last executing test programs:

8m3.0160637s ago: executing program 3 (id=516):
socket$inet_udplite(0x2, 0x2, 0x88) (async)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, &(0x7f0000000000)={0x7, 0xfff, 0x9, 0x1}, 0x8)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000300)={'vxcan1\x00', <r1=>0x0})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff})
pipe(&(0x7f00000001c0)) (async)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(r2, 0x0, r3, 0x0, 0x7, 0x9) (async)
splice(r2, 0x0, r3, 0x0, 0x7, 0x9)
socket$inet_sctp(0x2, 0x5, 0x84) (async)
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f0000000140)={0x1, [<r6=>0x0]}, &(0x7f0000000240)=0x8)
r7 = socket$igmp(0x2, 0x3, 0x2)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x3000005, 0x31, 0xffffffffffffffff, 0x0)
setsockopt$MRT_ADD_MFC(r7, 0x0, 0xcc, &(0x7f0000000400)={@broadcast, @empty, 0x1, "7d1f88f80bbe8d286c57f04c843abbec3737db4a9d77a557438242a50a4dad20", 0xaa4, 0x3, 0x3, 0x1}, 0x3c)
setsockopt$MRT_ADD_MFC(r7, 0x0, 0xcc, &(0x7f0000000040)={@broadcast, @multicast1, 0x1, "3dab2026179e3f9e94f795c462aef6c3ea5725a79a084ad573851312355a1302", 0xff, 0x3, 0x6, 0x2}, 0x3c)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r8=>0xffffffffffffffff})
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
splice(r8, 0x0, r9, 0x0, 0xfffffffffffffff7, 0x6)
getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r4, 0x84, 0x66, &(0x7f0000000040)={r6, 0x81}, &(0x7f0000000080)=0x8)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r3, 0x84, 0x7c, &(0x7f0000000340)={r6, 0xff, 0x5}, 0x8)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000001c0)={'syztnl1\x00', &(0x7f0000000140)={'ip6gre0\x00', r1, 0x2, 0xbf, 0x7, 0x0, 0x10, @empty, @mcast2, 0x20, 0x1e, 0xd0, 0x2}}) (async)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000001c0)={'syztnl1\x00', &(0x7f0000000140)={'ip6gre0\x00', <r10=>r1, 0x2, 0xbf, 0x7, 0x0, 0x10, @empty, @mcast2, 0x20, 0x1e, 0xd0, 0x2}})
syz_mount_image$iso9660(&(0x7f0000000500), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000080), 0x1, 0x535, &(0x7f0000000fc0)="$eJzs3d9v01YbwPHHpYUqvC969W6qUFXgUDapSCU4KRRFXHnOSXrAsSPbQe0VqmiLKlKYKJPW3iBuGJO2P4Lb/Q/bf8T97jrZTtr0V9wfQLrq+4ngnNiPfR6byA9uY1sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBYbtW2S5Z4xm/Nq8O51TBo9JnfXd/tXU2fcUWs5I+MjsrVbNLVb3dmjyV/TcpE9m5CRpNmVDYvj/3v4TfDQ93l+yT0VaxvbL5YbLeXXw86kQGpa99EgWk4da1MFKjK7Kx9d64WqZrxdLQQxbqh3FA7cRCqKfe2KlUqM0oXF4KWX686nu5OfHCnbNuz6lGxqZ0wCvy7j4qRO2c8z/j1NCaZncQ8SD6Ij02sYu00lFpZbS/P5CWZBJWOElTOCyrb5XKpVC6XZu9X7j+w7eF9E+w9ZF/E4D+0GKzPfAQHTm6oU//FEyO+tGRe1IEvV6oSSnCxu+De+R3d+v/9Xd133N76363yV3dmj0ta/69n764fVv8PyfUIr7+3RF1Men8esj1He63LhmzKC1mUtrRlWV6fPKN/5asuWnwxEkkgRhripFNUOmXrbbZnZ8WWpzInNYlESU2MeKIlkgWJJBYtjfTTFYoWR2IJJBQlU+LKbVFSkopUZEaUaCnKggTSEl/qUhUnXcuKrKb7faZPjttBpaMElXsn/3f3p536j9M79TEb+Fy2uvUfAAAAAACcW1b60/fk/H9ErqW9mvG0Pei0AAAAAADAZ5T+5n8iaUaS3jWxOP8HAAAAAOC8sdJr7CwRKciNrNe9EoofAgAAAAAAcE6kv/+/njSFpHdDrP7n/5e+doIAAAAAAODUPuTeYz9qXrL+SuaNWO+a899Za04S56xdyJa7sHeNcW3cutJZSdrMDm9l3uoJ6z9Z0PZNMD91mpW8PKww7CYwdOwEOu/kN7mZxdxcytql7pxslELNeLroBt7DkjjOlaFYz8c/vVz9WSQZ/Ve/ccWSldX2cvHZq/ZSmsu7ZC3v1jo3UNx3H8U+ubxJ77eQXnNx4BaPpBdidMYtZOPavf8AQ9niQ8cY871MZjGThawt7N7+0WTMUvGwre9kUTrllr+XW1nMralbWbN5eWx0e8ksi3JeFuXeLE60Lw7IYu++mMnLYuaUWQDAoKzkVCFLduruyevOcar78f97sXNEn8pipsbTA+vw+AFHdDvviG6fsrr9se8ZSIfV2GTc3/dU1Y/JAh/TcT8cMG7kla1kF154s/ajjK1vbN5ZXVt8vvx8+WW5PDNr37Pt+2UZSTej01B7AAAHyH/GTm6EdS/nrPr/218pKMozeSVtWZLp9GqD9BsHB6610PM1hOmcs9ZCzxNepnPO6go9D3o5Quyj7uNlAAA4TyZz6vBR6v90znn37lre/+y4t5YDAIAvQ4efrEL8ixWGpvm0VKmUnHhOqzBwH6vQVOtaGT/WoTvn+HWtmmEQB27gJZ0npqojFbWazSCMVS0IVTOIzHz65HfVefR7pBuOHxs3anraibRyAz923FhVTeSqZusHz0RzOkwXjpraNTXjOrEJfBUFrdDVRaUirXsCTVX7samZpOurZmgaTrigngReq6FVVUduaJpxkK2wO5bxa0HYSFdbHPTOBgDgjFjf2Hyx2G4vv/6CnUFvIwAA2I0qDQAAAAAAAAAAAAAAAAAAAADA2fc1rv+jM6COJZacgTTodDuX5EykcaTOoI9MAL60fwIAAP//36JZiA==") (async)
syz_mount_image$iso9660(&(0x7f0000000500), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000080), 0x1, 0x535, &(0x7f0000000fc0)="$eJzs3d9v01YbwPHHpYUqvC969W6qUFXgUDapSCU4KRRFXHnOSXrAsSPbQe0VqmiLKlKYKJPW3iBuGJO2P4Lb/Q/bf8T97jrZTtr0V9wfQLrq+4ngnNiPfR6byA9uY1sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBYbtW2S5Z4xm/Nq8O51TBo9JnfXd/tXU2fcUWs5I+MjsrVbNLVb3dmjyV/TcpE9m5CRpNmVDYvj/3v4TfDQ93l+yT0VaxvbL5YbLeXXw86kQGpa99EgWk4da1MFKjK7Kx9d64WqZrxdLQQxbqh3FA7cRCqKfe2KlUqM0oXF4KWX686nu5OfHCnbNuz6lGxqZ0wCvy7j4qRO2c8z/j1NCaZncQ8SD6Ij02sYu00lFpZbS/P5CWZBJWOElTOCyrb5XKpVC6XZu9X7j+w7eF9E+w9ZF/E4D+0GKzPfAQHTm6oU//FEyO+tGRe1IEvV6oSSnCxu+De+R3d+v/9Xd133N76363yV3dmj0ta/69n764fVv8PyfUIr7+3RF1Men8esj1He63LhmzKC1mUtrRlWV6fPKN/5asuWnwxEkkgRhripFNUOmXrbbZnZ8WWpzInNYlESU2MeKIlkgWJJBYtjfTTFYoWR2IJJBQlU+LKbVFSkopUZEaUaCnKggTSEl/qUhUnXcuKrKb7faZPjttBpaMElXsn/3f3p536j9M79TEb+Fy2uvUfAAAAAACcW1b60/fk/H9ErqW9mvG0Pei0AAAAAADAZ5T+5n8iaUaS3jWxOP8HAAAAAOC8sdJr7CwRKciNrNe9EoofAgAAAAAAcE6kv/+/njSFpHdDrP7n/5e+doIAAAAAAODUPuTeYz9qXrL+SuaNWO+a899Za04S56xdyJa7sHeNcW3cutJZSdrMDm9l3uoJ6z9Z0PZNMD91mpW8PKww7CYwdOwEOu/kN7mZxdxcytql7pxslELNeLroBt7DkjjOlaFYz8c/vVz9WSQZ/Ve/ccWSldX2cvHZq/ZSmsu7ZC3v1jo3UNx3H8U+ubxJ77eQXnNx4BaPpBdidMYtZOPavf8AQ9niQ8cY871MZjGThawt7N7+0WTMUvGwre9kUTrllr+XW1nMralbWbN5eWx0e8ksi3JeFuXeLE60Lw7IYu++mMnLYuaUWQDAoKzkVCFLduruyevOcar78f97sXNEn8pipsbTA+vw+AFHdDvviG6fsrr9se8ZSIfV2GTc3/dU1Y/JAh/TcT8cMG7kla1kF154s/ajjK1vbN5ZXVt8vvx8+WW5PDNr37Pt+2UZSTej01B7AAAHyH/GTm6EdS/nrPr/218pKMozeSVtWZLp9GqD9BsHB6610PM1hOmcs9ZCzxNepnPO6go9D3o5Quyj7uNlAAA4TyZz6vBR6v90znn37lre/+y4t5YDAIAvQ4efrEL8ixWGpvm0VKmUnHhOqzBwH6vQVOtaGT/WoTvn+HWtmmEQB27gJZ0npqojFbWazSCMVS0IVTOIzHz65HfVefR7pBuOHxs3anraibRyAz923FhVTeSqZusHz0RzOkwXjpraNTXjOrEJfBUFrdDVRaUirXsCTVX7samZpOurZmgaTrigngReq6FVVUduaJpxkK2wO5bxa0HYSFdbHPTOBgDgjFjf2Hyx2G4vv/6CnUFvIwAA2I0qDQAAAAAAAAAAAAAAAAAAAADA2fc1rv+jM6COJZacgTTodDuX5EykcaTOoI9MAL60fwIAAP//36JZiA==")
sendmmsg$inet(r0, &(0x7f0000000280)=[{{&(0x7f0000000580)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, 0x0, 0x0, &(0x7f0000000a00)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x4}}, @ip_tos_int={{0x14, 0x0, 0x1, 0xfffeffff}}], 0x30}}, {{&(0x7f0000000040)={0x2, 0x4e20, @multicast2}, 0x10, &(0x7f0000000100)=[{&(0x7f0000000a40)="8b69e73a815d191e6e6e1afcaa8b3b07d0af9c0a455f27a5fbded1342fefab4f39393b87967424f472dfbdc0afbf70e368424f16d2eba46bc53395fd6cb7e298290614decd782cdf392541df262c4f1e0e4e0fd84737b412fc15668f620e1da4e97c2d53d478e18c04e19faf5777bd84334e938a5846d33e91d0c49abc2dd4713030c3fa65ad5cb3f067cbf9d721a26b555b413212e9df3279720b2257b1de7fe716c6c49a4e10b39ddcb19d061474f73abf49b7ff4af98e560eb82b429a0b799d55b5ba9cdeea8ade1374f1cf94f84ab604e3e45423edaaf0103707180bf18b6fad255016a558148506df423dd74e9eb7e2c7b6f39ce23a099baacb8007e5433cc7e2ead3e2447037b1c2cb9abe52a90623b912bdf2fd5762fcd9a4c60da2e18c395d92eb5a91caf84fa666913cd7424521125ab3e177979baf27adf840ffd1fddea6c168f8e709ad079a3b6f2096436cf4a4ca0a46db2dcd60205fc6e49de6f30b746c19218dba3559436fa92d124944dc6d1b28f248b319c93d086e55a6bedfb22cbc65dd280894c87abbbc0c3e654cf355c3a0d5a22a4fe9592dd5063f42e141c1cb66d89a0b78aed7c55449e3f1d2df9c34fbf27a2aeb2685fa82ed2d3a9930032c73abd76b08b9003b4d9877b539b1e6ce8dce02db7e38fb056a59d809d78ba0b5459ccc99e6d5cd3f7144b57d8f53f3c24053a1f2a546c8246399bf8c18d681201a3cb033d6e6554353e187e93959ff6f4aa9cc4fc300f7dc20fed3a58df05692a375ce2a7b2481c9834897501258934815c1b11d1fb6e4c444d5375f450a51f8333fd74f70e679a829d6f127f38eca3dcecf4f5db829a7af30a35121ad532e252723644a9ce75dcaea02ec6e959015b9cc40c78998078d725e557c4c828063038f4de6ba92d68aedc8df390f002ec8ffa70a48ed3c29c5e7729ea5676c61d1233ccdb4dc4f90c87f5a24244d91f11a08031beb9720de3e39d472eecc6e003371acdc7e7f0b8ad5dd713f7161892dbb5b7246e9683bcc53bd682109a8e6fcac4b7ce982f2434a32d2270dc42e6418beb29f24cf450cf2f825f150c49d9456178d1051073ece56e4ce39d891fa4c628d816b13cb06428e1198de5e5b243eee139b4e3433ab6337f1c67118488aa970d4abb6911fbe3bb32c99d474d306fd37a9a9ee6ed63624fef8229c9373ef420dc044951679e0eb1bb2fab00e1a2deed5799d20123f860e7bf4426d824c58456766ec18257bc746758c24d88de378a7f32301145d0bbfd83e6d1faf3697c16d95db17e406e4826ab984832dc7b037eda7f031f88f14f5f5d664350709e2115c112cdb6918fb823d70f08f64f80b1759055d332a90d520f0644de867e6bb32a9db1b5b64f49098494993443218fd5013b5e921389a4f7d30b58710caa687569b3bc04c201f14d1db9d7807d86650a66f25e4258b3a2f47f4e3b84c6ed442967d318a13808b7bf265545067bc66132a2b508e002c427ed3bf42ca5f30551494d625bda06a5010b2e45e3d5c1f49221f1649261a47822b069409f39ede8af1635af0fae9fc8f607b7ded225cbc5b208cc5c42ddb81454950c7415e06dc37f75386ee45c346ec620387055814414128da489cf90a61e74ff6ebc73e0f6c70ddf5d13a3c38c2c57b2a76bd03b2f5e696ddccbf8d0e56bc565568e362ad591eeea4c6b7e4bf0147edcd1f9d8694d8592b90658b3754fece62976a9a3bdb925166a1a86fbf2a74f11a6e287ed7ac3de3333eb30ddeaaa84aaf226fd4365c236c27fe7fdcb5912c81888ca6f69cfaae6f0ef4b86c5ffd19d5fb6462a41dd22cfcb4e197892ee74077d15025331d8cbe5da1b096b0a336f0fe0a877d3b31c2a72dc89c58e7ac014716abba9f130032803afdfb918270398aec4254fc1630646ae4778738d4fcc63f16c837f98c2ee4eea22885b9727e0a3b04ce2fd262bc5c354d556def534698ef4d4c8bdfd8d93d65375c36429a8993f87998c53b79ccc92d89cbd24b1d47af9c81a68baa186113843f77da2d7ae42aa698fc9f296fe09f4569d5d8ea8d032324d09c41701bde12bb734bdd7a3f5504d241cdfb4813dff31624b170f7cb7750797a95a80cf6be146876ca0e95cb70d3877fb0f3ad959e86e2d5a5a0d38e24c3b18dcc1adbf3576323d4a315a5700dad2141767d620a2ba40491806b06e447c915145738d4523381ca37140de7f5bc58781598c2b5731b84737a904a8cb20c072b809753d1117f64daa57edb524108e59b9793dc702723cad90890983751cf91589ebe1ef1741d09cbba8ae7ac1cf988006f5dbc1bb1d99db93039a5b64386fe95b7f7348423ca78c3487881bd7e5472db6e200ccea9380a927acb335bff3bf4e3092b7c2479d5eb124fa9e11c71378f32c7883b949db63f9d75a3d2cb2864e1ba07147a8d4ccb9dfb66f69b9c186885686e216482cf22ba4ab3c7d2cbbf029bf134445401a12821353ffef90df1d6d938c97181704b062a84456b9b48d104329903aa26b0b047936c78b2725f619c7b7f07e235fe3ea0b18211786acd89300ff40e0e961ae89e03fd2f22e5f63d38469777acc2d30f2dc5d331d9bc7da71f30499284c0418c205968a6b843586b5cb552dba20627076da2d001a3feb707d23566242339d20d22d239e8fc4805964ee866530221c20e474a057f9c2270db033a00d2c083f0383d98fa5be1d056597a76fda03e746fb5e671a58be4d068697f9c898728c01fcedcb84490755cb5cc38c6e1265d289255de40d08ad6e1b6193877a5fafe81c7c282a5e2c5fb5c454a329fe58937e6dc49a801ea50d3e5efe2b158d2b5fa003d5c0c87f1a6e9096d5552fb1589fa80cdcd6a56aa0011491654a0725bde541b9ad25e8b6afc2099162cfcaacb96a2d396914f8dfc42519d006384c14b1c495351dc505c25cdeef2a9228e0250c20a57a9fadcb527aea019b16e8eb1c02d20b8b99124963b9d3f6e88ed7ba7b0fa853155df13022e0e468cd17c2e0d421ff57ef97f6b90767416486ec5b4f476dda18644fdb12664b953022d4c5f64fdbe8cd774f69012821a8d84172d347c50989575f70cbdb0128aa66d826260a5f794f41086ee1ac01624663612714e1b331c6398e84399b6c1d429acae845d9064a0444f9db05ea9fa5a7183feb0a138e703b71a32a15f3cd51c6bb2a0cb48c856dcbdbb0aa6c16b4963d2916443558cc6f3c1c8a975669e01bdd94508a849360441051ff9a3b97da554e22dbb4ee3d339e319e8b95012fc010dceecc17b0db6b2df10301f622e4af4f2deeeb569e9ed2f6c80cc2273969a10eca0bab1acbd7f3795170bf8d21b11f526a8ad0a8748c67a31ae9103bfbca8dca73988408c2014aa5b2136e19d727f7be181a6ee6ef7ae152555f4bc9a31eda2efdfe3d29ed5a9028473bc6fe301ae56869f4a406693f7dca9805fe7a2bc63445bd70a2b375e7e0ed458d60217652556cbcefed8df17b381999b1c18f391ebc2b9221e3ee5a6b53f575636a50a15d29ebd1d2e42fd6dc4e467c1075ee5fb6329977de25f02eaa20ba787a7526f395a97b6edc10b1a41466895512c70f01867f62d343afbe3e0de14eeb3e197852eaa2f761a8f11416e2a5d62699874d7e489077c369946f3c689cd3865e1ab3cf5f4c2fc6a1337f41bf33fe9c6ed79c763199bc8d8cdd166c1bba3296dbd282efb8840f9f60d0f04a7d2093215e5d96228c6120670bf02abfaa3a5cf4d4863624b27a5fd414fb43c37ebaa4d2eb7c7312b6fc2cd7e810a732f43ca5f79a6d00df757bb90e1880661a1256b0cdc1cb74b99295df69f50b8cf175425fd623af10b38f80183c95ff8a6de0f789305aeb5151a94349d58a07a06ed5ad27618959b8384085fd90291e4f3d91d92e0dd9a345731798cf2c04b7ba2616b83713f35fdeff77d7db71b9510937e3a3aa01d7eb310204ce53e236f246cc039db5ca6d71b8bb02e8b5d6446ab4afe13fb77879c24303bef7f5823c8146fd2d3caa1b10649d280dee47900344ae82cad8d845297820b78cb112dae0adf80bd71cffda4d0943b32ac7c6d593c1127f387ae64f216338fcdfc461a3fffb5583bac140f510e8993dfce1bf5342c0de67e3387beb70799755e4c3574ea03cbc2f3e9cbbb7d4e1af57c1f62a0bc33eaf3605eb04b2b9b1a67a707445b4b9335c3e1d8bb8318d4eed35d8e4f05a3aad801969286d38e66f9aeb414a03a0c0aeb18bb886a9ac9e74b28959675b544460e72b50280276ad52fcd7126f73ebdd530b99cdba1059d4d7d350587ff2b3c01b10e9a3d1404d026d7ba523cd854c147cc6f118c0e92761f9518357618b33cfc4f3c1f41d27679becbac7673e8ae7ba32b52ff3d6b51ae2ca73a03daad9c8765c58134b73b8ba910ec4436aa76615b5f37348a3755142ca507bc651082feefba2520c62507202a15c0aca229dab0a8551ff10607766246899c613afc7360a951412483980e7da7c5e66d1ce74a518f7a1fd46f4c6ceca063438f6a20489f8721f8e6b533d292a8f7167d0e18e73a6e8d9aabaf04881d0954ca15f0e8013a685a98dc96ea0ad168f237179a7094c0c4a655d2a43b62d31cf2c845d55912e18ac146230466d59952901876985763f3364eb93db67f62f9cd3be226242cb7d9c7c336d1df08e87d225498165e637d9f7cf5d1c963bf3a773ec23110b254c0a2b4baedab7e8a2014402c35b0ac6a137053b7033c96f1b8eb0c14414fb5d54dea3f5f96046f911e49ebe284d8b48fcc6de7020827edb7287ac1a7ffe4c1b46191f76cf3b56fc4d77293dfb527094b4fa56e1327e55aa282adf845a071da2e863ef6539f1e05017ffdfe6bbad850b9559629bdc013f74d39c084f198674c00604b86d9634c81fdd1bf84226ebc5b7c4ef7aa66a1b558853077623c3249298a85417680b48e335e697a343ce397123602403a1eb2d389abf95bdff18517e5b565c8ecd28cd4062cfa1adab66826910acdfce55583390cd02152e76c869596faf81f2720421a9c67cb8d95e7a3892e6888026cfd8718a99a8b00521128f6a4ae68214954f6675ce993c9dd3870e625528eccaca0d2a933e925e9fb8c55ca46221f58b6622ab83f171823c03be2b376ac140ac06f1933e01197bc966917895fb4ba096f9811a26501bcf9a0996151209a0923d8c4db05427e574e9228f8eb9d21fe8ba2bd4f46272d18fb6bc3f216e5c3dc02e122a69f5c71522d2aa5a6bdb3fd56dcfcef3ff5cb32d9e3d07036ce11c262bcabbe0eee83d711fd648bdfd4cddd7a3db1cf8767db5fa65a8c23e9d572033b2e969672ba96a9c0af04d19d1d948696ac927b42356b9728a121c65ea1fe3007f5430ca6fc2073189a7d1e46d347d9aa551ddd3b396ddf62ca49fde994ad7e3467adc2cbf21e2585d4e25ffd93712fa3f15c04da1e02b46bf4f28928c266396e2dc79f269ba3bebdb0bba57d453f3734188df3c3d70f0982787a1403ed21a91556a670a0e138a111e65fa26207df2d85dccef640f83bc88fb9112f8076eddd5436fe406274629f79fabbd2a913a6e03cbdddc66f5a8f6293987ac7d8a555b1925243a5fae638df182410ad13a7ec32ae1b61782715317bba3e0fae7d5b4c7f6b3dde05162cacf3ad9a8acf54f88372545a289e737eb35b4aa5dc1ab2e81f1c83e950d8b5e2095e0d9ea02c95c404f842328136b578bc15a7be1abeaaeed7e91dbf6a528f3a83a558ad93ba2daaa25f7b8ecea75828f9f1329dbdecdaa14f95d054bcbe9293bf9d57c5077c46131f33bfabe761", 0x1000}, {&(0x7f0000000080)="879fba11c6f60fca746fdd0f0fd863c9fc0f4be578a10d78cc025aff54732cc79dd8986623cc0e500d33196d102dd0a7305c6ae400aa99e71ac93d76e98a3c48032fa6ce022c906f6830f2d9560fea93", 0x50}], 0x2, &(0x7f0000000200)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x9}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x7}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x2}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r10, @broadcast, @broadcast}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x7}}], 0x80}}], 0x2, 0x881c)

8m2.872237214s ago: executing program 3 (id=517):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
r2 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0)
write$selinux_attr(r2, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)

8m2.832903698s ago: executing program 3 (id=519):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x45, '\x00', 0x0, @fallback=0x31}, 0x94)
r0 = open_tree(0xffffffffffffffff, &(0x7f0000000680)='./file1\x00', 0x80100)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000400)=[{0x200000000006, 0x0, 0x7, 0x7ffc1ffb}]})
sendmmsg$inet6(0xffffffffffffffff, &(0x7f00000008c0)=[{{&(0x7f0000000000)={0xa, 0x4e1f, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x1}, 0x1c, &(0x7f0000001780)=[{&(0x7f0000000040)}], 0x1}}], 0x1, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x1d, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = syz_io_uring_setup(0x49a, &(0x7f0000000400)={0x0, 0x79af, 0x3180, 0x8000, 0x400246}, &(0x7f0000000340)=<r3=>0x0, &(0x7f00000006c0)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_MSG_RING={0x28, 0x0, 0x0, r2, 0x1, 0x0, 0x0, 0x2})
io_uring_enter(r2, 0x4c6e, 0xc67a, 0xc, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={0x0, r1}, 0x18)
personality(0x400000b)
select(0x40, &(0x7f0000000000)={0x9, 0x7, 0xffff, 0x0, 0x0, 0x1000}, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x2})
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000006c59850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000000)='kfree\x00', r5}, 0x18)
lsm_get_self_attr(0x64, &(0x7f0000000040), &(0x7f0000000000)=0x101, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000640)={<r6=>0x0, @private, @broadcast}, &(0x7f0000000780)=0xc)
newfstatat(0xffffffffffffff9c, &(0x7f00000007c0)='./file1\x00', &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, <r7=>0x0}, 0x400)
setsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000009c0)={{{@in=@multicast2, @in6=@empty, 0x4e22, 0x3, 0x4e24, 0x800, 0xa, 0x0, 0x20, 0x5c, r6, r7}, {0xcf, 0x6, 0x5, 0x8, 0x7, 0x5, 0x7fffffff, 0x3}, {0x10001, 0xfffffffffffffffd, 0x6357, 0x209ab595}, 0xe4, 0x6e6bb5, 0x2, 0x0, 0x2, 0x2}, {{@in=@multicast2, 0x4d4, 0x6c}, 0x5, @in=@empty, 0x3504, 0x1, 0x3, 0xb, 0x1, 0x800, 0x5}}, 0xe8)

8m2.802168601s ago: executing program 3 (id=520):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x2a0471a, &(0x7f0000000280)={[{@max_batch_time={'max_batch_time', 0x3d, 0x3}}]}, 0x82, 0x486, &(0x7f0000000b80)="$eJzs3M9rXEUcAPDve5uk2l+JWrWtRaNFDP5ImrRqD14UBQ8VBT1UPcUkLaVpI00EU0obRepFkIKe1aPgX+DNi6gnQfCkdykU7aVVPKy8t+81m0222cQkm3Y/H3jNzM7szkzmzXvzZroJoGP1Z/8kEdsj4reI6K1FF2bor/24fvXc2N9Xz40lUa2+/meS57t29dxYmbV837YiMpBGpB8lRSELTc+ePTk6OTlxpogPzZx6d2h69uxTJ06NHp84PnF65PDhQweHn31m5Ok1aWfWrmt7z0/t2/Pym5deGTt66Z0fv8nqu71Ir2/HqvQsfqk/a/hf1Vxj2qNx5/8qbrPZURdOutpYEVakEhFZd3Xn4783KjHfeb3x0odtrRywrrJ705bmyXPVppKbpgK3giTaXQOgPcobffb8Wx4bNPXYFK48X3sAytp9vThqKV2RFnm6G55v11J/RByd++eL7Ii1WIcAAFjGJ2OfH4knl5r/pXFfXb6dxR5KX0TcFRF3R8Q9EbErIu6NyPPeHxG7Wym0boOgcWto8fwnvbz61i0vm/89V+xtLZz/lbO/6KsUsR15+7uTYycmJw4Uv5OB6N6SxYdvUsZ3L/7yabO0+vlfdmTll3PBoh6XuxoW6MZHZ0bzSekauPJBxN6u+LdarTa0P7mxE5BExJ6I2Luyj95ZBk48/vW+ZpmWb/+ij5u3BvtM1a8iHqv1/1w0tL+ULN6f7Nkxvz85dEdMThwYKs+KxX76+eJrzcpvvf3rI+v/rQvP/yLly9ki0Pd2/X7tdDTZudzetIyLv3/c9Jlmted/T/JGfj0qt13fH52ZOTMc0ZMcyeMLXh+Zf28ZL/Nn7R/Yn6WU7S/fmebXuCj6/4GI2Ffslz0YEQ8VdX84Ih6JiP1NWx/xwwvN0zZD/48vef0rz//d52s/y/6fXXGgcvL7b5uV31r/H8pDA8Ur+fVvGa1WcPW/OQAAALh1pPnKTZIO3gin6eBg7f/w74qt6eTU9MwTx6beOz1eW+Hpi+60XOnqrVsPHU7mik+sxUeKteIy/WCxbvxZJfL44NjU5Hib2w6dbluT8Z/5o9Lu2gHrbql9tJElvtAG3H4ax3+6MHrh1Y2sDLChfF8bOtcy4z/dqHoAG8/9HzrXUuP/QkPcXgDcntz/oXMZ/9C5jH/oXA3jvxK/tqsmwAZaxdf5BQSmZ89Guimq0VKg9b8Hsd6BtzZHNVoItPvKBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDb+CwAA//+voOqV")
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x12)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
socket(0x10, 0x803, 0x0)
syz_clone(0x41200100, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000202300800000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x7, 0x0, 0x0, 0x40f00, 0x40}, 0x94)
flock(r2, 0x9)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="0b00000007000000d7c900000900000001"], 0x48)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000340)={0x200000, 0x200000, 0x2, 0x0, 0x5989})
r4 = socket$kcm(0x10, 0x2, 0x4)
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
r6 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r5, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000180)={'batadv_slave_0\x00', <r7=>0x0})
bind$xdp(r5, &(0x7f0000000100)={0x2c, 0x0, r7}, 0x10)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000280)="89000000120081ae08060cdc030000017f03e3f7000000006ee2ffca1b1f00ff0f00000000000050375ed08a56331dbf9ed78105001ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00120c00010004080c00bdad01409bbc7a46e39a54cbbda812176679df069163ce955fed0009d78f0a947ee2b49e33538afaeb2713f450ebd010a20ff27fff", 0x89}], 0x1, 0x0, 0x0, 0x7}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ff9}]})
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000000000de850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r8}, 0x10)
kexec_load(0x5, 0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r3, <r9=>0xffffffffffffffff}, &(0x7f0000000300), &(0x7f00000000c0)}, 0x20)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000008c0)=ANY=[@ANYBLOB="1800000000000005000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='mr_alloc\x00', r10, 0x0, 0x4}, 0x0)
syz_emit_ethernet(0x76, &(0x7f0000000380)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaabb86dd602e5cea0040880020010000000000000000000000000000ff020000000000000000000000000001cb7ca5419075b05c737acadd129244346e17512bcaee7f96222c50d16065be7f29036c3df2a73ce19e9064d8b6e8dda38fbb47e6"], 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)

8m2.40002833s ago: executing program 3 (id=522):
r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000001440), 0x0, 0x0)
readv(r0, &(0x7f00000001c0)=[{&(0x7f0000000340)=""/113, 0x71}], 0x1)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000003b00)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180200000000008400"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x61, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
ioctl$IMADDTIMER(r0, 0x80044940, &(0x7f0000000040))

8m2.043508106s ago: executing program 3 (id=531):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={0x0, r0}, 0x18)
stat(&(0x7f0000000680)='./file0\x00', &(0x7f00000006c0)) (fail_nth: 3)

8m2.029240197s ago: executing program 32 (id=531):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={0x0, r0}, 0x18)
stat(&(0x7f0000000680)='./file0\x00', &(0x7f00000006c0)) (fail_nth: 3)

2.069131087s ago: executing program 2 (id=5182):
r0 = creat(0x0, 0x0)
close(r0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r1)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r1, 0x9)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB='<\x00\x00\x00'], 0x3c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000000)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)={0x14, r5, 0x1, 0x70bd28, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x24008804}, 0x800)
fsopen(0x0, 0x0)

1.967062157s ago: executing program 4 (id=5187):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001b40)={&(0x7f0000000480)={0x1c, r1, 0x62c21a4ade68aba1, 0x0, 0x0, {{0x32}, {@val={0x8, 0x117, 0x56}, @void, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4050}, 0x0)
sendmsg$NL80211_CMD_SET_WOWLAN(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000080)={&(0x7f0000001dc0)=ANY=[@ANYBLOB="b015000091a3f14d70e2ea75dd976104d62146bd5958fad58d4b0f430bc5f7", @ANYRES16=r1, @ANYBLOB="02002cbd7000fddbdf254a00000008000100610000000c009900000000001b000000d801758004000600cc010e809d0008008000000001000100cc856b6ed2be0b6a58ae2cdab18725f7645ee111178b86875ac5d48e661067330120e76e4aef14ce0fc4a313cae67a3af55d995f5a036cb82a49c8e49ee99c8435d3451e12b89e5f8cdd6aa7df041bea2b0728d2fd0a5220f449b8687d14bf957d2108b070e06c1f0d66f80633f8896ae20118fd03ac1bb3d5433f5ce43f763264f6e9c548bfa40b230c00163f5a9ab2d5000000f40008000000080009000000a911659dfbc5ebdf0c0044e8f7284ea319f1256c2c6692aa6bf0fda26fa5f412ce0b7f551d2aa2fe050743a7a41c7508cc7b9c268756b3e9bf237304310b98ca42b4e86513dace5b3c603e973fd5b8372df714b995ca5ffa11200a413bd0f2ca0bad7951c566c8ec868968d7d5e25d26c6ed8ec0cf2a5bb065799dd8a59e906ec5694c42b46169ebdd03e7ecad7182a72ce2edeb6953e608ba6380e9f0d755cba004192d7b7e6edd9e9ac97cff6ea4b0e3b0c5bdd54156c34a01776f8e4be445624ae4636391e9c1f60daf6285564e7b4e6cfd4f784fe1b849e783b00a95eaaef2ee5e6a987046b021000b000f7fce22d95d8302fcd912aae0153398aa59069f6f9e6ab3ae84c592870000000600040008000000080001000a01010004000600941375801413128024002c8008000000a9bb00000800000000000000080000000300000008000000580000000500f60004000000e4127d80810002002d4639da375307bd5a7f819b9f5ed688cdb28e51928fa044fb6cbec300c25759744984affc5dee21b6b43481d623b9c4eaef22dc02e9d4eb9b151501842ff4edb68a636b0247f2a028754162fc9246fc42db932192913a291c518384c8409a05f025b3fe9585b04226746270e9ebebae958574bfcab8576e63bcb6ed6400000004100000692b448a4748514861d6509a8f792340cf1ba153e3c4ec3592fbe38fda44ba89e5311ec4b281d89d7af08aa8f73d2d0f9c074cdfee13627fb40c51464ff2340a2070c0aa484634a541a7ba358d1c6180402ba8c9185d8f4c98f3e448d5f71b4856431706ad0bff85994747df7a0dc6c25f2b56b0655718faaaeba1bf5e6db31d0406402f6dca7d503dbc3b451b6d2ae8a9802b65d5c8dad49fc6415cdc901159336d07986dbf98924519b3ac167de74eb6ba942831d59f19485ca57ef525298662b2bb2002e2afcfaacce429060dc0cb9e3cf411fe4da2c706c8c47fcd85abb26804efb70117aa1252af23f0ff7f8efe589d25f475ac72b716d153d6c9b27d7221304c5f845050a720414b501909dc46a24080102b4c627fc4df452e392942a0403dbf5236938aaa0bd352a7d9dbbb2a1830156327fc663b010bda4c9f04ec8f94f356c82d5a10b2f804ee0a903676e514b55b6f9d36a59e3eb1ee6b742f02e19d5d3b28983a37ecd09af0be5b80d7307beeed710d4d7b9eef4df5cca40d940e78c0f96162742cb82ce3d39aed35959a73cc4e6e660e5f0a579c06184ab76ee05e0fa29f30d9a129aec48f3861e48bbabf642e9f005139352fedf72da94a779c767d76dada8e84c5cf28ae11ed2a320779ed069478e5f30677457c61564c479b02f243b26c7dcf3e66659e4d4d8014fc44f8a433b26dd56d1215067d6548033dfab58c46ab2ae0f38d3a8b18c1b8d45a740a0537fb9966512c50353806a36d4848e9332138a18dc47b5726417014bc6432d178e96e87170e724b6d5797ff8fbabf9ee058899b5fd625ecf788e22579ac594d4ac52be911fe173f639466ede8df105940a3b8ee7f07758f4c7de49870d1fc3fb01eec8470c9e8b329ca02160abd6199b39ff2e5eaf58f7af5ed09d21d3016c5a0e774c4f4e1c47e2a238d2140b50b347796b59ab3a0b212d29334ac38af0b07d8bafdbf253a1d920d652f7c2ce1fdd76bdcaaffd7d27d76cc713b6f0dd6c8cd2ddc32f2882fb071e70c7fa048370eb91c735ef63530c3b38a98cf8134f11c2e57197b47526e04a8c17bdd5ed9476a4c9112f24b001b87c6c11dfb4d96baf88fdebe1c4a44285032b8803eea3f370c302b071aab68101e10793c45c76e0b843dfb316edb68948c40d6f4c71bc7256822897a01199a6abe963c6cd625fde858e4925504fc5275a879c3c13a60979adca6accf167b91323f62907c9e42348b2091696bef1a6e43e7bbbd85a72738b00fbb91e7b2772e7b9c3b5a03a6be4022ed77fcda9c5921eb0169c795f1f561b2246c8dcd428477ece5b288ba590306546a66a414cd5b39f252a07d46c3378dd50c472f71f534acf5d40d5169e507ada7d0eb487829269ec7207342717fcf7e8697c12e8f515eaab412840cd442143bbc045c288382be018dcdc9cbd44f3d619300bece88f21d70003293e02260681999ac98eb91642b812f087ef46a6872e90d376e6ab84ca0101450fe44a5ab70f2b92412c4a4ec0eb1e0559a72d0888d6271fec8f067af3e19cef92b8d2474db180c1e0d553ce7d687ad7fc414a1b4da63f89ee52a3d80e4f0e0af339185790fba0ba5e2dea8687ccdbd82759a961f0b8b7c7553b2a20c7cdee99b0efd2e99648b6b8288a5006fc986a1c70992f2023579ffc1cecf8676fb2f47d8f9f2aaba6ba1bbff6e32b8b754838f2c4947eea842e316aeaa095c034d62ae819e1e62de33088915bd651cf565fe94a8fdd8547fefc50f41848b3b5e131b2d4216604c439c00954b37a9a254453f6f333ca799f682ca46f07cf3dd1d365fb39f9f5d008087ec6d9ad978cb4718578e9340f8109f8d4a1670187496913bfefea6d5f02fda7549b2da654b9dabd4cfc185380bc346f3a801724186229a223e7493e0324151bd7e7ea056e26bae02ac1d76baa66a834e238258b01f4887e7f20e7341e20fee4b945b887ca34788c40d401268b4cf6fb946c63cd0e9f953d18cebcefcb1e05d8e170fba7085217d75116b2a7102c44a608af48d0b02a61a0934443803766918001ed2e35324d482c871d7c09cba2d0a51057e62ac3e48334886c2f1bcc5e631dccd03a81716f8767190496a3e23c68917e31845a6a4179324e19acf03017e12bf12b2863d5e289480ff1d960aab5241a54f2401d805ec27cc322522bbf7019dfcd735ac9491c0385628b1531de620370d5df9b4ca4a6dfff30d2c9be4a9de184c351b02b8919dbc30031e71e94770ff59fbe07408f59cfb5589e245910c4dd881afad5d9ac409e19cb00c3e5eb4827fb2507e3d6eded5891f02dfb157dd07d39ce7d01b434184730817fb8d68ab4b82d858cccaf334f0e798d85d3e570d5f4062726bd90075d60704b1e28640cc3a6dc00015d8aad8355f96430a96b79676a0626da801e347ea7da1b6b3094ca42a447bf9bcb70e91a4b972a8210b5121343cc45daa604154a6c4010609378c53e5f1bc5942575ab92375555b2b57676cbd2a158366a0eaa713e119c6a8a462f603b48cbed38056c3d423c3c7d71688b466bde3614e933490bc40aa5b5e6f69aa9f43801385e0b5f0940d9b05a94f727fc454409672b719e740d3fd88b62a733929cddd5c769f8df3efb1d85d4635d1358b0cffee47181dab4ae13bc5bc1eed2b02cfa2c7a0295178e240404f50ac9b5f350a6c20eb57b53925ede0ae961faa677c941eb358e88fdad3bf7207bed07e9786c0cb8a32321590e0c5b7595e95491b5452e863e5ad5f2310f9467845c3b8821ef7eb3fa16bba1687370bb4bac53d2219c5c4e5c559212bcfd16fb02af5eb5c9275d9d782385b551a68c6b3bb89bf2191ee838a997a4a3aa77851ecd405e96cb07409cc13b3dd7b379886c0859d5a2bb61eb5091171a390c11d165efeab1bcc0e04d25ea227a52b469d959b8773d0b5beb8c262c4fad17cc404c76c4d1a344fdb7b1084bb9cf6ad67069ee56fe8733809dc3758dc195b317a64b49858b92bf24ce8e08fe2b3fdb58870b0f6f350e02377315c24f01f1d09d2171361e77816eec8ffa6d87435ba12b13968f1a36d92bc96426766d4b6a1233919fa0c497bc9897fc8c939b510792d9703c39178a717ee97dfbcacfe3b27b28c364f999fefa296f4d50295c17f716904aca952b6a4783b01d148697c0f4a8f9fa73aea6611a345f6b6ad9400099ba59fd7e96a3d92a037de6bcea5a2756d4c3db34123f113971e62f361ef639aef2141ab2a347215d223da71751ea4be8b13dbcddc91573d33d1cc198b5e0bf4b98d0e62d4ca674a4f45118afd8e16b1b849e4b946b6a6d99504f282166cc3054e7841c50bd1a4d96d1a4198d553dc15561a23bc61ca3cd75430631f609ef9c6c06f13942a5c3dbbaf2ea6d8a7b3103977d2d94b37880c7c0447e15b92aab824b0da4a7c7272d05022b53148122bb829264e1f4c3e124115ed5710d6d9da1dee9de1f637a2b036bdb4f2565c253fd9430469df6f6109c64adda3fb97cd04c41ce67294c7fb0cb88c1aa566979da3bf12f854a944fbfafe5203ad456ef134c132496f7d7f55d00a10791fd91469057d90e36e6512dea73bbc2a27f7aaf501d7b8054d11f40d9fb93b2eeb714a56469cc3bdff1a87246ff82b98f11bc5b1168a5fd4134be682965795604d9690fe50b72d20885f7d13febf53a7e2bbea6180c67107d3b2aa6c013f65fb26f3760dafe70e3ff6f093b2dfd68d461e8f4a64e906b9918eb2aa7de76896030b4e1828710f9c57828d29f328075888be3378374adab565be6f6ee7bffcdd32c3ffa3bd56a58aa174de11e9bf8d05a0fe3142cdcec8afd78d55be31aefab44df733482eb6f3791f1846abd0fb6a62af00db36ec08f3d7f88cda90655459a76e54d457bbbd23e225b989a829e284ce7be3a50c6f11d87924a98d12369e68910f99f0acd4c6ea62568289778c9f4bd39af9e8a34e1f15f7be7b7229a3574f53aac106b456f43cff6a9183618eac8f5cd223c173e018c60e2cc2abc4dadb1470669ac3632f2e25d5ee74ba85d1e8a8fada57034325fe5a52d3c06048e85091608a854d898f03f534bd4586f4ce5e15d7845d195465704ad72f80a21bc824f5a9b12090046909a892cd6d5b8e3bd5259c67cf25da763466c92a65e561f35a73579e994831064dfc93ff4977b5258d9891e224451510815bf302e23ae9e28e99fb1fe1960796a9e41fc9fa4ab6896e864fe4b11693e6287cb4e933ac70070db61a9056d983eafd416ba9d2d8111872d15eee4fb0660273e1d3bc6f36fb1af932a784ad2bb738273bfec844f6cc2477b455e8206fca87f2b488444db92b28c35d00c6f0550de227621a609dead3326aa22cf6a658d3b91b102371fe597e6d4739aa0238ba5f179f2abe62d606a7bfd82e171eab08b498f0606e456cf40f56dbf9221ab46b6d48a28f3ec138d23ff0230cbc878230438a66bbfa82cf3a9394889944c2f5a8709a023407d74a08c78ac0508d9bcce6411af4687ca61854de25936b86e9fe60232b2d62865289e3f85fb3ad1a3a5a83aab1cdbe0466b1f4e3b765f394b7d59a53c5f78f9be9f376ecc9b91cdf19ae2cfbf09c6375ad7ba4c89ef105895b33c93f05f6c5d436765da0990f663ed9c4ce10cdc4b3a7291940c0d1154f0321edf26ebda7fe82489b811fbba7ffd3a6b6f0f98500d6128c1d03287b1f2b024c1c689e807a6bd4a08af8892693250c00a1274215d6fe5ba73b2d50288c111081cafd1491dcfd36ddfaa78261f216b58da7442970ef194f68f0e83d46276a3db10e58dd7b8353b7f1cee481afa2af931b0257ba8c5e994db9336275974076b77e8d378638c765268c0530c84023e56b6784698988601061c9830fe2a29e31b6275e30156f40c957f1609d25c6ce8e46ddec418522857f3546b3d2cb49f11338a088e412aea6027c49eca5c341cc3c77f1d12900c40fcfbf1b8b0f3f11bf63cdffaab39504982f30e3090ae09dc48d6d58800d3f736bc0ef3a1bd751fa0d6605d821f5d55dca57b2f0a1ce664d69a73228670302ef199a0165828564ae54a21eb43dbd86a26920a00dd7d48c97016e10b363af4fc6fd2e54074dfb0097ddaeb663da25123f5741a82d7f4c46c3faea005f3131ff8873b0baa613f6c17c94999a62b95e7d51abeee1935fbc0cb4fa7c525e21d9dfcf2f0b9804aafa0c440ca2768470103ae1ee78faeaa40794e0396d6d5dd761f0a148ebd725e5849d1079cee7a321e38029b31f7337d02acebbd1b64f623013c906d0ae0ec3e570f401c0f0a8fa495a8a27b1c4416e18f2c3ef55ad9abad0cb6e796aa1844b83803a4cdb11ff6c9941c302f816a60924539900614cfe9ae5eccd896d15d54837e73074094a776bb9a3386cd5f213781e143704a827a15f5bcca6a31ccebe64e58586cb41fe5e07c3bac8fa7eb484f4dc6f4f1dca34bccde038ae2305dfcd1bb29f737e9c8aca437ca2b5468cd265ca65ed950ffe1c877a31eaf3d6f3fe6bc16e3f1d5b12fd0cee529fefa686f6f9552733b1697b673f5152b2e47d28be7aff9687372be0fcc96ec7bf595a3a03ab22fd3421a06a19a318acb32610e04a203518f53021f149ef385becf3cd9f7ec8d1cc68e58f262f5b8ee84b546f42028763200d70f5250f675ebb0d8e4c5a87a0dda7661f96b1530bab5203e6e8c1fe7d75d08e8903660d2c28f1570336df902d8a7c4cc05e31477884d623ca24135ae0291806f5383118745ccbfb5c0d53c40636e65daefe024f2764ad3ec5beec0a39c64ae95d2817e0c829436e7b4ca5985700000008b8ef3030c37ed7c93ed010031b800e8197336781763d475235c3d726933d370c09e34a51bb1521077b0c81a2b6e7a27603f4a96f0747bd2ea6ef0c90d48d8702442673f1558f0841875c7cda8be1060c9a1b00a2000100c8cb51d3231e399af1b02c1e178657888f0bf91efdccff4e217c7d3dbef37d5288779f825eb82a0cf2a921695b74667d5925dbc78de57929c19215ed659d005d2496e7202dc26b72776d88379bdcbe57f28c4bd8b4ab2c3927d87cbc8ce5d561bbe9227c656ec371d36a038ae1f84c21b6b5130e195c3a2c18ea9a67564c7d438691b054e7c2c7ef807ba47094022dbc6287eca7da5f6eefab4970be37660000bc0001000ed9b3d6b29a99f4b2e8e5ed2ae49b2a44f4a26408258972f4c577ee6f47f4639d1be25b7f3219534e00aa5c287efabf5607468183759cee8928eb131af32a95d9ba90ca17634f7515ab648ced0ad49116a0cf86614ce92eba4f0ebcc67c38eb29a9ab3bc968fcb5befc5a2e6be47ef146a1bbc464342ccfd35d1229ee5a70e6b30cca1bd59bae683095e67bbd4ae6dfa0baca2818e0fbc15801fb5c77ae4c0f79f760e16912e4c8d2e3c5bfd8232d6e5858a3683ce6344819000100897ff9541645dd40842fe29cc61f81f10117ad866000000081000100ae97cbea88827cf4a9826988a6d3e6bcc68e7fcbeab2bec5dce8d657df36b1fee05db45c3f2e53c77010c2fb569b73a4202775ffa249e142113fc002da8cf0f8e8c7761bb460e8eba226e9dc8cfbac3c19d9d1cf9960fb59d64dfacfdcfd15b05c536f635f64576d550995a8e822dbb34815f64de03e14f201d170924000000004000800780012800400ec0014002c800800000064f9ffff080000000e00000024002c8008000000010000000800000002000000080000000400000008000000f75d00000a00f500fde622be1d2000000a00f5005050505050500000040087000a00f500864cf8a337c100000500f6005a0000000600eb00000400001c007580040002000400070004000600040009000400090004000700"], 0x15b0}, 0x1, 0x0, 0x0, 0x20010}, 0x41)
sendmsg$NL80211_CMD_REGISTER_FRAME(r2, &(0x7f0000001940)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f0000001b80)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="000425bd7000fddbdf253a0000000c009900010400004900000006006500de0d0000b7005b00829bbbcc63f99be0ba774eee72091b3ef1485558c94438d8a9e2116c003ee3e693161479d370c3aed809dbad997d01131b9a01ab33b142ce225f40a39f3cd4c906c24f3c57e065661d497bfcd64321633825998b467928a7c7a57e3c65cb281137143887781fa7f4c41f9904d46039cd34b112e31ef0f6e11c8010f407aeacb723c78e57e5a85daf18873a284a153eb324a6f81cadad254b73759275f525a3cdb0c79e400b7b8d4b7b69a0cae6b880dc5e2d650046005b006e4d6c2f4028aefc98e4aa3da9ac418b4bf55022f47c94f4bd486387739e3494c60cc5d7734370b7220ba8195c1f505826c75560c075f6d7b3cfb2dad81de683b21100005d005b0005c424b1d9e5671eb9aaaae080454aebaddf2afc4d6c8ee509083f317d1a4abc9f0dfd064f2d1dcc0f7047dbfd65b13b15e524f8de26739c9d96467773396e3bd8aa50370503922f66e2f8962915c5490abd4c22799e83879f000000b3005b00f52bbab1f54ac5f88f454c4c389851740ada4cf9e2f662ca54b46e312648c108a5c703c86494115ac5497100ba57be0e25f60b8af579e2e16c3d3950db55f4c0e474063cfcc37fb408abc5d31d0d08a2c05a0039b81ea4e6c5fd4dffec0667d1e1e13f90e1c20504724cec7a9cf2ba6dd3cbd7b92131fca5fce8ab58d0103c3ab5ba8cbfd7d405b611ac7c0316ddb3fa4cfcd7ebc1bfb6617b236a36f5fa0d639caf37dadd1031c3bdd42df15e0c0600"], 0x23c}, 0x1, 0x0, 0x0, 0x8010}, 0x55)

1.93904709s ago: executing program 4 (id=5188):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000840), 0x81, r0}, 0x38)
io_setup(0xfffffffe, &(0x7f0000000140)=<r1=>0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
pipe(&(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
splice(r2, 0x0, r4, 0x0, 0x8000f28, 0x0)
splice(r3, 0x0, r2, 0x0, 0x7f, 0xe)
r5 = eventfd(0x69f)
io_submit(r1, 0x2, &(0x7f0000000600)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1abaf85e6031e639, 0x9, r0, &(0x7f00000001c0)="2c674ec0cb1586fa20869dbd4afd0ef5112ac68f2bf58184436cd7798b6f522416fbbea1289035", 0x27, 0x200, 0x0, 0x3, r3}, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x3, 0x8, r0, &(0x7f0000000400)="c0ad860fa7273d49bc6c097d79ba82ffd31e9926ff9b1dd4151cd208f1530fecbb597c21242abdff9b10ea26550cdc98c803b6c22d4f301a9f3a9053a50858aedc70ed0c50556e35664761cc51759d815d4fb88b1e2f29b258536051255ec250b0b32f46cf92441c65814cf6874f2c4428ccec57cbe5e847db5183d6634f355dd62ed41a4d1a35bf5afcc9b448c409f3c9e2cfe08ebfa770444c05209b76a266e12ead6cfcb0f5a1ad6846bf37afccddbcb10c57dd8cf2023e", 0xb9, 0x4, 0x0, 0x0, r5}])
mount$tmpfs(0x0, &(0x7f0000000540)='./cgroup\x00', &(0x7f0000000580), 0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="6704973e3b4f9c65178c4ecad3340db65bb888619d6b558af5f8e6a37b33dd04e067ecabdc0f3741046e1b550d485bfb37030000000000", @ANYRES16=r4, @ANYBLOB=',\x00'])
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'lo\x00', <r7=>0x0})
sendmsg$ETHTOOL_MSG_WOL_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16, @ANYBLOB="01002abd7000000000001b0000000c00018008000100", @ANYRES32=r7], 0x20}}, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000180)={0x8}, 0x8)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r8 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r9 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r9, &(0x7f0000004200)='t', 0x1)
sendfile(r9, r8, 0x0, 0x3ffff)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r10, @ANYBLOB="0107000000000000000020000000040003"], 0x1c}, 0x1, 0x0, 0x0, 0x8041}, 0x0)
sendmsg$NL80211_CMD_START_SCHED_SCAN(r8, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4c050}, 0x40)
sendfile(r9, r8, 0x0, 0x7ffff000)

1.707636613s ago: executing program 5 (id=5190):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
r1 = gettid()
exit(0xfffffffffffffff7)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
getdents64(r2, &(0x7f00000063c0)=""/1024, 0x400)
tgkill(r1, r1, 0x36)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_open_dev$usbmon(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), r3)
sendmsg$ETHTOOL_MSG_LINKINFO_GET(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000005c0)={0x2c, r6, 0x1, 0x0, 0x30000, {0x1a}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dummy0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1d, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x6}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r8}, 0x10)
r9 = socket$netlink(0x10, 0x3, 0xa)
r10 = dup(r9)
r11 = open(&(0x7f0000000040)='./file1\x00', 0x1850c2, 0x14c)
ftruncate(r11, 0x200004)
sendfile(r10, r11, 0x0, 0x80001d00c0d1)
getsockopt(r0, 0x4, 0x4a, &(0x7f00000004c0)=""/86, &(0x7f0000000340)=0x56)
r12 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_SUBFLOW_CREATE(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000480)={0x18, r12, 0x401, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_ADDR={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmsg$MPTCP_PM_CMD_REMOVE(r3, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r12, 0x20, 0x70bd2a, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e24}]}, @MPTCP_PM_ATTR_ADDR={0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x4050)

1.452078988s ago: executing program 1 (id=5191):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd9b, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000240), &(0x7f0000000280)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r2 = openat$nvram(0xffffffffffffff9c, &(0x7f00000002c0), 0x88002, 0x0)
write$tun(r2, 0x0, 0xfdef)

1.374333485s ago: executing program 1 (id=5192):
timer_create(0x7, &(0x7f00000001c0)={0x0, 0x36, 0x1}, &(0x7f0000000240)=<r0=>0x0)
timer_delete(r0)

1.373983685s ago: executing program 1 (id=5194):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1b00"/13], 0x50)
cachestat(0xffffffffffffffff, &(0x7f0000000080)={0x401, 0x1}, &(0x7f0000000400), 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x10}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[], 0x80}}, 0x4814)
socket$key(0xf, 0x3, 0x2)
syz_emit_ethernet(0x12, &(0x7f0000000000)=ANY=[@ANYBLOB="910418166421b54fa0aaaa050004424203"], 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x10000, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0xffffffffffffff62, &(0x7f0000000000)="ff", 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, &(0x7f0000000200))
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r2, 0x0, 0xb}, 0x18)
set_mempolicy(0x3, &(0x7f0000000000)=0x4000000ffb, 0x8)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000480)=@IORING_OP_STATX={0x15, 0x8, 0x0, 0xffffffffffffffff, &(0x7f0000000840), &(0x7f0000000440)='./file0\x00', 0x20, 0x6000})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x5, 0x2000000000000217, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xc94284a3061bb7fe, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ac0)={&(0x7f0000000b00)='kmem_cache_free\x00', r3, 0x0, 0x1034}, 0x18)
migrate_pages(0x0, 0xfc, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r4}, 0x10)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x4}, 0x0, 0x0)

1.308144812s ago: executing program 0 (id=5195):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff"], 0x48)
r0 = creat(0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$tipc(0x1e, 0x5, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="1808000000000100000000000000", @ANYRES32=0x0, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x40f00, 0x8}, 0x94)
sendmsg$NL80211_CMD_GET_SURVEY(r0, &(0x7f0000000600)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000005c0)={&(0x7f00000004c0)={0x14, 0x0, 0x100, 0x70bd2b, 0x25dfdbfe, {{}, {@void, @void}}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000a80)='kfree\x00', r1, 0x0, 0xfffffffffffffffd}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000b00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000020900010073797a30000000002c000000030a010200000000030000000100ffff0900010073797a30000000000900030073797a3100000000d4040000060a010400000000000000000100000008000b4000000000ac0404802c000180080001006c6f6700200002800900024073797a300000000008000340000000060800034000000002380401800c000100626974776973650028040280080003400000000808000240000000140800064000000002080006400000000064020580bb0001001d92704a203d5ecc985c4e4280e5378a36a2856959ffa601c237cc270251cf18420d11613ec98e629c7d84c655efcb2b5ecd71666675bf512cadfe09e4d05a4f60f60e007ca1cf70a5185f973cec0f1ab052acf1acf6a2df83dd88facc62c6e94a1b6368d6bda68abcaed2ee48c3d589bf2a814b728efb93401dfa1d1063200c10e56294dba0e7b780ce0f6090bd0de9f5e000c98c4b97cd985c91284c2bca23e4757407bb41fd8de797502a72e122032d4ef3160f9f7b00fd000100854e3cb6d05d310db3d528811da7f7450ebb2d62cddc6981343570b9f4ab17d75de9411dea482f508c0dce42c25c4778ebc56bb303f9f51c489eedffcb1490560ab26ab7507ec029cca3ddfe7c4f4f6d91db07cbc008636bc7bea7f96954d31da9d8a9ca043df7b409ca2864d56fc6b2a70fcc2f1a3579737bf47542dae337d5203869caff9ab95a317c25521ebf848fad8ceb87f4655ace0701dbe961e9dcaeffa37bfa2e9d127d61b8d6edc1437b46f54c061e1c9d68120ac8300e91d19c708aa9589c37de59a9f8df5546855e934599a2f31b6cb847347fc02231fec395b906e60300340d60ebe7a3f23e1aa6eec9e0150a9d16b3c25e590000002400028008000340fffffff8080003400000000908000340684dbc5808000180ffffffff6200010091de8d9ca3503f5a0a8259007bc5088ccfe97cfebb5ebb90e05d4e8a63fcbee6f14ab7eff7469cf243a6ef6e528b811dfd72af1e7e08de8fbdd4849367ea82016412fab2ccc0fb94fa63fac7fd0c6ea48c0e9ac7d1a30ecf3e70e44ed5ff00001c0002800800034080000000080003400000000308000180fffffffc080001400000000d600004804000028008000180fffffffb0d00020073797a3000000000080001802b30a3bc08000180000000000900020073797a31000000002900020073797a31000000001c0002800900020073797a31000000000900020073797a3200000000080002400000000a30010480380002800900020073797a3200000000080003400000000908000180fffffffc0800018000000007080003408000000108000340000000050b0001000bca99f460f4b0002800028008000180fffffffb0900020073797a3000000000080003400000000308000340000001ff04000100bc000100e27404a10a99dbcc4575917adc29373e2cc46e5e8f99d7a36b7c42c92713cce62084d863a11eb9c2e19fde212924e527db981a9be0c2c15f6a04a67e9e20f86e4bebd07665e2d01da200712427a5525403c1c75468f31b91a60def25f7757c9921d08b9a5b0bc6f8953efbd0416091bf2b30d9a37e789198313dd07b7b70cebff25c562434b67e9a6b70708dd84c86135ab9b0ffda2c4b2fb4a139220c101f4c0a3d58eb124346005c82dea6f0f36444b28300758475eb3d34000180090001006d65746100000000240002800800024000000002080003400000000d08000340000000090800034000000001100001800a0001006c696d69740000000900010073797a30"], 0x548}}, 0x0)

1.107558942s ago: executing program 0 (id=5196):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r0}, 0x10)
socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000180)={0x40, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x3}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}]}, 0x40}, 0x1, 0x0, 0x0, 0x4040000}, 0x0)
sendmsg$IPSET_CMD_TEST(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="640000000906010800000000000000000600000505000100070000003c0007801800148014000240fc0000000000000000000000000000011800018014000240ff01000000000000000000000000000105000300070000000900020073797a31"], 0x64}}, 0x4800)
sendmsg$IPSET_CMD_DESTROY(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYBLOB="1c0000000306010200000000008000000700000a0500010007"], 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x40814)

1.088038144s ago: executing program 0 (id=5197):
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x70, 0x103301)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1b00"/13], 0x50)
cachestat(0xffffffffffffffff, &(0x7f0000000080)={0x401, 0x1}, &(0x7f0000000400), 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r1, @ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x10}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="020e000010000000000000000004830008001200000001000000ff000000400000001ea0abff7f00000000000000d41f9ab9000100700000ebdf000008000000c4fc0000100000000000e2ffff1c004f030006000020080002000080f5008e24ce6e4ae300a5000003000500001e001e02"], 0x80}}, 0x4814)
r3 = socket$key(0xf, 0x3, 0x2)
sendmmsg(r3, &(0x7f0000000180), 0x229ffa1c4ce5369, 0x0)
syz_emit_ethernet(0x12, &(0x7f0000000000)=ANY=[@ANYBLOB="910418166421b54fa0aaaa050004424203"], 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0xffffffffffffff62, &(0x7f0000000000)="ff", 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r4, 0x0, 0xb}, 0x18)
set_mempolicy(0x3, &(0x7f0000000000)=0x4000000ffb, 0x8)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000480)=@IORING_OP_STATX={0x15, 0x8, 0x0, 0xffffffffffffffff, &(0x7f0000000840), &(0x7f0000000440)='./file0\x00', 0x20, 0x6000})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x5, 0x2000000000000217, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xc94284a3061bb7fe, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ac0)={&(0x7f0000000b00)='kmem_cache_free\x00', r5, 0x0, 0x1034}, 0x18)
migrate_pages(0x0, 0xfc, 0x0, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r6}, 0x10)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x4}, 0x0, 0x0)

1.087632804s ago: executing program 2 (id=5198):
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x70, 0x103301)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x10}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="021200"], 0x10}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[], 0x80}}, 0x4814)
r2 = socket$key(0xf, 0x3, 0x2)
sendmmsg(r2, &(0x7f0000000180), 0x229ffa1c4ce5369, 0x0)
syz_emit_ethernet(0x12, &(0x7f0000000000)=ANY=[@ANYBLOB="910418166421b54fa0"], 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x10000, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0xffffffffffffff62, &(0x7f0000000000)="ff", 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', 0xffffffffffffffff, 0x0, 0xb}, 0x18)
set_mempolicy(0x3, &(0x7f0000000000)=0x4000000ffb, 0x8)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000480)=@IORING_OP_STATX={0x15, 0x8, 0x0, 0xffffffffffffffff, &(0x7f0000000840), &(0x7f0000000440)='./file0\x00', 0x20, 0x6000})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x11, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r3}, 0x10)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x4}, 0x0, 0x0)

1.071152455s ago: executing program 4 (id=5199):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB='\v\x00\x00\x00\b\x00\x00'], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
io_setup(0xfffffffe, &(0x7f0000000140))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
pipe(&(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
splice(r2, 0x0, r4, 0x0, 0x8000f28, 0x0)
splice(r3, 0x0, r2, 0x0, 0x7f, 0xe)
mount$tmpfs(0x0, 0x0, &(0x7f0000000580), 0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="6704973e3b4f9c65178c4ecad3340db65bb888619d6b558af5f8e6a37b33dd04e067ecabdc0f3741046e1b550d485bfb37030000", @ANYRES16=r4, @ANYBLOB=',\x00'])
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'lo\x00', <r7=>0x0})
sendmsg$ETHTOOL_MSG_WOL_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16, @ANYBLOB="01002abd7000000000001b0000000c00018008000100", @ANYRES32=r7], 0x20}}, 0x0)
sendmsg$ETHTOOL_MSG_FEATURES_GET(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000640)={&(0x7f0000001200)=ANY=[@ANYBLOB="48010000", @ANYRES8=r4, @ANYBLOB="01002abd7000ffdbdf250b0000003c00018008000300030000001400020067656e6501653100000000000000000008000300000000001400020002007a6b616c6c6572310000000000003000018008000100", @ANYRES32=0x0, @ANYRESOCT, @ANYRESHEX=r2, @ANYBLOB="0800030003000000080003000100000008000100", @ANYRES8=r5, @ANYRESOCT=r1, @ANYRES32=r3, @ANYBLOB="2c0001801400020070696d367265670000000000000000001400020076657468315f746f5f7465616d00000038000180140002006261746164765f736c6176655f30000008000100", @ANYRES32, @ANYBLOB="080003000100000008040100", @ANYRES32, @ANYRES32=r5, @ANYRES32=r7, @ANYBLOB="ca28cb68f5aa1da4f4f457ded1d81e8ff773ae239dfe9c7e0b5d3b017a679f2d0ef5c639ac7439eabc6a86e990d21c117b94d9636c92bc836c91f176c7cd4f1deea18231a5be3aebf8c19970a4cf845ae04f4328d319ee335c9d2168b8b76318822759c7"], 0x148}, 0x1, 0x0, 0x0, 0x40100c1}, 0xc0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000380)={'tunl0\x00', &(0x7f0000000300)={'gretap0\x00', <r8=>0x0, 0x7, 0x8000, 0x1, 0x2008, {{0xc, 0x4, 0x0, 0x2c, 0x30, 0x67, 0x0, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x1f}, {[@cipso={0x86, 0xc, 0x0, [{0x1, 0x6, "155c4cb6"}]}, @timestamp={0x44, 0x10, 0x9e, 0x0, 0x9, [0x1, 0x4, 0x8]}]}}}}})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={0xffffffffffffffff, r8, 0x25, 0x17, @val=@tracing={0x0, 0x2}}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x1, 0x13, &(0x7f0000000a00)=ANY=[@ANYBLOB="950000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000000000000850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018520000a93e420c3d7a597854db4734c08589b17fc1a6c4429ecc227fc4c15873f8ebfd4e59b4bec48b892504ab7aa121c92919f3b2046ede", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000"], &(0x7f0000000700)='GPL\x00', 0x8, 0x4d, &(0x7f0000000740)=""/77, 0x40f00, 0x30, '\x00', 0x0, @fallback=0x16, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r3, 0x1, &(0x7f00000007c0)=[r4, r4, r4, r0], &(0x7f0000000800)=[{0x0, 0x5, 0x3, 0xb}], 0x10, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r9 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r10 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r10, &(0x7f0000004200)='t', 0x1)
sendfile(r10, r9, 0x0, 0x3ffff)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB="0107000000000000000020000000040003"], 0x1c}, 0x1, 0x0, 0x0, 0x8041}, 0x0)
sendmsg$NL80211_CMD_START_SCHED_SCAN(r9, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000000c0)={&(0x7f0000000940)=ANY=[@ANYBLOB="02633299261fe455848a974354ac33c9d788e67b525833f9ced0d033d0bf145c67f1c7683c348a68ddc04216607c0da67df272b648d33ce7a69ba052676136aa4aa501e57881b459505caa8ed91ade6882796a04d17dd89ca6f71dddb7b8373ffe07b4a935d40634aa3359300f5061527a17cd9ecd40a3733f1c72e80d16c329ad0f8b193d0ad0c4", @ANYRES16, @ANYBLOB="000229bd7000ffdbdf254b0000000c0099008000000077000000"], 0x20}, 0x1, 0x0, 0x0, 0x4c050}, 0x40)
sendfile(r10, r9, 0x0, 0x7ffff000)

792.060292ms ago: executing program 5 (id=5200):
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x70, 0x103301)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1b00"/13], 0x50)
cachestat(0xffffffffffffffff, &(0x7f0000000080)={0x401, 0x1}, &(0x7f0000000400), 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000280)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r1, @ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x10}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="020e000010000000000000000004830008001200000001000000ff000000400000001ea0abff7f00000000000000d41f9ab9000100700000ebdf000008000000c4fc0000100000000000e2ffff1c004f030006000020080002000080f5008e24ce6e4ae300a5000003000500001e001e02"], 0x80}}, 0x4814)
r3 = socket$key(0xf, 0x3, 0x2)
sendmmsg(r3, &(0x7f0000000180), 0x229ffa1c4ce5369, 0x0)
syz_emit_ethernet(0x12, &(0x7f0000000000)=ANY=[@ANYBLOB="910418166421b54fa0aaaa050004424203"], 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0xffffffffffffff62, &(0x7f0000000000)="ff", 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r4, 0x0, 0xb}, 0x18)
set_mempolicy(0x3, &(0x7f0000000000)=0x4000000ffb, 0x8)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000480)=@IORING_OP_STATX={0x15, 0x8, 0x0, 0xffffffffffffffff, &(0x7f0000000840), &(0x7f0000000440)='./file0\x00', 0x20, 0x6000})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x5, 0x2000000000000217, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xc94284a3061bb7fe, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ac0)={&(0x7f0000000b00)='kmem_cache_free\x00', r5, 0x0, 0x1034}, 0x18)
migrate_pages(0x0, 0xfc, 0x0, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r6}, 0x10)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x4}, 0x0, 0x0)

462.579514ms ago: executing program 1 (id=5201):
openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0xc0100, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0185500, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000001c0)=ANY=[@ANYBLOB="5c0000001000ffff29bd7000fbdbdf", @ANYRES32=0x0, @ANYBLOB="137c0300230a07002c0012800e000100697036677265746170000000180002801400070000"], 0x5c}, 0x1, 0x0, 0x0, 0x1}, 0x20040040)

433.669338ms ago: executing program 2 (id=5202):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd9b, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000240), &(0x7f0000000280)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
r2 = openat$nvram(0xffffffffffffff9c, 0x0, 0x88002, 0x0)
write$tun(r2, 0x0, 0xfdef)

429.395088ms ago: executing program 5 (id=5203):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='kfree\x00', r1, 0x0, 0x115}, 0x18)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, 0x0, 0x0)

396.121401ms ago: executing program 5 (id=5204):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fff0000}]})
timer_create(0x0, 0x0, &(0x7f0000bbdffc)=<r2=>0x0)
timer_getoverrun(r2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001b40)={&(0x7f0000000480)={0x1c, r1, 0x62c21a4ade68aba1, 0x0, 0x0, {{0x32}, {@val={0x8, 0x117, 0x56}, @void, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4050}, 0x0)
sendmsg$NL80211_CMD_SET_WOWLAN(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000080)={&(0x7f0000001dc0)=ANY=[@ANYBLOB="b015000091a3f14d70e2ea75dd976104d62146bd5958fad58d4b0f430bc5f7", @ANYRES16=r1, @ANYBLOB="02002cbd7000fddbdf254a00000008000100610000000c009900000000001b000000d801758004000600cc010e809d0008008000000001000100cc856b6ed2be0b6a58ae2cdab18725f7645ee111178b86875ac5d48e661067330120e76e4aef14ce0fc4a313cae67a3af55d995f5a036cb82a49c8e49ee99c8435d3451e12b89e5f8cdd6aa7df041bea2b0728d2fd0a5220f449b8687d14bf957d2108b070e06c1f0d66f80633f8896ae20118fd03ac1bb3d5433f5ce43f763264f6e9c548bfa40b230c00163f5a9ab2d5000000f40008000000080009000000a911659dfbc5ebdf0c0044e8f7284ea319f1256c2c6692aa6bf0fda26fa5f412ce0b7f551d2aa2fe050743a7a41c7508cc7b9c268756b3e9bf237304310b98ca42b4e86513dace5b3c603e973fd5b8372df714b995ca5ffa11200a413bd0f2ca0bad7951c566c8ec868968d7d5e25d26c6ed8ec0cf2a5bb065799dd8a59e906ec5694c42b46169ebdd03e7ecad7182a72ce2edeb6953e608ba6380e9f0d755cba004192d7b7e6edd9e9ac97cff6ea4b0e3b0c5bdd54156c34a01776f8e4be445624ae4636391e9c1f60daf6285564e7b4e6cfd4f784fe1b849e783b00a95eaaef2ee5e6a987046b021000b000f7fce22d95d8302fcd912aae0153398aa59069f6f9e6ab3ae84c592870000000600040008000000080001000a01010004000600941375801413128024002c8008000000a9bb00000800000000000000080000000300000008000000580000000500f60004000000e4127d80810002002d4639da375307bd5a7f819b9f5ed688cdb28e51928fa044fb6cbec300c25759744984affc5dee21b6b43481d623b9c4eaef22dc02e9d4eb9b151501842ff4edb68a636b0247f2a028754162fc9246fc42db932192913a291c518384c8409a05f025b3fe9585b04226746270e9ebebae958574bfcab8576e63bcb6ed6400000004100000692b448a4748514861d6509a8f792340cf1ba153e3c4ec3592fbe38fda44ba89e5311ec4b281d89d7af08aa8f73d2d0f9c074cdfee13627fb40c51464ff2340a2070c0aa484634a541a7ba358d1c6180402ba8c9185d8f4c98f3e448d5f71b4856431706ad0bff85994747df7a0dc6c25f2b56b0655718faaaeba1bf5e6db31d0406402f6dca7d503dbc3b451b6d2ae8a9802b65d5c8dad49fc6415cdc901159336d07986dbf98924519b3ac167de74eb6ba942831d59f19485ca57ef525298662b2bb2002e2afcfaacce429060dc0cb9e3cf411fe4da2c706c8c47fcd85abb26804efb70117aa1252af23f0ff7f8efe589d25f475ac72b716d153d6c9b27d7221304c5f845050a720414b501909dc46a24080102b4c627fc4df452e392942a0403dbf5236938aaa0bd352a7d9dbbb2a1830156327fc663b010bda4c9f04ec8f94f356c82d5a10b2f804ee0a903676e514b55b6f9d36a59e3eb1ee6b742f02e19d5d3b28983a37ecd09af0be5b80d7307beeed710d4d7b9eef4df5cca40d940e78c0f96162742cb82ce3d39aed35959a73cc4e6e660e5f0a579c06184ab76ee05e0fa29f30d9a129aec48f3861e48bbabf642e9f005139352fedf72da94a779c767d76dada8e84c5cf28ae11ed2a320779ed069478e5f30677457c61564c479b02f243b26c7dcf3e66659e4d4d8014fc44f8a433b26dd56d1215067d6548033dfab58c46ab2ae0f38d3a8b18c1b8d45a740a0537fb9966512c50353806a36d4848e9332138a18dc47b5726417014bc6432d178e96e87170e724b6d5797ff8fbabf9ee058899b5fd625ecf788e22579ac594d4ac52be911fe173f639466ede8df105940a3b8ee7f07758f4c7de49870d1fc3fb01eec8470c9e8b329ca02160abd6199b39ff2e5eaf58f7af5ed09d21d3016c5a0e774c4f4e1c47e2a238d2140b50b347796b59ab3a0b212d29334ac38af0b07d8bafdbf253a1d920d652f7c2ce1fdd76bdcaaffd7d27d76cc713b6f0dd6c8cd2ddc32f2882fb071e70c7fa048370eb91c735ef63530c3b38a98cf8134f11c2e57197b47526e04a8c17bdd5ed9476a4c9112f24b001b87c6c11dfb4d96baf88fdebe1c4a44285032b8803eea3f370c302b071aab68101e10793c45c76e0b843dfb316edb68948c40d6f4c71bc7256822897a01199a6abe963c6cd625fde858e4925504fc5275a879c3c13a60979adca6accf167b91323f62907c9e42348b2091696bef1a6e43e7bbbd85a72738b00fbb91e7b2772e7b9c3b5a03a6be4022ed77fcda9c5921eb0169c795f1f561b2246c8dcd428477ece5b288ba590306546a66a414cd5b39f252a07d46c3378dd50c472f71f534acf5d40d5169e507ada7d0eb487829269ec7207342717fcf7e8697c12e8f515eaab412840cd442143bbc045c288382be018dcdc9cbd44f3d619300bece88f21d70003293e02260681999ac98eb91642b812f087ef46a6872e90d376e6ab84ca0101450fe44a5ab70f2b92412c4a4ec0eb1e0559a72d0888d6271fec8f067af3e19cef92b8d2474db180c1e0d553ce7d687ad7fc414a1b4da63f89ee52a3d80e4f0e0af339185790fba0ba5e2dea8687ccdbd82759a961f0b8b7c7553b2a20c7cdee99b0efd2e99648b6b8288a5006fc986a1c70992f2023579ffc1cecf8676fb2f47d8f9f2aaba6ba1bbff6e32b8b754838f2c4947eea842e316aeaa095c034d62ae819e1e62de33088915bd651cf565fe94a8fdd8547fefc50f41848b3b5e131b2d4216604c439c00954b37a9a254453f6f333ca799f682ca46f07cf3dd1d365fb39f9f5d008087ec6d9ad978cb4718578e9340f8109f8d4a1670187496913bfefea6d5f02fda7549b2da654b9dabd4cfc185380bc346f3a801724186229a223e7493e0324151bd7e7ea056e26bae02ac1d76baa66a834e238258b01f4887e7f20e7341e20fee4b945b887ca34788c40d401268b4cf6fb946c63cd0e9f953d18cebcefcb1e05d8e170fba7085217d75116b2a7102c44a608af48d0b02a61a0934443803766918001ed2e35324d482c871d7c09cba2d0a51057e62ac3e48334886c2f1bcc5e631dccd03a81716f8767190496a3e23c68917e31845a6a4179324e19acf03017e12bf12b2863d5e289480ff1d960aab5241a54f2401d805ec27cc322522bbf7019dfcd735ac9491c0385628b1531de620370d5df9b4ca4a6dfff30d2c9be4a9de184c351b02b8919dbc30031e71e94770ff59fbe07408f59cfb5589e245910c4dd881afad5d9ac409e19cb00c3e5eb4827fb2507e3d6eded5891f02dfb157dd07d39ce7d01b434184730817fb8d68ab4b82d858cccaf334f0e798d85d3e570d5f4062726bd90075d60704b1e28640cc3a6dc00015d8aad8355f96430a96b79676a0626da801e347ea7da1b6b3094ca42a447bf9bcb70e91a4b972a8210b5121343cc45daa604154a6c4010609378c53e5f1bc5942575ab92375555b2b57676cbd2a158366a0eaa713e119c6a8a462f603b48cbed38056c3d423c3c7d71688b466bde3614e933490bc40aa5b5e6f69aa9f43801385e0b5f0940d9b05a94f727fc454409672b719e740d3fd88b62a733929cddd5c769f8df3efb1d85d4635d1358b0cffee47181dab4ae13bc5bc1eed2b02cfa2c7a0295178e240404f50ac9b5f350a6c20eb57b53925ede0ae961faa677c941eb358e88fdad3bf7207bed07e9786c0cb8a32321590e0c5b7595e95491b5452e863e5ad5f2310f9467845c3b8821ef7eb3fa16bba1687370bb4bac53d2219c5c4e5c559212bcfd16fb02af5eb5c9275d9d782385b551a68c6b3bb89bf2191ee838a997a4a3aa77851ecd405e96cb07409cc13b3dd7b379886c0859d5a2bb61eb5091171a390c11d165efeab1bcc0e04d25ea227a52b469d959b8773d0b5beb8c262c4fad17cc404c76c4d1a344fdb7b1084bb9cf6ad67069ee56fe8733809dc3758dc195b317a64b49858b92bf24ce8e08fe2b3fdb58870b0f6f350e02377315c24f01f1d09d2171361e77816eec8ffa6d87435ba12b13968f1a36d92bc96426766d4b6a1233919fa0c497bc9897fc8c939b510792d9703c39178a717ee97dfbcacfe3b27b28c364f999fefa296f4d50295c17f716904aca952b6a4783b01d148697c0f4a8f9fa73aea6611a345f6b6ad9400099ba59fd7e96a3d92a037de6bcea5a2756d4c3db34123f113971e62f361ef639aef2141ab2a347215d223da71751ea4be8b13dbcddc91573d33d1cc198b5e0bf4b98d0e62d4ca674a4f45118afd8e16b1b849e4b946b6a6d99504f282166cc3054e7841c50bd1a4d96d1a4198d553dc15561a23bc61ca3cd75430631f609ef9c6c06f13942a5c3dbbaf2ea6d8a7b3103977d2d94b37880c7c0447e15b92aab824b0da4a7c7272d05022b53148122bb829264e1f4c3e124115ed5710d6d9da1dee9de1f637a2b036bdb4f2565c253fd9430469df6f6109c64adda3fb97cd04c41ce67294c7fb0cb88c1aa566979da3bf12f854a944fbfafe5203ad456ef134c132496f7d7f55d00a10791fd91469057d90e36e6512dea73bbc2a27f7aaf501d7b8054d11f40d9fb93b2eeb714a56469cc3bdff1a87246ff82b98f11bc5b1168a5fd4134be682965795604d9690fe50b72d20885f7d13febf53a7e2bbea6180c67107d3b2aa6c013f65fb26f3760dafe70e3ff6f093b2dfd68d461e8f4a64e906b9918eb2aa7de76896030b4e1828710f9c57828d29f328075888be3378374adab565be6f6ee7bffcdd32c3ffa3bd56a58aa174de11e9bf8d05a0fe3142cdcec8afd78d55be31aefab44df733482eb6f3791f1846abd0fb6a62af00db36ec08f3d7f88cda90655459a76e54d457bbbd23e225b989a829e284ce7be3a50c6f11d87924a98d12369e68910f99f0acd4c6ea62568289778c9f4bd39af9e8a34e1f15f7be7b7229a3574f53aac106b456f43cff6a9183618eac8f5cd223c173e018c60e2cc2abc4dadb1470669ac3632f2e25d5ee74ba85d1e8a8fada57034325fe5a52d3c06048e85091608a854d898f03f534bd4586f4ce5e15d7845d195465704ad72f80a21bc824f5a9b12090046909a892cd6d5b8e3bd5259c67cf25da763466c92a65e561f35a73579e994831064dfc93ff4977b5258d9891e224451510815bf302e23ae9e28e99fb1fe1960796a9e41fc9fa4ab6896e864fe4b11693e6287cb4e933ac70070db61a9056d983eafd416ba9d2d8111872d15eee4fb0660273e1d3bc6f36fb1af932a784ad2bb738273bfec844f6cc2477b455e8206fca87f2b488444db92b28c35d00c6f0550de227621a609dead3326aa22cf6a658d3b91b102371fe597e6d4739aa0238ba5f179f2abe62d606a7bfd82e171eab08b498f0606e456cf40f56dbf9221ab46b6d48a28f3ec138d23ff0230cbc878230438a66bbfa82cf3a9394889944c2f5a8709a023407d74a08c78ac0508d9bcce6411af4687ca61854de25936b86e9fe60232b2d62865289e3f85fb3ad1a3a5a83aab1cdbe0466b1f4e3b765f394b7d59a53c5f78f9be9f376ecc9b91cdf19ae2cfbf09c6375ad7ba4c89ef105895b33c93f05f6c5d436765da0990f663ed9c4ce10cdc4b3a7291940c0d1154f0321edf26ebda7fe82489b811fbba7ffd3a6b6f0f98500d6128c1d03287b1f2b024c1c689e807a6bd4a08af8892693250c00a1274215d6fe5ba73b2d50288c111081cafd1491dcfd36ddfaa78261f216b58da7442970ef194f68f0e83d46276a3db10e58dd7b8353b7f1cee481afa2af931b0257ba8c5e994db9336275974076b77e8d378638c765268c0530c84023e56b6784698988601061c9830fe2a29e31b6275e30156f40c957f1609d25c6ce8e46ddec418522857f3546b3d2cb49f11338a088e412aea6027c49eca5c341cc3c77f1d12900c40fcfbf1b8b0f3f11bf63cdffaab39504982f30e3090ae09dc48d6d58800d3f736bc0ef3a1bd751fa0d6605d821f5d55dca57b2f0a1ce664d69a73228670302ef199a0165828564ae54a21eb43dbd86a26920a00dd7d48c97016e10b363af4fc6fd2e54074dfb0097ddaeb663da25123f5741a82d7f4c46c3faea005f3131ff8873b0baa613f6c17c94999a62b95e7d51abeee1935fbc0cb4fa7c525e21d9dfcf2f0b9804aafa0c440ca2768470103ae1ee78faeaa40794e0396d6d5dd761f0a148ebd725e5849d1079cee7a321e38029b31f7337d02acebbd1b64f623013c906d0ae0ec3e570f401c0f0a8fa495a8a27b1c4416e18f2c3ef55ad9abad0cb6e796aa1844b83803a4cdb11ff6c9941c302f816a60924539900614cfe9ae5eccd896d15d54837e73074094a776bb9a3386cd5f213781e143704a827a15f5bcca6a31ccebe64e58586cb41fe5e07c3bac8fa7eb484f4dc6f4f1dca34bccde038ae2305dfcd1bb29f737e9c8aca437ca2b5468cd265ca65ed950ffe1c877a31eaf3d6f3fe6bc16e3f1d5b12fd0cee529fefa686f6f9552733b1697b673f5152b2e47d28be7aff9687372be0fcc96ec7bf595a3a03ab22fd3421a06a19a318acb32610e04a203518f53021f149ef385becf3cd9f7ec8d1cc68e58f262f5b8ee84b546f42028763200d70f5250f675ebb0d8e4c5a87a0dda7661f96b1530bab5203e6e8c1fe7d75d08e8903660d2c28f1570336df902d8a7c4cc05e31477884d623ca24135ae0291806f5383118745ccbfb5c0d53c40636e65daefe024f2764ad3ec5beec0a39c64ae95d2817e0c829436e7b4ca5985700000008b8ef3030c37ed7c93ed010031b800e8197336781763d475235c3d726933d370c09e34a51bb1521077b0c81a2b6e7a27603f4a96f0747bd2ea6ef0c90d48d8702442673f1558f0841875c7cda8be1060c9a1b00a2000100c8cb51d3231e399af1b02c1e178657888f0bf91efdccff4e217c7d3dbef37d5288779f825eb82a0cf2a921695b74667d5925dbc78de57929c19215ed659d005d2496e7202dc26b72776d88379bdcbe57f28c4bd8b4ab2c3927d87cbc8ce5d561bbe9227c656ec371d36a038ae1f84c21b6b5130e195c3a2c18ea9a67564c7d438691b054e7c2c7ef807ba47094022dbc6287eca7da5f6eefab4970be37660000bc0001000ed9b3d6b29a99f4b2e8e5ed2ae49b2a44f4a26408258972f4c577ee6f47f4639d1be25b7f3219534e00aa5c287efabf5607468183759cee8928eb131af32a95d9ba90ca17634f7515ab648ced0ad49116a0cf86614ce92eba4f0ebcc67c38eb29a9ab3bc968fcb5befc5a2e6be47ef146a1bbc464342ccfd35d1229ee5a70e6b30cca1bd59bae683095e67bbd4ae6dfa0baca2818e0fbc15801fb5c77ae4c0f79f760e16912e4c8d2e3c5bfd8232d6e5858a3683ce6344819000100897ff9541645dd40842fe29cc61f81f10117ad866000000081000100ae97cbea88827cf4a9826988a6d3e6bcc68e7fcbeab2bec5dce8d657df36b1fee05db45c3f2e53c77010c2fb569b73a4202775ffa249e142113fc002da8cf0f8e8c7761bb460e8eba226e9dc8cfbac3c19d9d1cf9960fb59d64dfacfdcfd15b05c536f635f64576d550995a8e822dbb34815f64de03e14f201d170924000000004000800780012800400ec0014002c800800000064f9ffff080000000e00000024002c8008000000010000000800000002000000080000000400000008000000f75d00000a00f500fde622be1d2000000a00f5005050505050500000040087000a00f500864cf8a337c100000500f6005a0000000600eb00000400001c007580040002000400070004000600040009000400090004000700"], 0x15b0}, 0x1, 0x0, 0x0, 0x20010}, 0x41)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_PORT_UNSPLIT(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="3107000000000000000038000000080001007063690011000200"], 0x60}, 0x1, 0x2}, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
sendmsg$NL80211_CMD_REGISTER_FRAME(r3, &(0x7f0000001940)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f0000001b80)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="000425bd7000fddbdf253a0000000c009900010400004900000006006500de0d0000b7005b00829bbbcc63f99be0ba774eee72091b3ef1485558c94438d8a9e2116c003ee3e693161479d370c3aed809dbad997d01131b9a01ab33b142ce225f40a39f3cd4c906c24f3c57e065661d497bfcd64321633825998b467928a7c7a57e3c65cb281137143887781fa7f4c41f9904d46039cd34b112e31ef0f6e11c8010f407aeacb723c78e57e5a85daf18873a284a153eb324a6f81cadad254b73759275f525a3cdb0c79e400b7b8d4b7b69a0cae6b880dc5e2d650046005b006e4d6c2f4028aefc98e4aa3da9ac418b4bf55022f47c94f4bd486387739e3494c60cc5d7734370b7220ba8195c1f505826c75560c075f6d7b3cfb2dad81de683b21100005d005b0005c424b1d9e5671eb9aaaae080454aebaddf2afc4d6c8ee509083f317d1a4abc9f0dfd064f2d1dcc0f7047dbfd65b13b15e524f8de26739c9d96467773396e3bd8aa50370503922f66e2f8962915c5490abd4c22799e83879f000000b3005b00f52bbab1f54ac5f88f454c4c389851740ada4cf9e2f662ca54b46e312648c108a5c703c86494115ac5497100ba57be0e25f60b8af579e2e16c3d3950db55f4c0e474063cfcc37fb408abc5d31d0d08a2c05a0039b81ea4e6c5fd4dffec0667d1e1e13f90e1c20504724cec7a9cf2ba6dd3cbd7b92131fca5fce8ab58d0103c3ab5ba8cbfd7d405b611ac7c0316ddb3fa4cfcd7ebc1bfb6617b236a36f5fa0d639caf37dadd1031c3bdd42df15e0c0600"], 0x23c}, 0x1, 0x0, 0x0, 0x8010}, 0x55)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0xd0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r6}, 0x9)
acct(0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_tracing={0x1a, 0x36, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, [@tail_call, @btf_id={0x18, 0x1, 0x3, 0x0, 0x4}, @alu={0x4, 0x0, 0xd, 0x8, 0x5, 0x8, 0x1}, @cb_func={0x18, 0x6, 0x4, 0x0, 0xffffffffffffffff}, @map_val={0x18, 0x7, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6fb}, @func={0x85, 0x0, 0x1, 0x0, 0x9}, @call={0x85, 0x0, 0x0, 0x3}, @map_idx={0x18, 0x6, 0x5, 0x0, 0xb}, @map_idx={0x18, 0x8, 0x5, 0x0, 0x4}, @ringbuf_query, @btf_id={0x18, 0x9, 0x3, 0x0, 0x2}, @exit, @exit, @alu={0x3, 0x0, 0x2, 0x0, 0xb, 0xffffffffffffffc4, 0x8}, @map_idx_val={0x18, 0xa, 0x6, 0x0, 0x1, 0x0, 0x0, 0x0, 0x8}, @tail_call, @map_idx={0x18, 0x6, 0x5, 0x0, 0xe}, @map_idx={0x18, 0x5, 0x5, 0x0, 0xe}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}}]}, 0x0, 0x2, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xf475, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x40000000}, 0x94)
r7 = socket$kcm(0x11, 0x2, 0x0)
setsockopt$sock_attach_bpf(r7, 0x107, 0x14, &(0x7f0000000000), 0x4)
sendmsg$kcm(r7, &(0x7f0000001780)={&(0x7f00000003c0)=@caif, 0x80, 0x0}, 0x0)
timer_create(0x7, &(0x7f00000001c0)={0x0, 0x36, 0x1}, &(0x7f0000000240)=<r8=>0x0)
timer_delete(r8)

395.123651ms ago: executing program 0 (id=5205):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000001000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb3a}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vxcan0\x00', <r4=>0x0})
bind$can_j1939(r1, &(0x7f0000000340)={0x1d, r4, 0x0, {0x1, 0x0, 0x4}, 0xfe}, 0x18)
setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$inet(r1, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x4048001)
sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=@newtfilter={0x24, 0x11, 0x1, 0x70bd2a, 0x25dfdbfc, {0x0, 0x0, 0x74, r4, {0xfff3, 0xfff2}, {0xfff1, 0xfff2}, {0xfff3, 0xb}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x404c083}, 0x20000050)
setgroups(0x0, 0x0)

373.677673ms ago: executing program 2 (id=5206):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0}, 0x94)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, &(0x7f0000000080)={@broadcast, @local, <r1=>0x0}, &(0x7f00000001c0)=0xc)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x9, 0x0, 0x0, 0x41000, 0x0, '\x00', r1, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10)
bind$unix(0xffffffffffffffff, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x20, 0x7ffc0002}]})
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(0x0, r3)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014fa0000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f00000003c0)='syzkaller\x00', 0xd, 0x0, 0x0, 0x41000, 0x47, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000200400001"], 0x48)
fchown(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r4=>0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=@newtfilter={0x24, 0x11, 0x1, 0x691522eb, 0x0, {0x0, 0x0, 0x74, r4, {0x10, 0x4}, {0xfff3}, {0x4}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)
epoll_create1(0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_emit_ethernet(0x4e, &(0x7f0000000240)=ANY=[@ANYBLOB="ffffffffffffbbbbbbbbbbbb86dd678ab8c800000001fc0000000000000000000000000000122b0200000000000007080000000200050200c204"], 0x0)

346.267456ms ago: executing program 1 (id=5207):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff"], 0x48)
r0 = creat(0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$tipc(0x1e, 0x5, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="180800000000010000000000000000008510000006", @ANYRES32=0x0, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x40f00, 0x8}, 0x94)
sendmsg$NL80211_CMD_GET_SURVEY(r0, &(0x7f0000000600)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000005c0)={&(0x7f00000004c0)={0x14, 0x0, 0x100, 0x70bd2b, 0x25dfdbfe, {{}, {@void, @void}}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000a80)='kfree\x00', r1, 0x0, 0xfffffffffffffffd}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000b00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000020900010073797a30000000002c000000030a010200000000030000000100ffff0900010073797a30000000000900030073797a3100000000d4040000060a010400000000000000000100000008000b4000000000ac0404802c000180080001006c6f6700200002800900024073797a300000000008000340000000060800034000000002380401800c000100626974776973650028040280080003400000000808000240000000140800064000000002080006400000000064020580bb0001001d92704a203d5ecc985c4e4280e5378a36a2856959ffa601c237cc270251cf18420d11613ec98e629c7d84c655efcb2b5ecd71666675bf512cadfe09e4d05a4f60f60e007ca1cf70a5185f973cec0f1ab052acf1acf6a2df83dd88facc62c6e94a1b6368d6bda68abcaed2ee48c3d589bf2a814b728efb93401dfa1d1063200c10e56294dba0e7b780ce0f6090bd0de9f5e000c98c4b97cd985c91284c2bca23e4757407bb41fd8de797502a72e122032d4ef3160f9f7b00fd000100854e3cb6d05d310db3d528811da7f7450ebb2d62cddc6981343570b9f4ab17d75de9411dea482f508c0dce42c25c4778ebc56bb303f9f51c489eedffcb1490560ab26ab7507ec029cca3ddfe7c4f4f6d91db07cbc008636bc7bea7f96954d31da9d8a9ca043df7b409ca2864d56fc6b2a70fcc2f1a3579737bf47542dae337d5203869caff9ab95a317c25521ebf848fad8ceb87f4655ace0701dbe961e9dcaeffa37bfa2e9d127d61b8d6edc1437b46f54c061e1c9d68120ac8300e91d19c708aa9589c37de59a9f8df5546855e934599a2f31b6cb847347fc02231fec395b906e60300340d60ebe7a3f23e1aa6eec9e0150a9d16b3c25e590000002400028008000340fffffff8080003400000000908000340684dbc5808000180ffffffff6200010091de8d9ca3503f5a0a8259007bc5088ccfe97cfebb5ebb90e05d4e8a63fcbee6f14ab7eff7469cf243a6ef6e528b811dfd72af1e7e08de8fbdd4849367ea82016412fab2ccc0fb94fa63fac7fd0c6ea48c0e9ac7d1a30ecf3e70e44ed5ff00001c0002800800034080000000080003400000000308000180fffffffc080001400000000d600004804000028008000180fffffffb0d00020073797a3000000000080001802b30a3bc08000180000000000900020073797a31000000002900020073797a31000000001c0002800900020073797a31000000000900020073797a3200000000080002400000000a30010480380002800900020073797a3200000000080003400000000908000180fffffffc0800018000000007080003408000000108000340000000050b0001000bca99f460f4b0002800028008000180fffffffb0900020073797a3000000000080003400000000308000340000001ff04000100bc000100e27404a10a99dbcc4575917adc29373e2cc46e5e8f99d7a36b7c42c92713cce62084d863a11eb9c2e19fde212924e527db981a9be0c2c15f6a04a67e9e20f86e4bebd07665e2d01da200712427a5525403c1c75468f31b91a60def25f7757c9921d08b9a5b0bc6f8953efbd0416091bf2b30d9a37e789198313dd07b7b70cebff25c562434b67e9a6b70708dd84c86135ab9b0ffda2c4b2fb4a139220c101f4c0a3d58eb124346005c82dea6f0f36444b28300758475eb3d34000180090001006d65746100000000240002800800024000000002080003400000000d08000340000000090800034000000001100001800a0001006c696d69740000000900010073797a30"], 0x548}}, 0x0)

335.863707ms ago: executing program 0 (id=5208):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r0}, 0x10)
socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000180)={0x40, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x3}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}]}, 0x40}, 0x1, 0x0, 0x0, 0x4040000}, 0x0)
sendmsg$IPSET_CMD_TEST(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="640000000906010800000000000000000600000505000100070000003c0007801800148014000240fc0000000000000000000000000000011800018014000240ff01000000000000000000000000000105000300070000000900020073797a31"], 0x64}}, 0x4800)
sendmsg$IPSET_CMD_DESTROY(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYBLOB="1c0000000306010200000000008000000700000a0500010007"], 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x40814)

313.545759ms ago: executing program 1 (id=5209):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000840), 0x81, r0}, 0x38)
io_setup(0xfffffffe, &(0x7f0000000140)=<r1=>0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
pipe(&(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
splice(r2, 0x0, r4, 0x0, 0x8000f28, 0x0)
splice(r3, 0x0, r2, 0x0, 0x7f, 0xe)
r5 = eventfd(0x69f)
io_submit(r1, 0x2, &(0x7f0000000600)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1abaf85e6031e639, 0x9, r0, &(0x7f00000001c0)="2c674ec0cb1586fa20869dbd4afd0ef5112ac68f2bf58184436cd7798b6f522416fbbea1289035", 0x27, 0x200, 0x0, 0x3, r3}, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x3, 0x8, r0, &(0x7f0000000400)="c0ad860fa7273d49bc6c097d79ba82ffd31e9926ff9b1dd4151cd208f1530fecbb597c21242abdff9b10ea26550cdc98c803b6c22d4f301a9f3a9053a50858aedc70ed0c50556e35664761cc51759d815d4fb88b1e2f29b258536051255ec250b0b32f46cf92441c65814cf6874f2c4428ccec57cbe5e847db5183d6634f355dd62ed41a4d1a35bf5afcc9b448c409f3c9e2cfe08ebfa770444c05209b76a266e12ead6cfcb0f5a1ad6846bf37afccddbcb10c57dd8cf2023e", 0xb9, 0x4, 0x0, 0x0, r5}])
mount$tmpfs(0x0, &(0x7f0000000540)='./cgroup\x00', &(0x7f0000000580), 0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="6704973e3b4f9c65178c4ecad3340db65bb888619d6b558af5f8e6a37b33dd04e067ecabdc0f3741046e1b550d485bfb37030000000000", @ANYRES16=r4, @ANYBLOB=',\x00'])
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'lo\x00', <r7=>0x0})
sendmsg$ETHTOOL_MSG_WOL_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16, @ANYBLOB="01002abd7000000000001b0000000c00018008000100", @ANYRES32=r7], 0x20}}, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000180)={0x8}, 0x8)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r8 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r9 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r9, &(0x7f0000004200)='t', 0x1)
sendfile(r9, r8, 0x0, 0x3ffff)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r10, @ANYBLOB="0107000000000000000020000000040003"], 0x1c}, 0x1, 0x0, 0x0, 0x8041}, 0x0)
sendmsg$NL80211_CMD_START_SCHED_SCAN(r8, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4c050}, 0x40)
sendfile(r9, r8, 0x0, 0x7ffff000)

304.05394ms ago: executing program 2 (id=5210):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000080000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='sys_enter\x00', 0xffffffffffffffff, 0x0, 0x7}, 0x18)
syz_clone3(&(0x7f0000001e40)={0x100a00400, 0x0, 0x0, 0x0, {0x1c}, 0x0, 0x0, 0x0, &(0x7f0000001e00)=[0xffffffffffffffff], 0x1}, 0x58)
r2 = socket$caif_stream(0x25, 0x1, 0x3)
writev(r2, &(0x7f0000000180)=[{&(0x7f00000002c0)="c7", 0x1}], 0x1)

303.27354ms ago: executing program 5 (id=5211):
sendmsg$NFNL_MSG_ACCT_NEW(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000180)={0x0, 0xc8}, 0x1, 0x0, 0x0, 0x10}, 0x24044010)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={0xffffffffffffffff, 0x0, &(0x7f0000001700)=""/53}, 0x20)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000008c80)=ANY=[@ANYBLOB="2c00000026000506"], 0x2c}}, 0x800)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, 0x0, 0x0, 0x9, 0x0, 0x0, 0x41000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0xfffffffffffff001}, 0x18)
syz_mount_image$ext4(0x0, &(0x7f00000007c0)='./file0\x00', 0x0, 0x0, 0x2, 0x0, &(0x7f0000000840))
mount$bind(&(0x7f0000000800)='./file0\x00', &(0x7f0000000080)='./file0/../file0\x00', 0x0, 0x1a9851, 0x0)
mount$tmpfs(0x0, &(0x7f0000000400)='./file0/../file0\x00', &(0x7f00000003c0), 0x200044, 0x0)
r3 = socket(0x2, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'team_slave_1\x00', <r4=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1}}, &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x40f00, 0x40, '\x00', r4, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xff}, 0x94)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0xe, 0x1}, {0x0, 0x3}}}, 0x24}}, 0x800)
recvmmsg(r0, &(0x7f0000000cc0)=[{{&(0x7f0000000380)=@in={0x2, 0x0, @dev}, 0x80, &(0x7f0000000980)=[{&(0x7f0000000400)=""/1, 0x1}, {&(0x7f0000000600)=""/61, 0x3d}, {&(0x7f0000000640)=""/221, 0xdd}, {&(0x7f0000000740)=""/130, 0x82}, {&(0x7f0000000800)=""/7, 0x7}, {&(0x7f0000000840)=""/45, 0x2d}, {&(0x7f0000000880)=""/37, 0x25}, {&(0x7f0000002080)=""/4096, 0x1000}, {&(0x7f0000000b00)=""/248, 0xf8}], 0x9, &(0x7f0000000c00)=""/136, 0x88}, 0x5}], 0x1, 0xfc0, 0x0)
ioctl$sock_ifreq(0xffffffffffffffff, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x4})
openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
openat$selinux_policy(0xffffff9c, 0x0, 0x0, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000100))
socket(0x10, 0x803, 0x6)

302.63395ms ago: executing program 0 (id=5212):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1b00"/13], 0x50)
cachestat(0xffffffffffffffff, &(0x7f0000000080)={0x401, 0x1}, &(0x7f0000000400), 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x10}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB], 0x80}}, 0x4814)
socket$key(0xf, 0x3, 0x2)
syz_emit_ethernet(0x12, &(0x7f0000000000)=ANY=[@ANYBLOB="910418166421b54fa0aaaa050004424203"], 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x10000, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0xffffffffffffff62, &(0x7f0000000000)="ff", 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, &(0x7f0000000200))
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r2, 0x0, 0xb}, 0x18)
set_mempolicy(0x3, &(0x7f0000000000)=0x4000000ffb, 0x8)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000480)=@IORING_OP_STATX={0x15, 0x8, 0x0, 0xffffffffffffffff, &(0x7f0000000840), &(0x7f0000000440)='./file0\x00', 0x20, 0x6000})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x5, 0x2000000000000217, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xc94284a3061bb7fe, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ac0)={&(0x7f0000000b00)='kmem_cache_free\x00', r3, 0x0, 0x1034}, 0x18)
migrate_pages(0x0, 0xfc, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r4}, 0x10)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x4}, 0x0, 0x0)

270.020983ms ago: executing program 2 (id=5213):
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x70, 0x103301)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x10}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="021200"], 0x10}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[], 0x80}}, 0x4814)
r2 = socket$key(0xf, 0x3, 0x2)
sendmmsg(r2, &(0x7f0000000180), 0x229ffa1c4ce5369, 0x0)
syz_emit_ethernet(0x12, &(0x7f0000000000)=ANY=[@ANYBLOB="910418166421b54fa0"], 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x10000, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0xffffffffffffff62, &(0x7f0000000000)="ff", 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', 0xffffffffffffffff, 0x0, 0xb}, 0x18)
set_mempolicy(0x3, &(0x7f0000000000)=0x4000000ffb, 0x8)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000480)=@IORING_OP_STATX={0x15, 0x8, 0x0, 0xffffffffffffffff, &(0x7f0000000840), &(0x7f0000000440)='./file0\x00', 0x20, 0x6000})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x11, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r3}, 0x10)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x4}, 0x0, 0x0)

213.535239ms ago: executing program 5 (id=5214):
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x70, 0x103301)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1b00"/13], 0x50)
cachestat(0xffffffffffffffff, &(0x7f0000000080)={0x401, 0x1}, &(0x7f0000000400), 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000280)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r1, @ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x10}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="020e000010000000000000000004830008001200000001000000ff000000400000001ea0abff7f00000000000000d41f9ab9000100700000ebdf000008000000c4fc0000100000000000e2ffff1c004f030006000020080002000080f5008e24ce6e4ae300a5000003000500001e001e02"], 0x80}}, 0x4814)
r3 = socket$key(0xf, 0x3, 0x2)
sendmmsg(r3, &(0x7f0000000180), 0x229ffa1c4ce5369, 0x0)
syz_emit_ethernet(0x12, &(0x7f0000000000)=ANY=[@ANYBLOB="910418166421b54fa0aaaa050004424203"], 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0xffffffffffffff62, &(0x7f0000000000)="ff", 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r4, 0x0, 0xb}, 0x18)
set_mempolicy(0x3, &(0x7f0000000000)=0x4000000ffb, 0x8)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000480)=@IORING_OP_STATX={0x15, 0x8, 0x0, 0xffffffffffffffff, &(0x7f0000000840), &(0x7f0000000440)='./file0\x00', 0x20, 0x6000})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x5, 0x2000000000000217, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xc94284a3061bb7fe, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ac0)={&(0x7f0000000b00)='kmem_cache_free\x00', r5, 0x0, 0x1034}, 0x18)
migrate_pages(0x0, 0xfc, 0x0, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r6}, 0x10)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x4}, 0x0, 0x0)

173.881473ms ago: executing program 4 (id=5215):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
getsockopt(r0, 0x1, 0xa, &(0x7f00000004c0)=""/86, &(0x7f0000000340)=0x56)

83.003712ms ago: executing program 4 (id=5216):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd9b, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000240), &(0x7f0000000280)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
r2 = openat$nvram(0xffffffffffffff9c, 0x0, 0x88002, 0x0)
write$tun(r2, 0x0, 0xfdef)

0s ago: executing program 4 (id=5217):
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x70, 0x103301)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1b00"/13], 0x50)
cachestat(0xffffffffffffffff, &(0x7f0000000080)={0x401, 0x1}, &(0x7f0000000400), 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r1, @ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x10}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="020e000010000000000000000004830008001200000001000000ff000000400000001ea0abff7f00000000000000d41f9ab9000100700000ebdf000008000000c4fc0000100000000000e2ffff1c004f030006000020080002000080f5008e24ce6e4ae300a5000003000500001e001e02"], 0x80}}, 0x4814)
r3 = socket$key(0xf, 0x3, 0x2)
sendmmsg(r3, &(0x7f0000000180), 0x229ffa1c4ce5369, 0x0)
syz_emit_ethernet(0x12, &(0x7f0000000000)=ANY=[@ANYBLOB="910418166421b54fa0aaaa050004424203"], 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0xffffffffffffff62, &(0x7f0000000000)="ff", 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r4, 0x0, 0xb}, 0x18)
set_mempolicy(0x3, &(0x7f0000000000)=0x4000000ffb, 0x8)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000480)=@IORING_OP_STATX={0x15, 0x8, 0x0, 0xffffffffffffffff, &(0x7f0000000840), &(0x7f0000000440)='./file0\x00', 0x20, 0x6000})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x5, 0x2000000000000217, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xc94284a3061bb7fe, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ac0)={&(0x7f0000000b00)='kmem_cache_free\x00', r5, 0x0, 0x1034}, 0x18)
migrate_pages(0x0, 0xfc, 0x0, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r6}, 0x10)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x4}, 0x0, 0x0)

kernel console output (not intermixed with test programs):

ode (1)
[  484.067662][T17065] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.4090: couldn't read orphan inode 11 (err -117)
[  484.080284][T17065] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  484.098117][T17065] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  484.208233][T17075] ip6gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue
[  484.234826][T17085] loop5: detected capacity change from 0 to 512
[  484.252082][T17085] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  484.264863][T17085] ext4 filesystem being mounted at /109/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  484.362119][T17085] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4099'.
[  484.374088][T17085] bridge2: entered promiscuous mode
[  484.379311][T17085] bridge2: entered allmulticast mode
[  484.385839][T17085] team0: Port device bridge2 added
[  484.419444][T17096] netlink: 'syz.1.4098': attribute type 3 has an invalid length.
[  484.432661][T15234] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  484.569917][T17107] 9pnet_fd: Insufficient options for proto=fd
[  484.686787][T13374] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  484.730045][T17121] loop4: detected capacity change from 0 to 512
[  484.782176][T17121] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  484.814950][T17121] ext4 filesystem being mounted at /206/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  484.942941][T17121] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4113'.
[  484.955203][T17121] bridge2: entered promiscuous mode
[  484.960443][T17121] bridge2: entered allmulticast mode
[  484.966754][T17121] team0: Port device bridge2 added
[  484.973739][T17121] bridge0: port 3(team0) entered blocking state
[  484.980011][T17121] bridge0: port 3(team0) entered disabled state
[  484.986453][T17121] team0: entered allmulticast mode
[  484.991799][T17121] team_slave_0: entered allmulticast mode
[  484.998500][T17121] team0: entered promiscuous mode
[  485.003572][T17121] team_slave_0: entered promiscuous mode
[  485.009497][T17121] bridge0: port 3(team0) entered blocking state
[  485.015838][T17121] bridge0: port 3(team0) entered forwarding state
[  485.064327][T13374] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  485.109181][T17141] loop4: detected capacity change from 0 to 1024
[  485.116932][T17141] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (46251!=20869)
[  485.144051][T17141] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a040e11d, mo2=0002]
[  485.152856][T17141] EXT4-fs (loop4): failed to initialize system zone (-117)
[  485.160168][T17141] EXT4-fs (loop4): mount failed
[  485.199513][T17153] FAULT_INJECTION: forcing a failure.
[  485.199513][T17153] name failslab, interval 1, probability 0, space 0, times 0
[  485.212300][T17153] CPU: 1 UID: 0 PID: 17153 Comm:  Not tainted syzkaller #0 PREEMPT(voluntary) 
[  485.212324][T17153] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  485.212336][T17153] Call Trace:
[  485.212394][T17153]  <TASK>
[  485.212401][T17153]  __dump_stack+0x1d/0x30
[  485.212424][T17153]  dump_stack_lvl+0xe8/0x140
[  485.212441][T17153]  dump_stack+0x15/0x1b
[  485.212455][T17153]  should_fail_ex+0x265/0x280
[  485.212481][T17153]  should_failslab+0x8c/0xb0
[  485.212532][T17153]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[  485.212560][T17153]  ? __alloc_skb+0x101/0x320
[  485.212587][T17153]  __alloc_skb+0x101/0x320
[  485.212658][T17153]  netlink_dump+0x10d/0x8a0
[  485.212706][T17153]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  485.212731][T17153]  ? __skb_datagram_iter+0x46e/0x690
[  485.212807][T17153]  netlink_recvmsg+0x420/0x550
[  485.212886][T17153]  ? __pfx_netlink_recvmsg+0x10/0x10
[  485.212911][T17153]  sock_recvmsg_nosec+0x107/0x130
[  485.212932][T17153]  ____sys_recvmsg+0x26f/0x280
[  485.212961][T17153]  ___sys_recvmsg+0x11f/0x370
[  485.212987][T17153]  do_recvmmsg+0x1ef/0x540
[  485.213010][T17153]  ? fput+0x8f/0xc0
[  485.213028][T17153]  __x64_sys_recvmmsg+0xe5/0x170
[  485.213110][T17153]  x64_sys_call+0x27aa/0x3000
[  485.213160][T17153]  do_syscall_64+0xd2/0x200
[  485.213175][T17153]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  485.213197][T17153]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  485.213267][T17153]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  485.213284][T17153] RIP: 0033:0x7f463328efc9
[  485.213304][T17153] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  485.213321][T17153] RSP: 002b:00007f4631cf7038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  485.213339][T17153] RAX: ffffffffffffffda RBX: 00007f46334e5fa0 RCX: 00007f463328efc9
[  485.213394][T17153] RDX: 0000000000000344 RSI: 0000200000005c80 RDI: 0000000000000005
[  485.213406][T17153] RBP: 00007f4631cf7090 R08: 0000000000000000 R09: 0000000000000000
[  485.213419][T17153] R10: 0000000000010122 R11: 0000000000000246 R12: 0000000000000001
[  485.213431][T17153] R13: 00007f46334e6038 R14: 00007f46334e5fa0 R15: 00007fff367103e8
[  485.213450][T17153]  </TASK>
[  485.488370][T17156] lo speed is unknown, defaulting to 1000
[  485.969711][T17190] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=17190 comm=syz.0.4137
[  486.011205][T17190] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4137'.
[  486.091822][T17208] loop2: detected capacity change from 0 to 512
[  486.125578][T17208] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  486.152551][T17208] ext4 filesystem being mounted at /220/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  486.171905][T17218] xt_hashlimit: size too large, truncated to 1048576
[  486.243234][T13585] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  486.272704][T17230] FAULT_INJECTION: forcing a failure.
[  486.272704][T17230] name failslab, interval 1, probability 0, space 0, times 0
[  486.285530][T17230] CPU: 0 UID: 0 PID: 17230 Comm: syz.0.4147 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  486.285615][T17230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  486.285628][T17230] Call Trace:
[  486.285635][T17230]  <TASK>
[  486.285642][T17230]  __dump_stack+0x1d/0x30
[  486.285666][T17230]  dump_stack_lvl+0xe8/0x140
[  486.285687][T17230]  dump_stack+0x15/0x1b
[  486.285720][T17230]  should_fail_ex+0x265/0x280
[  486.285760][T17230]  should_failslab+0x8c/0xb0
[  486.285792][T17230]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[  486.285881][T17230]  ? __alloc_skb+0x101/0x320
[  486.285976][T17230]  __alloc_skb+0x101/0x320
[  486.286002][T17230]  netlink_alloc_large_skb+0xbf/0xf0
[  486.286031][T17230]  netlink_sendmsg+0x3cf/0x6b0
[  486.286063][T17230]  ? __pfx_netlink_sendmsg+0x10/0x10
[  486.286100][T17230]  __sock_sendmsg+0x145/0x180
[  486.286123][T17230]  ____sys_sendmsg+0x31e/0x4e0
[  486.286156][T17230]  ___sys_sendmsg+0x17b/0x1d0
[  486.286203][T17230]  __x64_sys_sendmsg+0xd4/0x160
[  486.286237][T17230]  x64_sys_call+0x191e/0x3000
[  486.286259][T17230]  do_syscall_64+0xd2/0x200
[  486.286278][T17230]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  486.286356][T17230]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  486.286391][T17230]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  486.286413][T17230] RIP: 0033:0x7febb1e6efc9
[  486.286429][T17230] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  486.286480][T17230] RSP: 002b:00007febb08d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  486.286500][T17230] RAX: ffffffffffffffda RBX: 00007febb20c5fa0 RCX: 00007febb1e6efc9
[  486.286513][T17230] RDX: 000000002000c800 RSI: 0000200000000380 RDI: 0000000000000005
[  486.286527][T17230] RBP: 00007febb08d7090 R08: 0000000000000000 R09: 0000000000000000
[  486.286541][T17230] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  486.286554][T17230] R13: 00007febb20c6038 R14: 00007febb20c5fa0 R15: 00007ffda7cbaa88
[  486.286604][T17230]  </TASK>
[  486.533883][T17239] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=17239 comm=syz.5.4152
[  486.613533][T17245] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4152'.
[  486.679586][T17246] lo speed is unknown, defaulting to 1000
[  486.924790][T17251] loop2: detected capacity change from 0 to 1024
[  486.984525][T17251] EXT4-fs: Ignoring removed orlov option
[  487.028239][T17251] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  487.111433][T13585] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  487.243637][T17275] tipc: Started in network mode
[  487.248545][T17275] tipc: Node identity 4, cluster identity 4711
[  487.254747][T17275] tipc: Node number set to 4
[  487.288841][T17282] loop4: detected capacity change from 0 to 2048
[  487.360977][T17282]  loop4: p1 < > p4
[  487.384806][T17282] loop4: p4 size 722688 extends beyond EOD, truncated
[  487.816549][T17312] loop4: detected capacity change from 0 to 512
[  487.833547][T17312] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  487.858114][T17312] ext4 filesystem being mounted at /219/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  488.058890][T17317] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4174'.
[  488.070749][T17317] bridge3: entered promiscuous mode
[  488.075962][T17317] bridge3: entered allmulticast mode
[  488.082441][T17317] team0: Port device bridge3 added
[  488.199702][T17319] 9pnet_fd: Insufficient options for proto=fd
[  488.226449][T17319] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4175'.
[  488.316053][   T29] kauditd_printk_skb: 398 callbacks suppressed
[  488.316066][   T29] audit: type=1326 audit(1761224080.637:253883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17322 comm="syz.2.4177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05f1cbefc9 code=0x7ffc0000
[  489.193542][T17326] lo speed is unknown, defaulting to 1000
[  489.211818][T13374] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  489.278643][   T29] audit: type=1326 audit(1761224081.547:253884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17322 comm="syz.2.4177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f05f1cbefc9 code=0x7ffc0000
[  489.302437][   T29] audit: type=1326 audit(1761224081.547:253885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17322 comm="syz.2.4177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05f1cbefc9 code=0x7ffc0000
[  489.326143][   T29] audit: type=1326 audit(1761224081.547:253886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17322 comm="syz.2.4177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f05f1cbefc9 code=0x7ffc0000
[  489.349861][   T29] audit: type=1326 audit(1761224081.547:253887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17322 comm="syz.2.4177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05f1cbefc9 code=0x7ffc0000
[  489.373662][   T29] audit: type=1326 audit(1761224081.547:253888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17322 comm="syz.2.4177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f05f1cbefc9 code=0x7ffc0000
[  489.397352][   T29] audit: type=1326 audit(1761224081.547:253889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17322 comm="syz.2.4177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05f1cbefc9 code=0x7ffc0000
[  489.421161][   T29] audit: type=1326 audit(1761224081.547:253890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17322 comm="syz.2.4177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05f1cbefc9 code=0x7ffc0000
[  489.444827][   T29] audit: type=1326 audit(1761224081.547:253891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17322 comm="syz.2.4177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f05f1cbefc9 code=0x7ffc0000
[  489.468479][   T29] audit: type=1326 audit(1761224081.547:253892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17322 comm="syz.2.4177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05f1cbefc9 code=0x7ffc0000
[  489.769714][T17343] lo speed is unknown, defaulting to 1000
[  490.248858][T17360] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4184'.
[  490.262586][T17360] bridge4: entered promiscuous mode
[  490.267828][T17360] bridge4: entered allmulticast mode
[  490.275101][T17360] team0: Port device bridge4 added
[  490.938479][T17382] loop4: detected capacity change from 0 to 1024
[  490.955295][T17382] EXT4-fs: Ignoring removed orlov option
[  490.975090][T17382] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  491.034185][T17386] loop2: detected capacity change from 0 to 1024
[  491.041339][T17386] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  491.052980][T17386] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #11: comm syz.2.4197: iget: bogus i_mode (1)
[  491.065400][T17386] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.4197: couldn't read orphan inode 11 (err -117)
[  491.079209][T17386] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  491.096757][T17386] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  491.194244][T17395] tmpfs: Bad value for 'mpol'
[  491.229636][T17399] loop2: detected capacity change from 0 to 1024
[  491.236371][T17399] EXT4-fs: Ignoring removed orlov option
[  491.244101][T17399] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  491.485758][T17405] lo speed is unknown, defaulting to 1000
[  491.725943][T13374] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  491.977429][T13585] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  492.636765][T17421] loop2: detected capacity change from 0 to 1024
[  492.653030][T17421] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  492.712748][T17421] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #11: comm syz.2.4207: iget: bogus i_mode (1)
[  492.731966][T17421] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.4207: couldn't read orphan inode 11 (err -117)
[  492.744609][T17421] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  492.761793][T17421] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  492.875706][T17431] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4211'.
[  492.939865][T17429] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4210'.
[  492.951913][T17429] bridge3: entered promiscuous mode
[  492.957162][T17429] bridge3: entered allmulticast mode
[  492.963363][T17429] team0: Port device bridge3 added
[  492.982936][T17434] loop2: detected capacity change from 0 to 2048
[  493.004387][T17434] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  493.075629][T17446] netlink: 'syz.4.4217': attribute type 1 has an invalid length.
[  493.216170][T17455] lo speed is unknown, defaulting to 1000
[  493.296586][T13585] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  493.321136][   T29] kauditd_printk_skb: 7341 callbacks suppressed
[  493.321151][   T29] audit: type=1326 audit(1761224085.647:261234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17453 comm="syz.0.4220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7febb1ea1885 code=0x7ffc0000
[  493.355189][   T29] audit: type=1326 audit(1761224085.647:261235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17453 comm="syz.0.4220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7febb1ea1885 code=0x7ffc0000
[  493.357594][T17459] loop2: detected capacity change from 0 to 1024
[  493.378965][   T29] audit: type=1326 audit(1761224085.647:261236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17453 comm="syz.0.4220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7febb1ea1885 code=0x7ffc0000
[  493.397777][T17459] EXT4-fs: Ignoring removed orlov option
[  493.409024][   T29] audit: type=1326 audit(1761224085.647:261237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17453 comm="syz.0.4220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7febb1ea1885 code=0x7ffc0000
[  493.418274][T17459] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  493.438464][   T29] audit: type=1326 audit(1761224085.647:261238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17453 comm="syz.0.4220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7febb1ea1885 code=0x7ffc0000
[  493.450767][T17459] ext4 filesystem being mounted at /235/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  493.474199][   T29] audit: type=1326 audit(1761224085.647:261239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17453 comm="syz.0.4220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7febb1ea1885 code=0x7ffc0000
[  493.474269][   T29] audit: type=1326 audit(1761224085.647:261240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17453 comm="syz.0.4220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7febb1ea1885 code=0x7ffc0000
[  493.532057][   T29] audit: type=1326 audit(1761224085.647:261241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17453 comm="syz.0.4220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7febb1ea1885 code=0x7ffc0000
[  493.555821][   T29] audit: type=1326 audit(1761224085.657:261242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17453 comm="syz.0.4220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7febb1ea1885 code=0x7ffc0000
[  493.579535][   T29] audit: type=1326 audit(1761224085.657:261243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17453 comm="syz.0.4220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7febb1ea1885 code=0x7ffc0000
[  493.615300][T13585] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  493.810771][T17468] lo speed is unknown, defaulting to 1000
[  494.129586][T17479] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4223'.
[  494.205371][T17492] tmpfs: Unknown parameter 'g�>;O�e�N��4�[��a�kU����{3��g��7AnUH[�7'
[  494.222372][T17492] loop4: detected capacity change from 0 to 1024
[  494.229110][T17492] EXT4-fs: Ignoring removed orlov option
[  494.237324][T17492] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  494.365172][T17508] tmpfs: Unknown parameter 'g�>;O�e�N��4�[��a�kU����{3��g��7AnUH[�7'
[  494.387778][T17508] loop2: detected capacity change from 0 to 1024
[  494.394433][T17508] EXT4-fs: Ignoring removed orlov option
[  494.403058][T17508] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  494.419746][T17507] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4234'.
[  494.431764][T17507] bridge5: entered promiscuous mode
[  494.437038][T17507] bridge5: entered allmulticast mode
[  494.443369][T17507] team0: Port device bridge5 added
[  494.492922][T17514] netlink: 'syz.2.4232': attribute type 3 has an invalid length.
[  494.604096][T17518] lo speed is unknown, defaulting to 1000
[  494.616898][T17519] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4238'.
[  494.703597][T17519] lo speed is unknown, defaulting to 1000
[  494.803935][T17529] SELinux:  Context system_u:object_r:udev_var_run_t:s0 is not valid (left unmapped).
[  494.814612][T17529] netlink: 56 bytes leftover after parsing attributes in process `syz.0.4241'.
[  495.021882][T17536] lo speed is unknown, defaulting to 1000
[  495.415233][T13585] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  495.426051][T13374] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  495.481526][T17543] loop4: detected capacity change from 0 to 512
[  495.713916][T17562] tmpfs: Unknown parameter 'g�>;O�e�N��4�[��a�kU����{3��g��7AnUH[�7'
[  495.736152][T17562] loop4: detected capacity change from 0 to 1024
[  495.751365][T17562] EXT4-fs: Ignoring removed orlov option
[  495.761801][T17562] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  495.840183][T17571] netlink: 'syz.4.4248': attribute type 3 has an invalid length.
[  495.875925][T17574] loop2: detected capacity change from 0 to 512
[  495.903144][T17574] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  495.916634][T17574] ext4 filesystem being mounted at /244/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  496.066777][T17581] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4257'.
[  496.079567][T17581] bridge3: entered promiscuous mode
[  496.084809][T17581] bridge3: entered allmulticast mode
[  496.091058][T17581] team0: Port device bridge3 added
[  496.097947][T17581] bridge0: port 1(team0) entered blocking state
[  496.104295][T17581] bridge0: port 1(team0) entered disabled state
[  496.127928][T17581] team0: entered allmulticast mode
[  496.133701][T17581] team0: left allmulticast mode
[  496.442644][T13374] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  496.577408][T17602] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4267'.
[  496.748584][T13585] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  496.792759][T17616] loop4: detected capacity change from 0 to 8192
[  496.887507][T17624] tmpfs: Unknown parameter 'g�>;O�e�N��4�[��a�kU����{3��g��7AnUH[�7'
[  496.928466][T17624] loop2: detected capacity change from 0 to 1024
[  496.937132][T17624] EXT4-fs: Ignoring removed orlov option
[  496.962389][T17624] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  497.051092][T17627] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(10)
[  497.057731][T17627] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  497.065314][T17627] vhci_hcd vhci_hcd.0: Device attached
[  497.067252][T17629] netlink: 'syz.2.4273': attribute type 3 has an invalid length.
[  497.300249][T17636] lo speed is unknown, defaulting to 1000
[  497.314090][T17637] netlink: 32 bytes leftover after parsing attributes in process `syz.1.4277'.
[  497.323153][ T3364] usb 9-1: new low-speed USB device number 2 using vhci_hcd
[  497.340860][T17637] netlink: 'syz.1.4277': attribute type 13 has an invalid length.
[  497.404622][T17637] bridge0: port 3(team0) entered disabled state
[  497.411060][T17637] bridge0: port 2(bridge_slave_1) entered disabled state
[  497.418278][T17637] bridge0: port 1(bridge_slave_0) entered disabled state
[  497.516130][T17628] vhci_hcd: connection reset by peer
[  497.527935][ T1785] vhci_hcd: stop threads
[  497.532242][ T1785] vhci_hcd: release socket
[  497.536672][ T1785] vhci_hcd: disconnect device
[  497.561054][ T5787] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  497.575465][ T5787] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  497.594493][ T5787] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  497.614040][ T5787] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  497.706773][T13585] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  497.750824][T17648] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4280'.
[  498.206034][T17666] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  498.509870][T17683] lo speed is unknown, defaulting to 1000
[  498.601623][T17684] tmpfs: Unknown parameter 'g�>;O�e�N��4�[��a�kU����{3��g��7AnUH[�7'
[  498.795046][T17684] loop4: detected capacity change from 0 to 1024
[  498.796524][   T29] kauditd_printk_skb: 1059 callbacks suppressed
[  498.796545][   T29] audit: type=1326 audit(1761224091.117:262303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17688 comm="syz.5.4294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3a51befc9 code=0x7ffc0000
[  498.801733][T17684] EXT4-fs: Ignoring removed orlov option
[  498.831520][   T29] audit: type=1326 audit(1761224091.137:262304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17688 comm="syz.5.4294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd3a51befc9 code=0x7ffc0000
[  498.860873][   T29] audit: type=1326 audit(1761224091.137:262305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17688 comm="syz.5.4294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3a51befc9 code=0x7ffc0000
[  498.884578][   T29] audit: type=1326 audit(1761224091.137:262306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17688 comm="syz.5.4294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd3a51befc9 code=0x7ffc0000
[  498.908271][   T29] audit: type=1326 audit(1761224091.137:262307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17688 comm="syz.5.4294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3a51befc9 code=0x7ffc0000
[  498.932009][   T29] audit: type=1326 audit(1761224091.137:262308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17688 comm="syz.5.4294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd3a51befc9 code=0x7ffc0000
[  498.933817][T17684] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  498.955652][   T29] audit: type=1326 audit(1761224091.137:262309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17688 comm="syz.5.4294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3a51befc9 code=0x7ffc0000
[  498.955685][   T29] audit: type=1326 audit(1761224091.137:262310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17688 comm="syz.5.4294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fd3a51befc9 code=0x7ffc0000
[  499.015307][   T29] audit: type=1326 audit(1761224091.137:262311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17688 comm="syz.5.4294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3a51befc9 code=0x7ffc0000
[  499.039017][   T29] audit: type=1326 audit(1761224091.137:262312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17688 comm="syz.5.4294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd3a51befc9 code=0x7ffc0000
[  499.080844][T17686] netlink: 'syz.4.4292': attribute type 3 has an invalid length.
[  499.140996][T17696] loop2: detected capacity change from 0 to 8192
[  499.256587][T13374] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  499.345318][T17720] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(10)
[  499.352049][T17720] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  499.359709][T17720] vhci_hcd vhci_hcd.0: Device attached
[  499.550758][T17732] lo speed is unknown, defaulting to 1000
[  499.640518][   T36] usb 5-1: new low-speed USB device number 2 using vhci_hcd
[  499.938658][T17721] vhci_hcd: connection reset by peer
[  499.944279][ T5796] vhci_hcd: stop threads
[  499.948594][ T5796] vhci_hcd: release socket
[  499.953132][ T5796] vhci_hcd: disconnect device
[  500.198593][T17744] lo speed is unknown, defaulting to 1000
[  500.590906][T17755] FAULT_INJECTION: forcing a failure.
[  500.590906][T17755] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  500.597440][T17751] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4313'.
[  500.604184][T17755] CPU: 0 UID: 0 PID: 17755 Comm: syz.0.4314 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  500.604207][T17755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  500.604268][T17755] Call Trace:
[  500.604276][T17755]  <TASK>
[  500.604285][T17755]  __dump_stack+0x1d/0x30
[  500.604313][T17755]  dump_stack_lvl+0xe8/0x140
[  500.604347][T17755]  dump_stack+0x15/0x1b
[  500.604363][T17755]  should_fail_ex+0x265/0x280
[  500.604438][T17755]  should_fail_alloc_page+0xf2/0x100
[  500.604524][T17755]  __alloc_frozen_pages_noprof+0xff/0x360
[  500.604558][T17755]  alloc_pages_mpol+0xb3/0x260
[  500.604578][T17755]  vma_alloc_folio_noprof+0x1aa/0x300
[  500.604640][T17755]  handle_mm_fault+0xec2/0x2be0
[  500.604702][T17755]  ? vma_start_read+0x141/0x1f0
[  500.604732][T17755]  do_user_addr_fault+0x630/0x1080
[  500.604755][T17755]  ? fpregs_assert_state_consistent+0xb4/0xe0
[  500.604836][T17755]  exc_page_fault+0x62/0xa0
[  500.604862][T17755]  asm_exc_page_fault+0x26/0x30
[  500.604916][T17755] RIP: 0033:0x7febb1d30c03
[  500.604931][T17755] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c
[  500.605011][T17755] RSP: 002b:00007febb08d64a0 EFLAGS: 00010202
[  500.605057][T17755] RAX: 000000000000b000 RBX: 00007febb08d6540 RCX: 00007feba84b7000
[  500.605070][T17755] RDX: 00007febb08d66e0 RSI: 0000000000000000 RDI: 00007febb08d65e0
[  500.605082][T17755] RBP: 000000000000004b R08: 0000000000000006 R09: 0000000000000011
[  500.605094][T17755] R10: 000000000000001c R11: 00007febb08d6540 R12: 0000000000000001
[  500.605106][T17755] R13: 00007febb1f0dc40 R14: 0000000000000001 R15: 00007febb08d65e0
[  500.605167][T17755]  </TASK>
[  500.605177][T17755] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  500.764849][T17762] FAULT_INJECTION: forcing a failure.
[  500.764849][T17762] name failslab, interval 1, probability 0, space 0, times 0
[  500.802820][T17762] CPU: 0 UID: 0 PID: 17762 Comm: syz.2.4318 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  500.802840][T17762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  500.802847][T17762] Call Trace:
[  500.802852][T17762]  <TASK>
[  500.802857][T17762]  __dump_stack+0x1d/0x30
[  500.802946][T17762]  dump_stack_lvl+0xe8/0x140
[  500.802957][T17762]  dump_stack+0x15/0x1b
[  500.802967][T17762]  should_fail_ex+0x265/0x280
[  500.802985][T17762]  ? asymmetric_lookup_restriction+0x303/0x370
[  500.803072][T17762]  should_failslab+0x8c/0xb0
[  500.803126][T17762]  __kmalloc_cache_noprof+0x4c/0x4a0
[  500.803144][T17762]  ? __pfx_restrict_link_by_key_or_keyring+0x10/0x10
[  500.803170][T17762]  asymmetric_lookup_restriction+0x303/0x370
[  500.803212][T17762]  ? __pfx_asymmetric_lookup_restriction+0x10/0x10
[  500.803255][T17762]  keyring_restrict+0xf7/0x280
[  500.803270][T17762]  keyctl_restrict_keyring+0x107/0x1b0
[  500.803283][T17762]  __se_sys_keyctl+0x1ed/0xb80
[  500.803298][T17762]  ? __rcu_read_unlock+0x4f/0x70
[  500.803392][T17762]  ? __fget_files+0x184/0x1c0
[  500.803407][T17762]  ? fput+0x8f/0xc0
[  500.803418][T17762]  __x64_sys_keyctl+0x67/0x80
[  500.803428][T17762]  x64_sys_call+0x2f7c/0x3000
[  500.803520][T17762]  do_syscall_64+0xd2/0x200
[  500.803538][T17762]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  500.803562][T17762]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  500.803585][T17762]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  500.803609][T17762] RIP: 0033:0x7f05f1cbefc9
[  500.803619][T17762] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  500.803629][T17762] RSP: 002b:00007f05f0727038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa
[  500.803641][T17762] RAX: ffffffffffffffda RBX: 00007f05f1f15fa0 RCX: 00007f05f1cbefc9
[  500.803675][T17762] RDX: 0000200000000240 RSI: 000000003d268a02 RDI: 000000000000001d
[  500.803682][T17762] RBP: 00007f05f0727090 R08: 0000000000000000 R09: 0000000000000000
[  500.803689][T17762] R10: 00002000000001c0 R11: 0000000000000246 R12: 0000000000000001
[  500.803696][T17762] R13: 00007f05f1f16038 R14: 00007f05f1f15fa0 R15: 00007fff023ab0c8
[  500.803706][T17762]  </TASK>
[  501.047716][T17767] loop4: detected capacity change from 0 to 1024
[  501.054992][T17767] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  501.076835][T17767] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #11: comm syz.4.4319: iget: bogus i_mode (1)
[  501.089332][T17767] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.4319: couldn't read orphan inode 11 (err -117)
[  501.101786][T17775] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=17775 comm=syz.0.4323
[  501.119357][T17767] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  501.154847][T17767] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  501.194771][T17786] FAULT_INJECTION: forcing a failure.
[  501.194771][T17786] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  501.207872][T17786] CPU: 0 UID: 0 PID: 17786 Comm: syz.2.4325 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  501.207902][T17786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  501.207915][T17786] Call Trace:
[  501.207923][T17786]  <TASK>
[  501.207932][T17786]  __dump_stack+0x1d/0x30
[  501.207999][T17786]  dump_stack_lvl+0xe8/0x140
[  501.208020][T17786]  dump_stack+0x15/0x1b
[  501.208080][T17786]  should_fail_ex+0x265/0x280
[  501.208111][T17786]  should_fail+0xb/0x20
[  501.208128][T17786]  should_fail_usercopy+0x1a/0x20
[  501.208149][T17786]  _copy_from_user+0x1c/0xb0
[  501.208174][T17786]  ___sys_recvmsg+0xaa/0x370
[  501.208270][T17786]  ? 0xffffffff81000000
[  501.208284][T17786]  ? __rcu_read_unlock+0x4f/0x70
[  501.208322][T17786]  __x64_sys_recvmsg+0xd1/0x160
[  501.208345][T17786]  x64_sys_call+0x2b46/0x3000
[  501.208420][T17786]  do_syscall_64+0xd2/0x200
[  501.208504][T17786]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  501.208531][T17786]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  501.208576][T17786]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  501.208598][T17786] RIP: 0033:0x7f05f1cbefc9
[  501.208613][T17786] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  501.208632][T17786] RSP: 002b:00007f05f0706038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  501.208652][T17786] RAX: ffffffffffffffda RBX: 00007f05f1f16090 RCX: 00007f05f1cbefc9
[  501.208665][T17786] RDX: 0000000040000100 RSI: 0000200000001140 RDI: 0000000000000004
[  501.208678][T17786] RBP: 00007f05f0706090 R08: 0000000000000000 R09: 0000000000000000
[  501.208769][T17786] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  501.208782][T17786] R13: 00007f05f1f16128 R14: 00007f05f1f16090 R15: 00007fff023ab0c8
[  501.208801][T17786]  </TASK>
[  501.209085][T17782] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4326'.
[  501.313729][T17788] loop4: detected capacity change from 0 to 8192
[  501.509078][T17795] tmpfs: Unknown parameter 'g�>;O�e�N��4�[��a�kU����{3��g��7AnUH[�7'
[  501.564700][T17797] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(10)
[  501.571331][T17797] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  501.578854][T17797] vhci_hcd vhci_hcd.0: Device attached
[  501.591865][T17800] netlink: 'syz.0.4329': attribute type 3 has an invalid length.
[  502.030245][T17804] FAULT_INJECTION: forcing a failure.
[  502.030245][T17804] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  502.041534][T17798] vhci_hcd: connection closed
[  502.043630][T17804] CPU: 0 UID: 0 PID: 17804 Comm: syz.2.4331 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  502.043657][T17804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  502.043668][T17804] Call Trace:
[  502.043676][T17804]  <TASK>
[  502.043683][T17804]  __dump_stack+0x1d/0x30
[  502.043702][T17804]  dump_stack_lvl+0xe8/0x140
[  502.043719][T17804]  dump_stack+0x15/0x1b
[  502.043772][T17804]  should_fail_ex+0x265/0x280
[  502.043801][T17804]  should_fail_alloc_page+0xf2/0x100
[  502.043829][T17804]  __alloc_frozen_pages_noprof+0xff/0x360
[  502.043909][T17804]  alloc_pages_mpol+0xb3/0x260
[  502.043929][T17804]  alloc_migration_target_by_mpol+0x11b/0x280
[  502.043952][T17804]  migrate_pages_batch+0x349/0x1b60
[  502.043976][T17804]  ? mas_prev+0x5a/0x80
[  502.044032][ T5769] vhci_hcd: stop threads
[  502.044091][T17804]  ? __pfx_alloc_migration_target_by_mpol+0x10/0x10
[  502.044121][T17804]  ? vma_modify+0xa37/0xc80
[  502.044143][T17804]  migrate_pages+0xf55/0x1760
[  502.044177][T17804]  ? __pfx_alloc_migration_target_by_mpol+0x10/0x10
[  502.044276][T17804]  __se_sys_mbind+0x975/0xac0
[  502.044312][T17804]  __x64_sys_mbind+0x78/0x90
[  502.044368][T17804]  x64_sys_call+0x2936/0x3000
[  502.044388][T17804]  do_syscall_64+0xd2/0x200
[  502.044493][T17804]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  502.044519][T17804]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  502.044623][T17804]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  502.044693][T17804] RIP: 0033:0x7f05f1cbefc9
[  502.044709][T17804] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  502.044724][T17804] RSP: 002b:00007f05f0727038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[  502.044742][T17804] RAX: ffffffffffffffda RBX: 00007f05f1f15fa0 RCX: 00007f05f1cbefc9
[  502.044812][T17804] RDX: 0000000000000004 RSI: 0000000000800000 RDI: 0000200000001000
[  502.044887][T17804] RBP: 00007f05f0727090 R08: 0000000000000000 R09: 0000000000000002
[  502.044898][T17804] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  502.044910][T17804] R13: 00007f05f1f16038 R14: 00007f05f1f15fa0 R15: 00007fff023ab0c8
[  502.044928][T17804]  </TASK>
[  502.262142][ T5769] vhci_hcd: release socket
[  502.266579][ T5769] vhci_hcd: disconnect device
[  502.360528][ T3364] usb 9-1: enqueue for inactive port 0
[  502.366166][ T3364] usb 9-1: enqueue for inactive port 0
[  502.429423][T17823] veth0_to_team: entered promiscuous mode
[  502.440752][ T5800] bridge0: port 3(team0) entered disabled state
[  502.447645][ T3364] vhci_hcd: vhci_device speed not set
[  502.526914][T17828] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4339'.
[  502.540203][T17825] bridge0: port 4(ipvlan2) entered blocking state
[  502.546776][T17825] bridge0: port 4(ipvlan2) entered disabled state
[  502.553485][T17825] ipvlan2: entered allmulticast mode
[  502.558839][T17825] bridge0: entered allmulticast mode
[  502.566762][T17825] ipvlan2: left allmulticast mode
[  502.571929][T17825] bridge0: left allmulticast mode
[  502.717034][T17864] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4349'.
[  502.736366][T17864] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=17864 comm=syz.1.4349
[  503.691668][T17903] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4363'.
[  503.738687][T17909] FAULT_INJECTION: forcing a failure.
[  503.738687][T17909] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  503.751929][T17909] CPU: 1 UID: 0 PID: 17909 Comm: +}[@ Not tainted syzkaller #0 PREEMPT(voluntary) 
[  503.751957][T17909] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  503.751968][T17909] Call Trace:
[  503.752035][T17909]  <TASK>
[  503.752045][T17909]  __dump_stack+0x1d/0x30
[  503.752074][T17909]  dump_stack_lvl+0xe8/0x140
[  503.752117][T17909]  dump_stack+0x15/0x1b
[  503.752132][T17909]  should_fail_ex+0x265/0x280
[  503.752289][T17909]  should_fail+0xb/0x20
[  503.752355][T17909]  should_fail_usercopy+0x1a/0x20
[  503.752374][T17909]  _copy_from_user+0x1c/0xb0
[  503.752462][T17909]  ___sys_sendmsg+0xc1/0x1d0
[  503.752496][T17909]  __x64_sys_sendmsg+0xd4/0x160
[  503.752524][T17909]  x64_sys_call+0x191e/0x3000
[  503.752610][T17909]  do_syscall_64+0xd2/0x200
[  503.752628][T17909]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  503.752683][T17909]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  503.752707][T17909]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  503.752801][T17909] RIP: 0033:0x7f05f1cbefc9
[  503.752873][T17909] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  503.752932][T17909] RSP: 002b:00007f05f0727038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  503.752948][T17909] RAX: ffffffffffffffda RBX: 00007f05f1f15fa0 RCX: 00007f05f1cbefc9
[  503.752959][T17909] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000005
[  503.752973][T17909] RBP: 00007f05f0727090 R08: 0000000000000000 R09: 0000000000000000
[  503.752986][T17909] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  503.752999][T17909] R13: 00007f05f1f16038 R14: 00007f05f1f15fa0 R15: 00007fff023ab0c8
[  503.753019][T17909]  </TASK>
[  503.934639][   T29] kauditd_printk_skb: 9422 callbacks suppressed
[  503.934651][   T29] audit: type=1326 audit(1761224096.257:271735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17898 comm="syz.0.4362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7febb1e6efc9 code=0x7ffc0000
[  504.017997][T17912] lo speed is unknown, defaulting to 1000
[  504.086530][   T29] audit: type=1400 audit(1761224096.397:271736): avc:  denied  { ioctl } for  pid=17910 comm="syz.5.4366" path="socket:[67616]" dev="sockfs" ino=67616 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  504.111584][   T29] audit: type=1326 audit(1761224096.407:271737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17898 comm="syz.0.4362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febb1e6efc9 code=0x7ffc0000
[  504.135429][   T29] audit: type=1326 audit(1761224096.407:271738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17898 comm="syz.0.4362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febb1e6efc9 code=0x7ffc0000
[  504.163508][   T29] audit: type=1326 audit(1761224096.487:271739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17915 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85fbc3efc9 code=0x7ffc0000
[  504.186858][   T29] audit: type=1326 audit(1761224096.487:271740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17915 comm="syz.1.4367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85fbc3efc9 code=0x7ffc0000
[  504.210595][   T29] audit: type=1326 audit(1761224096.487:271741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17915 comm="syz.1.4367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85fbc3efc9 code=0x7ffc0000
[  504.234343][   T29] audit: type=1326 audit(1761224096.487:271742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17915 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f85fbc3efc9 code=0x7ffc0000
[  504.257714][   T29] audit: type=1326 audit(1761224096.487:271743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17915 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85fbc3efc9 code=0x7ffc0000
[  504.281049][   T29] audit: type=1326 audit(1761224096.487:271744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17915 comm="syz.1.4367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85fbc3efc9 code=0x7ffc0000
[  504.292013][T17921] tmpfs: Unknown parameter 'g�>;O�e�N��4�[��a�kU����{3��g��7AnUH[�7'
[  504.351817][T17921] loop2: detected capacity change from 0 to 1024
[  504.358566][T17921] EXT4-fs: Ignoring removed orlov option
[  504.379331][T17921] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  504.477137][T17939] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4374'.
[  504.680529][   T36] usb 5-1: enqueue for inactive port 0
[  504.692650][   T36] usb 5-1: enqueue for inactive port 0
[  504.770638][   T36] vhci_hcd: vhci_device speed not set
[  505.032167][T13585] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  505.381251][T17971] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4385'.
[  505.567602][T17991] loop4: detected capacity change from 0 to 8192
[  505.756897][T18004] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4397'.
[  505.791207][T18008] loop4: detected capacity change from 0 to 8192
[  505.922917][T18015] loop2: detected capacity change from 0 to 1024
[  505.938696][T18015] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  505.950418][T18015] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #11: comm syz.2.4401: iget: bogus i_mode (1)
[  505.962077][T18015] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.4401: couldn't read orphan inode 11 (err -117)
[  505.966332][T18018] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(10)
[  505.974480][T18015] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  505.980502][T18018] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  505.980603][T18018] vhci_hcd vhci_hcd.0: Device attached
[  506.013780][T18015] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  506.040153][T18024] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4402'.
[  506.068429][T18024] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4402'.
[  506.078157][T18024] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4402'.
[  506.134761][T18032] loop2: detected capacity change from 0 to 512
[  506.141685][T18032] msdos: Unknown parameter 'sys_im-utable'
[  506.155058][T18032] loop2: detected capacity change from 0 to 1024
[  506.162061][T18032] ext2: Unknown parameter 'smackfsfloor'
[  506.173936][T18032] loop2: detected capacity change from 0 to 128
[  506.181797][T18032] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535)
[  506.194515][T18032] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none.
[  506.229327][T13585] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  506.240798][ T3364] usb 9-1: new low-speed USB device number 3 using vhci_hcd
[  506.319058][T18044] loop2: detected capacity change from 0 to 1024
[  506.326297][T18044] EXT4-fs: Ignoring removed orlov option
[  506.334409][T18046] xt_hashlimit: size too large, truncated to 1048576
[  506.339868][T18044] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  506.423398][T13585] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  506.619583][T18020] vhci_hcd: connection reset by peer
[  506.627370][ T5785] vhci_hcd: stop threads
[  506.631655][ T5785] vhci_hcd: release socket
[  506.636062][ T5785] vhci_hcd: disconnect device
[  506.642113][T18064] tmpfs: Unknown parameter 'g�>;O�e�N��4�[��a�kU����{3��g��7AnUH[�7'
[  506.706988][T18062] lo speed is unknown, defaulting to 1000
[  506.772925][T18064] loop2: detected capacity change from 0 to 1024
[  506.781710][T18064] EXT4-fs: Ignoring removed orlov option
[  506.937514][T18064] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  507.150095][T18082] IPVS: set_ctl: invalid protocol: 44 172.20.20.56:20000
[  507.159431][T18083] netlink: 'syz.2.4413': attribute type 3 has an invalid length.
[  507.197450][T18086] IPVS: set_ctl: invalid protocol: 44 172.20.20.56:20000
[  507.295874][T18098] loop4: detected capacity change from 0 to 512
[  507.312824][T18098] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  507.326980][T18098] ext4 filesystem being mounted at /267/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  507.376397][T13585] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  507.450689][T18111] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4429'.
[  507.541641][T18125] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4427'.
[  507.631759][T18130] bridge4: entered promiscuous mode
[  507.637002][T18130] bridge4: entered allmulticast mode
[  507.689321][T18130] team0: Port device bridge4 added
[  507.956868][T18129] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9)
[  507.963442][T18129] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  507.971204][T18129] vhci_hcd vhci_hcd.0: Device attached
[  507.986022][T18136] vhci_hcd: connection closed
[  507.986246][ T5767] vhci_hcd: stop threads
[  507.995219][ T5767] vhci_hcd: release socket
[  507.999627][ T5767] vhci_hcd: disconnect device
[  508.031596][T18139] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4437'.
[  508.103424][T18139] loop2: detected capacity change from 0 to 8192
[  508.610130][T18145] lo speed is unknown, defaulting to 1000
[  508.798198][T18148] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4440'.
[  508.941243][   T29] kauditd_printk_skb: 11479 callbacks suppressed
[  508.941259][   T29] audit: type=1326 audit(1761224101.267:283224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18140 comm="syz.5.4438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7fd3a51befc9 code=0x7ffc0000
[  509.005512][   T29] audit: type=1326 audit(1761224101.297:283225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18140 comm="syz.5.4438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fd3a51f1885 code=0x7ffc0000
[  509.029310][   T29] audit: type=1326 audit(1761224101.307:283226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18140 comm="syz.5.4438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd3a51b5e67 code=0x7ffc0000
[  509.052976][   T29] audit: type=1326 audit(1761224101.307:283227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18140 comm="syz.5.4438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd3a515b099 code=0x7ffc0000
[  509.077239][   T29] audit: type=1326 audit(1761224101.307:283228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18140 comm="syz.5.4438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7fd3a51befc9 code=0x7ffc0000
[  509.101147][   T29] audit: type=1326 audit(1761224101.307:283229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18140 comm="syz.5.4438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd3a51b5e67 code=0x7ffc0000
[  509.124751][   T29] audit: type=1326 audit(1761224101.307:283230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18140 comm="syz.5.4438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd3a515b099 code=0x7ffc0000
[  509.148389][   T29] audit: type=1326 audit(1761224101.307:283231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18140 comm="syz.5.4438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7fd3a51befc9 code=0x7ffc0000
[  509.172187][   T29] audit: type=1326 audit(1761224101.307:283232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18140 comm="syz.5.4438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd3a51b5e67 code=0x7ffc0000
[  509.195849][   T29] audit: type=1326 audit(1761224101.307:283233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18140 comm="syz.5.4438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd3a515b099 code=0x7ffc0000
[  509.254106][T18155] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4443'.
[  509.357512][T18151] loop2: detected capacity change from 0 to 512
[  509.378022][T18151] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  509.398249][T18151] EXT4-fs (loop2): can't mount with commit=, fs mounted w/o journal
[  509.514429][T18181] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4452'.
[  509.542459][T18183] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4453'.
[  509.616655][T18186] lo speed is unknown, defaulting to 1000
[  509.956589][T18198] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4457'.
[  510.225898][T18211] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4462'.
[  510.620624][T18224] netlink: 'syz.1.4464': attribute type 3 has an invalid length.
[  510.829620][T13374] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  510.845492][T18234] loop2: detected capacity change from 0 to 1024
[  510.852356][T18234] EXT4-fs: Ignoring removed orlov option
[  510.862458][T18234] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  511.186255][T18239] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4470'.
[  511.226406][T18239] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4470'.
[  511.246907][T18239] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4470'.
[  511.320611][ T3364] usb 9-1: enqueue for inactive port 0
[  511.323530][T18243] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4471'.
[  511.326177][ T3364] usb 9-1: enqueue for inactive port 0
[  511.370106][T18245] loop4: detected capacity change from 0 to 512
[  511.376996][T18245] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  511.385632][T18245] EXT4-fs (loop4): can't mount with commit=, fs mounted w/o journal
[  511.410552][ T3364] vhci_hcd: vhci_device speed not set
[  511.462009][T13585] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  511.828582][T18270] loop4: detected capacity change from 0 to 512
[  511.839348][T18270] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  511.852375][T18270] ext4 filesystem being mounted at /269/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  512.083429][T18274] bridge5: entered promiscuous mode
[  512.088702][T18274] bridge5: entered allmulticast mode
[  512.132600][T18274] team0: Port device bridge5 added
[  512.342560][T18279] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=40 sclass=netlink_audit_socket pid=18279 comm=syz.5.4481
[  512.595969][T18301] tmpfs: Unknown parameter 'g�>;O�e�N��4�[��a�kU����{3��g��7AnUH[�7'
[  512.613283][T18301] loop2: detected capacity change from 0 to 1024
[  512.620120][T18301] EXT4-fs: Ignoring removed orlov option
[  512.632114][T18301] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  513.338618][T13585] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  513.903961][T13374] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  513.947837][T18328] __nla_validate_parse: 7 callbacks suppressed
[  513.947853][T18328] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4495'.
[  513.999388][T18334] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4497'.
[  514.061695][   T29] kauditd_printk_skb: 5681 callbacks suppressed
[  514.061708][   T29] audit: type=1326 audit(1761224106.387:288915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18333 comm="syz.4.4497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f4633285e67 code=0x7ffc0000
[  514.097423][   T29] audit: type=1326 audit(1761224106.387:288916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18333 comm="syz.4.4497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f463322b099 code=0x7ffc0000
[  514.121346][   T29] audit: type=1326 audit(1761224106.387:288917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18333 comm="syz.4.4497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f4633285e67 code=0x7ffc0000
[  514.132735][T18339] 9pnet_fd: Insufficient options for proto=fd
[  514.145026][   T29] audit: type=1326 audit(1761224106.387:288918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18333 comm="syz.4.4497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f463322b099 code=0x7ffc0000
[  514.174675][   T29] audit: type=1326 audit(1761224106.387:288919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18333 comm="syz.4.4497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f463328efc9 code=0x7ffc0000
[  514.198338][   T29] audit: type=1326 audit(1761224106.387:288920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18333 comm="syz.4.4497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f463328efc9 code=0x7ffc0000
[  514.222087][   T29] audit: type=1326 audit(1761224106.417:288921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18333 comm="syz.4.4497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f463328efc9 code=0x7ffc0000
[  514.245792][   T29] audit: type=1326 audit(1761224106.417:288922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18333 comm="syz.4.4497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f4633285e67 code=0x7ffc0000
[  514.269352][   T29] audit: type=1326 audit(1761224106.417:288923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18333 comm="syz.4.4497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f463322b099 code=0x7ffc0000
[  514.292933][   T29] audit: type=1326 audit(1761224106.417:288924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18333 comm="syz.4.4497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f4633285e67 code=0x7ffc0000
[  514.547630][T18350] lo speed is unknown, defaulting to 1000
[  514.821516][T18364] loop2: detected capacity change from 0 to 512
[  514.995083][T18356] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9)
[  515.001654][T18356] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  515.009321][T18356] vhci_hcd vhci_hcd.0: Device attached
[  515.051031][T18364] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  515.075145][T18364] ext4 filesystem being mounted at /290/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  515.085819][T18366] vhci_hcd: connection closed
[  515.086767][ T5770] vhci_hcd: stop threads
[  515.095772][ T5770] vhci_hcd: release socket
[  515.100177][ T5770] vhci_hcd: disconnect device
[  515.305230][T18386] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4507'.
[  515.359293][T18388] bridge4: entered promiscuous mode
[  515.364644][T18388] bridge4: entered allmulticast mode
[  515.370856][T18388] team0: Port device bridge4 added
[  515.377531][T18388] bridge0: port 1(team0) entered blocking state
[  515.383855][T18388] bridge0: port 1(team0) entered disabled state
[  515.390202][T18388] team0: entered allmulticast mode
[  515.402496][T18389] loop4: detected capacity change from 0 to 1024
[  515.410612][T18388] team0: left allmulticast mode
[  515.425026][T18389] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  515.501652][T18389] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #11: comm syz.4.4513: iget: bogus i_mode (1)
[  515.534488][T18389] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.4513: couldn't read orphan inode 11 (err -117)
[  515.568544][T18389] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  515.610118][T18389] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  516.059447][T18401] loop4: detected capacity change from 0 to 1024
[  516.523491][T18403] lo speed is unknown, defaulting to 1000
[  516.613911][T13585] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  516.633335][T18406] FAULT_INJECTION: forcing a failure.
[  516.633335][T18406] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  516.646687][T18406] CPU: 1 UID: 0 PID: 18406 Comm: syz.0.4518 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  516.646713][T18406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  516.646723][T18406] Call Trace:
[  516.646728][T18406]  <TASK>
[  516.646735][T18406]  __dump_stack+0x1d/0x30
[  516.646758][T18406]  dump_stack_lvl+0xe8/0x140
[  516.646779][T18406]  dump_stack+0x15/0x1b
[  516.646843][T18406]  should_fail_ex+0x265/0x280
[  516.646874][T18406]  should_fail_alloc_page+0xf2/0x100
[  516.646973][T18406]  __alloc_frozen_pages_noprof+0xff/0x360
[  516.647033][T18406]  alloc_pages_mpol+0xb3/0x260
[  516.647055][T18406]  alloc_pages_noprof+0x90/0x130
[  516.647151][T18406]  __pud_alloc+0x47/0x470
[  516.647181][T18406]  handle_mm_fault+0x1882/0x2be0
[  516.647203][T18406]  ? __rcu_read_unlock+0x4f/0x70
[  516.647226][T18406]  ? mt_find+0x208/0x320
[  516.647322][T18406]  do_user_addr_fault+0x3fe/0x1080
[  516.647422][T18406]  exc_page_fault+0x62/0xa0
[  516.647498][T18406]  asm_exc_page_fault+0x26/0x30
[  516.647514][T18406] RIP: 0010:rep_movs_alternative+0xf/0x90
[  516.647578][T18406] Code: c4 10 c3 cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 3d f9 01 00 66 2e
[  516.647670][T18406] RSP: 0018:ffffc90002ee3e18 EFLAGS: 00050202
[  516.647685][T18406] RAX: ffff888102332ba0 RBX: 0000000000000004 RCX: 0000000000000004
[  516.647763][T18406] RDX: 0000000000000001 RSI: 00002000000004c0 RDI: ffffc90002ee3e54
[  516.647775][T18406] RBP: 0000000000000000 R08: 000000000000041c R09: 0000000000000000
[  516.647788][T18406] R10: 0001c90002ee3e54 R11: 0001c90002ee3e57 R12: 0000000000000000
[  516.647801][T18406] R13: ffff888107274d00 R14: ffffc90002ee3e54 R15: 00002000000004c0
[  516.647863][T18406]  _copy_from_user+0x6f/0xb0
[  516.647884][T18406]  do_sock_getsockopt+0xf1/0x240
[  516.647911][T18406]  __x64_sys_getsockopt+0x11e/0x1a0
[  516.648043][T18406]  x64_sys_call+0x2bca/0x3000
[  516.648075][T18406]  do_syscall_64+0xd2/0x200
[  516.648089][T18406]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  516.648147][T18406]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  516.648171][T18406]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  516.648188][T18406] RIP: 0033:0x7febb1e6efc9
[  516.648243][T18406] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  516.648260][T18406] RSP: 002b:00007febb08d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  516.648305][T18406] RAX: ffffffffffffffda RBX: 00007febb20c5fa0 RCX: 00007febb1e6efc9
[  516.648315][T18406] RDX: 0000000000000066 RSI: 0000000000000088 RDI: 0000000000000003
[  516.648327][T18406] RBP: 00007febb08d7090 R08: 00002000000004c0 R09: 0000000000000000
[  516.648376][T18406] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  516.648387][T18406] R13: 00007febb20c6038 R14: 00007febb20c5fa0 R15: 00007ffda7cbaa88
[  516.648402][T18406]  </TASK>
[  516.935934][T18401] EXT4-fs: Ignoring removed nomblk_io_submit option
[  517.004438][T18401] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  517.036635][T18415] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4522'.
[  517.064151][T18418] netlink: 48 bytes leftover after parsing attributes in process `syz.2.4523'.
[  517.099719][T18415] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4522'.
[  517.108888][T18415] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4522'.
[  517.211853][T18430] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4528'.
[  517.234788][T13374] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  518.278718][T18475] loop4: detected capacity change from 0 to 2048
[  518.300035][T18475] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  518.432421][T18495] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  518.447454][T18495] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1528 with error 28
[  518.459934][T18495] EXT4-fs (loop4): This should not happen!! Data will be lost
[  518.459934][T18495] 
[  518.469588][T18495] EXT4-fs (loop4): Total free blocks count 0
[  518.475590][T18495] EXT4-fs (loop4): Free/Dirty block details
[  518.481499][T18495] EXT4-fs (loop4): free_blocks=2415919104
[  518.487219][T18495] EXT4-fs (loop4): dirty_blocks=1536
[  518.492519][T18495] EXT4-fs (loop4): Block reservation details
[  518.498509][T18495] EXT4-fs (loop4): i_reserved_data_blocks=96
[  518.565270][T18505] netlink: 'syz.1.4549': attribute type 3 has an invalid length.
[  518.629077][ T5812] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  518.742396][ T5812] Bluetooth: hci0: Frame reassembly failed (-84)
[  519.158680][   T29] kauditd_printk_skb: 613 callbacks suppressed
[  519.158693][   T29] audit: type=1326 audit(1761224111.477:289538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18526 comm="syz.5.4559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3a51befc9 code=0x7ffc0000
[  519.200817][   T29] audit: type=1326 audit(1761224111.517:289539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18526 comm="syz.5.4559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd3a51bd810 code=0x7ffc0000
[  519.224660][   T29] audit: type=1326 audit(1761224111.517:289540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18526 comm="syz.5.4559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fd3a51bda7f code=0x7ffc0000
[  519.248197][   T29] audit: type=1326 audit(1761224111.517:289541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18526 comm="syz.5.4559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fd3a51bda7f code=0x7ffc0000
[  519.271964][   T29] audit: type=1326 audit(1761224111.517:289542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18526 comm="syz.5.4559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fd3a51befc9 code=0x7ffc0000
[  519.979128][T18567] tmpfs: Unknown parameter 'g�>;O�e�N��4�[��a�kU����{3��g��7AnUH[�7'
[  519.993019][T18567] loop4: detected capacity change from 0 to 1024
[  519.999680][T18567] EXT4-fs: Ignoring removed orlov option
[  520.007617][T18567] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  520.076045][T18570] netlink: 'syz.4.4575': attribute type 3 has an invalid length.
[  520.199886][   T29] audit: type=1326 audit(1761224112.517:289543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18571 comm="syz.5.4576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3a51befc9 code=0x7ffc0000
[  520.223720][   T29] audit: type=1326 audit(1761224112.517:289544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18571 comm="syz.5.4576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3a51befc9 code=0x7ffc0000
[  520.307130][   T29] audit: type=1326 audit(1761224112.517:289545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18571 comm="syz.5.4576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd3a51befc9 code=0x7ffc0000
[  520.331081][   T29] audit: type=1326 audit(1761224112.517:289546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18571 comm="syz.5.4576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3a51befc9 code=0x7ffc0000
[  520.354936][   T29] audit: type=1326 audit(1761224112.517:289547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18571 comm="syz.5.4576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3a51befc9 code=0x7ffc0000
[  520.495836][T18597] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4587'.
[  520.734902][T18602] lo speed is unknown, defaulting to 1000
[  520.814595][ T3525] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  520.869284][T13374] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  521.283463][T18609] loop4: detected capacity change from 0 to 512
[  521.290403][T18609] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  521.299180][T18609] EXT4-fs (loop4): can't mount with commit=, fs mounted w/o journal
[  521.504417][T18639] netlink: 56 bytes leftover after parsing attributes in process `syz.1.4600'.
[  521.516781][T18639] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4600'.
[  522.057819][T18653] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4607'.
[  522.103729][T18653] bridge4: entered promiscuous mode
[  522.108975][T18653] bridge4: entered allmulticast mode
[  522.121580][T18653] team0: Port device bridge4 added
[  522.261035][T18663] Process accounting resumed
[  522.317508][T18672] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4615'.
[  522.363410][T18675] loop2: detected capacity change from 0 to 512
[  522.377759][T18675] ------------[ cut here ]------------
[  522.383308][T18675] EA inode 11 i_nlink=2
[  522.383552][T18675] WARNING: CPU: 0 PID: 18675 at fs/ext4/xattr.c:1058 ext4_xattr_inode_update_ref+0x36a/0x380
[  522.398000][T18675] Modules linked in:
[  522.401910][T18675] CPU: 0 UID: 0 PID: 18675 Comm: syz.2.4616 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  522.412168][T18675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  522.422240][T18675] RIP: 0010:ext4_xattr_inode_update_ref+0x36a/0x380
[  522.428875][T18675] Code: 90 49 8d 7e 40 e8 c6 fe b8 ff 4d 8b 6e 40 4c 89 e7 e8 da f9 b8 ff 41 8b 56 48 48 c7 c7 4f c6 55 86 4c 89 ee e8 17 fd 67 ff 90 <0f> 0b 90 90 e9 ff fe ff ff e8 98 ca b5 03 0f 1f 84 00 00 00 00 00
[  522.448606][T18675] RSP: 0018:ffffc900051df5a0 EFLAGS: 00010246
[  522.454684][T18675] RAX: a467575859f87200 RBX: ffff88811a87ca58 RCX: 0000000000080000
[  522.462675][T18675] RDX: ffffc900070fa000 RSI: 0000000000003f64 RDI: 0000000000003f65
[  522.470765][T18675] RBP: 0000000000000002 R08: 0001c900051df427 R09: 0000000000000000
[  522.478737][T18675] R10: 00000000ffffffff R11: 0000000000000002 R12: ffff88811a87ca08
[  522.486729][T18675] R13: 000000000000000b R14: ffff88811a87c9c0 R15: 0000000000000001
[  522.494725][T18675] FS:  00007f05f07276c0(0000) GS:ffff8882aee13000(0000) knlGS:0000000000000000
[  522.503712][T18675] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  522.510368][T18675] CR2: 00007f85fbe97dac CR3: 0000000111008000 CR4: 00000000003506f0
[  522.518372][T18675] Call Trace:
[  522.521707][T18675]  <TASK>
[  522.524652][T18675]  ext4_xattr_set_entry+0x77f/0x1020
[  522.530011][T18675]  ext4_xattr_ibody_set+0x184/0x3c0
[  522.535253][T18675]  ext4_expand_extra_isize_ea+0xcbb/0x11f0
[  522.541130][T18675]  __ext4_expand_extra_isize+0x246/0x280
[  522.546766][T18675]  __ext4_mark_inode_dirty+0x29d/0x3f0
[  522.552497][T18675]  ext4_evict_inode+0x80e/0xd90
[  522.557429][T18675]  ? __pfx_ext4_evict_inode+0x10/0x10
[  522.562851][T18675]  evict+0x2e3/0x550
[  522.566740][T18675]  ? __dquot_initialize+0x146/0x7c0
[  522.572058][T18675]  iput+0x4ed/0x650
[  522.575931][T18675]  ext4_process_orphan+0x1a9/0x1c0
[  522.581155][T18675]  ext4_orphan_cleanup+0x6a8/0xa00
[  522.586336][T18675]  ext4_fill_super+0x3483/0x3810
[  522.591422][T18675]  ? snprintf+0x86/0xb0
[  522.595628][T18675]  ? set_blocksize+0x1a8/0x310
[  522.600386][T18675]  ? sb_set_blocksize+0xe3/0x100
[  522.605440][T18675]  ? setup_bdev_super+0x30e/0x370
[  522.610511][T18675]  ? __pfx_ext4_fill_super+0x10/0x10
[  522.615874][T18675]  get_tree_bdev_flags+0x291/0x300
[  522.621093][T18675]  ? __pfx_ext4_fill_super+0x10/0x10
[  522.626377][T18675]  get_tree_bdev+0x1f/0x30
[  522.630897][T18675]  ext4_get_tree+0x1c/0x30
[  522.635383][T18675]  vfs_get_tree+0x57/0x1d0
[  522.639830][T18675]  do_new_mount+0x24d/0x660
[  522.644386][T18675]  path_mount+0x4a5/0xb70
[  522.648732][T18675]  ? user_path_at+0x109/0x130
[  522.653477][T18675]  __se_sys_mount+0x28c/0x2e0
[  522.658159][T18675]  ? do_mkdirat+0x3ac/0x3f0
[  522.662720][T18675]  __x64_sys_mount+0x67/0x80
[  522.667410][T18675]  x64_sys_call+0x2b51/0x3000
[  522.672297][T18675]  do_syscall_64+0xd2/0x200
[  522.676810][T18675]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  522.682994][T18675]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  522.688781][T18675]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  522.694848][T18675] RIP: 0033:0x7f05f1cc076a
[  522.699297][T18675] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  522.719144][T18675] RSP: 002b:00007f05f0726e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  522.727601][T18675] RAX: ffffffffffffffda RBX: 00007f05f0726ef0 RCX: 00007f05f1cc076a
[  522.735689][T18675] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f05f0726eb0
[  522.743742][T18675] RBP: 0000200000000180 R08: 00007f05f0726ef0 R09: 0000000000800700
[  522.751778][T18675] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0
[  522.759752][T18675] R13: 00007f05f0726eb0 R14: 000000000000046f R15: 000000000000002c
[  522.767761][T18675]  </TASK>
[  522.770861][T18675] ---[ end trace 0000000000000000 ]---
[  522.777131][T18675] EXT4-fs error (device loop2): ext4_xattr_inode_iget:441: inode #18: comm syz.2.4616: iget: bad extra_isize 90 (inode size 256)
[  522.790673][T18675] EXT4-fs (loop2): Remounting filesystem read-only
[  522.797339][T18675] EXT4-fs warning (device loop2): ext4_evict_inode:274: xattr delete (err -30)
[  522.806540][T18675] EXT4-fs (loop2): 1 orphan inode deleted
[  522.812965][T18675] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  522.835054][T18675] 9pnet_fd: Insufficient options for proto=fd
[  522.855391][T13585] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  523.065023][T18694] tmpfs: Unknown parameter 'g�>;O�e�N��4�[��a�kU����{3��g��7AnUH[�7'
[  523.098313][T18694] loop2: detected capacity change from 0 to 1024
[  523.110761][T18694] EXT4-fs: Ignoring removed orlov option
[  523.142949][T18694] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  523.593358][T18711] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4627'.
[  523.806478][T13585] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  524.126314][T18730] loop2: detected capacity change from 0 to 512
[  524.134139][T18730] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  524.154555][T18730] EXT4-fs (loop2): can't mount with commit=, fs mounted w/o journal
[  524.162759][   T29] kauditd_printk_skb: 5276 callbacks suppressed
[  524.162771][   T29] audit: type=1326 audit(1761224116.497:294824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18723 comm="syz.5.4634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fd3a51f1885 code=0x7ffc0000
[  524.220537][   T29] audit: type=1326 audit(1761224116.497:294825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18723 comm="syz.5.4634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd3a51b5e67 code=0x7ffc0000
[  524.244222][   T29] audit: type=1326 audit(1761224116.497:294826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18723 comm="syz.5.4634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd3a515b099 code=0x7ffc0000
[  524.267838][   T29] audit: type=1326 audit(1761224116.497:294827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18723 comm="syz.5.4634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7fd3a51befc9 code=0x7ffc0000
[  524.291520][   T29] audit: type=1326 audit(1761224116.497:294828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18723 comm="syz.5.4634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd3a51b5e67 code=0x7ffc0000
[  524.315098][   T29] audit: type=1326 audit(1761224116.497:294829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18723 comm="syz.5.4634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd3a515b099 code=0x7ffc0000
[  524.338702][   T29] audit: type=1326 audit(1761224116.497:294830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18723 comm="syz.5.4634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7fd3a51befc9 code=0x7ffc0000
[  524.362402][   T29] audit: type=1326 audit(1761224116.497:294831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18723 comm="syz.5.4634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd3a51b5e67 code=0x7ffc0000
[  524.386045][   T29] audit: type=1326 audit(1761224116.497:294832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18723 comm="syz.5.4634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd3a515b099 code=0x7ffc0000
[  524.409641][   T29] audit: type=1326 audit(1761224116.497:294833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18723 comm="syz.5.4634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7fd3a51befc9 code=0x7ffc0000
[  524.476351][T18732] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4636'.
[  524.526688][T18736] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4637'.
[  524.608469][T18736] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4637'.
[  524.618615][T18736] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4637'.
[  524.853996][T18761] loop2: detected capacity change from 0 to 512
[  524.893470][T18761] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  524.966291][T18761] ext4 filesystem being mounted at /313/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  525.472500][T18789] bridge5: entered promiscuous mode
[  525.478100][T18789] bridge5: entered allmulticast mode
[  525.521361][T18789] team0: Port device bridge5 added
[  525.530192][T18792] bridge0: port 1(team0) entered blocking state
[  525.536591][T18792] bridge0: port 1(team0) entered disabled state
[  525.552693][T18792] team0: entered allmulticast mode
[  525.558418][T18792] team0: left allmulticast mode
[  526.329564][T18808] __nla_validate_parse: 2 callbacks suppressed
[  526.329578][T18808] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4661'.
[  527.028950][T18824] tmpfs: Unknown parameter 'g�>;O�e�N��4�[��a�kU����{3��g��7AnUH[�7'
[  527.561753][T18836] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4672'.
[  527.602277][T18836] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4672'.
[  527.643216][T18836] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4672'.
[  527.690755][T18836] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4672'.
[  527.702876][T13585] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  527.756609][T18847] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4675'.
[  527.861829][T18854] batadv_slave_1: entered promiscuous mode
[  527.869294][T18854] batadv_slave_0: entered promiscuous mode
[  527.892617][T18854] netlink: 'syz.4.4678': attribute type 6 has an invalid length.
[  527.922230][T18854] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18854 comm=syz.4.4678
[  528.022743][T18870] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4686'.
[  528.051921][T18875] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4687'.
[  528.188883][T18884] tmpfs: Unknown parameter 'g�>;O�e�N��4�[��a�kU����{3��g��7AnUH[�7'
[  528.473815][T18888] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4690'.
[  528.505227][T18888] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4690'.
[  528.777401][T18916] loop2: detected capacity change from 0 to 128
[  528.801393][T18916] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  528.825943][T18916] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  528.913810][T18929] netlink: 'syz.1.4700': attribute type 3 has an invalid length.
[  529.435658][T18951] team0: left allmulticast mode
[  529.440991][T18951] team_slave_0: left allmulticast mode
[  529.446950][T18951] team0: left promiscuous mode
[  529.452219][T18951] team_slave_0: left promiscuous mode
[  529.462619][T18951] bridge0: port 3(team0) entered disabled state
[  529.551401][T18951] bond0: (slave dummy0): Releasing backup interface
[  529.602719][T18951] bridge_slave_0: left allmulticast mode
[  529.608690][T18951] bridge_slave_0: left promiscuous mode
[  529.615541][T18951] bridge0: port 1(bridge_slave_0) entered disabled state
[  529.633573][T18951] bridge_slave_1: left allmulticast mode
[  529.639593][T18951] bridge_slave_1: left promiscuous mode
[  529.647284][T18951] bridge0: port 2(bridge_slave_1) entered disabled state
[  529.675851][   T29] kauditd_printk_skb: 10161 callbacks suppressed
[  529.675864][   T29] audit: type=1326 audit(1761224121.997:304995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18959 comm="syz.1.4713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85fbc3efc9 code=0x7ffc0000
[  529.719215][   T29] audit: type=1326 audit(1761224121.997:304996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18959 comm="syz.1.4713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85fbc3efc9 code=0x7ffc0000
[  529.743002][   T29] audit: type=1326 audit(1761224121.997:304997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18959 comm="syz.1.4713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85fbc3efc9 code=0x7ffc0000
[  529.766701][   T29] audit: type=1326 audit(1761224121.997:304998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18959 comm="syz.1.4713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f85fbc3efc9 code=0x7ffc0000
[  529.790402][   T29] audit: type=1326 audit(1761224121.997:304999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18959 comm="syz.1.4713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85fbc3efc9 code=0x7ffc0000
[  529.792091][T18951] bond0: (slave bond_slave_0): Releasing backup interface
[  529.814271][   T29] audit: type=1326 audit(1761224121.997:305000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18959 comm="syz.1.4713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85fbc3efc9 code=0x7ffc0000
[  529.814336][   T29] audit: type=1326 audit(1761224121.997:305001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18959 comm="syz.1.4713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85fbc3efc9 code=0x7ffc0000
[  529.814361][   T29] audit: type=1326 audit(1761224121.997:305002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18959 comm="syz.1.4713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f85fbc3efc9 code=0x7ffc0000
[  529.814387][   T29] audit: type=1326 audit(1761224121.997:305003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18959 comm="syz.1.4713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85fbc3efc9 code=0x7ffc0000
[  529.814466][   T29] audit: type=1326 audit(1761224121.997:305004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18959 comm="syz.1.4713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85fbc3efc9 code=0x7ffc0000
[  529.985455][T18951] bond0: (slave bond_slave_1): Releasing backup interface
[  530.055667][T18951] team0: Port device team_slave_0 removed
[  530.096226][T18951] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check.
[  530.714427][T19015] FAULT_INJECTION: forcing a failure.
[  530.714427][T19015] name failslab, interval 1, probability 0, space 0, times 0
[  530.727139][T19015] CPU: 0 UID: 0 PID: 19015 Comm: syz.2.4731 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  530.727168][T19015] Tainted: [W]=WARN
[  530.727175][T19015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  530.727253][T19015] Call Trace:
[  530.727261][T19015]  <TASK>
[  530.727271][T19015]  __dump_stack+0x1d/0x30
[  530.727294][T19015]  dump_stack_lvl+0xe8/0x140
[  530.727312][T19015]  dump_stack+0x15/0x1b
[  530.727327][T19015]  should_fail_ex+0x265/0x280
[  530.727407][T19015]  should_failslab+0x8c/0xb0
[  530.727429][T19015]  kmem_cache_alloc_noprof+0x50/0x480
[  530.727502][T19015]  ? audit_log_start+0x342/0x720
[  530.727523][T19015]  ? putname+0xda/0x100
[  530.727550][T19015]  audit_log_start+0x342/0x720
[  530.727632][T19015]  ? kmem_cache_free+0xe4/0x3d0
[  530.727659][T19015]  ? should_fail_ex+0xdb/0x280
[  530.727688][T19015]  audit_seccomp+0x48/0x100
[  530.727712][T19015]  ? __seccomp_filter+0x82d/0x1250
[  530.727781][T19015]  __seccomp_filter+0x83e/0x1250
[  530.727853][T19015]  __secure_computing+0x82/0x150
[  530.727987][T19015]  syscall_trace_enter+0xcf/0x1e0
[  530.728011][T19015]  do_syscall_64+0xac/0x200
[  530.728029][T19015]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  530.728053][T19015]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  530.728147][T19015]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  530.728168][T19015] RIP: 0033:0x7f05f1cbd9dc
[  530.728183][T19015] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  530.728267][T19015] RSP: 002b:00007f05f0727030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  530.728284][T19015] RAX: ffffffffffffffda RBX: 00007f05f1f15fa0 RCX: 00007f05f1cbd9dc
[  530.728294][T19015] RDX: 000000000000000f RSI: 00007f05f07270a0 RDI: 0000000000000005
[  530.728305][T19015] RBP: 00007f05f0727090 R08: 0000000000000000 R09: 0000000000000000
[  530.728315][T19015] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  530.728325][T19015] R13: 00007f05f1f16038 R14: 00007f05f1f15fa0 R15: 00007fff023ab0c8
[  530.728376][T19015]  </TASK>
[  531.048774][T19029] loop2: detected capacity change from 0 to 512
[  531.083787][T19029] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  531.105626][T19029] ext4 filesystem being mounted at /334/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  531.387930][T19049] tmpfs: Unknown parameter 'g�>;O�e�N��4�[��a�kU����{3��g��7AnUH[�7'
[  531.585676][T19054] __nla_validate_parse: 9 callbacks suppressed
[  531.585690][T19054] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4737'.
[  531.692377][T19054] bridge6: entered promiscuous mode
[  531.697703][T19054] bridge6: entered allmulticast mode
[  531.730372][T19054] team0: Port device bridge6 added
[  531.764072][T19055] bridge0: port 1(team0) entered blocking state
[  531.770375][T19055] bridge0: port 1(team0) entered disabled state
[  531.793350][T19055] team0: entered allmulticast mode
[  531.817386][T19055] team0: left allmulticast mode
[  532.020666][T19062] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4745'.
[  532.210657][T19078] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4750'.
[  532.625636][T19093] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4759'.
[  532.985601][T19126] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4771'.
[  533.581135][T19159] lo speed is unknown, defaulting to 1000
[  533.950740][T19165] tmpfs: Unknown parameter 'g�>;O�e�N��4�[��a�kU����{3��g��7AnUH[�7'
[  534.024206][T19168] netlink: 'syz.0.4784': attribute type 3 has an invalid length.
[  534.153593][T19173] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4787'.
[  534.198843][T19179] loop4: detected capacity change from 0 to 1024
[  534.221728][T19179] EXT4-fs: Ignoring removed nomblk_io_submit option
[  534.273587][T19179] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  534.327083][T13374] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  534.378770][T19192] loop4: detected capacity change from 0 to 2048
[  534.450875][T19192]  loop4: p1 < > p4
[  534.461019][T19192] loop4: p4 size 722688 extends beyond EOD, truncated
[  535.070992][T13585] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  535.193594][   T29] kauditd_printk_skb: 10621 callbacks suppressed
[  535.193643][   T29] audit: type=1400 audit(1761224127.517:315624): avc:  denied  { getopt } for  pid=19225 comm="syz.4.4806" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  535.448335][   T29] audit: type=1326 audit(1761224127.757:315625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19240 comm="syz.1.4813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85fbc3efc9 code=0x7ffc0000
[  535.472050][   T29] audit: type=1326 audit(1761224127.757:315626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19240 comm="syz.1.4813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85fbc3efc9 code=0x7ffc0000
[  535.495729][   T29] audit: type=1326 audit(1761224127.757:315627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19240 comm="syz.1.4813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f85fbc3d810 code=0x7ffc0000
[  535.519459][   T29] audit: type=1326 audit(1761224127.757:315628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19240 comm="syz.1.4813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85fbc3efc9 code=0x7ffc0000
[  535.539150][T19250] tmpfs: Unknown parameter 'g�>;O�e�N��4�[��a�kU����{3��g��7AnUH[�7'
[  535.543122][   T29] audit: type=1326 audit(1761224127.757:315629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19240 comm="syz.1.4813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85fbc3efc9 code=0x7ffc0000
[  535.543148][   T29] audit: type=1326 audit(1761224127.757:315630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19240 comm="syz.1.4813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f85fbc3efc9 code=0x7ffc0000
[  535.599590][   T29] audit: type=1326 audit(1761224127.757:315631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19240 comm="syz.1.4813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f85fbc3f003 code=0x7ffc0000
[  535.623249][   T29] audit: type=1326 audit(1761224127.807:315632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19240 comm="syz.1.4813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f85fbc3da7f code=0x7ffc0000
[  535.646754][   T29] audit: type=1326 audit(1761224127.817:315633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19240 comm="syz.1.4813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f85fbc3f057 code=0x7ffc0000
[  535.681794][T19248] loop4: detected capacity change from 0 to 1024
[  535.688421][T19248] EXT4-fs: Ignoring removed orlov option
[  535.697486][T19248] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  535.787795][T19250] netlink: 'syz.4.4810': attribute type 3 has an invalid length.
[  536.084435][T19274] lo speed is unknown, defaulting to 1000
[  536.324657][T13374] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  536.490046][T19282] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4827'.
[  536.758500][T19313] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4839'.
[  536.806859][T19325] tmpfs: Unknown parameter 'g�>;O�e�N��4�[��a�kU����{3��g��7AnUH[�7'
[  536.827559][T19325] loop4: detected capacity change from 0 to 1024
[  536.845549][T19325] EXT4-fs: Ignoring removed orlov option
[  536.864157][T19325] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  536.881243][T19331] netem: incorrect gi model size
[  536.886194][T19331] netem: change failed
[  536.899549][T19331] xt_hashlimit: max too large, truncated to 1048576
[  536.935349][T19331] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  536.963464][T19339] netlink: 'syz.4.4836': attribute type 3 has an invalid length.
[  537.032925][T19345] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4853'.
[  537.122750][T19345] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4853'.
[  537.131503][T19354] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4856'.
[  537.132269][T19345] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4853'.
[  537.167421][T19358] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4858'.
[  537.199155][T19358] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4858'.
[  537.200901][T19362] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4859'.
[  537.208580][T19358] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4858'.
[  537.303056][T19366] netlink: 'syz.0.4861': attribute type 39 has an invalid length.
[  537.460317][T19382] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4868'.
[  537.552951][T13374] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  537.679013][T19394] tmpfs: Unknown parameter 'g�>;O�e�N��4�[��a�kU����{3��g��7AnUH[�7'
[  537.735700][T19394] loop4: detected capacity change from 0 to 1024
[  537.762294][T19394] EXT4-fs: Ignoring removed orlov option
[  537.778959][T19394] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  538.429183][T13374] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  538.468609][T19432] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  538.602837][T19449] loop4: detected capacity change from 0 to 2048
[  538.621216][T19449]  loop4: p1 < > p4
[  538.628684][T19449] loop4: p4 size 722688 extends beyond EOD, truncated
[  538.687955][T19467] random: crng reseeded on system resumption
[  539.128650][T19513] loop4: detected capacity change from 0 to 512
[  539.140734][T19513] EXT4-fs: Ignoring removed orlov option
[  539.157074][T19513] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.4919: inode has both inline data and extents flags
[  539.171020][T19513] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.4919: couldn't read orphan inode 15 (err -117)
[  539.183728][T19513] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  539.269890][T19513] lo speed is unknown, defaulting to 1000
[  539.335448][T13374] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  539.450237][    T9] Process accounting resumed
[  539.711047][T19544] FAULT_INJECTION: forcing a failure.
[  539.711047][T19544] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  539.724244][T19544] CPU: 1 UID: 0 PID: 19544 Comm: syz.2.4931 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  539.724304][T19544] Tainted: [W]=WARN
[  539.724311][T19544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  539.724332][T19544] Call Trace:
[  539.724338][T19544]  <TASK>
[  539.724346][T19544]  __dump_stack+0x1d/0x30
[  539.724370][T19544]  dump_stack_lvl+0xe8/0x140
[  539.724390][T19544]  dump_stack+0x15/0x1b
[  539.724444][T19544]  should_fail_ex+0x265/0x280
[  539.724526][T19544]  should_fail+0xb/0x20
[  539.724541][T19544]  should_fail_usercopy+0x1a/0x20
[  539.724561][T19544]  _copy_from_user+0x1c/0xb0
[  539.724584][T19544]  bpf_test_init+0xb9/0x140
[  539.724608][T19544]  bpf_prog_test_run_xdp+0x305/0x970
[  539.724632][T19544]  ? kstrtouint+0x1/0xc0
[  539.724655][T19544]  ? __rcu_read_unlock+0x4f/0x70
[  539.724760][T19544]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  539.724866][T19544]  bpf_prog_test_run+0x22a/0x390
[  539.724965][T19544]  __sys_bpf+0x4c0/0x7c0
[  539.724990][T19544]  __x64_sys_bpf+0x41/0x50
[  539.725018][T19544]  x64_sys_call+0x2aee/0x3000
[  539.725136][T19544]  do_syscall_64+0xd2/0x200
[  539.725163][T19544]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  539.725189][T19544]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  539.725286][T19544]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  539.725306][T19544] RIP: 0033:0x7f05f1cbefc9
[  539.725319][T19544] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  539.725404][T19544] RSP: 002b:00007f05f0727038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  539.725472][T19544] RAX: ffffffffffffffda RBX: 00007f05f1f15fa0 RCX: 00007f05f1cbefc9
[  539.725485][T19544] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[  539.725498][T19544] RBP: 00007f05f0727090 R08: 0000000000000000 R09: 0000000000000000
[  539.725574][T19544] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  539.725585][T19544] R13: 00007f05f1f16038 R14: 00007f05f1f15fa0 R15: 00007fff023ab0c8
[  539.725601][T19544]  </TASK>
[  540.052887][T19561] tmpfs: Unknown parameter 'g�>;O�e�N��4�[��a�kU����{3��g��7AnUH[�7'
[  540.077292][T19561] loop4: detected capacity change from 0 to 1024
[  540.119077][T19561] EXT4-fs: Ignoring removed orlov option
[  540.146605][T19574] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  540.176088][T19561] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  540.253464][   T29] kauditd_printk_skb: 14123 callbacks suppressed
[  540.253479][   T29] audit: type=1326 audit(1761224132.577:329757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19580 comm="syz.1.4944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85fbc3efc9 code=0x7ffc0000
[  540.288310][T19582] netlink: 'syz.4.4934': attribute type 3 has an invalid length.
[  540.314862][   T29] audit: type=1326 audit(1761224132.577:329758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19580 comm="syz.1.4944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85fbc3efc9 code=0x7ffc0000
[  540.338675][   T29] audit: type=1326 audit(1761224132.577:329759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19580 comm="syz.1.4944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85fbc3efc9 code=0x7ffc0000
[  540.362330][   T29] audit: type=1326 audit(1761224132.577:329760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19580 comm="syz.1.4944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f85fbc3efc9 code=0x7ffc0000
[  540.386270][   T29] audit: type=1326 audit(1761224132.577:329761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19580 comm="syz.1.4944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85fbc3efc9 code=0x7ffc0000
[  540.410067][   T29] audit: type=1326 audit(1761224132.577:329762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19580 comm="syz.1.4944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85fbc3efc9 code=0x7ffc0000
[  540.433956][   T29] audit: type=1326 audit(1761224132.577:329763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19580 comm="syz.1.4944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85fbc3efc9 code=0x7ffc0000
[  540.457626][   T29] audit: type=1326 audit(1761224132.577:329764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19580 comm="syz.1.4944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f85fbc3efc9 code=0x7ffc0000
[  540.481298][   T29] audit: type=1326 audit(1761224132.577:329765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19580 comm="syz.1.4944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85fbc3efc9 code=0x7ffc0000
[  540.504992][   T29] audit: type=1326 audit(1761224132.577:329766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19580 comm="syz.1.4944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85fbc3efc9 code=0x7ffc0000
[  540.773668][T19593] tmpfs: Unknown parameter 'g�>;O�e�N��4�[��a�kU����{3��g��7AnUH[�7'
[  540.798170][T13374] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  541.139951][T19616] loop4: detected capacity change from 0 to 1024
[  541.173355][T19616] EXT4-fs: Ignoring removed nomblk_io_submit option
[  541.214219][T19616] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  541.289104][T13374] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  541.344959][T19617] loop2: detected capacity change from 0 to 4096
[  541.351687][T19617] EXT4-fs: Ignoring removed i_version option
[  541.357837][T19617] EXT4-fs: Ignoring removed nomblk_io_submit option
[  541.368875][T19617] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  541.655863][T19650] loop4: detected capacity change from 0 to 1024
[  541.667102][T19650] EXT4-fs: Ignoring removed nomblk_io_submit option
[  541.691613][T19650] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  541.787599][T13374] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  541.848987][T13585] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  541.875086][T19667] __nla_validate_parse: 7 callbacks suppressed
[  541.875112][T19667] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4976'.
[  541.898426][T19669] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4973'.
[  542.657684][T19716] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  543.160081][T19753] loop2: detected capacity change from 0 to 1024
[  543.191184][T19753] EXT4-fs: Ignoring removed orlov option
[  543.202932][T19753] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  543.607852][T19769] FAULT_INJECTION: forcing a failure.
[  543.607852][T19769] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  543.621046][T19769] CPU: 1 UID: 0 PID: 19769 Comm: syz.0.5014 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  543.621201][T19769] Tainted: [W]=WARN
[  543.621207][T19769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  543.621216][T19769] Call Trace:
[  543.621222][T19769]  <TASK>
[  543.621228][T19769]  __dump_stack+0x1d/0x30
[  543.621246][T19769]  dump_stack_lvl+0xe8/0x140
[  543.621262][T19769]  dump_stack+0x15/0x1b
[  543.621276][T19769]  should_fail_ex+0x265/0x280
[  543.621310][T19769]  should_fail+0xb/0x20
[  543.621322][T19769]  should_fail_usercopy+0x1a/0x20
[  543.621338][T19769]  _copy_to_user+0x20/0xa0
[  543.621357][T19769]  simple_read_from_buffer+0xb5/0x130
[  543.621408][T19769]  proc_fail_nth_read+0x10e/0x150
[  543.621431][T19769]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  543.621452][T19769]  vfs_read+0x1a8/0x770
[  543.621470][T19769]  ? __rcu_read_unlock+0x4f/0x70
[  543.621510][T19769]  ? __fget_files+0x184/0x1c0
[  543.621532][T19769]  ksys_read+0xda/0x1a0
[  543.621550][T19769]  __x64_sys_read+0x40/0x50
[  543.621568][T19769]  x64_sys_call+0x27c0/0x3000
[  543.621645][T19769]  do_syscall_64+0xd2/0x200
[  543.621660][T19769]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  543.621680][T19769]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  543.621752][T19769]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  543.621768][T19769] RIP: 0033:0x7febb1e6d9dc
[  543.621786][T19769] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  543.621855][T19769] RSP: 002b:00007febb08d7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  543.621871][T19769] RAX: ffffffffffffffda RBX: 00007febb20c5fa0 RCX: 00007febb1e6d9dc
[  543.621959][T19769] RDX: 000000000000000f RSI: 00007febb08d70a0 RDI: 0000000000000008
[  543.621971][T19769] RBP: 00007febb08d7090 R08: 0000000000000000 R09: 0000000000000000
[  543.621981][T19769] R10: 0000200000000580 R11: 0000000000000246 R12: 0000000000000001
[  543.621991][T19769] R13: 00007febb20c6038 R14: 00007febb20c5fa0 R15: 00007ffda7cbaa88
[  543.622005][T19769]  </TASK>
[  543.861616][T19772] netlink: 'syz.0.5015': attribute type 1 has an invalid length.
[  543.869451][T19772] netlink: 224 bytes leftover after parsing attributes in process `syz.0.5015'.
[  543.896537][T13585] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  543.972875][T19778] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5018'.
[  543.987385][T19792] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5020'.
[  544.017241][T19794] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5022'.
[  544.581357][T19820] loop4: detected capacity change from 0 to 8192
[  544.943213][T19833] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5034'.
[  544.994955][T19843] loop4: detected capacity change from 0 to 1024
[  545.010829][T19843] EXT4-fs: Ignoring removed nobh option
[  545.016463][T19843] EXT4-fs: Ignoring removed bh option
[  545.078021][T19843] EXT4-fs (loop4): stripe (8) is not aligned with cluster size (16), stripe is disabled
[  545.094304][T19851] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5041'.
[  545.143619][T19843] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  545.156118][T19849] loop2: detected capacity change from 0 to 512
[  545.163471][T19849] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  545.190630][T19849] EXT4-fs (loop2): 1 truncate cleaned up
[  545.196640][T19849] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  545.225368][T13585] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  545.257589][T13374] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  545.295325][T19868] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5048'.
[  545.322462][   T29] kauditd_printk_skb: 8745 callbacks suppressed
[  545.322475][   T29] audit: type=1326 audit(1761224138.655:338512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19877 comm="syz.4.5049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f463328efc9 code=0x7ffc0000
[  545.356926][   T29] audit: type=1326 audit(1761224138.685:338513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19877 comm="syz.4.5049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f463328efc9 code=0x7ffc0000
[  545.380671][   T29] audit: type=1326 audit(1761224138.685:338514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19877 comm="syz.4.5049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f463328efc9 code=0x7ffc0000
[  545.404517][   T29] audit: type=1326 audit(1761224138.685:338515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19877 comm="syz.4.5049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f463328efc9 code=0x7ffc0000
[  545.428239][   T29] audit: type=1326 audit(1761224138.685:338516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19877 comm="syz.4.5049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f463328efc9 code=0x7ffc0000
[  545.435095][T19883] loop2: detected capacity change from 0 to 2048
[  545.451897][   T29] audit: type=1326 audit(1761224138.685:338517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19877 comm="syz.4.5049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f463328efc9 code=0x7ffc0000
[  545.481974][   T29] audit: type=1326 audit(1761224138.685:338518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19877 comm="syz.4.5049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f463328efc9 code=0x7ffc0000
[  545.505996][   T29] audit: type=1326 audit(1761224138.685:338519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19877 comm="syz.4.5049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f463328efc9 code=0x7ffc0000
[  545.529685][   T29] audit: type=1326 audit(1761224138.685:338520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19877 comm="syz.4.5049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f463328efc9 code=0x7ffc0000
[  545.553276][   T29] audit: type=1326 audit(1761224138.685:338521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19877 comm="syz.4.5049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f463328efc9 code=0x7ffc0000
[  545.591674][T19893] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5054'.
[  545.601380][T19883]  loop2: p1 < > p4
[  545.605640][T19883] loop2: p4 size 722688 extends beyond EOD, truncated
[  545.764008][T19905] tmpfs: Unknown parameter 'g�>;O�e�N��4�[��a�kU����{3��g��7AnUH[�7'
[  546.177093][T19932] loop2: detected capacity change from 0 to 2048
[  546.191930][T19934] netlink: 'syz.5.5070': attribute type 29 has an invalid length.
[  546.239184][T19932]  loop2: p1 < > p4
[  546.246142][T19932] loop2: p4 size 722688 extends beyond EOD, truncated
[  546.927552][T19963] loop2: detected capacity change from 0 to 4096
[  546.934412][T19963] EXT4-fs: Ignoring removed i_version option
[  546.940472][T19963] EXT4-fs: Ignoring removed nomblk_io_submit option
[  546.950561][T19963] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  547.148694][T19982] can: request_module (can-proto-0) failed.
[  547.158485][T19984] tmpfs: Unknown parameter 'g�>;O�e�N��4�[��a�kU����{3��g��7AnUH[�7'
[  547.174917][T19984] loop4: detected capacity change from 0 to 1024
[  547.181658][T19984] EXT4-fs: Ignoring removed orlov option
[  547.189682][T19984] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  547.218392][T13585] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  547.285394][T19995] netlink: 'syz.4.5083': attribute type 3 has an invalid length.
[  547.398191][T20004] netlink: 'syz.1.5094': attribute type 1 has an invalid length.
[  547.410921][T20004] bond1: entered promiscuous mode
[  547.416119][T20004] 8021q: adding VLAN 0 to HW filter on device bond1
[  547.872394][T20035] __nla_validate_parse: 2 callbacks suppressed
[  547.872407][T20035] netlink: 388 bytes leftover after parsing attributes in process `syz.5.5105'.
[  547.910234][T13374] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  547.920788][T20035] pim6reg: entered allmulticast mode
[  547.927025][T20035] pim6reg: left allmulticast mode
[  548.428554][T20061] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  548.495981][T20070] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5120'.
[  548.523434][T20070] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5120'.
[  548.532743][T20070] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5120'.
[  548.620892][T20083] netlink: 'syz.1.5117': attribute type 3 has an invalid length.
[  548.692913][T20088] netlink: 48 bytes leftover after parsing attributes in process `syz.0.5125'.
[  548.734734][T20085] loop2: detected capacity change from 0 to 512
[  548.741721][T20085] EXT4-fs: Ignoring removed nobh option
[  548.879411][T20085] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #3: comm syz.2.5123: corrupted inode contents
[  548.915812][T20085] EXT4-fs error (device loop2): ext4_dirty_inode:6517: inode #3: comm syz.2.5123: mark_inode_dirty error
[  548.929208][T20085] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #3: comm syz.2.5123: corrupted inode contents
[  548.951715][T20085] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #3: comm syz.2.5123: mark_inode_dirty error
[  549.006181][T20085] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.5123: Failed to acquire dquot type 0
[  549.058509][T20085] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.5123: corrupted inode contents
[  549.123339][T20085] EXT4-fs error (device loop2): ext4_dirty_inode:6517: inode #16: comm syz.2.5123: mark_inode_dirty error
[  549.318145][T20085] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.5123: corrupted inode contents
[  549.518842][T20085] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #16: comm syz.2.5123: mark_inode_dirty error
[  549.598568][T20085] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.5123: corrupted inode contents
[  549.624384][T20085] EXT4-fs error (device loop2) in ext4_orphan_del:301: Corrupt filesystem
[  549.652602][T20085] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.5123: corrupted inode contents
[  549.693078][T20085] EXT4-fs error (device loop2): ext4_truncate:4637: inode #16: comm syz.2.5123: mark_inode_dirty error
[  549.719319][T20085] EXT4-fs error (device loop2) in ext4_process_orphan:343: Corrupt filesystem
[  549.755232][T20085] EXT4-fs (loop2): 1 truncate cleaned up
[  549.769278][T20085] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  549.789492][T20085] ext4 filesystem being mounted at /395/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  549.817792][T20085] netlink: 56 bytes leftover after parsing attributes in process `syz.2.5123'.
[  549.834928][T20085] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5123'.
[  549.967084][T13585] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  550.316673][T20149] loop4: detected capacity change from 0 to 4096
[  550.330196][T20149] EXT4-fs: Ignoring removed i_version option
[  550.336313][   T29] kauditd_printk_skb: 13492 callbacks suppressed
[  550.336327][T20149] EXT4-fs: Ignoring removed nomblk_io_submit option
[  550.336337][   T29] audit: type=1326 audit(1761224143.655:352012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20133 comm="syz.1.5140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f85fbc3efc9 code=0x7ffc0000
[  550.336468][   T29] audit: type=1326 audit(1761224143.665:352013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20133 comm="syz.1.5140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f85fbc35e67 code=0x7ffc0000
[  550.398003][T20149] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  550.403818][   T29] audit: type=1326 audit(1761224143.725:352014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20133 comm="syz.1.5140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f85fbc71885 code=0x7ffc0000
[  550.434345][   T29] audit: type=1326 audit(1761224143.725:352015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20133 comm="syz.1.5140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f85fbbdb099 code=0x7ffc0000
[  550.458004][   T29] audit: type=1326 audit(1761224143.725:352016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20133 comm="syz.1.5140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f85fbc3efc9 code=0x7ffc0000
[  550.481751][   T29] audit: type=1326 audit(1761224143.725:352017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20133 comm="syz.1.5140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f85fbc35e67 code=0x7ffc0000
[  550.505436][   T29] audit: type=1326 audit(1761224143.725:352018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20133 comm="syz.1.5140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f85fbbdb099 code=0x7ffc0000
[  550.529080][   T29] audit: type=1326 audit(1761224143.725:352019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20133 comm="syz.1.5140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f85fbc3efc9 code=0x7ffc0000
[  550.552957][   T29] audit: type=1326 audit(1761224143.725:352020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20133 comm="syz.1.5140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f85fbc35e67 code=0x7ffc0000
[  550.576571][   T29] audit: type=1326 audit(1761224143.725:352021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20133 comm="syz.1.5140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f85fbbdb099 code=0x7ffc0000
[  550.762424][T20169] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=20169 comm=syz.5.5152
[  550.787074][T20169] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5152'.
[  550.796170][T20169] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5152'.
[  550.836221][T13374] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  550.856200][T20177] netlink: 48 bytes leftover after parsing attributes in process `syz.1.5156'.
[  551.027991][T20206] tmpfs: Unknown parameter 'g�>;O�e�N��4�[��a�kU����{3��g��7AnUH[�7'
[  551.076838][T20206] loop4: detected capacity change from 0 to 1024
[  551.101242][T20206] EXT4-fs: Ignoring removed orlov option
[  551.130320][T20206] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  551.754328][T20226] pim6reg1: entered promiscuous mode
[  551.759649][T20226] pim6reg1: entered allmulticast mode
[  551.792587][T13374] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  552.038515][T20262] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  552.093645][T20262] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  552.118980][T20266] tmpfs: Unknown parameter 'g�>;O�e�N��4�[��a�kU����{3��g��7AnUH[�7'
[  552.134312][T20266] loop4: detected capacity change from 0 to 1024
[  552.141256][T20266] EXT4-fs: Ignoring removed orlov option
[  552.228236][T20265] lo speed is unknown, defaulting to 1000
[  552.242426][T20266] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  552.271717][T20262] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  552.382713][T20262] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  552.460284][ T5803] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  552.477396][ T5807] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  552.511461][ T5811] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  552.528068][ T5803] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  552.578330][T20278] FAULT_INJECTION: forcing a failure.
[  552.578330][T20278] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  552.591451][T20278] CPU: 1 UID: 0 PID: 20278 Comm: syz.0.5193 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  552.591522][T20278] Tainted: [W]=WARN
[  552.591527][T20278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  552.591537][T20278] Call Trace:
[  552.591583][T20278]  <TASK>
[  552.591590][T20278]  __dump_stack+0x1d/0x30
[  552.591630][T20278]  dump_stack_lvl+0xe8/0x140
[  552.591717][T20278]  dump_stack+0x15/0x1b
[  552.591735][T20278]  should_fail_ex+0x265/0x280
[  552.591782][T20278]  should_fail+0xb/0x20
[  552.591798][T20278]  should_fail_usercopy+0x1a/0x20
[  552.591819][T20278]  _copy_from_user+0x1c/0xb0
[  552.591839][T20278]  restore_altstack+0x4b/0x2d0
[  552.591940][T20278]  ? __set_task_blocked+0x23a/0x2a0
[  552.591962][T20278]  __ia32_sys_rt_sigreturn+0xdc/0x350
[  552.591982][T20278]  ? _raw_spin_unlock_irq+0x26/0x50
[  552.592072][T20278]  ? signal_setup_done+0x266/0x290
[  552.592144][T20278]  ? xfd_validate_state+0x45/0xf0
[  552.592159][T20278]  ? fpu__clear_user_states+0x63/0x1e0
[  552.592238][T20278]  ? fpregs_mark_activate+0x66/0x140
[  552.592258][T20278]  ? fpu__clear_user_states+0x63/0x1e0
[  552.592314][T20278]  ? arch_do_signal_or_restart+0x2b5/0x440
[  552.592332][T20278]  ? __rcu_read_unlock+0x4f/0x70
[  552.592353][T20278]  x64_sys_call+0x2d4b/0x3000
[  552.592369][T20278]  do_syscall_64+0xd2/0x200
[  552.592463][T20278]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  552.592483][T20278]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  552.592504][T20278]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  552.592520][T20278] RIP: 0033:0x7febb1e0b099
[  552.592533][T20278] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
[  552.592609][T20278] RSP: 002b:00007febb08d6a80 EFLAGS: 00000202 ORIG_RAX: 000000000000000f
[  552.592624][T20278] RAX: ffffffffffffffda RBX: 00007febb20c5fa0 RCX: 00007febb1e0b099
[  552.592634][T20278] RDX: 00007febb08d6a80 RSI: 00007febb08d6bb0 RDI: 0000000000000021
[  552.592644][T20278] RBP: 00007febb08d7090 R08: 0000000000000001 R09: 0000000000000000
[  552.592653][T20278] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001
[  552.592691][T20278] R13: 00007febb20c6038 R14: 00007febb20c5fa0 R15: 00007ffda7cbaa88
[  552.592706][T20278]  </TASK>
[  552.877936][T13374] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  553.031402][T20292] loop4: detected capacity change from 0 to 1024
[  553.038070][T20292] EXT4-fs: Ignoring removed orlov option
[  553.063360][T20292] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  553.561883][T20302] netlink: 60 bytes leftover after parsing attributes in process `syz.1.5201'.
[  553.576726][T20312] netlink: 48 bytes leftover after parsing attributes in process `syz.5.5204'.
[  553.594840][T20308] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5205'.
[  553.654248][T20328] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5211'.
[  553.701635][T20328] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5211'.
[  553.711298][T20328] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5211'.
[  553.762834][T13374] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  554.424836][T20339] ==================================================================
[  554.432946][T20339] BUG: KCSAN: data-race in touch_atime / touch_atime
[  554.439715][T20339] 
[  554.442029][T20339] write to 0xffff888104a73540 of 4 bytes by task 20336 on cpu 1:
[  554.449731][T20339]  touch_atime+0x1e8/0x340
[  554.454153][T20339]  shmem_file_read_iter+0x477/0x540
[  554.459339][T20339]  copy_splice_read+0x442/0x660
[  554.464186][T20339]  splice_direct_to_actor+0x290/0x680
[  554.469548][T20339]  do_splice_direct+0xda/0x150
[  554.474313][T20339]  do_sendfile+0x380/0x650
[  554.478726][T20339]  __x64_sys_sendfile64+0x105/0x150
[  554.483931][T20339]  x64_sys_call+0x2bb4/0x3000
[  554.488615][T20339]  do_syscall_64+0xd2/0x200
[  554.493119][T20339]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  554.499017][T20339] 
[  554.501328][T20339] read to 0xffff888104a73540 of 4 bytes by task 20339 on cpu 0:
[  554.508946][T20339]  touch_atime+0x194/0x340
[  554.513457][T20339]  shmem_file_read_iter+0x477/0x540
[  554.518664][T20339]  copy_splice_read+0x442/0x660
[  554.523514][T20339]  splice_direct_to_actor+0x290/0x680
[  554.528894][T20339]  do_splice_direct+0xda/0x150
[  554.533658][T20339]  do_sendfile+0x380/0x650
[  554.538089][T20339]  __x64_sys_sendfile64+0x105/0x150
[  554.543304][T20339]  x64_sys_call+0x2bb4/0x3000
[  554.547993][T20339]  do_syscall_64+0xd2/0x200
[  554.552496][T20339]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  554.558390][T20339] 
[  554.560710][T20339] value changed: 0x2c68fd47 -> 0x2d0193c7
[  554.566439][T20339] 
[  554.568752][T20339] Reported by Kernel Concurrency Sanitizer on:
[  554.574900][T20339] CPU: 0 UID: 0 PID: 20339 Comm: syz.1.5209 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  554.586270][T20339] Tainted: [W]=WARN
[  554.590068][T20339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  554.600121][T20339] ==================================================================