)=ANY=[@ANYBLOB="180000000000000000000000fcffff0318110000", @ANYRES32], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
io_setup(0x2004, &(0x7f0000000680))
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000280)={r2, &(0x7f0000000080)="e8", &(0x7f0000000180)=""/189}, 0x20)
r3 = socket$inet_sctp(0x2, 0x5, 0x84)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r4, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r5=>0x0}, &(0x7f00000010c0)=0x8)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000000c0)={r1, 0x58, &(0x7f00000002c0)}, 0x10)
setsockopt$inet_sctp_SCTP_AUTH_DEACTIVATE_KEY(r3, 0x84, 0x23, &(0x7f0000000100)={r5}, 0x8)

21.537054838s ago: executing program 2 (id=4257):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0xbc, 0x0, 0x7ffc0002}]})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000740)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x3c, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r0}, 0x18)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)="d8000000180081054e81f782db4cb904021d0800fe007c05e8fe55a10a0015000800142603600e12080005007f370401a8001600200004000400027c035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2e98a61e284ce5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db79826760040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e970392", 0xd8}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f00000000c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='mpol=prefer:0'])
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
syz_clone(0x7d0a56e40238a32f, &(0x7f0000000240)="ba7c3b59be78c9979bd4de150a2a2b23e888a4e3f456b04c89ea393136bacfc0b54d8ab2b242a99dad3184284c652108116faf505b777f63ba29b242b118", 0x3e, &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000800)="5b8feb2e217d44c917118679ffb919ff94b7ada19e25b82f024b3e4c0877a9818cf370e2f9cfe355ee7b39140e7747f394922fbfe2cdde870cee7604e7390b5fd3334cb26cc1b78971d4eb007e58b82fd81238a6262f7094f09b38c1a388e679166e9b0772b533b43c36e9bcfcb01e20089a1bcdb26e1f3aa11d7c12f3fc5bdc240dc6786491e7482eb93ba50c4bfc31f39013e26971c05eec9f34fae67707ca3708188c2d3fddb20d8940d93cb315785d6137d69914704b8cbf618f05fbb9bbe7")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000600)='./file0\x00', 0xc8d0, &(0x7f0000000140)=ANY=[@ANYRES8=0x0], 0x1, 0x2e3, &(0x7f0000000280)="$eJzs3M9LG2kYwPEnMYkxoslh2WUXFh92L7uXQbP3paEolAYq1pT+gNJRJ23INJFMsKSU2p56Lf0jehCP3oTWf8BLbz310puXQg/1UDol8yNGjdXGH/HH9wPyvvq8T+Z9Z1Sed2Bm4+bLh+WiYxTNukSTKhERkU2RjEQlFAnaqNdPSLtn8u/g5/d/Xr91+2ounx+fUp3ITf+XVdXhkTePngwEw1b7ZT1zd+NT9uP6r+u/b3ybflBytORopVpXU2eqH+rmjG3pXMkpG6qTtmU6lpYqjlXz41U/XrSr8/MNNStzQ6n5muU4alYaWrYaWq9qvdZQ875ZqqhhGDqUEuynsDQ1Zea6TJ494sngmNRqObNPRAZ2RQpLPZkQAADoqaD+b1X70WZJ3039H+tY/y//tVYfvLEyHNT/q4lm/S/SVv/f2/qsbfV/UkSOvf7fXRGdL6774/ih6n+cEc36PxX8/Xqe31ke9TrU/wAAAAAAAAAAAAAAAAAAAAAAnAWbrpt2XTcdtuFXv4gkvSdI/O97PU8cD67/xbb14o7YsIj9YqGwUPDbYMCaiNhiyaik5av3+xBo9hOi3iBtyshbezHIX1wo9HmRXFFKXv6YpCWzM991J67kx8fUtz0/Lqn2/Kyk5ZfO+dmd+fFmm5B//m7LNyQt72alKrbMBU/GhflPx1QvX8vvOP6ANw4AAAAAgPPA0JbW/r2/PW7sjvv7Yz/e2l93vD/g769HO+7vY/JHrFerBgAAAADgYnEaj8umbVu1c9cJV3jQrPC9xnuMiUhkr9ARdMKDn4JTFz/QGYt2NdWRxE9elI6d8LbRXmNksptPdtMihz2Hv716/eXorsX/K8l9VtptJ7HfSuMn9x8IAAAAwEnZKvrDn1zq7YQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALiATuLFcr1eIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBafA8AAP//ohEIjg==")
truncate(&(0x7f0000000000)='./file1\x00', 0xd105)

21.479344799s ago: executing program 2 (id=4261):
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x6, 0x8, &(0x7f0000006680))
rename(0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r0, 0x0, 0x80000}, 0x18)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r5 = socket$netlink(0x10, 0x3, 0x4)
r6 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x7f, 0xfffffffc, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x11, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r7}, &(0x7f0000000000), &(0x7f00000001c0)=r6}, 0x20)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r8}, 0x10)
r9 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r9, &(0x7f0000001140)=ANY=[], 0xff2e)
shmget$private(0x0, 0x2000, 0x80, &(0x7f0000ffe000/0x2000)=nil)
writev(r5, &(0x7f0000000300)=[{&(0x7f0000000340)="580000001500192340834b80040d8c560a117436c379000000000000000058000b4824ca945f6400940f6a0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100050c100000000000224e0000", 0x58}], 0x1)
sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=ANY=[], 0x44}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYRES8=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r10 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800019f00000000000000000a000000000000000800010001000000040004"], 0x24}}, 0x0)
sendmmsg(r10, &(0x7f0000000000), 0x4000000000001f2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000580)=@bpf_tracing={0x1a, 0xd, &(0x7f0000000280)=@raw=[@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}], &(0x7f0000000080)='syzkaller\x00', 0x7, 0x51, &(0x7f0000000300)=""/81, 0x41000, 0x20, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x1, 0x4}, 0x8, 0x10, &(0x7f0000000380)={0x1, 0x9, 0x8, 0x3}, 0x10, 0x17d8d, 0xffffffffffffffff, 0x4, &(0x7f00000003c0)=[r2, r1, 0xffffffffffffffff, r2], &(0x7f0000000480)=[{0x5, 0x3, 0xf, 0x2}, {0x0, 0x4, 0x10, 0xc}, {0x5, 0x3, 0x5, 0x3}, {0x5, 0x3, 0xd, 0x7}], 0x10, 0x3, @void, @value}, 0x94)

21.232436692s ago: executing program 2 (id=4268):
r0 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x802)
writev(r0, &(0x7f0000000000)=[{&(0x7f0000000040)="aefdda9d240303005a90f57f07703aeff0f64eb9ee07962c220a2e11b44e65d76641cb010852f426", 0x28}], 0x1)
read(r0, 0x0, 0x0)

21.223612992s ago: executing program 32 (id=4268):
r0 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x802)
writev(r0, &(0x7f0000000000)=[{&(0x7f0000000040)="aefdda9d240303005a90f57f07703aeff0f64eb9ee07962c220a2e11b44e65d76641cb010852f426", 0x28}], 0x1)
read(r0, 0x0, 0x0)

1.122978605s ago: executing program 0 (id=4881):
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x2, 0x0, 0x0, 0x7, 0x590, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x9, 0xa5d4}, 0x4158, 0x0, 0x9, 0x1, 0x8, 0x2, 0xb, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$netlink(0x10, 0x3, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'syz_tun\x00', <r2=>0x0})
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000)={0x0, r0}, 0x8)
r3 = socket$inet6(0xa, 0x2, 0x0)
getsockopt$IP6T_SO_GET_REVISION_TARGET(r3, 0x29, 0x45, &(0x7f0000000000)={'HL\x00'}, &(0x7f0000000040)=0x1e)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x6, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="1802000000000000000000007a000000850000007d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', r2, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000005c0)={r4, 0xe0, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000080)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f00000001c0), &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xe0, &(0x7f00000003c0)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f0000000400), &(0x7f0000000440), 0x8, 0x3d, 0x8, 0x8, &(0x7f0000000480)}}, 0x10)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x800000000003}, 0x1100, 0x5dd8, 0x0, 0x5, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r5 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r5, 0x402, 0x5)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000001c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0xa6, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r6}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_emit_ethernet(0xfdef, &(0x7f0000000380)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x33, 0x0, @private, @broadcast}, {0x0, 0x0, 0x8}}}}}, 0x0)

1.010076207s ago: executing program 0 (id=4890):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000200)={@in={{0x2, 0x0, @multicast2}}, 0x0, 0x0, 0x24, 0x0, "43cad7244bde5bbd8035d89034a56bad61a87c614899a37c5d0d7da4d7fc948375f3593dbd21eb7618ffb4ff4984e01eedc37998dd16526edb40eaadabe6cd2bd9f9dfeade7787ea64309c01ae05fb70"}, 0xd8)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
io_setup(0x8, &(0x7f0000004200)=<r3=>0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080000000000000010000009400000007ad4160850000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000000c0)='netlink_extack\x00', r4}, 0x10)
r5 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f00000001c0)={0x5813}, 0x10)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001e008d2a2abd7000ffdbdf250a0000", @ANYRES32=0x0, @ANYBLOB="0000001014"], 0x30}}, 0x0)
io_submit(r3, 0x1, &(0x7f0000004540)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff, 0x0}])
eventfd(0x39ea46a6)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r6}, 0x10)
r7 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r7, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000440)=ANY=[@ANYBLOB="020300030c00000000070000000000000200090008000000e90000000000000003000600000000000200000000000000000000000000000002000100000000004700000d00000000030005000000000002"], 0x60}, 0x1, 0x7}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/notes', 0x0, 0x0)
r8 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r8, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x2c)
bind$rxrpc(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet_msfilter(r8, 0x0, 0x29, &(0x7f0000000040)=ANY=[@ANYBLOB="e00000027f0000010000000003"], 0x1c)
r9 = socket$netlink(0x10, 0x3, 0x0)
writev(r9, &(0x7f00000003c0)=[{&(0x7f0000000300)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)

900.879938ms ago: executing program 0 (id=4896):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x8000000000000}, 0x18)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x3, 0x1000000, 0x0, 0x301c2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3d7b, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

803.514719ms ago: executing program 0 (id=4900):
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x0, 0xc, &(0x7f0000000940)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="00c2777b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095000000000000000000000000001a0ec935eed8bbf556f64a3059ae95ed6ee868ec79da48229b43412c7205996fa7fa87a45bf8c3230c47fcbc1f96decff6f124a87c5d48d48e19ca68edd32fb3de48ec8d1a180d172875b63f1c9f0f23bab1c1081cdaebd92a27b373d2be52974f5440f81d08c9a3c51af3f5f73fd2022a098825e4d9055e19d0076afea432106beb"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000086"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080200002100000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/14], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00'}, 0x18)
r0 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
ioctl$USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f00000001c0)={0x82, 0x0, 0x20, 0x0, 0x0, 0xfffffe00, 0x0})

773.33588ms ago: executing program 0 (id=4904):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0xfdfe, 0x7, @remote, 0x4}, 0x1c)
connect$pppl2tp(r0, &(0x7f00000002c0)=@pppol2tpin6={0x18, 0x1, {0x0, r3, 0x8, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x32)
writev(r0, &(0x7f0000000180), 0x0)

711.709931ms ago: executing program 0 (id=4906):
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000540)={[{@init_itable_val}, {@init_itable_val={'init_itable', 0x3d, 0x3}}, {@journal_path={'journal_path', 0x3d, './file2'}}, {@grpjquota_path={'grpjquota', 0x3d, './file1'}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000000}}, {@test_dummy_encryption}]}, 0x1, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080000000100000000000000", @ANYRES32, @ANYBLOB="0000000000e3ff000000000000004418097d899f", @ANYRES32=0x0, @ANYRES32], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
unlink(&(0x7f0000000180)='./file1\x00')
syz_clone(0xea396780, 0x0, 0xffffff6b, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC=r3, @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x4, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r5, 0x0, 0x80000}, 0x18)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9)
poll(&(0x7f0000000000), 0x20000000000000b5, 0x9)

651.218071ms ago: executing program 3 (id=4910):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
setsockopt$bt_BT_SNDMTU(r0, 0x112, 0xc, 0x0, 0x0)
setsockopt$bt_BT_VOICE(r0, 0x112, 0xb, &(0x7f00000000c0)=0x63, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000008500000070000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000002c0)='sys_enter\x00', r3}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000004c0), 0x1, 0x553, &(0x7f0000000800)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
setxattr$trusted_overlay_upper(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000100), &(0x7f0000000300)=ANY=[], 0x381, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r1, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000080)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002080)={&(0x7f0000000300)='kfree\x00', r4, 0x0, 0xfffffffffffffffc}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r5}, 0x18)
close(0x4)

527.974613ms ago: executing program 3 (id=4915):
inotify_init()
arch_prctl$ARCH_SHSTK_ENABLE(0x5001, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18010000008000000000000000000004850000006d00"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001801000009006c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000feffffff850000002d00000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
mknod$loop(&(0x7f0000000400)='./file0\x00', 0x100000000000600d, 0x1)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0x1276, 0x0)
memfd_create(0x0, 0x5)
fcntl$notify(r0, 0x402, 0x20)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, 0x0, 0x0)
r3 = epoll_create1(0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2e, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, 0xffffffffffffffff, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000cc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x4}}], 0x18}}], 0x1, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCBRDELBR(r4, 0x89a2, &(0x7f0000000200)='bridge0\x00')

491.918294ms ago: executing program 5 (id=4916):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0xfdfe, 0x7, @remote, 0x4}, 0x1c)
connect$pppl2tp(r0, &(0x7f00000002c0)=@pppol2tpin6={0x18, 0x1, {0x0, r3, 0x8, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x32)
writev(r0, &(0x7f0000000180), 0x0)

467.925584ms ago: executing program 4 (id=4917):
r0 = syz_clone(0x20a00000, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000fd007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x18)
ptrace$getregset(0x4204, r0, 0x202, &(0x7f0000000180)={&(0x7f0000000000)=""/16, 0x10})

459.406264ms ago: executing program 3 (id=4919):
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00"/13], 0x48)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$selinux_load(r1, 0x0, 0x10)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x2, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES16=r2, @ANYRES32=r0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x98080, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, @perf_config_ext={0x0, 0xfffffffffffffffd}, 0x4000, 0x0, 0x60, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
socket$inet_smc(0x2b, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000e8000000000040d900008500000023000000850000000f00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
pipe2$9p(&(0x7f0000000000), 0x0)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,')
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r4, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)

425.628895ms ago: executing program 5 (id=4920):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="4400000001010101000000000000000002000000040001801800028014000180080001007f00000108000200ac1414aa140019800800010004000000080002"], 0x44}}, 0x0)

424.937965ms ago: executing program 4 (id=4921):
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffff05850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80003, 0x0, @perf_config_ext={0x400000000000000, 0x1}, 0x115428, 0x0, 0x0, 0x0, 0x5f4d, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x7, 0x590, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x9, 0xa5d4}, 0x4c58, 0x0, 0x0, 0x1, 0x8, 0x2, 0xb, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000500)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa802, 0x0)
close(r1)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0xfffffffd, 0x0, {0x0, 0x0, 0x0, r3, {0x7, 0xfff2}, {}, {0x8, 0xfff1}}}, 0x24}}, 0x40004)

412.983335ms ago: executing program 5 (id=4923):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0xc104, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYRES16=r1], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x81c0, 0x0)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x0)
ioctl(r4, 0x5451, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, r1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000008c0)={r2, 0xe0, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r6=>0x0, 0x0, 0x0, 0x0, 0x1, 0x3, &(0x7f0000000400)=[0x0], &(0x7f00000004c0)=[0x0, 0x0, 0x0], 0x0, 0xdb, &(0x7f0000000800)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}], 0x50, 0x10, &(0x7f0000000500), &(0x7f0000000600), 0x8, 0xb3, 0x8, 0x8, &(0x7f0000000880)}}, 0x10)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x10, &(0x7f0000000580)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x2}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [@call={0x85, 0x0, 0x0, 0x2a}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000540)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', r6, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r7}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
semtimedop(0x0, 0x0, 0x0, 0x0)
syz_emit_ethernet(0xeb, &(0x7f0000000700)={@broadcast, @random="743e961600", @val={@val={0x88a8, 0x2, 0x0, 0x3}, {0x8100, 0x7, 0x0, 0x4}}, {@x25={0x805, {0x2, 0x1, 0xf3, "a57810e87bf5ef3e799d3c186fd8922649c67e1d9e08da2eea76d83a7512224cebf8a1882951ebe46704f74c8544cf3b63fea0974e483afbac783f012e5c567ddbeb1042884b11c25106663d8f3b26768f858c1ab5b64f43baffc68a9efd59625aae2e0c5c9f698abacb632ef8a16179b9ecab24b5d1e8f094e8a1e595ae6f10c22ad41b9cd02d5b9727616158702cf828bb40f95d343406c7a9df1c9d7762353885c23a5a71b7e9871e73f7b0796bd1cc5e7817a48b6b0d2e72662f7b7a6ae77ca08c373db656093c727da2fe450597a34f"}}}}, 0x0)
unshare(0x2c040000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000300)='net_dev_start_xmit\x00', r3, 0x0, 0xffffffff80000002}, 0x18)
clock_getres(0x0, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
fcntl$lock(r8, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x8})
r9 = creat(&(0x7f0000000080)='./file0\x00', 0x1ac)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0xa, 0x11, r9, 0xe7e47000)
fcntl$lock(r8, 0x26, &(0x7f0000000080)={0x1, 0x0, 0x2007, 0x7})
fcntl$lock(r8, 0x26, &(0x7f0000000280)={0x1, 0x0, 0x2f, 0x9})
fcntl$lock(r8, 0x26, &(0x7f00000000c0)={0x1, 0x2, 0x9, 0x401})
r10 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x37, 0x7fffffff}]})
close_range(r10, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FIEMAP(r8, 0xc020660b, &(0x7f0000000140)=ANY=[@ANYBLOB="05000000000000000200000000000000000000080600000001000000000000000500000000000000fe000000000000000700"/88])

323.525266ms ago: executing program 3 (id=4925):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000200)={@in={{0x2, 0x0, @multicast2}}, 0x0, 0x0, 0x24, 0x0, "43cad7244bde5bbd8035d89034a56bad61a87c614899a37c5d0d7da4d7fc948375f3593dbd21eb7618ffb4ff4984e01eedc37998dd16526edb40eaadabe6cd2bd9f9dfeade7787ea64309c01ae05fb70"}, 0xd8)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
io_setup(0x8, &(0x7f0000004200)=<r3=>0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080000000000000010000009400000007ad4160850000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000000c0)='netlink_extack\x00', r4}, 0x10)
r5 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f00000001c0)={0x5813}, 0x10)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001e008d2a2abd7000ffdbdf250a0000", @ANYRES32=0x0, @ANYBLOB="0000001014"], 0x30}}, 0x0)
io_submit(r3, 0x1, &(0x7f0000004540)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff, 0x0}])
eventfd(0x39ea46a6)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r6}, 0x10)
r7 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r7, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000440)=ANY=[@ANYBLOB="020300030c00000000070000000000000200090008000000e90000000000000003000600000000000200000000000000000000000000000002000100000000004700000d00000000030005000000000002"], 0x60}, 0x1, 0x7}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/notes', 0x0, 0x0)
r8 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r8, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x2c)
bind$rxrpc(0xffffffffffffffff, &(0x7f0000000040)=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}}}, 0x24)
setsockopt$inet_msfilter(r8, 0x0, 0x29, 0x0, 0x1c)
r9 = socket$netlink(0x10, 0x3, 0x0)
writev(r9, &(0x7f00000003c0)=[{&(0x7f0000000300)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)

308.419946ms ago: executing program 1 (id=4926):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000c80)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18090000002300810000000000"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x5, 0xb, 0x0, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x8946, &(0x7f0000000400)='{\x05T\x82\x89\x98Yi:')

282.139667ms ago: executing program 1 (id=4927):
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x2, 0x0, 0x0, 0x7, 0x590, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x9, 0xa5d4}, 0x4158, 0x0, 0x9, 0x1, 0x8, 0x2, 0xb, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$netlink(0x10, 0x3, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'syz_tun\x00', <r2=>0x0})
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000)={0x0, r0}, 0x8)
r3 = socket$inet6(0xa, 0x2, 0x0)
getsockopt$IP6T_SO_GET_REVISION_TARGET(r3, 0x29, 0x45, &(0x7f0000000000)={'HL\x00'}, &(0x7f0000000040)=0x1e)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x6, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="1802000000000000000000007a000000850000007d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', r2, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000005c0)={r4, 0xe0, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000080)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f00000001c0), &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xe0, &(0x7f00000003c0)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f0000000400), &(0x7f0000000440), 0x8, 0x3d, 0x8, 0x8, &(0x7f0000000480)}}, 0x10)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x800000000003}, 0x1100, 0x5dd8, 0x0, 0x5, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r5 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r5, 0x402, 0x5)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000001c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0xa6, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r6}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_emit_ethernet(0xfdef, &(0x7f0000000380)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x33, 0x0, @private, @broadcast}, {0x0, 0x0, 0x8}}}}}, 0x0)

191.307008ms ago: executing program 4 (id=4928):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000100000004000000", @ANYRES32, @ANYBLOB="0000000000000001bf0800"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/27], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000bc00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000), 0x40100, 0x0)
ioctl$USBDEVFS_CLAIMINTERFACE(r2, 0x8004550f, &(0x7f0000000040)=0xc)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000480)='kfree\x00', 0xffffffffffffffff, 0x0, 0x7fffffffffffffff}, 0x18)
unshare(0x2000400)
quotactl_fd$Q_SYNC(r4, 0xffffffff80000102, 0x0, 0x0)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r5, 0x84, 0x18, 0x0, &(0x7f00000001c0))
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r3}, &(0x7f0000000380), &(0x7f00000003c0)}, 0x20)
socket$nl_route(0x10, 0x3, 0x0)
r6 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000840)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f0000000bc0)="0100000200373a4541062101a59ea940d2cb0b36b8f5020000a00000050000000000eb000000a5e5be21c44e328e68f3922af831e4e51bfb30f7788fd57e51bc464355bd646d037ccc16ddb08a7b3a697aedb66ddd793acf37119e61f502d8bbb016f701890700000068d945af468c1c9090c76906b94e0f27761c75e58c82da54d010078660684a4106855beaf5e813ed18aa4acabb5bee7f082d24a16b01fc91471eba59152e716af8776ab90ac48bcbee6570df22513808ecab7a9680aa613a56aa11bfa73af4c4e94b5cfc855f0e910186d7e68ac24f8b125140ac5f7f4819168ce1c25550c6773b41011999d8d9827757d96c5e8aa4617cc54c5e6706", 0xff, r6)
add_key$keyring(&(0x7f0000000540), 0x0, 0x0, 0x0, 0x0)
add_key$keyring(&(0x7f00000005c0), &(0x7f0000000600)={'syz', 0x2}, 0x0, 0x0, 0x0)
r7 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r7, 0x8933, &(0x7f0000000080)={'batadv0\x00', <r8=>0x0})
sendto$packet(r7, &(0x7f0000000740)="565a92bd2ad96a4be42a5362d111", 0xe, 0x2000c0c0, &(0x7f0000000000)={0x11, 0x6, r8, 0x1, 0x1, 0x6, @local}, 0x14)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=ANY=[@ANYBLOB="3c00000013000100000000000000000000000002", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=r8, @ANYBLOB="1400350064756d6d7930"], 0x3c}}, 0x0)
r10 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r10, 0x8922, &(0x7f0000000080)={'dummy0\x00'})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xe, 0x0, &(0x7f0000000400)="43227504eaffffb22415f7322705", 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

189.314518ms ago: executing program 3 (id=4929):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x8000000000000}, 0x18)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x3, 0x1000000, 0x0, 0x301c2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3d7b, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

148.300518ms ago: executing program 1 (id=4930):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0xfdfe, 0x7, @remote, 0x4}, 0x1c)
connect$pppl2tp(r0, &(0x7f00000002c0)=@pppol2tpin6={0x18, 0x1, {0x0, r3, 0x8, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x32)
writev(r0, &(0x7f0000000180)=[{0x0}], 0x1)

127.440139ms ago: executing program 4 (id=4931):
inotify_init()
arch_prctl$ARCH_SHSTK_ENABLE(0x5001, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18010000008000000000000000000004850000006d000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001801000009006c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000feffffff850000002d00000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
mknod$loop(&(0x7f0000000400)='./file0\x00', 0x100000000000600d, 0x1)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0x1276, 0x0)
memfd_create(0x0, 0x5)
fcntl$notify(r0, 0x402, 0x20)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, 0x0, 0x0)
r3 = epoll_create1(0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2e, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, 0xffffffffffffffff, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000cc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x4}}], 0x18}}], 0x1, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCBRDELBR(r4, 0x89a2, &(0x7f0000000200)='bridge0\x00')

103.941179ms ago: executing program 5 (id=4932):
r0 = syz_clone(0x20a00000, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000fd007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ptrace$getregset(0x4204, r0, 0x202, &(0x7f0000000180)={&(0x7f0000000000)=""/16, 0x10})

103.432049ms ago: executing program 1 (id=4933):
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x0, 0xc, &(0x7f0000000940)=ANY=[@ANYBLOB="1800"/15, @ANYRES32, @ANYBLOB="00c2777b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095000000000000000000000000001a0ec935eed8bbf556f64a3059ae95ed6ee868ec79da48229b43412c7205996fa7fa87a45bf8c3230c47fcbc1f96decff6f124a87c5d48d48e19ca68edd32fb3de48ec8d1a180d172875b63f1c9f0f23bab1c1081cdaebd92a27b373d2be52974f5440f81d08c9a3c51af3f5f73fd2022a098825e4d9055e19d0076afea432106beb"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000086"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080200002100000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/14], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00'}, 0x18)
r0 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
ioctl$USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f00000001c0)={0x82, 0x0, 0x20, 0x0, 0x0, 0xfffffe00, 0x0})

93.149679ms ago: executing program 4 (id=4934):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000500)='mm_page_alloc\x00', r1, 0x0, 0x4}, 0x18)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000002200)=@newchain={0x1ebc, 0x64, 0x400, 0x70bd2d, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x5, 0xfff1}, {0xc, 0x5}, {0x6, 0xe}}, [@TCA_RATE={0x6, 0x5, {0x3, 0xa}}, @filter_kind_options=@f_matchall={{0xd}, {0x770, 0x2, [@TCA_MATCHALL_FLAGS={0x8, 0x3, 0x8}, @TCA_MATCHALL_ACT={0x75c, 0x2, [@m_sample={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x14, 0x2, 0x0, 0x1, [@TCA_SAMPLE_TRUNC_SIZE={0x8}, @TCA_SAMPLE_TRUNC_SIZE={0x8}]}, {0x13, 0x6, "fabd25f52fc3f0bc888274a6a9e02f"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_gact={0x78, 0x15, 0x0, 0x0, {{0x9}, {0x4c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x5, 0xaa, 0x7, 0xf5, 0xbda2}}, @TCA_GACT_PARMS={0x18, 0x2, {0x1, 0xb0, 0x0, 0x6fc0bce2, 0x3}}, @TCA_GACT_PARMS={0x18, 0x2, {0xb, 0x4, 0x7, 0x7, 0xb13}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x3}}}}, @m_tunnel_key={0xd0, 0x0, 0x0, 0x0, {{0xf}, {0x64, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @dev={0xac, 0x14, 0x14, 0x1b}}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @multicast2}, @TCA_TUNNEL_KEY_ENC_IPV6_DST={0x14, 0x6, @private2}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @initdev={0xac, 0x1e, 0x1, 0x0}}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @local}, @TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0x5, @remote}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @initdev={0xac, 0x1e, 0x0, 0x0}}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @loopback}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @empty}]}, {0x40, 0x6, "6e45d499c6ca6566740a343ab53f812dabb2ce2dbd0219683c8c9c0bb1294fa4232f38eef81bfdc88d06c716d17f069f0079eb767b1361ee792ec287"}, {0xc}, {0xc, 0x8, {0x2, 0x3}}}}, @m_tunnel_key={0xb8, 0x7, 0x0, 0x0, {{0xf}, {0x4c, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_NO_CSUM={0x5}, @TCA_TUNNEL_KEY_NO_CSUM={0x5, 0xa, 0x1}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @broadcast}, @TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0x5, @mcast2}, @TCA_TUNNEL_KEY_ENC_IPV6_DST={0x14, 0x6, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @TCA_TUNNEL_KEY_ENC_KEY_ID={0x8, 0x7, 0xfffffffd}]}, {0x3d, 0x6, "68fdbf96d82f6051583019ef8c2326a45026044379627fdf5d484779534db8129c9bc3be5aecf6f7ab13c5ab378eeead20c0a852bf9641e2f3"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ct={0xe4, 0x12, 0x0, 0x0, {{0x7}, {0x2c, 0x2, 0x0, 0x1, [@TCA_CT_NAT_PORT_MIN={0x6, 0xd, 0x4e24}, @TCA_CT_NAT_IPV4_MIN={0x8, 0x9, @private=0xa010102}, @TCA_CT_NAT_IPV4_MAX={0x8, 0xa, @private=0xa010101}, @TCA_CT_NAT_IPV4_MIN={0x8, 0x9, @local}, @TCA_CT_NAT_PORT_MAX={0x6, 0xe, 0x4e24}]}, {0x93, 0x6, "fc0deb3658d357994f16812d4facd725f2f54726ef2dba3d893fc556cabe3b0293a903c65e495c9b806ff6118b412608057b4513a253139449de10b521bc58c55c57c07085fc32766235ee237578a348f05f547b4d6ab38b0556a82ffa526dcdf879f82d89380a23133f11c1b241247a7ce4acf7cd7e4b914327f167ba1f735d7aeb3805b1ae84cd1c074314385aa4"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_mirred={0x148, 0x17, 0x0, 0x0, {{0xb}, {0xa4, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x9c, 0x9, 0xffffffffdffffff2, 0x0, 0x84a}, 0x2}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x8f3, 0x8, 0x2, 0x10001, 0xfffff801}, 0x4}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0x1ff, 0x4, 0x5, 0x81}, 0x3}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0xfffffffc, 0x7, 0x8, 0xffffffff, 0x7}, 0x2}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x9, 0x7, 0x10000000, 0x56, 0x3ff}, 0x4}}]}, {0x7b, 0x6, "e0566dad9c4f8de496804cac77fd510da8b9632e0e57dba1bf682c908da87842260a2a3399df2f7a7be17f3375226e78120e76b142dae941bdd7edec19e7760f2657fdf4d3cc75cc5d37144a80d5b92b2bae0b9d4e8c7ea6471abdb16843b121834da05c0db3bbb7e8ee8a54680cd8af5d1c772e5c4312"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x2}}}}, @m_ctinfo={0x14c, 0x15, 0x0, 0x0, {{0xb}, {0x74, 0x2, 0x0, 0x1, [@TCA_CTINFO_PARMS_CPMARK_MASK={0x8, 0x7, 0x9}, @TCA_CTINFO_ACT={0x18, 0x3, {0x7, 0x1, 0x4, 0x2, 0xd}}, @TCA_CTINFO_ACT={0x18, 0x3, {0x40, 0x9aa6, 0x5, 0xb6f, 0xfffffc01}}, @TCA_CTINFO_PARMS_CPMARK_MASK={0x8, 0x7, 0x8}, @TCA_CTINFO_ZONE={0x6, 0x4, 0x3}, @TCA_CTINFO_PARMS_CPMARK_MASK={0x8, 0x7, 0x2}, @TCA_CTINFO_ACT={0x18, 0x3, {0x2, 0x1, 0x7, 0x7, 0x52}}, @TCA_CTINFO_PARMS_CPMARK_MASK={0x8, 0x7, 0x6}]}, {0xae, 0x6, "9c428e2370b48178a350f132269bd47556b6e79c0c07d31fdd67c4827eb6608518737fc4c257b0bef90809221203fed7e246e4a0ac9ca2cf9d8b5191f5b49c17fe239bad71b422de9ff4e488db980c6bf4473538480c7d09f724c3ebdfa21edfb24d2f054116045cca9ea12408deabd7f0b3826b0ab2224bbfc9fb3cfbec6e781a1bb3fb990310928c7857218a5ce78f214b5a0863078d1f138b0e8be598a40c5f76a8bd62932ccd9190"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2}}}}, @m_tunnel_key={0x190, 0xa, 0x0, 0x0, {{0xf}, {0x70, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @empty}, @TCA_TUNNEL_KEY_NO_CSUM={0x5, 0xa, 0x1}, @TCA_TUNNEL_KEY_NO_CSUM={0x5, 0xa, 0x1}, @TCA_TUNNEL_KEY_NO_CSUM={0x5}, @TCA_TUNNEL_KEY_NO_CSUM={0x5, 0xa, 0x1}, @TCA_TUNNEL_KEY_NO_CSUM={0x5, 0xa, 0x1}, @TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0x5, @empty}, @TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0x5, @mcast1}, @TCA_TUNNEL_KEY_ENC_IPV6_DST={0x14, 0x6, @loopback}]}, {0xf4, 0x6, "ef9d03daabfaaa3f4bbabd864144904149a6d8a44d010d1a70c5080f0e2ed96d5a44aefa4e58f338e29ad8ccbb0555c274860236ead0d196fbd838525f81901bde3176a800afca651015faac55b2293b9f019cf510c44d446146abdec5f468d1a877809263d13219150b4ca4a2896f511e2c0109412fb4339bfe943850759e070df0d47f21cb7f7e88e4c1699705d1da462709e8d9dcb0f91758de0af678a318d7af18c7a5fa4f65a1a0677a62d17e9720dcc1ac2af57d2f4af09541736150cdf04231c2bacad13a5df0619c059ed20b70588b95bc637f0c0381e21832ff8b6ee8003950b2e44f9525f396175fe258a7"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3, 0x1}}}}]}, @TCA_MATCHALL_CLASSID={0x8, 0x1, {0x10, 0xf}}]}}, @filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_ENC_UDP_SRC_PORT_MASK={0x6}]}}, @filter_kind_options=@f_u32={{0x8}, {0x16f0, 0x2, [@TCA_U32_MARK={0x10, 0xa, {0x0, 0x2}}, @TCA_U32_ACT={0x7d0, 0x7, [@m_simple={0x11c, 0x15, 0x0, 0x0, {{0xb}, {0x28, 0x2, 0x0, 0x1, [@TCA_DEF_PARMS={0x18, 0x2, {0xbc, 0xc, 0x5, 0xfffff915, 0xc2}}, @TCA_DEF_DATA={0xb, 0x3, 'fq_pie\x00'}]}, {0xca, 0x6, "9a18c3fe203ab7a6e7b8855df086390b86c1472655826fed79bb851f60e2a443214626b937aa243ead792b4dd50656af7be2f2677a5af6d9630d285d5811a2522aecedb6c68edc7f18838c60cb0cb145b8c7d0a3eabcf8548046656910553c7d407645034dc2d7aa8d65392beb53ab667ad62d574ce539fd18cb7486b7e13314a740e32b6cdab021319a35eae198b80d35548cbc46f1109ddaaae82cbafd7f4355b664cdaab7a6d1b341c2776527cd56335332b713bf66791322dd86d5b48c0bda53951f6bc2"}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}, @m_xt={0x1dc, 0xc, 0x0, 0x0, {{0x7}, {0xe4, 0x2, 0x0, 0x1, [@TCA_IPT_TARG={0xde, 0x6, {0x95d, 'filter\x00', 0x81, 0x2, "3027e20bedc08672d53bdec9aab64ec5807aba03e96b75a0cc1b7719d29b693d2bdb94f6136653568bb11c2eef211ef41af5b9c04d34a90b2a460a2cf8b4319770edb44dbd388f8443cfb5140640b5371b99cacd04c565de56817967e92d0032871316365ff080ab68224afe76b059a596afde904436457f8492745ea0961c4cefb1054ce29eafd77af56198d778089af9661333afcc2ba62b6206802f5bde78b017f08efc69615ff0d58248f0aa9161bb5de48b"}}]}, {0xd4, 0x6, "388cf0841a93ecc08fae68607f33c7229929769b7abce96172fad9c51cd1f310e017c058b1d052cae531fd2f3b04ff16484f39e117123deaae9e81020d8b11ae135bd80bc7217d8915189221013841e1b13eac5a4af47bb8d0d7d03c30a9ec97fb77f32d7cca33f6a1f25bf99e69766d0fd78f16a9af306b946ac6965cf1bdea8547c5fa352a36e1e2c04c4b02f6279fa7b23803c7529fd6d29317b99ebf360a1b20e16bfeb6b18dcc25001d843d3affc4dab4393e0dd45e5db472ef98e2decf1dd692fee9b8f605497be16abd320ca0"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x2}}}}, @m_bpf={0x168, 0x0, 0x0, 0x0, {{0x8}, {0x48, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_FD={0x8}, @TCA_ACT_BPF_OPS={0xc, 0x4, [{0x6, 0x8, 0x3, 0x9}]}, @TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x5}, @TCA_ACT_BPF_FD={0x8, 0x5, r1}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x1, 0x2, 0x8, 0x8e, 0xc}}, @TCA_ACT_BPF_FD={0x8}]}, {0xfc, 0x6, "9b145a1e6787f23866254810d73c99853ef08bb6c1f34c3f1a62ee5b8d84ab46ccf5f80a469fb550801a8948b6b9c35dc432295fb4b4d7bc36f6ca93e835a90deea88c6e453867692aaa5d8c965906edf57c88e0c16ae662e5b9b99af941c6cd38fc570c9a2e17df14d204e8c5b00afea0b511cef13ccbadf3a2784439f2870cb0c75f0454dd0d0d60b0b8502f42e13c7566f209caaa67a543b7f158c74f54b1899faacfc0e02defa3d49f3eb0b1928e7cfd6e92980ba6967cbc8c1861d4429ea3fbf377b71970cf4df0e14cb8c7b30f98bf2fd6b4b0ea0410c455ad9ab88600eceecd9b85d93a619156752148e88a13e34f5ea093d46408"}, {0xc}, {0xc, 0x8, {0x1}}}}, @m_ife={0xe0, 0x3, 0x0, 0x0, {{0x8}, {0xc, 0x2, 0x0, 0x1, [@TCA_IFE_TYPE={0x6, 0x5, 0x9070}]}, {0xae, 0x6, "452f893eacf293b25ea6622e6367953696e1148458b597632d19b05a8d553b6436ae6a66e32a45c08f453d98528b4666f05da09615b73700d72a835a04863e8903d86707b78ce1d45fff868ae347fc7ffbab710e2aac15665bf544bd7dc76cd8efc39e6fa975196bfd7833fcf223a12b715bcd8c692b09904f73c1d693433e00d1af9b9fed548b6b3be0e795a9b16e64ed9b4925073d5bd72763c63e22f5c0ab43d381ae96ed69f8ca70"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}, @m_bpf={0x14c, 0x17, 0x0, 0x0, {{0x8}, {0x5c, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18, 0x2, {0x7, 0x80000001, 0x7, 0x530e333a, 0x200}}, @TCA_ACT_BPF_OPS={0x2c, 0x4, [{0xed9, 0x7, 0x4, 0x3}, {0xa, 0x0, 0x4, 0x9}, {0x7ff, 0x7, 0x0, 0x4}, {0x8d7f, 0x0, 0x5}, {0x0, 0x9, 0x8, 0x80}]}, @TCA_ACT_BPF_NAME={0xc, 0x6, './file0\x00'}, @TCA_ACT_BPF_FD={0x8}]}, {0xcc, 0x6, "30b4ef7cfa61eb1cf33117d88aeee3cae0a514d06fe29f8e19bb8d8e76a74a4aeea2428ec4dc0ccd69aec8599afdbf3cf392d01b482a1ffe9102945a44b1a7b5e8e693a79811ffd814ef219b9201e4a71e0253902f579998e4a0b7cc21e128d8d15fe1d568e08b085a56959c89c37bd05a9a4824a8af50af326958b0c59bf74a23b90b1cb4dd6c705556c26b91d9a155f69396d0ea0c20495f62c2eb6cb24506278d6757c3a4051ff2ef01c7941fe7d5667012308766dc83e050742b0ce6d1e1795779e20a8b5121"}, {0xc}, {0xc, 0x8, {0x1, 0x2}}}}, @m_connmark={0x140, 0x13, 0x0, 0x0, {{0xd}, {0x20, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0xe, 0x8d7, 0x2, 0x8, 0x100}, 0xde}}]}, {0xf3, 0x6, "cfc0e5d53e94d3d73855fa4f960de95d4cb7a830da850066a0ebfac56e1a0980fbfb25d87992c06896d8994582575187d3e833034ce0c0a999d309f7ef7ff0430991eb067ffc5f23c3ac8ccd25fb5a7ff6cf3f61aafb1f025e03dfc7477b086a3cdbc6eab43ae2b86b6bb3808f6727b2e14cce9c100fd92936b4b778c8cdf4d6d7ea59be9b136772fda32756b6086323bbe65175893a6ba6eeb05f151be28ab6b4b96a2da007e49ee1b1899c78858b800db8162b24a4853a8aeb5bd91879aaad9593cacda9fa691c55ec724d48ec6ce5808bddc23957890c4f562f4302f90defb34ddea85dfd0270ebc86dfffc2b5d"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2}}}}]}, @TCA_U32_ACT={0xf0c, 0x7, [@m_pedit={0xb8, 0x13, 0x0, 0x0, {{0xa}, {0x54, 0x2, 0x0, 0x1, [@TCA_PEDIT_KEYS_EX={0x50, 0x5, 0x0, 0x1, [{0x24, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x2}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x7}, @TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x1}]}, {0x1c, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x5}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6}]}, {0xc, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}]}]}]}, {0x3a, 0x6, "ab7cf2b03241fdbe0f6298b05ef7ea1bf0e5c9fd4627b84b909cc3a028a1d108c7881f5891df40105253ab488853d745d84fa596e8ff"}, {0xc}, {0xc, 0x8, {0x1, 0x2}}}}, @m_pedit={0xe50, 0x0, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{0x6, 0x100, 0x20000000, 0x100, 0x97a}, 0xe, 0x3c}, [{0x7f, 0x0, 0x401, 0x3, 0x81, 0x8}, {0x3, 0x80000001, 0xf, 0x4400, 0x5, 0x4}, {0x0, 0x6, 0xdca5, 0x2, 0x0, 0x6}, {0x6, 0x9, 0x3, 0x5, 0xfffffffd, 0xe}, {0x4, 0x8, 0x0, 0x2, 0x7, 0xfc6}, {0x7, 0x2, 0x6, 0x7, 0x3, 0xffffffaf}, {0x800, 0x4, 0x4, 0x13, 0x8000, 0x7f}, {0x6, 0x7, 0x2, 0x4849636b, 0xe, 0x9}, {0xd, 0x400, 0x7fffffff, 0x9eb, 0x2fcda0ed, 0x5}, {0x8, 0xa, 0x17f0, 0x1, 0x0, 0xfff}, {0x3, 0xc, 0xbc0, 0x5, 0x7f, 0xe2c}, {0x7, 0x4, 0x2, 0x7fffffff, 0x4, 0x5}, {0x6, 0x2, 0x8, 0x1000, 0x2, 0x81}, {0x1, 0x7f, 0xb8a, 0xe, 0x3, 0xfffffff7}, {0x5, 0x4c3, 0x7fffffff, 0xc, 0xfffffffb, 0x3}, {0xfffffff9, 0xd8, 0x86a, 0x80000000, 0x7fff, 0x8}, {0x2c7, 0x4, 0x4, 0x5, 0x4, 0x4}, {0x8001, 0x8a2, 0x1, 0x4, 0x8, 0x2}, {0x0, 0x4, 0x1, 0x1, 0x7ff, 0x5}, {0x8, 0x3, 0x0, 0x10000, 0x6, 0x7}, {0x1c3d, 0x7, 0x2, 0x4, 0x9bd, 0x4}, {0xffffffff, 0xfffff922, 0x1ff, 0xffff, 0x7f, 0x3}, {0xffff, 0x5, 0x8560, 0x7f, 0x2}, {0x9, 0xfffffff9, 0x4, 0x4, 0x3, 0x5}, {0x7, 0x5, 0x14f, 0x80000000}, {0x5df, 0x0, 0xffff, 0x2, 0x1, 0x4}, {0xbabb, 0x4, 0x8, 0x4, 0x7, 0xf}, {0x0, 0xfffffff7, 0x6, 0x40, 0x40, 0x6}, {0x4, 0x2, 0x8, 0xfff, 0x40000, 0x2}, {0xe, 0x8, 0x80, 0x3, 0x8, 0x1}, {0x80, 0x5, 0x81, 0x6, 0xffffff4e, 0x4}, {0x5, 0x3, 0x6, 0x6, 0x2, 0x8000}, {0x2372, 0x9, 0x1679, 0x5548, 0xd3, 0x6}, {0xfffffffe, 0x0, 0x0, 0x5, 0x8, 0x9}, {0xcc7, 0xb, 0x6, 0x8, 0x7, 0x2}, {0x9, 0xd053ead3, 0xc, 0x7, 0x3ff, 0x24}, {0x7, 0xc, 0x8000, 0x1200, 0x3, 0x4}, {0x7, 0x7, 0xc07, 0x4, 0xfffffff7, 0xfffffffb}, {0xa, 0x3, 0x401, 0x5, 0x6, 0x6}, {0xfffffff9, 0x8, 0x6, 0x20000000, 0xb1bb, 0x1ff}, {0x81, 0xfffffff0, 0x0, 0x1, 0x3}, {0x4, 0x6, 0xd1d, 0xfffffff7, 0x0, 0x8}, {0x6, 0x7f, 0x0, 0x0, 0x7, 0xfffffffa}, {0x3ff, 0x0, 0xd, 0xe26, 0x7f, 0x4}, {0x5, 0x8, 0xb, 0x38a, 0x4, 0xfffff000}, {0x35, 0xfff, 0x0, 0xffff41f3, 0x7fffffff, 0xfffffffc}, {0xebe, 0x20000000, 0xb, 0x3, 0x2, 0xae}, {0x2, 0x2, 0x772, 0x7ff, 0x0, 0xfffffff8}, {0x0, 0x7fff, 0x0, 0x80000000, 0xff, 0x1}, {0x9, 0x9, 0xfff, 0x7, 0x9, 0x8}, {0x2, 0x1, 0x3, 0x3, 0x6, 0xb1}, {0x7b, 0x8, 0x0, 0x7fffffff, 0x8, 0x5}, {0x10, 0x2, 0x5, 0x7, 0x400, 0x1000}, {0x2, 0x4, 0x8001, 0x401, 0x1, 0x730}, {0x7ff, 0x8, 0x1, 0x5, 0x4, 0x8}, {0x65, 0xd, 0x2, 0x9, 0x80000000, 0x4}, {0x8, 0x6, 0x7fff, 0x5, 0xd9ea636, 0x5}, {0x8, 0x7335df00, 0x0, 0x9, 0x5, 0x4}, {0x0, 0xd65, 0x2, 0xfffffff7, 0x4, 0x1}, {0x8, 0x0, 0x3, 0x4, 0x763, 0x9}, {0xa88, 0x2, 0xe49b, 0x4, 0xffff}, {0xaf6, 0x8d8, 0x952, 0x7, 0x7678, 0x9}, {0x47, 0x9, 0x9, 0x9, 0xb6d, 0x1}, {0x7, 0x7, 0x759c79e6, 0x10001, 0x3, 0xc40}, {0x3, 0x3, 0x283, 0x5, 0xd, 0xecaf}, {0x1, 0x1, 0x7, 0xa, 0xa39, 0x6dbe}, {0x2, 0x117, 0x5, 0x0, 0x4acc, 0x200}, {0x8, 0x10, 0x20, 0x2, 0x0, 0x8001}, {0x3, 0x7, 0x7, 0x6, 0x8, 0x5}, {0x1d, 0x8, 0xfffffffe, 0xf, 0x1, 0x3}, {0x9, 0x8, 0x0, 0x8, 0x0, 0x2}, {0x7f, 0x8, 0x2, 0x8, 0x8, 0xf}, {0xc, 0x2, 0x7, 0x7, 0x2, 0x4}, {0x8, 0x7ff, 0x45b, 0x5, 0x81, 0x1}, {0x4, 0xef, 0x4d8, 0x4, 0x0, 0xffff}, {0x8, 0xf, 0xfffffffd, 0x7, 0xfffffffc, 0xade}, {0x1, 0x2, 0x312d, 0x0, 0xffffffc0, 0xade0c5b6}, {0xc56, 0x9ea, 0x401, 0x4f70, 0x1, 0x1}, {0x7fa, 0x7, 0x59, 0x5, 0x58, 0xfffffffd}, {0x4, 0x6, 0xa, 0x1, 0x243, 0x5}, {0x80000000, 0x3, 0x8, 0xffffffff, 0x1, 0x7f}, {0x0, 0x0, 0x5, 0x8, 0x8000, 0x9}, {0x14000000, 0x6, 0x6, 0xfffffff9, 0xfff, 0x3}, {0x5, 0xfffffffe, 0xd, 0x6, 0xbb8b, 0x6}, {0x6, 0xfffffffe, 0x8, 0x80, 0x200, 0xf}, {0x84d, 0x3f51, 0xf, 0x1, 0x9, 0x9}, {0x34, 0xa, 0xf6a1, 0x2, 0x0, 0x3}, {0xff, 0x2, 0x1000000, 0x100, 0x8001, 0x2}, {0x38, 0x9, 0xffff79c3, 0x0, 0x0, 0x101}, {0x1, 0xe02e, 0xd, 0x9, 0x7, 0x7}, {0x4, 0x5, 0x0, 0x0, 0x22c00000, 0xfffffdff}, {0x2, 0x8, 0x8, 0x7, 0x2, 0x9}, {0x5, 0xfdb2, 0x3, 0x6, 0x1, 0x1}, {0x100000, 0x1, 0xffffffff, 0x7fffffff, 0x0, 0x5}, {0xc49, 0x3, 0x0, 0xc, 0xfffff325, 0x10}, {0x7, 0xea9, 0x5, 0x2, 0x0, 0x3}, {0x8, 0x3, 0x4, 0x7, 0x1, 0x3}, {0x2, 0xfffffffd, 0x1, 0xc26, 0xc, 0x1e7}, {0x80, 0x8, 0x8, 0x7, 0x10, 0x6}, {0x7fffffff, 0xfffffeff, 0x80, 0x0, 0x400, 0x7}, {0xc, 0x7, 0x6, 0xffff8001, 0xfffff5ba, 0x5}, {0x3, 0x5, 0x6, 0x3eb, 0xe08, 0x5}, {0x5, 0x2, 0x3, 0xfffffff7, 0x41b, 0x36c}, {0x1, 0xbf, 0x518f, 0x6, 0x19, 0x53}, {0x800, 0x0, 0x29, 0x5, 0x7, 0x4}, {0x6, 0xf, 0x5, 0xfffffff7, 0x9d, 0x6}, {0x8, 0x4, 0x561297a5, 0x8001, 0x3, 0x8}, {0x2, 0x80000001, 0xfa8, 0x9, 0x3, 0x4}, {0xd95f, 0x7f, 0x0, 0x7, 0x5, 0x3935}, {0x7, 0x7, 0x4, 0x80000001, 0x7, 0x10}, {0x3, 0x9, 0x6c39, 0x0, 0x2, 0xb}, {0xfffffffd, 0x9c14, 0x200, 0x3, 0xffff90fd, 0x6}, {0x7, 0x5ce0, 0x7, 0x6, 0x5, 0x4}, {0x9, 0x2a35, 0x5, 0xbf4, 0x4, 0x5}, {0xb9, 0xc, 0x4, 0x9, 0x1, 0x5}, {0xa, 0x5, 0x3, 0x9, 0x3, 0x9}, {0xa0, 0x5, 0xfffffffd, 0x3, 0x101, 0x8}, {0x5, 0x1, 0x3, 0x1, 0x1ff, 0x800}, {0xc, 0x8, 0x5, 0x3, 0x0, 0x7f3}, {0x3, 0x1, 0x6, 0x8, 0x3, 0x5}, {0x4, 0x4, 0x6, 0x4, 0x99, 0x34488b47}, {0x1, 0x4, 0x4, 0x5, 0x18, 0x2}, {0x9, 0x9, 0x0, 0x1000, 0xdbc1, 0xfffffff7}, {0x2, 0x1, 0xa, 0x1, 0x3, 0x10}, {0x6, 0x9, 0xfffffffa, 0x1, 0x0, 0x40}, {0x1, 0x2, 0x4, 0x7, 0x6570, 0xfe5}, {0x3, 0x6, 0x6, 0x4, 0xfffffc01, 0xfffffffa}, {0x8, 0x7, 0x7ffe, 0xbb6, 0x9, 0xfb}], [{0x3}, {}, {0x0, 0x1}, {0x3, 0x1}, {0x3}, {0x5}, {0x3, 0xf1a0c4d504751175}, {0x2, 0x1}, {0x1, 0x1}, {0x1}, {0x0, 0x1}, {0x2}, {}, {0x2}, {0x5, 0x1}, {0x6}, {0x83a56e26d4837a1f}, {0x2}, {0x0, 0x1}, {0x1, 0x1}, {0x1}, {0x2, 0x1}, {0x3, 0x1}, {}, {0x4, 0x1}, {0x1}, {0x3}, {0x3}, {0x5, 0x1}, {0x1}, {0x4, 0x1}, {0x1}, {0x1, 0x1}, {}, {}, {0x0, 0x1}, {0x4}, {0x4, 0x1}, {0x2, 0x1}, {0x1, 0x1}, {0x1, 0x1}, {0x2, 0x2}, {0x4}, {0x2, 0x1}, {}, {0x2, 0x1}, {0x1}, {0x1, 0x1}, {0x1, 0x1}, {0x7}, {0x3}, {0x5, 0x1}, {0x4, 0x1}, {0x0, 0x1}, {0x2, 0x1}, {}, {0x3, 0x1}, {0x1, 0x1}, {0x5}, {0x5}, {0x0, 0x1}, {0x2, 0x1}, {0x35f560ae89f66bcb, 0x1}, {0x0, 0x1}, {0x1}, {0x3, 0x1}, {0x2, 0x1}, {0x1}, {0x3, 0x1}, {}, {0x1, 0x1}, {}, {0x6}, {0x3}, {0x1, 0x1}, {0x0, 0x1}, {0x1, 0x1}, {0x5, 0x1}, {0x0, 0x1}, {}, {0x1}, {0x4, 0x1}, {0x4, 0x1}, {0x2, 0x1}, {0x4, 0x1}, {0x5, 0x1}, {0x5}, {0x5, 0x1}, {0x4, 0x1}, {0x2}, {0x58691b4535f4347a}, {0x5, 0x1}, {0x2, 0x1}, {0x3, 0x1}, {0x0, 0x1}, {0x3}, {0x5, 0x1}, {0x3, 0x1}, {0x3, 0x1}, {0xd38404d337ce04d2}, {0x1, 0x1}, {0x1}, {0x3, 0x1}, {0x4, 0x1}, {0x1, 0x1}, {0x4, 0x1}, {0x5, 0x1}, {0x5, 0x1}, {0x7}, {0x4, 0x1}, {0x3, 0x1}, {0x4, 0x1}, {0x4}, {0x4, 0x1}, {0x5}, {0x1}, {0x5}, {0x5, 0x1}, {0x5, 0x1}, {0x2, 0x1}, {0x1, 0x1}, {0x1}, {0x3}, {0x4, 0x1}, {0x2, 0x1}, {0x4}, {0x0, 0x1}, {0x2}], 0x1}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}]}]}}]}, 0x1ebc}, 0x1, 0x0, 0x0, 0x2}, 0x2000400c)

92.739779ms ago: executing program 1 (id=4935):
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = syz_io_uring_setup(0x654d, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000}, &(0x7f0000000200), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r1, 0x2, &(0x7f0000000180), 0xfe)

92.394019ms ago: executing program 5 (id=4936):
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00"/13], 0x48)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$selinux_load(r1, 0x0, 0x10)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x2, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES16=r2, @ANYRES32=r0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x98080, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, @perf_config_ext={0x0, 0xfffffffffffffffd}, 0x4000, 0x0, 0x60, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
socket$inet_smc(0x2b, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000e8000000000040d900008500000023000000850000000f00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
pipe2$9p(&(0x7f0000000000), 0x0)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,')
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r4, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)

77.082309ms ago: executing program 4 (id=4937):
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sys_enter\x00', r0}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00'}, 0x10)
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000040)='percpu_free_percpu\x00', r1}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000001010000ff7f0000cc00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000040000000000000000000000000000000000000000000000a53cf7abb3d6259635a4a8c7bf70da144523d553a7282d799228684e52c8a795cabd26979cce6751d07f1fdd76086fcfb2d08a4d39535166e98ba9df1e1777094051a874b551508e3fdac7a147499f1993f8b14096732f196736f35dff139e46d4ef67fbcd8afded7b4d3c56a7112a"], 0x50)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="0000000004070000000000004bd27ec44e5fabc80a000001000000000000000000", @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000100)={0x0, 0x3, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a31000000001400078005001500070000000800124000000000050005000200000005000400000000000d000300686173683a6e6574"], 0x5c}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0xfedd, 0x2, 0x4}, &(0x7f0000000140)=<r5=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0x200, 0x0, 0x4)
io_uring_enter(r4, 0xa32, 0x0, 0x47, 0x0, 0x0)
sendmsg$IPSET_CMD_ADD(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10040047}, 0x240008c4)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x1000004, 0x4010, r4, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x80, 0x0, 0x0, 0x4)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_emit_ethernet(0xaa, &(0x7f0000000380)={@broadcast, @broadcast, @val={@void, {0x8100, 0x5, 0x1, 0x1}}, {@llc={0x4, {@snap={0x0, 0x1, "fc", "78c367", 0x19, "30e4101faf4a9d97a22376b5d0e4595429ce8d3d90f23e3ba5776ce6a9a8ceb9f243b367b33f907d780f4394d134f4d657ec4ad09123d6c135ce70b4861dd75436884e13d225d2519b2a2a16d21d29a570e0af92c1b6263d036352b07b29f3ab703942bce53796cd94fa3c0d560d4fe22373ebf1fcdaeeab8f6974af9dc38e5e4d3918cd5acf6e6d9306d85472005294"}}}}}, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r8, 0x0, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x8, 0x3, 0x3b0, 0x0, 0x43, 0xa0, 0x1d0, 0x98, 0x318, 0x178, 0x178, 0x318, 0x178, 0x49, 0x0, {[{{@ip={@loopback, @local, 0x0, 0x0, 'veth0_to_bond\x00', 'ip6erspan0\x00'}, 0x12a, 0x1b0, 0x1d0, 0x0, {0x0, 0x7a010000}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x8, 0x0, 'syz0\x00'}}, @common=@unspec=@helper={{0x48}, {0x0, 'ftp-20000\x00'}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0xe8, 0x148, 0x0, {}, [@common=@unspec=@connbytes={{0x38}, {[{0xb}]}}, @common=@set={{0x40}, {{0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x300]}}}]}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv4=@multicast1}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x410)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
munmap(&(0x7f0000002000/0x800000)=nil, 0x800000)

65.05717ms ago: executing program 3 (id=4938):
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffff05850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80003, 0x0, @perf_config_ext={0x400000000000000, 0x1}, 0x115428, 0x0, 0x0, 0x0, 0x5f4d, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x7, 0x590, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x9, 0xa5d4}, 0x4c58, 0x0, 0x0, 0x1, 0x8, 0x2, 0xb, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000540), 0x84)
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, r0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000500)={'syzkaller0\x00', 0x7101})
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0xfffffffd, 0x0, {0x0, 0x0, 0x0, r3, {0x7, 0xfff2}, {}, {0x8, 0xfff1}}}, 0x24}}, 0x40004)

1.03531ms ago: executing program 1 (id=4939):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000200)={@in={{0x2, 0x0, @multicast2}}, 0x0, 0x0, 0x24, 0x0, "43cad7244bde5bbd8035d89034a56bad61a87c614899a37c5d0d7da4d7fc948375f3593dbd21eb7618ffb4ff4984e01eedc37998dd16526edb40eaadabe6cd2bd9f9dfeade7787ea64309c01ae05fb70"}, 0xd8)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
io_setup(0x8, &(0x7f0000004200)=<r3=>0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080000000000000010000009400000007ad4160850000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000000c0)='netlink_extack\x00', r4}, 0x10)
r5 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f00000001c0)={0x5813}, 0x10)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001e008d2a2abd7000ffdbdf250a0000", @ANYRES32=0x0, @ANYBLOB="0000001014"], 0x30}}, 0x0)
io_submit(r3, 0x1, &(0x7f0000004540)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff, 0x0}])
eventfd(0x39ea46a6)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r6}, 0x10)
r7 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r7, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000440)=ANY=[@ANYBLOB="020300030c00000000070000000000000200090008000000e90000000000000003000600000000000200000000000000000000000000000002000100000000004700000d00000000030005000000000002"], 0x60}, 0x1, 0x7}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/notes', 0x0, 0x0)
r8 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r8, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x2c)
bind$rxrpc(0xffffffffffffffff, &(0x7f0000000040)=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}}}, 0x24)
setsockopt$inet_msfilter(r8, 0x0, 0x29, 0x0, 0x1c)
r9 = socket$netlink(0x10, 0x3, 0x0)
writev(r9, &(0x7f00000003c0)=[{&(0x7f0000000300)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)

0s ago: executing program 5 (id=4940):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
setsockopt$bt_BT_SNDMTU(r0, 0x112, 0xc, 0x0, 0x0)
setsockopt$bt_BT_VOICE(r0, 0x112, 0xb, &(0x7f00000000c0)=0x63, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000008500000070000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000002c0)='sys_enter\x00', r3}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000004c0), 0x1, 0x553, &(0x7f0000000800)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
setxattr$trusted_overlay_upper(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000100), &(0x7f0000000300)=ANY=[], 0x381, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r1, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000080)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002080)={&(0x7f0000000300)='kfree\x00', r4, 0x0, 0xfffffffffffffffc}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
close(0x4)

kernel console output (not intermixed with test programs):

0141
[  256.800380][T17365] RAX: ffffffffffffffda RBX: 00007f2ae78f5fa0 RCX: 00007f2ae76ce969
[  256.800394][T17365] RDX: 000000000000006d RSI: 00002000000000c0 RDI: 0000000000000005
[  256.800412][T17365] RBP: 00007f2ae5d37090 R08: 0000000000000000 R09: 0000000000000000
[  256.800425][T17365] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  256.800448][T17365] R13: 0000000000000000 R14: 00007f2ae78f5fa0 R15: 00007ffe63de4e08
[  256.800484][T17365]  </TASK>
[  256.889691][T17363] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3743'.
[  256.992799][T17377] loop3: detected capacity change from 0 to 1024
[  257.015502][T17377] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  257.070582][T11382] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  257.082187][T17386] ref_ctr_offset mismatch. inode: 0x3b6 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  257.235476][T17400] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3758'.
[  257.716663][T17400] netlink: 96 bytes leftover after parsing attributes in process `syz.2.3758'.
[  257.785734][T17409] set match dimension is over the limit!
[  258.044459][T17430] ref_ctr_offset mismatch. inode: 0x1db offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  258.295466][T17447] set match dimension is over the limit!
[  258.479940][T17443] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3774'.
[  258.616487][T17474] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3783'.
[  258.942479][T17497] set match dimension is over the limit!
[  259.245960][T17495] Set syz1 is full, maxelem 65536 reached
[  259.586292][T17523] set match dimension is over the limit!
[  259.639515][T17529] loop3: detected capacity change from 0 to 1024
[  259.687589][T17529] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  259.700983][T17529] ext4 filesystem being mounted at /255/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  259.720083][T17546] FAULT_INJECTION: forcing a failure.
[  259.720083][T17546] name failslab, interval 1, probability 0, space 0, times 0
[  259.732905][T17546] CPU: 0 UID: 0 PID: 17546 Comm: syz.4.3806 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(voluntary) 
[  259.732950][T17546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  259.732966][T17546] Call Trace:
[  259.732975][T17546]  <TASK>
[  259.732985][T17546]  __dump_stack+0x1d/0x30
[  259.733009][T17546]  dump_stack_lvl+0xe8/0x140
[  259.733066][T17546]  dump_stack+0x15/0x1b
[  259.733086][T17546]  should_fail_ex+0x265/0x280
[  259.733110][T17546]  should_failslab+0x8c/0xb0
[  259.733199][T17546]  __kvmalloc_node_noprof+0x126/0x4f0
[  259.733234][T17546]  ? io_rsrc_data_alloc+0x28/0x70
[  259.733316][T17546]  io_rsrc_data_alloc+0x28/0x70
[  259.733348][T17546]  io_alloc_file_tables+0x21/0x90
[  259.733386][T17546]  io_sqe_files_register+0x13c/0x4f0
[  259.733477][T17546]  __se_sys_io_uring_register+0xb01/0xeb0
[  259.733509][T17546]  ? fput+0x8f/0xc0
[  259.733542][T17546]  ? ksys_write+0x192/0x1a0
[  259.733565][T17546]  __x64_sys_io_uring_register+0x55/0x70
[  259.733606][T17546]  x64_sys_call+0xc91/0x2fb0
[  259.733631][T17546]  do_syscall_64+0xd2/0x200
[  259.733667][T17546]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  259.733699][T17546]  ? clear_bhb_loop+0x40/0x90
[  259.733778][T17546]  ? clear_bhb_loop+0x40/0x90
[  259.733803][T17546]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.733830][T17546] RIP: 0033:0x7fe3a840e969
[  259.733851][T17546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  259.733872][T17546] RSP: 002b:00007fe3a6a77038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab
[  259.733898][T17546] RAX: ffffffffffffffda RBX: 00007fe3a8635fa0 RCX: 00007fe3a840e969
[  259.733975][T17546] RDX: 0000200000000180 RSI: 0000000000000002 RDI: 0000000000000007
[  259.733991][T17546] RBP: 00007fe3a6a77090 R08: 0000000000000000 R09: 0000000000000000
[  259.734007][T17546] R10: 00000000000000fe R11: 0000000000000246 R12: 0000000000000001
[  259.734023][T17546] R13: 0000000000000000 R14: 00007fe3a8635fa0 R15: 00007ffc47b0d998
[  259.734046][T17546]  </TASK>
[  259.955368][T17529] EXT4-fs error (device loop3): ext4_map_blocks:816: inode #15: block 8: comm syz.3.3802: lblock 8 mapped to illegal pblock 8 (length 1)
[  259.975107][T17552] ref_ctr_offset mismatch. inode: 0x259 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  259.987772][T17529] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 1 with error 117
[  260.000139][T17529] EXT4-fs (loop3): This should not happen!! Data will be lost
[  260.000139][T17529] 
[  260.023785][T17529] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  260.038757][T17529] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 475 with error 28
[  260.051438][T17529] EXT4-fs (loop3): This should not happen!! Data will be lost
[  260.051438][T17529] 
[  260.061407][T17529] EXT4-fs (loop3): Total free blocks count 0
[  260.067636][T17529] EXT4-fs (loop3): Free/Dirty block details
[  260.073730][T17529] EXT4-fs (loop3): free_blocks=4293918720
[  260.079585][T17529] EXT4-fs (loop3): dirty_blocks=480
[  260.084866][T17529] EXT4-fs (loop3): Block reservation details
[  260.138504][T15846] EXT4-fs error (device loop3): ext4_map_blocks:816: inode #15: block 1: comm kworker/u8:61: lblock 1 mapped to illegal pblock 1 (length 7)
[  260.172532][T17556] ref_ctr_offset mismatch. inode: 0x3ee offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  260.262724][T17568] ref_ctr_offset mismatch. inode: 0x364 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  260.307728][T17562] __nla_validate_parse: 2 callbacks suppressed
[  260.307749][T17562] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3812'.
[  260.385433][T17580] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3819'.
[  260.443137][T17590] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3822'.
[  260.549082][T17595] ref_ctr_offset mismatch. inode: 0x56d offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  260.771480][T17599] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  260.805131][T17599] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  260.902271][T17614] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3827'.
[  261.262520][   T29] kauditd_printk_skb: 359 callbacks suppressed
[  261.262539][   T29] audit: type=1326 audit(1749007827.358:18145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17586 comm="syz.0.3822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ae76ce969 code=0x7ffc0000
[  261.292385][   T29] audit: type=1326 audit(1749007827.358:18146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17586 comm="syz.0.3822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ae76ce969 code=0x7ffc0000
[  261.316002][   T29] audit: type=1326 audit(1749007827.358:18147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17586 comm="syz.0.3822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=328 compat=0 ip=0x7f2ae76ce969 code=0x7ffc0000
[  261.339593][   T29] audit: type=1326 audit(1749007827.358:18148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17586 comm="syz.0.3822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ae76ce969 code=0x7ffc0000
[  261.363203][   T29] audit: type=1326 audit(1749007827.358:18149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17586 comm="syz.0.3822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ae76ce969 code=0x7ffc0000
[  261.386854][   T29] audit: type=1326 audit(1749007827.358:18150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17586 comm="syz.0.3822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=241 compat=0 ip=0x7f2ae76ce969 code=0x7ffc0000
[  261.410516][   T29] audit: type=1326 audit(1749007827.358:18151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17586 comm="syz.0.3822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ae76ce969 code=0x7ffc0000
[  261.434247][   T29] audit: type=1326 audit(1749007827.358:18152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17586 comm="syz.0.3822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ae76ce969 code=0x7ffc0000
[  261.508252][T17617] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3832'.
[  261.880672][T17680] FAULT_INJECTION: forcing a failure.
[  261.880672][T17680] name failslab, interval 1, probability 0, space 0, times 0
[  261.893507][T17680] CPU: 1 UID: 0 PID: 17680 Comm: syz.4.3839 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(voluntary) 
[  261.893601][T17680] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  261.893636][T17680] Call Trace:
[  261.893645][T17680]  <TASK>
[  261.893654][T17680]  __dump_stack+0x1d/0x30
[  261.893676][T17680]  dump_stack_lvl+0xe8/0x140
[  261.893759][T17680]  dump_stack+0x15/0x1b
[  261.893776][T17680]  should_fail_ex+0x265/0x280
[  261.893796][T17680]  ? nd_alloc_stack+0x50/0xa0
[  261.893827][T17680]  should_failslab+0x8c/0xb0
[  261.893856][T17680]  __kmalloc_cache_noprof+0x4c/0x320
[  261.893957][T17680]  nd_alloc_stack+0x50/0xa0
[  261.893982][T17680]  pick_link+0x78e/0x830
[  261.894008][T17680]  ? __d_lookup_rcu+0x248/0x2a0
[  261.894045][T17680]  step_into+0x7b6/0x820
[  261.894144][T17680]  ? inode_permission+0x106/0x310
[  261.894179][T17680]  link_path_walk+0x571/0x900
[  261.894213][T17680]  path_lookupat+0x63/0x2a0
[  261.894307][T17680]  filename_lookup+0x147/0x340
[  261.894337][T17680]  ? __pfx_page_put_link+0x10/0x10
[  261.894372][T17680]  ? __pfx_page_put_link+0x10/0x10
[  261.894428][T17680]  do_readlinkat+0x7d/0x320
[  261.894460][T17680]  __x64_sys_readlinkat+0x51/0x60
[  261.894511][T17680]  x64_sys_call+0x2768/0x2fb0
[  261.894538][T17680]  do_syscall_64+0xd2/0x200
[  261.894572][T17680]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  261.894603][T17680]  ? clear_bhb_loop+0x40/0x90
[  261.894624][T17680]  ? clear_bhb_loop+0x40/0x90
[  261.894645][T17680]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.894670][T17680] RIP: 0033:0x7fe3a840e969
[  261.894757][T17680] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  261.894811][T17680] RSP: 002b:00007fe3a6a77038 EFLAGS: 00000246 ORIG_RAX: 000000000000010b
[  261.894841][T17680] RAX: ffffffffffffffda RBX: 00007fe3a8635fa0 RCX: 00007fe3a840e969
[  261.894858][T17680] RDX: 00002000000002c0 RSI: 00002000000001c0 RDI: 0000000000000006
[  261.894874][T17680] RBP: 00007fe3a6a77090 R08: 0000000000000000 R09: 0000000000000000
[  261.894889][T17680] R10: 00000000000000c6 R11: 0000000000000246 R12: 0000000000000001
[  261.894902][T17680] R13: 0000000000000000 R14: 00007fe3a8635fa0 R15: 00007ffc47b0d998
[  261.894920][T17680]  </TASK>
[  262.130975][   T29] audit: type=1326 audit(1749007827.998:18153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17678 comm="syz.1.3836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c688ae969 code=0x7ffc0000
[  262.154702][   T29] audit: type=1326 audit(1749007827.998:18154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17678 comm="syz.1.3836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c688ae969 code=0x7ffc0000
[  262.236487][T17686] ref_ctr_offset mismatch. inode: 0x588 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  262.370846][T17701] loop3: detected capacity change from 0 to 256
[  262.411585][ T3393] hid-generic 0009:0001:0009.0006: item fetching failed at offset 25/59
[  262.420492][ T3393] hid-generic 0009:0001:0009.0006: probe with driver hid-generic failed with error -22
[  262.430805][T17710] netlink: 56 bytes leftover after parsing attributes in process `syz.4.3847'.
[  262.439883][T17710] netlink: 56 bytes leftover after parsing attributes in process `syz.4.3847'.
[  262.449066][T17710] netlink: 56 bytes leftover after parsing attributes in process `syz.4.3847'.
[  262.469524][T17710] netlink: 56 bytes leftover after parsing attributes in process `syz.4.3847'.
[  262.470421][T17712] set match dimension is over the limit!
[  262.478645][T17710] netlink: 56 bytes leftover after parsing attributes in process `syz.4.3847'.
[  262.731136][T17743] ref_ctr_offset mismatch. inode: 0x21d offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  263.082282][T17759] FAULT_INJECTION: forcing a failure.
[  263.082282][T17759] name failslab, interval 1, probability 0, space 0, times 0
[  263.095273][T17759] CPU: 0 UID: 0 PID: 17759 Comm: syz.1.3860 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(voluntary) 
[  263.095429][T17759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  263.095444][T17759] Call Trace:
[  263.095452][T17759]  <TASK>
[  263.095460][T17759]  __dump_stack+0x1d/0x30
[  263.095485][T17759]  dump_stack_lvl+0xe8/0x140
[  263.095546][T17759]  dump_stack+0x15/0x1b
[  263.095566][T17759]  should_fail_ex+0x265/0x280
[  263.095652][T17759]  should_failslab+0x8c/0xb0
[  263.095699][T17759]  __kmalloc_noprof+0xa5/0x3e0
[  263.095731][T17759]  ? sk_prot_alloc+0xa8/0x190
[  263.095801][T17759]  ? should_fail_ex+0xdb/0x280
[  263.095826][T17759]  sk_prot_alloc+0xa8/0x190
[  263.095936][T17759]  sk_alloc+0x34/0x360
[  263.095967][T17759]  bpf_prog_test_run_skb+0x234/0xbd0
[  263.095999][T17759]  ? __rcu_read_unlock+0x4f/0x70
[  263.096027][T17759]  ? __fget_files+0x184/0x1c0
[  263.096088][T17759]  ? __rcu_read_unlock+0x4f/0x70
[  263.096117][T17759]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  263.096150][T17759]  bpf_prog_test_run+0x22a/0x390
[  263.096175][T17759]  __sys_bpf+0x3dc/0x790
[  263.096232][T17759]  __x64_sys_bpf+0x41/0x50
[  263.096281][T17759]  x64_sys_call+0x2478/0x2fb0
[  263.096307][T17759]  do_syscall_64+0xd2/0x200
[  263.096340][T17759]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  263.096453][T17759]  ? clear_bhb_loop+0x40/0x90
[  263.096477][T17759]  ? clear_bhb_loop+0x40/0x90
[  263.096502][T17759]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  263.096527][T17759] RIP: 0033:0x7f2c688ae969
[  263.096547][T17759] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  263.096633][T17759] RSP: 002b:00007f2c66f17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  263.096657][T17759] RAX: ffffffffffffffda RBX: 00007f2c68ad5fa0 RCX: 00007f2c688ae969
[  263.096673][T17759] RDX: 000000000000002c RSI: 0000200000000080 RDI: 000000000000000a
[  263.096728][T17759] RBP: 00007f2c66f17090 R08: 0000000000000000 R09: 0000000000000000
[  263.096742][T17759] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  263.096757][T17759] R13: 0000000000000000 R14: 00007f2c68ad5fa0 R15: 00007fff66cafca8
[  263.096780][T17759]  </TASK>
[  263.404598][T17773] ieee802154 phy0 wpan0: encryption failed: -22
[  263.477062][T15994] IPVS: starting estimator thread 0...
[  263.572733][T17800] IPVS: using max 3456 ests per chain, 172800 per kthread
[  263.733978][T17829] bond1: entered promiscuous mode
[  263.739119][T17829] bond1: entered allmulticast mode
[  263.747233][T17829] 8021q: adding VLAN 0 to HW filter on device bond1
[  263.828240][T17867] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=12288 sclass=netlink_route_socket pid=17867 comm=syz.4.3871
[  263.882175][T17869] FAULT_INJECTION: forcing a failure.
[  263.882175][T17869] name failslab, interval 1, probability 0, space 0, times 0
[  263.894956][T17869] CPU: 1 UID: 0 PID: 17869 Comm: syz.4.3872 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(voluntary) 
[  263.894990][T17869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  263.895002][T17869] Call Trace:
[  263.895009][T17869]  <TASK>
[  263.895017][T17869]  __dump_stack+0x1d/0x30
[  263.895161][T17869]  dump_stack_lvl+0xe8/0x140
[  263.895182][T17869]  dump_stack+0x15/0x1b
[  263.895199][T17869]  should_fail_ex+0x265/0x280
[  263.895232][T17869]  should_failslab+0x8c/0xb0
[  263.895285][T17869]  kmem_cache_alloc_node_noprof+0x57/0x320
[  263.895313][T17869]  ? __alloc_skb+0x101/0x320
[  263.895340][T17869]  __alloc_skb+0x101/0x320
[  263.895396][T17869]  netlink_alloc_large_skb+0xba/0xf0
[  263.895494][T17869]  netlink_sendmsg+0x3cf/0x6b0
[  263.895539][T17869]  ? __pfx_netlink_sendmsg+0x10/0x10
[  263.895574][T17869]  __sock_sendmsg+0x142/0x180
[  263.895601][T17869]  ____sys_sendmsg+0x31e/0x4e0
[  263.895714][T17869]  ___sys_sendmsg+0x17b/0x1d0
[  263.895755][T17869]  __x64_sys_sendmsg+0xd4/0x160
[  263.895789][T17869]  x64_sys_call+0x2999/0x2fb0
[  263.895830][T17869]  do_syscall_64+0xd2/0x200
[  263.895939][T17869]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  263.896070][T17869]  ? clear_bhb_loop+0x40/0x90
[  263.896091][T17869]  ? clear_bhb_loop+0x40/0x90
[  263.896112][T17869]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  263.896193][T17869] RIP: 0033:0x7fe3a840e969
[  263.896222][T17869] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  263.896241][T17869] RSP: 002b:00007fe3a6a77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  263.896262][T17869] RAX: ffffffffffffffda RBX: 00007fe3a8635fa0 RCX: 00007fe3a840e969
[  263.896279][T17869] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000005
[  263.896326][T17869] RBP: 00007fe3a6a77090 R08: 0000000000000000 R09: 0000000000000000
[  263.896338][T17869] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  263.896350][T17869] R13: 0000000000000000 R14: 00007fe3a8635fa0 R15: 00007ffc47b0d998
[  263.896370][T17869]  </TASK>
[  264.132255][T17871] netlink: 'syz.4.3873': attribute type 33 has an invalid length.
[  264.274276][T17893] FAULT_INJECTION: forcing a failure.
[  264.274276][T17893] name failslab, interval 1, probability 0, space 0, times 0
[  264.287057][T17893] CPU: 0 UID: 0 PID: 17893 Comm: syz.4.3879 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(voluntary) 
[  264.287164][T17893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  264.287180][T17893] Call Trace:
[  264.287189][T17893]  <TASK>
[  264.287199][T17893]  __dump_stack+0x1d/0x30
[  264.287225][T17893]  dump_stack_lvl+0xe8/0x140
[  264.287244][T17893]  dump_stack+0x15/0x1b
[  264.287261][T17893]  should_fail_ex+0x265/0x280
[  264.287281][T17893]  should_failslab+0x8c/0xb0
[  264.287440][T17893]  kmem_cache_alloc_noprof+0x50/0x310
[  264.287473][T17893]  ? getname_flags+0x80/0x3b0
[  264.287562][T17893]  getname_flags+0x80/0x3b0
[  264.287592][T17893]  __x64_sys_getxattr+0xfd/0x140
[  264.287627][T17893]  x64_sys_call+0x2f5b/0x2fb0
[  264.287648][T17893]  do_syscall_64+0xd2/0x200
[  264.287759][T17893]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  264.287790][T17893]  ? clear_bhb_loop+0x40/0x90
[  264.287813][T17893]  ? clear_bhb_loop+0x40/0x90
[  264.287839][T17893]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.287861][T17893] RIP: 0033:0x7fe3a840e969
[  264.287924][T17893] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  264.287947][T17893] RSP: 002b:00007fe3a6a77038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bf
[  264.287973][T17893] RAX: ffffffffffffffda RBX: 00007fe3a8635fa0 RCX: 00007fe3a840e969
[  264.287989][T17893] RDX: 0000000000000000 RSI: 0000200000000380 RDI: 0000000000000000
[  264.288036][T17893] RBP: 00007fe3a6a77090 R08: 0000000000000000 R09: 0000000000000000
[  264.288048][T17893] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  264.288133][T17893] R13: 0000000000000000 R14: 00007fe3a8635fa0 R15: 00007ffc47b0d998
[  264.288166][T17893]  </TASK>
[  264.600833][T17907] set match dimension is over the limit!
[  264.662456][T17912] set match dimension is over the limit!
[  264.779074][T17921] FAULT_INJECTION: forcing a failure.
[  264.779074][T17921] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  264.792217][T17921] CPU: 0 UID: 0 PID: 17921 Comm: syz.4.3886 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(voluntary) 
[  264.792248][T17921] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  264.792263][T17921] Call Trace:
[  264.792272][T17921]  <TASK>
[  264.792282][T17921]  __dump_stack+0x1d/0x30
[  264.792308][T17921]  dump_stack_lvl+0xe8/0x140
[  264.792382][T17921]  dump_stack+0x15/0x1b
[  264.792399][T17921]  should_fail_ex+0x265/0x280
[  264.792421][T17921]  should_fail+0xb/0x20
[  264.792501][T17921]  should_fail_usercopy+0x1a/0x20
[  264.792529][T17921]  _copy_to_user+0x20/0xa0
[  264.792566][T17921]  simple_read_from_buffer+0xb5/0x130
[  264.792594][T17921]  proc_fail_nth_read+0x100/0x140
[  264.792684][T17921]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  264.792710][T17921]  vfs_read+0x1a0/0x6f0
[  264.792734][T17921]  ? __rcu_read_unlock+0x4f/0x70
[  264.792759][T17921]  ? __rcu_read_unlock+0x4f/0x70
[  264.792824][T17921]  ? __fget_files+0x184/0x1c0
[  264.792973][T17921]  ksys_read+0xda/0x1a0
[  264.792998][T17921]  __x64_sys_read+0x40/0x50
[  264.793019][T17921]  x64_sys_call+0x2d77/0x2fb0
[  264.793040][T17921]  do_syscall_64+0xd2/0x200
[  264.793069][T17921]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  264.793148][T17921]  ? clear_bhb_loop+0x40/0x90
[  264.793172][T17921]  ? clear_bhb_loop+0x40/0x90
[  264.793261][T17921]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.793285][T17921] RIP: 0033:0x7fe3a840d37c
[  264.793303][T17921] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  264.793323][T17921] RSP: 002b:00007fe3a6a77030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  264.793345][T17921] RAX: ffffffffffffffda RBX: 00007fe3a8635fa0 RCX: 00007fe3a840d37c
[  264.793358][T17921] RDX: 000000000000000f RSI: 00007fe3a6a770a0 RDI: 0000000000000007
[  264.793371][T17921] RBP: 00007fe3a6a77090 R08: 0000000000000000 R09: 0000000000000000
[  264.793512][T17921] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  264.793526][T17921] R13: 0000000000000000 R14: 00007fe3a8635fa0 R15: 00007ffc47b0d998
[  264.793549][T17921]  </TASK>
[  264.794171][T17923] ref_ctr_offset mismatch. inode: 0x5f0 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  265.175311][T17948] ref_ctr_offset mismatch. inode: 0x2ca offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  265.635262][T17994] __nla_validate_parse: 7 callbacks suppressed
[  265.635280][T17994] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3909'.
[  266.273541][   T29] kauditd_printk_skb: 484 callbacks suppressed
[  266.273559][   T29] audit: type=1400 audit(1749007832.378:18639): avc:  denied  { getopt } for  pid=18038 comm="syz.1.3919" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  266.313020][T18037] bridge0: port 3(gretap0) entered blocking state
[  266.313426][   T29] audit: type=1400 audit(1749007832.418:18640): avc:  denied  { ioctl } for  pid=18036 comm="syz.4.3918" path="socket:[46178]" dev="sockfs" ino=46178 ioctlcmd=0x89a2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  266.319600][T18037] bridge0: port 3(gretap0) entered disabled state
[  266.352662][T18037] gretap0: entered allmulticast mode
[  266.359836][T18037] gretap0: entered promiscuous mode
[  266.365351][T17988] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  266.515724][T18053] set match dimension is over the limit!
[  266.543867][T18056] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3923'.
[  266.741888][   T29] audit: type=1326 audit(1749007832.838:18641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18082 comm="syz.3.3932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadecb0e969 code=0x7ffc0000
[  266.766958][   T29] audit: type=1326 audit(1749007832.838:18642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18082 comm="syz.3.3932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadecb0e969 code=0x7ffc0000
[  266.790644][   T29] audit: type=1326 audit(1749007832.848:18643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18082 comm="syz.3.3932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fadecb0e969 code=0x7ffc0000
[  266.814299][   T29] audit: type=1326 audit(1749007832.848:18644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18082 comm="syz.3.3932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadecb0e969 code=0x7ffc0000
[  266.838085][   T29] audit: type=1326 audit(1749007832.848:18645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18082 comm="syz.3.3932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fadecb0e969 code=0x7ffc0000
[  266.861588][   T29] audit: type=1326 audit(1749007832.848:18646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18082 comm="syz.3.3932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadecb0e969 code=0x7ffc0000
[  266.885404][   T29] audit: type=1326 audit(1749007832.848:18647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18082 comm="syz.3.3932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadecb0e969 code=0x7ffc0000
[  266.909196][   T29] audit: type=1326 audit(1749007832.848:18648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18082 comm="syz.3.3932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7fadecb0e969 code=0x7ffc0000
[  267.244969][T18120] netlink: 'syz.1.3945': attribute type 8 has an invalid length.
[  267.298936][T18120] syzkaller0: entered promiscuous mode
[  267.304641][T18120] syzkaller0: entered allmulticast mode
[  267.314764][T18120] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3945'.
[  267.339362][T18137] lo speed is unknown, defaulting to 1000
[  267.343557][T18123] bridge0: port 3(gretap0) entered blocking state
[  267.351656][T18123] bridge0: port 3(gretap0) entered disabled state
[  267.358254][T18123] gretap0: entered allmulticast mode
[  267.364186][T18123] gretap0: entered promiscuous mode
[  267.370091][T18137] lo speed is unknown, defaulting to 1000
[  267.377349][T18137] lo speed is unknown, defaulting to 1000
[  267.384025][T18137] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  267.394239][T18137] lo speed is unknown, defaulting to 1000
[  267.417764][T18137] lo speed is unknown, defaulting to 1000
[  267.425713][T18137] lo speed is unknown, defaulting to 1000
[  267.431877][T18137] lo speed is unknown, defaulting to 1000
[  267.438788][T18137] lo speed is unknown, defaulting to 1000
[  267.654154][T18176] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3958'.
[  267.725881][T18181] set match dimension is over the limit!
[  267.811185][T18179] bridge0: port 3(gretap0) entered blocking state
[  267.817792][T18179] bridge0: port 3(gretap0) entered disabled state
[  267.844191][T18179] gretap0: entered allmulticast mode
[  267.854591][T18179] gretap0: entered promiscuous mode
[  267.877684][T18197] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3964'.
[  267.888629][T18199] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3965'.
[  268.725975][T18226] ref_ctr_offset mismatch. inode: 0x312 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  269.281859][T18231] set match dimension is over the limit!
[  269.444108][T18241] netlink: 340 bytes leftover after parsing attributes in process `syz.4.3975'.
[  269.464672][T18241] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3975'.
[  269.480881][T18243] ref_ctr_offset mismatch. inode: 0x3df offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  269.849753][T18269] set match dimension is over the limit!
[  270.045784][T18281] set match dimension is over the limit!
[  270.180674][T18272] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3986'.
[  270.250959][T18222] loop3: detected capacity change from 0 to 512
[  270.263032][T18287] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3990'.
[  270.274658][T18222] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
[  270.310494][T18294] netlink: 'syz.4.3992': attribute type 8 has an invalid length.
[  270.357916][T18294] syzkaller0: entered promiscuous mode
[  270.363490][T18294] syzkaller0: entered allmulticast mode
[  270.575312][T18320] block device autoloading is deprecated and will be removed.
[  270.695018][T18335] ref_ctr_offset mismatch. inode: 0x4be offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  270.718331][T18320] bridge0: port 3(gretap0) entered blocking state
[  270.724886][T18320] bridge0: port 3(gretap0) entered disabled state
[  270.734651][T18320] gretap0: entered allmulticast mode
[  270.740644][T18320] gretap0: entered promiscuous mode
[  270.848585][T18353] __nla_validate_parse: 6 callbacks suppressed
[  270.848602][T18353] netlink: 132 bytes leftover after parsing attributes in process `syz.2.4013'.
[  270.883248][T18351] netlink: 'syz.3.4012': attribute type 8 has an invalid length.
[  270.899015][T18355] netlink: 'syz.1.4014': attribute type 8 has an invalid length.
[  270.962862][T18351] syzkaller0: entered promiscuous mode
[  270.968400][T18351] syzkaller0: entered allmulticast mode
[  270.985275][T18367] netlink: 132 bytes leftover after parsing attributes in process `syz.3.4012'.
[  271.016531][T18355] syzkaller0: entered promiscuous mode
[  271.022066][T18355] syzkaller0: entered allmulticast mode
[  271.030648][T18369] set match dimension is over the limit!
[  271.173953][T18388] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4022'.
[  271.260030][T18399] netlink: 132 bytes leftover after parsing attributes in process `syz.3.4026'.
[  271.298552][   T29] kauditd_printk_skb: 2181 callbacks suppressed
[  271.298574][   T29] audit: type=1326 audit(1749007837.398:20830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18401 comm="syz.3.4027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadecb0e969 code=0x7ffc0000
[  271.328509][   T29] audit: type=1326 audit(1749007837.398:20831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18401 comm="syz.3.4027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadecb0e969 code=0x7ffc0000
[  271.356532][   T29] audit: type=1326 audit(1749007837.398:20832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18401 comm="syz.3.4027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7fadecb0e969 code=0x7ffc0000
[  271.380625][   T29] audit: type=1326 audit(1749007837.398:20833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18401 comm="syz.3.4027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadecb0e969 code=0x7ffc0000
[  271.404275][   T29] audit: type=1326 audit(1749007837.398:20834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18401 comm="syz.3.4027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7fadecb0e969 code=0x7ffc0000
[  271.428128][   T29] audit: type=1326 audit(1749007837.398:20835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18401 comm="syz.3.4027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadecb0e969 code=0x7ffc0000
[  271.451754][   T29] audit: type=1326 audit(1749007837.398:20836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18401 comm="syz.3.4027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7fadecb0e969 code=0x7ffc0000
[  271.475505][   T29] audit: type=1326 audit(1749007837.398:20837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18401 comm="syz.3.4027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadecb0e969 code=0x7ffc0000
[  271.499299][   T29] audit: type=1326 audit(1749007837.398:20838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18401 comm="syz.3.4027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=81 compat=0 ip=0x7fadecb0e969 code=0x7ffc0000
[  271.523082][   T29] audit: type=1326 audit(1749007837.398:20839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18401 comm="syz.3.4027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadecb0e969 code=0x7ffc0000
[  271.692785][T18423] netlink: 132 bytes leftover after parsing attributes in process `syz.4.4037'.
[  271.865312][T18438] netlink: 32 bytes leftover after parsing attributes in process `syz.4.4041'.
[  271.901436][T18433] lo speed is unknown, defaulting to 1000
[  271.979916][T18433] loop1: detected capacity change from 0 to 1024
[  271.986954][T18433] EXT4-fs: Ignoring removed orlov option
[  271.992757][T18433] EXT4-fs: Ignoring removed nomblk_io_submit option
[  271.999628][T18433] /dev/loop1: Can't open blockdev
[  272.006505][T18474] netlink: 'syz.4.4044': attribute type 8 has an invalid length.
[  272.045971][T18474] syzkaller0: entered promiscuous mode
[  272.051670][T18474] syzkaller0: entered allmulticast mode
[  272.060992][T18486] set match dimension is over the limit!
[  272.091407][T18490] ref_ctr_offset mismatch. inode: 0x502 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  272.185231][T18498] set match dimension is over the limit!
[  272.267782][T18509] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4055'.
[  272.538316][T18536] set match dimension is over the limit!
[  272.831011][T18567] netlink: 32 bytes leftover after parsing attributes in process `syz.3.4074'.
[  273.057783][T18578] loop3: detected capacity change from 0 to 512
[  273.065974][T18578] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  273.074082][T18578] EXT4-fs (loop3): orphan cleanup on readonly fs
[  273.080931][T18578] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.4079: Failed to acquire dquot type 1
[  273.093083][T18578] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.4079: bg 0: block 40: padding at end of block bitmap is not set
[  273.107532][T18578] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  273.116812][T18578] EXT4-fs (loop3): 1 truncate cleaned up
[  273.123009][T18578] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  273.365349][T18583] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4080'.
[  273.678717][T18645] set match dimension is over the limit!
[  273.821418][T18643] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4099'.
[  273.874270][T11382] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  274.114509][T18688] ref_ctr_offset mismatch. inode: 0x55e offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  274.206621][T18691] set match dimension is over the limit!
[  274.362958][T18703] loop3: detected capacity change from 0 to 512
[  274.373637][T18703] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  274.381810][T18703] EXT4-fs (loop3): orphan cleanup on readonly fs
[  274.389423][T18703] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.4118: Failed to acquire dquot type 1
[  274.401804][T18703] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.4118: bg 0: block 40: padding at end of block bitmap is not set
[  274.417774][T18703] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  274.427356][T18703] EXT4-fs (loop3): 1 truncate cleaned up
[  274.433690][T18703] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  274.515477][T18723] ref_ctr_offset mismatch. inode: 0x582 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  274.752203][T18746] FAULT_INJECTION: forcing a failure.
[  274.752203][T18746] name failslab, interval 1, probability 0, space 0, times 0
[  274.765170][T18746] CPU: 1 UID: 0 PID: 18746 Comm: syz.4.4134 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(voluntary) 
[  274.765196][T18746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  274.765207][T18746] Call Trace:
[  274.765213][T18746]  <TASK>
[  274.765220][T18746]  __dump_stack+0x1d/0x30
[  274.765238][T18746]  dump_stack_lvl+0xe8/0x140
[  274.765318][T18746]  dump_stack+0x15/0x1b
[  274.765331][T18746]  should_fail_ex+0x265/0x280
[  274.765350][T18746]  ? netdevice_event+0x2ae/0x610
[  274.765405][T18746]  should_failslab+0x8c/0xb0
[  274.765427][T18746]  __kmalloc_cache_noprof+0x4c/0x320
[  274.765454][T18746]  ? __pfx_netdevice_event+0x10/0x10
[  274.765484][T18746]  netdevice_event+0x2ae/0x610
[  274.765523][T18746]  ? __pfx_add_netdev_ips+0x10/0x10
[  274.765610][T18746]  ? __pfx_is_eth_port_of_netdev_filter+0x10/0x10
[  274.765639][T18746]  ? __pfx_add_default_gids+0x10/0x10
[  274.765666][T18746]  ? __pfx_is_ndev_for_default_gid_filter+0x10/0x10
[  274.765804][T18746]  ? __pfx_del_netdev_ips+0x10/0x10
[  274.765835][T18746]  ? __pfx_is_eth_port_of_netdev_filter+0x10/0x10
[  274.765872][T18746]  ? __pfx_netdevice_event+0x10/0x10
[  274.765925][T18746]  raw_notifier_call_chain+0x6c/0x1b0
[  274.765947][T18746]  ? call_netdevice_notifiers_info+0x9c/0x100
[  274.765970][T18746]  call_netdevice_notifiers_info+0xae/0x100
[  274.765995][T18746]  call_netdevice_notifiers+0x48/0x70
[  274.766020][T18746]  ipvlan_device_event+0x30e/0x5b0
[  274.766085][T18746]  ? __pfx_ipvlan_device_event+0x10/0x10
[  274.766108][T18746]  raw_notifier_call_chain+0x6c/0x1b0
[  274.766127][T18746]  ? call_netdevice_notifiers_info+0x9c/0x100
[  274.766152][T18746]  call_netdevice_notifiers_info+0xae/0x100
[  274.766176][T18746]  call_netdevice_notifiers+0x48/0x70
[  274.766233][T18746]  dev_ifsioc+0x552/0xaa0
[  274.766263][T18746]  ? __rcu_read_unlock+0x4f/0x70
[  274.766368][T18746]  dev_ioctl+0x70a/0x960
[  274.766404][T18746]  sock_do_ioctl+0x197/0x220
[  274.766430][T18746]  sock_ioctl+0x41b/0x610
[  274.766455][T18746]  ? __pfx_sock_ioctl+0x10/0x10
[  274.766538][T18746]  __se_sys_ioctl+0xcb/0x140
[  274.766562][T18746]  __x64_sys_ioctl+0x43/0x50
[  274.766583][T18746]  x64_sys_call+0x19a8/0x2fb0
[  274.766667][T18746]  do_syscall_64+0xd2/0x200
[  274.766755][T18746]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  274.766856][T18746]  ? clear_bhb_loop+0x40/0x90
[  274.766881][T18746]  ? clear_bhb_loop+0x40/0x90
[  274.766907][T18746]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  274.766981][T18746] RIP: 0033:0x7fe3a840e969
[  274.767001][T18746] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  274.767069][T18746] RSP: 002b:00007fe3a6a77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  274.767094][T18746] RAX: ffffffffffffffda RBX: 00007fe3a8635fa0 RCX: 00007fe3a840e969
[  274.767110][T18746] RDX: 0000200000000000 RSI: 0000000000008937 RDI: 0000000000000004
[  274.767123][T18746] RBP: 00007fe3a6a77090 R08: 0000000000000000 R09: 0000000000000000
[  274.767135][T18746] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  274.767148][T18746] R13: 0000000000000000 R14: 00007fe3a8635fa0 R15: 00007ffc47b0d998
[  274.767167][T18746]  </TASK>
[  274.772389][T18748] set match dimension is over the limit!
[  274.856536][T18758] netlink: 'syz.4.4137': attribute type 8 has an invalid length.
[  275.066019][T18759] syzkaller0: entered promiscuous mode
[  275.106017][T18759] syzkaller0: entered allmulticast mode
[  275.114869][T11382] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  275.325225][T18796] batman_adv: batadv0: Removing interface: dummy0
[  275.336687][T18796] bridge_slave_0: left allmulticast mode
[  275.343554][T18796] bridge_slave_0: left promiscuous mode
[  275.350563][T18796] bridge0: port 1(bridge_slave_0) entered disabled state
[  275.362399][T18796] bridge_slave_1: left allmulticast mode
[  275.369283][T18796] bridge_slave_1: left promiscuous mode
[  275.381469][T18796] bridge0: port 2(bridge_slave_1) entered disabled state
[  275.393747][T18809] ref_ctr_offset mismatch. inode: 0x492 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  275.488374][T18796] : (slave bond_slave_0): Releasing backup interface
[  275.504480][T18796] : (slave bond_slave_1): Releasing backup interface
[  275.519885][T18796] team0: Port device team_slave_0 removed
[  275.531237][T18796] team0: Port device team_slave_1 removed
[  275.542943][T18796] batman_adv: batadv0: Removing interface: batadv_slave_0
[  275.561133][T18796] batman_adv: batadv0: Removing interface: batadv_slave_1
[  275.576820][T18812] IPv6: sit1: Disabled Multicast RS
[  275.770658][T18857] ref_ctr_offset mismatch. inode: 0x4a7 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  275.819639][T18853] set match dimension is over the limit!
[  275.883863][T18866] netlink: 'syz.0.4169': attribute type 8 has an invalid length.
[  275.915375][T18866] syzkaller0: entered promiscuous mode
[  275.920874][T18866] syzkaller0: entered allmulticast mode
[  275.928286][T18859] __nla_validate_parse: 1 callbacks suppressed
[  275.928300][T18859] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4167'.
[  276.329232][   T29] kauditd_printk_skb: 342 callbacks suppressed
[  276.329246][   T29] audit: type=1326 audit(1749007842.428:21178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18904 comm="syz.0.4183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ae76ce969 code=0x7ffc0000
[  276.359301][   T29] audit: type=1326 audit(1749007842.428:21179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18904 comm="syz.0.4183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ae76ce969 code=0x7ffc0000
[  276.383540][   T29] audit: type=1326 audit(1749007842.428:21180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18904 comm="syz.0.4183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2ae76ce969 code=0x7ffc0000
[  276.408146][   T29] audit: type=1326 audit(1749007842.428:21181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18904 comm="syz.0.4183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ae76ce969 code=0x7ffc0000
[  276.432267][   T29] audit: type=1326 audit(1749007842.428:21182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18904 comm="syz.0.4183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ae76ce969 code=0x7ffc0000
[  276.455948][   T29] audit: type=1326 audit(1749007842.428:21183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18904 comm="syz.0.4183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f2ae76ce969 code=0x7ffc0000
[  276.479689][   T29] audit: type=1326 audit(1749007842.428:21184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18904 comm="syz.0.4183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ae76ce969 code=0x7ffc0000
[  276.503736][   T29] audit: type=1326 audit(1749007842.428:21185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18904 comm="syz.0.4183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ae76ce969 code=0x7ffc0000
[  276.527416][   T29] audit: type=1326 audit(1749007842.428:21186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18904 comm="syz.0.4183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=187 compat=0 ip=0x7f2ae76ce969 code=0x7ffc0000
[  276.551297][   T29] audit: type=1326 audit(1749007842.428:21187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18904 comm="syz.0.4183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ae76ce969 code=0x7ffc0000
[  276.614043][T18923] netlink: 32 bytes leftover after parsing attributes in process `syz.1.4188'.
[  276.656344][T18930] ref_ctr_offset mismatch. inode: 0x4c3 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  276.794684][T18946] netlink: 'syz.2.4198': attribute type 4 has an invalid length.
[  276.807750][T18947] loop3: detected capacity change from 0 to 512
[  276.816615][T18947] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  276.824899][T18947] EXT4-fs (loop3): orphan cleanup on readonly fs
[  276.831551][T18947] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.4193: Failed to acquire dquot type 1
[  276.844399][T18947] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.4193: bg 0: block 40: padding at end of block bitmap is not set
[  276.861055][T18947] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  276.870401][T18947] EXT4-fs (loop3): 1 truncate cleaned up
[  276.876787][T18947] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  277.047607][T18980] netlink: 'syz.1.4210': attribute type 4 has an invalid length.
[  277.063057][T18984] ref_ctr_offset mismatch. inode: 0x3e3 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  277.380075][T19026] netlink: 'syz.0.4227': attribute type 4 has an invalid length.
[  277.550862][T19043] netlink: 32 bytes leftover after parsing attributes in process `syz.4.4235'.
[  277.571552][T11382] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  277.589214][T19043] wireguard0: entered promiscuous mode
[  277.594964][T19043] wireguard0: entered allmulticast mode
[  277.603838][T19045] ref_ctr_offset mismatch. inode: 0x34a offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  277.614311][T19053] loop3: detected capacity change from 0 to 512
[  277.635887][T19053] EXT4-fs error (device loop3): ext4_xattr_inode_iget:433: comm syz.3.4237: Parent and EA inode have the same ino 15
[  277.636888][T19034] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4231'.
[  277.652991][T19053] EXT4-fs error (device loop3): ext4_xattr_inode_iget:433: comm syz.3.4237: Parent and EA inode have the same ino 15
[  277.671502][T19053] EXT4-fs (loop3): 1 orphan inode deleted
[  277.677898][T19053] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  277.711542][T11382] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  277.778278][T19071] netlink: 'syz.0.4241': attribute type 4 has an invalid length.
[  277.899684][T19094] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4250'.
[  277.961798][T19102] rdma_op ffff888116970580 conn xmit_rdma 0000000000000000
[  278.039615][T19119] netlink: 'syz.2.4257': attribute type 21 has an invalid length.
[  278.163151][T19132] netlink: 'syz.3.4262': attribute type 4 has an invalid length.
[  278.172763][T19095] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4249'.
[  278.380648][T19148] FAULT_INJECTION: forcing a failure.
[  278.380648][T19148] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  278.393992][T19148] CPU: 1 UID: 0 PID: 19148 Comm: syz.3.4269 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(voluntary) 
[  278.394027][T19148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  278.394042][T19148] Call Trace:
[  278.394049][T19148]  <TASK>
[  278.394057][T19148]  __dump_stack+0x1d/0x30
[  278.394082][T19148]  dump_stack_lvl+0xe8/0x140
[  278.394107][T19148]  dump_stack+0x15/0x1b
[  278.394202][T19148]  should_fail_ex+0x265/0x280
[  278.394228][T19148]  should_fail+0xb/0x20
[  278.394251][T19148]  should_fail_usercopy+0x1a/0x20
[  278.394317][T19148]  _copy_to_user+0x20/0xa0
[  278.394342][T19148]  simple_read_from_buffer+0xb5/0x130
[  278.394427][T19148]  proc_fail_nth_read+0x100/0x140
[  278.394456][T19148]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  278.394482][T19148]  vfs_read+0x1a0/0x6f0
[  278.394505][T19148]  ? __rcu_read_unlock+0x4f/0x70
[  278.394536][T19148]  ? __fget_files+0x184/0x1c0
[  278.394566][T19148]  ksys_read+0xda/0x1a0
[  278.394629][T19148]  __x64_sys_read+0x40/0x50
[  278.394675][T19148]  x64_sys_call+0x2d77/0x2fb0
[  278.394702][T19148]  do_syscall_64+0xd2/0x200
[  278.394732][T19148]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  278.394789][T19148]  ? clear_bhb_loop+0x40/0x90
[  278.394815][T19148]  ? clear_bhb_loop+0x40/0x90
[  278.394905][T19148]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  278.394989][T19148] RIP: 0033:0x7fadecb0d37c
[  278.395005][T19148] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  278.395028][T19148] RSP: 002b:00007fadeb177030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  278.395110][T19148] RAX: ffffffffffffffda RBX: 00007fadecd35fa0 RCX: 00007fadecb0d37c
[  278.395125][T19148] RDX: 000000000000000f RSI: 00007fadeb1770a0 RDI: 0000000000000004
[  278.395140][T19148] RBP: 00007fadeb177090 R08: 0000000000000000 R09: 0000000000000000
[  278.395156][T19148] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  278.395168][T19148] R13: 0000000000000000 R14: 00007fadecd35fa0 R15: 00007ffda85a7318
[  278.395186][T19148]  </TASK>
[  278.621844][T19143] loop1: detected capacity change from 0 to 512
[  278.660428][T19143] EXT4-fs (loop1): 1 orphan inode deleted
[  278.692648][T15847] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:62: Failed to release dquot type 1
[  278.729317][T19143] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  278.759453][T15845] gretap0: left allmulticast mode
[  278.765060][T15845] bridge0: port 3(gretap0) entered disabled state
[  278.781261][T19143] ext4 filesystem being mounted at /161/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  278.799704][T15845] bridge_slave_1: left allmulticast mode
[  278.805505][T15845] bridge_slave_1: left promiscuous mode
[  278.811221][T15845] bridge0: port 2(bridge_slave_1) entered disabled state
[  278.823408][T15845] bridge_slave_0: left allmulticast mode
[  278.829449][T15845] bridge_slave_0: left promiscuous mode
[  278.835213][T15845] bridge0: port 1(bridge_slave_0) entered disabled state
[  278.886173][T14948] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  278.902181][T19181] netlink: 'syz.0.4275': attribute type 4 has an invalid length.
[  278.922940][T15845] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  278.943792][T15845] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  278.953219][T15845] bond0 (unregistering): Released all slaves
[  278.999097][T15845] hsr_slave_0: left promiscuous mode
[  279.007510][T15845] hsr_slave_1: left promiscuous mode
[  279.022973][T15845] batman_adv: batadv0: Removing interface: dummy0
[  279.050443][T15845] batman_adv: batadv0: Removing interface: batadv_slave_0
[  279.064114][T15845] batman_adv: batadv0: Removing interface: batadv_slave_1
[  279.073744][T15845] pimreg (unregistering): left allmulticast mode
[  279.080551][T19192] xt_hashlimit: max too large, truncated to 1048576
[  279.088969][T19192] FAULT_INJECTION: forcing a failure.
[  279.088969][T19192] name failslab, interval 1, probability 0, space 0, times 0
[  279.101678][T19192] CPU: 1 UID: 0 PID: 19192 Comm: syz.0.4278 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(voluntary) 
[  279.101712][T19192] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  279.101727][T19192] Call Trace:
[  279.101734][T19192]  <TASK>
[  279.101782][T19192]  __dump_stack+0x1d/0x30
[  279.101808][T19192]  dump_stack_lvl+0xe8/0x140
[  279.101831][T19192]  dump_stack+0x15/0x1b
[  279.101848][T19192]  should_fail_ex+0x265/0x280
[  279.101952][T19192]  should_failslab+0x8c/0xb0
[  279.101980][T19192]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  279.102014][T19192]  ? __d_alloc+0x3d/0x350
[  279.102048][T19192]  __d_alloc+0x3d/0x350
[  279.102100][T19192]  d_alloc_parallel+0x53/0xc40
[  279.102132][T19192]  ? selinux_inode_permission+0x532/0x620
[  279.102164][T19192]  ? make_vfsuid+0x49/0xa0
[  279.102274][T19192]  ? lockref_get_not_dead+0x120/0x1c0
[  279.102335][T19192]  ? __rcu_read_unlock+0x4f/0x70
[  279.102359][T19192]  __lookup_slow+0x8c/0x250
[  279.102396][T19192]  lookup_slow+0x3c/0x60
[  279.102431][T19192]  walk_component+0x1ec/0x220
[  279.102493][T19192]  path_lookupat+0xfe/0x2a0
[  279.102529][T19192]  filename_lookup+0x147/0x340
[  279.102590][T19192]  kern_path+0x3b/0x130
[  279.102618][T19192]  bpf_prog_get_type_path+0x45/0x1c0
[  279.102641][T19192]  ? strnlen+0x28/0x50
[  279.102674][T19192]  bpf_mt_check_v1+0xee/0x260
[  279.102709][T19192]  xt_check_match+0x2aa/0x4f0
[  279.102740][T19192]  ? xt_find_match+0x1d1/0x210
[  279.102772][T19192]  ? xt_find_match+0x1b5/0x210
[  279.102822][T19192]  translate_table+0xa9c/0xf90
[  279.102858][T19192]  ? _copy_from_user+0x89/0xb0
[  279.102925][T19192]  do_ipt_set_ctl+0x66f/0x820
[  279.102964][T19192]  nf_setsockopt+0x196/0x1b0
[  279.103132][T19192]  ip_setsockopt+0x102/0x110
[  279.103194][T19192]  udp_setsockopt+0x99/0xb0
[  279.103222][T19192]  sock_common_setsockopt+0x66/0x80
[  279.103246][T19192]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  279.103269][T19192]  __sys_setsockopt+0x184/0x200
[  279.103375][T19192]  __x64_sys_setsockopt+0x64/0x80
[  279.103433][T19192]  x64_sys_call+0x2bd5/0x2fb0
[  279.103458][T19192]  do_syscall_64+0xd2/0x200
[  279.103485][T19192]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  279.103512][T19192]  ? clear_bhb_loop+0x40/0x90
[  279.103642][T19192]  ? clear_bhb_loop+0x40/0x90
[  279.103663][T19192]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  279.103684][T19192] RIP: 0033:0x7f2ae76ce969
[  279.103703][T19192] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  279.103722][T19192] RSP: 002b:00007f2ae5d37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  279.103750][T19192] RAX: ffffffffffffffda RBX: 00007f2ae78f5fa0 RCX: 00007f2ae76ce969
[  279.103767][T19192] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000004
[  279.103784][T19192] RBP: 00007f2ae5d37090 R08: 0000000000000538 R09: 0000000000000000
[  279.103799][T19192] R10: 0000200000000540 R11: 0000000000000246 R12: 0000000000000001
[  279.103815][T19192] R13: 0000000000000000 R14: 00007f2ae78f5fa0 R15: 00007ffe63de4e08
[  279.103870][T19192]  </TASK>
[  279.411506][T19190] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4276'.
[  279.414934][T19188] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  279.431616][T19188] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  279.453901][T15845] team0 (unregistering): Port device team_slave_1 removed
[  279.463780][T15845] team0 (unregistering): Port device team_slave_0 removed
[  279.500631][T19199] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4277'.
[  279.580582][T19163] lo speed is unknown, defaulting to 1000
[  279.684066][T19163] chnl_net:caif_netlink_parms(): no params data found
[  279.749698][T19163] bridge0: port 1(bridge_slave_0) entered blocking state
[  279.756846][T19163] bridge0: port 1(bridge_slave_0) entered disabled state
[  279.764265][T19163] bridge_slave_0: entered allmulticast mode
[  279.771485][T19163] bridge_slave_0: entered promiscuous mode
[  279.780408][T19163] bridge0: port 2(bridge_slave_1) entered blocking state
[  279.787611][T19163] bridge0: port 2(bridge_slave_1) entered disabled state
[  279.794919][T19163] bridge_slave_1: entered allmulticast mode
[  279.801531][T19163] bridge_slave_1: entered promiscuous mode
[  279.830472][T15845] IPVS: stop unused estimator thread 0...
[  279.830833][T19163] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  279.840738][T19426] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4289'.
[  279.847135][T19163] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  279.877083][T19426] xt_hashlimit: max too large, truncated to 1048576
[  279.888900][T19163] team0: Port device team_slave_0 added
[  279.897212][T19163] team0: Port device team_slave_1 added
[  279.913356][T19436] netlink: 'syz.1.4290': attribute type 8 has an invalid length.
[  279.922272][T19163] batman_adv: batadv0: Adding interface: batadv_slave_0
[  279.929353][T19163] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  279.955541][T19163] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  279.973163][T19163] batman_adv: batadv0: Adding interface: batadv_slave_1
[  279.980165][T19163] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  280.006398][T19163] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  280.045119][T19163] hsr_slave_0: entered promiscuous mode
[  280.051616][T19163] hsr_slave_1: entered promiscuous mode
[  280.137977][T19163] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  280.146497][T19596] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  280.148131][T19163] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  280.162406][T19596] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  280.173000][T19163] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  280.181568][T19163] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  280.195958][T19163] bridge0: port 2(bridge_slave_1) entered blocking state
[  280.203030][T19163] bridge0: port 2(bridge_slave_1) entered forwarding state
[  280.210437][T19163] bridge0: port 1(bridge_slave_0) entered blocking state
[  280.217544][T19163] bridge0: port 1(bridge_slave_0) entered forwarding state
[  280.248751][T19163] 8021q: adding VLAN 0 to HW filter on device bond0
[  280.264675][T15846] bridge0: port 1(bridge_slave_0) entered disabled state
[  280.272807][T15846] bridge0: port 2(bridge_slave_1) entered disabled state
[  280.288401][T19163] 8021q: adding VLAN 0 to HW filter on device team0
[  280.298734][ T4968] bridge0: port 1(bridge_slave_0) entered blocking state
[  280.305828][ T4968] bridge0: port 1(bridge_slave_0) entered forwarding state
[  280.318851][T15847] bridge0: port 2(bridge_slave_1) entered blocking state
[  280.326594][T15847] bridge0: port 2(bridge_slave_1) entered forwarding state
[  280.407331][T19163] 8021q: adding VLAN 0 to HW filter on device batadv0
[  280.421136][T19623] netlink: 'syz.0.4300': attribute type 8 has an invalid length.
[  280.465067][T19623] syzkaller0: entered promiscuous mode
[  280.470540][T19623] syzkaller0: entered allmulticast mode
[  280.581636][T19163] veth0_vlan: entered promiscuous mode
[  280.589600][T19163] veth1_vlan: entered promiscuous mode
[  280.603878][T19163] veth0_macvtap: entered promiscuous mode
[  280.610720][T19163] veth1_macvtap: entered promiscuous mode
[  280.621228][T19163] batman_adv: batadv0: Interface activated: batadv_slave_0
[  280.631852][T19163] batman_adv: batadv0: Interface activated: batadv_slave_1
[  280.641308][T19163] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  280.650108][T19163] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  280.659167][T19163] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  280.668061][T19163] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  280.718775][T19660] blktrace: Concurrent blktraces are not allowed on sg0
[  280.841544][T19679] FAULT_INJECTION: forcing a failure.
[  280.841544][T19679] name failslab, interval 1, probability 0, space 0, times 0
[  280.842920][T19681] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  280.854346][T19679] CPU: 1 UID: 0 PID: 19679 Comm: syz.0.4310 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(voluntary) 
[  280.854380][T19679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  280.854504][T19679] Call Trace:
[  280.854510][T19679]  <TASK>
[  280.854519][T19679]  __dump_stack+0x1d/0x30
[  280.854543][T19679]  dump_stack_lvl+0xe8/0x140
[  280.854565][T19679]  dump_stack+0x15/0x1b
[  280.854583][T19679]  should_fail_ex+0x265/0x280
[  280.854606][T19679]  ? audit_log_d_path+0x8d/0x150
[  280.854684][T19679]  should_failslab+0x8c/0xb0
[  280.854710][T19679]  __kmalloc_cache_noprof+0x4c/0x320
[  280.854802][T19679]  audit_log_d_path+0x8d/0x150
[  280.854835][T19679]  audit_log_d_path_exe+0x42/0x70
[  280.854856][T19679]  audit_log_task+0x1e9/0x250
[  280.854889][T19679]  audit_seccomp+0x61/0x100
[  280.854926][T19679]  ? __seccomp_filter+0x68c/0x10d0
[  280.854952][T19679]  __seccomp_filter+0x69d/0x10d0
[  280.854979][T19679]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  280.855080][T19679]  ? vfs_write+0x75e/0x8e0
[  280.855102][T19679]  ? __rcu_read_unlock+0x4f/0x70
[  280.855127][T19679]  ? __fget_files+0x184/0x1c0
[  280.855156][T19679]  __secure_computing+0x82/0x150
[  280.855248][T19679]  syscall_trace_enter+0xcf/0x1e0
[  280.855274][T19679]  do_syscall_64+0xac/0x200
[  280.855305][T19679]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  280.855332][T19679]  ? clear_bhb_loop+0x40/0x90
[  280.855430][T19679]  ? clear_bhb_loop+0x40/0x90
[  280.855495][T19679]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  280.855518][T19679] RIP: 0033:0x7f2ae76ce969
[  280.855536][T19679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  280.855556][T19679] RSP: 002b:00007f2ae5d37038 EFLAGS: 00000246 ORIG_RAX: 000000000000004c
[  280.855651][T19679] RAX: ffffffffffffffda RBX: 00007f2ae78f5fa0 RCX: 00007f2ae76ce969
[  280.855665][T19679] RDX: 0000000000000000 RSI: 000000000000d105 RDI: 0000200000000000
[  280.855679][T19679] RBP: 00007f2ae5d37090 R08: 0000000000000000 R09: 0000000000000000
[  280.855747][T19679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  280.855760][T19679] R13: 0000000000000000 R14: 00007f2ae78f5fa0 R15: 00007ffe63de4e08
[  280.855781][T19679]  </TASK>
[  281.087371][T19681] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  281.101631][T19681] IPv6: NLM_F_CREATE should be specified when creating new route
[  281.148481][T19703] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4318'.
[  281.270488][T19730] set match dimension is over the limit!
[  281.377221][T19745] lo speed is unknown, defaulting to 1000
[  281.415999][T19770] FAULT_INJECTION: forcing a failure.
[  281.415999][T19770] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  281.429235][T19770] CPU: 0 UID: 0 PID: 19770 Comm: syz.4.4331 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(voluntary) 
[  281.429332][T19770] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  281.429345][T19770] Call Trace:
[  281.429354][T19770]  <TASK>
[  281.429363][T19770]  __dump_stack+0x1d/0x30
[  281.429390][T19770]  dump_stack_lvl+0xe8/0x140
[  281.429413][T19770]  dump_stack+0x15/0x1b
[  281.429512][T19770]  should_fail_ex+0x265/0x280
[  281.429532][T19770]  should_fail+0xb/0x20
[  281.429551][T19770]  should_fail_usercopy+0x1a/0x20
[  281.429637][T19770]  copy_to_user_nofault+0x7f/0x120
[  281.429694][T19770]  bpf_probe_write_user+0x83/0xc0
[  281.429719][T19770]  bpf_prog_19072b5a3fcf5d64+0x41/0x49
[  281.429737][T19770]  bpf_trace_run3+0x10c/0x1d0
[  281.429761][T19770]  ? skb_free_head+0x87/0x150
[  281.429842][T19770]  ? skb_free_head+0x87/0x150
[  281.429873][T19770]  kmem_cache_free+0x257/0x300
[  281.429907][T19770]  ? wake_up_q+0x3f/0x80
[  281.429949][T19770]  skb_free_head+0x87/0x150
[  281.430021][T19770]  skb_release_data+0x33b/0x370
[  281.430056][T19770]  ? netlink_broadcast_filtered+0xb25/0xc00
[  281.430091][T19770]  __kfree_skb+0x44/0x150
[  281.430123][T19770]  ? netlink_broadcast_filtered+0xb25/0xc00
[  281.430157][T19770]  consume_skb+0x49/0x150
[  281.430188][T19770]  netlink_broadcast_filtered+0xb25/0xc00
[  281.430288][T19770]  nlmsg_notify+0xcf/0x170
[  281.430323][T19770]  rtnl_notify+0x76/0x90
[  281.430350][T19770]  nexthop_notify+0x262/0x2d0
[  281.430372][T19770]  rtm_new_nexthop+0x34bf/0x4530
[  281.430410][T19770]  ? __pfx_rtm_new_nexthop+0x10/0x10
[  281.430448][T19770]  rtnetlink_rcv_msg+0x5fe/0x6d0
[  281.430468][T19770]  ? avc_has_perm_noaudit+0x1b1/0x200
[  281.430582][T19770]  netlink_rcv_skb+0x123/0x220
[  281.430626][T19770]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  281.430655][T19770]  rtnetlink_rcv+0x1c/0x30
[  281.430676][T19770]  netlink_unicast+0x5a1/0x670
[  281.430757][T19770]  netlink_sendmsg+0x58b/0x6b0
[  281.430829][T19770]  ? __pfx_netlink_sendmsg+0x10/0x10
[  281.430866][T19770]  __sock_sendmsg+0x142/0x180
[  281.430893][T19770]  ____sys_sendmsg+0x31e/0x4e0
[  281.430965][T19770]  ___sys_sendmsg+0x17b/0x1d0
[  281.431006][T19770]  __x64_sys_sendmsg+0xd4/0x160
[  281.431045][T19770]  x64_sys_call+0x2999/0x2fb0
[  281.431122][T19770]  do_syscall_64+0xd2/0x200
[  281.431222][T19770]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  281.431253][T19770]  ? clear_bhb_loop+0x40/0x90
[  281.431273][T19770]  ? clear_bhb_loop+0x40/0x90
[  281.431295][T19770]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  281.431349][T19770] RIP: 0033:0x7fe3a840e969
[  281.431366][T19770] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  281.431387][T19770] RSP: 002b:00007fe3a6a77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  281.431408][T19770] RAX: ffffffffffffffda RBX: 00007fe3a8635fa0 RCX: 00007fe3a840e969
[  281.431423][T19770] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 000000000000000a
[  281.431438][T19770] RBP: 00007fe3a6a77090 R08: 0000000000000000 R09: 0000000000000000
[  281.431453][T19770] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  281.431511][T19770] R13: 0000000000000000 R14: 00007fe3a8635fa0 R15: 00007ffc47b0d998
[  281.431533][T19770]  </TASK>
[  281.857503][T19796] netlink: 'syz.1.4337': attribute type 8 has an invalid length.
[  281.894594][T19805] block device autoloading is deprecated and will be removed.
[  281.904166][T19805] bridge0: port 3(gretap0) entered blocking state
[  281.910720][T19805] bridge0: port 3(gretap0) entered disabled state
[  281.917709][T19805] gretap0: entered allmulticast mode
[  281.923861][T19805] gretap0: entered promiscuous mode
[  281.929377][T19805] bridge0: port 3(gretap0) entered blocking state
[  281.935857][T19805] bridge0: port 3(gretap0) entered forwarding state
[  281.963594][   T29] kauditd_printk_skb: 392 callbacks suppressed
[  281.963612][   T29] audit: type=1326 audit(1749007848.068:21577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19811 comm="syz.5.4340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33549ee969 code=0x7ffc0000
[  281.993554][   T29] audit: type=1326 audit(1749007848.068:21578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19811 comm="syz.5.4340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33549ee969 code=0x7ffc0000
[  282.017386][   T29] audit: type=1326 audit(1749007848.068:21579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19811 comm="syz.5.4340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f33549ee969 code=0x7ffc0000
[  282.041048][   T29] audit: type=1326 audit(1749007848.068:21580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19811 comm="syz.5.4340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33549ee969 code=0x7ffc0000
[  282.064824][   T29] audit: type=1326 audit(1749007848.068:21581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19811 comm="syz.5.4340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33549ee969 code=0x7ffc0000
[  282.084599][T19809] netlink: 104 bytes leftover after parsing attributes in process `syz.3.4339'.
[  282.088979][   T29] audit: type=1326 audit(1749007848.068:21582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19811 comm="syz.5.4340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f33549ee969 code=0x7ffc0000
[  282.121230][   T29] audit: type=1326 audit(1749007848.068:21583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19811 comm="syz.5.4340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33549ee969 code=0x7ffc0000
[  282.144962][   T29] audit: type=1326 audit(1749007848.068:21584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19811 comm="syz.5.4340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7f33549ee969 code=0x7ffc0000
[  282.168732][   T29] audit: type=1326 audit(1749007848.068:21585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19811 comm="syz.5.4340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33549ee969 code=0x7ffc0000
[  282.192393][   T29] audit: type=1326 audit(1749007848.068:21586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19811 comm="syz.5.4340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33549ee969 code=0x7ffc0000
[  282.262299][T19822] loop5: detected capacity change from 0 to 512
[  282.269472][T19822] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  282.309125][T19822] EXT4-fs (loop5): 1 truncate cleaned up
[  282.315776][T19822] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  282.330914][T19831] FAULT_INJECTION: forcing a failure.
[  282.330914][T19831] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  282.344381][T19831] CPU: 1 UID: 0 PID: 19831 Comm: syz.1.4344 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(voluntary) 
[  282.344472][T19831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  282.344485][T19831] Call Trace:
[  282.344491][T19831]  <TASK>
[  282.344500][T19831]  __dump_stack+0x1d/0x30
[  282.344524][T19831]  dump_stack_lvl+0xe8/0x140
[  282.344634][T19831]  dump_stack+0x15/0x1b
[  282.344807][T19831]  should_fail_ex+0x265/0x280
[  282.344829][T19831]  should_fail+0xb/0x20
[  282.344892][T19831]  should_fail_usercopy+0x1a/0x20
[  282.344919][T19831]  _copy_to_user+0x20/0xa0
[  282.344950][T19831]  simple_read_from_buffer+0xb5/0x130
[  282.344978][T19831]  proc_fail_nth_read+0x100/0x140
[  282.345021][T19831]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  282.345048][T19831]  vfs_read+0x1a0/0x6f0
[  282.345073][T19831]  ? __rcu_read_unlock+0x4f/0x70
[  282.345096][T19831]  ? __fget_files+0x184/0x1c0
[  282.345124][T19831]  ksys_read+0xda/0x1a0
[  282.345155][T19831]  __x64_sys_read+0x40/0x50
[  282.345181][T19831]  x64_sys_call+0x2d77/0x2fb0
[  282.345207][T19831]  do_syscall_64+0xd2/0x200
[  282.345239][T19831]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  282.345325][T19831]  ? clear_bhb_loop+0x40/0x90
[  282.345364][T19831]  ? clear_bhb_loop+0x40/0x90
[  282.345390][T19831]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  282.345469][T19831] RIP: 0033:0x7f2c688ad37c
[  282.345490][T19831] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  282.345514][T19831] RSP: 002b:00007f2c66ef6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  282.345539][T19831] RAX: ffffffffffffffda RBX: 00007f2c68ad6080 RCX: 00007f2c688ad37c
[  282.345559][T19831] RDX: 000000000000000f RSI: 00007f2c66ef60a0 RDI: 0000000000000006
[  282.345575][T19831] RBP: 00007f2c66ef6090 R08: 0000000000000000 R09: 0000000000000000
[  282.345591][T19831] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  282.345650][T19831] R13: 0000000000000001 R14: 00007f2c68ad6080 R15: 00007fff66cafca8
[  282.345672][T19831]  </TASK>
[  282.346448][T19822] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  282.471455][T19835] loop3: detected capacity change from 0 to 1024
[  282.581995][T19836] set match dimension is over the limit!
[  282.596056][T19822] geneve2: entered promiscuous mode
[  282.601385][T19822] geneve2: entered allmulticast mode
[  282.608426][T19835] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  282.645702][T19835] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4342'.
[  282.839188][T11382] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  282.875085][T19871] netlink: 244 bytes leftover after parsing attributes in process `syz.1.4353'.
[  282.931272][T19871] netlink: 52 bytes leftover after parsing attributes in process `syz.1.4353'.
[  282.945920][T19893] loop5: detected capacity change from 0 to 736
[  282.988174][T19893] FAULT_INJECTION: forcing a failure.
[  282.988174][T19893] name failslab, interval 1, probability 0, space 0, times 0
[  283.000978][T19893] CPU: 0 UID: 0 PID: 19893 Comm: syz.5.4356 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(voluntary) 
[  283.001009][T19893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  283.001024][T19893] Call Trace:
[  283.001031][T19893]  <TASK>
[  283.001040][T19893]  __dump_stack+0x1d/0x30
[  283.001066][T19893]  dump_stack_lvl+0xe8/0x140
[  283.001093][T19893]  dump_stack+0x15/0x1b
[  283.001112][T19893]  should_fail_ex+0x265/0x280
[  283.001135][T19893]  should_failslab+0x8c/0xb0
[  283.001163][T19893]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  283.001208][T19893]  ? __d_alloc+0x3d/0x350
[  283.001240][T19893]  __d_alloc+0x3d/0x350
[  283.001271][T19893]  d_alloc_parallel+0x53/0xc40
[  283.001353][T19893]  ? __rcu_read_unlock+0x4f/0x70
[  283.001375][T19893]  ? __d_lookup+0x316/0x340
[  283.001408][T19893]  ? try_to_unlazy+0x25e/0x3a0
[  283.001483][T19893]  path_openat+0x6b5/0x2170
[  283.001575][T19893]  do_filp_open+0x109/0x230
[  283.001602][T19893]  do_sys_openat2+0xa6/0x110
[  283.001637][T19893]  __x64_sys_creat+0x65/0x90
[  283.001749][T19893]  x64_sys_call+0x114d/0x2fb0
[  283.001776][T19893]  do_syscall_64+0xd2/0x200
[  283.001841][T19893]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  283.001868][T19893]  ? clear_bhb_loop+0x40/0x90
[  283.001888][T19893]  ? clear_bhb_loop+0x40/0x90
[  283.002010][T19893]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  283.002053][T19893] RIP: 0033:0x7f33549ee969
[  283.002072][T19893] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  283.002117][T19893] RSP: 002b:00007f3353057038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[  283.002138][T19893] RAX: ffffffffffffffda RBX: 00007f3354c15fa0 RCX: 00007f33549ee969
[  283.002151][T19893] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000200000000040
[  283.002164][T19893] RBP: 00007f3353057090 R08: 0000000000000000 R09: 0000000000000000
[  283.002176][T19893] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  283.002190][T19893] R13: 0000000000000000 R14: 00007f3354c15fa0 R15: 00007ffecf7693a8
[  283.002214][T19893]  </TASK>
[  283.294836][T19923] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4363'.
[  283.318403][T19923] loop3: detected capacity change from 0 to 512
[  283.358510][T19923] EXT4-fs (loop3): 1 orphan inode deleted
[  283.372869][T15847] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:62: Failed to release dquot type 1
[  283.379508][T19923] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  283.439845][T19949] FAULT_INJECTION: forcing a failure.
[  283.439845][T19949] name failslab, interval 1, probability 0, space 0, times 0
[  283.452657][T19949] CPU: 1 UID: 0 PID: 19949 Comm: syz.1.4370 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(voluntary) 
[  283.452690][T19949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  283.452705][T19949] Call Trace:
[  283.452713][T19949]  <TASK>
[  283.452757][T19949]  __dump_stack+0x1d/0x30
[  283.452782][T19949]  dump_stack_lvl+0xe8/0x140
[  283.452805][T19949]  dump_stack+0x15/0x1b
[  283.452835][T19949]  should_fail_ex+0x265/0x280
[  283.452860][T19949]  ? audit_log_d_path+0x8d/0x150
[  283.452909][T19949]  should_failslab+0x8c/0xb0
[  283.452937][T19949]  __kmalloc_cache_noprof+0x4c/0x320
[  283.452973][T19949]  audit_log_d_path+0x8d/0x150
[  283.453064][T19949]  audit_log_d_path_exe+0x42/0x70
[  283.453086][T19949]  audit_log_task+0x1e9/0x250
[  283.453119][T19949]  audit_seccomp+0x61/0x100
[  283.453163][T19949]  ? __seccomp_filter+0x68c/0x10d0
[  283.453241][T19949]  __seccomp_filter+0x69d/0x10d0
[  283.453265][T19949]  ? up_write+0x18/0x60
[  283.453290][T19949]  ? shmem_file_write_iter+0xd0/0xf0
[  283.453319][T19949]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  283.453355][T19949]  ? vfs_write+0x75e/0x8e0
[  283.453384][T19949]  __secure_computing+0x82/0x150
[  283.453457][T19949]  syscall_trace_enter+0xcf/0x1e0
[  283.453487][T19949]  do_syscall_64+0xac/0x200
[  283.453557][T19949]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  283.453582][T19949]  ? clear_bhb_loop+0x40/0x90
[  283.453605][T19949]  ? clear_bhb_loop+0x40/0x90
[  283.453641][T19949]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  283.453663][T19949] RIP: 0033:0x7f2c688ad37c
[  283.453775][T19949] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  283.453797][T19949] RSP: 002b:00007f2c66f17030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  283.453821][T19949] RAX: ffffffffffffffda RBX: 00007f2c68ad5fa0 RCX: 00007f2c688ad37c
[  283.453837][T19949] RDX: 000000000000000f RSI: 00007f2c66f170a0 RDI: 0000000000000007
[  283.453852][T19949] RBP: 00007f2c66f17090 R08: 0000000000000000 R09: 0000000000000000
[  283.453888][T19949] R10: 0000000008000c61 R11: 0000000000000246 R12: 0000000000000002
[  283.453977][T19949] R13: 0000000000000000 R14: 00007f2c68ad5fa0 R15: 00007fff66cafca8
[  283.453999][T19949]  </TASK>
[  283.563404][T19923] ext4 filesystem being mounted at /376/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  283.734031][T19955] new mount options do not match the existing superblock, will be ignored
[  283.755602][T19955] cgroup: option or name mismatch, new: 0x4 "", old: 0x0 ""
[  283.776183][T11382] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  283.803605][T19962] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4377'.
[  283.889405][T19981] FAULT_INJECTION: forcing a failure.
[  283.889405][T19981] name failslab, interval 1, probability 0, space 0, times 0
[  283.902220][T19981] CPU: 1 UID: 0 PID: 19981 Comm: syz.3.4383 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(voluntary) 
[  283.902254][T19981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  283.902268][T19981] Call Trace:
[  283.902276][T19981]  <TASK>
[  283.902293][T19981]  __dump_stack+0x1d/0x30
[  283.902319][T19981]  dump_stack_lvl+0xe8/0x140
[  283.902421][T19981]  dump_stack+0x15/0x1b
[  283.902441][T19981]  should_fail_ex+0x265/0x280
[  283.902465][T19981]  should_failslab+0x8c/0xb0
[  283.902530][T19981]  __kmalloc_noprof+0xa5/0x3e0
[  283.902567][T19981]  ? flow_rule_alloc+0x2b/0x180
[  283.902671][T19981]  flow_rule_alloc+0x2b/0x180
[  283.902726][T19981]  mall_replace_hw_filter+0x92/0x460
[  283.902784][T19981]  mall_change+0x34a/0x480
[  283.902814][T19981]  ? __pfx_mall_change+0x10/0x10
[  283.902846][T19981]  tc_new_tfilter+0xde4/0x10a0
[  283.902914][T19981]  ? __pfx_tc_new_tfilter+0x10/0x10
[  283.902950][T19981]  rtnetlink_rcv_msg+0x5fe/0x6d0
[  283.903006][T19981]  ? avc_has_perm_noaudit+0x1b1/0x200
[  283.903044][T19981]  netlink_rcv_skb+0x123/0x220
[  283.903152][T19981]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  283.903181][T19981]  rtnetlink_rcv+0x1c/0x30
[  283.903276][T19981]  netlink_unicast+0x5a1/0x670
[  283.903309][T19981]  netlink_sendmsg+0x58b/0x6b0
[  283.903346][T19981]  ? __pfx_netlink_sendmsg+0x10/0x10
[  283.903443][T19981]  __sock_sendmsg+0x142/0x180
[  283.903473][T19981]  ____sys_sendmsg+0x31e/0x4e0
[  283.903510][T19981]  ___sys_sendmsg+0x17b/0x1d0
[  283.903565][T19981]  __x64_sys_sendmsg+0xd4/0x160
[  283.903603][T19981]  x64_sys_call+0x2999/0x2fb0
[  283.903630][T19981]  do_syscall_64+0xd2/0x200
[  283.903679][T19981]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  283.903708][T19981]  ? clear_bhb_loop+0x40/0x90
[  283.903729][T19981]  ? clear_bhb_loop+0x40/0x90
[  283.903756][T19981]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  283.903778][T19981] RIP: 0033:0x7fadecb0e969
[  283.903797][T19981] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  283.903816][T19981] RSP: 002b:00007fadeb177038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  283.903836][T19981] RAX: ffffffffffffffda RBX: 00007fadecd35fa0 RCX: 00007fadecb0e969
[  283.903861][T19981] RDX: 0000000000040010 RSI: 0000200000006040 RDI: 0000000000000005
[  283.903874][T19981] RBP: 00007fadeb177090 R08: 0000000000000000 R09: 0000000000000000
[  283.903922][T19981] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  283.903937][T19981] R13: 0000000000000000 R14: 00007fadecd35fa0 R15: 00007ffda85a7318
[  283.904033][T19981]  </TASK>
[  284.309785][T20009] netlink: 'syz.4.4391': attribute type 8 has an invalid length.
[  284.410495][T20028] ref_ctr_offset mismatch. inode: 0x86 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  284.506403][T20035] hub 9-0:1.0: USB hub found
[  284.511345][T20035] hub 9-0:1.0: 8 ports detected
[  284.573388][T20036] loop3: detected capacity change from 0 to 512
[  284.582435][T20036] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  284.590696][T20036] EXT4-fs (loop3): orphan cleanup on readonly fs
[  284.602832][T20031] netlink: 104 bytes leftover after parsing attributes in process `syz.0.4385'.
[  284.903582][T20050] loop5: detected capacity change from 0 to 1024
[  284.904263][T20036] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.4397: Failed to acquire dquot type 1
[  284.904424][T20050] EXT4-fs: Ignoring removed orlov option
[  284.904494][T20050] EXT4-fs: Ignoring removed nomblk_io_submit option
[  284.905089][T20036] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.4397: bg 0: block 40: padding at end of block bitmap is not set
[  284.905270][T20036] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  284.905472][T20036] EXT4-fs (loop3): 1 truncate cleaned up
[  284.906053][T20036] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  284.944513][T20050] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  284.986603][T19163] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  285.172748][T20081] netlink: 132 bytes leftover after parsing attributes in process `syz.1.4409'.
[  285.220362][T20087] ref_ctr_offset mismatch. inode: 0xa2 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  285.233572][T20089] netlink: 'syz.4.4413': attribute type 8 has an invalid length.
[  285.337267][T11382] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  285.370434][T20107] ipvlan2: entered promiscuous mode
[  285.390805][T20107] bridge0: port 4(ipvlan2) entered blocking state
[  285.397323][T20107] bridge0: port 4(ipvlan2) entered disabled state
[  285.404159][T20107] ipvlan2: entered allmulticast mode
[  285.409464][T20107] bridge0: entered allmulticast mode
[  285.417256][T20107] ipvlan2: left allmulticast mode
[  285.422319][T20107] bridge0: left allmulticast mode
[  285.429332][T20116] FAULT_INJECTION: forcing a failure.
[  285.429332][T20116] name failslab, interval 1, probability 0, space 0, times 0
[  285.442030][T20116] CPU: 1 UID: 0 PID: 20116 Comm: syz.0.4420 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(voluntary) 
[  285.442064][T20116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  285.442078][T20116] Call Trace:
[  285.442085][T20116]  <TASK>
[  285.442094][T20116]  __dump_stack+0x1d/0x30
[  285.442159][T20116]  dump_stack_lvl+0xe8/0x140
[  285.442183][T20116]  dump_stack+0x15/0x1b
[  285.442203][T20116]  should_fail_ex+0x265/0x280
[  285.442227][T20116]  should_failslab+0x8c/0xb0
[  285.442252][T20116]  __kmalloc_noprof+0xa5/0x3e0
[  285.442302][T20116]  ? genl_family_rcv_msg_attrs_parse+0x75/0x190
[  285.442335][T20116]  genl_family_rcv_msg_attrs_parse+0x75/0x190
[  285.442367][T20116]  genl_family_rcv_msg_doit+0x48/0x1b0
[  285.442432][T20116]  ? genl_get_cmd+0x425/0x660
[  285.442457][T20116]  ? radix_tree_lookup+0xfa/0x140
[  285.442520][T20116]  genl_rcv_msg+0x422/0x460
[  285.442547][T20116]  ? __pfx_ctrl_getfamily+0x10/0x10
[  285.442570][T20116]  netlink_rcv_skb+0x123/0x220
[  285.442619][T20116]  ? __pfx_genl_rcv_msg+0x10/0x10
[  285.442660][T20116]  genl_rcv+0x28/0x40
[  285.442681][T20116]  netlink_unicast+0x5a1/0x670
[  285.442712][T20116]  netlink_sendmsg+0x58b/0x6b0
[  285.442855][T20116]  ? __pfx_netlink_sendmsg+0x10/0x10
[  285.442945][T20116]  __sock_sendmsg+0x142/0x180
[  285.443040][T20116]  __sys_sendto+0x268/0x330
[  285.443096][T20116]  __x64_sys_sendto+0x76/0x90
[  285.443122][T20116]  x64_sys_call+0x2eb6/0x2fb0
[  285.443142][T20116]  do_syscall_64+0xd2/0x200
[  285.443177][T20116]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  285.443207][T20116]  ? clear_bhb_loop+0x40/0x90
[  285.443231][T20116]  ? clear_bhb_loop+0x40/0x90
[  285.443256][T20116]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  285.443328][T20116] RIP: 0033:0x7f2ae76d07fc
[  285.443347][T20116] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b
[  285.443368][T20116] RSP: 002b:00007f2ae5d35ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  285.443389][T20116] RAX: ffffffffffffffda RBX: 00007f2ae5d35fc0 RCX: 00007f2ae76d07fc
[  285.443402][T20116] RDX: 0000000000000020 RSI: 00007f2ae5d36010 RDI: 0000000000000007
[  285.443417][T20116] RBP: 0000000000000000 R08: 00007f2ae5d35f14 R09: 000000000000000c
[  285.443431][T20116] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000007
[  285.443460][T20116] R13: 00007f2ae5d35f68 R14: 00007f2ae5d36010 R15: 0000000000000000
[  285.443559][T20116]  </TASK>
[  285.690356][T20112] bridge0: port 1(gretap0) entered blocking state
[  285.697198][T20112] bridge0: port 1(gretap0) entered disabled state
[  285.704127][T20112] gretap0: entered allmulticast mode
[  285.710125][T20112] gretap0: entered promiscuous mode
[  285.762080][T20128] netlink: 132 bytes leftover after parsing attributes in process `syz.1.4425'.
[  285.814118][T20126] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  285.855000][T20146] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8192 sclass=netlink_route_socket pid=20146 comm=syz.3.4430
[  285.960094][T20146] netlink: 'syz.3.4430': attribute type 10 has an invalid length.
[  285.984634][T20146] : (slave dummy0): Enslaving as an active interface with an up link
[  286.109992][T20154] set match dimension is over the limit!
[  286.217178][T20182] batman_adv: batadv0: Adding interface: dummy0
[  286.223566][T20182] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  286.256414][T20182] batman_adv: batadv0: Interface activated: dummy0
[  286.278488][T20184] netlink: 'syz.4.4443': attribute type 8 has an invalid length.
[  286.310047][T20182] batadv0: mtu less than device minimum
[  286.316115][T20182] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  286.326979][T20182] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  286.337584][T20182] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  286.348213][T20182] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  286.358826][T20182] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  286.369583][T20182] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  286.380157][T20182] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  286.391077][T20182] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  286.401786][T20182] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  286.605465][T20214] __nla_validate_parse: 1 callbacks suppressed
[  286.605549][T20214] netlink: 132 bytes leftover after parsing attributes in process `syz.0.4452'.
[  286.621252][T20194] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  286.687426][T20223] loop3: detected capacity change from 0 to 128
[  286.743932][T20223] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  286.751840][T20223] FAT-fs (loop3): Filesystem has been set read-only
[  286.767326][T20232] ref_ctr_offset mismatch. inode: 0x4fd offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  286.769486][T20223] syz.3.4454: attempt to access beyond end of device
[  286.769486][T20223] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  286.811994][T20223] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  286.820056][T20223] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  286.974455][T20253] netlink: 132 bytes leftover after parsing attributes in process `syz.0.4466'.
[  286.991144][T20240] loop1: detected capacity change from 0 to 8192
[  287.013606][   T29] kauditd_printk_skb: 521 callbacks suppressed
[  287.013625][   T29] audit: type=1400 audit(1749007853.118:22105): avc:  denied  { block_suspend } for  pid=20239 comm="syz.1.4462" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  287.069939][T20254] netlink: 'syz.5.4467': attribute type 8 has an invalid length.
[  287.247810][T20289] loop1: detected capacity change from 0 to 128
[  287.249436][   T29] audit: type=1400 audit(1749007853.348:22106): avc:  denied  { read write } for  pid=20288 comm="syz.1.4474" name="loop1" dev="devtmpfs" ino=771 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  287.277579][   T29] audit: type=1400 audit(1749007853.348:22107): avc:  denied  { open } for  pid=20288 comm="syz.1.4474" path="/dev/loop1" dev="devtmpfs" ino=771 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  287.301063][   T29] audit: type=1400 audit(1749007853.348:22108): avc:  denied  { ioctl } for  pid=20288 comm="syz.1.4474" path="/dev/loop1" dev="devtmpfs" ino=771 ioctlcmd=0x4c00 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  287.326019][   T29] audit: type=1400 audit(1749007853.358:22109): avc:  denied  { mounton } for  pid=20288 comm="syz.1.4474" path="/206/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="tmpfs" ino=1110 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  287.374005][   T29] audit: type=1400 audit(1749007853.378:22110): avc:  denied  { create } for  pid=20279 comm="syz.0.4472" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  287.379714][T20297] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4475'.
[  287.396309][   T29] audit: type=1400 audit(1749007853.378:22111): avc:  denied  { bpf } for  pid=20279 comm="syz.0.4472" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  287.424963][   T29] audit: type=1400 audit(1749007853.378:22112): avc:  denied  { prog_load } for  pid=20279 comm="syz.0.4472" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  287.444589][   T29] audit: type=1400 audit(1749007853.428:22113): avc:  denied  { map_create } for  pid=20296 comm="syz.1.4475" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  287.463977][   T29] audit: type=1400 audit(1749007853.428:22114): avc:  denied  { perfmon } for  pid=20296 comm="syz.1.4475" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  287.485814][T20299] netlink: 'syz.1.4476': attribute type 8 has an invalid length.
[  287.761204][T20327] netlink: 132 bytes leftover after parsing attributes in process `syz.5.4485'.
[  287.835106][T20338] netlink: 'syz.4.4491': attribute type 8 has an invalid length.
[  288.173468][T20382] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4504'.
[  288.175375][T20385] loop5: detected capacity change from 0 to 512
[  288.208864][T20385] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  288.222934][T20385] EXT4-fs (loop5): orphan cleanup on readonly fs
[  288.230066][T20385] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.4502: Failed to acquire dquot type 1
[  288.257024][T20385] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.4502: bg 0: block 40: padding at end of block bitmap is not set
[  288.276408][T20394] FAULT_INJECTION: forcing a failure.
[  288.276408][T20394] name failslab, interval 1, probability 0, space 0, times 0
[  288.289171][T20394] CPU: 0 UID: 0 PID: 20394 Comm: syz.1.4509 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(voluntary) 
[  288.289203][T20394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  288.289218][T20394] Call Trace:
[  288.289267][T20394]  <TASK>
[  288.289277][T20394]  __dump_stack+0x1d/0x30
[  288.289304][T20394]  dump_stack_lvl+0xe8/0x140
[  288.289328][T20394]  dump_stack+0x15/0x1b
[  288.289347][T20394]  should_fail_ex+0x265/0x280
[  288.289367][T20394]  ? audit_log_d_path+0x8d/0x150
[  288.289441][T20394]  should_failslab+0x8c/0xb0
[  288.289466][T20394]  __kmalloc_cache_noprof+0x4c/0x320
[  288.289496][T20394]  audit_log_d_path+0x8d/0x150
[  288.289526][T20394]  audit_log_d_path_exe+0x42/0x70
[  288.289688][T20394]  audit_log_task+0x1e9/0x250
[  288.289801][T20394]  audit_seccomp+0x61/0x100
[  288.289895][T20394]  ? __seccomp_filter+0x68c/0x10d0
[  288.289960][T20394]  __seccomp_filter+0x69d/0x10d0
[  288.290026][T20394]  ? do_send_specific+0xf1/0x110
[  288.290064][T20394]  ? __se_sys_rt_tgsigqueueinfo+0x217/0x3c0
[  288.290104][T20394]  __secure_computing+0x82/0x150
[  288.290242][T20394]  syscall_trace_enter+0xcf/0x1e0
[  288.290270][T20394]  do_syscall_64+0xac/0x200
[  288.290305][T20394]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  288.290345][T20394]  ? clear_bhb_loop+0x40/0x90
[  288.290366][T20394]  ? clear_bhb_loop+0x40/0x90
[  288.290390][T20394]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  288.290417][T20394] RIP: 0033:0x7f2c688ad37c
[  288.290463][T20394] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  288.290483][T20394] RSP: 002b:00007f2c66f17030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  288.290507][T20394] RAX: ffffffffffffffda RBX: 00007f2c68ad5fa0 RCX: 00007f2c688ad37c
[  288.290524][T20394] RDX: 000000000000000f RSI: 00007f2c66f170a0 RDI: 0000000000000006
[  288.290540][T20394] RBP: 00007f2c66f17090 R08: 0000000000000000 R09: 0000000000000000
[  288.290556][T20394] R10: 0000200000000140 R11: 0000000000000246 R12: 0000000000000002
[  288.290571][T20394] R13: 0000000000000000 R14: 00007f2c68ad5fa0 R15: 00007fff66cafca8
[  288.290589][T20394]  </TASK>
[  288.515709][T20385] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  288.525707][T20399] netlink: 'syz.3.4510': attribute type 8 has an invalid length.
[  288.535120][T20385] EXT4-fs (loop5): 1 truncate cleaned up
[  288.546815][T20385] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  288.566230][T20397] netlink: 100 bytes leftover after parsing attributes in process `syz.4.4511'.
[  288.576931][T20395] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4497'.
[  288.588822][T20397] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4511'.
[  288.598014][T20397] batman_adv: batadv0: Removing interface: batadv_slave_0
[  288.605823][T20397] batman_adv: batadv0: Removing interface: batadv_slave_1
[  288.751382][T20429] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4518'.
[  288.785566][T20431] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4519'.
[  288.795910][T20431] 8021q: VLANs not supported on vcan0
[  288.860864][T20443] ref_ctr_offset mismatch. inode: 0x537 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  289.008206][T20457] lo speed is unknown, defaulting to 1000
[  289.049976][T19163] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  289.061394][T20462] FAULT_INJECTION: forcing a failure.
[  289.061394][T20462] name failslab, interval 1, probability 0, space 0, times 0
[  289.074353][T20462] CPU: 0 UID: 0 PID: 20462 Comm: syz.1.4529 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(voluntary) 
[  289.074385][T20462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  289.074477][T20462] Call Trace:
[  289.074486][T20462]  <TASK>
[  289.074496][T20462]  __dump_stack+0x1d/0x30
[  289.074522][T20462]  dump_stack_lvl+0xe8/0x140
[  289.074542][T20462]  dump_stack+0x15/0x1b
[  289.074558][T20462]  should_fail_ex+0x265/0x280
[  289.074661][T20462]  should_failslab+0x8c/0xb0
[  289.074763][T20462]  __kmalloc_noprof+0xa5/0x3e0
[  289.074794][T20462]  ? alloc_fair_sched_group+0x28/0x250
[  289.074820][T20462]  alloc_fair_sched_group+0x28/0x250
[  289.074902][T20462]  sched_create_group+0x37/0x80
[  289.074927][T20462]  cpu_cgroup_css_alloc+0xe/0x40
[  289.075011][T20462]  cgroup_apply_control_enable+0x1fd/0xa30
[  289.075038][T20462]  cgroup_apply_control+0x33/0x410
[  289.075071][T20462]  ? __pfx_autoremove_wake_function+0x10/0x10
[  289.075182][T20462]  ? cgroup_kn_lock_live+0x130/0x1e0
[  289.075222][T20462]  cgroup_subtree_control_write+0x7d5/0xb80
[  289.075323][T20462]  ? __pfx_cgroup_subtree_control_write+0x10/0x10
[  289.075361][T20462]  cgroup_file_write+0x194/0x350
[  289.075390][T20462]  ? __pfx_cgroup_file_write+0x10/0x10
[  289.075481][T20462]  kernfs_fop_write_iter+0x1be/0x2d0
[  289.075525][T20462]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  289.075553][T20462]  vfs_write+0x4a0/0x8e0
[  289.075602][T20462]  ksys_write+0xda/0x1a0
[  289.075678][T20462]  __x64_sys_write+0x40/0x50
[  289.075700][T20462]  x64_sys_call+0x2cdd/0x2fb0
[  289.075725][T20462]  do_syscall_64+0xd2/0x200
[  289.075758][T20462]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  289.075790][T20462]  ? clear_bhb_loop+0x40/0x90
[  289.075815][T20462]  ? clear_bhb_loop+0x40/0x90
[  289.075841][T20462]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  289.075874][T20462] RIP: 0033:0x7f2c688ae969
[  289.075962][T20462] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  289.075984][T20462] RSP: 002b:00007f2c66f17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  289.076009][T20462] RAX: ffffffffffffffda RBX: 00007f2c68ad5fa0 RCX: 00007f2c688ae969
[  289.076021][T20462] RDX: 0000000000000005 RSI: 0000200000000140 RDI: 0000000000000005
[  289.076034][T20462] RBP: 00007f2c66f17090 R08: 0000000000000000 R09: 0000000000000000
[  289.076047][T20462] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  289.076059][T20462] R13: 0000000000000000 R14: 00007f2c68ad5fa0 R15: 00007fff66cafca8
[  289.076081][T20462]  </TASK>
[  289.355580][T20457] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  289.364431][T20457] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  289.373205][T20457] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  289.382145][T20457] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  289.459549][T20489] set match dimension is over the limit!
[  289.765026][T20554] FAULT_INJECTION: forcing a failure.
[  289.765026][T20554] name failslab, interval 1, probability 0, space 0, times 0
[  289.777947][T20554] CPU: 0 UID: 0 PID: 20554 Comm: syz.4.4547 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(voluntary) 
[  289.778038][T20554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  289.778053][T20554] Call Trace:
[  289.778062][T20554]  <TASK>
[  289.778072][T20554]  __dump_stack+0x1d/0x30
[  289.778169][T20554]  dump_stack_lvl+0xe8/0x140
[  289.778193][T20554]  dump_stack+0x15/0x1b
[  289.778213][T20554]  should_fail_ex+0x265/0x280
[  289.778239][T20554]  should_failslab+0x8c/0xb0
[  289.778279][T20554]  __kmalloc_noprof+0xa5/0x3e0
[  289.778306][T20554]  ? usb_alloc_urb+0x42/0xc0
[  289.778331][T20554]  usb_alloc_urb+0x42/0xc0
[  289.778354][T20554]  do_proc_control+0x1a8/0x8b0
[  289.778508][T20554]  ? should_fail_ex+0xdb/0x280
[  289.778535][T20554]  proc_control+0x71/0xa0
[  289.778560][T20554]  usbdev_ioctl+0x948/0x1710
[  289.778635][T20554]  ? __pfx_usbdev_ioctl+0x10/0x10
[  289.778661][T20554]  __se_sys_ioctl+0xcb/0x140
[  289.778725][T20554]  __x64_sys_ioctl+0x43/0x50
[  289.778746][T20554]  x64_sys_call+0x19a8/0x2fb0
[  289.778767][T20554]  do_syscall_64+0xd2/0x200
[  289.778796][T20554]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  289.778839][T20554]  ? clear_bhb_loop+0x40/0x90
[  289.778859][T20554]  ? clear_bhb_loop+0x40/0x90
[  289.778885][T20554]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  289.778910][T20554] RIP: 0033:0x7fe3a840e969
[  289.778929][T20554] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  289.779024][T20554] RSP: 002b:00007fe3a6a56038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  289.779048][T20554] RAX: ffffffffffffffda RBX: 00007fe3a8636080 RCX: 00007fe3a840e969
[  289.779065][T20554] RDX: 00002000000000c0 RSI: 00000000c0185500 RDI: 0000000000000009
[  289.779080][T20554] RBP: 00007fe3a6a56090 R08: 0000000000000000 R09: 0000000000000000
[  289.779095][T20554] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  289.779121][T20554] R13: 0000000000000000 R14: 00007fe3a8636080 R15: 00007ffc47b0d998
[  289.779140][T20554]  </TASK>
[  289.993282][T20559] set match dimension is over the limit!
[  290.131852][T20578] ref_ctr_offset mismatch. inode: 0x118 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  290.306025][T20580] ref_ctr_offset mismatch. inode: 0x4fd offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x6
[  290.363324][T20587] loop5: detected capacity change from 0 to 128
[  290.510643][T20605] netlink: 'syz.5.4564': attribute type 13 has an invalid length.
[  290.535795][T20605] gretap0: refused to change device tx_queue_len
[  290.558046][T20605] netlink: 'syz.5.4564': attribute type 2 has an invalid length.
[  290.590412][T20612] ref_ctr_offset mismatch. inode: 0x868 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  290.663161][T20625] netlink: 'syz.4.4570': attribute type 4 has an invalid length.
[  290.718220][T20640] loop3: detected capacity change from 0 to 512
[  290.726473][T20640] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  290.734791][T20640] EXT4-fs (loop3): orphan cleanup on readonly fs
[  290.741670][T20640] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.4574: Failed to acquire dquot type 1
[  290.753919][T20640] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.4574: bg 0: block 40: padding at end of block bitmap is not set
[  290.779055][T20640] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  290.799319][T20640] EXT4-fs (loop3): 1 truncate cleaned up
[  290.805620][T20640] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  291.035023][T20676] ref_ctr_offset mismatch. inode: 0x528 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  291.198808][T20683] FAULT_INJECTION: forcing a failure.
[  291.198808][T20683] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  291.212011][T20683] CPU: 1 UID: 0 PID: 20683 Comm: syz.1.4585 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(voluntary) 
[  291.212045][T20683] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  291.212059][T20683] Call Trace:
[  291.212067][T20683]  <TASK>
[  291.212077][T20683]  __dump_stack+0x1d/0x30
[  291.212102][T20683]  dump_stack_lvl+0xe8/0x140
[  291.212130][T20683]  dump_stack+0x15/0x1b
[  291.212151][T20683]  should_fail_ex+0x265/0x280
[  291.212174][T20683]  should_fail+0xb/0x20
[  291.212194][T20683]  should_fail_usercopy+0x1a/0x20
[  291.212220][T20683]  strncpy_from_user+0x25/0x230
[  291.212247][T20683]  ? kmem_cache_alloc_noprof+0x186/0x310
[  291.212291][T20683]  ? getname_flags+0x80/0x3b0
[  291.212324][T20683]  getname_flags+0xae/0x3b0
[  291.212356][T20683]  __x64_sys_mkdirat+0x40/0x60
[  291.212380][T20683]  x64_sys_call+0x2be0/0x2fb0
[  291.212406][T20683]  do_syscall_64+0xd2/0x200
[  291.212503][T20683]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  291.212552][T20683]  ? clear_bhb_loop+0x40/0x90
[  291.212578][T20683]  ? clear_bhb_loop+0x40/0x90
[  291.212604][T20683]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  291.212676][T20683] RIP: 0033:0x7f2c688ae969
[  291.212691][T20683] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  291.212713][T20683] RSP: 002b:00007f2c66f17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  291.212746][T20683] RAX: ffffffffffffffda RBX: 00007f2c68ad5fa0 RCX: 00007f2c688ae969
[  291.212762][T20683] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: ffffffffffffff9c
[  291.212776][T20683] RBP: 00007f2c66f17090 R08: 0000000000000000 R09: 0000000000000000
[  291.212789][T20683] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  291.212801][T20683] R13: 0000000000000000 R14: 00007f2c68ad5fa0 R15: 00007fff66cafca8
[  291.212821][T20683]  </TASK>
[  291.408604][T20685] netlink: 'syz.5.4586': attribute type 4 has an invalid length.
[  291.482839][T20689] netlink: 'syz.0.4588': attribute type 8 has an invalid length.
[  291.556087][T11382] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  291.588088][T20705] : (slave dummy0): Releasing backup interface
[  291.649627][T20713] FAULT_INJECTION: forcing a failure.
[  291.649627][T20713] name failslab, interval 1, probability 0, space 0, times 0
[  291.662606][T20713] CPU: 0 UID: 0 PID: 20713 Comm: syz.4.4595 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(voluntary) 
[  291.662641][T20713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  291.662656][T20713] Call Trace:
[  291.662717][T20713]  <TASK>
[  291.662725][T20713]  __dump_stack+0x1d/0x30
[  291.662759][T20713]  dump_stack_lvl+0xe8/0x140
[  291.662784][T20713]  dump_stack+0x15/0x1b
[  291.662802][T20713]  should_fail_ex+0x265/0x280
[  291.662946][T20713]  should_failslab+0x8c/0xb0
[  291.662971][T20713]  kmem_cache_alloc_noprof+0x50/0x310
[  291.663002][T20713]  ? security_inode_alloc+0x37/0x100
[  291.663024][T20713]  security_inode_alloc+0x37/0x100
[  291.663048][T20713]  inode_init_always_gfp+0x4b7/0x500
[  291.663155][T20713]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  291.663183][T20713]  alloc_inode+0x58/0x170
[  291.663209][T20713]  new_inode+0x1d/0xe0
[  291.663239][T20713]  shmem_get_inode+0x244/0x750
[  291.663265][T20713]  ? __se_sys_memfd_create+0x1cc/0x590
[  291.663331][T20713]  __shmem_file_setup+0x113/0x210
[  291.663367][T20713]  shmem_file_setup+0x3b/0x50
[  291.663453][T20713]  __se_sys_memfd_create+0x2c3/0x590
[  291.663481][T20713]  __x64_sys_memfd_create+0x31/0x40
[  291.663507][T20713]  x64_sys_call+0x122f/0x2fb0
[  291.663534][T20713]  do_syscall_64+0xd2/0x200
[  291.663592][T20713]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  291.663730][T20713]  ? clear_bhb_loop+0x40/0x90
[  291.663758][T20713]  ? clear_bhb_loop+0x40/0x90
[  291.663785][T20713]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  291.663832][T20713] RIP: 0033:0x7fe3a840e969
[  291.663857][T20713] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  291.663940][T20713] RSP: 002b:00007fe3a6a76e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  291.663981][T20713] RAX: ffffffffffffffda RBX: 00000000000005fd RCX: 00007fe3a840e969
[  291.663995][T20713] RDX: 00007fe3a6a76ef0 RSI: 0000000000000000 RDI: 00007fe3a8491444
[  291.664009][T20713] RBP: 0000200000000c00 R08: 00007fe3a6a76bb7 R09: 00007fe3a6a76e40
[  291.664021][T20713] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000480
[  291.664034][T20713] R13: 00007fe3a6a76ef0 R14: 00007fe3a6a76eb0 R15: 00002000000002c0
[  291.664053][T20713]  </TASK>
[  291.735276][T20711] __nla_validate_parse: 3 callbacks suppressed
[  291.735314][T20711] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4594'.
[  291.916576][T20721] set match dimension is over the limit!
[  291.984038][T20725] x_tables: duplicate entry at hook 1
[  292.006756][T20735] netlink: 'syz.0.4601': attribute type 4 has an invalid length.
[  292.016628][T20737] FAULT_INJECTION: forcing a failure.
[  292.016628][T20737] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  292.029829][T20737] CPU: 1 UID: 0 PID: 20737 Comm: syz.3.4600 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(voluntary) 
[  292.029985][T20737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  292.029999][T20737] Call Trace:
[  292.030007][T20737]  <TASK>
[  292.030016][T20737]  __dump_stack+0x1d/0x30
[  292.030155][T20737]  dump_stack_lvl+0xe8/0x140
[  292.030255][T20737]  dump_stack+0x15/0x1b
[  292.030281][T20737]  should_fail_ex+0x265/0x280
[  292.030303][T20737]  should_fail+0xb/0x20
[  292.030325][T20737]  should_fail_usercopy+0x1a/0x20
[  292.030353][T20737]  _copy_from_iter+0xcf/0xe40
[  292.030408][T20737]  ? __build_skb_around+0x1a0/0x200
[  292.030488][T20737]  ? __alloc_skb+0x223/0x320
[  292.030620][T20737]  netlink_sendmsg+0x471/0x6b0
[  292.030658][T20737]  ? __pfx_netlink_sendmsg+0x10/0x10
[  292.030694][T20737]  __sock_sendmsg+0x142/0x180
[  292.030716][T20737]  ____sys_sendmsg+0x31e/0x4e0
[  292.030777][T20737]  ___sys_sendmsg+0x17b/0x1d0
[  292.030871][T20737]  __x64_sys_sendmsg+0xd4/0x160
[  292.030911][T20737]  x64_sys_call+0x2999/0x2fb0
[  292.030937][T20737]  do_syscall_64+0xd2/0x200
[  292.030970][T20737]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  292.031082][T20737]  ? clear_bhb_loop+0x40/0x90
[  292.031110][T20737]  ? clear_bhb_loop+0x40/0x90
[  292.031137][T20737]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  292.031161][T20737] RIP: 0033:0x7fadecb0e969
[  292.031180][T20737] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  292.031272][T20737] RSP: 002b:00007fadeb177038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  292.031293][T20737] RAX: ffffffffffffffda RBX: 00007fadecd35fa0 RCX: 00007fadecb0e969
[  292.031306][T20737] RDX: 0000000000000840 RSI: 0000200000000280 RDI: 0000000000000003
[  292.031319][T20737] RBP: 00007fadeb177090 R08: 0000000000000000 R09: 0000000000000000
[  292.031360][T20737] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  292.031376][T20737] R13: 0000000000000000 R14: 00007fadecd35fa0 R15: 00007ffda85a7318
[  292.031400][T20737]  </TASK>
[  292.250732][   T29] kauditd_printk_skb: 508 callbacks suppressed
[  292.250784][   T29] audit: type=1400 audit(1749007858.348:22619): avc:  denied  { read } for  pid=20732 comm="syz.4.4602" name="event0" dev="devtmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  292.280804][   T29] audit: type=1400 audit(1749007858.348:22620): avc:  denied  { open } for  pid=20732 comm="syz.4.4602" path="/dev/input/event0" dev="devtmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  292.305400][   T29] audit: type=1400 audit(1749007858.348:22621): avc:  denied  { ioctl } for  pid=20732 comm="syz.4.4602" path="/dev/input/event0" dev="devtmpfs" ino=242 ioctlcmd=0x4592 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  292.356012][T20741] loop3: detected capacity change from 0 to 512
[  292.368390][T20741] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  292.378242][T20741] EXT4-fs (loop3): orphan cleanup on readonly fs
[  292.395488][T20741] Quota error (device loop3): dq_insert_tree: Quota tree root isn't allocated!
[  292.404575][T20741] Quota error (device loop3): qtree_write_dquot: Error -5 occurred while creating quota
[  292.414629][T20741] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.4603: Failed to acquire dquot type 1
[  292.435226][T20741] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.4603: bg 0: block 40: padding at end of block bitmap is not set
[  292.459822][T20741] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  292.479518][T20741] EXT4-fs (loop3): 1 truncate cleaned up
[  292.486133][T20741] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  292.550847][   T29] audit: type=1400 audit(1749007858.648:22622): avc:  denied  { bind } for  pid=20761 comm="syz.4.4609" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  292.570607][   T29] audit: type=1400 audit(1749007858.648:22623): avc:  denied  { name_bind } for  pid=20761 comm="syz.4.4609" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  292.592813][   T29] audit: type=1400 audit(1749007858.648:22624): avc:  denied  { node_bind } for  pid=20761 comm="syz.4.4609" saddr=::1 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1
[  292.657421][   T29] audit: type=1400 audit(1749007858.728:22625): avc:  denied  { connect } for  pid=20761 comm="syz.4.4609" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  292.677287][   T29] audit: type=1400 audit(1749007858.728:22626): avc:  denied  { name_connect } for  pid=20761 comm="syz.4.4609" dest=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  292.860499][T20772] set match dimension is over the limit!
[  292.899400][T20786] netlink: 'syz.5.4617': attribute type 4 has an invalid length.
[  293.029056][T20796] set match dimension is over the limit!
[  293.060955][T20809] ref_ctr_offset mismatch. inode: 0x16b offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  293.160380][T20817] set match dimension is over the limit!
[  293.189763][T20829] netlink: 'syz.0.4634': attribute type 4 has an invalid length.
[  293.211272][T20825] netlink: 'syz.5.4632': attribute type 8 has an invalid length.
[  293.225017][T11382] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  293.444127][T20856] ref_ctr_offset mismatch. inode: 0x589 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  293.685999][T20912] set match dimension is over the limit!
[  293.827178][T20924] set match dimension is over the limit!
[  293.841330][T20938] netlink: 'syz.3.4673': attribute type 8 has an invalid length.
[  293.967359][T20953] set match dimension is over the limit!
[  294.019830][T20966] set match dimension is over the limit!
[  294.214729][T21000] ref_ctr_offset mismatch. inode: 0x74b offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  294.396927][T21025] netlink: 'syz.3.4705': attribute type 8 has an invalid length.
[  294.575613][T21045] set_match_v0_checkentry: 1 callbacks suppressed
[  294.575633][T21045] set match dimension is over the limit!
[  294.770507][T21081] netlink: 'syz.3.4726': attribute type 8 has an invalid length.
[  294.818379][T21081] syzkaller0: entered promiscuous mode
[  294.823981][T21081] syzkaller0: entered allmulticast mode
[  294.873337][T21094] set match dimension is over the limit!
[  294.879891][T21096] netlink: 'syz.0.4730': attribute type 8 has an invalid length.
[  294.937692][T21096] syzkaller0: entered promiscuous mode
[  294.943359][T21096] syzkaller0: entered allmulticast mode
[  295.141205][T21124] set match dimension is over the limit!
[  295.310734][T21140] loop3: detected capacity change from 0 to 512
[  295.317429][T21140] journal_path: Non-blockdev passed as './file2'
[  295.324020][T21140] EXT4-fs: error: could not find journal device path
[  295.353449][T21142] netlink: 'syz.4.4745': attribute type 4 has an invalid length.
[  295.449203][T21156] set match dimension is over the limit!
[  295.538897][T21164] set match dimension is over the limit!
[  295.708347][T21193] netlink: 'syz.0.4764': attribute type 4 has an invalid length.
[  295.735697][T21189] set match dimension is over the limit!
[  295.785753][T21187] syzkaller0: entered promiscuous mode
[  295.791292][T21187] syzkaller0: entered allmulticast mode
[  295.918666][T21213] ref_ctr_offset mismatch. inode: 0x78c offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  296.197771][T21251] ref_ctr_offset mismatch. inode: 0x7bd offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  296.276469][T21260] set match dimension is over the limit!
[  296.293132][T21261] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4790'.
[  296.293278][T21264] netlink: 'syz.1.4791': attribute type 4 has an invalid length.
[  296.362278][T21275] loop3: detected capacity change from 0 to 512
[  296.369141][T21275] journal_path: Non-blockdev passed as './file2'
[  296.375566][T21275] EXT4-fs: error: could not find journal device path
[  296.617720][T21315] syzkaller0: entered promiscuous mode
[  296.623288][T21315] syzkaller0: entered allmulticast mode
[  296.790764][T21340] set match dimension is over the limit!
[  296.876134][T21356] ref_ctr_offset mismatch. inode: 0x6c1 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  297.273477][T21430] xt_connbytes: Forcing CT accounting to be enabled
[  297.316101][T21430] set match dimension is over the limit!
[  297.363503][   T29] kauditd_printk_skb: 234 callbacks suppressed
[  297.363520][   T29] audit: type=1326 audit(1749007863.458:22861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21434 comm="syz.1.4851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c688ae969 code=0x7ffc0000
[  297.393559][   T29] audit: type=1326 audit(1749007863.458:22862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21434 comm="syz.1.4851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c688ae969 code=0x7ffc0000
[  297.417241][   T29] audit: type=1326 audit(1749007863.458:22863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21434 comm="syz.1.4851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f2c688ae969 code=0x7ffc0000
[  297.440983][   T29] audit: type=1326 audit(1749007863.458:22864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21434 comm="syz.1.4851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c688ae969 code=0x7ffc0000
[  297.464655][   T29] audit: type=1326 audit(1749007863.458:22865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21434 comm="syz.1.4851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c688ae969 code=0x7ffc0000
[  297.488269][   T29] audit: type=1326 audit(1749007863.458:22866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21434 comm="syz.1.4851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f2c688ae969 code=0x7ffc0000
[  297.512056][   T29] audit: type=1326 audit(1749007863.458:22867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21434 comm="syz.1.4851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c688ae969 code=0x7ffc0000
[  297.535657][   T29] audit: type=1326 audit(1749007863.458:22868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21434 comm="syz.1.4851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c688ae969 code=0x7ffc0000
[  297.559278][   T29] audit: type=1326 audit(1749007863.458:22869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21434 comm="syz.1.4851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7f2c688ae969 code=0x7ffc0000
[  297.583141][   T29] audit: type=1326 audit(1749007863.458:22870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21434 comm="syz.1.4851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c688ae969 code=0x7ffc0000
[  297.870551][T21421] net_ratelimit: 11 callbacks suppressed
[  297.870574][T21421] Set syz1 is full, maxelem 65536 reached
[  298.039452][T21468] validate_nla: 6 callbacks suppressed
[  298.039470][T21468] netlink: 'syz.4.4861': attribute type 4 has an invalid length.
[  298.078150][T21473] loop3: detected capacity change from 0 to 512
[  298.085056][T21475] ref_ctr_offset mismatch. inode: 0x1e1 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  298.098353][T21473] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  298.106446][T21473] EXT4-fs (loop3): orphan cleanup on readonly fs
[  298.114286][T21473] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.4864: Failed to acquire dquot type 1
[  298.126399][T21473] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.4864: bg 0: block 40: padding at end of block bitmap is not set
[  298.141703][T21473] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  298.151016][T21473] EXT4-fs (loop3): 1 truncate cleaned up
[  298.162239][T21473] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  298.190866][T21484] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 6a:4b:e4:2a:53:62
[  298.248227][T21491] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4870'.
[  298.281388][T21493] set match dimension is over the limit!
[  298.328411][T21500] ref_ctr_offset mismatch. inode: 0x853 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  298.355010][T21507] netlink: 'syz.4.4876': attribute type 4 has an invalid length.
[  298.423428][T21513] ref_ctr_offset mismatch. inode: 0x1f6 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  298.592964][T21541] netlink: 'syz.0.4890': attribute type 4 has an invalid length.
[  298.705643][T21556] ref_ctr_offset mismatch. inode: 0x868 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  298.888499][T21586] netlink: 'syz.5.4907': attribute type 4 has an invalid length.
[  298.956618][T11382] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  298.974190][T21592] ref_ctr_offset mismatch. inode: 0x66b offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  299.002380][T21599] loop3: detected capacity change from 0 to 1024
[  299.014836][T21599] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  299.059284][T11382] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  299.209513][T21628] syzkaller0: entered promiscuous mode
[  299.215097][T21628] syzkaller0: entered allmulticast mode
[  299.270841][T21639] netlink: 'syz.3.4925': attribute type 4 has an invalid length.
[  299.425430][T21654] ref_ctr_offset mismatch. inode: 0x96e offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  299.563829][T21680] netlink: 'syz.1.4939': attribute type 4 has an invalid length.
[  299.605399][T21684] loop5: detected capacity change from 0 to 1024
[  299.614934][T21674] set_match_v0_checkentry: 4 callbacks suppressed
[  299.614950][T21674] set match dimension is over the limit!
[  299.635558][T21685] ==================================================================
[  299.643774][T21685] BUG: KCSAN: data-race in getrusage / vms_clear_ptes
[  299.650564][T21685] 
[  299.652893][T21685] write to 0xffff888109c5f430 of 8 bytes by task 21674 on cpu 0:
[  299.660614][T21685]  vms_clear_ptes+0x18f/0x2d0
[  299.665311][T21685]  vms_complete_munmap_vmas+0x159/0x440
[  299.671047][T21685]  do_vmi_align_munmap+0x383/0x3d0
[  299.676179][T21685]  do_vmi_munmap+0x1db/0x220
[  299.680782][T21685]  __vm_munmap+0x1a1/0x280
[  299.685241][T21685]  __x64_sys_munmap+0x36/0x50
[  299.689928][T21685]  x64_sys_call+0xa65/0x2fb0
[  299.694533][T21685]  do_syscall_64+0xd2/0x200
[  299.699057][T21685]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  299.704969][T21685] 
[  299.707297][T21685] read to 0xffff888109c5f430 of 8 bytes by task 21685 on cpu 1:
[  299.714943][T21685]  getrusage+0xa52/0xbb0
[  299.719200][T21685]  io_sq_thread+0x5dd/0x1110
[  299.723905][T21685]  ret_from_fork+0xda/0x150
[  299.728425][T21685]  ret_from_fork_asm+0x1a/0x30
[  299.733230][T21685] 
[  299.735558][T21685] value changed: 0x00000000000014ea -> 0x00000000000016b4
[  299.742755][T21685] 
[  299.745081][T21685] Reported by Kernel Concurrency Sanitizer on:
[  299.751327][T21685] CPU: 1 UID: 0 PID: 21685 Comm: iou-sqp-21674 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(voluntary) 
[  299.763832][T21685] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  299.773896][T21685] ==================================================================
[  299.796482][T21684] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  299.820097][T19163] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.