last executing test programs:

2.10439829s ago: executing program 4 (id=3723):
r0 = syz_open_dev$rtc(&(0x7f0000000040), 0xfffffffffffffffb, 0x0)
ioctl$RTC_AIE_ON(r0, 0x7001)
socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @lirc_mode2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r1}, &(0x7f0000000340), &(0x7f0000000300)}, 0x20)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000003200)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
connect$pppl2tp(r4, &(0x7f00000002c0)=@pppol2tpin6={0x18, 0x1, {0x0, r5, 0x8, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x32)
writev(r4, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x34000}], 0x1)
socket$packet(0x11, 0x2, 0x300)
faccessat2(0xffffffffffffffff, &(0x7f0000000040)='\x00', 0x1, 0x1300)

2.090064461s ago: executing program 4 (id=3725):
r0 = getpid()
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = openat2(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x10200, 0x18, 0x10}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb=0x1, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = socket$inet(0x2, 0x3, 0x8d)
setsockopt$inet_msfilter(r4, 0x0, 0x8, 0x0, 0x1)
socket(0xa, 0x1, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x400, &(0x7f0000000000)={[{@grpjquota}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x1, 0x4a6, &(0x7f0000000a40)="$eJzs3c1rXOUaAPBnZpo0SXNvP+7l0vaCLVSoHzSTD6SJutCVuiiIBTcKNSbTWDPJhMykNqGLVHdduBBFQVy49y9wY1cWQVzrXlxIRWsEFYSRc2amzdfUQdMM5Px+cDrv+eg875vheXnPO+fMCSCzTib/5CIGI+KriDjYWN14wMnGy9rtq1PJkot6/fyPufS4ZL11aOv/HYiI1Yjoi4gXnol4Nbc1bnV5ZXayXC4tNteLtbmFYnV55cylucmZ0kxpfmT87MTE+PDY6MSOtfX6269fP/fpc72f/PrWrZvvfP5ZUq3B5r717dhJjab3xOF12/ZFxJP3I1gXFJrt6e92Rfhbks/vPxFxKs3/g1FIP00gC+r1ev2P+v52u1frwJ6VT8fAufxQRDTK+fzQUGMM/98YyJcr1dqjFytL89ONsfKh6MlfvFQuDTfPFQ5FTy5ZH0nLd9dHN62PRaRj4HcL/en60FSlPL27XR2wyYFN+f9LoZH/QEY45Yfskv+QXfIfskv+Q3bJf8gu+Q/ZJf8hu+Q/ZJf8h+yS/5Bd8h8y6flz55Kl3rr/ffry8tJs5fKZ6VJ1dmhuaWpoqrK4MDRTqcyk9+zM/dX7lSuVhZHHYulKsVaq1orV5ZULc5Wl+dqF9L7+C6WeXWkV0InDJ258k4uI1cf70yXR29wnV2Fvq9dz0e17kIHuKHS7AwK6xtQfZJdzfGCbn+jdoK/djoWdrwuwO/LdrgDQNaeP+f4Pssr8P2SX+X/ILmN8wPw/ZI/5f8iuwTbP//rXumd3DUfEvyPi60LP/tazvoC9IP99rjn+P33wwcHNe3tzv6VfEfRGxBsfnn//ymSttjiSbP/pzvbaB83to92oP7BZu/P1Vp628hgAyK6121enWstuxv3h6cZFCFvj72vOTfal31EOrOU2XKuQ26FrF1avRcTR7eLnms87b4ykBtYKW+Ifab7mGm+R1ndf+tz03Yl/bF38B9bFP/6P/yqQDTeS/md4u/zLpzkdd/JvY/8zuEPXTrTv//J3+r9Cm/7vRIcxXvvoze/axr8WcXzb+K14fWmszfGTup3uMP6tl1/8X7t99Y8b77Nd/JakVKzNLRSryytn0t+RmynNj4yfnZgYHx4bnSimc9TF1kz1Vk8c/fLmvdo/0CZ+u/Y/1azTwx22//f/f/HSyXvEf+jU9p//kTbxE/0R8UiH8X8e/faVdvuS+NNt2p+/R/xk21iH8avvPbu/w0MBgF2xMjtZLpcWq8sKCgoKzUK3+yXgfrub9N2uCQAAAAAAAAAAANCp3bicuNttBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYC/4MAAD//x151bc=")
ioctl(0xffffffffffffffff, 0x8916, &(0x7f0000000000))
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={0xffffffffffffffff, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
setsockopt$inet_buf(r1, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r5, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x2, 0x13, 0x0, 0x0, 0x2}, 0x10}}, 0x0)
sendmsg$key(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="021200000200000080597227c60c0000"], 0x10}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
r7 = syz_pidfd_open(r0, 0x0)
setns(r7, 0x24020000)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)

2.053890961s ago: executing program 4 (id=3726):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x70, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0x2}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = inotify_init1(0x0)
inotify_add_watch(r1, &(0x7f0000000000)='.\x00', 0x40000000)

2.009058071s ago: executing program 4 (id=3728):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008001500b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r2}, 0x10)
execveat(0xffffffffffffffff, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

1.964396002s ago: executing program 4 (id=3729):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000f7850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
quotactl$Q_QUOTAON(0xffffffff80000202, &(0x7f0000000000)=@sg0, 0x0, &(0x7f0000000040)='./file0\x00')

1.943466043s ago: executing program 4 (id=3731):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$phonet_pipe(0x23, 0x5, 0x2)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$OBJ_GET_MAP(0x7, 0x0, 0x0)
socket$phonet_pipe(0x23, 0x5, 0x2)
syz_usb_connect(0x0, 0x1cb, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_INIT(r2, 0x29, 0xc8, &(0x7f0000000340), 0x4)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000080)={'syztnl1\x00', &(0x7f00000003c0)={'ip_vti0\x00', <r3=>0x0, 0x1, 0x700, 0xa, 0x7968, {{0x12, 0x4, 0x0, 0x3, 0x48, 0x68, 0x0, 0x9, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1, {[@timestamp_prespec={0x44, 0x14, 0xe3, 0x3, 0x9, [{@dev={0xac, 0x14, 0x14, 0x11}, 0x344}, {@multicast1, 0x200}]}, @noop, @cipso={0x86, 0xa, 0x2, [{0x2, 0x4, "1760"}]}, @lsrr={0x83, 0x13, 0x6a, [@remote, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, @multicast2]}]}}}}})
recvfrom$packet(r2, &(0x7f0000000300)=""/136, 0x88, 0x10002, &(0x7f0000000280)={0x11, 0xf6, r3, 0x1, 0x7, 0x6, @local}, 0x14)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
bind$netlink(r4, &(0x7f0000000040)={0x10, 0x0, 0x25dfdbfe, 0x40000000}, 0xc)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f00000000c0)={'vxcan1\x00', <r6=>0x0})
r7 = socket(0x1d, 0x2, 0x6)
bind$can_j1939(r7, &(0x7f0000000100)={0x1d, 0x0, 0x2, {0x0, 0xf0, 0x3}}, 0x18)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000180), r7)
socket$nl_route(0x10, 0x3, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r6, {}, {0x6}, {0x0, 0xa}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil)

1.221588943s ago: executing program 0 (id=3742):
r0 = socket(0x2, 0x80805, 0x0)
r1 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r2=>0x0]}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f00000003c0)={r2, 0x3ff, 0x6, "2df1037882ce"}, 0xe)
mount$9p_tcp(0x0, &(0x7f0000000300)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x8, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="50000000100003eeffffff000000000000000000", @ANYRES32=0x0, @ANYBLOB="0001000020010000300012800b0001006d61637365630000200002800c0004000400000100c28000050003000e"], 0x50}}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r6 = getpid()
process_vm_readv(r6, 0x0, 0x0, 0x0, 0x0, 0x0)
getpgrp(r6)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10)
socket$inet_sctp(0x2, 0x5, 0x84)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000380)=ANY=[@ANYRES64=r8, @ANYRES32, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB="2c634f6360653d6d6d61702c76657273696f6e3d3970323030302c000aaf645311afa765a8572fdbcd02f88558c7591ac040540a7abeab4e18dd7e8a5c403fdb068fabac4b0d6d6456b8efdececab2834395f404926b185b180ce95eb31215a48c"])
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_MASTER={0x8}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0)

1.111400974s ago: executing program 0 (id=3745):
r0 = socket$kcm(0x10, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07447900000000000000001800", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r1}, 0x18)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0xfe80, &(0x7f00000005c0)=[{&(0x7f0000000940)="2e00000010008188e6b62aa73772cc9f1ba1f8482e0000005e140602000000000e000a001000000002800000128c", 0x2e}], 0x1}, 0x0)

972.710436ms ago: executing program 1 (id=3748):
ioperm(0x0, 0xd, 0xffff)
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002078316e00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000000600000085000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x3}, 0x18)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDSKBENT(r2, 0x4b47, &(0x7f0000000500)={0x2, 0x2, 0x100})
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETPERSIST(r3, 0x400454c9, 0x1)
ioctl$TUNSETPERSIST(r3, 0x400454cb, 0x40000)
bind$packet(r0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r5=>0x0})
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r7}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x2, 0x3, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
r8 = socket$inet6(0xa, 0x3, 0xff)
r9 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
writev(r9, &(0x7f0000001640)=[{&(0x7f0000001480)="f23e6597df0cb938bca60d3ad05095f1e6d94ac0afbd23ae2a304672dc4b87f8d34265c89823e56c8083", 0x2a}], 0x1)
setsockopt$inet6_int(r8, 0x29, 0x16, &(0x7f0000000340)=0x1000, 0x4)
sendmsg$nl_route_sched(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=@newtfilter={0x24, 0x11, 0x1, 0x691522eb, 0x0, {0x0, 0x0, 0x74, r5, {0x10, 0x4}, {}, {0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r10}, 0x10)
io_uring_enter(0xffffffffffffffff, 0x6f4a, 0x6a06, 0x30, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xb, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020692500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r11}, 0x10)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)

966.647366ms ago: executing program 1 (id=3750):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000002e80)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x18)
lsm_get_self_attr(0x69, 0x0, &(0x7f00000001c0), 0x0)

933.772736ms ago: executing program 1 (id=3751):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x30000d0, &(0x7f0000000300)={[{@errors_continue}, {@max_batch_time}, {@resuid}, {@nojournal_checksum}, {@nodiscard}, {@grpjquota}]}, 0x81, 0x7a5, &(0x7f0000000f80)="$eJzs3c9rXNUeAPDvnfxq0r6XPHjwXl0FBA2UTkyNrYKLigsRLBR0bRsm01AzyZTMpDQh0BYR3AgqLgTddO2PunPrj63+Fy6kpWparLiQkTuZSSbNTJq0mZlgPh+4uefcc2/O+c65P87MvcwEcGCNpn8yEUcj4v0kYri2PImIvmqqN+L02nr3V1dy6ZREpfL6r0l1nXurK7lo2CZ1uJb5f0R8907EsczWektLy7NThUJ+oZYfL89dGi8tLR+/ODc1k5/Jz5+cmJw8ceq5Uyf3Ltbff1w+cvuDV57+8vSfb//v5nvfJ3E6jtTKGuPYK6MxWntN+tKXcJOX97qyLku63QAeSXpo9qwd5XE0hqOnmmphsJMtAwDa5WpEVACAAyZx/QeAA6b+OcC91ZVcferuJxKddeeliDi0Fn/9/uZaSW/tnt2h6n3QoXvJpjsjSUSM7EH9oxHx6ddvfp5O0ab7kADNXLseEedHRree/5Mtzyzs1jPbFVYGqrPRBxY7/0HnfJOOf55vNv7LrI9/osn4Z6DJsfsoHn78Z27tQTUtpeO/FxuebbvfEH/NSE8t96/qmK8vuXCxkE/Pbf+OiLHoG0jzE9VVmz8FNXb3r7ut6m8c//324VufpfWn8401Mrd6BzZvMz1VnnrcuOvuXI94ordZ/Ml6/yctxr9nd1jHqy+8+0mrsjT+NN76tDX+9qrciHiqaf9v9GWy7fOJ49XdYby+UzTx1U8fD7Wqf6P/B6rztP76e4FOSPt/aPv4R5LG5zVLu6/jhxvD37Yqa9z/m8fffP/vT96opvtry65MlcsLExH9yWtbl5/Y2Laer6+fxj/2ZPPjv9X+n6k9G3t+Pbe93tu/fFH7V03jr7rWKv72SuOf3lX/b5Oo1LZ5oOjm/dmeVvXvrP8nq6mx2pKdnP8e0tLH2JsBAAAAAAAAAAAAAAAAAAAAAAAAYPcyEXEkkkx2PZ3JZLNrv+H93xjKFIql8rELxcX56aj+VvZI9GXqX3U53PB9qBO178Ov5088kH82Iv4TER8NDFbz2VyxMN3t4AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5vDm3/+/ms6y2bWynwe63ToAoG0OdbsBAEDHuf4DwMGzu+v/YNvaAQB0zq7f/1eS9jQEAOiYHV//z7e3HQBA57j/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJudPXMmnSp/rK7k0vz05aXF2eLl49P50mx2bjGXzRUXLmVnisWZQj6bK861/EfX1maFYvHSZMwvXhkv50vl8dLS8rm54uJ8+dzFuamZ/Ll8X8ciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICdKy0tz04VCvkFiW0Tg/ujGfsm0Rv7ohn/+ER/12pvPEsMdu8EBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDP/R0AAP//aHclQg==")
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f000000e0c0), 0x10010)
sendfile(r0, r1, &(0x7f0000000100)=0x6, 0x100000000010004)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r3, &(0x7f0000000000)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x0, @empty}}, 0x24)
connect$rxrpc(r3, &(0x7f0000000040)=@in6={0x21, 0x3, 0x2, 0x1c, {0xa, 0x4e20, 0x3, @empty, 0x8}}, 0x24)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000000)='kfree\x00', r2, 0x0, 0x2000000000000000}, 0x18)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'lo\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000046c0)=@newqdisc={0x45c, 0x24, 0x4ee4e6a52ff56541, 0x8000000, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x2, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x40000000, 0x1000, 0x2, 0x0, 0x0, 0x8000002, 0x0, 0x7e150a0b, 0x0, 0x5, 0x0, 0x7ff, 0x91a0, 0x2, 0x3, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0xdd, 0x10000, 0x5d2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x1007, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x3, 0x0, 0x1, 0x8, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x2, 0x0, 0x81, 0x6, 0x7, 0xfbfffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x3, 0x0, 0x0, 0x4fd, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x7e98263b, 0x9, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x4, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd2d1, 0x0, 0x0, 0xb2e, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0xff, 0x1000, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, 0x1, 0x1, 0x0, 0x800, 0x9, 0x800, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x40000, 0xfffffffe, 0xc, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x8000, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0x4, 0x0, 0xffffffff, 0x40000000, 0x0, 0x80000001, 0x0, 0x10, 0x20, 0x4, 0x400000b2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x1000, 0x100, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffffe, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, 0x0, 0x0, 0x20000040, 0xffffffff, 0x400, 0x0, 0x0, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0xaaf0]}, @TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x3, 0x0, 0x0, 0x0, 0xc0000001}, {0x3, 0x0, 0xb, 0x0, 0x0, 0xfffffffe}, 0x7, 0x10, 0x2000000}}]}}]}, 0x45c}}, 0x8080)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x6000)
move_mount(r1, &(0x7f0000000140)='./file2\x00', 0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
syz_io_uring_setup(0x1e1e, &(0x7f0000000200)={0x0, 0xb458, 0x10100}, 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r6, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010000000000000000001400000008000a00fc00000018000180140002006e657464657673696d300000000000000800080000fcffff08000900fcfc0000080011000000000008000e00800000000800", @ANYRES64=r6], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x0)

855.264168ms ago: executing program 1 (id=3752):
ioperm(0x0, 0xd, 0xffff)
r0 = socket$packet(0x11, 0x2, 0x300)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', 0xffffffffffffffff, 0x0, 0x3}, 0x18)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDSKBENT(r1, 0x4b47, &(0x7f0000000500)={0x2, 0x2, 0x100})
r2 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETPERSIST(r2, 0x400454c9, 0x1)
ioctl$TUNSETPERSIST(r2, 0x400454cb, 0x40000)
bind$packet(r0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
socket$nl_generic(0x10, 0x3, 0x10)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)

802.524839ms ago: executing program 1 (id=3757):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000700), &(0x7f00000000c0), 0xff, r0}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES64, @ANYRES32, @ANYRES16], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x49, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, &(0x7f0000000040)})
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x4, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, 0x0, 0x8, 0x1)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1018e58, &(0x7f0000000440)={[{@bsdgroups}, {@noblock_validity}, {@grpjquota}, {@init_itable_val={'init_itable', 0x3d, 0x6}}, {@debug}, {@errors_remount}]}, 0x1, 0x5fc, &(0x7f0000000600)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHTQq2FkzBg4KCiFeRXvwHvEvv3kRQb56FKlJRUOnK7M62m2Q3XdPsTpr5fGCzz/PM7D7PdydP5pmZPDsBlNZ49iON2BVx51QSMdaybDQaC8fz9W7/du109kiiVnv91ySSvKy5fpI/b88zwxHx7dGIRyur6124cvXsdLXW8F7E/sVzF/cvXLm6b/7c9JnZM7Pnpw68cPDQ5ItTB6c2JM7t+fOx4689+fH7bz8/9111XxKH4+TguzOxIo6NMh7jcScPsbV8ICIOZYk2n8vDZguEUGqV/PdxMCIej7Go1HMNYzH/UaGNA3qqVomoASWV6P9QUs1xQPPYvrvj4JM9HpX0z60jjQOg1fEPNM6NxHD92Gjb7aTlyKhxbmPHBtSf1fHPtd2fZ49Ydh7iz7tbZ2AD6ulk6XpEPNEu/qTeth31SLP402XtSCJiMiKG8va98gBtSFrSvTgPs5b1xp9GxOH8OSs/us76x1fk+x0/AOV080i+I1/Kcvf2f9nYozn+iTbjn9E2+671KHr/13n819zfD9fPkacrxmHZmOVE+7ccXFnw04fHPu1Uf+v4L3tk9TfHgv1w63rE7hXxf5AFm49/sviTNts/W+XU4e7qePX7X451WlZ0/LUbEXvaHv/cG5VmqTWuT+6fm6/OTjZ+tq3j62/e+rJT/UXHn23/bR3ib9n+6crXZZ/JxS7r+OrEjXOdlo3eN/7056Gkcbw5lJe8M724eGkqYig5nq/SUn5g7bY012m+Rxb/3mfa9/9lv//Xl7/PSPNPZhcuvnH2dqdl69n+LReT79S6bEMnWfwz99/+q/p/VvZJl3X88eblpzotWyv+kQcJDAAAAAAAAEoorV+DTdKJu+k0nZhozJd9LLal1QsLi8/OXbh8fiZib/3/IQfT5pXusUY+yfJT+f/DNvMHVuSfi4idEfFZZaSenzh9oTpTdPAAAAAAAAAAAAAAAAAAAACwSWzP5/8371P9e6Ux/x8oiV7eYA7Y3PR/KK96/191iyegDOz/obz0fygv/R/KS/+H8tL/obz0fygv/R/KS/8HAAAAgC1p59M3f0wiYumlkfojM5QvMyMItrbBohsAFKZSdAOAwty99G+wD6XT1fj/r/zLAXvfHKAASbvC+uCgtnbnv9n2lQAAAAAAAAAAAABAD+zZ1Xn+v7nBsLWZ9gfl9QDz/311ADzkfPU/lJdjfOB+s/iHOy0w/x8AAAAAAAAAAAAA+ma0/kjSiXwu8Gik6cRExP8jYkcMJnPz1dnJiHgkIn6oDP4vy08V3WgAAAAAAAAAAAAAAAAAAADYYhauXD07Xa3OXmpN/L2qZGsnmndB7UNdL8d/fFUk/f9YRiKi8I3Ss8RAS0kSsZRt+U3RsEsLsTmaUU8U/IcJAAAAAAAAAAAAAAAAAABKqGXucXu7v+hziwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg/+7d/793iaJjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTv8GAAD//7V5QCw=")
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
r3 = msgget$private(0x0, 0x0)
msgsnd(r3, &(0x7f0000000380)=ANY=[@ANYBLOB="030000"], 0x0, 0x0)
msgctl$IPC_SET(r3, 0x1, &(0x7f0000258f88)={{0x1}, 0x0, 0x0, 0x800000000000000, 0x7, 0x2, 0x0, 0x3, 0xe8, 0x0, 0x0, 0x0, 0xffffffffffffffff})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000000c0)='kfree\x00'}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r4}, 0x10)
r5 = socket$igmp6(0xa, 0x3, 0x2)
getpeername(r5, &(0x7f0000000040)=@caif=@dgm, &(0x7f00000001c0)=0x80)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001540)={&(0x7f0000000240)=ANY=[@ANYBLOB="240100001600010428bd700000000000fe8000000000000000000000000000bbfc01000000000000000000000000000100040000000000000000a00000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="ff02000000000000000000000000000100000000330000000a0101010000000000000000000000000000000000004e340100000000000000000000000000000004000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000a0000002bbd70000000000000000200000000000000000008000020ffffffdf2c0027cc"], 0x124}}, 0x0)
socket$kcm(0xa, 0x5, 0x0)

772.182029ms ago: executing program 0 (id=3758):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000480)={0x110, 0x28, 0x1, 0x4, 0x25dfdbf8, "", [@nested={0xfe, 0xf2, 0x0, 0x1, [@typed={0xc, 0x18, 0x0, 0x0, @u64=0xfac08}, @typed={0x14, 0x3c, 0x0, 0x0, @ipv6=@loopback}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29"]}]}, 0x110}], 0x1, 0x0, 0x0, 0x1}, 0x0)

726.11104ms ago: executing program 0 (id=3760):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000001440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket(0x1a, 0x803, 0x0)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
r0 = socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, &(0x7f0000000080)=0x654a, 0x17)
bind$inet(0xffffffffffffffff, &(0x7f0000000200)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x24}}, 0x10)
connect$inet(0xffffffffffffffff, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe7"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffc}]})
lsm_set_self_attr(0x64, 0x0, 0x20, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xc, &(0x7f0000000000)=0x1, 0x4)
sendmmsg(0xffffffffffffffff, &(0x7f0000007fc0), 0x800001d, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='kmem_cache_free\x00', r2}, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$SG_GET_REQUEST_TABLE(0xffffffffffffffff, 0x2286, &(0x7f0000001d00))
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x21081e, &(0x7f00000002c0), 0x1, 0x4f2, &(0x7f0000000600)="$eJzs3U1vG1sZAODXzpeTm97kXu4CENBSCgVVdRK3jaouoKwQQpUQXYLUhsSNothxFDulCV2k/wGJSqxgyQ9g3RV7Ngh2bMoCiY8I1FRiYTTjSeomdpOSNI7i55FGM+eMM+85ieec+nXtE0DfuhQRWxExHBEPI2Iiq89lW9xtbcnjXm0/nd/Zfjqfi2bz/j9z6fmkLtp+JvFRds1CRPzoexE/zR2MW9/YXJ6rVMprWXmqUV2dqm9sXl+qzi2WF8srpdLszOz07Ru3SifW14vV4ezoyy//sPWtnyfNGs9q2vtxklpdH9qLE9nv/AcfIlgPDETEYPb8yVzoZXt4P/mI+DQiLqf3/0QMpH9NAOA8azYnojnRXgYAzrt8mgPL5YtZLmA88vlisZXD+yzG8pVavXHtUW19ZaGVK5uMofyjpUp5OssVTsZQLinPpMdvyqV95RsR8UlE/GJkNC0X52uVhV7+wwcA+thH++b//4y05n8A4Jwr9LoBAMCpM/8DQP8x/wNA/zH/A0D/Mf8DQP8x/wNA/zH/A0Bf+eG9e8nW3Mm+/3rh8cb6cu3x9YVyfblYXZ8vztfWVouLtdpi+p091cOuV6nVVmduxvqTyW+v1htT9Y3NB9Xa+krjQfq93g/KQ6fSKwDgXT65+OLPuYjYujOabtG2loO5Gs63fK8bAPTMQK8bAPSM1b6gfx3jNb70AJwTHZbofUshIkb3VzabzeaHaxLwgV39gvw/9Ku2/L//BQx9Rv4f+lfX/P+BF/vAedNs5o665n8c9YEAwNkmxw90ef//02z/2+zNgZ8s7H/E8/0VPlEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/9hd/7eYrdwxHvl8sRhxISImYyj3aKlSno6IjyPiTyNDI0l5psdtBgCOK/+3XLb+19WJK+P7zw7nXo+k+4j42a/u//LJXKOx9sek/l979Y3nWX2pF+0HAA6zO0+n+7YX8q+2n87vbqfZnr9/NyIKrfg728Oxsxd/MAbTfSGGImLs37ms3JJry10cx9aziPh8p/7nYjzNgbRWPt0fP4l94VTj59+Kn0/PtfbJ7+JzJ9AW6DcvkvHnbqf7Lx+X0n3n+7+QjlDHl41/yaXmd9Ix8E383fFvoMv4d+moMW7+/vuto9GD555FfHEwYjf2Ttv4sxs/1yX+lYOX6+gvX/rK5W7nmr+OuBqd47fHmmpUV6fqG5vXl6pzi+XF8kqpNDszO337xq3SVJqjnuo+G/zjzrWPu51L+j/WJX7hkP5//Wjdj9/89+GPv/qO+N/8Wqf4+fjsHfGTOfEbR4w/N/a7QrdzSfyFLv0/7O9/7YjxX/5188Cy4QBA79Q3NpfnKpXymgMHZ/8gecqegWZ0PPjOacUajvf6qWbz/4rVbcQ4iawbcBbs3fQR8brXjQEAAAAAAAAAAAAAADo6jU8s9bqPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CwAA//8wuNJ1")
recvmmsg(r0, 0x0, 0x0, 0x20, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

582.353452ms ago: executing program 1 (id=3762):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$phonet_pipe(0x23, 0x5, 0x2)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$OBJ_GET_MAP(0x7, 0x0, 0x0)
socket$phonet_pipe(0x23, 0x5, 0x2)
syz_usb_connect(0x0, 0x1cb, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_INIT(r2, 0x29, 0xc8, &(0x7f0000000340), 0x4)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000080)={'syztnl1\x00', &(0x7f00000003c0)={'ip_vti0\x00', 0x0, 0x1, 0x700, 0xa, 0x7968, {{0x17, 0x4, 0x0, 0x3, 0x5c, 0x68, 0x0, 0x9, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1, {[@timestamp_prespec={0x44, 0x14, 0xe3, 0x3, 0x9, [{@dev={0xac, 0x14, 0x14, 0x11}, 0x344}, {@multicast1, 0x200}]}, @lsrr={0x83, 0x13, 0xf7, [@broadcast, @initdev={0xac, 0x1e, 0x1, 0x0}, @broadcast, @private=0xa010100]}, @noop, @cipso={0x86, 0xa, 0x2, [{0x2, 0x4, "1760"}]}, @lsrr={0x83, 0x13, 0x6a, [@remote, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, @multicast2]}]}}}}})
recvfrom$packet(r2, &(0x7f0000000300)=""/136, 0x88, 0x10002, 0x0, 0x0)
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
bind$netlink(r3, &(0x7f0000000040)={0x10, 0x0, 0x25dfdbfe, 0x40000000}, 0xc)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f00000000c0)={'vxcan1\x00', <r5=>0x0})
r6 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r6, 0x8933, &(0x7f0000000000)={'vxcan1\x00', <r7=>0x0})
bind$can_j1939(r6, &(0x7f0000000100)={0x1d, r7, 0x2, {0x0, 0xf0, 0x3}}, 0x18)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000180), r6)
socket$nl_route(0x10, 0x3, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r5, {}, {0x6}, {0x0, 0xa}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil)

519.972672ms ago: executing program 0 (id=3766):
r0 = socket$kcm(0x10, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed0744790000000000000000180000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r1}, 0x18)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0xfe80, &(0x7f00000005c0)=[{&(0x7f0000000940)="2e00000010008188e6b62aa73772cc9f1ba1f8482e0000005e140602000000000e000a001000000002800000128c", 0x2e}], 0x1}, 0x0)

471.598443ms ago: executing program 3 (id=3769):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
futex(0x0, 0x3, 0x2, 0x0, 0x0, 0xfffffffd)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x18)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r3)
sendmsg$IEEE802154_ADD_IFACE(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01000000ecffffffffff2000000005002000000000000c001f0070687930"], 0x28}}, 0x0)

432.388914ms ago: executing program 2 (id=3770):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x9c, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x3, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
bpf$PROG_LOAD(0x5, 0x0, 0xfffffd78)
fchmodat(0xffffffffffffffff, &(0x7f0000000100)='./cgroup.cpu/cgroup.procs\x00', 0x8)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
accept4$unix(r1, &(0x7f0000000600)=@abs, &(0x7f00000001c0)=0x6e, 0x80800)
getsockopt$sock_int(r2, 0x1, 0x2a, 0x0, &(0x7f0000000280))
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000740)={0xffffffffffffffff, &(0x7f0000000000), 0x0}, 0x20)
openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x80, 0x0)
socket$packet(0x11, 0xa, 0x300)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000027b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="219a53f271a76d2608004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0))
bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000001f80)=ANY=[@ANYBLOB], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f00000065c0)=[{{&(0x7f0000000440)={0xa, 0x4e21, 0x6, @ipv4={'\x00', '\xff\xff', @local}, 0x40}, 0x1c, 0x0, 0x0, 0x0, 0x22}}], 0x1, 0x0)
getpid()
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0x0, 0x0, 0x8, &(0x7f00000002c0), &(0x7f0000000300)=""/8, 0xd00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

380.382694ms ago: executing program 3 (id=3771):
openat$ptp0(0xffffffffffffff9c, 0x0, 0x1019c1, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffffff0000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025"], 0x0, 0x0, 0x0, 0x0, 0x159d0682f53ea167, 0x2, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = syz_io_uring_setup(0x4172, &(0x7f0000000780)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f00000001c0)=ANY=[@ANYRES32=r3, @ANYRES32=r4, @ANYRES32=0x0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000a80)='kfree\x00', r5, 0x0, 0x68f}, 0x18)
syz_io_uring_submit(r2, r3, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/4, 0x4}], 0x27})
io_uring_enter(r1, 0x567, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000e80), 0x0, 0x6d91fb6102d8910c, 0x0, 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7, 0x0, 0x100}, 0x18)
ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000940)={r6, r7})
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="200000006a0001002abd7000ffdbdf25008100000000000008000100"], 0x20}, 0x1, 0x0, 0x0, 0x4040000}, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x3d, 0x2, 0x0, 0xa, 0x0, 0x6, 0x62000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100000, 0x0, 0x0, 0x6, 0x3, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
socket$inet(0x2, 0x4000000000000001, 0x0)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='mm_page_alloc\x00', r9}, 0x10)
syz_read_part_table(0x5eb, &(0x7f0000000f00)="$eJzs2zFo1FccB/DfxRwHSnFxclIHKcVFcfQoKnenohBOsxQpBhQRbzpBOOlBig56FMUbxG4uVrhF7ZTLDZkSEsjUIYQMKYEMWVqSJZClV+7yCm1KSq8kBeHz4eDHe//f/33fO976Dz5pQ/Frt9vNRET3p4gDA7492ioULx8bOV++EZGJmxHx9fef/9B7kkkd3dx2PZHGy2n89s3BzrONS9nW0vXNk7emG0N/LDne/8Whd+3RPTge++x9fubw4yfV0vNa/t5iqb76dGH+2of1Qrl9tdH8eCV78Xbqm011ONUHUYtHcT/GYji+jTtR3WX97wbMf91aOZ09WmpN3D23Vey8mDrT7xr0Xv97vfz+hY2IXv7D4y+/atYvnPrxyKuztcm58lqKruR2vjm2b3sCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOC/y8bM4cdPqqXntfy9xVJ99enC/LUP64Vy+2qj+fFK9uLt1Deb6nCqD6IWj+J+jEUlKnEnqrsmfPbnQW7n0/f5v+a/bq2c/u1oqTVx99xWsfNi6kzqG9mj8/5DfreX//D4yy+b9Qunckdena1NzpXXDmz3Vf628+j/ewAAAAAAAAAAAAAAAAAAALAXCsXLx0bOl29EZOJmRHzxyzdDvflu+t49k/pOpLqc5t++Odh5tnEp21q6vnny1nTj5zQ/HpkYj4hD79qj//thGNjvAQAA//8Pi5HU")
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x1000004, &(0x7f0000000d80)=ANY=[@ANYBLOB='shortname=lower,iocharset=iso8859-1,fmask=00000000000000000000066,uni_xlate=1,uni_xlate=0,fmask=00000000000000000000003,uid=', @ANYRESHEX=0x0, @ANYBLOB=',uni_xlate=0,utf8=1,check=strict,nonumtail=0,rodir,errors=continue,shortname=lower,umaQk=00000000000000000000007,rodir,sys_immutable,\x00', @ANYBLOB="1a961083c216e398b3852441fbacd14539194e81e2ec74ea00af4757fd632db5866c80f5b55492be6ad393d28d63023cd2e764a6bb41fa00d6c103356045fc3ade2c93339a56afb89b72a46f475c860a952e02dbf9c947a7cb75e89843f6d981fe7eed0ef37d5ab46550aa22", @ANYRES64], 0x6, 0x2bb, &(0x7f0000001240)="$eJzs3U9rI2UcB/DfpMkkKpgcPInggB48Ldu9ekmRXRB7cslBPWhxtyBNEFoo+AdjT169ePDgKxAEX4gX34HgVfBmhcLITGaapI1pIk3rls/n0l+feb4zv5k+tNNDn370yujgSRb7J1/+Fp1OEo1+9OM0iV40ovZ1zOl/GwDAs+w0z+PPfGKdXBIRnc21BQBs0Io//188r36+kbYAgA16/N777+zs7j58N8s68Wj0zfGg+M2++Dg5vrMfn8Qwnsb96MZZRPmi0IrybaEoH+V5Pm5mhV68PhofD4rk6MNfqvPv/BFR5rejG71y6Pxto8y/vftwO5uYyY+LPp6vrt8v8g+iGy+dh+fyDxbkY5DGG6/N9H8vuvHrx/FpDONJ2cQ0/9V2lr2Vf/fXFx8U7RX5ZHw8aJfzpvKtG/7SAAAAAAAAAAAAAAAAAAAAAABwh92r9s5pR7l/TzFU7b+zdVZ80oqs1pvfn2eST+oTze4PlOf5OI8f6v117mdZllcTp/lmvNyM5u3cNQAAAAAAAAAAAAAAAAAAAPy/HH32+cHecPj08FqKejeAZkT8/Tjiv56nPzPyaiyf3K6uuTccNqpyfk5zdiS26jlJxNI2ipu4psdyVfHcpZ6r4sef1j1h5+o5rcXXus6iXl0He8niZ9iOeqRTLZLv04jpnDRWvFb6b4fyWGf5pQsPdde+9/SFshgvmRPJssbe/H3y5KqR5OJdpOVTXRhvVcVM/MLaWGk9R2cSv/y9IrFbBwAAAAAAAAAAAAAAAAAAbNT0r38XHDxZGm3k7Y21BQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3avr//9coxlV4hclpHB41bvkeAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuPv+CQAA///WoVye")
r10 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$IP6T_SO_SET_REPLACE(r10, 0x29, 0x40, &(0x7f0000001500)=@mangle={'mangle\x00', 0x1f, 0x6, 0x570, 0x0, 0x0, 0x2d8, 0x2d8, 0x1e8, 0x4a0, 0x4a0, 0x4a0, 0x4a0, 0x4a0, 0x6, &(0x7f0000000080), {[{{@uncond, 0x0, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@private1, 'veth1_to_team\x00', {0x7fff}}}}, {{@ipv6={@local, @mcast1, [0xff000000, 0xffffff00, 0xff000000, 0xfffe01], [0xffffffff, 0x0, 0x0, 0xff000000], 'pim6reg1\x00', 'vxcan1\x00', {0xff}, {}, 0x2, 0x7, 0x1, 0x42}, 0x0, 0xd0, 0xf8, 0x0, {}, [@common=@hl={{0x28}, {0x2}}]}, @unspec=@CHECKSUM={0x28}}, {{@ipv6={@empty, @mcast2, [0xff, 0xff, 0xffffffff], [0x0, 0xffffffff, 0xff, 0xffffffff], 'wlan0\x00', 'rose0\x00', {0xff}, {0xff}, 0x0, 0xa, 0x2, 0x60}, 0x0, 0xa8, 0xf0}, @DNPT={0x48, 'DNPT\x00', 0x0, {@ipv4=@empty, @ipv6=@private1, 0x3b, 0x34, 0x5}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @unspec=@CHECKSUM={0x28}}, {{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @private1={0xfc, 0x1, '\x00', 0x1}, [0xffffff00, 0xffffff00, 0xffffffff], [0xffffffff, 0xff, 0xffffff00, 0xff], 'netdevsim0\x00', 'dvmrp0\x00', {}, {}, 0x88, 0x9, 0x4, 0x8}, 0x0, 0xd0, 0xf8, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x32be6c6de16dd15b}}]}, @HL={0x28, 'HL\x00', 0x0, {0x1, 0x5}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x5d0)
fsopen(&(0x7f0000000900)='ntfs\x00', 0x0)
r11 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r11, 0x29, 0x40, &(0x7f0000000380)=@raw={'raw\x00', 0x3c1, 0x3, 0x2d0, 0x140, 0x5c, 0x160, 0x0, 0x3e0, 0x250, 0x228, 0x25a, 0x250, 0x228, 0x4, 0x0, {[{{@ipv6={@remote, @dev, [], [], 'veth0_to_batadv\x00', 'pim6reg\x00', {0xff}, {}, 0x3a}, 0x5002, 0xa8, 0xf0, 0x52020000, {0x0, 0x6802000000000000}}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x1}}}, {{@ipv6={@local, @empty, [0xffffffff], [], 'veth1_to_hsr\x00', 'dummy0\x00'}, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x10, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00', {0x2}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x330)
setsockopt$inet6_MCAST_MSFILTER(r11, 0x29, 0x30, &(0x7f00000006c0)=ANY=[@ANYBLOB="05000000000000000a004e2000000000000000000004000000000000000006000000000000000000000000000000000000000000000000800000000000000000fe2b5c156bdd0300000000000006000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000010000000a004e23000000fffe8800000000000000000000000000010a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009c43bda8a9de9fbe348e82433605f741488cc401c1a758d8a8b4fb506433b8c44fcbc0f5407e69665ce9fb3c9991d53fd926aba98362b942e3d0d9d03b1fc502c098fb1a2b7f501601e39648a9ee72eba99eaaaf00b3d2603157105e0a29e9e64e30ca0e5f719959c66b665b21e93e4825fb66d28e6e68693b341b6f8b73634de6c0ee17bf6b07badc6df755d4801d52bd808d9a5c033026995c4098145915c717724338188c14a209a914d27f2ef9ea971a740373a03926fd6d8c79029cbfde66b060671652c6a8836a6171551fc8c2f8280fbece9d4e9e1b92b98eb5b6702b6530617363819bf6fa7828ab6715384d37f0f52040e0"], 0x110)
renameat2(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./file7\x00', 0x0)

316.837675ms ago: executing program 3 (id=3772):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1b00"/19, @ANYRES32=0x0, @ANYBLOB="1000000000000000000700ffffffffffffffff00", @ANYRES32, @ANYBLOB="00000000010000000500"/28], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000400)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b707000008000000850000006900000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(r5, 0x4c82)
r6 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r2)
sendmsg$NLBL_MGMT_C_ADDDEF(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, r6, 0x1, 0x70bd2c, 0x0, {}, [@NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @rand_addr=0x64010101}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x24}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
syz_io_uring_setup(0x3de6, &(0x7f0000000240)={0x0, 0x119d, 0x2, 0xb, 0x356}, &(0x7f00000000c0)=<r7=>0x0, &(0x7f0000000340)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f00000002c0)=0x9, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f0000000180)=@IORING_OP_STATX={0x15, 0xa, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000700)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x80, 0x1000, 0x1})
unshare(0x22020600)
r9 = getpid()
r10 = syz_pidfd_open(r9, 0x0)
open_by_handle_at(r10, 0x0, 0x200000)
lsetxattr$trusted_overlay_upper(0x0, 0x0, 0x0, 0xfe37, 0x0)

254.170837ms ago: executing program 2 (id=3773):
openat$ptp0(0xffffffffffffff9c, 0x0, 0x1019c1, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffffff0000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025"], 0x0, 0x0, 0x0, 0x0, 0x159d0682f53ea167, 0x2, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = syz_io_uring_setup(0x4172, &(0x7f0000000780)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f00000001c0)=ANY=[@ANYRES32=r3, @ANYRES32=r4, @ANYRES32=0x0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000a80)='kfree\x00', r5, 0x0, 0x68f}, 0x18)
syz_io_uring_submit(r2, r3, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/4, 0x4}], 0x27})
io_uring_enter(r1, 0x567, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000e80), 0x0, 0x6d91fb6102d8910c, 0x0, 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0, r7, 0x0, 0x100}, 0x18)
ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000940)={r6, r7})
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="200000006a0001002abd7000ffdbdf25008100000000000008000100"], 0x20}, 0x1, 0x0, 0x0, 0x4040000}, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x3d, 0x2, 0x0, 0xa, 0x0, 0x6, 0x62000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100000, 0x0, 0x0, 0x6, 0x3, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
socket$inet(0x2, 0x4000000000000001, 0x0)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000002a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='mm_page_alloc\x00', r9}, 0x10)
syz_read_part_table(0x5eb, &(0x7f0000000f00)="$eJzs2zFo1FccB/DfxRwHSnFxclIHKcVFcfQoKnenohBOsxQpBhQRbzpBOOlBig56FMUbxG4uVrhF7ZTLDZkSEsjUIYQMKYEMWVqSJZClV+7yCm1KSq8kBeHz4eDHe//f/33fO976Dz5pQ/Frt9vNRET3p4gDA7492ioULx8bOV++EZGJmxHx9fef/9B7kkkd3dx2PZHGy2n89s3BzrONS9nW0vXNk7emG0N/LDne/8Whd+3RPTge++x9fubw4yfV0vNa/t5iqb76dGH+2of1Qrl9tdH8eCV78Xbqm011ONUHUYtHcT/GYji+jTtR3WX97wbMf91aOZ09WmpN3D23Vey8mDrT7xr0Xv97vfz+hY2IXv7D4y+/atYvnPrxyKuztcm58lqKruR2vjm2b3sCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOC/y8bM4cdPqqXntfy9xVJ99enC/LUP64Vy+2qj+fFK9uLt1Deb6nCqD6IWj+J+jEUlKnEnqrsmfPbnQW7n0/f5v+a/bq2c/u1oqTVx99xWsfNi6kzqG9mj8/5DfreX//D4yy+b9Qunckdena1NzpXXDmz3Vf628+j/ewAAAAAAAAAAAAAAAAAAALAXCsXLx0bOl29EZOJmRHzxyzdDvflu+t49k/pOpLqc5t++Odh5tnEp21q6vnny1nTj5zQ/HpkYj4hD79qj//thGNjvAQAA//8Pi5HU")
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x1000004, &(0x7f0000000d80)=ANY=[@ANYBLOB='shortname=lower,iocharset=iso8859-1,fmask=00000000000000000000066,uni_xlate=1,uni_xlate=0,fmask=00000000000000000000003,uid=', @ANYRESHEX=0x0, @ANYBLOB=',uni_xlate=0,utf8=1,check=strict,nonumtail=0,rodir,errors=continue,shortname=lower,umaQk=00000000000000000000007,rodir,sys_immutable,\x00', @ANYBLOB="1a961083c216e398b3852441fbacd14539194e81e2ec74ea00af4757fd632db5866c80f5b55492be6ad393d28d63023cd2e764a6bb41fa00d6c103356045fc3ade2c93339a56afb89b72a46f475c860a952e02dbf9c947a7cb75e89843f6d981fe7eed0ef37d5ab46550aa22", @ANYRES64], 0x6, 0x2bb, &(0x7f0000001240)="$eJzs3U9rI2UcB/DfpMkkKpgcPInggB48Ldu9ekmRXRB7cslBPWhxtyBNEFoo+AdjT169ePDgKxAEX4gX34HgVfBmhcLITGaapI1pIk3rls/n0l+feb4zv5k+tNNDn370yujgSRb7J1/+Fp1OEo1+9OM0iV40ovZ1zOl/GwDAs+w0z+PPfGKdXBIRnc21BQBs0Io//188r36+kbYAgA16/N777+zs7j58N8s68Wj0zfGg+M2++Dg5vrMfn8Qwnsb96MZZRPmi0IrybaEoH+V5Pm5mhV68PhofD4rk6MNfqvPv/BFR5rejG71y6Pxto8y/vftwO5uYyY+LPp6vrt8v8g+iGy+dh+fyDxbkY5DGG6/N9H8vuvHrx/FpDONJ2cQ0/9V2lr2Vf/fXFx8U7RX5ZHw8aJfzpvKtG/7SAAAAAAAAAAAAAAAAAAAAAABwh92r9s5pR7l/TzFU7b+zdVZ80oqs1pvfn2eST+oTze4PlOf5OI8f6v117mdZllcTp/lmvNyM5u3cNQAAAAAAAAAAAAAAAAAAAPy/HH32+cHecPj08FqKejeAZkT8/Tjiv56nPzPyaiyf3K6uuTccNqpyfk5zdiS26jlJxNI2ipu4psdyVfHcpZ6r4sef1j1h5+o5rcXXus6iXl0He8niZ9iOeqRTLZLv04jpnDRWvFb6b4fyWGf5pQsPdde+9/SFshgvmRPJssbe/H3y5KqR5OJdpOVTXRhvVcVM/MLaWGk9R2cSv/y9IrFbBwAAAAAAAAAAAAAAAAAAbNT0r38XHDxZGm3k7Y21BQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3avr//9coxlV4hclpHB41bvkeAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuPv+CQAA///WoVye")
r10 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$IP6T_SO_SET_REPLACE(r10, 0x29, 0x40, &(0x7f0000001500)=@mangle={'mangle\x00', 0x1f, 0x6, 0x570, 0x0, 0x0, 0x2d8, 0x2d8, 0x1e8, 0x4a0, 0x4a0, 0x4a0, 0x4a0, 0x4a0, 0x6, &(0x7f0000000080), {[{{@uncond, 0x0, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@private1, 'veth1_to_team\x00', {0x7fff}}}}, {{@ipv6={@local, @mcast1, [0xff000000, 0xffffff00, 0xff000000, 0xfffe01], [0xffffffff, 0x0, 0x0, 0xff000000], 'pim6reg1\x00', 'vxcan1\x00', {0xff}, {}, 0x2, 0x7, 0x1, 0x42}, 0x0, 0xd0, 0xf8, 0x0, {}, [@common=@hl={{0x28}, {0x2}}]}, @unspec=@CHECKSUM={0x28}}, {{@ipv6={@empty, @mcast2, [0xff, 0xff, 0xffffffff], [0x0, 0xffffffff, 0xff, 0xffffffff], 'wlan0\x00', 'rose0\x00', {0xff}, {0xff}, 0x0, 0xa, 0x2, 0x60}, 0x0, 0xa8, 0xf0}, @DNPT={0x48, 'DNPT\x00', 0x0, {@ipv4=@empty, @ipv6=@private1, 0x3b, 0x34, 0x5}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @unspec=@CHECKSUM={0x28}}, {{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @private1={0xfc, 0x1, '\x00', 0x1}, [0xffffff00, 0xffffff00, 0xffffffff], [0xffffffff, 0xff, 0xffffff00, 0xff], 'netdevsim0\x00', 'dvmrp0\x00', {}, {}, 0x88, 0x9, 0x4, 0x8}, 0x0, 0xd0, 0xf8, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x32be6c6de16dd15b}}]}, @HL={0x28, 'HL\x00', 0x0, {0x1, 0x5}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x5d0)
fsopen(&(0x7f0000000900)='ntfs\x00', 0x0)
r11 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r11, 0x29, 0x40, &(0x7f0000000380)=@raw={'raw\x00', 0x3c1, 0x3, 0x2d0, 0x140, 0x5c, 0x160, 0x0, 0x3e0, 0x250, 0x228, 0x25a, 0x250, 0x228, 0x4, 0x0, {[{{@ipv6={@remote, @dev, [], [], 'veth0_to_batadv\x00', 'pim6reg\x00', {0xff}, {}, 0x3a}, 0x5002, 0xa8, 0xf0, 0x52020000, {0x0, 0x6802000000000000}}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x1}}}, {{@ipv6={@local, @empty, [0xffffffff], [], 'veth1_to_hsr\x00', 'dummy0\x00'}, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x10, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00', {0x2}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x330)
setsockopt$inet6_MCAST_MSFILTER(r11, 0x29, 0x30, &(0x7f00000006c0)=ANY=[], 0x110)
renameat2(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./file7\x00', 0x0)

253.632637ms ago: executing program 3 (id=3774):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r2=>r0, {0x8}}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r2, 0xc018937e, &(0x7f0000000080)={{0x1, 0x1, 0x18, r1, {0x4}}, './file0\x00'})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
r4 = memfd_create(&(0x7f0000000180)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xecz\xabq\x95t*T9\xa9\b X \x04\"\x17\xbf\xcb\xccF\xda\xcf\xdd^\xa0\x15\xc0\xcb^h>\x1b\xb5d\xc7\x7f0\x9a&\xb0\x12#\x9c`\xa6\xed\x05\x95g\a\xccYb\xaf\xe9\xb6G?\x9f\xf5\xfe\xc1\xc0JJ\xc8\xd9d\x80\x13\x8fX\xb4\x19\xc4\\\xcb\x89-)\x90\x01\v\xac^\xdbBQ|\xaej;\x92\\\xf8u\x19Y\xee\x99EI\xf1t\xadn<\x9b\xc9\x87\xd0\xa7\x1a\x81\xb9\xc87sq\xd7\x15\xd6\x91O\x9c\x99!9>\xff\xa8\xfa\xe6=d\xcf\xca\xa9\xc61!\xc6P\x13\xd0\x88gZ\xbe\xdfl\xfa\xff\xb0m;d07tx\xbb\xabd\xe5\x16\xc4\xae\xf0', 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r5}, 0x10)
execveat(r4, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

252.821176ms ago: executing program 3 (id=3775):
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000002e80)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x18)
lsm_get_self_attr(0x69, 0x0, &(0x7f00000001c0), 0x0)

216.913347ms ago: executing program 2 (id=3776):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000"], 0x48)
unshare(0x8040480)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='kfree\x00', r3, 0x0, 0x10000}, 0x18)
recvmsg$unix(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)=""/179, 0x33fe0}], 0x1}, 0x0)
sendmsg$inet(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x33fe0}], 0x1}, 0x0)

216.353717ms ago: executing program 3 (id=3777):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x275a, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, r0, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$KDFONTOP_SET(r1, 0x4b72, &(0x7f0000000080)={0x0, 0x3000040, 0x8, 0x1b, 0xfe, &(0x7f00000000c0)="387ed7626d850509a2d6c1aa38f15cd00f85c263cb226db671261fff7ce9c555f189afae3530db6dd493f28fd988721b9ae21b3e3b4523ae2594f47d8f62b480c4160b1f90ac9c41fae6ab12ac4c113fef588684ef495689092883b902a41cd75387ef6f7bc7d460d5e665f398ff95596dc94ec97003a3db08e500c2fb07e11aa4031a61c51caf7a65a2b613bda33f3eaeae635d7cd81761e74c38a7695800a15516eb337056e02335f9a7d10aa2eaf7beb7e1f7a1e850ecb3421143c5c4ded0f083a0c524dcf320827266819b6a952db5bc96141b26c54db857edbcbbc81c7af7aadf50bc549974b6401a19cdb130282b955592efa94242065a4c8d695a2cdd9ada350defd58c775b92d348305774d3a256c7520b285d8da0dbf5e20d604413ed2ddf9bcbf881caf811852806175d63892a15234fbcd7a88a2a0aea45d19148f0e7dada7d6d0d77881387fdeaa02863be90b88dfff412bff40c31c6415c54ae3335e54a49d315851feffe30d999c36def4df7df747695ef060000001bbe1b649f42f310859122c0d2c1e558dc6586958a28374f386ecf369274e43003a09b5159ea515eb44521901ef0d00baa91c10a8e44a76aac3468a15bd3d45ad389977467f306f9bcde071b30769795eed2f1580414d168f557cd90040c4bd2a3d6bc509254a12cece59181fcb5bad8c24bd9f8f78d17ab01831325501e80d899e9252f99d3a2666343392fda115048e4f4dd9f45657f8224fc78eb1168fe0527fac33466aadf48f16994d29a47778566e0f3945b2bf36b6eecc7fa18914beb66ac9e519bd3330000000000000009a3237aebbe3bed781e39d5a0fb0cdc60e196f2261305feb596b5b66ab89d2d6333f699b16db68986ab3eee7b199fefb5f79ffb2d1050e46982af1c14a88dd9b647ba812f56a8404755c73e74bb90e64bab9647c70ed5afca1c3d87907d14df8aa9df6f40a80ace2bb8a2aad3b0c66915927db4173181943d88c0c76d5969e2043db5bd77fd60ba0f012139929ccfec965c1f769785a4d23332d71f0875e3146afef5b20cc306d3ecee65944fe9829e0ad0c3f6bb2fdc1bc31152538db50f47dc38ba908a0d808687e478a609fe0daa0000000000000000e7f2e98597e27f3e1dba9c3c16e9fab3bda6ed33cb1c75513e2264b69d4794ded98eff9aa53d22eb77c9d93169c04ab2490bf28106f770e07eb7a9e8fd4e71929f918b98c4cbfcb11a90139264a9ee807c973167f493760278df0cc34be9e8f86f948d9a62e63ad6ca9d174d2465380b1a00ddc42915e4f3a5db640600000095a3d63904c9ecd1c313c08e29b814bd8fed1ab6d2846c73345962895d289ac77152cac2e04c93a5470774975b42091f218dd1e68a15f8226577bf9481ae0555db64a717eb23a811356d00000000ddffffff00"})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000340), &(0x7f0000000980)='./file1\x00', 0x0, &(0x7f0000000f40)=ANY=[], 0x5, 0x2c1, &(0x7f0000000a80)="$eJzs3U9rY1UUAPDz0jR9OosUcaMIPtCFqzJ166ZRRxC7UiKoCyc4MyBJGJhCYCoYu5pP4NLv4Udw40Y/wYBbQVedReXJ+5c/mIypTRX191sd7nnn3pt32ySbnHf7pfHwzv0kzs4fR5om0TqKo3iSxH60ovFVtAMA+O94kufxS15Eb5/nlQ0r263r3RkAcF2qz/9LffADAP9yH3z08Xu94+Nb72dZGi90H036SUSMH036Vb53Lz6PUdyNm9GNi4h8porfeff4VrSzwn68Op5O+kXl+NPv6/l7P0eU9YfRjf3V9YdZZaF+OunvxrORRe/ebrPVbjy/uv71FfXR78Rrryzs/yC68cNncT9GcSeK2nn9l4dZ9lb+9fkXnxTLFPVJK/p75XWl3BckAAAAAAAAAAAAAAAAAAAAAAC26yDLkqp9T9m/pxiq++/sXJT5g6yxv9yfp6pPmomq/kB50y1nmsc3TX+dm1mW5fWF8/p2vNj2YAEAAAAAAAAAAAAAAAAAAAAonDx8fGMwGt19cPLwdFgEt+vEfOQSQdMNoPlZ/yXLZ8HRwsjLcToc7KyfcG/ztRa7DRR7ferF0W7/tZuwaXA2G3mm2M/Wl9iL2ciHUQXNwWx1referCY9HQ6yOtXc5OEg+bO10ubgvl1MdeKqG8vLP4mLfPlM09lWl6s6W7obnRsrU7/leb7ZPG/8VJ7RXj2SlC02Nlt9tw5WvsAiSIuzSGf/+EXqu/UTrn3L2LnaOw4AAAAAAAAAAAAAAAAAALDO/Ee/K5JnTy1tXdumAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBvNn/+fxOkEbE88odgWhevuubXH6tcPdKJByf/5OsDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/+H3AAAA//8c41ca")
unlink(&(0x7f0000000040)='./file2\x00')
socket$tipc(0x1e, 0x5, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000006c59850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x18)
io_uring_setup(0x749a, &(0x7f0000000380)={0x0, 0xede3, 0x1, 0x5, 0xb8})
perf_event_open(&(0x7f0000000040)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1e8a, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x8000, 0x0, 0x100000, 0x9, 0x3ff, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x3)
syz_usb_connect$uac1(0x3, 0x0, 0x0, &(0x7f0000000600)={0xa, &(0x7f0000000400)={0xa, 0x6, 0x200, 0x6, 0x2, 0xe, 0x8, 0xec}, 0x5, &(0x7f0000000440)={0x5, 0xf, 0x5}, 0x2, [{0x4, &(0x7f0000000580)=@lang_id={0x4, 0x3, 0x2009}}, {0x4, &(0x7f00000005c0)=@lang_id={0x4, 0x3, 0x408}}]})
r3 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f0000000040)={0x100000011, @multicast2, 0x0, 0x0, 'fo\x00', 0x15, 0x80000088, 0xc000067}, 0x2c)
socket$can_raw(0x1d, 0x3, 0x1)
unshare(0x6a040000)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000002c0)="3504000030000511d25a80648c63940d1124fc60040035400c0002000a00002037153e373f04018006041000450055d64a12f76710989a119052acaa1100da3e813fa6ba", 0x44}], 0x1}, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="120000000a0000000800000002"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r4}, &(0x7f0000001d80), &(0x7f0000001d40)}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000080)={r4, &(0x7f0000000300), 0x0}, 0x20)
openat$tun(0xffffffffffffff9c, 0x0, 0x8000, 0x0)
syz_clone(0x102311, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x3000004, 0x3032, 0xffffffffffffffff, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x13, 0x0, 0x0)

188.082197ms ago: executing program 0 (id=3778):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x4, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x19, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
getsockopt$inet6_mptcp_buf(r0, 0x11c, 0x3, &(0x7f0000000000)=""/149, &(0x7f00000000c0)=0x95)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYRESOCT=r1], &(0x7f00000003c0)='GPL\x00', 0x40000, 0x0, 0x0, 0x0, 0x52, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000004c0)='kfree\x00', r2}, 0xe)
r3 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x400e, &(0x7f0000000300), 0x1, 0x440, &(0x7f0000000cc0)="$eJzs28tvG8UfAPDv2kn66+uXUJVHH0CgIMoradJSeuACAokDSEhwKMeQpFWo26AmSLSKICBUjqgSJy6IIxJ/ASe4IOCExBXuqFKFcmnhZLT2bmI7thunTlzqz0dad2Z33Jmvd8ee2ckG0LdG05ckYk9E/B4Rw9VsfYHR6j83V5am/15Zmk6iXH7zr6RS7sbK0nReNH/f7jwzEFH4NIlDTepduHT53FSpNHsxy48vnn9vfOHS5Wfnzk+dnT07e2Hy1KkTxyeePzn5XFfiTOO6cfDD+cMHXn376uvTp6++8/O3SR5/QxxdMtru4OPlcper6629NelkoIcNoSPFajeNwUr/H45irJ284Xjlk542DthS5XK5fF/rw8tl4C6WRK9bAPRG/kOfzn/zbZuGHneE6y9WJ0Bp3DezrXpkIApZmcGG+W03jUbE6eV/vkq32Jr7EAAAdb5Pxz/PNBv/FaL2vtD/szWUkYi4JyL2RcTJiNgfEfdGVMreHxEPdFh/4yLJ+vFP4dqmAtugdPz3Qra2VT/+y0d/MVLMcnsr8Q8mZ+ZKs8eyz+RoDO5I8xNt6vjh5d8+b3WsdvyXbmn9+Vgwa8e1gR3175mZWpy6nZhrXf844uBAs/iT1ZWAJCIORMTBTdYx99Q3h1sdu3X8bXRhnan8dcQT1fO/HA3x55L265Pj/4vS7LHx/KpY75dfr7zRqv7bir8L0vO/q+n1vxr/SFK7XrvQyf/+5ZPp65U/Pms5p9ns9T+UvFW374OpxcWLExFDyWvVRtfun2woN7lWPo3/6JHm/X9frH0ShyIivYgfjIiHIuLhrO2PRMSjEXGkzafw00uPvbv5+LdWGv9MR+d/LTEUjXuaJ4rnfvyurtKRTuJPz/+JSupotmcj338baVenVzMAAAD8VxUiYk8khbHVdKEwNlb9G/79satQml9YfPrM/PsXZqrPCIzEYCG/0zVccz90IpvW5/nJhvzx7L7xF8WdlfzY9HxpptfBQ5/b3aL/p/4s9rp1wJbzvBb0L/0f+pf+D/1L/4f+1aT/7+xFO4Dt1+z3/6MetAPYfg3937If9BHzf+hfm+n/vjPg7tC2Lw9tXzuAbbWwM279kLyExLpEFO6IZkhsUaLX30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADd8W8AAAD//58P56I=")
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x810)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
ioctl$int_out(r3, 0x2a32, &(0x7f0000000180))
pwrite64(r5, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x12, r3, 0xa58a3000)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x1db)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1e00000000006000000000000100000000000000", @ANYRES32=0x1, @ANYBLOB="000008000000000765893b00159a3a4db377dd14", @ANYRES32=0x0, @ANYRES32=r6, @ANYBLOB="02000000030000000400"/25], 0x50)
r7 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$sock_int(r7, 0x1, 0xb, 0x0, &(0x7f0000000580))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000480)='kfree\x00'}, 0x10)
r8 = socket$can_raw(0x1d, 0x3, 0x1)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000002900000005"], 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000181100006cd6fa8aafd230d051d5538767383f88aff62ed86ccdb75bd74b0682f69454936c995146aebfad72de69ddc084be55ad4cecae3df81385a9b98449169d07dbe09fe02ca43c4ce3eff1ce0ed1ae62398cd4f2bb8b27fb5d61a8aafeb72359ab0e25226b3f823b91046d305f6412b04bb710b218aa747136940d0000000000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000fdffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000030000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0xc, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r10}, 0x10)
setsockopt$CAN_RAW_FILTER(r8, 0x65, 0x1, &(0x7f0000000140)=[{{0x0, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}}], 0x10)
setsockopt$CAN_RAW_FILTER(r8, 0x65, 0x1, 0x0, 0x0)
r11 = socket$pppl2tp(0x18, 0x1, 0x1)
r12 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r11, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r12, {0x2, 0x0, @multicast2}, 0x2}}, 0x2e)

129.768008ms ago: executing program 2 (id=3779):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0xd, 0x2}, 0x8012, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x40, &(0x7f0000000100)={[{@errors_remount}, {@min_batch_time={'min_batch_time', 0x3d, 0x5}}, {@dioread_nolock}]}, 0x4, 0x573, &(0x7f0000000ec0)="$eJzs3T1sG+UbAPDnzvG/X/mTIoEEqEMFSEWq6iT9gMLUrohKlTogsUDkuFEVJ47iBJooQ7pXiA4IUJeywcAIYmBALIysLCBmpIpGIDUdwMhfaZo4wSl1XHK/n3T2vfee/bzvnZ/XvtOdHEBmHa0/pBHPRsTFJGJoXd1AtCqPNtdbXVkq3ltZKiZRq136LYkkIu6uLBXb6yet50MRsRwRz0TEd/mI4+nmuNWFxcmxcrk02yoPz03NDFcXFk9cmRqbKE2Upk+98uqZs6fPjJ4cXf+ye7X1pfzO+nr95xvvX//h9Vs3Pv/iyHLxw7EkzsVgq259Px6l5jbJx7kNy0/3IlgfJf1uAA8l18rzeio9HUORa2V9J7WhXW0a0GO1fRE1IKMS+Q8Z1f4dUD/+bU+7+fvj9vnmAUg97mpratYMNM9NxP7GscnB35MHjkzqx5uHd7Oh7EnL1yJiZGBg8+c/aX3+Ht7Io2ggPfXt+eaO2rz/07XxJzqMP4Ptc6f/Unv8W900/t2Pn9ti/LvYZYw/3/rlky3jX4t4rmP8ZC1+0iF+GhHvdBn/5ptfn92qrvZpxLHoHL8t2f788PDlK+XSSPOxY4xvjh15bbv+H9wifvOc7f7G10yn7T/TZf+/+v7L55e3if/SC9vv/07b/0BEfNBl/CfvfvbGVnW3ryV36r8Cdrr/68tudRn/5XNHf+pyVQAAAAAAAAAAYAfSxrVsSVpYm0/TQqF5D+9TcTAtV6pzxy9X5qfHm9e8HY582r7SaqhZTurl0db1uO3yyQ3lU7lWwNyBRrlQrJTH+9x3AAAAAAAAAAAAAAAAAAAAeFwc2nD//x+5xv3/G/+uGtirtv7Lb2Cvk/+QXQ/mf9K3dgC7z/c/ZFZN/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv8AAAAAAAAAAAAAAAAAAAAAAAAAANATFy9cqE+1eytLxXp5fGBhfrLy7onxUnWyMDVfLBQrszOFiUplolwqFCtT//R+SaUyMxLT81eH50rVueHqwuLbU5X56fZ/ipbyPe8RAAAAAAAAAAAAAAAAAAAA/PcMNqYkLURE2phP00Ih4v8RcTjyyeUr5dJIRDwRET/m8vvq5dF+NxoAAAAAAAAAAAAAAAAAAAD2mOrC4uRYuVyazcjMwE5WjojlR9uM+jvu+FX51r56XLahmSzM9HlgAgAAAAAAAAAAAAAAAACADLp/02+3r/irtw0CAAAAAAAAAAAAAAAAAACATEp/TSKiPh0benFwY+3/ktVc4zki3rt56aOrY3Nzs6P15XfWls993Fp+sh/tB7rVztN2HgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3VRcWJ8fK5dJsD2f63UcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh/F3AAAA///pCdd8")
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x60842, 0xc)
creat(&(0x7f0000000100)='./file1\x00', 0xe0)
pwritev2(r0, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(0xffffffffffffffff, 0x10f, 0x81, &(0x7f0000000000)=0x101, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b70800", @ANYRES32, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000080)='kmem_cache_free\x00', r1, 0x0, 0x100000000}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r3=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r3, @ANYBLOB="00000000000000001c001a800800028008000200080000003e120000080002001040e5"], 0x44}}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f0000000000), 0x4000000000001f2, 0x0)

83.570049ms ago: executing program 2 (id=3780):
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYRESHEX], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r1], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
syz_emit_ethernet(0x4a, &(0x7f00000043c0)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a37f2", 0x14, 0x2c, 0x0, @remote, @local, {[], {{0x2b00, 0x5, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
r4 = epoll_create1(0x80000)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r5, &(0x7f00000000c0)={0xe000001a})
read$char_usb(r5, &(0x7f0000001980)=""/179, 0xb3)
epoll_ctl$EPOLL_CTL_MOD(r4, 0x3, r5, &(0x7f0000000000))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
lsetxattr$trusted_overlay_upper(0x0, &(0x7f0000000180), &(0x7f00000001c0)=ANY=[], 0x361, 0x0)
r6 = getegid()
statx(0xffffffffffffffff, &(0x7f00000004c0)='./file1\x00', 0x400, 0x800, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, <r7=>0x0})
lsetxattr$system_posix_acl(&(0x7f00000003c0)='./file1\x00', &(0x7f0000000080)='system.posix_acl_access\x00', &(0x7f0000000380)={{}, {0x1, 0x2}, [{0x2, 0x5, r7}, {0x2, 0x4}], {}, [{0x8, 0x5, r6}], {0x10, 0x5}}, 0x3c, 0x3)
dup2(0xffffffffffffffff, 0xffffffffffffffff)

0s ago: executing program 2 (id=3781):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
setsockopt$sock_int(r3, 0x1, 0xf, &(0x7f00000002c0)=0x7, 0x4)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r4, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r4, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r4, 0x0)
shutdown(r4, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5, 0x0, 0x100}, 0x18)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x8, &(0x7f0000000080)=[{0x0}], 0x1, 0x0, 0x0, 0x5}, 0x2004c000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800019f00000000000000000a000000000000000800010001000000040004"], 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f0000000000), 0x4000000000001f2, 0x0)

kernel console output (not intermixed with test programs):

 201.935020][T10978]  ? clear_bhb_loop+0x40/0x90
[  201.935043][T10978]  ? clear_bhb_loop+0x40/0x90
[  201.935118][T10978]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  201.935145][T10978] RIP: 0033:0x7f66589ee969
[  201.935164][T10978] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  201.935189][T10978] RSP: 002b:00007f6657036038 EFLAGS: 00000246 ORIG_RAX: 0000000000000012
[  201.935239][T10978] RAX: ffffffffffffffda RBX: 00007f6658c16080 RCX: 00007f66589ee969
[  201.935312][T10978] RDX: 00000000200000c1 RSI: 00002000000000c0 RDI: 0000000000000006
[  201.935328][T10978] RBP: 00007f6658a70ab1 R08: 0000000000000000 R09: 0000000000000000
[  201.935344][T10978] R10: 0000000000009000 R11: 0000000000000246 R12: 0000000000000000
[  201.935359][T10978] R13: 0000000000000000 R14: 00007f6658c16080 R15: 00007ffd73e2ee68
[  201.935390][T10978]  </TASK>
[  201.935398][T10978] memory: usage 307200kB, limit 307200kB, failcnt 9127
[  202.163584][T10978] memory+swap: usage 175768kB, limit 9007199254740988kB, failcnt 0
[  202.171492][T10978] kmem: usage 85104kB, limit 9007199254740988kB, failcnt 0
[  202.178790][T10978] Memory cgroup stats for /syz2:
[  202.179737][T10978] cache 38887424
[  202.188216][T10978] rss 221184
[  202.191437][T10978] shmem 38756352
[  202.194983][T10978] mapped_file 65536
[  202.198835][T10978] dirty 0
[  202.201796][T10978] writeback 0
[  202.205165][T10978] workingset_refault_anon 600
[  202.209885][T10978] workingset_refault_file 4003
[  202.214647][T10978] swap 48586752
[  202.218114][T10978] swapcached 20480
[  202.221963][T10978] pgpgin 320332
[  202.225450][T10978] pgpgout 310779
[  202.229005][T10978] pgfault 338235
[  202.232547][T10978] pgmajfault 401
[  202.236119][T10978] inactive_anon 32776192
[  202.240472][T10978] active_anon 6221824
[  202.244456][T10978] inactive_file 0
[  202.248097][T10978] active_file 122880
[  202.252050][T10978] unevictable 0
[  202.255549][T10978] hierarchical_memory_limit 314572800
[  202.260945][T10978] hierarchical_memsw_limit 9223372036854771712
[  202.267157][T10978] total_cache 38887424
[  202.271240][T10978] total_rss 221184
[  202.274964][T10978] total_shmem 38756352
[  202.279054][T10978] total_mapped_file 65536
[  202.283470][T10978] total_dirty 0
[  202.286935][T10978] total_writeback 0
[  202.290757][T10978] total_workingset_refault_anon 600
[  202.295953][T10978] total_workingset_refault_file 4003
[  202.301254][T10978] total_swap 48586752
[  202.305240][T10978] total_swapcached 20480
[  202.309498][T10978] total_pgpgin 320332
[  202.313507][T10978] total_pgpgout 310779
[  202.317610][T10978] total_pgfault 338235
[  202.321713][T10978] total_pgmajfault 401
[  202.325791][T10978] total_inactive_anon 32776192
[  202.330616][T10978] total_active_anon 6221824
[  202.335172][T10978] total_inactive_file 0
[  202.339378][T10978] total_active_file 122880
[  202.343855][T10978] total_unevictable 0
[  202.347910][T10978] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.2737,pid=10975,uid=0
[  202.362830][T10978] Memory cgroup out of memory: Killed process 10978 (syz.2.2737) total-vm:93880kB, anon-rss:1064kB, file-rss:22312kB, shmem-rss:0kB, UID:0 pgtables:144kB oom_score_adj:1000
[  202.380907][T10993] team0: Port device hsr_slave_0 removed
[  203.572610][T11044] __nla_validate_parse: 6 callbacks suppressed
[  203.572626][T11044] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2754'.
[  204.080270][T11078] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2769'.
[  204.242193][T11084] x_tables: duplicate underflow at hook 1
[  204.303375][T11092] vcan0: tx drop: invalid da for name 0x0000000000000002
[  204.324243][T11092] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  204.361787][T11098] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2777'.
[  204.407132][T11103] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2779'.
[  204.521469][T11108] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2782'.
[  204.916615][T11132] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2792'.
[  204.990825][T11135] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2793'.
[  205.180417][T11143] FAULT_INJECTION: forcing a failure.
[  205.180417][T11143] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  205.193672][T11143] CPU: 0 UID: 0 PID: 11143 Comm: syz.4.2796 Not tainted 6.15.0-rc7-syzkaller-00002-gb36ddb9210e6 #0 PREEMPT(voluntary) 
[  205.193698][T11143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  205.193735][T11143] Call Trace:
[  205.193739][T11143]  <TASK>
[  205.193745][T11143]  __dump_stack+0x1d/0x30
[  205.193767][T11143]  dump_stack_lvl+0xe8/0x140
[  205.193789][T11143]  dump_stack+0x15/0x1b
[  205.193808][T11143]  should_fail_ex+0x265/0x280
[  205.193848][T11143]  should_fail+0xb/0x20
[  205.193920][T11143]  should_fail_usercopy+0x1a/0x20
[  205.193943][T11143]  _copy_from_user+0x1c/0xb0
[  205.194043][T11143]  __sys_connect+0xd0/0x2b0
[  205.194075][T11143]  __x64_sys_connect+0x3f/0x50
[  205.194170][T11143]  x64_sys_call+0x1daa/0x2fb0
[  205.194189][T11143]  do_syscall_64+0xd0/0x1a0
[  205.194209][T11143]  ? clear_bhb_loop+0x40/0x90
[  205.194298][T11143]  ? clear_bhb_loop+0x40/0x90
[  205.194323][T11143]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.194347][T11143] RIP: 0033:0x7f71d781e969
[  205.194363][T11143] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  205.194380][T11143] RSP: 002b:00007f71d5e87038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  205.194476][T11143] RAX: ffffffffffffffda RBX: 00007f71d7a45fa0 RCX: 00007f71d781e969
[  205.194487][T11143] RDX: 0000000000000010 RSI: 0000200000000000 RDI: 0000000000000006
[  205.194497][T11143] RBP: 00007f71d5e87090 R08: 0000000000000000 R09: 0000000000000000
[  205.194507][T11143] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  205.194517][T11143] R13: 0000000000000000 R14: 00007f71d7a45fa0 R15: 00007ffd8efd0a98
[  205.194533][T11143]  </TASK>
[  205.553338][    C0] vcan0: j1939_tp_rxtimer: 0xffff8881022c6600: rx timeout, send abort
[  205.561702][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff8881022c6600: 0x20000: (3) A timeout occurred and this is the connection abort to close the session.
[  205.578630][T11155] FAULT_INJECTION: forcing a failure.
[  205.578630][T11155] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  205.591700][T11155] CPU: 1 UID: 0 PID: 11155 Comm: syz.4.2802 Not tainted 6.15.0-rc7-syzkaller-00002-gb36ddb9210e6 #0 PREEMPT(voluntary) 
[  205.591733][T11155] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  205.591748][T11155] Call Trace:
[  205.591755][T11155]  <TASK>
[  205.591763][T11155]  __dump_stack+0x1d/0x30
[  205.591821][T11155]  dump_stack_lvl+0xe8/0x140
[  205.591912][T11155]  dump_stack+0x15/0x1b
[  205.591932][T11155]  should_fail_ex+0x265/0x280
[  205.592019][T11155]  should_fail+0xb/0x20
[  205.592106][T11155]  should_fail_usercopy+0x1a/0x20
[  205.592124][T11155]  strncpy_from_user+0x25/0x230
[  205.592151][T11155]  ? __rcu_read_unlock+0x4f/0x70
[  205.592179][T11155]  path_removexattrat+0x82/0x570
[  205.592318][T11155]  __x64_sys_removexattr+0x38/0x50
[  205.592351][T11155]  x64_sys_call+0x2c7a/0x2fb0
[  205.592442][T11155]  do_syscall_64+0xd0/0x1a0
[  205.592471][T11155]  ? clear_bhb_loop+0x40/0x90
[  205.592496][T11155]  ? clear_bhb_loop+0x40/0x90
[  205.592522][T11155]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.592570][T11155] RIP: 0033:0x7f71d781e969
[  205.592583][T11155] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  205.592599][T11155] RSP: 002b:00007f71d5e87038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c5
[  205.592616][T11155] RAX: ffffffffffffffda RBX: 00007f71d7a45fa0 RCX: 00007f71d781e969
[  205.592627][T11155] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000200000000200
[  205.592666][T11155] RBP: 00007f71d5e87090 R08: 0000000000000000 R09: 0000000000000000
[  205.592693][T11155] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  205.592704][T11155] R13: 0000000000000000 R14: 00007f71d7a45fa0 R15: 00007ffd8efd0a98
[  205.592791][T11155]  </TASK>
[  205.612972][T11157] vhci_hcd: invalid port number 15
[  205.779336][T11157] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub
[  205.814137][T11161] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2804'.
[  205.838379][T11159] x_tables: duplicate underflow at hook 1
[  205.882180][T11169] sch_tbf: burst 0 is lower than device lo mtu (65499) !
[  205.927656][T11174] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2810'.
[  206.154373][T11183] vcan0: tx drop: invalid da for name 0x0000000000000002
[  206.164746][T11183] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  206.190316][   T29] kauditd_printk_skb: 283 callbacks suppressed
[  206.190327][   T29] audit: type=1400 audit(1747804229.850:10776): avc:  denied  { audit_write } for  pid=11186 comm="syz.0.2816" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  206.217921][   T29] audit: type=1107 audit(1747804229.850:10777): pid=11186 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[  206.257904][T11193] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2819'.
[  206.295601][T11197] sch_tbf: burst 0 is lower than device lo mtu (65499) !
[  206.309285][T11195] x_tables: duplicate underflow at hook 1
[  206.478942][   T29] audit: type=1326 audit(1747804230.130:10778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11211 comm="syz.0.2827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2e8efe969 code=0x7ffc0000
[  206.502637][   T29] audit: type=1326 audit(1747804230.130:10779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11211 comm="syz.0.2827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2e8efe969 code=0x7ffc0000
[  206.526529][   T29] audit: type=1326 audit(1747804230.130:10780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11211 comm="syz.0.2827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=460 compat=0 ip=0x7fe2e8efe969 code=0x7ffc0000
[  206.550110][   T29] audit: type=1326 audit(1747804230.130:10781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11211 comm="syz.0.2827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2e8efe969 code=0x7ffc0000
[  206.573779][   T29] audit: type=1326 audit(1747804230.130:10782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11211 comm="syz.0.2827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fe2e8efe969 code=0x7ffc0000
[  206.597353][   T29] audit: type=1326 audit(1747804230.130:10783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11211 comm="syz.0.2827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2e8efe969 code=0x7ffc0000
[  206.621073][   T29] audit: type=1326 audit(1747804230.130:10784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11211 comm="syz.0.2827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7fe2e8efe969 code=0x7ffc0000
[  206.644726][   T29] audit: type=1326 audit(1747804230.130:10785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11211 comm="syz.0.2827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2e8efe969 code=0x7ffc0000
[  207.072286][T11232] x_tables: duplicate underflow at hook 1
[  207.404314][    C0] vcan0: j1939_tp_rxtimer: 0xffff8881251e2800: rx timeout, send abort
[  207.412601][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff8881251e2800: 0x20000: (3) A timeout occurred and this is the connection abort to close the session.
[  208.272055][T11297] siw: device registration error -23
[  208.526757][T11306] netlink: 'syz.4.2861': attribute type 10 has an invalid length.
[  208.535552][T11306] team0: Port device hsr_slave_0 added
[  209.041261][T11329] netlink: 'syz.4.2869': attribute type 10 has an invalid length.
[  209.149744][T11338] team0: Port device hsr_slave_0 removed
[  209.415612][T11347] __nla_validate_parse: 9 callbacks suppressed
[  209.415631][T11347] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2875'.
[  210.104222][T11367] x_tables: duplicate underflow at hook 1
[  210.166830][T11370] 9pnet_fd: Insufficient options for proto=fd
[  210.178140][T11370] syz.1.2881: attempt to access beyond end of device
[  210.178140][T11370] md33: rw=2048, sector=0, nr_sectors = 8 limit=0
[  210.529084][T11376] x_tables: duplicate underflow at hook 1
[  210.674274][T11391] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2890'.
[  210.950108][T11399] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2892'.
[  210.959115][T11399] netlink: 108 bytes leftover after parsing attributes in process `syz.2.2892'.
[  210.969707][T11400] loop0: detected capacity change from 0 to 512
[  210.977173][T11400] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  210.985851][T11399] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2892'.
[  211.077981][T11400] EXT4-fs (loop0): invalid journal inode
[  211.087457][T11399] netlink: 108 bytes leftover after parsing attributes in process `syz.2.2892'.
[  211.096714][T11399] netlink: 84 bytes leftover after parsing attributes in process `syz.2.2892'.
[  211.108448][T11400] EXT4-fs (loop0): can't get journal size
[  211.129683][T11404] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2895'.
[  211.148941][T11400] EXT4-fs (loop0): 1 truncate cleaned up
[  211.155206][T11400] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  211.187083][T11400] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2893'.
[  211.219439][ T3323] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  211.251295][T11412] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2897'.
[  211.266928][T11413] x_tables: duplicate underflow at hook 1
[  211.348131][   T29] kauditd_printk_skb: 241 callbacks suppressed
[  211.348146][   T29] audit: type=1400 audit(1747804235.000:11027): avc:  denied  { write } for  pid=11416 comm="syz.0.2899" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  211.442985][T11431] siw: device registration error -23
[  211.531728][T11446] sch_tbf: burst 0 is lower than device lo mtu (65499) !
[  211.590801][T11448] x_tables: duplicate underflow at hook 1
[  211.746103][T11473] FAULT_INJECTION: forcing a failure.
[  211.746103][T11473] name failslab, interval 1, probability 0, space 0, times 0
[  211.758929][T11473] CPU: 0 UID: 0 PID: 11473 Comm: syz.3.2921 Not tainted 6.15.0-rc7-syzkaller-00002-gb36ddb9210e6 #0 PREEMPT(voluntary) 
[  211.759041][T11473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  211.759054][T11473] Call Trace:
[  211.759061][T11473]  <TASK>
[  211.759068][T11473]  __dump_stack+0x1d/0x30
[  211.759137][T11473]  dump_stack_lvl+0xe8/0x140
[  211.759159][T11473]  dump_stack+0x15/0x1b
[  211.759178][T11473]  should_fail_ex+0x265/0x280
[  211.759216][T11473]  should_failslab+0x8c/0xb0
[  211.759281][T11473]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  211.759308][T11473]  ? xfrm_add_sa+0x18c5/0x2410
[  211.759347][T11473]  kmemdup_noprof+0x2b/0x70
[  211.759370][T11473]  xfrm_add_sa+0x18c5/0x2410
[  211.759401][T11473]  xfrm_user_rcv_msg+0x563/0x660
[  211.759473][T11473]  ? __kfree_skb+0x109/0x150
[  211.759489][T11473]  ? nlmon_xmit+0x4f/0x60
[  211.759508][T11473]  ? consume_skb+0x49/0x150
[  211.759591][T11473]  netlink_rcv_skb+0x123/0x220
[  211.759622][T11473]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  211.759651][T11473]  xfrm_netlink_rcv+0x48/0x60
[  211.759709][T11473]  netlink_unicast+0x5a1/0x670
[  211.759758][T11473]  netlink_sendmsg+0x58b/0x6b0
[  211.759779][T11473]  ? __pfx_netlink_sendmsg+0x10/0x10
[  211.759798][T11473]  __sock_sendmsg+0x145/0x180
[  211.759857][T11473]  ____sys_sendmsg+0x31e/0x4e0
[  211.759880][T11473]  ___sys_sendmsg+0x17b/0x1d0
[  211.760019][T11473]  __x64_sys_sendmsg+0xd4/0x160
[  211.760043][T11473]  x64_sys_call+0x2999/0x2fb0
[  211.760124][T11473]  do_syscall_64+0xd0/0x1a0
[  211.760151][T11473]  ? clear_bhb_loop+0x40/0x90
[  211.760172][T11473]  ? clear_bhb_loop+0x40/0x90
[  211.760190][T11473]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  211.760209][T11473] RIP: 0033:0x7f180ab0e969
[  211.760247][T11473] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  211.760262][T11473] RSP: 002b:00007f1809177038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  211.760283][T11473] RAX: ffffffffffffffda RBX: 00007f180ad35fa0 RCX: 00007f180ab0e969
[  211.760297][T11473] RDX: 0000000000000000 RSI: 0000200000000ec0 RDI: 0000000000000003
[  211.760311][T11473] RBP: 00007f1809177090 R08: 0000000000000000 R09: 0000000000000000
[  211.760324][T11473] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  211.760337][T11473] R13: 0000000000000000 R14: 00007f180ad35fa0 R15: 00007fffa89a5bf8
[  211.760358][T11473]  </TASK>
[  211.822709][T11456] netlink: 'syz.4.2917': attribute type 10 has an invalid length.
[  212.016477][T11456] team0: Port device hsr_slave_0 added
[  212.120166][   T29] audit: type=1400 audit(1747804235.770:11028): avc:  denied  { mounton } for  pid=11485 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  212.306468][   T29] audit: type=1400 audit(1747804235.950:11029): avc:  denied  { map } for  pid=11494 comm="syz.0.2927" path="socket:[38215]" dev="sockfs" ino=38215 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  212.329981][   T29] audit: type=1400 audit(1747804235.950:11030): avc:  denied  { read } for  pid=11494 comm="syz.0.2927" path="socket:[38215]" dev="sockfs" ino=38215 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  212.420769][T11485] chnl_net:caif_netlink_parms(): no params data found
[  212.506363][T11485] bridge0: port 1(bridge_slave_0) entered blocking state
[  212.513582][T11485] bridge0: port 1(bridge_slave_0) entered disabled state
[  212.522757][   T29] audit: type=1400 audit(1747804236.180:11031): avc:  denied  { setopt } for  pid=11509 comm="syz.3.2930" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  212.527731][T11485] bridge_slave_0: entered allmulticast mode
[  212.542911][   T29] audit: type=1400 audit(1747804236.180:11032): avc:  denied  { write } for  pid=11509 comm="syz.3.2930" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  212.549695][T11485] bridge_slave_0: entered promiscuous mode
[  212.575302][T11485] bridge0: port 2(bridge_slave_1) entered blocking state
[  212.582432][T11485] bridge0: port 2(bridge_slave_1) entered disabled state
[  212.588501][   T29] audit: type=1400 audit(1747804236.230:11033): avc:  denied  { create } for  pid=11509 comm="syz.3.2930" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=appletalk_socket permissive=1
[  212.589959][T11485] bridge_slave_1: entered allmulticast mode
[  212.616118][T11485] bridge_slave_1: entered promiscuous mode
[  212.628338][   T29] audit: type=1400 audit(1747804236.290:11034): avc:  denied  { read } for  pid=11509 comm="syz.3.2930" name="mISDNtimer" dev="devtmpfs" ino=249 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  212.651683][   T29] audit: type=1400 audit(1747804236.290:11035): avc:  denied  { open } for  pid=11509 comm="syz.3.2930" path="/dev/mISDNtimer" dev="devtmpfs" ino=249 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  212.675278][   T29] audit: type=1400 audit(1747804236.290:11036): avc:  denied  { ioctl } for  pid=11509 comm="syz.3.2930" path="/dev/mISDNtimer" dev="devtmpfs" ino=249 ioctlcmd=0x4941 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  212.709788][T11485] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  212.721018][T11485] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  212.743062][T11485] team0: Port device team_slave_0 added
[  212.750100][T11485] team0: Port device team_slave_1 added
[  212.767340][T11485] batman_adv: batadv0: Adding interface: batadv_slave_0
[  212.774456][T11485] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  212.800543][T11485] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  212.812611][T11485] batman_adv: batadv0: Adding interface: batadv_slave_1
[  212.819623][T11485] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  212.845669][T11485] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  212.874043][T11485] hsr_slave_0: entered promiscuous mode
[  212.886856][T11485] hsr_slave_1: entered promiscuous mode
[  212.898613][T11485] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  212.949784][T11485] Cannot create hsr debugfs directory
[  212.964148][   T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  212.974513][   T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  213.107319][T11525] sch_tbf: burst 0 is lower than device lo mtu (65499) !
[  213.145276][   T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  213.155606][   T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  213.225300][   T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  213.235630][   T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  213.282756][T11531] siw: device registration error -23
[  213.311488][   T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  213.321845][   T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  213.502917][   T12] bond0 (unregistering): Released all slaves
[  213.637164][   T12] hsr_slave_0: left promiscuous mode
[  213.659600][   T12] hsr_slave_1: left promiscuous mode
[  213.672693][   T12] veth1_macvtap: left promiscuous mode
[  213.678187][   T12] veth0_macvtap: left promiscuous mode
[  214.012207][T11558] xt_recent: Unsupported userspace flags (000000c7)
[  214.074255][T11485] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  214.089205][T11485] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  214.107619][T11485] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  214.145605][T11485] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  214.146635][   T12] IPVS: stop unused estimator thread 0...
[  214.202062][T11485] 8021q: adding VLAN 0 to HW filter on device bond0
[  214.217942][T11485] 8021q: adding VLAN 0 to HW filter on device team0
[  214.266912][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  214.274036][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  214.328672][T11485] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  214.339269][T11485] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  214.391450][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  214.398542][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  214.444990][T11588] __nla_validate_parse: 5 callbacks suppressed
[  214.445002][T11588] netlink: 9 bytes leftover after parsing attributes in process `syz.4.2957'.
[  214.461088][T11588] gretap0: entered promiscuous mode
[  214.467724][T11588] netlink: 5 bytes leftover after parsing attributes in process `syz.4.2957'.
[  214.489971][T11485] 8021q: adding VLAN 0 to HW filter on device batadv0
[  214.502032][T11588] 0ªX¹¦D: renamed from gretap0
[  214.509709][T11588] 0ªX¹¦D: left promiscuous mode
[  214.514601][T11588] 0ªX¹¦D: entered allmulticast mode
[  214.520798][T11588] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[  214.626214][T11485] veth0_vlan: entered promiscuous mode
[  214.639173][T11485] veth1_vlan: entered promiscuous mode
[  214.667278][T11485] veth0_macvtap: entered promiscuous mode
[  214.678993][T11485] veth1_macvtap: entered promiscuous mode
[  214.691226][T11603] siw: device registration error -23
[  214.697990][T11485] batman_adv: batadv0: Interface activated: batadv_slave_0
[  214.717752][T11485] batman_adv: batadv0: Interface activated: batadv_slave_1
[  214.727658][T11485] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  214.736536][T11485] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  214.745353][T11485] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  214.754241][T11485] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  214.812632][T11605] x_tables: duplicate underflow at hook 1
[  215.254872][T11628] 9pnet_fd: Insufficient options for proto=fd
[  215.262294][T11628] syz.1.2964: attempt to access beyond end of device
[  215.262294][T11628] md33: rw=2048, sector=0, nr_sectors = 8 limit=0
[  215.445297][T11630] 9pnet_fd: Insufficient options for proto=fd
[  215.452007][T11630] syz.2.2966: attempt to access beyond end of device
[  215.452007][T11630] md33: rw=2048, sector=0, nr_sectors = 8 limit=0
[  216.049677][T11657] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2970'.
[  216.060957][ T3409] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  216.099811][T11616] chnl_net:caif_netlink_parms(): no params data found
[  216.112699][T11652] x_tables: duplicate underflow at hook 1
[  216.131007][ T3409] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  216.191925][T11660] x_tables: duplicate underflow at hook 1
[  216.215212][ T3409] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  216.290445][T11616] bridge0: port 1(bridge_slave_0) entered blocking state
[  216.297527][T11616] bridge0: port 1(bridge_slave_0) entered disabled state
[  216.306444][T11671] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2978'.
[  216.325916][T11616] bridge_slave_0: entered allmulticast mode
[  216.334525][T11675] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2977'.
[  216.347497][T11616] bridge_slave_0: entered promiscuous mode
[  216.356761][ T3409] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  216.397072][T11675] bridge_slave_0: left allmulticast mode
[  216.402800][T11675] bridge_slave_0: left promiscuous mode
[  216.408504][T11675] bridge0: port 1(bridge_slave_0) entered disabled state
[  216.430026][T11675] bridge_slave_1: left allmulticast mode
[  216.435695][T11675] bridge_slave_1: left promiscuous mode
[  216.441596][T11675] bridge0: port 2(bridge_slave_1) entered disabled state
[  216.459369][T11675] bond0: (slave bond_slave_0): Releasing backup interface
[  216.469605][T11675] bond0: (slave bond_slave_1): Releasing backup interface
[  216.484926][T11675] team0: Port device team_slave_0 removed
[  216.501808][T11675] team0: Port device team_slave_1 removed
[  216.509037][T11675] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  216.516458][T11675] batman_adv: batadv0: Removing interface: batadv_slave_0
[  216.525768][T11675] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  216.533237][T11675] batman_adv: batadv0: Removing interface: batadv_slave_1
[  216.562210][T11616] bridge0: port 2(bridge_slave_1) entered blocking state
[  216.569546][T11616] bridge0: port 2(bridge_slave_1) entered disabled state
[  216.579073][T11616] bridge_slave_1: entered allmulticast mode
[  216.585741][T11616] bridge_slave_1: entered promiscuous mode
[  216.660168][T11616] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  216.687633][T11616] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  216.820368][ T3409] bond0 (unregistering): Released all slaves
[  216.855401][T11616] team0: Port device team_slave_0 added
[  216.876039][T11616] team0: Port device team_slave_1 added
[  216.896586][T11697] x_tables: duplicate underflow at hook 1
[  216.904041][ T3409] hsr_slave_0: left promiscuous mode
[  216.909912][ T3409] hsr_slave_1: left promiscuous mode
[  216.922801][ T3409] veth1_macvtap: left promiscuous mode
[  216.930896][ T3409] veth1_vlan: left promiscuous mode
[  216.936187][ T3409] veth0_vlan: left promiscuous mode
[  217.043103][T11616] batman_adv: batadv0: Adding interface: batadv_slave_0
[  217.050117][T11616] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  217.076202][T11616] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  217.088260][T11616] batman_adv: batadv0: Adding interface: batadv_slave_1
[  217.095275][T11616] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  217.121272][T11616] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  217.167337][T11702] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2988'.
[  217.204267][   T29] kauditd_printk_skb: 135 callbacks suppressed
[  217.204279][   T29] audit: type=1326 audit(1747804240.860:11172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11705 comm="syz.1.2989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b4d66e969 code=0x7ffc0000
[  217.234884][   T29] audit: type=1326 audit(1747804240.860:11173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11705 comm="syz.1.2989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b4d66e969 code=0x7ffc0000
[  217.237468][T11616] hsr_slave_0: entered promiscuous mode
[  217.265846][   T29] audit: type=1326 audit(1747804240.920:11174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11705 comm="syz.1.2989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f6b4d66e969 code=0x7ffc0000
[  217.289368][   T29] audit: type=1326 audit(1747804240.920:11175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11705 comm="syz.1.2989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b4d66e969 code=0x7ffc0000
[  217.300861][T11616] hsr_slave_1: entered promiscuous mode
[  217.312919][   T29] audit: type=1326 audit(1747804240.920:11176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11705 comm="syz.1.2989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b4d66e969 code=0x7ffc0000
[  217.332225][T11616] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  217.342064][   T29] audit: type=1326 audit(1747804240.920:11177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11705 comm="syz.1.2989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=216 compat=0 ip=0x7f6b4d66e969 code=0x7ffc0000
[  217.350161][T11616] Cannot create hsr debugfs directory
[  217.373230][   T29] audit: type=1326 audit(1747804240.920:11178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11705 comm="syz.1.2989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b4d66e969 code=0x7ffc0000
[  217.402339][   T29] audit: type=1326 audit(1747804240.920:11179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11705 comm="syz.1.2989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=133 compat=0 ip=0x7f6b4d66e969 code=0x7ffc0000
[  217.426297][   T29] audit: type=1326 audit(1747804240.920:11180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11705 comm="syz.1.2989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b4d66e969 code=0x7ffc0000
[  217.450135][   T29] audit: type=1326 audit(1747804240.920:11181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11705 comm="syz.1.2989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7f6b4d66e969 code=0x7ffc0000
[  217.487484][T11708] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2990'.
[  217.559254][T11711] sch_tbf: burst 0 is lower than device lo mtu (65499) !
[  217.607809][ T3409] IPVS: stop unused estimator thread 0...
[  217.633231][T11721] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  217.650636][T11723] syz.1.2996: attempt to access beyond end of device
[  217.650636][T11723] md33: rw=2048, sector=0, nr_sectors = 8 limit=0
[  217.665362][T11725] FAULT_INJECTION: forcing a failure.
[  217.665362][T11725] name failslab, interval 1, probability 0, space 0, times 0
[  217.678038][T11725] CPU: 0 UID: 0 PID: 11725 Comm: syz.4.2998 Not tainted 6.15.0-rc7-syzkaller-00002-gb36ddb9210e6 #0 PREEMPT(voluntary) 
[  217.678073][T11725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  217.678087][T11725] Call Trace:
[  217.678094][T11725]  <TASK>
[  217.678101][T11725]  __dump_stack+0x1d/0x30
[  217.678120][T11725]  dump_stack_lvl+0xe8/0x140
[  217.678213][T11725]  dump_stack+0x15/0x1b
[  217.678246][T11725]  should_fail_ex+0x265/0x280
[  217.678283][T11725]  should_failslab+0x8c/0xb0
[  217.678367][T11725]  kmem_cache_alloc_noprof+0x50/0x310
[  217.678390][T11725]  ? ep_insert+0x138/0xd10
[  217.678420][T11725]  ep_insert+0x138/0xd10
[  217.678448][T11725]  ? security_capable+0x83/0x90
[  217.678538][T11725]  do_epoll_ctl+0x6c3/0x870
[  217.678566][T11725]  __x64_sys_epoll_ctl+0xcb/0x100
[  217.678664][T11725]  x64_sys_call+0x26ef/0x2fb0
[  217.678683][T11725]  do_syscall_64+0xd0/0x1a0
[  217.678705][T11725]  ? clear_bhb_loop+0x40/0x90
[  217.678724][T11725]  ? clear_bhb_loop+0x40/0x90
[  217.678773][T11725]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.678811][T11725] RIP: 0033:0x7f71d781e969
[  217.678823][T11725] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  217.678840][T11725] RSP: 002b:00007f71d5e87038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  217.678914][T11725] RAX: ffffffffffffffda RBX: 00007f71d7a45fa0 RCX: 00007f71d781e969
[  217.678925][T11725] RDX: 0000000000000004 RSI: 0000000000000001 RDI: 0000000000000003
[  217.678983][T11725] RBP: 00007f71d5e87090 R08: 0000000000000000 R09: 0000000000000000
[  217.678994][T11725] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000001
[  217.679005][T11725] R13: 0000000000000000 R14: 00007f71d7a45fa0 R15: 00007ffd8efd0a98
[  217.679059][T11725]  </TASK>
[  218.003803][   T10] IPVS: starting estimator thread 0...
[  218.007658][T11616] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  218.030593][T11616] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  218.090739][T11616] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  218.126215][T11739] IPVS: using max 2784 ests per chain, 139200 per kthread
[  218.137331][T11616] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  218.342107][T11616] 8021q: adding VLAN 0 to HW filter on device bond0
[  218.375399][T11616] 8021q: adding VLAN 0 to HW filter on device team0
[  218.405049][ T3409] bridge0: port 1(bridge_slave_0) entered blocking state
[  218.412187][ T3409] bridge0: port 1(bridge_slave_0) entered forwarding state
[  218.429796][ T3409] bridge0: port 2(bridge_slave_1) entered blocking state
[  218.437293][ T3409] bridge0: port 2(bridge_slave_1) entered forwarding state
[  218.499209][T11616] 8021q: adding VLAN 0 to HW filter on device batadv0
[  218.584740][T11616] veth0_vlan: entered promiscuous mode
[  218.593033][T11616] veth1_vlan: entered promiscuous mode
[  218.609871][T11616] veth0_macvtap: entered promiscuous mode
[  218.623098][T11751] SELinux: syz.1.3003 (11751) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  218.639920][T11616] veth1_macvtap: entered promiscuous mode
[  218.756225][T11616] batman_adv: batadv0: Interface activated: batadv_slave_0
[  218.771745][T11616] batman_adv: batadv0: Interface activated: batadv_slave_1
[  218.780305][T11616] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  218.789045][T11616] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  218.797822][T11616] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  218.806674][T11616] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  218.845349][T11764] FAULT_INJECTION: forcing a failure.
[  218.845349][T11764] name failslab, interval 1, probability 0, space 0, times 0
[  218.858125][T11764] CPU: 1 UID: 0 PID: 11764 Comm: syz.3.3006 Not tainted 6.15.0-rc7-syzkaller-00002-gb36ddb9210e6 #0 PREEMPT(voluntary) 
[  218.858157][T11764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  218.858168][T11764] Call Trace:
[  218.858173][T11764]  <TASK>
[  218.858179][T11764]  __dump_stack+0x1d/0x30
[  218.858197][T11764]  dump_stack_lvl+0xe8/0x140
[  218.858214][T11764]  dump_stack+0x15/0x1b
[  218.858282][T11764]  should_fail_ex+0x265/0x280
[  218.858321][T11764]  should_failslab+0x8c/0xb0
[  218.858412][T11764]  kmem_cache_alloc_noprof+0x50/0x310
[  218.858481][T11764]  ? alloc_empty_file+0x76/0x200
[  218.858511][T11764]  alloc_empty_file+0x76/0x200
[  218.858536][T11764]  alloc_file_pseudo+0xc6/0x160
[  218.858569][T11764]  anon_inode_getfile_fmode+0xa5/0x140
[  218.858600][T11764]  do_signalfd4+0x162/0x2b0
[  218.858686][T11764]  __x64_sys_signalfd4+0xce/0x100
[  218.858718][T11764]  x64_sys_call+0x2bca/0x2fb0
[  218.858792][T11764]  do_syscall_64+0xd0/0x1a0
[  218.858820][T11764]  ? clear_bhb_loop+0x40/0x90
[  218.858845][T11764]  ? clear_bhb_loop+0x40/0x90
[  218.858922][T11764]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.858942][T11764] RIP: 0033:0x7f180ab0e969
[  218.858957][T11764] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  218.858978][T11764] RSP: 002b:00007f1809177038 EFLAGS: 00000246 ORIG_RAX: 0000000000000121
[  218.858999][T11764] RAX: ffffffffffffffda RBX: 00007f180ad35fa0 RCX: 00007f180ab0e969
[  218.859013][T11764] RDX: 0000000000000008 RSI: 0000200000000080 RDI: ffffffffffffffff
[  218.859027][T11764] RBP: 00007f1809177090 R08: 0000000000000000 R09: 0000000000000000
[  218.859039][T11764] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  218.859048][T11764] R13: 0000000000000000 R14: 00007f180ad35fa0 R15: 00007fffa89a5bf8
[  218.859075][T11764]  </TASK>
[  219.207896][T11768] siw: device registration error -23
[  219.298620][T11781] loop0: detected capacity change from 0 to 512
[  219.338928][T11781] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  219.408496][T11781] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  219.445530][T11781] ext4 filesystem being mounted at /1/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  219.478552][T11616] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  219.507367][T11772] chnl_net:caif_netlink_parms(): no params data found
[  219.565064][T11805] loop0: detected capacity change from 0 to 1024
[  219.596937][T11802] x_tables: duplicate underflow at hook 1
[  219.614676][T11786] netlink: 'syz.2.3014': attribute type 10 has an invalid length.
[  219.626610][T11805] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  219.639518][T11805] ext4 filesystem being mounted at /2/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  219.660043][T11805] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  219.675952][T11805] EXT4-fs (loop0): Remounting filesystem read-only
[  219.702619][T11786] team0: Device hsr_slave_0 failed to register rx_handler
[  219.767194][T11816] FAULT_INJECTION: forcing a failure.
[  219.767194][T11816] name failslab, interval 1, probability 0, space 0, times 0
[  219.780007][T11816] CPU: 1 UID: 0 PID: 11816 Comm: syz.3.3019 Not tainted 6.15.0-rc7-syzkaller-00002-gb36ddb9210e6 #0 PREEMPT(voluntary) 
[  219.780032][T11816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  219.780102][T11816] Call Trace:
[  219.780109][T11816]  <TASK>
[  219.780116][T11816]  __dump_stack+0x1d/0x30
[  219.780141][T11816]  dump_stack_lvl+0xe8/0x140
[  219.780198][T11816]  dump_stack+0x15/0x1b
[  219.780212][T11816]  should_fail_ex+0x265/0x280
[  219.780247][T11816]  should_failslab+0x8c/0xb0
[  219.780283][T11816]  kmem_cache_alloc_noprof+0x50/0x310
[  219.780353][T11816]  ? audit_log_start+0x365/0x6c0
[  219.780383][T11816]  audit_log_start+0x365/0x6c0
[  219.780410][T11816]  ? flock_lock_inode+0x135/0xf60
[  219.780459][T11816]  ? __list_add_valid_or_report+0x38/0xe0
[  219.780490][T11816]  audit_seccomp+0x48/0x100
[  219.780536][T11816]  ? __seccomp_filter+0x68c/0x10d0
[  219.780558][T11816]  __seccomp_filter+0x69d/0x10d0
[  219.780578][T11816]  ? selinux_file_lock+0x38/0x50
[  219.780643][T11816]  ? fput+0x8f/0xc0
[  219.780663][T11816]  ? __se_sys_flock+0x327/0x3b0
[  219.780697][T11816]  __secure_computing+0x82/0x150
[  219.780734][T11816]  syscall_trace_enter+0xcf/0x1e0
[  219.780762][T11816]  do_syscall_64+0xaa/0x1a0
[  219.780790][T11816]  ? clear_bhb_loop+0x40/0x90
[  219.780811][T11816]  ? clear_bhb_loop+0x40/0x90
[  219.780892][T11816]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  219.780913][T11816] RIP: 0033:0x7f180ab0d37c
[  219.780926][T11816] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  219.780941][T11816] RSP: 002b:00007f1809177030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  219.781003][T11816] RAX: ffffffffffffffda RBX: 00007f180ad35fa0 RCX: 00007f180ab0d37c
[  219.781018][T11816] RDX: 000000000000000f RSI: 00007f18091770a0 RDI: 0000000000000007
[  219.781100][T11816] RBP: 00007f1809177090 R08: 0000000000000000 R09: 0000000000000000
[  219.781110][T11816] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  219.781143][T11816] R13: 0000000000000000 R14: 00007f180ad35fa0 R15: 00007fffa89a5bf8
[  219.781215][T11816]  </TASK>
[  220.026618][T11616] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  220.059921][ T3409] bond0 (unregistering): Released all slaves
[  220.073499][T11772] bridge0: port 1(bridge_slave_0) entered blocking state
[  220.080757][T11772] bridge0: port 1(bridge_slave_0) entered disabled state
[  220.099618][T11772] bridge_slave_0: entered allmulticast mode
[  220.109415][T11772] bridge_slave_0: entered promiscuous mode
[  220.125170][T11772] bridge0: port 2(bridge_slave_1) entered blocking state
[  220.132373][T11772] bridge0: port 2(bridge_slave_1) entered disabled state
[  220.147520][T11821] loop0: detected capacity change from 0 to 1024
[  220.154899][T11772] bridge_slave_1: entered allmulticast mode
[  220.160971][T11821] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  220.170854][T11772] bridge_slave_1: entered promiscuous mode
[  220.177083][T11821] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  220.200499][T11772] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  220.210860][T11821] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e02c, mo2=0000]
[  220.220133][T11821] EXT4-fs error (device loop0): ext4_map_blocks:675: inode #3: block 2: comm syz.0.3020: lblock 2 mapped to illegal pblock 2 (length 1)
[  220.235084][T11821] EXT4-fs (loop0): Remounting filesystem read-only
[  220.244642][T11821] EXT4-fs (loop0): 1 orphan inode deleted
[  220.250787][T11821] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  220.271944][ T3409] team0 (unregistering): Port device hsr_slave_0 removed
[  220.273272][T11821] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  220.357657][T11828] sch_tbf: burst 0 is lower than device lo mtu (65499) !
[  220.366014][T11772] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  220.418979][T11772] team0: Port device team_slave_0 added
[  220.439488][T11772] team0: Port device team_slave_1 added
[  220.458995][T11836] lo: entered promiscuous mode
[  220.463825][T11836] lo: entered allmulticast mode
[  220.492214][T11840] loop0: detected capacity change from 0 to 1024
[  220.502260][T11772] batman_adv: batadv0: Adding interface: batadv_slave_0
[  220.509274][T11772] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  220.535286][T11772] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  220.547915][T11772] batman_adv: batadv0: Adding interface: batadv_slave_1
[  220.554936][T11772] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  220.580958][T11772] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  220.581289][T11840] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  220.604030][T11842] FAULT_INJECTION: forcing a failure.
[  220.604030][T11842] name failslab, interval 1, probability 0, space 0, times 0
[  220.604340][T11840] ext4 filesystem being mounted at /6/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  220.616712][T11842] CPU: 1 UID: 0 PID: 11842 Comm: syz.1.3030 Not tainted 6.15.0-rc7-syzkaller-00002-gb36ddb9210e6 #0 PREEMPT(voluntary) 
[  220.616745][T11842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  220.616761][T11842] Call Trace:
[  220.616767][T11842]  <TASK>
[  220.616776][T11842]  __dump_stack+0x1d/0x30
[  220.616803][T11842]  dump_stack_lvl+0xe8/0x140
[  220.616827][T11842]  dump_stack+0x15/0x1b
[  220.616925][T11842]  should_fail_ex+0x265/0x280
[  220.617041][T11842]  ? device_add+0x88/0x770
[  220.617067][T11842]  should_failslab+0x8c/0xb0
[  220.617129][T11842]  __kmalloc_cache_noprof+0x4c/0x320
[  220.617166][T11842]  device_add+0x88/0x770
[  220.617194][T11842]  netdev_register_kobject+0xe8/0x210
[  220.617235][T11842]  ? register_netdevice+0x916/0xf10
[  220.617258][T11842]  register_netdevice+0x931/0xf10
[  220.617285][T11842]  tun_set_iff+0x5f1/0x890
[  220.617319][T11842]  __tun_chr_ioctl+0x5f0/0x1490
[  220.617390][T11842]  ? __pfx_tun_chr_ioctl+0x10/0x10
[  220.617420][T11842]  tun_chr_ioctl+0x27/0x40
[  220.617447][T11842]  __se_sys_ioctl+0xce/0x140
[  220.617493][T11842]  __x64_sys_ioctl+0x43/0x50
[  220.617519][T11842]  x64_sys_call+0x19a8/0x2fb0
[  220.617655][T11842]  do_syscall_64+0xd0/0x1a0
[  220.617683][T11842]  ? clear_bhb_loop+0x40/0x90
[  220.617726][T11842]  ? clear_bhb_loop+0x40/0x90
[  220.617753][T11842]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.617840][T11842] RIP: 0033:0x7f6b4d66e969
[  220.617859][T11842] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  220.617914][T11842] RSP: 002b:00007f6b4bcd7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  220.617937][T11842] RAX: ffffffffffffffda RBX: 00007f6b4d895fa0 RCX: 00007f6b4d66e969
[  220.617953][T11842] RDX: 0000200000000200 RSI: 00000000400454ca RDI: 0000000000000003
[  220.618009][T11842] RBP: 00007f6b4bcd7090 R08: 0000000000000000 R09: 0000000000000000
[  220.618030][T11842] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  220.618061][T11842] R13: 0000000000000000 R14: 00007f6b4d895fa0 R15: 00007ffcbca1c088
[  220.618088][T11842]  </TASK>
[  220.783750][T11855] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  220.783750][T11855]    program syz.2.3032 not setting count and/or reply_len properly
[  220.790793][T11840] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  220.872279][T11840] EXT4-fs (loop0): Remounting filesystem read-only
[  220.908685][T11772] hsr_slave_0: entered promiscuous mode
[  220.914718][T11772] hsr_slave_1: entered promiscuous mode
[  220.922830][T11772] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  220.930820][T11772] Cannot create hsr debugfs directory
[  220.937418][ T3409] IPVS: stop unused estimator thread 0...
[  220.948996][T11863] vcan0: tx drop: invalid da for name 0x0000000000000002
[  220.965304][T11616] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.004603][T11868] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  221.069119][T11874] bridge_slave_0: left allmulticast mode
[  221.074873][T11874] bridge_slave_0: left promiscuous mode
[  221.080644][T11874] bridge0: port 1(bridge_slave_0) entered disabled state
[  221.091845][T11874] bridge_slave_1: left allmulticast mode
[  221.097577][T11874] bridge_slave_1: left promiscuous mode
[  221.103286][T11874] bridge0: port 2(bridge_slave_1) entered disabled state
[  221.116115][T11874] bond0: (slave bond_slave_0): Releasing backup interface
[  221.130083][T11874] bond0: (slave bond_slave_1): Releasing backup interface
[  221.138020][T11881] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3041'.
[  221.149309][T11874] team0: Port device team_slave_0 removed
[  221.158178][T11874] team0: Port device team_slave_1 removed
[  221.165090][T11874] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  221.172643][T11874] batman_adv: batadv0: Removing interface: batadv_slave_0
[  221.181606][T11874] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  221.189230][T11874] batman_adv: batadv0: Removing interface: batadv_slave_1
[  221.314839][T11888] loop0: detected capacity change from 0 to 512
[  221.330512][T11888] EXT4-fs (loop0): too many log groups per flexible block group
[  221.338363][T11888] EXT4-fs (loop0): failed to initialize mballoc (-12)
[  221.346218][T11888] EXT4-fs (loop0): mount failed
[  221.428081][T11904] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3050'.
[  221.486003][T11772] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  221.496393][T11772] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  221.510129][T11772] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  221.527634][T11772] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  221.593866][T11772] 8021q: adding VLAN 0 to HW filter on device bond0
[  221.625022][T11913] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3052'.
[  221.673854][T11772] 8021q: adding VLAN 0 to HW filter on device team0
[  221.691781][   T41] bridge0: port 1(bridge_slave_0) entered blocking state
[  221.698873][   T41] bridge0: port 1(bridge_slave_0) entered forwarding state
[  221.715724][   T51] bridge0: port 2(bridge_slave_1) entered blocking state
[  221.722798][   T51] bridge0: port 2(bridge_slave_1) entered forwarding state
[  221.843927][T11772] 8021q: adding VLAN 0 to HW filter on device batadv0
[  222.085692][T11772] veth0_vlan: entered promiscuous mode
[  222.100953][T11772] veth1_vlan: entered promiscuous mode
[  222.132136][T11772] veth0_macvtap: entered promiscuous mode
[  222.143928][T11772] veth1_macvtap: entered promiscuous mode
[  222.153694][T11948] x_tables: duplicate underflow at hook 1
[  222.172403][T11772] batman_adv: batadv0: Interface activated: batadv_slave_0
[  222.185647][T11772] batman_adv: batadv0: Interface activated: batadv_slave_1
[  222.198831][    C1] vcan0: j1939_tp_rxtimer: 0xffff88811a567e00: rx timeout, send abort
[  222.204872][T11772] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  222.207063][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88811a567e00: 0x20000: (3) A timeout occurred and this is the connection abort to close the session.
[  222.215761][T11772] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  222.238684][T11772] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  222.247430][T11772] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  222.302631][T11954] siw: device registration error -23
[  222.317507][   T29] kauditd_printk_skb: 2977 callbacks suppressed
[  222.317551][   T29] audit: type=1326 audit(1747804758.974:14155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11958 comm="syz.4.3008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24729fe969 code=0x7ffc0000
[  222.398061][   T29] audit: type=1326 audit(1747804759.014:14156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11958 comm="syz.4.3008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24729fe969 code=0x7ffc0000
[  222.421747][   T29] audit: type=1326 audit(1747804759.014:14157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11958 comm="syz.4.3008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f24729fe969 code=0x7ffc0000
[  222.445348][   T29] audit: type=1326 audit(1747804759.014:14158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11958 comm="syz.4.3008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24729fe969 code=0x7ffc0000
[  222.468923][   T29] audit: type=1326 audit(1747804759.014:14159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11958 comm="syz.4.3008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24729fe969 code=0x7ffc0000
[  222.492502][   T29] audit: type=1326 audit(1747804759.014:14160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11958 comm="syz.4.3008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f24729fe969 code=0x7ffc0000
[  222.516153][   T29] audit: type=1326 audit(1747804759.014:14161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11958 comm="syz.4.3008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24729fe969 code=0x7ffc0000
[  222.539808][   T29] audit: type=1326 audit(1747804759.014:14162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11958 comm="syz.4.3008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24729fe969 code=0x7ffc0000
[  222.563429][   T29] audit: type=1326 audit(1747804759.014:14163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11958 comm="syz.4.3008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f24729fe969 code=0x7ffc0000
[  222.587044][   T29] audit: type=1326 audit(1747804759.014:14164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11958 comm="syz.4.3008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24729fe969 code=0x7ffc0000
[  222.871383][   T51] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.905471][T11971] chnl_net:caif_netlink_parms(): no params data found
[  222.914877][T11978] netlink: 'syz.2.3067': attribute type 10 has an invalid length.
[  222.959588][   T51] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.971663][T11978] team0: Device hsr_slave_0 failed to register rx_handler
[  222.997883][T11989] random: crng reseeded on system resumption
[  223.024600][   T51] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  223.111809][T11995] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  223.124905][T11995] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  223.151088][T11971] bridge0: port 1(bridge_slave_0) entered blocking state
[  223.158166][T11971] bridge0: port 1(bridge_slave_0) entered disabled state
[  223.201868][T11971] bridge_slave_0: entered allmulticast mode
[  223.224097][T11998] loop0: detected capacity change from 0 to 512
[  223.231612][T12007] vcan0: tx drop: invalid da for name 0x0000000000000002
[  223.239474][T11971] bridge_slave_0: entered promiscuous mode
[  223.264968][   T51] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  223.277124][T11971] bridge0: port 2(bridge_slave_1) entered blocking state
[  223.284218][T11971] bridge0: port 2(bridge_slave_1) entered disabled state
[  223.298472][T11998] EXT4-fs (loop0): too many log groups per flexible block group
[  223.301849][T11971] bridge_slave_1: entered allmulticast mode
[  223.306155][T11998] EXT4-fs (loop0): failed to initialize mballoc (-12)
[  223.329712][T11971] bridge_slave_1: entered promiscuous mode
[  223.334557][T11998] EXT4-fs (loop0): mount failed
[  223.520000][   T51] bond0 (unregistering): Released all slaves
[  223.562794][T11971] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  223.579445][   T51] hsr_slave_0: left promiscuous mode
[  223.585774][   T51] hsr_slave_1: left promiscuous mode
[  223.593765][   T51] veth1_macvtap: left promiscuous mode
[  223.600104][   T51] veth0_macvtap: left promiscuous mode
[  223.605798][   T51] veth1_vlan: left promiscuous mode
[  223.611556][   T51] veth0_vlan: left promiscuous mode
[  223.783210][T11971] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  223.925681][T11971] team0: Port device team_slave_0 added
[  223.941374][T11971] team0: Port device team_slave_1 added
[  223.970161][T11971] batman_adv: batadv0: Adding interface: batadv_slave_0
[  223.977229][T11971] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  224.003185][T11971] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  224.035189][T11971] batman_adv: batadv0: Adding interface: batadv_slave_1
[  224.042303][T11971] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  224.068464][T11971] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  224.176614][   T51] IPVS: stop unused estimator thread 0...
[  224.184799][T11971] hsr_slave_0: entered promiscuous mode
[  224.191089][T11971] hsr_slave_1: entered promiscuous mode
[  224.196971][T11971] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  224.205169][T11971] Cannot create hsr debugfs directory
[  224.481574][    C0] vcan0: j1939_tp_rxtimer: 0xffff888117b7a600: rx timeout, send abort
[  224.491486][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888117b7a600: 0x20000: (3) A timeout occurred and this is the connection abort to close the session.
[  224.522486][T12163] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3085'.
[  224.596516][T11971] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  224.606313][T11971] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  224.617033][T11971] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  224.626545][T11971] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  224.666373][T11971] 8021q: adding VLAN 0 to HW filter on device bond0
[  224.681916][T11971] 8021q: adding VLAN 0 to HW filter on device team0
[  224.692080][ T3340] bridge0: port 1(bridge_slave_0) entered blocking state
[  224.699152][ T3340] bridge0: port 1(bridge_slave_0) entered forwarding state
[  224.710630][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  224.717694][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  224.814560][T11971] 8021q: adding VLAN 0 to HW filter on device batadv0
[  224.921774][T11971] veth0_vlan: entered promiscuous mode
[  224.937704][T11971] veth1_vlan: entered promiscuous mode
[  224.959447][T12186] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3091'.
[  224.970080][T11971] veth0_macvtap: entered promiscuous mode
[  224.977562][T11971] veth1_macvtap: entered promiscuous mode
[  224.996299][T11971] batman_adv: batadv0: Interface activated: batadv_slave_0
[  225.007569][T11971] batman_adv: batadv0: Interface activated: batadv_slave_1
[  225.017577][T11971] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  225.026377][T11971] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  225.035199][T11971] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  225.044135][T11971] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  225.054558][T12198] vcan0: tx drop: invalid da for name 0x0000000000000002
[  225.148248][T12210] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  225.172656][T12212] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3094'.
[  225.325553][T12223] ip6erspan0: entered promiscuous mode
[  225.678736][T12231] siw: device registration error -23
[  225.806963][T12243] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3111'.
[  226.304014][    C0] vcan0: j1939_tp_rxtimer: 0xffff88811a5faa00: rx timeout, send abort
[  226.312363][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88811a5faa00: 0x20000: (3) A timeout occurred and this is the connection abort to close the session.
[  226.593287][T12261] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3118'.
[  226.602953][T12261] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  226.610438][T12261] batman_adv: batadv0: Removing interface: batadv_slave_0
[  226.620066][T12261] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  226.627502][T12261] batman_adv: batadv0: Removing interface: batadv_slave_1
[  227.155867][T12272] 9pnet_fd: Insufficient options for proto=fd
[  227.164076][T12272] syz.2.3120: attempt to access beyond end of device
[  227.164076][T12272] md33: rw=2048, sector=0, nr_sectors = 8 limit=0
[  227.584906][T12276] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3122'.
[  227.687454][T12282] x_tables: duplicate underflow at hook 1
[  227.956313][T12300] 9pnet_fd: Insufficient options for proto=fd
[  227.963063][T12300] syz.3.3129: attempt to access beyond end of device
[  227.963063][T12300] md33: rw=2048, sector=0, nr_sectors = 8 limit=0
[  228.024707][   T29] kauditd_printk_skb: 264 callbacks suppressed
[  228.024720][   T29] audit: type=1326 audit(1747804764.684:14429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12302 comm="syz.0.3133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f771d40e969 code=0x7ffc0000
[  228.065938][   T29] audit: type=1326 audit(1747804764.684:14430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12302 comm="syz.0.3133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f771d40e969 code=0x7ffc0000
[  228.089655][   T29] audit: type=1326 audit(1747804764.684:14431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12302 comm="syz.0.3133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=460 compat=0 ip=0x7f771d40e969 code=0x7ffc0000
[  228.113304][   T29] audit: type=1326 audit(1747804764.684:14432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12302 comm="syz.0.3133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f771d40e969 code=0x7ffc0000
[  228.137378][   T29] audit: type=1326 audit(1747804764.684:14433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12302 comm="syz.0.3133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f771d40e969 code=0x7ffc0000
[  228.137405][   T29] audit: type=1326 audit(1747804764.684:14434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12302 comm="syz.0.3133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f771d40e969 code=0x7ffc0000
[  228.184718][   T29] audit: type=1326 audit(1747804764.684:14435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12302 comm="syz.0.3133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f771d40e969 code=0x7ffc0000
[  228.191588][T12305] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3134'.
[  228.208502][   T29] audit: type=1326 audit(1747804764.684:14436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12302 comm="syz.0.3133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f771d40e969 code=0x7ffc0000
[  228.240700][   T29] audit: type=1326 audit(1747804764.684:14437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12302 comm="syz.0.3133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f771d40e969 code=0x7ffc0000
[  228.264342][   T29] audit: type=1326 audit(1747804764.684:14438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12302 comm="syz.0.3133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f771d40e969 code=0x7ffc0000
[  228.331589][T12315] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  228.467039][T12342] x_tables: duplicate underflow at hook 1
[  228.505960][T12354] siw: device registration error -23
[  228.583187][T12366] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3147'.
[  228.644814][T12384] hub 2-0:1.0: USB hub found
[  228.649621][T12384] hub 2-0:1.0: 8 ports detected
[  229.162804][T12473] siw: device registration error -23
[  229.205554][T12475] loop0: detected capacity change from 0 to 512
[  229.219379][T12480] program +}[@ is using a deprecated SCSI ioctl, please convert it to SG_IO
[  229.230731][T12480] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  229.389019][T12475] EXT4-fs (loop0): too many log groups per flexible block group
[  229.396722][T12475] EXT4-fs (loop0): failed to initialize mballoc (-12)
[  229.423186][T12475] EXT4-fs (loop0): mount failed
[  229.560705][T12493] loop0: detected capacity change from 0 to 256
[  229.573448][T12493] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000400)
[  229.581404][T12493] FAT-fs (loop0): Filesystem has been set read-only
[  229.612706][ T3392] IPVS: starting estimator thread 0...
[  229.728431][T12494] IPVS: using max 2112 ests per chain, 105600 per kthread
[  230.322627][T12506] lo: entered promiscuous mode
[  230.327452][T12506] lo: entered allmulticast mode
[  230.481864][T12505] x_tables: duplicate underflow at hook 1
[  230.558172][T12517] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  230.984466][T12527] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3172'.
[  231.014963][T12527] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  231.022513][T12527] batman_adv: batadv0: Removing interface: batadv_slave_0
[  231.132130][T12527] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  231.139598][T12527] batman_adv: batadv0: Removing interface: batadv_slave_1
[  231.290518][T12542] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3175'.
[  231.358690][T12549] program syz.4.3180 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  231.378518][T12549] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  231.455926][T12554] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  231.666738][T12572] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  231.799311][T12574] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3189'.
[  231.817592][T12579] siw: device registration error -23
[  231.848392][T12569] netlink: 'syz.3.3188': attribute type 10 has an invalid length.
[  231.857482][T12569] team0: Device hsr_slave_0 failed to register rx_handler
[  231.948275][T12585] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3193'.
[  231.970315][T12592] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3195'.
[  232.043307][T12606] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3203'.
[  232.071788][T12608] siw: device registration error -23
[  232.115737][T12606] bridge_slave_0: left allmulticast mode
[  232.121521][T12606] bridge_slave_0: left promiscuous mode
[  232.127301][T12606] bridge0: port 1(bridge_slave_0) entered disabled state
[  232.136768][T12606] bridge_slave_1: left allmulticast mode
[  232.142477][T12606] bridge_slave_1: left promiscuous mode
[  232.148205][T12606] bridge0: port 2(bridge_slave_1) entered disabled state
[  232.169303][T12606] bond0: (slave bond_slave_0): Releasing backup interface
[  232.179389][T12606] bond0: (slave bond_slave_1): Releasing backup interface
[  232.192964][T12606] team0: Port device team_slave_0 removed
[  232.203876][T12606] team0: Port device team_slave_1 removed
[  232.271075][T12624] netlink: 'syz.2.3209': attribute type 4 has an invalid length.
[  232.273961][T12615] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3206'.
[  232.429854][T12635] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3208'.
[  232.497986][T12637] 9pnet_fd: Insufficient options for proto=fd
[  232.504653][T12637] syz.0.3213: attempt to access beyond end of device
[  232.504653][T12637] md33: rw=2048, sector=0, nr_sectors = 8 limit=0
[  232.601607][T12630] netlink: 'syz.4.3210': attribute type 10 has an invalid length.
[  232.624270][T12630] team0: Device hsr_slave_0 failed to register rx_handler
[  232.723806][T12642] chnl_net:caif_netlink_parms(): no params data found
[  232.756238][T12660] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3219'.
[  232.863820][T12665] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3218'.
[  232.885958][T12642] bridge0: port 1(bridge_slave_0) entered blocking state
[  232.893295][T12642] bridge0: port 1(bridge_slave_0) entered disabled state
[  232.900551][T12642] bridge_slave_0: entered allmulticast mode
[  232.906886][T12642] bridge_slave_0: entered promiscuous mode
[  232.913654][T12642] bridge0: port 2(bridge_slave_1) entered blocking state
[  232.920973][T12642] bridge0: port 2(bridge_slave_1) entered disabled state
[  232.928413][T12642] bridge_slave_1: entered allmulticast mode
[  232.934958][T12642] bridge_slave_1: entered promiscuous mode
[  232.955345][T12642] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  232.966279][T12642] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  232.989006][T12642] team0: Port device team_slave_0 added
[  232.996168][T12642] team0: Port device team_slave_1 added
[  233.006305][T12672] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3222'.
[  233.022840][T12642] batman_adv: batadv0: Adding interface: batadv_slave_0
[  233.029899][T12642] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  233.055884][T12642] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  233.067469][T12642] batman_adv: batadv0: Adding interface: batadv_slave_1
[  233.074451][T12642] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  233.100542][T12642] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  233.118310][   T41] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.128757][   T29] kauditd_printk_skb: 187 callbacks suppressed
[  233.128809][   T29] audit: type=1400 audit(1747804769.784:14626): avc:  denied  { setopt } for  pid=12675 comm="syz.2.3223" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  233.156073][T12677] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  233.180235][T12642] hsr_slave_0: entered promiscuous mode
[  233.186333][T12642] hsr_slave_1: entered promiscuous mode
[  233.192294][T12642] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  233.199996][   T29] audit: type=1326 audit(1747804769.854:14627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12678 comm="syz.2.3224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70fcd0e969 code=0x7ffc0000
[  233.223640][   T29] audit: type=1326 audit(1747804769.854:14628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12678 comm="syz.2.3224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=460 compat=0 ip=0x7f70fcd0e969 code=0x7ffc0000
[  233.247381][   T29] audit: type=1326 audit(1747804769.854:14629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12678 comm="syz.2.3224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70fcd0e969 code=0x7ffc0000
[  233.271424][   T29] audit: type=1326 audit(1747804769.854:14630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12678 comm="syz.2.3224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f70fcd0e969 code=0x7ffc0000
[  233.271832][T12642] Cannot create hsr debugfs directory
[  233.295122][   T29] audit: type=1326 audit(1747804769.854:14631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12678 comm="syz.2.3224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70fcd0e969 code=0x7ffc0000
[  233.324027][   T29] audit: type=1326 audit(1747804769.854:14632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12678 comm="syz.2.3224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f70fcd0e969 code=0x7ffc0000
[  233.347801][   T29] audit: type=1326 audit(1747804769.854:14633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12678 comm="syz.2.3224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70fcd0e969 code=0x7ffc0000
[  233.371353][   T29] audit: type=1326 audit(1747804769.854:14634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12678 comm="syz.2.3224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f70fcd0e969 code=0x7ffc0000
[  233.394938][   T29] audit: type=1326 audit(1747804769.854:14635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12678 comm="syz.2.3224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70fcd0e969 code=0x7ffc0000
[  233.434759][   T41] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.464403][T12681] x_tables: duplicate underflow at hook 1
[  233.491819][   T41] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.541219][T12689] x_tables: duplicate underflow at hook 1
[  233.550553][   T41] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.574748][T12695] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  233.619663][T12699] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3232'.
[  233.785054][   T41] bond0 (unregistering): Released all slaves
[  233.794320][   T41] bond1 (unregistering): Released all slaves
[  233.840861][   T41] veth1_macvtap: left promiscuous mode
[  233.847368][   T41] veth0_macvtap: left promiscuous mode
[  233.854174][T12709] 9pnet_fd: Insufficient options for proto=fd
[  233.860716][T12709] syz.0.3235: attempt to access beyond end of device
[  233.860716][T12709] md33: rw=2048, sector=0, nr_sectors = 8 limit=0
[  233.862219][   T41] veth1_vlan: left promiscuous mode
[  233.879943][   T41] veth0_vlan: left promiscuous mode
[  233.960098][   T10] infiniband syz1: ib_query_port failed (-19)
[  234.000755][T12714] x_tables: duplicate underflow at hook 1
[  234.104823][T12642] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  234.113752][T12642] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  234.122532][T12642] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  234.131564][T12642] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  234.132133][T12722] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  234.174901][T12642] 8021q: adding VLAN 0 to HW filter on device bond0
[  234.187634][T12642] 8021q: adding VLAN 0 to HW filter on device team0
[  234.197014][   T56] bridge0: port 1(bridge_slave_0) entered blocking state
[  234.197756][T12724] x_tables: duplicate underflow at hook 1
[  234.204085][   T56] bridge0: port 1(bridge_slave_0) entered forwarding state
[  234.215831][   T56] bridge0: port 2(bridge_slave_1) entered blocking state
[  234.224209][   T56] bridge0: port 2(bridge_slave_1) entered forwarding state
[  234.263736][   T41] IPVS: stop unused estimator thread 0...
[  234.312789][T12642] 8021q: adding VLAN 0 to HW filter on device batadv0
[  234.376235][T12642] veth0_vlan: entered promiscuous mode
[  234.384046][T12642] veth1_vlan: entered promiscuous mode
[  234.399020][T12642] veth0_macvtap: entered promiscuous mode
[  234.406171][T12642] veth1_macvtap: entered promiscuous mode
[  234.416417][T12642] batman_adv: batadv0: Interface activated: batadv_slave_0
[  234.427235][T12642] batman_adv: batadv0: Interface activated: batadv_slave_1
[  234.437173][T12642] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  234.445985][T12642] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  234.454995][T12642] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  234.463783][T12642] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  234.650737][T12764] siw: device registration error -23
[  234.677958][T12766] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  234.685505][T12766] batman_adv: batadv0: Removing interface: batadv_slave_0
[  234.693537][T12766] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  234.701081][T12766] batman_adv: batadv0: Removing interface: batadv_slave_1
[  234.729435][T12762] netlink: 'syz.0.3250': attribute type 10 has an invalid length.
[  234.739223][T12762] team0: Device hsr_slave_0 failed to register rx_handler
[  235.448597][T12785] 9pnet_fd: Insufficient options for proto=fd
[  235.455216][T12785] syz.2.3257: attempt to access beyond end of device
[  235.455216][T12785] md33: rw=2048, sector=0, nr_sectors = 8 limit=0
[  237.711103][T12839] netlink: 'syz.4.3282': attribute type 10 has an invalid length.
[  237.752514][T12839] team0: Device hsr_slave_0 failed to register rx_handler
[  238.165965][T12876] __nla_validate_parse: 3 callbacks suppressed
[  238.165985][T12876] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3296'.
[  238.304083][T12866] netlink: 'syz.3.3293': attribute type 10 has an invalid length.
[  238.314178][T12866] team0: Device hsr_slave_0 failed to register rx_handler
[  238.368518][   T29] kauditd_printk_skb: 328 callbacks suppressed
[  238.368530][   T29] audit: type=1326 audit(1747804775.034:14964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12886 comm="syz.2.3300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70fcd0e969 code=0x7ffc0000
[  238.436522][   T29] audit: type=1326 audit(1747804775.064:14965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12886 comm="syz.2.3300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=460 compat=0 ip=0x7f70fcd0e969 code=0x7ffc0000
[  238.460187][   T29] audit: type=1326 audit(1747804775.064:14966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12886 comm="syz.2.3300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70fcd0e969 code=0x7ffc0000
[  238.483833][   T29] audit: type=1326 audit(1747804775.064:14967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12886 comm="syz.2.3300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f70fcd0e969 code=0x7ffc0000
[  238.507574][   T29] audit: type=1326 audit(1747804775.064:14968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12886 comm="syz.2.3300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70fcd0e969 code=0x7ffc0000
[  238.531316][   T29] audit: type=1326 audit(1747804775.064:14969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12886 comm="syz.2.3300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f70fcd0e969 code=0x7ffc0000
[  238.554881][   T29] audit: type=1326 audit(1747804775.064:14970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12886 comm="syz.2.3300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70fcd0e969 code=0x7ffc0000
[  238.578563][   T29] audit: type=1326 audit(1747804775.064:14971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12886 comm="syz.2.3300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f70fcd0e969 code=0x7ffc0000
[  238.602210][   T29] audit: type=1326 audit(1747804775.064:14972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12886 comm="syz.2.3300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70fcd0e969 code=0x7ffc0000
[  238.625903][   T29] audit: type=1326 audit(1747804775.064:14973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12886 comm="syz.2.3300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f70fcd0e969 code=0x7ffc0000
[  238.659054][T12901] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3305'.
[  238.748055][T12909] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3307'.
[  238.817806][T12914] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3309'.
[  238.906437][T12923] siw: device registration error -23
[  239.021590][T12926] 9pnet_fd: Insufficient options for proto=fd
[  239.027946][T12926] syz.3.3310: attempt to access beyond end of device
[  239.027946][T12926] md33: rw=2048, sector=0, nr_sectors = 8 limit=0
[  239.299347][T12927] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3313'.
[  239.516778][T12937] siw: device registration error -23
[  239.701154][T12929] netlink: 'syz.0.3314': attribute type 10 has an invalid length.
[  239.709540][T12929] team0: Device hsr_slave_0 failed to register rx_handler
[  240.040781][T12978] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3328'.
[  240.057942][T12974] 9pnet_fd: Insufficient options for proto=fd
[  240.064997][T12974] syz.2.3332: attempt to access beyond end of device
[  240.064997][T12974] md33: rw=2048, sector=0, nr_sectors = 8 limit=0
[  240.096549][T12983] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3334'.
[  240.288786][T12985] netlink: 'syz.2.3335': attribute type 10 has an invalid length.
[  240.299141][T12985] team0: Device hsr_slave_0 failed to register rx_handler
[  240.594520][T13009] vcan0: tx drop: invalid da for name 0x0000000000000002
[  240.649092][T13009] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  240.686189][T13015] netlink: 224 bytes leftover after parsing attributes in process `syz.1.3346'.
[  240.739560][T13017] FAULT_INJECTION: forcing a failure.
[  240.739560][T13017] name failslab, interval 1, probability 0, space 0, times 0
[  240.752323][T13017] CPU: 0 UID: 0 PID: 13017 Comm: +}[@ Not tainted 6.15.0-rc7-syzkaller-00002-gb36ddb9210e6 #0 PREEMPT(voluntary) 
[  240.752368][T13017] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  240.752382][T13017] Call Trace:
[  240.752389][T13017]  <TASK>
[  240.752397][T13017]  __dump_stack+0x1d/0x30
[  240.752423][T13017]  dump_stack_lvl+0xe8/0x140
[  240.752441][T13017]  dump_stack+0x15/0x1b
[  240.752455][T13017]  should_fail_ex+0x265/0x280
[  240.752496][T13017]  should_failslab+0x8c/0xb0
[  240.752606][T13017]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  240.752630][T13017]  ? shmem_alloc_inode+0x34/0x50
[  240.752665][T13017]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  240.752746][T13017]  shmem_alloc_inode+0x34/0x50
[  240.752771][T13017]  alloc_inode+0x3d/0x170
[  240.752793][T13017]  new_inode+0x1d/0xe0
[  240.752824][T13017]  shmem_get_inode+0x244/0x750
[  240.752934][T13017]  __shmem_file_setup+0x122/0x1f0
[  240.752965][T13017]  shmem_file_setup+0x3b/0x50
[  240.752995][T13017]  __se_sys_memfd_create+0x2c3/0x590
[  240.753156][T13017]  __x64_sys_memfd_create+0x31/0x40
[  240.753178][T13017]  x64_sys_call+0x122f/0x2fb0
[  240.753222][T13017]  do_syscall_64+0xd0/0x1a0
[  240.753250][T13017]  ? clear_bhb_loop+0x40/0x90
[  240.753273][T13017]  ? clear_bhb_loop+0x40/0x90
[  240.753292][T13017]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  240.753312][T13017] RIP: 0033:0x7fa7470ee969
[  240.753328][T13017] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  240.753348][T13017] RSP: 002b:00007fa745756d68 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  240.753372][T13017] RAX: ffffffffffffffda RBX: 000000000000060d RCX: 00007fa7470ee969
[  240.753386][T13017] RDX: 00007fa745756dec RSI: 0000000000000000 RDI: 00007fa747171444
[  240.753400][T13017] RBP: 0000200000002200 R08: 00007fa745756b07 R09: 0000000000000000
[  240.753412][T13017] R10: 000000000000000a R11: 0000000000000202 R12: 0000000000000001
[  240.753423][T13017] R13: 00007fa745756dec R14: 00007fa745756df0 R15: 00007fff1202dd18
[  240.753439][T13017]  </TASK>
[  241.151889][T13030] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3353'.
[  241.219307][T13030] bridge_slave_0: left allmulticast mode
[  241.225006][T13030] bridge_slave_0: left promiscuous mode
[  241.230753][T13030] bridge0: port 1(bridge_slave_0) entered disabled state
[  241.240192][T13030] bridge_slave_1: left allmulticast mode
[  241.245843][T13030] bridge_slave_1: left promiscuous mode
[  241.251627][T13030] bridge0: port 2(bridge_slave_1) entered disabled state
[  241.261974][T13030] bond0: (slave bond_slave_0): Releasing backup interface
[  241.272531][T13030] bond0: (slave bond_slave_1): Releasing backup interface
[  241.285105][T13030] team0: Port device team_slave_0 removed
[  241.294923][T13030] team0: Port device team_slave_1 removed
[  241.315251][T13034] FAULT_INJECTION: forcing a failure.
[  241.315251][T13034] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  241.328398][T13034] CPU: 0 UID: 0 PID: 13034 Comm: syz.0.3355 Not tainted 6.15.0-rc7-syzkaller-00002-gb36ddb9210e6 #0 PREEMPT(voluntary) 
[  241.328488][T13034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  241.328500][T13034] Call Trace:
[  241.328505][T13034]  <TASK>
[  241.328511][T13034]  __dump_stack+0x1d/0x30
[  241.328531][T13034]  dump_stack_lvl+0xe8/0x140
[  241.328548][T13034]  dump_stack+0x15/0x1b
[  241.328633][T13034]  should_fail_ex+0x265/0x280
[  241.328664][T13034]  should_fail+0xb/0x20
[  241.328692][T13034]  should_fail_usercopy+0x1a/0x20
[  241.328710][T13034]  strncpy_from_user+0x25/0x230
[  241.328801][T13034]  __x64_sys_lgetxattr+0xa5/0x140
[  241.328841][T13034]  x64_sys_call+0x1b0e/0x2fb0
[  241.328860][T13034]  do_syscall_64+0xd0/0x1a0
[  241.328972][T13034]  ? clear_bhb_loop+0x40/0x90
[  241.328993][T13034]  ? clear_bhb_loop+0x40/0x90
[  241.329013][T13034]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  241.329112][T13034] RIP: 0033:0x7f771d40e969
[  241.329125][T13034] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  241.329211][T13034] RSP: 002b:00007f771ba77038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c0
[  241.329228][T13034] RAX: ffffffffffffffda RBX: 00007f771d635fa0 RCX: 00007f771d40e969
[  241.329240][T13034] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000200000000000
[  241.329252][T13034] RBP: 00007f771ba77090 R08: 0000000000000000 R09: 0000000000000000
[  241.329263][T13034] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  241.329274][T13034] R13: 0000000000000000 R14: 00007f771d635fa0 R15: 00007fff037d82e8
[  241.329293][T13034]  </TASK>
[  241.499449][T13036] 9pnet_fd: Insufficient options for proto=fd
[  241.505964][T13036] syz.1.3356: attempt to access beyond end of device
[  241.505964][T13036] md33: rw=2048, sector=0, nr_sectors = 8 limit=0
[  241.631120][T13044] x_tables: duplicate underflow at hook 1
[  241.726787][T13057] x_tables: duplicate underflow at hook 1
[  241.760393][T13063] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3366'.
[  241.844437][    C0] vcan0: j1939_tp_rxtimer: 0xffff888119e4bc00: rx timeout, send abort
[  241.852706][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888119e4bc00: 0x20000: (3) A timeout occurred and this is the connection abort to close the session.
[  242.108799][T13086] x_tables: duplicate underflow at hook 1
[  242.627548][T13117] openvswitch: netlink: Message has 6 unknown bytes.
[  242.720045][T13129] 9pnet_fd: Insufficient options for proto=fd
[  242.726918][T13129] syz.2.3395: attempt to access beyond end of device
[  242.726918][T13129] md33: rw=2048, sector=0, nr_sectors = 8 limit=0
[  242.810344][T13136] netlink: 'syz.2.3399': attribute type 1 has an invalid length.
[  242.823758][T13136] SELinux:  Context system_u:object_r:initrc_exec_t:s0 is not valid (left unmapped).
[  242.839604][T13138] siw: device registration error -23
[  242.904229][T13140] block device autoloading is deprecated and will be removed.
[  242.930731][T13140] binfmt_misc: register: failed to install interpreter file ./file0
[  242.940406][T13150] netlink: 'syz.0.3405': attribute type 30 has an invalid length.
[  243.444393][T13211] __nla_validate_parse: 9 callbacks suppressed
[  243.444488][T13211] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3423'.
[  243.451362][   T29] kauditd_printk_skb: 549 callbacks suppressed
[  243.451419][   T29] audit: type=1326 audit(1747804780.114:15523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13208 comm="syz.1.3422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7470ee969 code=0x7ffc0000
[  243.535940][   T29] audit: type=1326 audit(1747804780.164:15524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13208 comm="syz.1.3422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fa7470ee969 code=0x7ffc0000
[  243.559475][   T29] audit: type=1326 audit(1747804780.164:15525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13208 comm="syz.1.3422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7470ee969 code=0x7ffc0000
[  243.583100][   T29] audit: type=1326 audit(1747804780.164:15526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13208 comm="syz.1.3422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=216 compat=0 ip=0x7fa7470ee969 code=0x7ffc0000
[  243.594878][T13213] siw: device registration error -23
[  243.606685][   T29] audit: type=1326 audit(1747804780.174:15527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13208 comm="syz.1.3422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7470ee969 code=0x7ffc0000
[  243.635620][   T29] audit: type=1326 audit(1747804780.174:15528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13208 comm="syz.1.3422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=133 compat=0 ip=0x7fa7470ee969 code=0x7ffc0000
[  243.659228][   T29] audit: type=1326 audit(1747804780.174:15529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13208 comm="syz.1.3422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7470ee969 code=0x7ffc0000
[  243.682976][   T29] audit: type=1326 audit(1747804780.174:15530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13208 comm="syz.1.3422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7fa7470ee969 code=0x7ffc0000
[  243.706529][   T29] audit: type=1326 audit(1747804780.174:15531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13208 comm="syz.1.3422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7470ee969 code=0x7ffc0000
[  243.730318][   T29] audit: type=1326 audit(1747804780.174:15532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13208 comm="syz.1.3422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fa7470ee969 code=0x7ffc0000
[  243.886853][T13231] FAULT_INJECTION: forcing a failure.
[  243.886853][T13231] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  243.900101][T13231] CPU: 1 UID: 0 PID: 13231 Comm: syz.0.3432 Not tainted 6.15.0-rc7-syzkaller-00002-gb36ddb9210e6 #0 PREEMPT(voluntary) 
[  243.900207][T13231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  243.900222][T13231] Call Trace:
[  243.900228][T13231]  <TASK>
[  243.900234][T13231]  __dump_stack+0x1d/0x30
[  243.900253][T13231]  dump_stack_lvl+0xe8/0x140
[  243.900321][T13231]  dump_stack+0x15/0x1b
[  243.900339][T13231]  should_fail_ex+0x265/0x280
[  243.900401][T13231]  should_fail+0xb/0x20
[  243.900463][T13231]  should_fail_usercopy+0x1a/0x20
[  243.900483][T13231]  _copy_to_user+0x20/0xa0
[  243.900507][T13231]  simple_read_from_buffer+0xb5/0x130
[  243.900533][T13231]  proc_fail_nth_read+0x100/0x140
[  243.900612][T13231]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  243.900638][T13231]  vfs_read+0x1a0/0x6f0
[  243.900664][T13231]  ? __rcu_read_unlock+0x4f/0x70
[  243.900711][T13231]  ? __fget_files+0x184/0x1c0
[  243.900808][T13231]  ksys_read+0xda/0x1a0
[  243.900840][T13231]  __x64_sys_read+0x40/0x50
[  243.900869][T13231]  x64_sys_call+0x2d77/0x2fb0
[  243.900893][T13231]  do_syscall_64+0xd0/0x1a0
[  243.900940][T13231]  ? clear_bhb_loop+0x40/0x90
[  243.900964][T13231]  ? clear_bhb_loop+0x40/0x90
[  243.900988][T13231]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  243.901012][T13231] RIP: 0033:0x7f771d40d37c
[  243.901029][T13231] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  243.901050][T13231] RSP: 002b:00007f771ba77030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  243.901131][T13231] RAX: ffffffffffffffda RBX: 00007f771d635fa0 RCX: 00007f771d40d37c
[  243.901178][T13231] RDX: 000000000000000f RSI: 00007f771ba770a0 RDI: 0000000000000008
[  243.901190][T13231] RBP: 00007f771ba77090 R08: 0000000000000000 R09: 0000000000000000
[  243.901204][T13231] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  243.901218][T13231] R13: 0000000000000000 R14: 00007f771d635fa0 R15: 00007fff037d82e8
[  243.901238][T13231]  </TASK>
[  244.143431][T13237] x_tables: duplicate underflow at hook 1
[  244.317659][T13271] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3446'.
[  244.327042][T13274] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3448'.
[  244.385177][T13277] FAULT_INJECTION: forcing a failure.
[  244.385177][T13277] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  244.398446][T13277] CPU: 1 UID: 0 PID: 13277 Comm: wÞ£ÿ Not tainted 6.15.0-rc7-syzkaller-00002-gb36ddb9210e6 #0 PREEMPT(voluntary) 
[  244.398503][T13277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  244.398514][T13277] Call Trace:
[  244.398519][T13277]  <TASK>
[  244.398524][T13277]  __dump_stack+0x1d/0x30
[  244.398612][T13277]  dump_stack_lvl+0xe8/0x140
[  244.398635][T13277]  dump_stack+0x15/0x1b
[  244.398652][T13277]  should_fail_ex+0x265/0x280
[  244.398695][T13277]  should_fail+0xb/0x20
[  244.398746][T13277]  should_fail_usercopy+0x1a/0x20
[  244.398765][T13277]  _copy_from_user+0x1c/0xb0
[  244.398841][T13277]  sock_do_ioctl+0xe6/0x220
[  244.398866][T13277]  sock_ioctl+0x41b/0x610
[  244.398887][T13277]  ? __pfx_sock_ioctl+0x10/0x10
[  244.398989][T13277]  __se_sys_ioctl+0xce/0x140
[  244.399009][T13277]  __x64_sys_ioctl+0x43/0x50
[  244.399028][T13277]  x64_sys_call+0x19a8/0x2fb0
[  244.399118][T13277]  do_syscall_64+0xd0/0x1a0
[  244.399146][T13277]  ? clear_bhb_loop+0x40/0x90
[  244.399170][T13277]  ? clear_bhb_loop+0x40/0x90
[  244.399195][T13277]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.399292][T13277] RIP: 0033:0x7f771d40e969
[  244.399309][T13277] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  244.399329][T13277] RSP: 002b:00007f771ba77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  244.399347][T13277] RAX: ffffffffffffffda RBX: 00007f771d635fa0 RCX: 00007f771d40e969
[  244.399358][T13277] RDX: 00002000000000c0 RSI: 0000000000008914 RDI: 0000000000000004
[  244.399372][T13277] RBP: 00007f771ba77090 R08: 0000000000000000 R09: 0000000000000000
[  244.399430][T13277] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  244.399442][T13277] R13: 0000000000000000 R14: 00007f771d635fa0 R15: 00007fff037d82e8
[  244.399464][T13277]  </TASK>
[  244.400788][T13271] bridge_slave_0: left allmulticast mode
[  244.589556][T13271] bridge_slave_0: left promiscuous mode
[  244.595185][T13271] bridge0: port 1(bridge_slave_0) entered disabled state
[  244.606793][T13271] bridge_slave_1: left allmulticast mode
[  244.612667][T13271] bridge_slave_1: left promiscuous mode
[  244.618451][T13271] bridge0: port 2(bridge_slave_1) entered disabled state
[  244.630406][T13271] bond0: (slave bond_slave_0): Releasing backup interface
[  244.641211][T13271] bond0: (slave bond_slave_1): Releasing backup interface
[  244.655001][T13271] team0: Port device team_slave_0 removed
[  244.665336][T13271] team0: Port device team_slave_1 removed
[  244.714655][T13289] FAULT_INJECTION: forcing a failure.
[  244.714655][T13289] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  244.727805][T13289] CPU: 0 UID: 0 PID: 13289 Comm: syz.3.3454 Not tainted 6.15.0-rc7-syzkaller-00002-gb36ddb9210e6 #0 PREEMPT(voluntary) 
[  244.727910][T13289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  244.727949][T13289] Call Trace:
[  244.727955][T13289]  <TASK>
[  244.727963][T13289]  __dump_stack+0x1d/0x30
[  244.727985][T13289]  dump_stack_lvl+0xe8/0x140
[  244.728007][T13289]  dump_stack+0x15/0x1b
[  244.728101][T13289]  should_fail_ex+0x265/0x280
[  244.728131][T13289]  should_fail+0xb/0x20
[  244.728166][T13289]  should_fail_usercopy+0x1a/0x20
[  244.728190][T13289]  strncpy_from_user+0x25/0x230
[  244.728221][T13289]  ? kmem_cache_alloc_noprof+0x186/0x310
[  244.728247][T13289]  ? getname_flags+0x80/0x3b0
[  244.728288][T13289]  getname_flags+0xae/0x3b0
[  244.728325][T13289]  __se_sys_move_mount+0x16d/0x440
[  244.728410][T13289]  __x64_sys_move_mount+0x67/0x80
[  244.728443][T13289]  x64_sys_call+0x1f00/0x2fb0
[  244.728467][T13289]  do_syscall_64+0xd0/0x1a0
[  244.728495][T13289]  ? clear_bhb_loop+0x40/0x90
[  244.728550][T13289]  ? clear_bhb_loop+0x40/0x90
[  244.728574][T13289]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.728639][T13289] RIP: 0033:0x7fae4a73e969
[  244.728655][T13289] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  244.728674][T13289] RSP: 002b:00007fae48da7038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ad
[  244.728694][T13289] RAX: ffffffffffffffda RBX: 00007fae4a965fa0 RCX: 00007fae4a73e969
[  244.728708][T13289] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: ffffffffffffffff
[  244.728722][T13289] RBP: 00007fae48da7090 R08: 0000000000000012 R09: 0000000000000000
[  244.728736][T13289] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  244.728809][T13289] R13: 0000000000000001 R14: 00007fae4a965fa0 R15: 00007ffd4ad32ab8
[  244.728831][T13289]  </TASK>
[  245.009252][T13301] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3460'.
[  245.049373][T13310] x_tables: duplicate underflow at hook 1
[  245.188900][T13320] FAULT_INJECTION: forcing a failure.
[  245.188900][T13320] name failslab, interval 1, probability 0, space 0, times 0
[  245.201582][T13320] CPU: 0 UID: 0 PID: 13320 Comm: syz.4.3467 Not tainted 6.15.0-rc7-syzkaller-00002-gb36ddb9210e6 #0 PREEMPT(voluntary) 
[  245.201693][T13320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  245.201707][T13320] Call Trace:
[  245.201714][T13320]  <TASK>
[  245.201721][T13320]  __dump_stack+0x1d/0x30
[  245.201739][T13320]  dump_stack_lvl+0xe8/0x140
[  245.201756][T13320]  dump_stack+0x15/0x1b
[  245.201774][T13320]  should_fail_ex+0x265/0x280
[  245.201864][T13320]  ? do_proc_control+0x1d6/0x8b0
[  245.201910][T13320]  should_failslab+0x8c/0xb0
[  245.201945][T13320]  __kmalloc_cache_noprof+0x4c/0x320
[  245.201990][T13320]  do_proc_control+0x1d6/0x8b0
[  245.202094][T13320]  ? should_fail_ex+0xdb/0x280
[  245.202194][T13320]  proc_control+0x71/0xa0
[  245.202219][T13320]  usbdev_ioctl+0x948/0x1710
[  245.202262][T13320]  ? __pfx_usbdev_ioctl+0x10/0x10
[  245.202358][T13320]  __se_sys_ioctl+0xce/0x140
[  245.202384][T13320]  __x64_sys_ioctl+0x43/0x50
[  245.202437][T13320]  x64_sys_call+0x19a8/0x2fb0
[  245.202463][T13320]  do_syscall_64+0xd0/0x1a0
[  245.202491][T13320]  ? clear_bhb_loop+0x40/0x90
[  245.202515][T13320]  ? clear_bhb_loop+0x40/0x90
[  245.202567][T13320]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.202590][T13320] RIP: 0033:0x7f24729fe969
[  245.202607][T13320] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  245.202628][T13320] RSP: 002b:00007f2471067038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  245.202649][T13320] RAX: ffffffffffffffda RBX: 00007f2472c25fa0 RCX: 00007f24729fe969
[  245.202714][T13320] RDX: 0000200000000040 RSI: 00000000c0185500 RDI: 0000000000000004
[  245.202729][T13320] RBP: 00007f2471067090 R08: 0000000000000000 R09: 0000000000000000
[  245.202745][T13320] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  245.202760][T13320] R13: 0000000000000000 R14: 00007f2472c25fa0 R15: 00007ffd1d1676c8
[  245.202783][T13320]  </TASK>
[  245.462758][T13332] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  245.480380][T13335] 9pnet_fd: Insufficient options for proto=fd
[  245.486788][T13335] syz.1.3462: attempt to access beyond end of device
[  245.486788][T13335] md33: rw=2048, sector=0, nr_sectors = 8 limit=0
[  247.195416][T13416] netlink: 68 bytes leftover after parsing attributes in process `syz.4.3507'.
[  247.548629][T13452] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3523'.
[  247.612039][T13460] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3526'.
[  248.513428][   T29] kauditd_printk_skb: 490 callbacks suppressed
[  248.513520][   T29] audit: type=1326 audit(1747804785.144:16023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13486 comm="syz.1.3534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7470ee969 code=0x7ffc0000
[  248.543521][   T29] audit: type=1326 audit(1747804785.144:16024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13486 comm="syz.1.3534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7470ee969 code=0x7ffc0000
[  248.567154][   T29] audit: type=1326 audit(1747804785.144:16025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13486 comm="syz.1.3534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fa7470ee969 code=0x7ffc0000
[  248.590661][   T29] audit: type=1326 audit(1747804785.154:16026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13486 comm="syz.1.3534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7470ee969 code=0x7ffc0000
[  248.614951][   T29] audit: type=1326 audit(1747804785.154:16027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13486 comm="syz.1.3534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7470ee969 code=0x7ffc0000
[  248.638948][   T29] audit: type=1326 audit(1747804785.154:16028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13486 comm="syz.1.3534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=216 compat=0 ip=0x7fa7470ee969 code=0x7ffc0000
[  248.662599][   T29] audit: type=1326 audit(1747804785.154:16029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13486 comm="syz.1.3534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7470ee969 code=0x7ffc0000
[  248.686353][   T29] audit: type=1326 audit(1747804785.154:16030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13486 comm="syz.1.3534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=133 compat=0 ip=0x7fa7470ee969 code=0x7ffc0000
[  248.710044][   T29] audit: type=1326 audit(1747804785.154:16031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13486 comm="syz.1.3534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7470ee969 code=0x7ffc0000
[  248.733602][   T29] audit: type=1326 audit(1747804785.154:16032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13486 comm="syz.1.3534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7470ee969 code=0x7ffc0000
[  249.151904][T13510] netlink: 'syz.4.3544': attribute type 10 has an invalid length.
[  249.162291][T13510] team0: Device hsr_slave_0 failed to register rx_handler
[  249.170207][T13523] workqueue: Failed to create a rescuer kthread for wq "nfc3_nci_cmd_wq": -EINTR
[  250.001102][T13560] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3560'.
[  250.059048][T13566] openvswitch: netlink: Message has 6 unknown bytes.
[  250.459281][T13597] vcan0: tx drop: invalid da for name 0x0000000000000002
[  250.467620][T13597] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  250.829097][T13602] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3574'.
[  251.617638][T13626] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3583'.
[  251.659551][T13630] x_tables: duplicate underflow at hook 1
[  251.688056][T13639] siw: device registration error -23
[  251.709235][    C1] vcan0: j1939_tp_rxtimer: 0xffff88811a4ab200: rx timeout, send abort
[  251.717489][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88811a4ab200: 0x20000: (3) A timeout occurred and this is the connection abort to close the session.
[  252.003647][T13658] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3598'.
[  252.013840][T13663] x_tables: duplicate underflow at hook 1
[  252.309653][T13689] 9pnet_fd: Insufficient options for proto=fd
[  252.316796][T13689] syz.0.3604: attempt to access beyond end of device
[  252.316796][T13689] md33: rw=2048, sector=0, nr_sectors = 8 limit=0
[  252.718103][T13699] x_tables: duplicate underflow at hook 1
[  252.773970][T13701] x_tables: duplicate underflow at hook 1
[  253.161807][T13714] netlink: 'syz.2.3618': attribute type 10 has an invalid length.
[  253.208590][T13714] team0: Device hsr_slave_0 failed to register rx_handler
[  253.268461][T13740] x_tables: duplicate underflow at hook 1
[  253.362386][T13750] netlink: 'syz.3.3634': attribute type 30 has an invalid length.
[  253.400532][T13755] netlink: 'syz.4.3636': attribute type 30 has an invalid length.
[  253.753982][T13778] loop0: detected capacity change from 0 to 2048
[  253.840425][T13778]  loop0: unable to read partition table
[  253.846150][T13778] loop0: partition table beyond EOD, truncated
[  253.852367][T13778] loop_reread_partitions: partition scan of loop0 () failed (rc=-5)
[  253.888307][T13778] x_tables: duplicate underflow at hook 1
[  254.060696][T13786] FAULT_INJECTION: forcing a failure.
[  254.060696][T13786] name failslab, interval 1, probability 0, space 0, times 0
[  254.073359][T13786] CPU: 1 UID: 0 PID: 13786 Comm: syz.0.3646 Not tainted 6.15.0-rc7-syzkaller-00002-gb36ddb9210e6 #0 PREEMPT(voluntary) 
[  254.073391][T13786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  254.073403][T13786] Call Trace:
[  254.073410][T13786]  <TASK>
[  254.073419][T13786]  __dump_stack+0x1d/0x30
[  254.073439][T13786]  dump_stack_lvl+0xe8/0x140
[  254.073480][T13786]  dump_stack+0x15/0x1b
[  254.073500][T13786]  should_fail_ex+0x265/0x280
[  254.073534][T13786]  should_failslab+0x8c/0xb0
[  254.073561][T13786]  kmem_cache_alloc_node_noprof+0x57/0x320
[  254.073657][T13786]  ? __alloc_skb+0x101/0x320
[  254.073716][T13786]  __alloc_skb+0x101/0x320
[  254.073814][T13786]  tipc_msg_build+0xbe/0x840
[  254.073863][T13786]  ? avc_has_perm_noaudit+0x1b1/0x200
[  254.073898][T13786]  __tipc_sendstream+0x668/0xb30
[  254.073932][T13786]  ? __pfx_woken_wake_function+0x10/0x10
[  254.073963][T13786]  tipc_sendstream+0x3e/0x60
[  254.074012][T13786]  ? __pfx_tipc_sendstream+0x10/0x10
[  254.074046][T13786]  __sock_sendmsg+0x145/0x180
[  254.074138][T13786]  ____sys_sendmsg+0x31e/0x4e0
[  254.074161][T13786]  ___sys_sendmsg+0x17b/0x1d0
[  254.074193][T13786]  __x64_sys_sendmsg+0xd4/0x160
[  254.074240][T13786]  x64_sys_call+0x2999/0x2fb0
[  254.074308][T13786]  do_syscall_64+0xd0/0x1a0
[  254.074333][T13786]  ? clear_bhb_loop+0x40/0x90
[  254.074379][T13786]  ? clear_bhb_loop+0x40/0x90
[  254.074432][T13786]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.074453][T13786] RIP: 0033:0x7f771d40e969
[  254.074466][T13786] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  254.074542][T13786] RSP: 002b:00007f771ba56038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  254.074563][T13786] RAX: ffffffffffffffda RBX: 00007f771d636080 RCX: 00007f771d40e969
[  254.074577][T13786] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000004
[  254.074588][T13786] RBP: 00007f771ba56090 R08: 0000000000000000 R09: 0000000000000000
[  254.074602][T13786] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  254.074616][T13786] R13: 0000000000000001 R14: 00007f771d636080 R15: 00007fff037d82e8
[  254.074638][T13786]  </TASK>
[  254.797042][T13822] netlink: 'syz.2.3658': attribute type 30 has an invalid length.
[  254.816367][   T29] kauditd_printk_skb: 536 callbacks suppressed
[  254.816398][   T29] audit: type=1326 audit(1747804791.474:16569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13829 comm="syz.1.3659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7470ee969 code=0x7ffc0000
[  254.876834][   T29] audit: type=1326 audit(1747804791.514:16570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13829 comm="syz.1.3659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa7470ee969 code=0x7ffc0000
[  254.900446][   T29] audit: type=1326 audit(1747804791.514:16571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13829 comm="syz.1.3659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7470ee969 code=0x7ffc0000
[  254.924109][   T29] audit: type=1326 audit(1747804791.514:16572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13829 comm="syz.1.3659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7470ee969 code=0x7ffc0000
[  254.948106][   T29] audit: type=1326 audit(1747804791.514:16573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13829 comm="syz.1.3659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa7470ee969 code=0x7ffc0000
[  254.971736][   T29] audit: type=1326 audit(1747804791.514:16574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13829 comm="syz.1.3659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7470ee969 code=0x7ffc0000
[  254.995382][   T29] audit: type=1326 audit(1747804791.514:16575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13829 comm="syz.1.3659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7470ee969 code=0x7ffc0000
[  255.019457][   T29] audit: type=1326 audit(1747804791.514:16576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13829 comm="syz.1.3659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa7470ee969 code=0x7ffc0000
[  255.043421][   T29] audit: type=1326 audit(1747804791.514:16577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13829 comm="syz.1.3659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7470ee969 code=0x7ffc0000
[  255.066795][T13837] x_tables: duplicate underflow at hook 1
[  255.067111][   T29] audit: type=1326 audit(1747804791.514:16578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13829 comm="syz.1.3659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7470ee969 code=0x7ffc0000
[  255.115368][T13842] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3668'.
[  255.619042][T13860] netlink: 'syz.1.3674': attribute type 10 has an invalid length.
[  255.632239][T13860] team0: Device hsr_slave_0 failed to register rx_handler
[  255.815104][T13866] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3677'.
[  256.171630][T13891] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3689'.
[  256.346271][T13897] siw: device registration error -23
[  256.700228][T13893] netlink: 'syz.2.3690': attribute type 10 has an invalid length.
[  256.712463][T13893] team0: Device hsr_slave_0 failed to register rx_handler
[  256.754902][T13919] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3699'.
[  256.881176][T13929] netlink: 108 bytes leftover after parsing attributes in process `syz.2.3704'.
[  256.890338][T13929] netlink: 108 bytes leftover after parsing attributes in process `syz.2.3704'.
[  256.899498][T13929] netlink: 108 bytes leftover after parsing attributes in process `syz.2.3704'.
[  257.064267][T13941] vcan0: tx drop: invalid da for name 0x0000000000000002
[  257.072314][T13941] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  257.072509][T13938] x_tables: duplicate underflow at hook 1
[  257.192917][T13953] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3713'.
[  257.339802][T13964] FAULT_INJECTION: forcing a failure.
[  257.339802][T13964] name failslab, interval 1, probability 0, space 0, times 0
[  257.352555][T13964] CPU: 1 UID: 0 PID: 13964 Comm: syz.2.3718 Not tainted 6.15.0-rc7-syzkaller-00002-gb36ddb9210e6 #0 PREEMPT(voluntary) 
[  257.352579][T13964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  257.352590][T13964] Call Trace:
[  257.352595][T13964]  <TASK>
[  257.352601][T13964]  __dump_stack+0x1d/0x30
[  257.352621][T13964]  dump_stack_lvl+0xe8/0x140
[  257.352707][T13964]  dump_stack+0x15/0x1b
[  257.352731][T13964]  should_fail_ex+0x265/0x280
[  257.352760][T13964]  should_failslab+0x8c/0xb0
[  257.352819][T13964]  kmem_cache_alloc_node_noprof+0x57/0x320
[  257.352845][T13964]  ? __alloc_skb+0x101/0x320
[  257.352880][T13964]  __alloc_skb+0x101/0x320
[  257.352914][T13964]  netlink_alloc_large_skb+0xba/0xf0
[  257.352979][T13964]  netlink_sendmsg+0x3cf/0x6b0
[  257.353004][T13964]  ? __pfx_netlink_sendmsg+0x10/0x10
[  257.353023][T13964]  __sock_sendmsg+0x145/0x180
[  257.353096][T13964]  ____sys_sendmsg+0x31e/0x4e0
[  257.353116][T13964]  ___sys_sendmsg+0x17b/0x1d0
[  257.353147][T13964]  __x64_sys_sendmsg+0xd4/0x160
[  257.353232][T13964]  x64_sys_call+0x2999/0x2fb0
[  257.353334][T13964]  do_syscall_64+0xd0/0x1a0
[  257.353359][T13964]  ? clear_bhb_loop+0x40/0x90
[  257.353408][T13964]  ? clear_bhb_loop+0x40/0x90
[  257.353428][T13964]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  257.353446][T13964] RIP: 0033:0x7f70fcd0e969
[  257.353506][T13964] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  257.353559][T13964] RSP: 002b:00007f70fb377038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  257.353654][T13964] RAX: ffffffffffffffda RBX: 00007f70fcf35fa0 RCX: 00007f70fcd0e969
[  257.353669][T13964] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000007
[  257.353682][T13964] RBP: 00007f70fb377090 R08: 0000000000000000 R09: 0000000000000000
[  257.353692][T13964] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  257.353702][T13964] R13: 0000000000000000 R14: 00007f70fcf35fa0 R15: 00007fffd60625e8
[  257.353719][T13964]  </TASK>
[  257.586461][T13969] FAULT_INJECTION: forcing a failure.
[  257.586461][T13969] name failslab, interval 1, probability 0, space 0, times 0
[  257.599177][T13969] CPU: 0 UID: 0 PID: 13969 Comm: syz.1.3720 Not tainted 6.15.0-rc7-syzkaller-00002-gb36ddb9210e6 #0 PREEMPT(voluntary) 
[  257.599222][T13969] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  257.599253][T13969] Call Trace:
[  257.599260][T13969]  <TASK>
[  257.599268][T13969]  __dump_stack+0x1d/0x30
[  257.599307][T13969]  dump_stack_lvl+0xe8/0x140
[  257.599327][T13969]  dump_stack+0x15/0x1b
[  257.599418][T13969]  should_fail_ex+0x265/0x280
[  257.599452][T13969]  should_failslab+0x8c/0xb0
[  257.599561][T13969]  kmem_cache_alloc_node_noprof+0x57/0x320
[  257.599586][T13969]  ? __alloc_skb+0x101/0x320
[  257.599615][T13969]  __alloc_skb+0x101/0x320
[  257.599699][T13969]  netlink_alloc_large_skb+0xba/0xf0
[  257.599731][T13969]  netlink_sendmsg+0x3cf/0x6b0
[  257.599794][T13969]  ? __pfx_netlink_sendmsg+0x10/0x10
[  257.599818][T13969]  __sock_sendmsg+0x145/0x180
[  257.599850][T13969]  ____sys_sendmsg+0x31e/0x4e0
[  257.599877][T13969]  ___sys_sendmsg+0x17b/0x1d0
[  257.599993][T13969]  __x64_sys_sendmsg+0xd4/0x160
[  257.600054][T13969]  x64_sys_call+0x2999/0x2fb0
[  257.600072][T13969]  do_syscall_64+0xd0/0x1a0
[  257.600093][T13969]  ? clear_bhb_loop+0x40/0x90
[  257.600111][T13969]  ? clear_bhb_loop+0x40/0x90
[  257.600136][T13969]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  257.600188][T13969] RIP: 0033:0x7fa7470ee969
[  257.600201][T13969] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  257.600217][T13969] RSP: 002b:00007fa745757038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  257.600239][T13969] RAX: ffffffffffffffda RBX: 00007fa747315fa0 RCX: 00007fa7470ee969
[  257.600254][T13969] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000005
[  257.600269][T13969] RBP: 00007fa745757090 R08: 0000000000000000 R09: 0000000000000000
[  257.600290][T13969] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  257.600302][T13969] R13: 0000000000000000 R14: 00007fa747315fa0 R15: 00007fff1202dd18
[  257.600317][T13969]  </TASK>
[  257.957263][T13979] x_tables: duplicate underflow at hook 1
[  258.196968][T14000] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3731'.
[  258.288309][T14002] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  258.294879][T14002] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  258.302488][T14002] vhci_hcd vhci_hcd.0: Device attached
[  258.314183][    C1] vcan0: j1939_tp_rxtimer: 0xffff888143769400: rx timeout, send abort
[  258.322451][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888143769400: 0x20000: (3) A timeout occurred and this is the connection abort to close the session.
[  258.358044][T14010] FAULT_INJECTION: forcing a failure.
[  258.358044][T14010] name failslab, interval 1, probability 0, space 0, times 0
[  258.370733][T14010] CPU: 1 UID: 0 PID: 14010 Comm: syz.0.3735 Not tainted 6.15.0-rc7-syzkaller-00002-gb36ddb9210e6 #0 PREEMPT(voluntary) 
[  258.370759][T14010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  258.370770][T14010] Call Trace:
[  258.370776][T14010]  <TASK>
[  258.370784][T14010]  __dump_stack+0x1d/0x30
[  258.370808][T14010]  dump_stack_lvl+0xe8/0x140
[  258.370883][T14010]  dump_stack+0x15/0x1b
[  258.370903][T14010]  should_fail_ex+0x265/0x280
[  258.370944][T14010]  should_failslab+0x8c/0xb0
[  258.371054][T14010]  __kmalloc_noprof+0xa5/0x3e0
[  258.371084][T14010]  ? io_cache_alloc_new+0x2a/0xb0
[  258.371114][T14010]  io_cache_alloc_new+0x2a/0xb0
[  258.371142][T14010]  __io_prep_rw+0xcf/0x5e0
[  258.371248][T14010]  io_prep_rwv+0x33/0x230
[  258.371278][T14010]  io_prep_readv+0x1f/0x30
[  258.371388][T14010]  io_submit_sqes+0x5ce/0x1000
[  258.371464][T14010]  __se_sys_io_uring_enter+0x1c1/0x1b70
[  258.371509][T14010]  ? __rcu_read_unlock+0x4f/0x70
[  258.371529][T14010]  ? get_pid_task+0x96/0xd0
[  258.371599][T14010]  ? proc_fail_nth_write+0x12d/0x160
[  258.371631][T14010]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  258.371663][T14010]  ? vfs_write+0x75e/0x8d0
[  258.371694][T14010]  ? __rcu_read_unlock+0x4f/0x70
[  258.371847][T14010]  ? __fget_files+0x184/0x1c0
[  258.371883][T14010]  ? fput+0x8f/0xc0
[  258.371906][T14010]  __x64_sys_io_uring_enter+0x78/0x90
[  258.372085][T14010]  x64_sys_call+0x28c8/0x2fb0
[  258.372112][T14010]  do_syscall_64+0xd0/0x1a0
[  258.372141][T14010]  ? clear_bhb_loop+0x40/0x90
[  258.372230][T14010]  ? clear_bhb_loop+0x40/0x90
[  258.372255][T14010]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  258.372274][T14010] RIP: 0033:0x7f771d40e969
[  258.372287][T14010] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  258.372304][T14010] RSP: 002b:00007f771ba77038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  258.372326][T14010] RAX: ffffffffffffffda RBX: 00007f771d635fa0 RCX: 00007f771d40e969
[  258.372340][T14010] RDX: 0000000000000072 RSI: 0000000000000567 RDI: 0000000000000003
[  258.372397][T14010] RBP: 00007f771ba77090 R08: 0000000000000000 R09: 0000000000000000
[  258.372408][T14010] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  258.372419][T14010] R13: 0000000000000000 R14: 00007f771d635fa0 R15: 00007fff037d82e8
[  258.372501][T14010]  </TASK>
[  258.379301][T14003] vhci_hcd: connection closed
[  258.612459][T14015] netlink: 'syz.3.3737': attribute type 11 has an invalid length.
[  258.612935][ T3340] vhci_hcd: stop threads
[  258.617290][T14015] netlink: 448 bytes leftover after parsing attributes in process `syz.3.3737'.
[  258.624978][ T3340] vhci_hcd: release socket
[  258.624993][ T3340] vhci_hcd: disconnect device
[  258.707888][ T1039] vhci_hcd: vhci_device speed not set
[  258.711591][T14019] x_tables: duplicate underflow at hook 1
[  259.048531][T14045] veth1_to_bond: entered promiscuous mode
[  259.073994][T14045] veth1_to_bond (unregistering): left promiscuous mode
[  259.127680][T14035] netlink: 'syz.0.3745': attribute type 10 has an invalid length.
[  259.136199][T14035] team0: Device hsr_slave_0 failed to register rx_handler
[  259.260360][T14068] netlink: 'syz.2.3756': attribute type 4 has an invalid length.
[  259.413702][T14073] loop0: detected capacity change from 0 to 512
[  259.438554][T14073] EXT4-fs (loop0): too many log groups per flexible block group
[  259.446291][T14073] EXT4-fs (loop0): failed to initialize mballoc (-12)
[  259.453367][T14073] EXT4-fs (loop0): mount failed
[  259.656056][T14103] x_tables: duplicate underflow at hook 1
[  259.719032][T14087] netlink: 'syz.0.3766': attribute type 10 has an invalid length.
[  259.729930][T14087] team0: Device hsr_slave_0 failed to register rx_handler
[  259.760421][T14112] x_tables: duplicate underflow at hook 1
[  259.797931][   T36] IPVS: starting estimator thread 0...
[  259.822694][T14123] loop0: detected capacity change from 0 to 512
[  259.829545][T14123] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  259.850678][T14123] EXT4-fs (loop0): 1 truncate cleaned up
[  259.856709][T14123] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  259.918795][T14121] IPVS: using max 2784 ests per chain, 139200 per kthread
[  260.003360][   T29] kauditd_printk_skb: 310 callbacks suppressed
[  260.003375][   T29] audit: type=1400 audit(1747804796.664:16889): avc:  denied  { map } for  pid=14122 comm="syz.0.3778" path="pipe:[39567]" dev="pipefs" ino=39567 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  260.038392][T14123] ==================================================================
[  260.046492][T14123] BUG: KCSAN: data-race in mem_cgroup_flush_stats_ratelimited / tick_do_update_jiffies64
[  260.056324][T14123] 
[  260.058641][T14123] read-write to 0xffffffff868099c0 of 8 bytes by interrupt on cpu 1:
[  260.066699][T14123]  tick_do_update_jiffies64+0x113/0x1c0
[  260.072244][T14123]  tick_nohz_handler+0x7f/0x2d0
[  260.077092][T14123]  __hrtimer_run_queues+0x20c/0x5a0
[  260.082287][T14123]  hrtimer_interrupt+0x21a/0x460
[  260.087219][T14123]  __sysvec_apic_timer_interrupt+0x5c/0x1d0
[  260.093112][T14123]  sysvec_apic_timer_interrupt+0x6f/0x80
[  260.098743][T14123]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  260.104718][T14123]  __tsan_read8+0xe/0x190
[  260.109046][T14123]  unmap_page_range+0xd0e/0x27b0
[  260.113985][T14123]  unmap_single_vma+0x138/0x1d0
[  260.118841][T14123]  unmap_vmas+0x18a/0x2b0
[  260.123166][T14123]  exit_mmap+0x1b0/0x6c0
[  260.127410][T14123]  __mmput+0x28/0x1c0
[  260.131398][T14123]  mmput+0x40/0x50
[  260.135133][T14123]  exit_mm+0xe4/0x190
[  260.139142][T14123]  do_exit+0x55f/0x17c0
[  260.143300][T14123]  do_group_exit+0x139/0x140
[  260.147898][T14123]  __x64_sys_exit_group+0x1f/0x20
[  260.152934][T14123]  x64_sys_call+0x2fa4/0x2fb0
[  260.157607][T14123]  do_syscall_64+0xd0/0x1a0
[  260.162112][T14123]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  260.168001][T14123] 
[  260.170316][T14123] read to 0xffffffff868099c0 of 8 bytes by task 14123 on cpu 0:
[  260.177937][T14123]  mem_cgroup_flush_stats_ratelimited+0x29/0x70
[  260.184192][T14123]  count_shadow_nodes+0x6a/0x230
[  260.189132][T14123]  do_shrink_slab+0x60/0x680
[  260.193722][T14123]  shrink_slab+0x448/0x760
[  260.198133][T14123]  shrink_node+0x6c3/0x2110
[  260.202634][T14123]  do_try_to_free_pages+0x3f6/0xcd0
[  260.207843][T14123]  try_to_free_mem_cgroup_pages+0x1ab/0x410
[  260.213745][T14123]  try_charge_memcg+0x3ab/0x870
[  260.218595][T14123]  obj_cgroup_charge_pages+0xb7/0x1a0
[  260.223962][T14123]  __memcg_kmem_charge_page+0x9f/0x170
[  260.229419][T14123]  __alloc_frozen_pages_noprof+0x188/0x360
[  260.235235][T14123]  alloc_pages_mpol+0xb3/0x250
[  260.240005][T14123]  alloc_pages_noprof+0x90/0x130
[  260.244938][T14123]  __vmalloc_node_range_noprof+0x6a4/0xdf0
[  260.250744][T14123]  __kvmalloc_node_noprof+0x2f3/0x4d0
[  260.256120][T14123]  ip_set_alloc+0x1f/0x30
[  260.260459][T14123]  hash_netiface_create+0x282/0x740
[  260.265665][T14123]  ip_set_create+0x3c9/0x960
[  260.270267][T14123]  nfnetlink_rcv_msg+0x4c6/0x590
[  260.275207][T14123]  netlink_rcv_skb+0x123/0x220
[  260.279989][T14123]  nfnetlink_rcv+0x16b/0x1690
[  260.284668][T14123]  netlink_unicast+0x5a1/0x670
[  260.289439][T14123]  netlink_sendmsg+0x58b/0x6b0
[  260.294201][T14123]  __sock_sendmsg+0x145/0x180
[  260.298879][T14123]  ____sys_sendmsg+0x31e/0x4e0
[  260.303637][T14123]  ___sys_sendmsg+0x17b/0x1d0
[  260.308313][T14123]  __x64_sys_sendmsg+0xd4/0x160
[  260.313156][T14123]  x64_sys_call+0x2999/0x2fb0
[  260.317827][T14123]  do_syscall_64+0xd0/0x1a0
[  260.322328][T14123]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  260.328214][T14123] 
[  260.330533][T14123] value changed: 0x00000000fffff037 -> 0x00000000fffff038
[  260.337826][T14123] 
[  260.340137][T14123] Reported by Kernel Concurrency Sanitizer on:
[  260.346283][T14123] CPU: 0 UID: 0 PID: 14123 Comm: syz.0.3778 Not tainted 6.15.0-rc7-syzkaller-00002-gb36ddb9210e6 #0 PREEMPT(voluntary) 
[  260.358795][T14123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  260.368845][T14123] ==================================================================
[  260.741932][T11616] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.