last executing test programs:

4.446987151s ago: executing program 1 (id=2369):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$OSF_MSG_ADD(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000f40)=ANY=[@ANYBLOB="68020000000501"], 0x268}}, 0x8080)
getpgid(0x0)

4.342438673s ago: executing program 1 (id=2370):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000200)={@dev}, 0x14)
quotactl$Q_SETQUOTA(0xffffffff80000801, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000016c0)={0x11, 0xb, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0x4}, 0x18)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$unix(r2, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000080)="03", 0x1}], 0x1, &(0x7f0000000280)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}, 0x0)
recvmmsg(r3, &(0x7f0000001140), 0x700, 0x2, 0x0)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000000c0)={0x3, 0x1000}, 0x4)
r4 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f00000000c0)={0x3, 0x1000}, 0x4)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f271a76d2689064c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48) (async)
setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000200)={@dev}, 0x14) (async)
quotactl$Q_SETQUOTA(0xffffffff80000801, 0x0, 0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
socket$packet(0x11, 0x3, 0x300) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000016c0)={0x11, 0xb, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0x4}, 0x18) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) (async)
sendmsg$unix(r2, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000080)="03", 0x1}], 0x1, &(0x7f0000000280)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}, 0x0) (async)
recvmmsg(r3, &(0x7f0000001140), 0x700, 0x2, 0x0) (async)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000000c0)={0x3, 0x1000}, 0x4) (async)
socket$packet(0x11, 0x3, 0x300) (async)
setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f00000000c0)={0x3, 0x1000}, 0x4) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f271a76d2689064c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) (async)

4.291547514s ago: executing program 1 (id=2372):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000001240)='./bus\x00', 0x4010, &(0x7f0000000a40)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2f05cefeb4ee6d5ae1071124b2c2fb684f5c7ac05000000c7880f67e775c748f6381a3e01e7f93330b30b90bbb4d2b697899a16f2df4fa2a8f06ac2c5352ddcae2b83672ef3d9f532e55f4e798924ac6332751e737383f6890d2dcfcbdbd41940a64c7b4374674e7bb6dd0d1b8d3d62f6d77b0282e166e2ce4c353d2d4d315a81146bf46a1508ef0d2ddc7d0b447fe17b85b292d13cea2256a16cab12d75a852bc680da7ea837480feb2e1e0000000000003bc18c52d0351cd285197b0641569048b5b416ba1c570000000000100083794afff0a9eed63b1226b18c4b455ab222d7ae1be52a22e8ec8bf2c0c7d99770415863f50aa18bcb66061a29bc55105f3482ed752f882d224a386b51836c1b437036b677156e22e174ff516dbab0b2cdf52bee43c4ffffffffffffffffd9487b8663a339b98df63b4bf3e97f02d6f1e7e65f968dd90841506355d9ac40f1b434c8a9b5bd91a70c53a5aadbebd9ed9d0a55bd47a967163e0c02753f8895bfbf1b41b5490667c241068d59983ae1d0f03e650f5357425284b76d793e25a2558fa437e38b8200000000630000000000000000000000000000000000000000000000e911000000000066e073c14bb74617079e0b6ecfc830db14244567fd8f4e4e5903eaf983786e28295783f130b95dc37f59a658000e88047db7783ce8a9cba6c255902cfb83946ea3f5f7a8cee911b2b37ae4b01e65ea86d5ea7ae17b2a9bc250c9b8fc9fbc04617939bdd13457954172d18701768f8a461bee740f2d82ae566d2e30a93ad2b201a6d16a93c75a950cc437e7f25d3aadddb8edd028d84490b6bafd636aa4fb482a8a4b3987dafe58e742448c4b36b03790090198145dee533257bb9050554f8cace210a5bc5c768f83e99019f7c00ff9ca679768dbba3f7d21c545c99c2f7688f7030fe37121d625d1f81018feb74c9d48eebdf1702550b097271ab9bd38c62f4b31fd9482c05ba064dfa60bd7fafb3c22dc057e6f9e2a5eb144290afe5369110a71d4b7fc5937a32e213c443f3b9e506b25cf9e2520999b330fc9e86bde8c8ec78f67c0c7f24db0000000", @ANYRES16], 0x1, 0x11ee, &(0x7f0000002480)="$eJzs3MGLG1UcB/Bf17Xdbt3NqrXagvjQi16GZg9e9BJkC9KA0jZCKwhTd6IhYxIyYSEiVk9e/TvEozdBvOllL/4N3vbisQdxxKS1jUSpSDdSPp9LfvDel997BAZmmDdHr3/5Ub9bZd18EmsnTsTaKCLdTpFiLe76LF557Ycfn796/cblVru9dyWlS61rzVdTStsvfPfuJ1+/+P3kzDvfbH97Kg533jv6Zffnw3OH549+u/Zhr0q9Kg2Gk5Snm8PhJL9ZFmm/V/WzlN4ui7wqUm9QFeOF8W45HI2mKR/sb22OxkVVpXwwTf1imibDNBlPU/5B3hukLMvS1mbwX3S+ul3XdURdPx4no67r+nRsxpl4IrZiOxqxE0/GU/F0nI1n4lw8G8/F+dmsVa8bAAAAAAAAAAAAAAAAAAAAHi3O/wMAAAAAAAAAAAAAAAAAAMDqXb1+43Kr3d67ktJGRPnFQeegM/+dj7e60YsyirgYjfg1Zqf/5+b1pTfbexfTzE58Xt66k7910HlsMd+cfU5gab45z6fF/KnYvD+/G404uzy/uzS/ES+/dF8+i0b89H4Mo4z9+CN7L/9pM6U33mr/JX9hNg8AAAAeBVn609L79yz7u/F5/kGeD6zdbbaQX48L6yvbNndU04/7eVkW44dWnIyH3uKfio2IWF33By/W43+xDIViXqz6ysRxuPenr3olAAAAAAAAAAAA/BvH8Trh0sanj32rAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA7+zAsQAAAACAMH/rNDo2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYKgAA///20tEU")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000000)=0x10000000000000, 0xffffff6a)
r1 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x42, 0x0)
process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0xf4ff)
pwrite64(r1, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_clone3(0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000100000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0)
syz_emit_ethernet(0x36, &(0x7f00000003c0)={@local, @multicast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0xffff}}}}}}, 0x0)
syz_emit_ethernet(0x36, &(0x7f00000001c0)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0xfd, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x10, 0x2}}}}}}, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r5}, 0x10)

3.448099796s ago: executing program 1 (id=2379):
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000b38ee036830dd03308e5f581bdda650b655dbfdcc7bd3ef96e72162e37127b391449e27d", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c250000000000202020"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mount$bind(&(0x7f0000000400)='./control\x00', &(0x7f00000004c0)='./control\x00', 0x0, 0x202000, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x4000000000002be, 0x20000000)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r2)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x1c, r3, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x33}, @void}}}, 0x1c}}, 0x4000054)
bpf$MAP_CREATE(0x0, 0x0, 0x48)

3.047340503s ago: executing program 4 (id=2383):
r0 = socket$inet6(0x10, 0x3, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="0201000207000000000000000000000003000700002000000200000002000100000004d20201b10400000020"], 0x38}}, 0x0)
removexattr(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180)=@known='trusted.overlay.metacopy\x00')
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c000000190001000000000000000000021800000000fd000000ed0008000100ac1414000800080004"], 0x2c}}, 0x0)
sendto$inet6(r0, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000060000000000000000008500000007000000850000000e00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000012c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000900)=ANY=[@ANYBLOB="440000001000090600"/20, @ANYRES32=0x0, @ANYBLOB="adffa888000000001c00128009000100626f6e64000000000c000280050001000600000008000a0079"], 0x44}}, 0x0)
socket$inet6(0x10, 0x3, 0x0) (async)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="0201000207000000000000000000000003000700002000000200000002000100000004d20201b10400000020"], 0x38}}, 0x0) (async)
removexattr(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180)=@known='trusted.overlay.metacopy\x00') (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c000000190001000000000000000000021800000000fd000000ed0008000100ac1414000800080004"], 0x2c}}, 0x0) (async)
sendto$inet6(r0, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000060000000000000000008500000007000000850000000e00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000012c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x10) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000900)=ANY=[@ANYBLOB="440000001000090600"/20, @ANYRES32=0x0, @ANYBLOB="adffa888000000001c00128009000100626f6e64000000000c000280050001000600000008000a0079"], 0x44}}, 0x0) (async)

2.902729525s ago: executing program 0 (id=2386):
r0 = semget$private(0x0, 0x6, 0x3b1)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x18, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000000)='kfree\x00', r2, 0x0, 0x1ffffffffffffffd}, 0x18)
r3 = fsopen(&(0x7f0000000180)='proc\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x0)
fchdir(r4)
r5 = inotify_init()
inotify_add_watch(r5, &(0x7f00000002c0)='./bus\x00', 0x24000137)
r6 = openat(r4, &(0x7f00000004c0)='./bus\x00', 0x40000, 0x0)
r7 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r7, &(0x7f00000014c0)={0x2, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="021800000b0000000000000000000000030005000000000002000000e00000010000000000000000030012000000000002000000000000000000000000000000030006000000000002"], 0x58}}, 0x24000894)
io_setup(0x0, &(0x7f0000000040)=<r8=>0x0)
r9 = eventfd(0x3)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r10}, 0x10)
io_submit(r8, 0x9, &(0x7f0000000c00)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x4, r1, &(0x7f0000000600)="ea7fa329f5e37fa8e6142d903a37ce899409a4aa4f1b21721b5bdebca2e70df946e27aa7f91af66d4976ae581f126ce8b8a17ece8ca03da034b3d29be70132b5b0052c530c213ca2b39e4b6822a3d13b9e72334760b89936d5fc3823f95274d7045ffd8bfe6c5c7053333e5a706f32aef0eea038cce3c861cc4ca592b270a9ccc55b3dd2325e7e1f60df488e8f8a6d7988a098697347a7e7eeaa6e7b5dfa43ca3a466cb33e53e4a121c1bccbc4d5e0e16a9486758f009ed240f299c70ae0d726dfb8ef177000938182343148d58bf8d0c295ca573347306430195031278e16c34eba17f129093812ae0af7d3fa086df64772d07be00fad3dfa6c26959207", 0xfe, 0x32f9, 0x0, 0x2, r9}, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x5, 0x1, r4, &(0x7f0000001500)="4e786605ad36d9c0dc9ca4e8c87b69356908ba32b2da9430cdda2ccacf9adca10d1aeeeab81b7efa64ca4fedbaa45caa90906a5651656f2320b4229e56df4729edc8243746d357369c465310afd01a1c644e4abc05bcc1ce436aa45c561b0f80ed76330a4789ace4c68fa2da882c0b34e7b7f8b994224a6ecefd6746d7491bebd34380d1bd80b5bf7dbc7d902b91e9190f96e0a09b9774205054db43399b4f42e6c3c9c8e4cec2e0fd28c3f9d81e62ae579c503e600be86cfcdb7c6eecfae6fbcebcb36620b3a9e1c67730f9762930d3ce9ca2d3118d9a9dcbec4f6b4a3e01f0e422a72367fa2660ac922676c7a4750a81c4de0a83674a9743b81b1408d7258549f7ba1d589352a4c4aaeb494415e6429ace618b74af635f300818523c1d6a7bd6cb16b1bdd3ebdb2fb85ad0f4c47d5c4af42e1c7bf3534d83f9d4f4970abf7d1cabeb4812f44d7d1d67979d4550f93d96373fd29066e6c41e54e7d1df3b7058bc99021d58edbdf384f470d0b0633d4b22a0147f726a2c7e1f6502d621e9e4a46bbdb430dc8e75bf45d35d65d2d6b5785b2676bf2b2df0e86d6eab1ec8f774b17adce285324d081eed16b018166cfacd6146a212577459305a85c85b624b6509954547bfb9be052b373621e9212a4ecb9df07d6f32e4898ac2300cb66f052acea50e8e3b9a1c6e71c4aba43f82ba3e94716756d96b3d861f306e28f0cefaeba66fb2de2f3baaf6605a9172320531e05e98f802b1f0529cc09b0c1dbbc52425947f953b872006b7ac13c52e28527b42afe8beb0cea0f449c42578e67124d7cd9f8c4399fab85a049f0c5bb2c1a74289f88a750d93210b2264da6b4efc3b29dc47b6fd3cec086a26c261c33daf4c4871da6177cbb4f7ed1d8bceb1bf3f6b8d044b65118bcc9bf16491486e52bc7a7d937434d51306964bb296746872b44419ffa341805ebd9283648c2ec17f5aeee313d8ffc599e741f31c4b899172063425ece7439551ea9c045820c0fc5f51886e804dc18efedce2042cd4299e7df9323d16210e1dc13bf0e7a4064640c13748581e3a6585af2ad30f3cbfc69feededbd1fd25583b2f3aa72e1d8347f367000e30a84342c0f03e3a2417f23bd7005e2dec2dae1b4c5e22659a346237cc0693e5f6f7f33021684d15baa3829863307867546b26d190e118c8c654f5564cefae1599e24e646b4d1c6202f148572770bb98ccc8d3f04592662673b0e70fc5b59212226b77161788b09c6cc957cb7a167acdb6c447a677298987e2c94c432881b304e8ea4f3f942d06c0ee3fe88b1d63eac739fbb01f201e26fae3c9cffe0b05b8043d5796da8052ef23784782e115925e965f3cd07201e2f2d4ffe7a040f962236971710e885814c454c8827785c2d3813a6c12eb0a76bedb6a57c372a887034fcfe8b6724885dded69e0d01174f25e8a2ebc099916480ae178db2d2ad576b8054ad59e5f6cfa4d87ae015e7709104fca4c733a3e888a7faafd3f504e295dc021897bb7cb9f98bc9106ee24f793438375980fc49c01bf5d0269832c672d3da2b233a6e8dd8e27694d554fe585637e3cbda8013f5100429a89c758624bd9c95a75ed782b60cbf2f783b8c2334bf42c807bb737b6ea0d519fa9b75318dd1dfaa268f50f65ac065645c97ed1a7efc42a9aa58bd1887692d88ee560c48d4b433dde0a2d503286252db340311d47a33b4c0841e1e1850d94166d5b59493ba9461fc5dfa7073a9d483eb6d9dff28ab6510038cdb06ebdd71f1325b0b6b95acae6d87f4efecee147c01e7c54271dee37da1a3b4869cf8cf7f2a6426f71cd6dfed2f34d4d6d4295095eb02f4cd59427b6bb477dec2b36bde2f5bde4e98b07211e746962d838ccc1fbcc876661ae291479eda756f35fa09dc6e960d4ac79aaf56b37547bcbceb7492922b0e93012a542f3071c1b7e8431cb4019be62107b72d32d79cb7f4aed50448211f181d5adde4a9e23da2887621b2746ac2a155c1ded256b18fabf6571ae2ae70c759eb4645bd5b0404e7309bc6136373de86e0e8fd3c6fd3bb4d8b03e6e20ece2e0f5f0e7510ce573b4f976d7f52422cbb893dab3e1055768f1df1a644c599b241cc709c722a107235c9992956c4fe01471c73ebca93ecedfd3b33db69abdfc6b4d1ae59ef5a1e5e749c34687fa7f0167df447738f0ecec42e0d24086c0656678449566e8b9504f136552e3aca913070a41a2044bbd3467af1e6ae75e9d45453a098239b20d7ea7e047ea9c444ab8cb718b62d1b9719cbc01f1f625db1512e54cc64e3e8d49bc695e96deaa88d75060712d92610c3fd0176abf2265532291373b67451111d9eadc3dc995cbbe288ecd0c919b7e15fd2d73fbe3fcb2031ae6c6df69bb1b4b42e4b8af9c705875354b2ca66a78073790c303ede300a7afa53fc45ea635c35e7558297c777180b17ebf212e7d69bc494a9de6aecd2ae6ef0256ef15c23b4c9ce72df983e96c96511a3766edc4c67f5ddfffbe01c5c58ea1fb1856365a3b450f639803f879783f0f3e1150d5fa327aaa2c41e523c654f097ba80a52e1a1f76947f9327394b22b3220ccefa7de5a0eeb02462976ed944f9ebe6465b45c01a82f7d5738667e8eb1b551b74655960b938f20dd8647f6095e96b269279eaeee089eea8a876d63c3960f4670d048c8f35bf0cfb478f5dabe34cec1de0af10a17968f533f58b5fe7ac4e9c110586f52051d01833f85e469fa1cd987f235b5572f34aa829771b1a52d75b52a1e1cf27b31635c640ae1c0d2a673e0fbf5f6ddd909b8aad7a83ca20096185d87ae65982c1b7b13631a2d1f4fbc25fd1f601d113b052179b93e8c0c0d7558c011649031a2a1f5939c25346f4434fdd447c0143db8b782adb3290400c75ce82f0d732553ea568ca19d561d3b7d129b7ad302af431caeb19ccb612b4991c3c2be6bbdd4c5dc2f4d35799d6fc18196586ff7ba8f31745ef6711512c85f3076bda653bc75bcc0dffd72b35a352591b25a1b51318dfb27445582d93f3c0ae43a61de3ea27f9582f65187ada94eb57a87dc0215ace854922f51e785d4a5bf5af8f90f6ff24ebf0b3a6c4252a9ba5aacace0aebe2564090785904de97dad9a5303ce618504b95e6b743acbb44e6780c1177b37164872d9575f1a37e83aa0cb2ecd4ef16601fd19a70f1a7c97e92ee8a426fb5a86ab221c0c7d3c88b200ee09b8ac780875fc30e62ae2e6714c807e4a4bc8958a6e7dc286cd6466a9b1e7a02e2659bc4138fa9a8ae5493b0ba9e367e230d1c7e27309c91fc7469c74071ffdd4b2952db356d5159719b8634646a9cc081c3032c2e3cabf20f990e91bb85935ae585afb7a136e295b7ddc44c47110f2e4ab8960dd67e91feb507530e3ac3389cccd25b35e0c764eddae5eff0856f78168602333ed8648f551378a5fa970d02ce37795b9fccef554c6ae910a643dbf4b8343aa97b773d5a6aac0b369d9a99b1038d95e624265f48b0a04ab04b11b7fb5a393b19a70caac93584c641325564bbbcb546726c1b7e6913bccb35fe9ec61307b79638c00df710307314d8e7dabf09f2d536900bc6adf0a8411198ebfc837e54803c575fffabba188055f9d6918ce422367c17dbfa88b704dc820b0daa493a882c49a4ab8473fd873849de412a3e6957878492f5f90d891e53b3259ff9e343f4d80d8923d1373e6409c4b221c74d2b5d98d74f04427740c51d2ef348530ecb889d3562f433a37abe212f079f7fd8511ba3193a86e509d4cfa31ed26ce49b97f06df58909650abb95b7c5febba697231133c32e1afab5b0ed17084bfc946e0a1be79c005b1b74e26c91595122f76f60e7c0a0140fb63e982778abe261d33eec0b1fb3379b383f3ffb24e6a3dedf0477aa9de059fd9133a42264e9debc0ce9501265320793c7e903b335b2eaae5be92108b747262fc032e200e41ad9fe127664b4bca4417cee1cee80209a167783d65d2485bd2370b04b41a1d0c402b51b7704f034ae2f894081b54c79ce2689905556ec740039ba0ca44598f72af0a8bfbd2cf499f7393a5fab2f49e6267cb0c007c4de7e9f8d11839545a113382bc7eacf32d019212ff6ec1f9fac9b63998e66ce11aded39fa7584dd4c2812b5dfc23eb5567428bf9862b7819ad1440ce513dee379e219bfd1bf76b7642c313efa63264358a5d536ef5c57a5a8c0862699078227c9efa09653a291fd0a9a4955a69933069eab9f56adea8e473c4e2fcbb91d250cdab9de7ae817629c2c1ae013d6284d571bfeadd11f31612189b89a09e476ca0fb8878cc0d2d3831c356e9d46582d894fa2564261c29e6c1b9c8e0b1ab87398c479f149a3c968db36cd8ecad1e6272e7e3096609e642f1b7981c56712f65719d634b937a61a4a07aa957217aeccc54fa45c0e83acc147b21cd4b9acd011cb67c9af022a2a02ffe84f54705b7f1278343f5c441bd6ff8dbc3daec6f70c0ebd53cef1684c31fd297ea3237c2fa67143d8a0563df791e57ee981648471f0f70a00a70cdef9bbb5917040a0ee8469acdff621d751efa2e3a3f6b51b6df0e360c2b051a0f17c243b32d3976ac5ee796eed154db06725028b87450cbc2bc950f42571852241c5dadd93f36317df6c02379db8bcfd48af67844d221d32e4dfdfcf7dc071694ec1dbeb19e6120ea1c0e60678e4d42a9f248c1bee486588c6c8ee69509de93662f7577079dc0543143aee7b8cb185cf99a4813e01a71b32f2756db0c52ca629cd77b99bf663bf9ce5af45ce03416ae999ec3e39e2330b5dca25015c27ae71ac1455aadb8279941db9d385cf2441cb7d6ca76ca6f11cd6d0750b71f6954e9163e1023e46afd8fedf7f8bfac22a3458bf25177bba3eab34ef9d4a552f02992e8dcb3e314cf2222e1a5cae6198b6c82d9ba6d533f5143d9f898614001a6de7bbff55f17db366383c572fa51cab4b91e221ba12ac1b2752734406298708d4bc27fb9da01f780f649134cee1a91233dbc8fa4b015d3c94148e345bec52151581319f16088027fa04864a6322da42f6c119163e85b13742be8ed295c85aed89a0adc4ca36782eadeb5300d11c6e879d573b95d6b9a541ffc1185372dff30ba1988c3eae148c99a19dd33512064c96fd1d48a4d69e96ebfd17ed7736ef93bb9812f9f27559be12bcfe697afb117d2fe67651c7ee751848489d152329d38cf968e8bbbdc70f70d48228ea659a46f19925147f28c480666d61295ac446928252db006811f6cb32c5c2e840a6074c161b7fa6f53c10770078fe0ef7e7c62dc02d00807730c6d1d833dd64910fe50627784eac43ff1b2bf10a70a4e7024f3cb4daff1a834b6dec10d69acb75f073ac9acbe1751364f22f869d6291c916a6bfd8b413dae8a7f406b6eeacd4b47db8c599320c3759838fb9eb231db020f43b47839cf247610a9263c0e40bda2954c10f374802d65014e9cdc2ff74b9a87eca211194f822797d5ab196383563d9f8c0741791c45e95d4ed1598dabbbfcfb815f1d6ca576e879666b189afd10f268f381cf60ca06c3c99160175ac5a22863043e97bcdcccfacb3be46e691254de02a5d174f18abedb85461494e717b9d5adcda08f6b6c6cb3d4c9f7e1c5dd121c540748b60859346e902fd350514f9ce460bcb08a93dc9f0520992ba5382f1932bb0bb4cfce46ecbfee4d83277ca4fb434061a57fdbcc7e01025015972a0e36f83668d49fedf0e57d9a862e8a74f81ceba133ac9dc9c641002dea3237b78bf90ab25c507588f7c41768e7d27fccb2c4c5e3b91b9df0719c737ae750c6d525c5a07509a", 0x1000, 0x8, 0x0, 0x0, r4}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x4, r10, &(0x7f0000000200)="b4806b369a7b8dc0c0523cd4a1a55f71f7688a1ccee92746c129f1ad4c2653163ff114fa18651c743cc751e9c9479215a7165e29fc896223a75a497f", 0x3c, 0x1, 0x0, 0x0, r6}, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x5, 0x76, r2, &(0x7f00000007c0)="4e7e99e9c95fa238044cc70d9ce4aa8d5002abfd0abfb00732c5ed7b040514fab27a8b8358991565e4873b8403b25009d8e0932a4ff2678537a7fbf18971ee68fcd5ed6a2e0da7ca90bd6dbdc9022bb9e68bea40576186e66fffd8bff24410b4f1e2d9e9350fa6afc2f0d352f856db4e0870b6ba6033ae6bd0c864f700f643c776b12d544a4b68bea0d6ed418dec90b71755d2277b1c11dcd00b012e99e921fd11ebdda97272cf2bf4ef79d5683964288eae8d4c222f07924dc2f45a4f67", 0xbe, 0x100000001, 0x0, 0x2, r6}, &(0x7f0000000880)={0x0, 0x0, 0x0, 0x6, 0x0, r1, &(0x7f0000000500)="d624654749514799737a4569db720a123c8b642d138df078d7b016e187eaf9d19f7e6618f62c6476621eb70172f198eb3c7ee3f55cdb02506f72fcccae003b32f4732fac7fa9cf1f705a22d1e551f36fa6fcc708ef87e28d8d3762db1c9790c785671eb524796de762d57489d658e4e8db1a45c64ad3d8", 0x77, 0x9, 0x0, 0x3, r6}, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x1, 0x2, r4, &(0x7f00000008c0), 0x0, 0x2, 0x0, 0x2}, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, 0x100, 0xffffffffffffffff, &(0x7f0000000940)="cb19633ea52288762e445f27a2c87224c1146db427836ea5329cde2df10a2a73c88b263868adc3236bfd26cebdf4faab218da293c69ee32909de4e1e6a2afe5c6675760f5d991f101ce2feabea30ec24dc8506c704a914c0f79b335c4e", 0x5d, 0xae, 0x0, 0x0, r6}, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x6, 0x1ff, r5, &(0x7f0000000a40)="ae996f852ed2a7957c7334a2f88273358570b87dd4519399", 0x18, 0x81, 0x0, 0x3, r4}, &(0x7f0000000bc0)={0x0, 0x0, 0x0, 0x2, 0x2, r3, &(0x7f0000000ac0)="2c8ce67cec6895586647d2f47425f04da4a164f62b1b2bab3e6ddaf1f02d129000a22a317d74f7d72e299f154d740c8629535f7fb988491f6eec1cbaf46467062ee9a0501029173088fc71ac3deb0fe9929cc51d17efbbbd98392906664a4afdb96f2273beceeeae19db176db665e46e93e23c380e1e59aa1b710ba526ef2aef752c2df54f9673204877c8828eb12aa0d9a9c18c16ea2f56b33661e226a2c6aa10068758f42d73dbc3363e977281e2b92ec4be9f2431652d60fdf5f4e541018f77e38287d53b6f4d7a84b5f269497dbae1ba7df43f1be6afcad993f0de63cf", 0xdf, 0x3, 0x0, 0x1, r4}])
r11 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r11, 0xffffffffffffffff, 0x0)
semop(r0, &(0x7f00000000c0)=[{0x0, 0xfffc}], 0x1)
semctl$IPC_RMID(r0, 0x0, 0x0)
r12 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r12, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8a, @void, @value}, 0x94)
r13 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r13}, 0x10)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x481, 0x0)

2.799662627s ago: executing program 4 (id=2387):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r2}, 0x10)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f0000004540)=[{{&(0x7f0000000040)={0x2, 0x4e22, @multicast1}, 0x10, 0x0}}, {{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000180)="15b26f226e2966667482d50703b0a8d92ccd9e69d5cc4cb3d467a670b237a9225fb56c0f7ea725dee27c4bb43bb50c6748c83b71d59f0537405dfab648c096607340fac939a2efd31cbe2f8ca29c409e87ea0974b7bceff9afef5dffd691575f5115f2f961ad488e3386036913e98181a6034febaab853a3e928b9035b0e3a8e1cb393c70f6d0448970e0af2476f8b923ee09c19deca55d58f70e8eeff55dda6381cb96afe97196c0af0a8fd450a1447a1a521e2c211fb84cbcf4aebd31298972ec6be", 0xc3}, {&(0x7f0000000d80)="7d68e6de85f9b0cbc9d710267f321ec64eab043ecad9af7e01e9463218ec45924a99867163e468d36a682fadd749caa325e685d75559a87139e02fae7271be8f55671cfd32a09896278d1941370174720838039d0989bc3394b8a4c4f4a30f0496be313d6d60fe47966c634a3ee1f659e8ef310647725bda0130d5de5028220a4cf5fc808a75694738ee26cb21302b4bba4265b845a5d5dce706d9820c6936b122f9658446d74a9016b94424971dd443a6907eb5c73b6b200e92b23f2c36a214729b0bc231511e4c", 0xc8}, {&(0x7f0000000380)="73fd71361e8d6c80ae1bc9953e2a4aeac7a314273066fc7f65a51969b46df1774bb0be94ccd4824f2d57ad2cd37242b1258402395481f9f07e067652e52aa8ccefcd0962ba0c48757b68d493f3ad702e65d4daa7dfc1605a173185472ae12470eea64c70ef4e64793b8a830447de0f423bef3964934eef4243cac42939ba6fa68d821b9373b5f3e2c26e7ca75ed8fb3203aef3a6637cecdd0251532b99537e02f604058f50e66c8a657d59beeed127695475f082d3d2b9790181fc987ad000ac00887d1506be89f388ecb405660b4ea196ee8f5a92b12ec43bbf49567db613d478ebe2358364f7600bf4f80ef4b2756fb13416c4fa22880cc96a03f07888575aedb001d5a74bb2f906797912b5ac080a0a3d361425f1a92ab03bbe65d5dcb235f43b5ad1162a16ebdc647baac013bf076945126cdd5a080853976a97ad55184601102fbb8df86b21aa8162858d74465c5fb7dc766602a3567f6eaf441f85ec50ca7fb3a4fdb450d1420531da25d01a412958a5e3895c59542238cf8e188e7fb5641eb24a5f1819bf8d2e9dd6c1d0e93564d723e311db9cd268bb1e477036e822b135cdbaf40f812aa7db01d22c829ab01ae24997dae96ddeed49e62d285701d5419e3f94a8b95790cf5a296ed15bffae1f71470c6a6eda872528844a2df42590d898630263cab5cccec57b7cea365ad8c91bfbe7cb419635ce6bf340a56115c0ad922b6fade9538e543bc5def2a85d35ab16d20c219c4733837be2c14ba4d3d32c3a6882ce6857626f55109b4cdcb634425d710bf3108f9b31b4af0cc17a58e49e871a56126dd8bed08e038ba64008587237b3442d28032e52fc9fae1a5784ba59d0edfa03d38352724903ed6f6970b3f4dfa6e40bf933b6765c6ee648174765f1e8ec71b80cac86abd065a3005b40a43a665707cc590997c5048183006a9dd8026d39def05950183b3d4f12f4e1644ef78cddac7c5569985c2c232bb350f28857675339e53f63a868704d2e0b38993dc57a02d3e297fc9a5b9384622841018c303a05bac25d509df5a2d0e3232927283fcc3ec67e4fa7b71d22f115cf693851dcceab4bce38cbfbb32829e211cdcb6a359e14fe416663541050d340aef2555dbd292bd9cbab8fcf20378149cc994569c2bc95fb33fd2d9321b8ac8e5160b02e202492f470eb719a8f2ac3a4be37ea0918b54b14789b7aa228d47f7b13fd9af608740c5a8fe02109a7cc0e555b22628ef790e513ecadfd338d30aed8ca219e64ee4fb0bd0e21e5101bf2072ffa071eb1aa0454caccc015ff1e166813f819a142b56a22e4ff387bb319288a0ef747c6fc8fdee3a0e193b0d086eb816e97e0322fcdaa30da61cd26ac9d8d0748fccd911ce0fd4adc953e9486e137fe66bc8aedfd5b78c562ebfc578ac9f96a453311766564541e16955e30b95914e9411a0b4cd95e0d8732d5ff7a4f921ef41d986a195334266585353b16b9449955523913a30c087532bcb899f733af3abea59baea174cf04359547a633b5f8a582ae3ef12a1d0125bef8c6e8c9fb589d3597c5ab3879491b0c5e3607203f06836a6805d3f7979c4325f9fecb2aceddedb272237132460cda812ef7d613a585898d59f92ef68ec95f12b47b440f6d899ecbfab48055e0c1605ba4cd9dbc17c4cbfec8a953ebbd38c45a6737a57ee58e21a20e530171137968ae4f0d0366cdb0b9d6a4667b011fcd7cd9e77364e5221989d8f0d80793260e748e3bd394849c090c744f6044328304cd6f02e941c5405647daffc1fd2f2864b37f92bbf4931c8e4a7c6bafd0ea79d39d330e70e6776bf6a926de227e5a43653bba04883e98d67bb64aa86e8bf271ba87604bc598e47f2992c7618ad25068860a481554b53352c7339de7e79c3bd1aed5bef8f398432858c888a5d8651969ea40eb3d486e9fe61d49b20500fdfd1548f567da970103d36730657c35d03d2c36b142665f62203b1fb12d616478cfef6f38b34cda87a634dd06d359f33e98b94a5e5b46b2a8d73126352d1d5b65af75055455cc903e384c41876fbdff935d047284d9d203b147a6ba0e9cb50beef7798886c33d2f2f0c0d9abe0e32c7c809f8b0b28fc59471987353c862a311776b8275bf319d5cb9a59f8f103b6e567ef5dd8859973cc3fe41e356bf5bd3186240e49286977eca36a8ad44185973b276cd7958b73e14a221b7fd567818bebf54ad27ee95161bd2aeeb356482ff467500a7d36f0464f58a591ec6b728f984ec78d0abe14c6d3411ac3ffc4c3179d1f95d029f26cceb545723519d3d4209a2b1243e78767273c13dc2bd320512674b6f1a50313bae7b9d16aebb476dbc829e8fd8dd46a1696efaff5795cf75de57c90f05ed9ef4a5cdfbf20d3d9ed95fb4114b1d5c9ade0856212e7ba330ce5bccf2c993dff89112b28bd3b17d3fcfacef7590f62bf948977dd79e2d8025946c80bf263e34035409b5ba1443d4929727180761bd56d258c3670a0aa4de21111fc3172367582de2d164ff3a18d0696b8dd8e5c1423b2ea1e2c0cfe141e4cf04f8cdaed48976b94c40d6a581300458661bbdbfeeb4969af6319eb1798843d0872f68f0c6537bbc9c7dd1e9b0564bf442d8d25f8aa884aba1df074d374f99750d9227bb821ba0355f60de2829a5c8cd47c89d29a2e3d7d53d59db5c3ace8f484664202c210c68a3b33076fb00d59938e84fbad6d6618c0bb89cf94035fa2de4da351e0d71df416450ea7ec3af33aa5c0313c63e654bd79c73b39dc1933636956761058d76648746daca469f8fce62c17a8160cdefc6a927eef9ec4a8dd684e46f35282546ce2362ab8afedd39bf699fd7c2cde538f52ea43c08558f42ba77b2986b800c45fa76a130b30919b3e1d504573e3c1e7dd2dc5d81379df53d736511f1da4ad8791e46adb27bb5c38129e89edda0aed99dcc03fe400f7d05d48e3e9e17744e8487f8ac464c86f7332211fb9799e9d27a6832d5f17ccd1a2da255f6da047e4728dd80860c04391bca4b7833f0346866401ec20033bcf6dfa85fd1520de5a03b4f9f6f5d2f8d7b6e7d7df1cbe5c05e23e080cf335639c94c48aaeb0bfebbe79530d67d35fb101c91839954c0e50dd4b90a86428b22b0be1e906fee30f68d7ce4bf9c68eafe695f07f5e4e4d473d77104b7b1b5dcfeb84e8c83624c0068d4e1cccfe740f8e5d5699603f8481ef2a1f2d4b8fd2314c5cb1985fe34cf8ede7d2e8bddea269422490903489c7f5951114d7ccb29a19455a987d538955712a460243105b25ccb6e6f34c370a6bbb234bee150dbcea5188e45305253f1014f7c0b5d60d517d2d05707f5ca9249a921d6c5307caf41deca0509b49102d801320db65c00f6e1c05fb8c2e1cc554673bf6168dd64086b19af28eec508fd0c304837e802173ac9947c4d73929c61d9632ab929a25f2a04350954612c2de705c1c25215284fe933fc8ccfd30ab3fc9ff5e04dd68d4720d95a29d6da176ac9d332c9ce77358f3c262777ea828fe6473638bc77be2aa586a3733e275744bc42c3742c1ad8f89d25c31958902f2f498c58fc85e9b78fb7a331734cb081cfa9ccfd262df927c0ff46983f8765af4add3532de2b91f2436df028", 0x9fd}], 0x3}}, {{0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000001700)="c9", 0x1}], 0x300}}], 0x3, 0x240080e4)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r4}, 0x10)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r5)
r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r6, 0xc004743e, 0x110e22fff6)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000001e80)={&(0x7f0000000180)=@abs={0x1, 0x5c, 0x1}, 0x6e, 0x0}, 0x20000)
ioctl$TUNGETVNETLE(r5, 0x40047451, &(0x7f0000000180))

2.796998737s ago: executing program 0 (id=2388):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @lirc_mode2=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e8500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r2}, &(0x7f0000000380), &(0x7f00000003c0)=r3}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r4}, 0x10)
kexec_load(0x0, 0x1, &(0x7f0000000140)=[{0x0, 0x3e00, 0x116094000, 0x41000000}], 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x4c, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x800000000003}, 0x1, 0x5dd8, 0x0, 0x3, 0x400000, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x8220c00, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x369ac89f52bf2160}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="191d25bd7000ffdbdf256300000008000300", @ANYRES32=r6, @ANYBLOB], 0x1c}}, 0x40)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = fsopen(&(0x7f0000001340)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r7, 0x6, 0x0, 0x0, 0x0)
r8 = fsmount(r7, 0x0, 0x0)
openat$cgroup_procs(r8, &(0x7f0000000180)='cgroup.procs\x00', 0x2, 0x0)
openat$cgroup(r8, &(0x7f0000000000)='syz1\x00', 0x200002, 0x0)

2.56965552s ago: executing program 4 (id=2390):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
faccessat(0xffffffffffffffff, 0x0, 0x104)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000002c80)='/proc/sysvipc/shm\x00', 0x0, 0x0)
mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x11, r1, 0x6b396000)
ioctl$SIOCSIFMTU(r0, 0x8923, &(0x7f0000000040)={'vlan0\x00', 0x40})
socket(0x2c, 0x1, 0x2453ef30)

2.283663945s ago: executing program 4 (id=2392):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x5, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000900)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES16=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095", @ANYRES32=r1, @ANYRESOCT=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket(0x10, 0x803, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'team_slave_1\x00'})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2, 0x0, 0x80000}, 0x18)
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
sendfile(r4, r4, 0x0, 0x7ffff000)
r5 = syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x1700, &(0x7f00000001c0), 0x3, 0x465, &(0x7f0000000f00)="$eJzs3M9vFFUcAPDvzLYgP1sRf4CoVWJs/NHSgsrBi0YTDxhN9IDH2hZCWKihNRFCpBqDFxND1LPxaOJf4M2LUU8mXvVuSIhyAT3VzOwM7C67pYXtLnQ/n2SX92Ze+963b97Mm3m7BNC3RrK3JGJrRPwREUO1bGOBkdo/Vy+fnf738tnpJJaW3v47yctduXx2uixa/tyWIjOaRqSfJkUljeZPnzk+Va3Oniry4wsn3h+fP33muWMnpo7OHp09OXnw4IH9Ey++MPn8Mq3fuOI4s7iu7P5obs+u19+98Mb04Qvv/fJ91t6txf76ODplJAv8n6Vc3eYvs7cnO11Zj22rSycDPWwIq1KJiKy7BvPxPxSVuN55Q/HaJz1tHLCmsmvTMlfRxSVgHUtihcViZQWBu0V5oc/uf8tXl6Yed4RLL9dugLK4rxav2p6BSIsyg033t500EhGHF//7JnvFGj2HAACo9/n014fi2VbzvzQeqCu3vVhDGY6IeyNiR0TcFxE7I+L+iLzsgxHxUNuaNrTc2rw0dOP8J714y8GtQDb/e6lY22qc/5Wzv8pwpchty+MfTI4cq87uK/4mozG4MctPLFPHj6/+/kW7ffXzv+yV1V/OBYt2XBxoekA3M7UwlU9KO+DSxxG7B1rFn1xbCchu/XdFxO7V/ertZeLY09/taVfo5vEvowPrTEvfRjxV6//FaIq/lCy/Pjl+T1Rn942XR8WNfv3t/Fvt6r+t+Dsg6//Njcd/c5HhpH69dn71dZz/87O29zS3evxvSN7J+6U8q3w4tbBwaiJiQ3Iozzdsn7z+s2W+LJ/FP7q39fjfUUtsyt4ejojsIH4kIh6NiMeKtj8eEU9ExN5l4v/5lfb77oT+n2l5/rt2/Df1/+oTleM//dCu/pX1/4E8NVpsyc9/N7HSBt7O3w4AAADuFmn+GfgkHbuWTtOxsdpn+HfG5rQ6N7/wzJG5D07O1D4rPxyDafmka6jueehEslj8xlp+snhWXO7fXzw3/qqyKc+PTc9VZ3ocO/S7LW3Gf+avSq9bB6y5Vutoky3Xaxu+yAasA83jP23Mnnuzm40Busr3taF/3WT8p91qB9B9rv/Qv1qN/3NNeWsBsD65/kP/Mv6hfxn/0L+Mf+hLt/O9/n5OZKfMO6AZ1aGiH7tfe6S9jl1iLRKt/58mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAu9X/AQAA//9l+OT1")
bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYRES16=r5], 0x50)
socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = socket$inet(0x2, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000014c0)={&(0x7f00000003c0)='kmem_cache_free\x00'}, 0x18)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000680)='/proc/bus/input/devices\x00', 0x0, 0x0)
sendmmsg$inet(r6, &(0x7f0000004180)=[{{&(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0xb}}, 0x10, 0x0, 0x0, &(0x7f0000000440)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x4}}], 0x18}}], 0x1, 0x4000800)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)

1.964453679s ago: executing program 2 (id=2393):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000b40)=ANY=[@ANYBLOB="10000000040000000400000002000000000000ee5c63aa037286ef02367efca9c9258283e44c9bff9bae9a5a9e6116238933b0a893568ae333ab49fa5998cda1b397ad25c844f47ad0d7f890c0ea24f72a13680e60a0f4b1deaf71a5a932f2d9106f10222eddf0001ce0ce2138fed57090521bfda5e825ca506d851f0bf86792ea57a23ad12d08ac2894cb1923032741b7d6644c96999e19657587877b3418a27dc7e34a26b9c90eb9fe18c28ad9ef4f4b976da877ca6f4ca0ec91a2a8d5c2408f58a775e50260b880d5f6d6a63472a080eda772581b2aca357eb0ef0a4bff3f1ca15f819a", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYBLOB='\x00'/15], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000a80)={{r2}, &(0x7f0000000a00), &(0x7f0000000a40)=r1}, 0x20)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f00000010c0))
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r5, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r6, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0)
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000003c0)=ANY=[@ANYBLOB="5400000010001ffffcffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800b00010067726574617000001c00028006000e0002000000060010004e1d000008000700ac14142808000a00", @ANYRES32=r6], 0x54}, 0x1, 0x0, 0x0, 0x41}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
r7 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000380)={'bond_slave_1\x00'})
socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000012c0)={&(0x7f0000000040)='kfree\x00'}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x0, &(0x7f0000000100)})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
r8 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000200)={'geneve0\x00', <r9=>0x0})
sendmsg$nl_route(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="340000001000030000000000000000cb00000000", @ANYRES32=r9, @ANYBLOB="0080020000000000140012800b00010067656e657665000004000280"], 0x34}, 0x1, 0x2}, 0x80)

1.629076645s ago: executing program 0 (id=2394):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r3, 0xc004743e, 0x110e22fff6)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000001e80)={&(0x7f0000000180)=@abs={0x1, 0x5c, 0x1}, 0x6e, 0x0}, 0x20000)
ioctl$TUNGETVNETLE(r2, 0x40047451, &(0x7f0000000180)) (fail_nth: 4)

1.603016735s ago: executing program 2 (id=2396):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000010100008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d)
r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x4)
r3 = dup2(r2, r2)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x200000a, 0x1})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r4, 0x0, 0x0}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008800000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000000a00)={&(0x7f00000006c0)="29f931cab4906fccf61cf4b10a9bcf8d4edd80fc76e818a9d5eebfefadce2e8f079d4b8fc41b3aaa897d50a9388eb6ec79a03f6a2b83c5051268d0dc07241ae5c3fef7d0aa9464", &(0x7f0000000800)=""/114, &(0x7f0000000880)="53d9698e54765d2ce7d434cc57ca8fa638a5866edec446f43baf34bb0e21af7b0124", &(0x7f0000000980)="08b83f1593409525a634bcd776ee5fa8c4cc887ffd9be0576c13d220b11d8e02e557a4a9530a9de8e8f16a6b55bb94c853b729abba608ba54444", 0x101, r4, 0x4}, 0x38)
r5 = gettid()
rt_sigtimedwait(&(0x7f0000000080)={[0x3ff]}, 0xffffffffffffffff, 0x0, 0x8)
tkill(r5, 0x7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r6 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_script(r6, &(0x7f0000019380)={'#! ', './file0'}, 0xb)
close(r6)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$gtp(&(0x7f0000002e40), 0xffffffffffffffff)
syz_clone(0x4000400, &(0x7f0000000500)="e34f0670000ae73178fd644ccc55deb05d587290e6f2bf70eccbedaf5fba91726db4", 0x22, &(0x7f0000000540), &(0x7f0000000580), &(0x7f00000005c0)="78c1a860e5ab672f7c0aa44b19811c0eeb96bbd1013b0e1ec981523460422138a7d8e1b25f6490b3cb74311f28725dccd8b5a00ae233a4547326dcc88a6ea493454a08dc92f1bdc2e08253e33aa8cae3b074fa70f3bb20c49f86acc25b9db994806246d86890053aa3676e9f218d26ef98ef910e04f488ff96482d23cf72b69945fdc7538424f842f074328b8c6f7e82df9b7af00485fc258f8a95a441abb7868c2c869498c158b41bbffdc76d859a45155888a484acc1cb7d8b1e6f423b4301a4967d35e396cdc2865833319da80c1d06de9c8ea4d55560809d7d675c6af251b8abbd1f46")
timerfd_create(0x8, 0x80800)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x140400, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10)

1.31196777s ago: executing program 3 (id=2398):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000340)={0x3f, 0x3, 0x5, 0x3}, 0x10)
write(r0, &(0x7f00000000c0)="effd00001e005f0214fffffffffffff8070000000000000000000000080009001d000000", 0x24)

1.29254332s ago: executing program 3 (id=2399):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) (async)
r1 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000100)=@ethtool_ringparam={0xa, 0x0, 0x300, 0x5, 0x0, 0xfffffffc, 0x0, 0x0, 0xfffffffd}}) (async)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, 0x0, 0x48) (async)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r2}, 0x10) (async)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x4, 0x10000}, 0x0, 0x0) (async)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r4, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={0x0, 0x18}}, 0x0) (async)
getsockname$packet(r4, &(0x7f0000000180)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0xffffff14, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="5000000010008105e9c51c000000000000000000", @ANYRES32=r5, @ANYBLOB="01000000000000002800128009000100766c616e000000001800028006000100000000000c0002000c0000000d00000008000500", @ANYRES64=r3], 0x50}}, 0x0) (async)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="2c0000001000030400"/20, @ANYRES32=r5, @ANYBLOB="a5fdad88000000000a000100aa"], 0x2c}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000540))
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000640)={'gre0\x00', &(0x7f0000000580)={'syztnl2\x00', <r6=>0x0, 0x7800, 0x7, 0x3, 0x1, {{0x1f, 0x4, 0x0, 0x36, 0x7c, 0x66, 0x0, 0xd3, 0x2f, 0x0, @multicast2, @loopback, {[@rr={0x7, 0x7, 0x84, [@dev={0xac, 0x14, 0x14, 0x1f}]}, @end, @timestamp={0x44, 0x1c, 0xe2, 0x0, 0x1, [0x80000000, 0x865, 0x7f, 0x5, 0x259, 0x8]}, @timestamp={0x44, 0x8, 0x4b, 0x0, 0xb, [0x7]}, @rr={0x7, 0xf, 0xd9, [@multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1]}, @end, @ssrr={0x89, 0x23, 0x8d, [@private=0xa010100, @broadcast, @private=0xa010102, @remote, @private=0xa010101, @multicast1, @private=0xa010101, @multicast1]}, @generic={0x89, 0x8, "23332911e6f0"}]}}}}}) (async, rerun: 64)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000780)={'erspan0\x00', &(0x7f0000000680)={'gretap0\x00', 0x0, 0x40, 0x8, 0x6, 0x9, {{0x31, 0x4, 0x2, 0x36, 0xc4, 0x64, 0x0, 0x8, 0x4, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @remote, {[@ra={0x94, 0x4, 0x1}, @ra={0x94, 0x4, 0x1}, @cipso={0x86, 0x27, 0x2, [{0x2, 0xb, "c937055bbf3de8a104"}, {0x0, 0x8, "b14ef84a4740"}, {0x7, 0xe, "f944d51bc6967b9a862ca3b6"}]}, @timestamp_prespec={0x44, 0x14, 0xe, 0x3, 0x4, [{@multicast1, 0x600000}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x9}]}, @cipso={0x86, 0xa, 0x2, [{0x2, 0x4, "8cc3"}]}, @rr={0x7, 0x13, 0x9e, [@remote, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast2, @rand_addr=0x64010100]}, @ra={0x94, 0x4, 0x1}, @timestamp_addr={0x44, 0x4c, 0x58, 0x1, 0x5, [{@broadcast, 0x3}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x91}, {@broadcast, 0xfff}, {@rand_addr=0x64010102}, {@broadcast, 0x6}, {@local, 0xe}, {@multicast2, 0x7ff}, {@broadcast, 0x7}, {@local}]}]}}}}}) (async, rerun: 64)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f00000001c0)={'sit0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r8, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x10, 0x1}}]}}, @TCA_RATE={0x6}]}, 0x4c}, 0x1, 0x0, 0x0, 0x48801}, 0x0) (async, rerun: 32)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000840)={'ip6gre0\x00', &(0x7f00000007c0)={'syztnl0\x00', <r9=>0x0, 0x6, 0x9b, 0x7, 0x400, 0x60, @ipv4={'\x00', '\xff\xff', @empty}, @mcast2, 0x8000, 0x700, 0x101, 0xc4a4}}) (async, rerun: 32)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000880)={<r10=>0x0, @multicast2, @loopback}, &(0x7f00000008c0)=0xc) (async)
r11 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r11, 0x8933, &(0x7f0000000240)={'wg0\x00', <r12=>0x0})
r13 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r13, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@ipv4_newroute={0x2c, 0x18, 0xaba64f4add525e83, 0x0, 0x0, {0x2, 0x0, 0x80, 0x0, 0x2, 0x0, 0xfe, 0x2}, [@RTA_OIF={0x8, 0x4, r12}, @RTA_PREFSRC={0x8, 0x7, @local}]}, 0x2c}, 0x1, 0xffffff7f, 0x0, 0x20000800}, 0x4040000) (async)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000980)={'gretap0\x00', &(0x7f0000000900)={'ip_vti0\x00', <r14=>0x0, 0x10, 0x40, 0x1, 0x5, {{0x15, 0x4, 0x1, 0x1, 0x54, 0x66, 0x0, 0x9, 0x29, 0x0, @local, @private=0xa010100, {[@cipso={0x86, 0x30, 0x0, [{0x5, 0xa, "a8f83526d2e30feb"}, {0x7, 0x3, "ef"}, {0x2, 0x10, "9c54f5eacd68ce92d941c9113372"}, {0x6, 0xb, "9a18d11ea63e5ae750"}, {0x1, 0x2}]}, @noop, @lsrr={0x83, 0xf, 0x6a, [@initdev={0xac, 0x1e, 0x0, 0x0}, @rand_addr=0x64010100, @multicast1]}]}}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000a80)={'ip_vti0\x00', &(0x7f00000009c0)={'gretap0\x00', <r15=>0x0, 0x941d930f1775f178, 0x1, 0x2, 0x73, {{0x23, 0x4, 0x1, 0x0, 0x8c, 0x67, 0x0, 0x26, 0x95049747ec10bbe1, 0x0, @loopback, @initdev={0xac, 0x1e, 0x1, 0x0}, {[@cipso={0x86, 0x48, 0x3, [{0x0, 0x7, "51c107cccc"}, {0x7, 0x10, "4918a50bec70295109498546340e"}, {0x1, 0xe, "7999f86abe3c132910370c3a"}, {0x0, 0xb, "d6d5a8767bb18f66f6"}, {0x0, 0x7, "ce9a773903"}, {0x6, 0x3, '\f'}, {0x1, 0x8, "fbdbfb19773c"}]}, @rr={0x7, 0x1b, 0x8c, [@remote, @multicast2, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast2, @local, @empty]}, @timestamp_prespec={0x44, 0x14, 0x6f, 0x3, 0x0, [{@initdev={0xac, 0x1e, 0x0, 0x0}, 0x81}, {@multicast1}]}, @noop]}}}}})
sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, &(0x7f0000000dc0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000d80)={&(0x7f0000000ac0)={0x220, 0x0, 0x200, 0x70bd29, 0x25dfdbfc, {}, [@HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'xfrm0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}]}, @HEADER={0x4}, @HEADER={0x6c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bridge\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vcan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r12}]}, @HEADER={0x9c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r14}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vxcan1\x00'}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r15}]}]}, 0x220}, 0x1, 0x0, 0x0, 0x40800}, 0x4000000)

1.27460188s ago: executing program 4 (id=2400):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e8500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r2}, &(0x7f0000000380), &(0x7f00000003c0)=r3}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r4}, 0x10)
kexec_load(0x0, 0x1, &(0x7f0000000140)=[{0x0, 0x3e00, 0x116094000, 0x41000000}], 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x4c, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x800000000003}, 0x1, 0x5dd8, 0x0, 0x3, 0x400000, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x8220c00, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x369ac89f52bf2160}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="191d25bd7000ffdbdf256300000008000300", @ANYRES32=r6, @ANYBLOB], 0x1c}}, 0x40)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = fsopen(&(0x7f0000001340)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r7, 0x6, 0x0, 0x0, 0x0)
r8 = fsmount(r7, 0x0, 0x0)
openat$cgroup_procs(r8, &(0x7f0000000180)='cgroup.procs\x00', 0x2, 0x0)
openat$cgroup(r8, &(0x7f0000000000)='syz1\x00', 0x200002, 0x0)

1.220950841s ago: executing program 2 (id=2401):
rt_sigsuspend(0x0, 0x0)

1.220068361s ago: executing program 3 (id=2402):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, 0x0, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, 0x0, 0x0)
r1 = socket$pptp(0x18, 0x1, 0x2)
bind$pptp(r1, &(0x7f0000000000)={0x18, 0x2, {0x0, @local}}, 0x1e)
connect$pptp(r1, &(0x7f0000000080)={0x18, 0x2, {0x0, @rand_addr=0x64010102}}, 0x1e)
socket$packet(0x11, 0xa, 0x300)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r2 = perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x2)
close(r2)
perf_event_open(0x0, 0x0, 0x8, 0xffffffffffffffff, 0x8)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f00000004c0)='sched_switch\x00', r3}, 0x18)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x100001f, &(0x7f0000000280), 0x21, 0x44b, &(0x7f0000000dc0)="$eJzs281vG0UbAPBn7aR9274lKSof/YAGCqICkTRpgR44tAgkDiAhwaEcQ5JWoW6DmiDRKoKAUDmiShy4IY5I/AWc4IKAExJXuKNKFcqlhZPR2ruJ49hJnNh1iH8/aZWZ3XFmHu+OPbPjDaBnDUXEpxHx/4j4PSIGIiKpLzBU/XN3cX7i78X5iSTK5Tf/Sirl7izOT+RF89ftyzML1fyRBvXOXrt+abxUmrqa5UfmLr83Mnvt+rPTl8cvTl2cujJ25szpU6MvPD/2XFviTNt05/CHM0cPvfr2zdcnzt985+dvkyy8qIujTYbWOvhkmyvrtv016aSviw2hJcWISE9Xf6X/D0Qxlk/eQLzySVcbB3RUuVwu725+eKEM7GBJdLsFQHfkX/Tp/Dff7tHQY1u4fa46AUrjvptt1SN9UcjK9NfNb9spnW2dX/jnq3SLztyHAABY4ftz1b+rx3+FeLCm3NlsbWgwIg7ULG4cjIgHIiplH4qIh1usv36RZPX4p3CrxX/ZknT892K2trVy/JeP/mKwmOX2V+LvTy5Ml6ZORsR9EXEi+nen+dE16vjh5d8+b3ZsqGb8l25p/flYMGvHrb66G3ST43PjW4m51u2PIw73NYo/WVoJSCLiUEQcPra5Oqaf/uZos2Prx7+GNqwzlb+OeKp6/heiLv5csvb65Mj/ojR1ciS/Klb75dcbbzSrv9X4D3y5PGdrh/T87214/S/FP1gu1qzXzrZex40/Pms6p9ns9b8reauS3pXt+2B8bu7qaMSu5LVs/9nl/WPLr83zefk0/hPHG/f/+2P5nTgSEelF/EhEPBoRx7K2PxYRj0fE8TXi/+mlJ97dfPydlcY/uc75T2rX6zeRKF768bsVlQ62En96/k9XUieyPRv5/NtoA7f6/gEAAMB/QaHy2/+kMLyULhSGh6u/lz8Yewulmdm5Zy7MvH9lsvqMwGD0F/I7XQM190NHs2l9nh+ry5/K7ht/UdxTyQ9PzJQmux089Lh9Tfp/6s9it1sHdJzntaB36f/Qu/R/6F36P/SsRs//79lAGWAHaPT9/1EX2gHce8b/0Lta7f/VyYEpAewEvv+hd+n/0JO28lx/JxP5+sN2ac+KRLm8Xpm+7dLUziWisC2aIdGhRJc/mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANrk3wAAAP//+TvoKw==")
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000800), 0xffffffffffffffff)
prctl$PR_SET_NAME(0xf, &(0x7f0000000180)='wg1\x00')
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x13, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000040000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000c00)='ext4_sync_fs\x00', r6, 0x0, 0xfffffffffffffff8}, 0x18)
sync()
pipe2(&(0x7f0000001cc0), 0x800)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r7}, 0x10)
r8 = syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/net\x00')
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r4, &(0x7f0000000f40)={0x0, 0x0, &(0x7f0000000f00)={&(0x7f0000000ec0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000001400000408001d00", @ANYRES32=r8, @ANYBLOB="0800010000000000"], 0x24}}, 0x0)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r4, 0x0, 0x24000080)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)

1.137868682s ago: executing program 0 (id=2403):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x18)
pipe(&(0x7f0000000080))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0xf, 0xc, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$igmp(0x2, 0x3, 0x2)
syz_mount_image$msdos(&(0x7f0000000040), &(0x7f0000000200)='./file0\x00', 0x2000000, &(0x7f0000000340)=ANY=[@ANYBLOB="003531d0081634a844cb7924d87a8dce5d1a6c9ae88dce733292494dc2900e6759d69221ec8f827bc438bf6a983de5286b648195a809a18b941c6b3d090092180d1746e9c5eae6b9c2992b32ec95bffe226d2ad16124944e105e9d268dfafd74ca934a7dbef224c2293a4798904f162d126d1819febf57d3758306dadf1057fdf9ee584e"], 0x1, 0x55a, &(0x7f0000000b80)="$eJzs2s9qE1EUB+CTP02LCGYtLgbcuCrVJzBICsWAEMlCceFA4yYjwmQzyaoP4hP4PD5JVt1F6oSkURGknUxtvg9CDvlNMucykHsX5+OTz5PzL9NPH75/jaOXSbQjonkZ0Y1mtKLUiI1GdOK6iwAA/jfDYdqruweqlee99OoMd/hbMvpWS0MAAAAAAAAAAADc2L/M/zfN/wPAvVDO/3fqboMK5Xkv7azOb9vM/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD1uVwuHy3/8qq7PwDg9tn/AWD/2P8BYP/Y/wFg/7x99/51bzDoD5PkKGJxUYyKUfle5qdng/5J8lN3861FUYxa6/x5mSfb+UE8WOUv/ph34tnTMr/KXr0Z/JIfxnn1ywcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACuOU7Wuo31p4uiGLXKfHNBN7bysjo9G/RPVhds5+143N7dOgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICbm87mkzTLxrmiiqIdETu41/HD8mkerJ7q7d8iolHRLyvuZlHffxIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFCv6Ww+SbNsnE/r7gQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuCums/kkzbJxXmFR9xoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYvR8BAAD//2/WhiY=")
open(&(0x7f00009e1000)='./file1\x00', 0x60840, 0x0)

1.136773993s ago: executing program 1 (id=2404):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @lirc_mode2=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e8500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r2}, &(0x7f0000000380), &(0x7f00000003c0)=r3}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r4}, 0x10)
kexec_load(0x0, 0x1, &(0x7f0000000140)=[{0x0, 0x3e00, 0x116094000, 0x41000000}], 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x4c, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x800000000003}, 0x1, 0x5dd8, 0x0, 0x3, 0x400000, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x8220c00, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x369ac89f52bf2160}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="191d25bd7000ffdbdf256300000008000300", @ANYRES32=r6, @ANYBLOB], 0x1c}}, 0x40)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = fsopen(&(0x7f0000001340)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r7, 0x6, 0x0, 0x0, 0x0)
r8 = fsmount(r7, 0x0, 0x0)
openat$cgroup_procs(r8, &(0x7f0000000180)='cgroup.procs\x00', 0x2, 0x0)
openat$cgroup(r8, &(0x7f0000000000)='syz1\x00', 0x200002, 0x0)

1.085301823s ago: executing program 2 (id=2405):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000140)={0x4200, 0x3, 0x5}, 0x10)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000010c0)=ANY=[@ANYBLOB="200000001600010a00000000000000000a0000000c0000800800", @ANYRES16=r0], 0x20}, 0x1, 0x0, 0x0, 0x20040041}, 0x0)

1.002398984s ago: executing program 2 (id=2406):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x24, &(0x7f0000000d00)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000e868495fb58d00b6ad1f50ad32d6ad25dfd73a015e0ca6a0f68a7d007dc6751dfb265a0e3ccae669e173a64bc1cfd514600650a58f145ff1205fc9ddaa275e687d452d64e7cc957d77578f4c25235138d5521f9453559c35da860e8efbc64e57cbb7aee976f2b54421eed73d5661cfeecf9c66c54c3b3ffe1b4ce25d7c983cd44c05bd0a48dfe3e26e7a23129d6606ed28a69989d552af6d9a9df2c3af36e0360070011bbecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f163d1a1a83109753f54b21cd027edd68149ee99eebc6f7d6dd4aed4af7588c8e1b44ccb19e810879b81a7000000e7ffffff00000000d7900a820b63278f4e9a217b98ef7042ad2a928903000000cbe43a1ed25268816b00000000000009d27d753a30a147b24a48435bd8a568669596e9e0867958e1dd7a0defb6670c06054002238260000000000040587c1ed797aa21a38e1e389f640a0b8b0000000000a835ad0f61ba739cd0c31b05c00fba8a4aee676d7caa2e53b91a68ff2e60da7b01a2e5785a238afa4aba70c08b0d71b6f72d6a8d87fb08533d97ad96d3943c4cc8306dac433a5cdf78b04963d679d5a5d07e618a1ef9057fec00f9e93021f5a8d30e716de8cde9c6000000000c3b64d10f0939b42b33ab2a8717096c58bb3bb1d457d8bb96870f5a7e2ba31fd69bb80235d957eaa9a40b764e5381ffa604aaafb76a980e72b408f686b185736693089213b4e140f8f38e5589663115093889deb646122a5dc5a9e5ba4d37749a36b880110e2bf524b79bc91105f1d3f7d0de694a9417d68694f17ba5e27ea1cec518b93fadcfe0de010ae9be3273ff73c34b5695080a35bfa5c69e3b533e1b939c81b3beda037b7191cb0000000000000000000010e5d683b8938db5c305cf7e6e62a6890ba9e1f4ee64f8202b59de5036569febfaa95f4633db108b2f786333ec7bacc927f4a1785165b5d2444b4c022bb5cff472e6a0c8ee9d6d8df83b704669147b732ac508c9b9f0ca0a1ce45319d43d4643eb285835daf2065b57bebd61ad6671296c27253a5f9688d57c91ccd40ffe2dbc5dd1613a2e6f5b363cc8d205ce6ef3c3c6ded7dd3dfdb39008d8997213f68cdc971c1d6fdacb7729a5560880a77525e9cfb94ef1735dfe74e6b948699d2e9d6adec4a0db12498b027f7e3580436b532a82e315d56b17a5dba98436cc24babaae409f0aab0b40af116001bc85492455956e853ead08b5793d4ecf72378a3dfd9cc837b1c66212d9a2be8fd6341c2f837c7fe09924a51ec42912856c"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc6, &(0x7f0000000600)=""/198, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc, 0x0, 0x0, 0xffffffff}, 0x10)
r2 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
close(r2)
r3 = getpid()
futex(0x0, 0x85, 0x0, 0x0, 0x0, 0xc5fffffd)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
unshare(0x68040200)

178.443037ms ago: executing program 3 (id=2407):
r0 = socket(0x1e, 0x2, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000480), 0x4)
sendmsg$tipc(r0, &(0x7f0000000200)={&(0x7f0000000000)=@id={0x1e, 0x3, 0x0, {0x4e22}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x20040014}, 0x4000000)

177.672757ms ago: executing program 0 (id=2408):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000181100"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00:)\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000088500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r2}, 0x10)
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000540)=ANY=[@ANYBLOB="0600000004000000ff0100005c0000000000000027544ff8b771ed6d5fc57ac1ec3e72a2242b6328662645a2f1d7e0a53eb619cab1f11314528876e81ce19d0ff8763f57e8cb240a11ca8d7269343adbeb040000000000000066f86a5feac9fb2c0e47a63e04fd15e5e884e0875c46aa331fb463fa56ef8603badae76e66dcdc75ea509cb4e3ca8ba5186f3e010f9f1540cbe2f2d99a378e", @ANYRES32, @ANYBLOB="0600"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000feffffff00"/28], 0x50)
r3 = socket(0x1e, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000003e000701fcfffffffddbdf25047c0000100036800c00020007009300000000000c0001"], 0x30}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000680)={{r8}, &(0x7f00000000c0), &(0x7f0000000140)='%pi6   \x00'}, 0x20)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000400)={{0x1, 0x1, 0x18, r8, {0x7}}, './file0\x00'})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000080)='kfree\x00', r9}, 0x18)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r3, 0x10f, 0x81, &(0x7f0000000480), 0x4)
r10 = bpf$ITER_CREATE(0x21, &(0x7f0000000340), 0x8)
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0b00000005000000020000000400000001800000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000016647225b88", @ANYRES32=r10, @ANYBLOB='\x00\x00\x00\x00'], 0x50)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa2007ec2660845a2804f051c4aeb3c0000f8ffffffb703000008000000b70400000000003946414de1d7c53300840085000200030000009500"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r12}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r11}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)

105.842959ms ago: executing program 3 (id=2409):
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3, 0x0, 0x100}, 0x18)
write$P9_RVERSION(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
r4 = dup(r1)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB, @ANYRESHEX=r4])
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000080)=ANY=[])

101.685828ms ago: executing program 2 (id=2410):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x5, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000900)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES16=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095", @ANYRES32=r1, @ANYRESOCT=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket(0x10, 0x803, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'team_slave_1\x00'})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2, 0x0, 0x80000}, 0x18)
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
sendfile(r4, r4, 0x0, 0x7ffff000)
r5 = syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x1700, &(0x7f00000001c0), 0x3, 0x465, &(0x7f0000000f00)="$eJzs3M9vFFUcAPDvzLYgP1sRf4CoVWJs/NHSgsrBi0YTDxhN9IDH2hZCWKihNRFCpBqDFxND1LPxaOJf4M2LUU8mXvVuSIhyAT3VzOwM7C67pYXtLnQ/n2SX92Ze+963b97Mm3m7BNC3RrK3JGJrRPwREUO1bGOBkdo/Vy+fnf738tnpJJaW3v47yctduXx2uixa/tyWIjOaRqSfJkUljeZPnzk+Va3Oniry4wsn3h+fP33muWMnpo7OHp09OXnw4IH9Ey++MPn8Mq3fuOI4s7iu7P5obs+u19+98Mb04Qvv/fJ91t6txf76ODplJAv8n6Vc3eYvs7cnO11Zj22rSycDPWwIq1KJiKy7BvPxPxSVuN55Q/HaJz1tHLCmsmvTMlfRxSVgHUtihcViZQWBu0V5oc/uf8tXl6Yed4RLL9dugLK4rxav2p6BSIsyg033t500EhGHF//7JnvFGj2HAACo9/n014fi2VbzvzQeqCu3vVhDGY6IeyNiR0TcFxE7I+L+iLzsgxHxUNuaNrTc2rw0dOP8J714y8GtQDb/e6lY22qc/5Wzv8pwpchty+MfTI4cq87uK/4mozG4MctPLFPHj6/+/kW7ffXzv+yV1V/OBYt2XBxoekA3M7UwlU9KO+DSxxG7B1rFn1xbCchu/XdFxO7V/ertZeLY09/taVfo5vEvowPrTEvfRjxV6//FaIq/lCy/Pjl+T1Rn942XR8WNfv3t/Fvt6r+t+Dsg6//Njcd/c5HhpH69dn71dZz/87O29zS3evxvSN7J+6U8q3w4tbBwaiJiQ3Iozzdsn7z+s2W+LJ/FP7q39fjfUUtsyt4ejojsIH4kIh6NiMeKtj8eEU9ExN5l4v/5lfb77oT+n2l5/rt2/Df1/+oTleM//dCu/pX1/4E8NVpsyc9/N7HSBt7O3w4AAADuFmn+GfgkHbuWTtOxsdpn+HfG5rQ6N7/wzJG5D07O1D4rPxyDafmka6jueehEslj8xlp+snhWXO7fXzw3/qqyKc+PTc9VZ3ocO/S7LW3Gf+avSq9bB6y5Vutoky3Xaxu+yAasA83jP23Mnnuzm40Busr3taF/3WT8p91qB9B9rv/Qv1qN/3NNeWsBsD65/kP/Mv6hfxn/0L+Mf+hLt/O9/n5OZKfMO6AZ1aGiH7tfe6S9jl1iLRKt/58mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAu9X/AQAA//9l+OT1")
bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYRES16=r5], 0x50)
socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = socket$inet(0x2, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000014c0)={&(0x7f00000003c0)='kmem_cache_free\x00'}, 0x18)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000680)='/proc/bus/input/devices\x00', 0x0, 0x0)
sendmmsg$inet(r6, &(0x7f0000004180)=[{{&(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0xb}}, 0x10, 0x0, 0x0, &(0x7f0000000440)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x4}}], 0x18}}], 0x1, 0x4000800)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)

32.554159ms ago: executing program 1 (id=2411):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000010100008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d)
r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x4)
r3 = dup2(r2, r2)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x200000a, 0x1})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r4, 0x0, 0x0}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008800000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000000a00)={&(0x7f00000006c0)="29f931cab4906fccf61cf4b10a9bcf8d4edd80fc76e818a9d5eebfefadce2e8f079d4b8fc41b3aaa897d50a9388eb6ec79a03f6a2b83c5051268d0dc07241ae5c3fef7d0aa9464", &(0x7f0000000800)=""/114, &(0x7f0000000880)="53d9698e54765d2ce7d434cc57ca8fa638a5866edec446f43baf34bb0e21af7b0124", &(0x7f0000000980)="08b83f1593409525a634bcd776ee5fa8c4cc887ffd9be0576c13d220b11d8e02e557a4a9530a9de8e8f16a6b55bb94c853b729abba608ba54444", 0x101, r4, 0x4}, 0x38)
r5 = gettid()
rt_sigtimedwait(&(0x7f0000000080)={[0x3ff]}, 0xffffffffffffffff, 0x0, 0x8)
tkill(r5, 0x7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r6 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_script(r6, &(0x7f0000019380)={'#! ', './file0'}, 0xb)
close(r6)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$gtp(&(0x7f0000002e40), 0xffffffffffffffff)
syz_clone(0x4000400, &(0x7f0000000500)="e34f0670000ae73178fd644ccc55deb05d587290e6f2bf70eccbedaf5fba91726db4", 0x22, &(0x7f0000000540), &(0x7f0000000580), &(0x7f00000005c0)="78c1a860e5ab672f7c0aa44b19811c0eeb96bbd1013b0e1ec981523460422138a7d8e1b25f6490b3cb74311f28725dccd8b5a00ae233a4547326dcc88a6ea493454a08dc92f1bdc2e08253e33aa8cae3b074fa70f3bb20c49f86acc25b9db994806246d86890053aa3676e9f218d26ef98ef910e04f488ff96482d23cf72b69945fdc7538424f842f074328b8c6f7e82df9b7af00485fc258f8a95a441abb7868c2c869498c158b41bbffdc76d859a45155888a484acc1cb7d8b1e6f423b4301a4967d35e396cdc2865833319da80c1d06de9c8ea4d55560809d7d675c6af251b8abbd1f46")
timerfd_create(0x8, 0x80800)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x140400, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10)

31.771469ms ago: executing program 0 (id=2412):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000080)=0x7faf, 0x4) (async)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000080)=0x7faf, 0x4)
bind$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @local}, 0x10) (async)
bind$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) (async)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x19, 0xc, &(0x7f0000000b40)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1}, [@ldst={0x1, 0x2, 0x0, 0xa, 0x0, 0xfffffffffffffff8, 0xfffffffffffffffc}, @generic={0xa, 0xe, 0x9, 0x8, 0x3}, @func={0x85, 0x0, 0x1, 0x0, 0xffffffffffffffff}, @generic={0x4, 0x1, 0x0, 0x0, 0x2}, @map_val={0x18, 0x7, 0x2, 0x0, r1, 0x0, 0x0, 0x0, 0x1ff}, @btf_id={0x18, 0x6, 0x3, 0x0, 0x3}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}]}, &(0x7f0000000880)='GPL\x00', 0x2, 0x11, &(0x7f0000000bc0)=""/17, 0x40f00, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000c00)={0x0, 0x3}, 0x8, 0x10, &(0x7f0000000c40)={0x2, 0x1, 0xffffff36, 0xfffffffe}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000000c80)=[r1, r1, r2, r1, r1], &(0x7f0000000cc0)=[{0x3, 0x3, 0xe, 0x8}, {0x1, 0x4, 0x7, 0x7}], 0x10, 0x5, @void, @value}, 0x94) (async)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x19, 0xc, &(0x7f0000000b40)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1}, [@ldst={0x1, 0x2, 0x0, 0xa, 0x0, 0xfffffffffffffff8, 0xfffffffffffffffc}, @generic={0xa, 0xe, 0x9, 0x8, 0x3}, @func={0x85, 0x0, 0x1, 0x0, 0xffffffffffffffff}, @generic={0x4, 0x1, 0x0, 0x0, 0x2}, @map_val={0x18, 0x7, 0x2, 0x0, r1, 0x0, 0x0, 0x0, 0x1ff}, @btf_id={0x18, 0x6, 0x3, 0x0, 0x3}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}]}, &(0x7f0000000880)='GPL\x00', 0x2, 0x11, &(0x7f0000000bc0)=""/17, 0x40f00, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000c00)={0x0, 0x3}, 0x8, 0x10, &(0x7f0000000c40)={0x2, 0x1, 0xffffff36, 0xfffffffe}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000000c80)=[r1, r1, r2, r1, r1], &(0x7f0000000cc0)=[{0x3, 0x3, 0xe, 0x8}, {0x1, 0x4, 0x7, 0x7}], 0x10, 0x5, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b00)={&(0x7f0000000dc0)='rpcgss_need_reencode\x00', r4, 0x0, 0x6}, 0x18)
ftruncate(0xffffffffffffffff, 0xc17a)
r5 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
r6 = ioctl$TUNGETDEVNETNS(r5, 0x54e3, 0x0)
ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r6, 0x80286722, &(0x7f0000000000)={&(0x7f0000000a00)=""/226, 0xe2, 0x80, 0x9})
close_range(r5, 0xffffffffffffffff, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000280)={'wg0\x00'}) (async)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000280)={'wg0\x00', <r7=>0x0})
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000007c0)={r3, 0xe0, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000380), ""/16, 0x0, 0x0, 0x0, 0x0, 0xa, 0x7, &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000009c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r8=>0x0, 0xd9, &(0x7f00000005c0)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000600), &(0x7f0000000640), 0x8, 0xce, 0x8, 0x8, &(0x7f0000000680)}}, 0x10)
syz_clone(0x20a00000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
r9 = syz_clone(0x20a00000, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r9)
r10 = syz_io_uring_setup(0x110f, &(0x7f0000000240)={0x0, 0x7c0d, 0x80, 0x3, 0xbf7ffffa}, &(0x7f0000000200)=<r11=>0x0, &(0x7f00000001c0)=<r12=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r11, 0x4, &(0x7f00000002c0)=0x9, 0x0, 0x4)
syz_io_uring_submit(r11, r12, &(0x7f0000000180)=@IORING_OP_STATX={0x15, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x80, 0x6000})
io_uring_enter(r10, 0x1c3a, 0xe176, 0x22, 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$kcm(0x29, 0x0, 0x0)
ptrace$getregset(0x4204, r9, 0x202, &(0x7f0000000180)={0x0}) (async)
ptrace$getregset(0x4204, r9, 0x202, &(0x7f0000000180)={0x0})
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x5, 0x13, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}}, @alu={0x0, 0x0, 0x5, 0x1, 0x9, 0xffffffffffffffc0, 0xffffffffffffffff}, @exit, @alu={0x4, 0x0, 0xa, 0x8, 0x1, 0xc, 0xfffffffffffffffc}]}, &(0x7f0000000040)='syzkaller\x00', 0xf0, 0x33, &(0x7f0000000240)=""/51, 0x41000, 0x40, '\x00', r7, @fallback=0x2c, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0x4, 0xd, 0x5, 0x100}, 0x10, r8, 0xffffffffffffffff, 0x1, &(0x7f0000000800)=[r1, r1, r1, r1, r1, r1], &(0x7f0000000840)=[{0x1, 0x3, 0xd, 0xb}], 0x10, 0x8, @void, @value}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x5, 0x13, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}}, @alu={0x0, 0x0, 0x5, 0x1, 0x9, 0xffffffffffffffc0, 0xffffffffffffffff}, @exit, @alu={0x4, 0x0, 0xa, 0x8, 0x1, 0xc, 0xfffffffffffffffc}]}, &(0x7f0000000040)='syzkaller\x00', 0xf0, 0x33, &(0x7f0000000240)=""/51, 0x41000, 0x40, '\x00', r7, @fallback=0x2c, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0x4, 0xd, 0x5, 0x100}, 0x10, r8, 0xffffffffffffffff, 0x1, &(0x7f0000000800)=[r1, r1, r1, r1, r1, r1], &(0x7f0000000840)=[{0x1, 0x3, 0xd, 0xb}], 0x10, 0x8, @void, @value}, 0x94)

31.389749ms ago: executing program 4 (id=2413):
r0 = socket(0x1e, 0x2, 0x3)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000340)={0x3f, 0x3, 0x5, 0x3}, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfb, {0x0, 0x0, 0x0, r4, {0x0, 0x5}, {0xffff, 0xffff}, {0xffff, 0x9}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x4000)
sendmsg$nl_route_sched(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001300)=@newtfilter={0x9c, 0x2c, 0xd27, 0x30bd29, 0x21dfdbfc, {0x0, 0x0, 0x0, r4, {0x0, 0xf}, {}, {0x7}}, [@filter_kind_options=@f_u32={{0x8}, {0x70, 0x2, [@TCA_U32_SEL={0x64, 0x5, {0xe, 0x9, 0x5, 0x5, 0x7de, 0x74, 0xe, 0xdc, [{0x80000001, 0x2, 0x9, 0x1ff}, {0x3ee, 0x1, 0x4}, {0x9, 0xf12, 0x7f, 0xa}, {0x2, 0x2, 0x4, 0x8000}, {0x3, 0x1, 0x3, 0x3e}]}}, @TCA_U32_CLASSID={0x8, 0x1, {0x1, 0xffe0}}]}}]}, 0x9c}, 0x1, 0x0, 0x0, 0x24000014}, 0x200c4004)
write(r0, &(0x7f00000000c0)="240000001e005f0214fffffffffffff8070000000000000000000000080009001d000000", 0x24)

0s ago: executing program 3 (id=2414):
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000b38ee036830dd03308e5f581bdda650b655dbfdcc7bd3ef96e72162e37127b391449e27d", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c250000000000202020"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mount$bind(&(0x7f0000000400)='./control\x00', &(0x7f00000004c0)='./control\x00', 0x0, 0x202000, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x4000000000002be, 0x20000000)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r2)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x1c, r3, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x33}, @void}}}, 0x1c}}, 0x4000054)
bpf$MAP_CREATE(0x0, 0x0, 0x48)

kernel console output (not intermixed with test programs):

ect_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:net_conf_t:s0"
[  192.780203][T10093] loop0: detected capacity change from 0 to 512
[  192.834786][T10093] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.2068: bg 0: block 5: invalid block bitmap
[  192.901591][T10099] FAULT_INJECTION: forcing a failure.
[  192.901591][T10099] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  192.914952][T10099] CPU: 1 UID: 0 PID: 10099 Comm: syz.3.2070 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  192.915047][T10099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  192.915058][T10099] Call Trace:
[  192.915065][T10099]  <TASK>
[  192.915072][T10099]  __dump_stack+0x1d/0x30
[  192.915092][T10099]  dump_stack_lvl+0xe8/0x140
[  192.915109][T10099]  dump_stack+0x15/0x1b
[  192.915124][T10099]  should_fail_ex+0x265/0x280
[  192.915190][T10099]  should_fail+0xb/0x20
[  192.915269][T10099]  should_fail_usercopy+0x1a/0x20
[  192.915302][T10099]  _copy_from_user+0x1c/0xb0
[  192.915371][T10099]  do_ip6t_set_ctl+0x3a9/0x840
[  192.915455][T10099]  ? kstrtoull+0x111/0x140
[  192.915484][T10099]  ? __rcu_read_unlock+0x4f/0x70
[  192.915575][T10099]  nf_setsockopt+0x199/0x1b0
[  192.915598][T10099]  ipv6_setsockopt+0x11a/0x130
[  192.915619][T10099]  tcp_setsockopt+0x95/0xb0
[  192.915647][T10099]  sock_common_setsockopt+0x66/0x80
[  192.915723][T10099]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  192.915748][T10099]  __sys_setsockopt+0x181/0x200
[  192.915775][T10099]  __x64_sys_setsockopt+0x64/0x80
[  192.915875][T10099]  x64_sys_call+0x2bd5/0x2fb0
[  192.915916][T10099]  do_syscall_64+0xd2/0x200
[  192.915939][T10099]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  192.915979][T10099]  ? clear_bhb_loop+0x40/0x90
[  192.916078][T10099]  ? clear_bhb_loop+0x40/0x90
[  192.916098][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.916119][T10099] RIP: 0033:0x7f4d055be929
[  192.916135][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  192.916169][T10099] RSP: 002b:00007f4d03c27038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  192.916188][T10099] RAX: ffffffffffffffda RBX: 00007f4d057e5fa0 RCX: 00007f4d055be929
[  192.916199][T10099] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000006
[  192.916233][T10099] RBP: 00007f4d03c27090 R08: 0000000000000638 R09: 0000000000000000
[  192.916249][T10099] R10: 0000200000000c40 R11: 0000000000000246 R12: 0000000000000001
[  192.916263][T10099] R13: 0000000000000000 R14: 00007f4d057e5fa0 R15: 00007ffc01aef4d8
[  192.916289][T10099]  </TASK>
[  193.232937][T10093] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  193.282879][   T29] audit: type=1400 audit(1749976782.720:3456): avc:  denied  { setattr } for  pid=10100 comm="syz.4.2071" name="file0" dev="tmpfs" ino=2400 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  193.293489][T10093] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.2068: invalid indirect mapped block 3 (level 2)
[  193.340197][T10093] EXT4-fs (loop0): 1 orphan inode deleted
[  193.346124][T10093] EXT4-fs (loop0): 1 truncate cleaned up
[  193.366598][T10093] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  193.403243][   T29] audit: type=1326 audit(1749976782.890:3457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10107 comm="syz.4.2074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14715ee929 code=0x7ffc0000
[  193.470083][   T29] audit: type=1326 audit(1749976782.920:3458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10107 comm="syz.4.2074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f14715ee929 code=0x7ffc0000
[  193.493863][   T29] audit: type=1326 audit(1749976782.920:3459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10107 comm=7955394FFAFF03 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14715ee929 code=0x7ffc0000
[  193.517718][   T29] audit: type=1326 audit(1749976782.920:3460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10107 comm=7955394FFAFF03 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14715ee929 code=0x7ffc0000
[  193.541679][   T29] audit: type=1326 audit(1749976782.920:3461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10107 comm=7955394FFAFF03 exe="/root/syz-executor" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7f14715ee929 code=0x7ffc0000
[  193.565925][   T29] audit: type=1326 audit(1749976782.920:3462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10107 comm=7955394FFAFF03 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14715ee929 code=0x7ffc0000
[  193.589663][   T29] audit: type=1326 audit(1749976782.920:3463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10107 comm=7955394FFAFF03 exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f14715ee929 code=0x7ffc0000
[  193.925545][T10122] tmpfs: Unknown parameter 'defcontextC'
[  193.936070][T10122] loop1: detected capacity change from 0 to 512
[  193.956960][ T3310] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.053976][T10106] syz.3.2073 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  194.068263][T10106] CPU: 0 UID: 0 PID: 10106 Comm: syz.3.2073 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  194.068347][T10106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  194.068361][T10106] Call Trace:
[  194.068368][T10106]  <TASK>
[  194.068376][T10106]  __dump_stack+0x1d/0x30
[  194.068399][T10106]  dump_stack_lvl+0xe8/0x140
[  194.068419][T10106]  dump_stack+0x15/0x1b
[  194.068437][T10106]  dump_header+0x81/0x220
[  194.068544][T10106]  oom_kill_process+0x334/0x3f0
[  194.068576][T10106]  out_of_memory+0x979/0xb80
[  194.068610][T10106]  try_charge_memcg+0x5e6/0x9e0
[  194.068640][T10106]  obj_cgroup_charge_pages+0xa6/0x150
[  194.068754][T10106]  __memcg_kmem_charge_page+0x9f/0x170
[  194.068783][T10106]  __alloc_frozen_pages_noprof+0x188/0x360
[  194.068821][T10106]  alloc_pages_mpol+0xb3/0x250
[  194.068896][T10106]  alloc_pages_noprof+0x90/0x130
[  194.068930][T10106]  __vmalloc_node_range_noprof+0x6f2/0xe00
[  194.068971][T10106]  __kvmalloc_node_noprof+0x30f/0x4e0
[  194.069029][T10106]  ? ip_set_alloc+0x1f/0x30
[  194.069060][T10106]  ? ip_set_alloc+0x1f/0x30
[  194.069091][T10106]  ? __kmalloc_cache_noprof+0x189/0x320
[  194.069121][T10106]  ip_set_alloc+0x1f/0x30
[  194.069286][T10106]  hash_netiface_create+0x282/0x740
[  194.069316][T10106]  ? __pfx_hash_netiface_create+0x10/0x10
[  194.069351][T10106]  ip_set_create+0x3cc/0x960
[  194.069393][T10106]  ? __nla_parse+0x40/0x60
[  194.069463][T10106]  nfnetlink_rcv_msg+0x4c3/0x590
[  194.069501][T10106]  ? selinux_capable+0x1f9/0x270
[  194.069532][T10106]  netlink_rcv_skb+0x123/0x220
[  194.069571][T10106]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  194.069606][T10106]  nfnetlink_rcv+0x16b/0x1690
[  194.069644][T10106]  ? __list_del_entry_valid_or_report+0x65/0x130
[  194.069667][T10106]  ? prep_new_page+0x5c/0x200
[  194.069702][T10106]  ? get_page_from_freelist+0x1378/0x13d0
[  194.069771][T10106]  ? prep_new_page+0x5c/0x200
[  194.069869][T10106]  ? __list_del_entry_valid_or_report+0x65/0x130
[  194.069893][T10106]  ? __rmqueue_pcplist+0x9d2/0xbd0
[  194.069920][T10106]  ? __slab_free+0x77/0x270
[  194.069983][T10106]  ? should_fail_ex+0x30/0x280
[  194.070018][T10106]  ? selinux_nlmsg_lookup+0x99/0x890
[  194.070058][T10106]  ? selinux_netlink_send+0x59f/0x5f0
[  194.070227][T10106]  ? __rcu_read_unlock+0x34/0x70
[  194.070314][T10106]  ? __netlink_lookup+0x266/0x2a0
[  194.070334][T10106]  netlink_unicast+0x59e/0x670
[  194.070367][T10106]  netlink_sendmsg+0x58b/0x6b0
[  194.070387][T10106]  ? __pfx_netlink_sendmsg+0x10/0x10
[  194.070464][T10106]  __sock_sendmsg+0x142/0x180
[  194.070486][T10106]  ____sys_sendmsg+0x31e/0x4e0
[  194.070516][T10106]  ___sys_sendmsg+0x17b/0x1d0
[  194.070533][T10106]  ? _raw_spin_unlock_irqrestore+0x2b/0x60
[  194.070636][T10106]  __x64_sys_sendmsg+0xd4/0x160
[  194.070655][T10106]  x64_sys_call+0x2999/0x2fb0
[  194.070674][T10106]  do_syscall_64+0xd2/0x200
[  194.070690][T10106]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  194.070758][T10106]  ? clear_bhb_loop+0x40/0x90
[  194.070776][T10106]  ? clear_bhb_loop+0x40/0x90
[  194.070795][T10106]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.070817][T10106] RIP: 0033:0x7f4d055be929
[  194.070831][T10106] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  194.070848][T10106] RSP: 002b:00007f4d03c27038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  194.070892][T10106] RAX: ffffffffffffffda RBX: 00007f4d057e5fa0 RCX: 00007f4d055be929
[  194.070904][T10106] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000004
[  194.070916][T10106] RBP: 00007f4d05640b39 R08: 0000000000000000 R09: 0000000000000000
[  194.070927][T10106] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  194.070938][T10106] R13: 0000000000000000 R14: 00007f4d057e5fa0 R15: 00007ffc01aef4d8
[  194.070954][T10106]  </TASK>
[  194.070963][T10106] memory: usage 307196kB, limit 307200kB, failcnt 935
[  194.316320][T10122] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix.
[  194.319335][T10106] memory+swap: usage 372744kB, limit 9007199254740988kB, failcnt 0
[  194.319355][T10106] kmem: usage 307152kB, limit 9007199254740988kB, failcnt 0
[  194.325599][T10122] EXT4-fs (loop1): mount failed
[  194.329017][T10106] Memory cgroup stats for /syz3:
[  194.490439][T10106] cache 20480
[  194.498889][T10106] rss 8192
[  194.501943][T10106] shmem 0
[  194.505047][T10106] mapped_file 0
[  194.508704][T10106] dirty 0
[  194.511872][T10106] writeback 4096
[  194.515459][T10106] workingset_refault_anon 197
[  194.520339][T10106] workingset_refault_file 10772
[  194.525404][T10106] swap 67137536
[  194.529063][T10106] swapcached 4096
[  194.532713][T10106] pgpgin 366135
[  194.536232][T10106] pgpgout 366123
[  194.539789][T10106] pgfault 184981
[  194.543363][T10106] pgmajfault 160
[  194.547184][T10106] inactive_anon 8192
[  194.551138][T10106] active_anon 4096
[  194.554929][T10106] inactive_file 0
[  194.558707][T10106] active_file 0
[  194.562191][T10106] unevictable 0
[  194.565739][T10106] hierarchical_memory_limit 314572800
[  194.571225][T10106] hierarchical_memsw_limit 9223372036854771712
[  194.577589][T10106] total_cache 20480
[  194.581509][T10106] total_rss 8192
[  194.585173][T10106] total_shmem 0
[  194.588661][T10106] total_mapped_file 0
[  194.592707][T10106] total_dirty 0
[  194.596406][T10106] total_writeback 4096
[  194.600597][T10106] total_workingset_refault_anon 197
[  194.605870][T10106] total_workingset_refault_file 10772
[  194.611341][T10106] total_swap 67137536
[  194.615454][T10106] total_swapcached 4096
[  194.619750][T10106] total_pgpgin 366135
[  194.623810][T10106] total_pgpgout 366123
[  194.627912][T10106] total_pgfault 184981
[  194.632046][T10106] total_pgmajfault 160
[  194.636206][T10106] total_inactive_anon 8192
[  194.640661][T10106] total_active_anon 4096
[  194.644969][T10106] total_inactive_file 0
[  194.649195][T10106] total_active_file 0
[  194.650843][T10128] SELinux:  unknown common 
[  194.653273][T10106] total_unevictable 0
[  194.653284][T10106] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.2073,pid=10105,uid=0
[  194.664745][T10128] SELinux: failed to load policy
[  194.677037][T10106] Memory cgroup out of memory: Killed process 10105 (syz.3.2073) total-vm:93752kB, anon-rss:936kB, file-rss:22184kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  194.889844][T10135] futex_wake_op: syz.0.2079 tries to shift op by -1; fix this program
[  195.333523][T10144] FAULT_INJECTION: forcing a failure.
[  195.333523][T10144] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  195.346793][T10144] CPU: 0 UID: 0 PID: 10144 Comm: syz.4.2083 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  195.346826][T10144] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  195.346840][T10144] Call Trace:
[  195.346848][T10144]  <TASK>
[  195.346857][T10144]  __dump_stack+0x1d/0x30
[  195.346945][T10144]  dump_stack_lvl+0xe8/0x140
[  195.346967][T10144]  dump_stack+0x15/0x1b
[  195.346984][T10144]  should_fail_ex+0x265/0x280
[  195.347042][T10144]  should_fail+0xb/0x20
[  195.347073][T10144]  should_fail_usercopy+0x1a/0x20
[  195.347109][T10144]  _copy_from_iter+0xcf/0xe40
[  195.347200][T10144]  ? should_fail_ex+0xdb/0x280
[  195.347236][T10144]  ? should_failslab+0x8c/0xb0
[  195.347260][T10144]  ? __kmalloc_noprof+0x1dd/0x3e0
[  195.347282][T10144]  ? kernfs_fop_write_iter+0xe1/0x2d0
[  195.347311][T10144]  kernfs_fop_write_iter+0x129/0x2d0
[  195.347334][T10144]  do_iter_readv_writev+0x421/0x4c0
[  195.347359][T10144]  vfs_writev+0x2df/0x8b0
[  195.347392][T10144]  ? mutex_lock+0xd/0x30
[  195.347423][T10144]  do_writev+0xe7/0x210
[  195.347512][T10144]  __x64_sys_writev+0x45/0x50
[  195.347534][T10144]  x64_sys_call+0x2006/0x2fb0
[  195.347577][T10144]  do_syscall_64+0xd2/0x200
[  195.347598][T10144]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  195.347628][T10144]  ? clear_bhb_loop+0x40/0x90
[  195.347665][T10144]  ? clear_bhb_loop+0x40/0x90
[  195.347779][T10144]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  195.347829][T10144] RIP: 0033:0x7f14715ee929
[  195.347846][T10144] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  195.347865][T10144] RSP: 002b:00007f146fc57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  195.347888][T10144] RAX: ffffffffffffffda RBX: 00007f1471815fa0 RCX: 00007f14715ee929
[  195.347902][T10144] RDX: 0000000000000001 RSI: 0000200000000200 RDI: 0000000000000003
[  195.347914][T10144] RBP: 00007f146fc57090 R08: 0000000000000000 R09: 0000000000000000
[  195.347992][T10144] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  195.348003][T10144] R13: 0000000000000000 R14: 00007f1471815fa0 R15: 00007fff5f206378
[  195.348022][T10144]  </TASK>
[  195.786434][T10159] ip6t_rpfilter: only valid in 'raw' or 'mangle' table, not ''
[  195.868575][T10163] loop4: detected capacity change from 0 to 512
[  195.911475][T10167] FAULT_INJECTION: forcing a failure.
[  195.911475][T10167] name failslab, interval 1, probability 0, space 0, times 0
[  195.924344][T10167] CPU: 1 UID: 0 PID: 10167 Comm: syz.3.2089 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  195.924444][T10167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  195.924456][T10167] Call Trace:
[  195.924462][T10167]  <TASK>
[  195.924470][T10167]  __dump_stack+0x1d/0x30
[  195.924491][T10167]  dump_stack_lvl+0xe8/0x140
[  195.924549][T10167]  dump_stack+0x15/0x1b
[  195.924567][T10167]  should_fail_ex+0x265/0x280
[  195.924689][T10167]  should_failslab+0x8c/0xb0
[  195.924714][T10167]  kmem_cache_alloc_node_noprof+0x57/0x320
[  195.924794][T10167]  ? __alloc_skb+0x101/0x320
[  195.924821][T10167]  __alloc_skb+0x101/0x320
[  195.924924][T10167]  netlink_alloc_large_skb+0xba/0xf0
[  195.924951][T10167]  netlink_sendmsg+0x3cf/0x6b0
[  195.924973][T10167]  ? __pfx_netlink_sendmsg+0x10/0x10
[  195.924994][T10167]  __sock_sendmsg+0x142/0x180
[  195.925040][T10167]  ____sys_sendmsg+0x31e/0x4e0
[  195.925101][T10167]  ___sys_sendmsg+0x17b/0x1d0
[  195.925128][T10167]  __x64_sys_sendmsg+0xd4/0x160
[  195.925148][T10167]  x64_sys_call+0x2999/0x2fb0
[  195.925248][T10167]  do_syscall_64+0xd2/0x200
[  195.925391][T10167]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  195.925420][T10167]  ? clear_bhb_loop+0x40/0x90
[  195.925465][T10167]  ? clear_bhb_loop+0x40/0x90
[  195.925497][T10167]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  195.925519][T10167] RIP: 0033:0x7f4d055be929
[  195.925538][T10167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  195.925626][T10167] RSP: 002b:00007f4d03c27038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  195.925659][T10167] RAX: ffffffffffffffda RBX: 00007f4d057e5fa0 RCX: 00007f4d055be929
[  195.925674][T10167] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000005
[  195.925688][T10167] RBP: 00007f4d03c27090 R08: 0000000000000000 R09: 0000000000000000
[  195.925702][T10167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  195.925748][T10167] R13: 0000000000000000 R14: 00007f4d057e5fa0 R15: 00007ffc01aef4d8
[  195.925769][T10167]  </TASK>
[  195.954036][T10163] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.2087: bg 0: block 5: invalid block bitmap
[  195.981642][T10170] blktrace: Concurrent blktraces are not allowed on loop3
[  196.207314][T10163] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  196.247306][T10163] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.2087: invalid indirect mapped block 3 (level 2)
[  196.389008][T10179] loop3: detected capacity change from 0 to 8192
[  196.403856][T10163] EXT4-fs (loop4): 1 orphan inode deleted
[  196.409706][T10163] EXT4-fs (loop4): 1 truncate cleaned up
[  196.423339][T10179] /dev/loop3: Can't open blockdev
[  196.429411][T10163] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  196.451690][T10179] FAULT_INJECTION: forcing a failure.
[  196.451690][T10179] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  196.464806][T10179] CPU: 0 UID: 0 PID: 10179 Comm: syz.3.2092 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  196.464899][T10179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  196.464920][T10179] Call Trace:
[  196.464928][T10179]  <TASK>
[  196.464937][T10179]  __dump_stack+0x1d/0x30
[  196.464961][T10179]  dump_stack_lvl+0xe8/0x140
[  196.464981][T10179]  dump_stack+0x15/0x1b
[  196.464998][T10179]  should_fail_ex+0x265/0x280
[  196.465080][T10179]  should_fail+0xb/0x20
[  196.465131][T10179]  should_fail_usercopy+0x1a/0x20
[  196.465160][T10179]  strncpy_from_user+0x25/0x230
[  196.465185][T10179]  ? kmem_cache_alloc_noprof+0x186/0x310
[  196.465278][T10179]  ? getname_flags+0x80/0x3b0
[  196.465299][T10179]  getname_flags+0xae/0x3b0
[  196.465324][T10179]  __x64_sys_rename+0x33/0x70
[  196.465342][T10179]  x64_sys_call+0x2aee/0x2fb0
[  196.465363][T10179]  do_syscall_64+0xd2/0x200
[  196.465384][T10179]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  196.465425][T10179]  ? clear_bhb_loop+0x40/0x90
[  196.465519][T10179]  ? clear_bhb_loop+0x40/0x90
[  196.465623][T10179]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.465646][T10179] RIP: 0033:0x7f4d055be929
[  196.465661][T10179] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  196.465678][T10179] RSP: 002b:00007f4d03c27038 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
[  196.465733][T10179] RAX: ffffffffffffffda RBX: 00007f4d057e5fa0 RCX: 00007f4d055be929
[  196.465747][T10179] RDX: 0000000000000000 RSI: 0000200000001300 RDI: 0000200000000040
[  196.465760][T10179] RBP: 00007f4d03c27090 R08: 0000000000000000 R09: 0000000000000000
[  196.465773][T10179] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  196.465786][T10179] R13: 0000000000000000 R14: 00007f4d057e5fa0 R15: 00007ffc01aef4d8
[  196.465804][T10179]  </TASK>
[  196.677992][T10183] loop1: detected capacity change from 0 to 512
[  196.728495][T10183] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  196.746350][T10183] EXT4-fs (loop1): orphan cleanup on readonly fs
[  196.764285][T10183] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:517: comm syz.1.2094: Block bitmap for bg 0 marked uninitialized
[  196.783334][T10186] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2095'.
[  196.793509][T10183] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  196.803263][T10183] EXT4-fs (loop1): 1 orphan inode deleted
[  196.809499][T10183] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  196.882664][T10183] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[  196.948597][T10190] EXT4-fs (loop1): shut down requested (1)
[  197.012578][T10183] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  197.042644][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.138551][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.149323][T10195] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2096'.
[  197.552651][T10202] loop2: detected capacity change from 0 to 512
[  197.991680][T10211] loop0: detected capacity change from 0 to 512
[  197.999502][T10211] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  198.070417][T10211] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  198.095504][T10211] ext4 filesystem being mounted at /409/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  198.147782][T10222] loop4: detected capacity change from 0 to 1024
[  198.186456][ T3310] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.216835][T10227] 9pnet_fd: Insufficient options for proto=fd
[  198.223597][   T29] kauditd_printk_skb: 16 callbacks suppressed
[  198.223613][   T29] audit: type=1400 audit(1749976787.710:3479): avc:  denied  { ioctl } for  pid=10225 comm="syz.0.2107" path="socket:[29001]" dev="sockfs" ino=29001 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  198.265015][T10222] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  198.276311][T10227] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2107'.
[  198.287636][T10227] loop0: detected capacity change from 0 to 128
[  198.302858][T10227] FAT-fs (loop0): bogus number of FAT sectors
[  198.306366][T10231] futex_wake_op: syz.3.2108 tries to shift op by -1; fix this program
[  198.309015][T10227] FAT-fs (loop0): Can't find a valid FAT filesystem
[  198.325075][T10222] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  198.336222][T10222] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869)
[  198.359568][T10222] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  198.430347][T10222] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  198.477725][T10235] loop3: detected capacity change from 0 to 2048
[  198.487242][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.499851][T10239] netlink: 'syz.0.2110': attribute type 1 has an invalid length.
[  198.500344][T10235] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  198.520275][T10235] ext4 filesystem being mounted at /450/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  198.542875][T10239] 8021q: adding VLAN 0 to HW filter on device bond13
[  198.551934][T10245] netlink: 52 bytes leftover after parsing attributes in process `syz.0.2110'.
[  198.740486][T10206] syz.2.2102 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  198.751816][T10206] CPU: 0 UID: 0 PID: 10206 Comm: syz.2.2102 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  198.751848][T10206] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  198.751861][T10206] Call Trace:
[  198.751868][T10206]  <TASK>
[  198.751876][T10206]  __dump_stack+0x1d/0x30
[  198.751935][T10206]  dump_stack_lvl+0xe8/0x140
[  198.752006][T10206]  dump_stack+0x15/0x1b
[  198.752025][T10206]  dump_header+0x81/0x220
[  198.752054][T10206]  oom_kill_process+0x334/0x3f0
[  198.752080][T10206]  out_of_memory+0x979/0xb80
[  198.752163][T10206]  try_charge_memcg+0x5e6/0x9e0
[  198.752311][T10206]  charge_memcg+0x51/0xc0
[  198.752401][T10206]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  198.752441][T10206]  __read_swap_cache_async+0x1df/0x350
[  198.752547][T10206]  swap_cluster_readahead+0x277/0x3e0
[  198.752577][T10206]  swapin_readahead+0xde/0x6f0
[  198.752631][T10206]  ? __filemap_get_folio+0x4f7/0x6b0
[  198.752663][T10206]  ? __rcu_read_unlock+0x34/0x70
[  198.752718][T10206]  ? swap_cache_get_folio+0x77/0x200
[  198.752745][T10206]  do_swap_page+0x301/0x2430
[  198.752768][T10206]  ? css_rstat_updated+0xcd/0x5b0
[  198.752799][T10206]  ? __pfx_default_wake_function+0x10/0x10
[  198.752859][T10206]  handle_mm_fault+0x9a5/0x2be0
[  198.752882][T10206]  ? mas_walk+0xf2/0x120
[  198.752917][T10206]  do_user_addr_fault+0x636/0x1090
[  198.753018][T10206]  exc_page_fault+0x62/0xa0
[  198.753060][T10206]  asm_exc_page_fault+0x26/0x30
[  198.753082][T10206] RIP: 0033:0x7fcbdc45538c
[  198.753176][T10206] Code: 66 0f 1f 44 00 00 69 3d 26 03 e8 00 e8 03 00 00 48 8d 1d 27 0c 35 00 e8 02 95 12 00 eb 0c 48 81 c3 e0 00 00 00 48 39 eb 74 24 <80> 7b 20 00 74 ee 8b 43 0c 85 c0 74 e7 48 89 df 48 81 c3 e0 00 00
[  198.753198][T10206] RSP: 002b:00007ffcc96558d0 EFLAGS: 00010283
[  198.753216][T10206] RAX: 0000000000000000 RBX: 00007fcbdc7a6080 RCX: 0000000000000000
[  198.753232][T10206] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000555576733808
[  198.753245][T10206] RBP: 00007fcbdc7a7ba0 R08: 0000000000000000 R09: 7fffffffffffffff
[  198.753259][T10206] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000030862
[  198.753273][T10206] R13: 00007fcbdc7a6080 R14: ffffffffffffffff R15: 00007ffcc96559e0
[  198.753294][T10206]  </TASK>
[  198.969762][T10206] memory: usage 307200kB, limit 307200kB, failcnt 1431
[  198.976775][T10206] memory+swap: usage 307400kB, limit 9007199254740988kB, failcnt 0
[  198.984687][T10206] kmem: usage 307172kB, limit 9007199254740988kB, failcnt 0
[  198.992147][T10206] Memory cgroup stats for /syz2:
[  198.994655][T10206] cache 0
[  199.002931][T10206] rss 0
[  199.005728][T10206] shmem 0
[  199.008820][T10206] mapped_file 0
[  199.012478][T10206] dirty 0
[  199.015510][T10206] writeback 8192
[  199.019073][T10206] workingset_refault_anon 555
[  199.023803][T10206] workingset_refault_file 7336
[  199.028635][T10206] swap 204800
[  199.032133][T10206] swapcached 8192
[  199.035840][T10206] pgpgin 256470
[  199.039355][T10206] pgpgout 256463
[  199.043018][T10206] pgfault 174454
[  199.046729][T10206] pgmajfault 423
[  199.050472][T10206] inactive_anon 8192
[  199.054524][T10206] active_anon 0
[  199.058007][T10206] inactive_file 20480
[  199.062009][T10206] active_file 0
[  199.065529][T10206] unevictable 0
[  199.069113][T10206] hierarchical_memory_limit 314572800
[  199.074771][T10206] hierarchical_memsw_limit 9223372036854771712
[  199.081089][T10206] total_cache 0
[  199.084555][T10206] total_rss 0
[  199.088067][T10206] total_shmem 0
[  199.091637][T10206] total_mapped_file 0
[  199.095708][T10206] total_dirty 0
[  199.099305][T10206] total_writeback 8192
[  199.103459][T10206] total_workingset_refault_anon 555
[  199.108701][T10206] total_workingset_refault_file 7336
[  199.114036][T10206] total_swap 204800
[  199.117930][T10206] total_swapcached 8192
[  199.122101][T10206] total_pgpgin 256470
[  199.126294][T10206] total_pgpgout 256463
[  199.130511][T10206] total_pgfault 174454
[  199.134599][T10206] total_pgmajfault 423
[  199.138719][T10206] total_inactive_anon 8192
[  199.143307][T10206] total_active_anon 0
[  199.147347][T10206] total_inactive_file 20480
[  199.151919][T10206] total_active_file 0
[  199.155952][T10206] total_unevictable 0
[  199.159932][T10206] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.2102,pid=10206,uid=0
[  199.174647][T10206] Memory cgroup out of memory: Killed process 10206 (syz.2.2102) total-vm:93752kB, anon-rss:1032kB, file-rss:22312kB, shmem-rss:0kB, UID:0 pgtables:120kB oom_score_adj:1000
[  199.237317][   T29] audit: type=1400 audit(1749976788.720:3480): avc:  denied  { create } for  pid=10261 comm="syz.0.2116" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  199.257786][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.276281][   T29] audit: type=1400 audit(1749976788.750:3481): avc:  denied  { mounton } for  pid=10261 comm="syz.0.2116" path="/417/file1" dev="tmpfs" ino=2320 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  199.455016][T10270] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2119'.
[  199.464433][T10270] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2119'.
[  199.635790][T10278] loop2: detected capacity change from 0 to 1024
[  199.673171][T10278] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  199.716606][T10280] FAULT_INJECTION: forcing a failure.
[  199.716606][T10280] name failslab, interval 1, probability 0, space 0, times 0
[  199.731754][T10280] CPU: 0 UID: 0 PID: 10280 Comm: syz.1.2122 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  199.731782][T10280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  199.731795][T10280] Call Trace:
[  199.731802][T10280]  <TASK>
[  199.731810][T10280]  __dump_stack+0x1d/0x30
[  199.731842][T10280]  dump_stack_lvl+0xe8/0x140
[  199.731881][T10280]  dump_stack+0x15/0x1b
[  199.731898][T10280]  should_fail_ex+0x265/0x280
[  199.731925][T10280]  should_failslab+0x8c/0xb0
[  199.731947][T10280]  kmem_cache_alloc_noprof+0x50/0x310
[  199.731989][T10280]  ? alloc_empty_file+0x76/0x200
[  199.732015][T10280]  alloc_empty_file+0x76/0x200
[  199.732036][T10280]  path_openat+0x68/0x2170
[  199.732080][T10280]  ? perf_swevent_hrtimer+0x2b7/0x2f0
[  199.732118][T10280]  ? sysvec_apic_timer_interrupt+0x44/0x80
[  199.732150][T10280]  do_filp_open+0x109/0x230
[  199.732207][T10280]  do_sys_openat2+0xa6/0x110
[  199.732278][T10280]  __x64_sys_openat+0xf2/0x120
[  199.732310][T10280]  x64_sys_call+0x1af/0x2fb0
[  199.732364][T10280]  do_syscall_64+0xd2/0x200
[  199.732425][T10280]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  199.732518][T10280]  ? clear_bhb_loop+0x40/0x90
[  199.732541][T10280]  ? clear_bhb_loop+0x40/0x90
[  199.732565][T10280]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.732584][T10280] RIP: 0033:0x7f9f2498e929
[  199.732602][T10280] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  199.732659][T10280] RSP: 002b:00007f9f22ff7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  199.732682][T10280] RAX: ffffffffffffffda RBX: 00007f9f24bb5fa0 RCX: 00007f9f2498e929
[  199.732694][T10280] RDX: 0000000000081000 RSI: 0000200000000940 RDI: ffffffffffffff9c
[  199.732781][T10280] RBP: 00007f9f22ff7090 R08: 0000000000000000 R09: 0000000000000000
[  199.732792][T10280] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  199.732803][T10280] R13: 0000000000000000 R14: 00007f9f24bb5fa0 R15: 00007ffff83e9698
[  199.732820][T10280]  </TASK>
[  199.948007][T10284] audit: audit_lost=5 audit_rate_limit=0 audit_backlog_limit=64
[  199.955777][T10284] audit: out of memory in audit_log_start
[  199.979529][T10278] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  199.991076][T10278] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869)
[  200.032661][T10291] FAULT_INJECTION: forcing a failure.
[  200.032661][T10291] name failslab, interval 1, probability 0, space 0, times 0
[  200.035043][T10278] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  200.045649][T10291] CPU: 1 UID: 0 PID: 10291 Comm: syz.0.2127 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  200.045682][T10291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  200.045737][T10291] Call Trace:
[  200.045745][T10291]  <TASK>
[  200.045752][T10291]  __dump_stack+0x1d/0x30
[  200.045775][T10291]  dump_stack_lvl+0xe8/0x140
[  200.045866][T10291]  dump_stack+0x15/0x1b
[  200.045883][T10291]  should_fail_ex+0x265/0x280
[  200.045919][T10291]  should_failslab+0x8c/0xb0
[  200.045942][T10291]  kmem_cache_alloc_noprof+0x50/0x310
[  200.045971][T10291]  ? prepare_creds+0x37/0x4c0
[  200.045994][T10291]  prepare_creds+0x37/0x4c0
[  200.046081][T10291]  copy_creds+0x8f/0x3f0
[  200.046102][T10291]  copy_process+0x658/0x1fe0
[  200.046125][T10291]  ? kstrtouint+0x76/0xc0
[  200.046160][T10291]  ? __rcu_read_unlock+0x4f/0x70
[  200.046247][T10291]  kernel_clone+0x16c/0x5b0
[  200.046315][T10291]  ? vfs_write+0x75e/0x8e0
[  200.046346][T10291]  __x64_sys_clone+0xe6/0x120
[  200.046376][T10291]  x64_sys_call+0x2c59/0x2fb0
[  200.046442][T10291]  do_syscall_64+0xd2/0x200
[  200.046460][T10291]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  200.046485][T10291]  ? clear_bhb_loop+0x40/0x90
[  200.046505][T10291]  ? clear_bhb_loop+0x40/0x90
[  200.046526][T10291]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  200.046573][T10291] RIP: 0033:0x7f14eb19e929
[  200.046590][T10291] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  200.046632][T10291] RSP: 002b:00007f14e9806fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  200.046653][T10291] RAX: ffffffffffffffda RBX: 00007f14eb3c5fa0 RCX: 00007f14eb19e929
[  200.046665][T10291] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000022023400
[  200.046684][T10291] RBP: 00007f14e9807090 R08: 0000000000000000 R09: 0000000000000000
[  200.046696][T10291] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[  200.046708][T10291] R13: 0000000000000001 R14: 00007f14eb3c5fa0 R15: 00007ffc5cf854a8
[  200.046726][T10291]  </TASK>
[  200.093960][T10292] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  200.151968][T10298] loop0: detected capacity change from 0 to 512
[  200.159535][T10300] audit: audit_lost=6 audit_rate_limit=0 audit_backlog_limit=64
[  200.228199][   T29] audit: type=1400 audit(1749976789.640:3482): avc:  denied  { read } for  pid=10299 comm="syz.4.2131" name="ptp0" dev="devtmpfs" ino=246 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  200.235967][T10300] audit: out of memory in audit_log_start
[  200.293711][T10278] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  200.311672][   T29] audit: type=1400 audit(1749976789.640:3483): avc:  denied  { open } for  pid=10299 comm="syz.4.2131" path="/dev/ptp0" dev="devtmpfs" ino=246 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  200.311755][   T29] audit: type=1326 audit(1749976789.670:3484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10294 comm="syz.3.2129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f4d055b58e7 code=0x7ffc0000
[  200.372670][T10292] sctp: [Deprecated]: syz.1.2125 (pid 10292) Use of int in maxseg socket option.
[  200.372670][T10292] Use struct sctp_assoc_value instead
[  200.436538][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.448972][T10298] EXT4-fs warning (device loop0): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  200.473272][T10298] EXT4-fs (loop0): mount failed
[  200.487058][T10298] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.550044][T10317] loop4: detected capacity change from 0 to 512
[  200.564721][T10298] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.625340][T10298] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.685629][T10298] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.777320][T10298] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  200.810418][T10298] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  200.842586][T10298] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  200.875577][T10298] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  201.010194][T10330] loop0: detected capacity change from 0 to 1024
[  201.028513][T10330] EXT4-fs: Ignoring removed bh option
[  201.043754][T10330] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  201.076100][T10330] EXT4-fs error (device loop0): ext4_quota_enable:7124: comm syz.0.2141: inode #2304: comm syz.0.2141: iget: illegal inode #
[  201.117395][T10330] EXT4-fs (loop0): Remounting filesystem read-only
[  201.124010][T10330] EXT4-fs warning (device loop0): ext4_enable_quotas:7168: Failed to enable quota tracking (type=2, err=-117, ino=2304). Please run e2fsck to fix.
[  201.159343][T10330] EXT4-fs (loop0): mount failed
[  201.371254][T10346] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1538 sclass=netlink_route_socket pid=10346 comm=syz.0.2146
[  201.418513][T10346] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2146'.
[  201.427578][T10346] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2146'.
[  201.459849][T10346] wireguard2: entered promiscuous mode
[  201.465940][T10346] wireguard2: entered allmulticast mode
[  201.505437][T10355] loop0: detected capacity change from 0 to 512
[  201.519454][T10355] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.2148: bg 0: block 5: invalid block bitmap
[  201.533207][T10355] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  201.542074][T10355] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.2148: invalid indirect mapped block 3 (level 2)
[  201.556611][T10355] EXT4-fs (loop0): 2 truncates cleaned up
[  201.564984][T10355] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  201.589395][T10355] EXT4-fs (loop0): shut down requested (1)
[  201.622077][ T3310] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.657343][T10363] loop0: detected capacity change from 0 to 512
[  201.672483][T10363] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.2150: bg 0: block 5: invalid block bitmap
[  201.693540][T10365] loop4: detected capacity change from 0 to 512
[  201.702794][T10363] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  201.714828][T10363] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.2150: invalid indirect mapped block 3 (level 2)
[  201.733365][T10365] EXT4-fs (loop4): too many log groups per flexible block group
[  201.741201][T10365] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  201.753100][T10363] EXT4-fs (loop0): 2 truncates cleaned up
[  201.757126][T10365] EXT4-fs (loop4): mount failed
[  201.759398][T10363] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  201.778116][T10363] EXT4-fs (loop0): shut down requested (1)
[  201.786914][T10363] FAULT_INJECTION: forcing a failure.
[  201.786914][T10363] name failslab, interval 1, probability 0, space 0, times 0
[  201.799776][T10363] CPU: 1 UID: 0 PID: 10363 Comm: syz.0.2150 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  201.799878][T10363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  201.799890][T10363] Call Trace:
[  201.799896][T10363]  <TASK>
[  201.799903][T10363]  __dump_stack+0x1d/0x30
[  201.799927][T10363]  dump_stack_lvl+0xe8/0x140
[  201.799949][T10363]  dump_stack+0x15/0x1b
[  201.799968][T10363]  should_fail_ex+0x265/0x280
[  201.800080][T10363]  should_failslab+0x8c/0xb0
[  201.800107][T10363]  kmem_cache_alloc_noprof+0x50/0x310
[  201.800136][T10363]  ? alloc_empty_file+0x76/0x200
[  201.800163][T10363]  ? copy_from_kernel_nofault+0x15f/0x200
[  201.800276][T10363]  alloc_empty_file+0x76/0x200
[  201.800303][T10363]  path_openat+0x68/0x2170
[  201.800397][T10363]  ? spurious_kernel_fault+0xf4/0x4a0
[  201.800434][T10363]  ? kernelmode_fixup_or_oops+0x59/0xb0
[  201.800467][T10363]  ? exc_page_fault+0x7b/0xa0
[  201.800499][T10363]  ? kernelmode_fixup_or_oops+0x59/0xb0
[  201.800529][T10363]  do_filp_open+0x109/0x230
[  201.800564][T10363]  do_sys_openat2+0xa6/0x110
[  201.800622][T10363]  __x64_sys_openat+0xf2/0x120
[  201.800701][T10363]  x64_sys_call+0x1af/0x2fb0
[  201.800781][T10363]  do_syscall_64+0xd2/0x200
[  201.800846][T10363]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  201.800877][T10363]  ? clear_bhb_loop+0x40/0x90
[  201.800898][T10363]  ? clear_bhb_loop+0x40/0x90
[  201.800922][T10363]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  201.800945][T10363] RIP: 0033:0x7f14eb19e929
[  201.800998][T10363] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  201.801019][T10363] RSP: 002b:00007f14e9807038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  201.801041][T10363] RAX: ffffffffffffffda RBX: 00007f14eb3c5fa0 RCX: 00007f14eb19e929
[  201.801055][T10363] RDX: 000000000000275a RSI: 0000200000000080 RDI: ffffffffffffff9c
[  201.801142][T10363] RBP: 00007f14e9807090 R08: 0000000000000000 R09: 0000000000000000
[  201.801155][T10363] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  201.801166][T10363] R13: 0000000000000000 R14: 00007f14eb3c5fa0 R15: 00007ffc5cf854a8
[  201.801183][T10363]  </TASK>
[  201.860585][T10328] syz.1.2140 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  202.037805][T10328] CPU: 0 UID: 0 PID: 10328 Comm: syz.1.2140 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  202.037878][T10328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  202.037890][T10328] Call Trace:
[  202.037897][T10328]  <TASK>
[  202.037905][T10328]  __dump_stack+0x1d/0x30
[  202.037927][T10328]  dump_stack_lvl+0xe8/0x140
[  202.037944][T10328]  dump_stack+0x15/0x1b
[  202.037962][T10328]  dump_header+0x81/0x220
[  202.038028][T10328]  oom_kill_process+0x334/0x3f0
[  202.038096][T10328]  out_of_memory+0x979/0xb80
[  202.038131][T10328]  try_charge_memcg+0x5e6/0x9e0
[  202.038157][T10328]  obj_cgroup_charge_pages+0xa6/0x150
[  202.038244][T10328]  __memcg_kmem_charge_page+0x9f/0x170
[  202.038274][T10328]  __alloc_frozen_pages_noprof+0x188/0x360
[  202.038305][T10328]  alloc_pages_mpol+0xb3/0x250
[  202.038360][T10328]  alloc_pages_noprof+0x90/0x130
[  202.038392][T10328]  __vmalloc_node_range_noprof+0x6f2/0xe00
[  202.038578][T10328]  __kvmalloc_node_noprof+0x30f/0x4e0
[  202.038609][T10328]  ? ip_set_alloc+0x1f/0x30
[  202.038636][T10328]  ? ip_set_alloc+0x1f/0x30
[  202.038668][T10328]  ? __kmalloc_cache_noprof+0x189/0x320
[  202.038694][T10328]  ip_set_alloc+0x1f/0x30
[  202.038724][T10328]  hash_netiface_create+0x282/0x740
[  202.038800][T10328]  ? __pfx_hash_netiface_create+0x10/0x10
[  202.038835][T10328]  ip_set_create+0x3cc/0x960
[  202.038876][T10328]  ? __nla_parse+0x40/0x60
[  202.038896][T10328]  nfnetlink_rcv_msg+0x4c3/0x590
[  202.038991][T10328]  ? should_fail_ex+0x30/0x280
[  202.039114][T10328]  ? selinux_capable+0x1f9/0x270
[  202.039144][T10328]  netlink_rcv_skb+0x123/0x220
[  202.039215][T10328]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  202.039250][T10328]  nfnetlink_rcv+0x16b/0x1690
[  202.039280][T10328]  ? __kfree_skb+0x109/0x150
[  202.039355][T10328]  ? nlmon_xmit+0x4f/0x60
[  202.039374][T10328]  ? consume_skb+0x49/0x150
[  202.039473][T10328]  ? nlmon_xmit+0x4f/0x60
[  202.039497][T10328]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  202.039530][T10328]  ? __dev_queue_xmit+0x11c0/0x1fb0
[  202.039558][T10328]  ? __dev_queue_xmit+0x182/0x1fb0
[  202.039620][T10328]  ? ref_tracker_free+0x37d/0x3e0
[  202.039690][T10328]  ? __netlink_deliver_tap+0x4dc/0x500
[  202.039787][T10328]  netlink_unicast+0x59e/0x670
[  202.039823][T10328]  netlink_sendmsg+0x58b/0x6b0
[  202.039856][T10328]  ? __pfx_netlink_sendmsg+0x10/0x10
[  202.039936][T10328]  __sock_sendmsg+0x142/0x180
[  202.039959][T10328]  ____sys_sendmsg+0x31e/0x4e0
[  202.040028][T10328]  ___sys_sendmsg+0x17b/0x1d0
[  202.040132][T10328]  __x64_sys_sendmsg+0xd4/0x160
[  202.040158][T10328]  x64_sys_call+0x2999/0x2fb0
[  202.040183][T10328]  do_syscall_64+0xd2/0x200
[  202.040204][T10328]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  202.040281][T10328]  ? clear_bhb_loop+0x40/0x90
[  202.040302][T10328]  ? clear_bhb_loop+0x40/0x90
[  202.040326][T10328]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.040351][T10328] RIP: 0033:0x7f9f2498e929
[  202.040371][T10328] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  202.040441][T10328] RSP: 002b:00007f9f22ff7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  202.040521][T10328] RAX: ffffffffffffffda RBX: 00007f9f24bb5fa0 RCX: 00007f9f2498e929
[  202.040537][T10328] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000004
[  202.040553][T10328] RBP: 00007f9f24a10b39 R08: 0000000000000000 R09: 0000000000000000
[  202.040569][T10328] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  202.040582][T10328] R13: 0000000000000000 R14: 00007f9f24bb5fa0 R15: 00007ffff83e9698
[  202.040599][T10328]  </TASK>
[  202.040606][T10328] memory: usage 307200kB, limit 307200kB, failcnt 2039
[  202.263386][T10370] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2152'.
[  202.268519][T10328] memory+swap: usage 307404kB, limit 9007199254740988kB, failcnt 0
[  202.268539][T10328] kmem: usage 307128kB, limit 9007199254740988kB, failcnt 0
[  202.268552][T10328] Memory cgroup stats for /syz1
[  202.274104][T10369] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2152'.
[  202.278106][T10328] :
[  202.283718][ T3310] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  202.290338][T10328] cache 32768
[  202.456390][T10328] rss 4096
[  202.456400][T10328] shmem 0
[  202.456406][T10328] mapped_file 32768
[  202.456412][T10328] dirty 0
[  202.456417][T10328] writeback 0
[  202.456445][T10328] workingset_refault_anon 401
[  202.456453][T10328] workingset_refault_file 5728
[  202.456459][T10328] swap 208896
[  202.456464][T10328] swapcached 0
[  202.456470][T10328] pgpgin 408889
[  202.456475][T10328] pgpgout 408871
[  202.456480][T10328] pgfault 233330
[  202.456486][T10328] pgmajfault 264
[  202.456491][T10328] inactive_anon 4096
[  202.456497][T10328] active_anon 0
[  202.456502][T10328] inactive_file 0
[  202.456508][T10328] active_file 69632
[  202.456514][T10328] unevictable 0
[  202.456580][T10328] hierarchical_memory_limit 314572800
[  202.456588][T10328] hierarchical_memsw_limit 9223372036854771712
[  202.456595][T10328] total_cache 32768
[  202.456600][T10328] total_rss 4096
[  202.456605][T10328] total_shmem 0
[  202.456610][T10328] total_mapped_file 32768
[  202.456617][T10328] total_dirty 0
[  202.456624][T10328] total_writeback 0
[  202.456630][T10328] total_workingset_refault_anon 401
[  202.456638][T10328] total_workingset_refault_file 5728
[  202.456645][T10328] total_swap 208896
[  202.456651][T10328] total_swapcached 0
[  202.456657][T10328] total_pgpgin 408889
[  202.456663][T10328] total_pgpgout 408871
[  202.456724][T10328] total_pgfault 233330
[  202.456730][T10328] total_pgmajfault 264
[  202.456735][T10328] total_inactive_anon 4096
[  202.456740][T10328] total_active_anon 0
[  202.456746][T10328] total_inactive_file 0
[  202.456753][T10328] total_active_file 69632
[  202.456759][T10328] total_unevictable 0
[  202.456766][T10328] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.2140,pid=10327,uid=0
[  202.456934][T10328] Memory cgroup out of memory: Killed process 10327 (syz.1.2140) total-vm:93752kB, anon-rss:1064kB, file-rss:22312kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  202.461565][T10372] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1538 sclass=netlink_route_socket pid=10372 comm=syz.0.2151
[  202.461871][T10372] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2151'.
[  202.461942][T10372] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2151'.
[  202.469764][T10372] wireguard3: entered promiscuous mode
[  202.469783][T10372] wireguard3: entered allmulticast mode
[  202.532575][T10375] 9pnet: Could not find request transport: fd0x0000000000000003
[  202.554466][T10375] 9pnet: Could not find request transport: fd0x0000000000000003
[  202.694805][T10384] futex_wake_op: syz.1.2156 tries to shift op by -1; fix this program
[  203.269855][   T29] kauditd_printk_skb: 70 callbacks suppressed
[  203.269926][   T29] audit: type=1400 audit(1749976792.750:3554): avc:  denied  { connect } for  pid=10395 comm="syz.0.2159" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  203.346780][   T29] audit: type=1400 audit(1749976792.830:3555): avc:  denied  { mount } for  pid=10397 comm="syz.3.2160" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  203.370006][   T29] audit: type=1326 audit(1749976792.850:3556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10397 comm="syz.3.2160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d055be929 code=0x7ffc0000
[  203.393717][   T29] audit: type=1326 audit(1749976792.850:3557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10397 comm="syz.3.2160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d055be929 code=0x7ffc0000
[  203.418225][   T29] audit: type=1326 audit(1749976792.860:3558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10397 comm="syz.3.2160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4d055be929 code=0x7ffc0000
[  203.442423][   T29] audit: type=1326 audit(1749976792.860:3559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10397 comm="syz.3.2160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d055be929 code=0x7ffc0000
[  203.451126][T10403] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=10403 comm=syz.0.2162
[  203.466023][   T29] audit: type=1326 audit(1749976792.860:3560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10397 comm="syz.3.2160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d055be929 code=0x7ffc0000
[  203.466101][   T29] audit: type=1326 audit(1749976792.860:3561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10397 comm="syz.3.2160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4d055be929 code=0x7ffc0000
[  203.466128][   T29] audit: type=1326 audit(1749976792.860:3562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10397 comm="syz.3.2160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d055be929 code=0x7ffc0000
[  203.466155][   T29] audit: type=1326 audit(1749976792.860:3563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10397 comm="syz.3.2160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f4d055be929 code=0x7ffc0000
[  203.484127][T10410] loop3: detected capacity change from 0 to 2048
[  203.503092][T10403] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=10403 comm=syz.0.2162
[  203.649214][T10410] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  203.664644][T10417] futex_wake_op: syz.1.2166 tries to shift op by -1; fix this program
[  203.949446][T10428] loop1: detected capacity change from 0 to 2048
[  203.991927][T10428] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  204.004148][T10428] ext4 filesystem being mounted at /413/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  204.028989][T10426] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  204.050099][T10426] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 684 with error 28
[  204.062712][T10426] EXT4-fs (loop3): This should not happen!! Data will be lost
[  204.062712][T10426] 
[  204.072660][T10426] EXT4-fs (loop3): Total free blocks count 0
[  204.079051][T10426] EXT4-fs (loop3): Free/Dirty block details
[  204.085038][T10426] EXT4-fs (loop3): free_blocks=2415919104
[  204.090778][T10426] EXT4-fs (loop3): dirty_blocks=688
[  204.096185][T10426] EXT4-fs (loop3): Block reservation details
[  204.102303][T10426] EXT4-fs (loop3): i_reserved_data_blocks=43
[  204.110214][T10434] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2168'.
[  204.136917][T10431] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2168'.
[  204.213491][T10439] netlink: 264 bytes leftover after parsing attributes in process `syz.2.2171'.
[  204.213538][T10439] netlink: 56 bytes leftover after parsing attributes in process `syz.2.2171'.
[  204.345919][T10446] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2173'.
[  204.439964][ T5970] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  204.453847][T10452] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2170'.
[  204.631894][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  204.891488][T10469] loop1: detected capacity change from 0 to 512
[  204.908360][T10469] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  204.932747][T10471] loop3: detected capacity change from 0 to 512
[  204.944434][T10469] EXT4-fs (loop1): 1 truncate cleaned up
[  204.954447][T10469] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  204.974490][T10471] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.2180: bg 0: block 5: invalid block bitmap
[  205.001803][T10471] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  205.011688][T10471] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.2180: invalid indirect mapped block 3 (level 2)
[  205.026199][T10471] EXT4-fs (loop3): 1 orphan inode deleted
[  205.032067][T10471] EXT4-fs (loop3): 1 truncate cleaned up
[  205.093112][T10471] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  205.202517][T10441] syz.2.2172 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  205.213753][T10441] CPU: 1 UID: 0 PID: 10441 Comm: syz.2.2172 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  205.213839][T10441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  205.213849][T10441] Call Trace:
[  205.213856][T10441]  <TASK>
[  205.213863][T10441]  __dump_stack+0x1d/0x30
[  205.213963][T10441]  dump_stack_lvl+0xe8/0x140
[  205.213973][T10441]  dump_stack+0x15/0x1b
[  205.213982][T10441]  dump_header+0x81/0x220
[  205.214062][T10441]  oom_kill_process+0x334/0x3f0
[  205.214077][T10441]  out_of_memory+0x979/0xb80
[  205.214092][T10441]  try_charge_memcg+0x5e6/0x9e0
[  205.214152][T10441]  charge_memcg+0x51/0xc0
[  205.214166][T10441]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  205.214183][T10441]  __read_swap_cache_async+0x1df/0x350
[  205.214199][T10441]  swap_cluster_readahead+0x277/0x3e0
[  205.214261][T10441]  swapin_readahead+0xde/0x6f0
[  205.214275][T10441]  ? __filemap_get_folio+0x4f7/0x6b0
[  205.214341][T10441]  ? css_rstat_updated+0xcd/0x5b0
[  205.214382][T10441]  ? swap_cache_get_folio+0x77/0x200
[  205.214480][T10441]  do_swap_page+0x301/0x2430
[  205.214490][T10441]  ? __account_obj_stock+0x2d6/0x350
[  205.214611][T10441]  ? __account_obj_stock+0x2d6/0x350
[  205.214623][T10441]  ? xas_init_marks+0x2ff/0x320
[  205.214694][T10441]  ? __pfx_default_wake_function+0x10/0x10
[  205.214707][T10441]  handle_mm_fault+0x9a5/0x2be0
[  205.214718][T10441]  ? mas_walk+0xf2/0x120
[  205.214848][T10441]  do_user_addr_fault+0x636/0x1090
[  205.214907][T10441]  ? fpregs_restore_userregs+0xe2/0x1d0
[  205.214921][T10441]  ? switch_fpu_return+0xe/0x20
[  205.214949][T10441]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  205.214961][T10441]  exc_page_fault+0x62/0xa0
[  205.215028][T10441]  asm_exc_page_fault+0x26/0x30
[  205.215039][T10441] RIP: 0033:0x7fcbdc57e931
[  205.215108][T10441] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  205.215118][T10441] RSP: 002b:00007ffcc96558c8 EFLAGS: 00010217
[  205.215128][T10441] RAX: 0000000000000000 RBX: 00007fcbdc7a7ba0 RCX: 00007fcbdc57e929
[  205.215136][T10441] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  205.215142][T10441] RBP: 00007fcbdc7a7ba0 R08: 000000000000086c R09: 0000001ac9655bbf
[  205.215149][T10441] R10: 00007fcbdc7a7ac0 R11: 0000000000000246 R12: 0000000000032124
[  205.215155][T10441] R13: 00007fcbdc7a6080 R14: ffffffffffffffff R15: 00007ffcc96559e0
[  205.215165][T10441]  </TASK>
[  205.215169][T10441] memory: usage 307200kB, limit 307200kB, failcnt 1710
[  205.478784][T10441] memory+swap: usage 307408kB, limit 9007199254740988kB, failcnt 0
[  205.486953][T10441] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[  205.494292][T10441] Memory cgroup stats for /syz2:
[  205.494990][T10441] cache 0
[  205.502919][T10441] rss 0
[  205.505690][T10441] shmem 0
[  205.508656][T10441] mapped_file 0
[  205.512097][T10441] dirty 0
[  205.515037][T10441] writeback 0
[  205.518360][T10441] workingset_refault_anon 614
[  205.523066][T10441] workingset_refault_file 7420
[  205.527925][T10441] swap 212992
[  205.531200][T10441] swapcached 0
[  205.534614][T10441] pgpgin 257069
[  205.538126][T10441] pgpgout 257064
[  205.541693][T10441] pgfault 175295
[  205.545299][T10441] pgmajfault 449
[  205.548988][T10441] inactive_anon 0
[  205.552599][T10441] active_anon 0
[  205.556253][T10441] inactive_file 20480
[  205.560315][T10441] active_file 0
[  205.563879][T10441] unevictable 0
[  205.567325][T10441] hierarchical_memory_limit 314572800
[  205.572745][T10441] hierarchical_memsw_limit 9223372036854771712
[  205.579043][T10441] total_cache 0
[  205.582485][T10441] total_rss 0
[  205.585894][T10441] total_shmem 0
[  205.589380][T10441] total_mapped_file 0
[  205.593354][T10441] total_dirty 0
[  205.596989][T10441] total_writeback 0
[  205.600846][T10441] total_workingset_refault_anon 614
[  205.606180][T10441] total_workingset_refault_file 7420
[  205.611464][T10441] total_swap 212992
[  205.615298][T10441] total_swapcached 0
[  205.619349][T10441] total_pgpgin 257069
[  205.623511][T10441] total_pgpgout 257064
[  205.627691][T10441] total_pgfault 175295
[  205.631752][T10441] total_pgmajfault 449
[  205.636137][T10441] total_inactive_anon 0
[  205.640310][T10441] total_active_anon 0
[  205.644314][T10441] total_inactive_file 20480
[  205.648830][T10441] total_active_file 0
[  205.652789][T10441] total_unevictable 0
[  205.656780][T10441] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.2172,pid=10441,uid=0
[  205.671477][T10441] Memory cgroup out of memory: Killed process 10441 (syz.2.2172) total-vm:93752kB, anon-rss:936kB, file-rss:22496kB, shmem-rss:0kB, UID:0 pgtables:120kB oom_score_adj:1000
[  205.782773][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  205.816250][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  205.829578][T10487] 9pnet_fd: Insufficient options for proto=fd
[  205.836446][T10487] 9pnet_fd: Insufficient options for proto=fd
[  206.005067][T10504] loop2: detected capacity change from 0 to 1024
[  206.025365][T10504] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  206.039201][T10508] futex_wake_op: syz.1.2191 tries to shift op by -1; fix this program
[  206.158910][T10513] loop0: detected capacity change from 0 to 512
[  206.168113][T10513] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.2193: bg 0: block 5: invalid block bitmap
[  206.181728][T10513] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  206.191316][T10513] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.2193: invalid indirect mapped block 3 (level 2)
[  206.206969][T10513] EXT4-fs (loop0): 1 orphan inode deleted
[  206.212878][T10513] EXT4-fs (loop0): 1 truncate cleaned up
[  206.221285][T10513] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  206.445221][T10517] 9pnet: p9_errstr2errno: server reported unknown error 
[  206.957843][T10540] FAULT_INJECTION: forcing a failure.
[  206.957843][T10540] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  206.971161][T10540] CPU: 1 UID: 0 PID: 10540 Comm: syz.1.2202 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  206.971261][T10540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  206.971312][T10540] Call Trace:
[  206.971319][T10540]  <TASK>
[  206.971329][T10540]  __dump_stack+0x1d/0x30
[  206.971354][T10540]  dump_stack_lvl+0xe8/0x140
[  206.971377][T10540]  dump_stack+0x15/0x1b
[  206.971396][T10540]  should_fail_ex+0x265/0x280
[  206.971481][T10540]  should_fail+0xb/0x20
[  206.971512][T10540]  should_fail_usercopy+0x1a/0x20
[  206.971573][T10540]  strncpy_from_user+0x25/0x230
[  206.971595][T10540]  ? kmem_cache_alloc_noprof+0x186/0x310
[  206.971618][T10540]  ? getname_flags+0x80/0x3b0
[  206.971662][T10540]  getname_flags+0xae/0x3b0
[  206.971682][T10540]  user_path_at+0x28/0x130
[  206.971705][T10540]  __se_sys_quotactl+0xb6/0x670
[  206.971805][T10540]  __x64_sys_quotactl+0x55/0x70
[  206.971875][T10540]  x64_sys_call+0x2886/0x2fb0
[  206.971899][T10540]  do_syscall_64+0xd2/0x200
[  206.971941][T10540]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  206.971967][T10540]  ? clear_bhb_loop+0x40/0x90
[  206.971994][T10540]  ? clear_bhb_loop+0x40/0x90
[  206.972017][T10540]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  206.972039][T10540] RIP: 0033:0x7f9f2498e929
[  206.972131][T10540] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  206.972166][T10540] RSP: 002b:00007f9f22ff7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3
[  206.972190][T10540] RAX: ffffffffffffffda RBX: 00007f9f24bb5fa0 RCX: 00007f9f2498e929
[  206.972205][T10540] RDX: 0000000000000000 RSI: 0000200000000040 RDI: ffffffff80000201
[  206.972219][T10540] RBP: 00007f9f22ff7090 R08: 0000000000000000 R09: 0000000000000000
[  206.972309][T10540] R10: 0000200000000200 R11: 0000000000000246 R12: 0000000000000001
[  206.972324][T10540] R13: 0000000000000001 R14: 00007f9f24bb5fa0 R15: 00007ffff83e9698
[  206.972344][T10540]  </TASK>
[  207.174265][T10539] syzkaller1: entered promiscuous mode
[  207.180589][T10539] syzkaller1: entered allmulticast mode
[  207.224623][ T3310] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  207.257931][T10546] 9pnet: p9_errstr2errno: server reported unknown error 
[  207.418052][T10560] loop2: detected capacity change from 0 to 1024
[  207.429561][T10560] EXT4-fs (loop2): orphan cleanup on readonly fs
[  207.439514][T10560] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.2207: Failed to acquire dquot type 0
[  207.467295][T10560] EXT4-fs error (device loop2): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  207.487544][T10563] netlink: 'syz.0.2209': attribute type 1 has an invalid length.
[  207.497678][T10560] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #13: comm syz.2.2207: corrupted inode contents
[  207.503135][T10563] 8021q: adding VLAN 0 to HW filter on device bond14
[  207.528684][T10560] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #13: comm syz.2.2207: mark_inode_dirty error
[  207.542871][T10560] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #13: comm syz.2.2207: corrupted inode contents
[  207.560991][T10560] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #13: comm syz.2.2207: mark_inode_dirty error
[  207.604064][T10560] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #13: comm syz.2.2207: corrupted inode contents
[  207.617236][T10560] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[  207.626833][T10560] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #13: comm syz.2.2207: corrupted inode contents
[  207.648505][T10560] EXT4-fs error (device loop2): ext4_truncate:4597: inode #13: comm syz.2.2207: mark_inode_dirty error
[  207.672254][T10573] futex_wake_op: syz.4.2213 tries to shift op by -1; fix this program
[  207.760627][T10541] syz.3.2203 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  207.771332][T10560] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[  207.771677][T10541] CPU: 0 UID: 0 PID: 10541 Comm: syz.3.2203 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  207.771736][T10541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  207.771748][T10541] Call Trace:
[  207.771757][T10541]  <TASK>
[  207.771766][T10541]  __dump_stack+0x1d/0x30
[  207.771789][T10541]  dump_stack_lvl+0xe8/0x140
[  207.771808][T10541]  dump_stack+0x15/0x1b
[  207.771876][T10541]  dump_header+0x81/0x220
[  207.771906][T10541]  oom_kill_process+0x334/0x3f0
[  207.771984][T10541]  out_of_memory+0x979/0xb80
[  207.772119][T10541]  try_charge_memcg+0x5e6/0x9e0
[  207.772145][T10541]  charge_memcg+0x51/0xc0
[  207.772185][T10541]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  207.772217][T10541]  __read_swap_cache_async+0x1df/0x350
[  207.772248][T10541]  swap_cluster_readahead+0x277/0x3e0
[  207.772305][T10541]  swapin_readahead+0xde/0x6f0
[  207.772342][T10541]  ? __filemap_get_folio+0x4f7/0x6b0
[  207.772379][T10541]  ? swap_cache_get_folio+0x77/0x200
[  207.772408][T10541]  do_swap_page+0x301/0x2430
[  207.772428][T10541]  ? finish_task_switch+0xad/0x2b0
[  207.772451][T10541]  ? __pfx_default_wake_function+0x10/0x10
[  207.772603][T10541]  handle_mm_fault+0x9a5/0x2be0
[  207.772625][T10541]  ? mas_walk+0xf2/0x120
[  207.772656][T10541]  do_user_addr_fault+0x636/0x1090
[  207.772687][T10541]  ? fpregs_restore_userregs+0xad/0x1d0
[  207.772793][T10541]  ? switch_fpu_return+0xe/0x20
[  207.772825][T10541]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  207.772849][T10541]  exc_page_fault+0x62/0xa0
[  207.772936][T10541]  asm_exc_page_fault+0x26/0x30
[  207.773030][T10541] RIP: 0033:0x7f4d0549538c
[  207.773047][T10541] Code: 66 0f 1f 44 00 00 69 3d 26 03 e8 00 e8 03 00 00 48 8d 1d 27 0c 35 00 e8 02 95 12 00 eb 0c 48 81 c3 e0 00 00 00 48 39 eb 74 24 <80> 7b 20 00 74 ee 8b 43 0c 85 c0 74 e7 48 89 df 48 81 c3 e0 00 00
[  207.773064][T10541] RSP: 002b:00007ffc01aef640 EFLAGS: 00010202
[  207.773081][T10541] RAX: 0000000000000000 RBX: 00007f4d057e5fa0 RCX: 0000000000000000
[  207.773095][T10541] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000555579e07808
[  207.773107][T10541] RBP: 00007f4d057e7ba0 R08: 0000000000000000 R09: 7fffffffffffffff
[  207.773119][T10541] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000032c86
[  207.773132][T10541] R13: 00007f4d057e6080 R14: ffffffffffffffff R15: 00007ffc01aef750
[  207.773173][T10541]  </TASK>
[  207.773198][T10541] memory: usage 307016kB, limit 307200kB, failcnt 1139
[  207.782036][T10560] EXT4-fs (loop2): 1 truncate cleaned up
[  207.793370][T10541] memory+swap: usage 372632kB, limit 9007199254740988kB, failcnt 0
[  207.793409][T10541] kmem: usage 306956kB, limit 9007199254740988kB, failcnt 0
[  207.793422][T10541] Memory cgroup stats for /syz3:
[  207.832148][T10541] cache 4096
[  207.834621][T10560] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  207.837713][T10541] rss 4096
[  207.850361][T10560] netlink: 'syz.2.2207': attribute type 21 has an invalid length.
[  207.853248][T10541] shmem 0
[  207.853260][T10541] mapped_file 4096
[  207.859801][T10560] __nla_validate_parse: 3 callbacks suppressed
[  207.859814][T10560] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2207'.
[  207.864323][T10541] dirty 4096
[  207.864335][T10541] writeback 12288
[  207.864343][T10541] workingset_refault_anon 284
[  207.864351][T10541] workingset_refault_file 11049
[  207.864360][T10541] swap 67203072
[  207.864367][T10541] swapcached 20480
[  207.864374][T10541] pgpgin 382254
[  207.864382][T10541] pgpgout 382242
[  207.864390][T10541] pgfault 199804
[  207.864397][T10541] pgmajfault 247
[  207.864404][T10541] inactive_anon 24576
[  207.864412][T10541] active_anon 0
[  207.864444][T10541] inactive_file 24576
[  207.864453][T10541] active_file 0
[  208.146296][T10541] unevictable 0
[  208.150108][T10541] hierarchical_memory_limit 314572800
[  208.155504][T10541] hierarchical_memsw_limit 9223372036854771712
[  208.161648][T10541] total_cache 4096
[  208.165399][T10541] total_rss 4096
[  208.168996][T10541] total_shmem 0
[  208.172440][T10541] total_mapped_file 4096
[  208.176716][T10541] total_dirty 4096
[  208.180512][T10541] total_writeback 12288
[  208.184695][T10541] total_workingset_refault_anon 284
[  208.189920][T10541] total_workingset_refault_file 11049
[  208.195395][T10541] total_swap 67203072
[  208.199392][T10541] total_swapcached 20480
[  208.203660][T10541] total_pgpgin 382254
[  208.207709][T10541] total_pgpgout 382242
[  208.211891][T10541] total_pgfault 199804
[  208.215995][T10541] total_pgmajfault 247
[  208.220058][T10541] total_inactive_anon 24576
[  208.224575][T10541] total_active_anon 0
[  208.228545][T10541] total_inactive_file 24576
[  208.233177][T10541] total_active_file 0
[  208.237161][T10541] total_unevictable 0
[  208.241227][T10541] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.2203,pid=10541,uid=0
[  208.256015][T10541] Memory cgroup out of memory: Killed process 10541 (syz.3.2203) total-vm:93752kB, anon-rss:932kB, file-rss:22312kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  208.273571][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  208.295704][   T29] kauditd_printk_skb: 277 callbacks suppressed
[  208.295721][   T29] audit: type=1400 audit(1749976797.780:3837): avc:  denied  { connect } for  pid=10575 comm="syz.2.2214" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  208.338507][   T29] audit: type=1326 audit(1749976797.810:3838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10575 comm="syz.2.2214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbdc57e929 code=0x7ffc0000
[  208.362591][   T29] audit: type=1326 audit(1749976797.810:3839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10575 comm="syz.2.2214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbdc57e929 code=0x7ffc0000
[  208.386291][   T29] audit: type=1326 audit(1749976797.810:3840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10575 comm="syz.2.2214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fcbdc57d3df code=0x7ffc0000
[  208.409879][   T29] audit: type=1326 audit(1749976797.810:3841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10575 comm="syz.2.2214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbdc57e929 code=0x7ffc0000
[  208.433640][   T29] audit: type=1326 audit(1749976797.810:3842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10575 comm="syz.2.2214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcbdc57e929 code=0x7ffc0000
[  208.457365][   T29] audit: type=1326 audit(1749976797.810:3843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10575 comm="syz.2.2214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbdc57e929 code=0x7ffc0000
[  208.481848][   T29] audit: type=1326 audit(1749976797.810:3844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10575 comm="syz.2.2214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcbdc57e929 code=0x7ffc0000
[  208.505457][   T29] audit: type=1326 audit(1749976797.810:3845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10575 comm="syz.2.2214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbdc57e929 code=0x7ffc0000
[  208.529275][   T29] audit: type=1326 audit(1749976797.810:3846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10575 comm="syz.2.2214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fcbdc57e929 code=0x7ffc0000
[  208.629073][T10577] loop4: detected capacity change from 0 to 2048
[  208.801864][T10577] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  208.814229][T10577] ext4 filesystem being mounted at /458/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  208.835070][T10582] netlink: 'syz.0.2215': attribute type 1 has an invalid length.
[  208.850267][T10582] 8021q: adding VLAN 0 to HW filter on device bond15
[  208.862062][T10585] loop2: detected capacity change from 0 to 512
[  208.884852][T10585] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.2216: bg 0: block 5: invalid block bitmap
[  208.898783][T10585] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  208.907986][T10583] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 345: padding at end of block bitmap is not set
[  208.926199][T10585] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.2216: invalid indirect mapped block 3 (level 2)
[  209.003878][T10585] EXT4-fs (loop2): 1 orphan inode deleted
[  209.004216][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  209.009716][T10585] EXT4-fs (loop2): 1 truncate cleaned up
[  209.024500][T10592] loop1: detected capacity change from 0 to 512
[  209.032208][T10585] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  209.033550][T10592] EXT4-fs: Ignoring removed mblk_io_submit option
[  209.056979][T10592] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  209.076861][T10592] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[  209.095636][T10592] System zones: 1-12
[  209.106364][T10592] EXT4-fs (loop1): 1 truncate cleaned up
[  209.124217][T10592] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  209.153806][T10592] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  209.694882][T10619] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2226'.
[  209.715577][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  209.890777][T10624] loop2: detected capacity change from 0 to 8192
[  209.899793][T10631] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  209.933270][T10633] 9pnet: p9_errstr2errno: server reported unknown error 
[  210.013969][ T3403] IPVS: starting estimator thread 0...
[  210.047807][T10643] FAULT_INJECTION: forcing a failure.
[  210.047807][T10643] name failslab, interval 1, probability 0, space 0, times 0
[  210.060621][T10643] CPU: 1 UID: 0 PID: 10643 Comm: syz.4.2233 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  210.060720][T10643] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  210.060735][T10643] Call Trace:
[  210.060743][T10643]  <TASK>
[  210.060753][T10643]  __dump_stack+0x1d/0x30
[  210.060811][T10643]  dump_stack_lvl+0xe8/0x140
[  210.060909][T10643]  dump_stack+0x15/0x1b
[  210.060925][T10643]  should_fail_ex+0x265/0x280
[  210.060959][T10643]  should_failslab+0x8c/0xb0
[  210.061033][T10643]  kmem_cache_alloc_node_noprof+0x57/0x320
[  210.061060][T10643]  ? __alloc_skb+0x101/0x320
[  210.061086][T10643]  __alloc_skb+0x101/0x320
[  210.061110][T10643]  ? audit_log_start+0x365/0x6c0
[  210.061182][T10643]  audit_log_start+0x380/0x6c0
[  210.061274][T10643]  audit_seccomp+0x48/0x100
[  210.061370][T10643]  ? __seccomp_filter+0x68c/0x10d0
[  210.061427][T10643]  __seccomp_filter+0x69d/0x10d0
[  210.061449][T10643]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  210.061548][T10643]  ? vfs_write+0x75e/0x8e0
[  210.061624][T10643]  ? __rcu_read_unlock+0x4f/0x70
[  210.061643][T10643]  ? __fget_files+0x184/0x1c0
[  210.061664][T10643]  __secure_computing+0x82/0x150
[  210.061693][T10643]  syscall_trace_enter+0xcf/0x1e0
[  210.061795][T10643]  do_syscall_64+0xac/0x200
[  210.061873][T10643]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  210.061905][T10643]  ? clear_bhb_loop+0x40/0x90
[  210.061925][T10643]  ? clear_bhb_loop+0x40/0x90
[  210.062002][T10643]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.062026][T10643] RIP: 0033:0x7f14715ee929
[  210.062045][T10643] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  210.062066][T10643] RSP: 002b:00007f146fc57038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[  210.062099][T10643] RAX: ffffffffffffffda RBX: 00007f1471815fa0 RCX: 00007f14715ee929
[  210.062115][T10643] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  210.062182][T10643] RBP: 00007f146fc57090 R08: 0000000000000003 R09: 0000000000000000
[  210.062197][T10643] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  210.062210][T10643] R13: 0000000000000000 R14: 00007f1471815fa0 R15: 00007fff5f206378
[  210.062229][T10643]  </TASK>
[  210.102920][T10639] IPVS: using max 2688 ests per chain, 134400 per kthread
[  210.399494][T10649] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2236'.
[  210.515801][T10655] loop3: detected capacity change from 0 to 512
[  210.524357][T10657] @: renamed from vlan0 (while UP)
[  210.624402][T10655] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.2237: bg 0: block 5: invalid block bitmap
[  210.647959][T10660] futex_wake_op: syz.1.2239 tries to shift op by -1; fix this program
[  210.697595][T10655] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  210.726829][T10655] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.2237: invalid indirect mapped block 3 (level 2)
[  210.753927][T10655] EXT4-fs (loop3): 1 orphan inode deleted
[  210.759714][T10655] EXT4-fs (loop3): 1 truncate cleaned up
[  210.776022][T10655] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  210.792274][T10667] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2241'.
[  210.803823][T10664] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2241'.
[  210.957018][T10669] loop1: detected capacity change from 0 to 2048
[  211.016710][T10669] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  211.029126][T10669] ext4 filesystem being mounted at /428/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  211.100584][T10675] blktrace: Concurrent blktraces are not allowed on loop9
[  211.283655][T10678] loop4: detected capacity change from 0 to 512
[  211.290859][T10678] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  211.303169][T10678] EXT4-fs (loop4): orphan cleanup on readonly fs
[  211.310272][T10678] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:517: comm syz.4.2243: Block bitmap for bg 0 marked uninitialized
[  211.334558][T10678] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  211.350416][T10683] loop2: detected capacity change from 0 to 2048
[  211.350488][T10681] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  211.373280][T10678] EXT4-fs (loop4): 1 orphan inode deleted
[  211.380945][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  211.436255][T10678] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  211.463142][T10683] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  211.495421][T10678] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[  211.544383][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  211.565099][T10678] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  211.592001][T10683] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[  211.626025][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  211.735954][T10678] EXT4-fs (loop4): shut down requested (1)
[  211.743411][T10678] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=12
[  211.743450][T10678] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=12
[  211.752611][T10702] loop1: detected capacity change from 0 to 2048
[  211.759680][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  211.769184][T10706] blktrace: Concurrent blktraces are not allowed on loop9
[  211.872835][T10707] loop3: detected capacity change from 0 to 2048
[  211.981794][T10710] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2252'.
[  211.986935][T10702] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  212.070544][T10704] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2252'.
[  212.158320][T10717] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  212.424514][T10726] futex_wake_op: syz.0.2259 tries to shift op by -1; fix this program
[  212.779303][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  213.087908][T10747] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2263'.
[  213.233474][T10748] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2263'.
[  213.316109][T10754] blktrace: Concurrent blktraces are not allowed on loop1
[  213.509401][T10766] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2268'.
[  213.531754][T10761] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2268'.
[  213.674813][T10776] FAULT_INJECTION: forcing a failure.
[  213.674813][T10776] name failslab, interval 1, probability 0, space 0, times 0
[  213.687821][T10776] CPU: 0 UID: 0 PID: 10776 Comm: syz.2.2273 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  213.687849][T10776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  213.687860][T10776] Call Trace:
[  213.687867][T10776]  <TASK>
[  213.687876][T10776]  __dump_stack+0x1d/0x30
[  213.687949][T10776]  dump_stack_lvl+0xe8/0x140
[  213.687969][T10776]  dump_stack+0x15/0x1b
[  213.687989][T10776]  should_fail_ex+0x265/0x280
[  213.688094][T10776]  should_failslab+0x8c/0xb0
[  213.688115][T10776]  kmem_cache_alloc_node_noprof+0x57/0x320
[  213.688145][T10776]  ? __alloc_skb+0x101/0x320
[  213.688219][T10776]  __alloc_skb+0x101/0x320
[  213.688249][T10776]  netlink_alloc_large_skb+0xba/0xf0
[  213.688283][T10776]  netlink_sendmsg+0x3cf/0x6b0
[  213.688306][T10776]  ? __pfx_netlink_sendmsg+0x10/0x10
[  213.688386][T10776]  __sock_sendmsg+0x142/0x180
[  213.688410][T10776]  ____sys_sendmsg+0x31e/0x4e0
[  213.688482][T10776]  ___sys_sendmsg+0x17b/0x1d0
[  213.688585][T10776]  __x64_sys_sendmsg+0xd4/0x160
[  213.688648][T10776]  x64_sys_call+0x2999/0x2fb0
[  213.688670][T10776]  do_syscall_64+0xd2/0x200
[  213.688686][T10776]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  213.688709][T10776]  ? clear_bhb_loop+0x40/0x90
[  213.688733][T10776]  ? clear_bhb_loop+0x40/0x90
[  213.688824][T10776]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.688881][T10776] RIP: 0033:0x7fcbdc57e929
[  213.688900][T10776] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  213.688921][T10776] RSP: 002b:00007fcbdabe7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  213.688944][T10776] RAX: ffffffffffffffda RBX: 00007fcbdc7a5fa0 RCX: 00007fcbdc57e929
[  213.688957][T10776] RDX: 0000000000000000 RSI: 0000200000001200 RDI: 0000000000000003
[  213.688972][T10776] RBP: 00007fcbdabe7090 R08: 0000000000000000 R09: 0000000000000000
[  213.688987][T10776] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  213.689046][T10776] R13: 0000000000000000 R14: 00007fcbdc7a5fa0 R15: 00007ffcc9655768
[  213.689068][T10776]  </TASK>
[  213.940301][   T29] kauditd_printk_skb: 169 callbacks suppressed
[  213.940317][   T29] audit: type=1400 audit(1749976803.420:4012): avc:  denied  { create } for  pid=10777 comm="syz.3.2274" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  214.007789][T10783] netlink: 'syz.2.2276': attribute type 1 has an invalid length.
[  214.015736][   T29] audit: type=1400 audit(1749976803.450:4013): avc:  denied  { bind } for  pid=10777 comm="syz.3.2274" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  214.058990][T10783] 8021q: adding VLAN 0 to HW filter on device bond9
[  214.094619][   T29] audit: type=1400 audit(1749976803.520:4014): avc:  denied  { write } for  pid=10777 comm="syz.3.2274" path="socket:[31180]" dev="sockfs" ino=31180 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  214.118552][   T29] audit: type=1400 audit(1749976803.560:4015): avc:  denied  { create } for  pid=10782 comm="syz.2.2276" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  214.151594][T10788] netlink: 'syz.2.2277': attribute type 1 has an invalid length.
[  214.206042][T10793] blktrace: Concurrent blktraces are not allowed on loop3
[  214.216789][T10788] 8021q: adding VLAN 0 to HW filter on device bond10
[  214.542426][   T29] audit: type=1400 audit(1749976803.990:4016): avc:  denied  { write } for  pid=10804 comm="syz.1.2282" name="fib_trie" dev="proc" ino=4026532407 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  214.621917][   T29] audit: type=1400 audit(1749976804.020:4017): avc:  denied  { create } for  pid=10809 comm="syz.2.2283" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  214.642114][   T29] audit: type=1400 audit(1749976804.020:4018): avc:  denied  { bind } for  pid=10809 comm="syz.2.2283" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  214.677125][T10814] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2283'.
[  214.709815][T10810] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2283'.
[  214.798966][T10816] loop1: detected capacity change from 0 to 2048
[  214.806047][T10816] /dev/loop1: Can't open blockdev
[  215.325321][T10824] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2287'.
[  215.334848][   T29] audit: type=1400 audit(1749976804.810:4019): avc:  denied  { create } for  pid=10821 comm="syz.2.2287" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  215.354565][   T29] audit: type=1400 audit(1749976804.810:4020): avc:  denied  { bind } for  pid=10821 comm="syz.2.2287" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  215.374388][   T29] audit: type=1400 audit(1749976804.810:4021): avc:  denied  { connect } for  pid=10821 comm="syz.2.2287" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  215.530634][T10830] netlink: 'syz.2.2290': attribute type 1 has an invalid length.
[  215.577926][T10830] 8021q: adding VLAN 0 to HW filter on device bond11
[  215.633601][T10840] loop2: detected capacity change from 0 to 128
[  215.649274][T10840] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  215.754913][T10840] ext4 filesystem being mounted at /432/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  215.799041][T10844] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2292'.
[  215.808282][T10844] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2292'.
[  215.866366][T10849] FAULT_INJECTION: forcing a failure.
[  215.866366][T10849] name failslab, interval 1, probability 0, space 0, times 0
[  215.879250][T10849] CPU: 0 UID: 0 PID: 10849 Comm: syz.4.2294 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  215.879279][T10849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  215.879294][T10849] Call Trace:
[  215.879302][T10849]  <TASK>
[  215.879312][T10849]  __dump_stack+0x1d/0x30
[  215.879338][T10849]  dump_stack_lvl+0xe8/0x140
[  215.879360][T10849]  dump_stack+0x15/0x1b
[  215.879443][T10849]  should_fail_ex+0x265/0x280
[  215.879480][T10849]  should_failslab+0x8c/0xb0
[  215.879623][T10849]  kmem_cache_alloc_noprof+0x50/0x310
[  215.879654][T10849]  ? audit_log_start+0x365/0x6c0
[  215.879729][T10849]  audit_log_start+0x365/0x6c0
[  215.879758][T10849]  audit_seccomp+0x48/0x100
[  215.879788][T10849]  ? __seccomp_filter+0x68c/0x10d0
[  215.879839][T10849]  __seccomp_filter+0x69d/0x10d0
[  215.879864][T10849]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  215.879951][T10849]  ? vfs_write+0x75e/0x8e0
[  215.879994][T10849]  ? __rcu_read_unlock+0x4f/0x70
[  215.880019][T10849]  ? __fget_files+0x184/0x1c0
[  215.880078][T10849]  __secure_computing+0x82/0x150
[  215.880115][T10849]  syscall_trace_enter+0xcf/0x1e0
[  215.880137][T10849]  do_syscall_64+0xac/0x200
[  215.880157][T10849]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  215.880186][T10849]  ? clear_bhb_loop+0x40/0x90
[  215.880220][T10849]  ? clear_bhb_loop+0x40/0x90
[  215.880306][T10849]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.880331][T10849] RIP: 0033:0x7f14715ee929
[  215.880349][T10849] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  215.880371][T10849] RSP: 002b:00007f146fc57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  215.880394][T10849] RAX: ffffffffffffffda RBX: 00007f1471815fa0 RCX: 00007f14715ee929
[  215.880450][T10849] RDX: 000000000000fdef RSI: 0000200000000340 RDI: 0000000000000003
[  215.880462][T10849] RBP: 00007f146fc57090 R08: 0000000000000000 R09: 0000000000000000
[  215.880475][T10849] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  215.880487][T10849] R13: 0000000000000000 R14: 00007f1471815fa0 R15: 00007fff5f206378
[  215.880504][T10849]  </TASK>
[  216.105903][T10844] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2292'.
[  216.535044][T10861] capability: warning: `syz.3.2297' uses deprecated v2 capabilities in a way that may be insecure
[  216.550373][T10856] 9pnet: Could not find request transport: fd0x0000000000000003
[  216.564804][ T3317] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  216.592865][T10861] program syz.3.2297 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  216.621574][T10850] serio: Serial port ttyS3
[  216.692475][T10869] loop2: detected capacity change from 0 to 2048
[  216.716626][T10869] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  216.898741][T10882] netlink: 'syz.0.2304': attribute type 1 has an invalid length.
[  216.913609][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  216.941586][T10885] 9pnet_fd: Insufficient options for proto=fd
[  216.952499][T10885] 9pnet_fd: Insufficient options for proto=fd
[  216.994518][T10892] FAULT_INJECTION: forcing a failure.
[  216.994518][T10892] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  217.007792][T10892] CPU: 0 UID: 0 PID: 10892 Comm: syz.1.2307 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  217.007851][T10892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  217.007876][T10892] Call Trace:
[  217.007884][T10892]  <TASK>
[  217.007893][T10892]  __dump_stack+0x1d/0x30
[  217.007918][T10892]  dump_stack_lvl+0xe8/0x140
[  217.007940][T10892]  dump_stack+0x15/0x1b
[  217.007959][T10892]  should_fail_ex+0x265/0x280
[  217.008052][T10892]  should_fail+0xb/0x20
[  217.008099][T10892]  should_fail_usercopy+0x1a/0x20
[  217.008125][T10892]  copy_fpstate_to_sigframe+0x628/0x7d0
[  217.008182][T10892]  ? copy_fpstate_to_sigframe+0xe6/0x7d0
[  217.008210][T10892]  ? x86_task_fpu+0x36/0x60
[  217.008233][T10892]  get_sigframe+0x34d/0x490
[  217.008248][T10892]  ? get_signal+0xdc8/0xf70
[  217.008312][T10892]  x64_setup_rt_frame+0xa8/0x580
[  217.008330][T10892]  arch_do_signal_or_restart+0x27c/0x480
[  217.008351][T10892]  exit_to_user_mode_loop+0x7a/0x100
[  217.008372][T10892]  do_syscall_64+0x1d6/0x200
[  217.008414][T10892]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  217.008440][T10892]  ? clear_bhb_loop+0x40/0x90
[  217.008459][T10892]  ? clear_bhb_loop+0x40/0x90
[  217.008493][T10892]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.008512][T10892] RIP: 0033:0x7f9f2498e927
[  217.008526][T10892] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89
[  217.008543][T10892] RSP: 002b:00007f9f22ff7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[  217.008567][T10892] RAX: 0000000000000013 RBX: 00007f9f24bb5fa0 RCX: 00007f9f2498e929
[  217.008579][T10892] RDX: 0000000000000001 RSI: 0000200000001340 RDI: 0000000000000004
[  217.008590][T10892] RBP: 00007f9f22ff7090 R08: 0000000000000000 R09: 0000000000000000
[  217.008602][T10892] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  217.008614][T10892] R13: 0000000000000000 R14: 00007f9f24bb5fa0 R15: 00007ffff83e9698
[  217.008630][T10892]  </TASK>
[  217.012387][T10890] loop2: detected capacity change from 0 to 512
[  217.174123][T10895] loop4: detected capacity change from 0 to 2048
[  217.233775][T10890] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  217.324435][T10890] EXT4-fs error (device loop2): ext4_get_branch:178: inode #11: block 4294967295: comm syz.2.2306: invalid block
[  217.341311][T10890] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.2306: invalid indirect mapped block 4294967295 (level 1)
[  217.393693][T10890] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.2306: invalid indirect mapped block 4294967295 (level 1)
[  217.437336][T10890] EXT4-fs (loop2): 2 truncates cleaned up
[  217.455209][T10890] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  217.524922][T10890] EXT4-fs (loop2): shut down requested (2)
[  217.531267][T10890] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  217.555181][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  217.599634][T10900] 9pnet: Could not find request transport: fd0x0000000000000003
[  217.865806][T10916] wireguard1: entered promiscuous mode
[  217.865824][T10921] 9pnet_fd: Insufficient options for proto=fd
[  217.871480][T10916] wireguard1: entered allmulticast mode
[  217.921677][T10921] 9pnet_fd: Insufficient options for proto=fd
[  217.948775][T10933] 9pnet_fd: Insufficient options for proto=fd
[  217.971113][T10936] FAULT_INJECTION: forcing a failure.
[  217.971113][T10936] name failslab, interval 1, probability 0, space 0, times 0
[  217.984154][T10936] CPU: 0 UID: 0 PID: 10936 Comm: syz.1.2324 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  217.984187][T10936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  217.984201][T10936] Call Trace:
[  217.984208][T10936]  <TASK>
[  217.984216][T10936]  __dump_stack+0x1d/0x30
[  217.984240][T10936]  dump_stack_lvl+0xe8/0x140
[  217.984284][T10936]  dump_stack+0x15/0x1b
[  217.984302][T10936]  should_fail_ex+0x265/0x280
[  217.984334][T10936]  ? __se_sys_memfd_create+0x1cc/0x590
[  217.984367][T10936]  should_failslab+0x8c/0xb0
[  217.984405][T10936]  __kmalloc_cache_noprof+0x4c/0x320
[  217.984434][T10936]  ? fput+0x8f/0xc0
[  217.984522][T10936]  __se_sys_memfd_create+0x1cc/0x590
[  217.984556][T10936]  __x64_sys_memfd_create+0x31/0x40
[  217.984588][T10936]  x64_sys_call+0x122f/0x2fb0
[  217.984643][T10936]  do_syscall_64+0xd2/0x200
[  217.984718][T10936]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  217.984746][T10936]  ? clear_bhb_loop+0x40/0x90
[  217.984812][T10936]  ? clear_bhb_loop+0x40/0x90
[  217.984854][T10936]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.984877][T10936] RIP: 0033:0x7f9f2498e929
[  217.984892][T10936] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  217.984911][T10936] RSP: 002b:00007f9f22ff6e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  217.984933][T10936] RAX: ffffffffffffffda RBX: 0000000000000729 RCX: 00007f9f2498e929
[  217.984956][T10936] RDX: 00007f9f22ff6ef0 RSI: 0000000000000000 RDI: 00007f9f24a114cc
[  217.984978][T10936] RBP: 0000200000001340 R08: 00007f9f22ff6bb7 R09: 00007f9f22ff6e40
[  217.984992][T10936] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000280
[  217.985006][T10936] R13: 00007f9f22ff6ef0 R14: 00007f9f22ff6eb0 R15: 0000200000000300
[  217.985071][T10936]  </TASK>
[  217.989894][T10939] futex_wake_op: syz.3.2326 tries to shift op by -1; fix this program
[  218.185349][T10949] loop1: detected capacity change from 0 to 1024
[  218.192297][T10949] EXT4-fs: Ignoring removed nobh option
[  218.198263][T10949] EXT4-fs: Ignoring removed bh option
[  218.237924][T10949] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  218.275504][T10953] loop4: detected capacity change from 0 to 1024
[  218.286806][T10949] EXT4-fs error (device loop1): mb_free_blocks:1948: group 0, inode 15: block 241:freeing already freed block (bit 15); block bitmap corrupt.
[  218.312888][T10953] EXT4-fs: Ignoring removed nobh option
[  218.318658][T10953] EXT4-fs: Ignoring removed bh option
[  218.335131][T10962] __nla_validate_parse: 16 callbacks suppressed
[  218.335148][T10962] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2331'.
[  218.351824][T10955] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2331'.
[  218.361414][T10953] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  218.376613][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  218.393810][T10953] FAULT_INJECTION: forcing a failure.
[  218.393810][T10953] name failslab, interval 1, probability 0, space 0, times 0
[  218.406615][T10953] CPU: 0 UID: 0 PID: 10953 Comm: syz.4.2330 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  218.406704][T10953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  218.406718][T10953] Call Trace:
[  218.406727][T10953]  <TASK>
[  218.406736][T10953]  __dump_stack+0x1d/0x30
[  218.406762][T10953]  dump_stack_lvl+0xe8/0x140
[  218.406782][T10953]  dump_stack+0x15/0x1b
[  218.406797][T10953]  should_fail_ex+0x265/0x280
[  218.406843][T10953]  should_failslab+0x8c/0xb0
[  218.406870][T10953]  kmem_cache_alloc_noprof+0x50/0x310
[  218.406897][T10953]  ? __es_insert_extent+0x508/0xee0
[  218.406919][T10953]  __es_insert_extent+0x508/0xee0
[  218.406989][T10953]  ? should_fail_ex+0xdb/0x280
[  218.407014][T10953]  ext4_es_insert_extent+0x435/0x1c10
[  218.407032][T10953]  ? ext4_find_extent+0x16b/0x7a0
[  218.407060][T10953]  ext4_ext_map_blocks+0x172b/0x38a0
[  218.407134][T10953]  ? bdev_getblk+0x66/0x3d0
[  218.407160][T10953]  ? ext4_get_group_desc+0x16b/0x190
[  218.407223][T10953]  ? folio_mark_accessed+0x240/0x3d0
[  218.407254][T10953]  ext4_map_query_blocks+0xa8/0x480
[  218.407316][T10953]  ext4_map_blocks+0x3a1/0xd70
[  218.407342][T10953]  ? kmem_cache_alloc_noprof+0x220/0x310
[  218.407366][T10953]  ? alloc_buffer_head+0x1c3/0x1f0
[  218.407392][T10953]  _ext4_get_block+0x10a/0x350
[  218.407410][T10953]  ext4_get_block_unwritten+0x2a/0xb0
[  218.407428][T10953]  ext4_block_write_begin+0x3d0/0xa60
[  218.407472][T10953]  ? __pfx_ext4_get_block_unwritten+0x10/0x10
[  218.407492][T10953]  ext4_convert_inline_data_to_extent+0x3de/0x7b0
[  218.407523][T10953]  ext4_try_to_write_inline_data+0x54/0x90
[  218.407670][T10953]  ext4_write_begin+0x148/0xd30
[  218.407835][T10953]  ? find_inode_by_ino_rcu+0x9d/0x160
[  218.407856][T10953]  ? ext4_mark_iloc_dirty+0xd3f/0xda0
[  218.407882][T10953]  ext4_da_write_begin+0x1e0/0x670
[  218.407969][T10953]  ? balance_dirty_pages_ratelimited_flags+0x40b/0x5e0
[  218.408003][T10953]  generic_perform_write+0x184/0x490
[  218.408024][T10953]  ext4_buffered_write_iter+0x1ee/0x3c0
[  218.408045][T10953]  ext4_file_write_iter+0x383/0xf00
[  218.408066][T10953]  ? _parse_integer_limit+0x170/0x190
[  218.408123][T10953]  do_iter_readv_writev+0x421/0x4c0
[  218.408143][T10953]  vfs_writev+0x2df/0x8b0
[  218.408204][T10953]  ? mutex_lock+0xd/0x30
[  218.408227][T10953]  do_writev+0xe7/0x210
[  218.408378][T10953]  __x64_sys_writev+0x45/0x50
[  218.408395][T10953]  x64_sys_call+0x2006/0x2fb0
[  218.408414][T10953]  do_syscall_64+0xd2/0x200
[  218.408430][T10953]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  218.408530][T10953]  ? clear_bhb_loop+0x40/0x90
[  218.408548][T10953]  ? clear_bhb_loop+0x40/0x90
[  218.408566][T10953]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.408584][T10953] RIP: 0033:0x7f14715ee929
[  218.408660][T10953] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  218.408676][T10953] RSP: 002b:00007f146fc57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  218.408705][T10953] RAX: ffffffffffffffda RBX: 00007f1471815fa0 RCX: 00007f14715ee929
[  218.408716][T10953] RDX: 0000000000000001 RSI: 0000200000000140 RDI: 0000000000000004
[  218.408728][T10953] RBP: 00007f146fc57090 R08: 0000000000000000 R09: 0000000000000000
[  218.408747][T10953] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  218.408758][T10953] R13: 0000000000000000 R14: 00007f1471815fa0 R15: 00007fff5f206378
[  218.408774][T10953]  </TASK>
[  218.800279][T10953] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 15: block 241:freeing already freed block (bit 15); block bitmap corrupt.
[  218.842550][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  218.851811][T10966] loop1: detected capacity change from 0 to 256
[  218.859239][T10966] FAT-fs (loop1): bogus number of FAT sectors
[  218.865563][T10966] FAT-fs (loop1): Can't find a valid FAT filesystem
[  218.913906][T10968] 9pnet_fd: Insufficient options for proto=fd
[  218.932796][T10968] 9pnet_fd: Insufficient options for proto=fd
[  218.943985][   T29] kauditd_printk_skb: 76 callbacks suppressed
[  218.944004][   T29] audit: type=1326 audit(1749976808.430:4094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10969 comm="syz.0.2335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14eb19e929 code=0x7ffc0000
[  218.973801][   T29] audit: type=1326 audit(1749976808.430:4095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10969 comm="syz.0.2335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14eb19e929 code=0x7ffc0000
[  219.040762][T10979] xt_CT: You must specify a L4 protocol and not use inversions on it
[  219.057920][T10979] sg_write: data in/out 476/14 bytes for SCSI command 0x4-- guessing data in;
[  219.057920][T10979]    program syz.1.2339 not setting count and/or reply_len properly
[  219.093811][T10977] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  219.121517][   T29] audit: type=1326 audit(1749976808.490:4096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10969 comm="syz.0.2335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=250 compat=0 ip=0x7f14eb19e929 code=0x7ffc0000
[  219.122413][T10977] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2338'.
[  219.145081][   T29] audit: type=1326 audit(1749976808.490:4097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10969 comm="syz.0.2335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14eb19e929 code=0x7ffc0000
[  219.145164][   T29] audit: type=1326 audit(1749976808.490:4098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10969 comm="syz.0.2335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14eb19e929 code=0x7ffc0000
[  219.145190][   T29] audit: type=1326 audit(1749976808.490:4099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10969 comm="syz.0.2335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=249 compat=0 ip=0x7f14eb19e929 code=0x7ffc0000
[  219.145216][   T29] audit: type=1326 audit(1749976808.490:4100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10969 comm="syz.0.2335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14eb19e929 code=0x7ffc0000
[  219.249292][   T29] audit: type=1400 audit(1749976808.530:4101): avc:  denied  { write } for  pid=10978 comm="syz.1.2339" laddr=::ffff:172.20.20.10 lport=255 faddr=::ffff:172.20.20.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  219.275071][   T29] audit: type=1400 audit(1749976808.590:4102): avc:  denied  { mount } for  pid=10975 comm="syz.0.2338" name="/" dev="configfs" ino=908 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  219.298074][   T29] audit: type=1400 audit(1749976808.590:4103): avc:  denied  { search } for  pid=10975 comm="syz.0.2338" name="/" dev="configfs" ino=908 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  219.331939][T10974] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2337'.
[  219.419227][T10992] FAULT_INJECTION: forcing a failure.
[  219.419227][T10992] name failslab, interval 1, probability 0, space 0, times 0
[  219.432059][T10992] CPU: 1 UID: 0 PID: 10992 Comm: syz.2.2343 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  219.432166][T10992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  219.432180][T10992] Call Trace:
[  219.432224][T10992]  <TASK>
[  219.432231][T10992]  __dump_stack+0x1d/0x30
[  219.432252][T10992]  dump_stack_lvl+0xe8/0x140
[  219.432269][T10992]  dump_stack+0x15/0x1b
[  219.432284][T10992]  should_fail_ex+0x265/0x280
[  219.432332][T10992]  ? copy_ipcs+0xf5/0x3b0
[  219.432357][T10992]  should_failslab+0x8c/0xb0
[  219.432378][T10992]  __kmalloc_cache_noprof+0x4c/0x320
[  219.432525][T10992]  ? inc_ucount+0xcb/0x140
[  219.432558][T10992]  copy_ipcs+0xf5/0x3b0
[  219.432672][T10992]  create_new_namespaces+0x12a/0x3d0
[  219.432804][T10992]  unshare_nsproxy_namespaces+0xe8/0x120
[  219.432837][T10992]  ksys_unshare+0x3d0/0x6d0
[  219.432867][T10992]  ? ksys_write+0x192/0x1a0
[  219.432885][T10992]  __x64_sys_unshare+0x1f/0x30
[  219.432986][T10992]  x64_sys_call+0x2d4b/0x2fb0
[  219.433008][T10992]  do_syscall_64+0xd2/0x200
[  219.433025][T10992]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  219.433116][T10992]  ? clear_bhb_loop+0x40/0x90
[  219.433135][T10992]  ? clear_bhb_loop+0x40/0x90
[  219.433155][T10992]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  219.433180][T10992] RIP: 0033:0x7fcbdc57e929
[  219.433245][T10992] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  219.433266][T10992] RSP: 002b:00007fcbdabe7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  219.433289][T10992] RAX: ffffffffffffffda RBX: 00007fcbdc7a5fa0 RCX: 00007fcbdc57e929
[  219.433304][T10992] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000068040200
[  219.433319][T10992] RBP: 00007fcbdabe7090 R08: 0000000000000000 R09: 0000000000000000
[  219.433392][T10992] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  219.433481][T10992] R13: 0000000000000000 R14: 00007fcbdc7a5fa0 R15: 00007ffcc9655768
[  219.433501][T10992]  </TASK>
[  219.708515][T11002] 9pnet_fd: Insufficient options for proto=fd
[  219.715761][T11002] 9pnet_fd: Insufficient options for proto=fd
[  219.729256][T11003] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2344'.
[  219.738641][T10996] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2344'.
[  219.764183][T11006] loop1: detected capacity change from 0 to 2048
[  219.783378][T11008] FAULT_INJECTION: forcing a failure.
[  219.783378][T11008] name failslab, interval 1, probability 0, space 0, times 0
[  219.796187][T11008] CPU: 0 UID: 0 PID: 11008 Comm: syz.3.2349 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  219.796215][T11008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  219.796226][T11008] Call Trace:
[  219.796232][T11008]  <TASK>
[  219.796241][T11008]  __dump_stack+0x1d/0x30
[  219.796264][T11008]  dump_stack_lvl+0xe8/0x140
[  219.796293][T11008]  dump_stack+0x15/0x1b
[  219.796345][T11008]  should_fail_ex+0x265/0x280
[  219.796522][T11008]  should_failslab+0x8c/0xb0
[  219.796549][T11008]  kmem_cache_alloc_node_noprof+0x57/0x320
[  219.796643][T11008]  ? __alloc_skb+0x101/0x320
[  219.796678][T11008]  __alloc_skb+0x101/0x320
[  219.796712][T11008]  netlink_alloc_large_skb+0xba/0xf0
[  219.796831][T11008]  netlink_sendmsg+0x3cf/0x6b0
[  219.796855][T11008]  ? __pfx_netlink_sendmsg+0x10/0x10
[  219.796878][T11008]  __sock_sendmsg+0x142/0x180
[  219.796908][T11008]  ____sys_sendmsg+0x31e/0x4e0
[  219.796942][T11008]  ___sys_sendmsg+0x17b/0x1d0
[  219.797047][T11008]  __x64_sys_sendmsg+0xd4/0x160
[  219.797068][T11008]  x64_sys_call+0x2999/0x2fb0
[  219.797087][T11008]  do_syscall_64+0xd2/0x200
[  219.797125][T11008]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  219.797173][T11008]  ? clear_bhb_loop+0x40/0x90
[  219.797198][T11008]  ? clear_bhb_loop+0x40/0x90
[  219.797223][T11008]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  219.797403][T11008] RIP: 0033:0x7f4d055be929
[  219.797422][T11008] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  219.797470][T11008] RSP: 002b:00007f4d03c27038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  219.797489][T11008] RAX: ffffffffffffffda RBX: 00007f4d057e5fa0 RCX: 00007f4d055be929
[  219.797504][T11008] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000003
[  219.797518][T11008] RBP: 00007f4d03c27090 R08: 0000000000000000 R09: 0000000000000000
[  219.797532][T11008] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  219.797557][T11008] R13: 0000000000000000 R14: 00007f4d057e5fa0 R15: 00007ffc01aef4d8
[  219.797578][T11008]  </TASK>
[  220.369349][T11017] netlink: 'syz.3.2353': attribute type 1 has an invalid length.
[  220.385568][T11017] 8021q: adding VLAN 0 to HW filter on device bond15
[  220.426734][T11023] loop1: detected capacity change from 0 to 512
[  220.494829][T11035] futex_wake_op: syz.2.2358 tries to shift op by -1; fix this program
[  220.539289][T11040] 9pnet_fd: Insufficient options for proto=fd
[  220.552736][T11040] 9pnet_fd: Insufficient options for proto=fd
[  220.603447][T11023] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  220.627482][T11023] ext4 filesystem being mounted at /452/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  221.132582][T11051] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2361'.
[  221.248993][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.482954][T11058] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2362'.
[  221.492188][T11055] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2362'.
[  221.528886][T11061] FAULT_INJECTION: forcing a failure.
[  221.528886][T11061] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  221.528917][T11061] CPU: 0 UID: 0 PID: 11061 Comm: syz.4.2365 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  221.528946][T11061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  221.528959][T11061] Call Trace:
[  221.528967][T11061]  <TASK>
[  221.528975][T11061]  __dump_stack+0x1d/0x30
[  221.528998][T11061]  dump_stack_lvl+0xe8/0x140
[  221.529031][T11061]  dump_stack+0x15/0x1b
[  221.529048][T11061]  should_fail_ex+0x265/0x280
[  221.529080][T11061]  should_fail+0xb/0x20
[  221.529135][T11061]  should_fail_usercopy+0x1a/0x20
[  221.529169][T11061]  _copy_to_user+0x20/0xa0
[  221.529200][T11061]  simple_read_from_buffer+0xb5/0x130
[  221.529256][T11061]  proc_fail_nth_read+0x100/0x140
[  221.529329][T11061]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  221.529349][T11061]  vfs_read+0x1a0/0x6f0
[  221.529380][T11061]  ? __rcu_read_unlock+0x4f/0x70
[  221.529403][T11061]  ? __fget_files+0x184/0x1c0
[  221.529444][T11061]  ksys_read+0xda/0x1a0
[  221.529494][T11061]  __x64_sys_read+0x40/0x50
[  221.529527][T11061]  x64_sys_call+0x2d77/0x2fb0
[  221.529549][T11061]  do_syscall_64+0xd2/0x200
[  221.529583][T11061]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  221.529610][T11061]  ? clear_bhb_loop+0x40/0x90
[  221.529717][T11061]  ? clear_bhb_loop+0x40/0x90
[  221.529739][T11061]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  221.529762][T11061] RIP: 0033:0x7f14715ed33c
[  221.529777][T11061] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  221.529797][T11061] RSP: 002b:00007f146fc57030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  221.529877][T11061] RAX: ffffffffffffffda RBX: 00007f1471815fa0 RCX: 00007f14715ed33c
[  221.529890][T11061] RDX: 000000000000000f RSI: 00007f146fc570a0 RDI: 0000000000000003
[  221.529903][T11061] RBP: 00007f146fc57090 R08: 0000000000000000 R09: 0000000000000000
[  221.529916][T11061] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  221.529929][T11061] R13: 0000000000000001 R14: 00007f1471815fa0 R15: 00007fff5f206378
[  221.529956][T11061]  </TASK>
[  221.576348][T11063] loop4: detected capacity change from 0 to 256
[  221.581306][T11063] FAT-fs (loop4): Directory bread(block 1285) failed
[  221.613209][T11063] FAT-fs (loop4): Directory bread(block 1285) failed
[  221.664088][T11064] loop2: detected capacity change from 0 to 2048
[  221.672258][T11065] FAT-fs (loop4): Directory bread(block 1285) failed
[  221.853116][T11070] netlink: 'syz.4.2367': attribute type 10 has an invalid length.
[  221.855004][T11070] batman_adv: batadv0: Adding interface: team0
[  221.855016][T11070] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  221.855086][T11070] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  221.872183][T11070] netlink: 'syz.4.2367': attribute type 10 has an invalid length.
[  221.872200][T11070] netlink: 2 bytes leftover after parsing attributes in process `syz.4.2367'.
[  221.872283][T11070] team0: entered promiscuous mode
[  221.872298][T11070] team_slave_0: entered promiscuous mode
[  221.872434][T11070] team_slave_1: entered promiscuous mode
[  221.874193][T11070] 8021q: adding VLAN 0 to HW filter on device team0
[  222.116287][T11070] batman_adv: batadv0: Interface activated: team0
[  222.122874][T11070] batman_adv: batadv0: Interface deactivated: team0
[  222.129604][T11070] batman_adv: batadv0: Removing interface: team0
[  222.137936][T11070] bridge0: port 3(team0) entered blocking state
[  222.144411][T11070] bridge0: port 3(team0) entered disabled state
[  222.152279][T11070] team0: entered allmulticast mode
[  222.158432][T11070] team_slave_0: entered allmulticast mode
[  222.164404][T11070] team_slave_1: entered allmulticast mode
[  222.175317][T11070] bridge0: port 3(team0) entered blocking state
[  222.181712][T11070] bridge0: port 3(team0) entered forwarding state
[  222.298962][T11085] loop1: detected capacity change from 0 to 8192
[  222.342643][T11088] syz.2.2373 (11088) used obsolete PPPIOCDETACH ioctl
[  222.353322][T11090] futex_wake_op: syz.4.2374 tries to shift op by -1; fix this program
[  223.273662][T11115] netlink: 'syz.4.2380': attribute type 1 has an invalid length.
[  223.282205][T11117] FAULT_INJECTION: forcing a failure.
[  223.282205][T11117] name failslab, interval 1, probability 0, space 0, times 0
[  223.295021][T11117] CPU: 0 UID: 0 PID: 11117 Comm: syz.2.2381 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  223.295052][T11117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  223.295074][T11117] Call Trace:
[  223.295081][T11117]  <TASK>
[  223.295089][T11117]  __dump_stack+0x1d/0x30
[  223.295112][T11117]  dump_stack_lvl+0xe8/0x140
[  223.295181][T11117]  dump_stack+0x15/0x1b
[  223.295196][T11117]  should_fail_ex+0x265/0x280
[  223.295294][T11117]  should_failslab+0x8c/0xb0
[  223.295317][T11117]  kmem_cache_alloc_noprof+0x50/0x310
[  223.295348][T11117]  ? getname_flags+0x80/0x3b0
[  223.295489][T11117]  getname_flags+0x80/0x3b0
[  223.295509][T11117]  do_sys_openat2+0x60/0x110
[  223.295534][T11117]  __x64_sys_openat+0xf2/0x120
[  223.295558][T11117]  x64_sys_call+0x1af/0x2fb0
[  223.295580][T11117]  do_syscall_64+0xd2/0x200
[  223.295648][T11117]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  223.295672][T11117]  ? clear_bhb_loop+0x40/0x90
[  223.295797][T11117]  ? clear_bhb_loop+0x40/0x90
[  223.295820][T11117]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.295850][T11117] RIP: 0033:0x7fcbdc57e929
[  223.295925][T11117] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  223.295946][T11117] RSP: 002b:00007fcbdabe7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  223.295965][T11117] RAX: ffffffffffffffda RBX: 00007fcbdc7a5fa0 RCX: 00007fcbdc57e929
[  223.295978][T11117] RDX: 0000000000000481 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  223.295990][T11117] RBP: 00007fcbdabe7090 R08: 0000000000000000 R09: 0000000000000000
[  223.296010][T11117] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  223.296024][T11117] R13: 0000000000000000 R14: 00007fcbdc7a5fa0 R15: 00007ffcc9655768
[  223.296043][T11117]  </TASK>
[  223.487689][T11115] 8021q: adding VLAN 0 to HW filter on device bond10
[  223.534515][T11122] random: crng reseeded on system resumption
[  223.549390][T11126] __nla_validate_parse: 2 callbacks suppressed
[  223.549407][T11126] netlink: 71 bytes leftover after parsing attributes in process `syz.4.2383'.
[  223.585647][T11129] 9pnet_fd: Insufficient options for proto=fd
[  223.600478][T11126] bond11: entered promiscuous mode
[  223.603205][T11129] 9pnet_fd: Insufficient options for proto=fd
[  223.605994][T11126] bond11: entered allmulticast mode
[  223.612943][T11127] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2379'.
[  223.632941][T11126] 8021q: adding VLAN 0 to HW filter on device bond11
[  223.642762][T11126] bond11 (unregistering): Released all slaves
[  223.811084][T11142] loop2: detected capacity change from 0 to 2048
[  223.927438][T11146] @: renamed from vlan0
[  224.074033][T11153] futex_wake_op: syz.3.2391 tries to shift op by -1; fix this program
[  224.561775][T11160] loop4: detected capacity change from 0 to 512
[  224.675036][T11162] netlink: 'syz.2.2393': attribute type 1 has an invalid length.
[  224.854120][T11162] 8021q: adding VLAN 0 to HW filter on device bond12
[  224.996896][T11169] FAULT_INJECTION: forcing a failure.
[  224.996896][T11169] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  225.010335][T11169] CPU: 0 UID: 0 PID: 11169 Comm: syz.0.2394 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  225.010367][T11169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  225.010381][T11169] Call Trace:
[  225.010388][T11169]  <TASK>
[  225.010397][T11169]  __dump_stack+0x1d/0x30
[  225.010419][T11169]  dump_stack_lvl+0xe8/0x140
[  225.010519][T11169]  dump_stack+0x15/0x1b
[  225.010537][T11169]  should_fail_ex+0x265/0x280
[  225.010571][T11169]  should_fail+0xb/0x20
[  225.010634][T11169]  should_fail_usercopy+0x1a/0x20
[  225.010735][T11169]  _copy_to_user+0x20/0xa0
[  225.010781][T11169]  simple_read_from_buffer+0xb5/0x130
[  225.010810][T11169]  proc_fail_nth_read+0x100/0x140
[  225.010833][T11169]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  225.010908][T11169]  vfs_read+0x1a0/0x6f0
[  225.010940][T11169]  ? __rcu_read_unlock+0x4f/0x70
[  225.010965][T11169]  ? __fget_files+0x184/0x1c0
[  225.010987][T11169]  ksys_read+0xda/0x1a0
[  225.011066][T11169]  __x64_sys_read+0x40/0x50
[  225.011113][T11169]  x64_sys_call+0x2d77/0x2fb0
[  225.011162][T11169]  do_syscall_64+0xd2/0x200
[  225.011179][T11169]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  225.011202][T11169]  ? clear_bhb_loop+0x40/0x90
[  225.011223][T11169]  ? clear_bhb_loop+0x40/0x90
[  225.011258][T11169]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.011283][T11169] RIP: 0033:0x7f14eb19d33c
[  225.011299][T11169] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  225.011356][T11169] RSP: 002b:00007f14e9807030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  225.011375][T11169] RAX: ffffffffffffffda RBX: 00007f14eb3c5fa0 RCX: 00007f14eb19d33c
[  225.011387][T11169] RDX: 000000000000000f RSI: 00007f14e98070a0 RDI: 0000000000000007
[  225.011401][T11169] RBP: 00007f14e9807090 R08: 0000000000000000 R09: 0000000000000000
[  225.011416][T11169] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  225.011433][T11169] R13: 0000000000000000 R14: 00007f14eb3c5fa0 R15: 00007ffc5cf854a8
[  225.011449][T11169]  </TASK>
[  225.226185][T11173] 9pnet_fd: Insufficient options for proto=fd
[  225.235006][T11173] 9pnet_fd: Insufficient options for proto=fd
[  225.252181][T11172] blktrace: Concurrent blktraces are not allowed on loop5
[  225.308181][   T29] kauditd_printk_skb: 132 callbacks suppressed
[  225.308197][   T29] audit: type=1400 audit(1749976814.790:4236): avc:  denied  { sqpoll } for  pid=11176 comm="syz.3.2399" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  225.370389][   T29] audit: type=1400 audit(1749976814.850:4237): avc:  denied  { bind } for  pid=11185 comm="syz.3.2402" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  225.395571][   T29] audit: type=1400 audit(1749976814.880:4238): avc:  denied  { connect } for  pid=11185 comm="syz.3.2402" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  225.459248][T11194] loop3: detected capacity change from 0 to 512
[  225.489993][T11194] EXT4-fs (loop3): orphan cleanup on readonly fs
[  225.509241][T11194] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2402: bg 0: block 131: padding at end of block bitmap is not set
[  225.547021][T11194] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  225.556892][T11194] EXT4-fs (loop3): 1 truncate cleaned up
[  225.563062][T11194] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  225.602559][T11205] futex_wake_op: syz.2.2406 tries to shift op by -1; fix this program
[  226.382440][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  226.426478][T11212] netlink: 'syz.0.2408': attribute type 1 has an invalid length.
[  226.495849][T11217] 9pnet_fd: Insufficient options for proto=fd
[  226.521924][T11217] 9pnet_fd: Insufficient options for proto=fd
[  226.552553][T11221] blktrace: Concurrent blktraces are not allowed on loop3
[  226.606244][T11231] loop2: detected capacity change from 0 to 512
[  226.615744][T11223] ==================================================================
[  226.623870][T11223] BUG: KCSAN: data-race in copy_mm / dup_mmap
[  226.629954][T11223] 
[  226.632287][T11223] read-write to 0xffff88811a5645f8 of 4 bytes by task 11225 on cpu 1:
[  226.640443][T11223]  dup_mmap+0xd8/0xf20
[  226.644533][T11223]  copy_mm+0x11a/0x370
[  226.648637][T11223]  copy_process+0xcf1/0x1fe0
[  226.653328][T11223]  kernel_clone+0x16c/0x5b0
[  226.657939][T11223]  __x64_sys_clone+0xe6/0x120
[  226.662638][T11223]  x64_sys_call+0x2c59/0x2fb0
[  226.667414][T11223]  do_syscall_64+0xd2/0x200
[  226.671926][T11223]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.678001][T11223] 
[  226.680324][T11223] read to 0xffff88811a564500 of 1408 bytes by task 11223 on cpu 0:
[  226.688216][T11223]  copy_mm+0xe2/0x370
[  226.692206][T11223]  copy_process+0xcf1/0x1fe0
[  226.696811][T11223]  kernel_clone+0x16c/0x5b0
[  226.701322][T11223]  __x64_sys_clone+0xe6/0x120
[  226.706099][T11223]  x64_sys_call+0x2c59/0x2fb0
[  226.710975][T11223]  do_syscall_64+0xd2/0x200
[  226.715572][T11223]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.721471][T11223] 
[  226.723969][T11223] Reported by Kernel Concurrency Sanitizer on:
[  226.730122][T11223] CPU: 0 UID: 0 PID: 11223 Comm: syz.0.2412 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  226.742635][T11223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  226.752701][T11223] ==================================================================
[  227.012745][T11239] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2414'.