last executing test programs:

1.006944314s ago: executing program 4 (id=3694):
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000540)=@generic={&(0x7f0000000500)='./file0\x00', 0x0, 0xe931452ac579b4ef}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
r0 = socket$key(0xf, 0x3, 0x2)
dup3(r0, 0xffffffffffffffff, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x101102)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r1, 0xc08c5334, &(0x7f0000000140)={0x0, 0x0, 0x0, 'queue1\x00'})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{}, 0x0, &(0x7f0000000040)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='block_bio_remap\x00', r2}, 0x10)
quotactl$Q_SYNC(0xffffffff80000100, 0x0, 0x0, 0x0)
fsetxattr(r3, &(0x7f0000000300)=@known='user.incfs.metadata\x00', &(0x7f0000000400)='block_bio_remap\x00', 0x10, 0x0)

994.901554ms ago: executing program 2 (id=3696):
openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000180), 0x2000, 0x0)

971.137634ms ago: executing program 2 (id=3698):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_GET_CTRZERO(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="20000000020701030000000000000000070000030c0007"], 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
timer_create(0xfffffffd, 0x0, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f00000002c0), 0x0)
clock_gettime(0x0, &(0x7f0000000000)={<r2=>0x0, <r3=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{}, {r2, r3+60000000}}, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f00000004c0)=ANY=[@ANYBLOB="1201000052e8e510b1134200c4dc0102030109021200010000000009044400002eafb200d001910372fb2fb56780c6f38510edd2fddacc1a35eb99c321980275588ff196d23d8e0313633e3988854a271ebeec334ab64d0f7691f7dfa1a439be6cbb4c8083af06d096f4550be6f4b08a978a3742fb81a1c065cf5667a468a275790ed9ad95235eead962f6ba33fd04a37178f6228649f351628f6ee415721660a3a504d3c3e039ba159c79487799a0278956c87c323c1ebe183e"], 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000280)='ns\x00')
readlinkat(r4, &(0x7f0000000040)='./cgroup\x00', &(0x7f00000013c0)=""/4126, 0x101e)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000600), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r6, 0xc08c5332, &(0x7f00000001c0)={0x1000000, 0x200101, 0x0, 'queue1\x00', 0xffffffff})
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0xff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
syz_io_uring_setup(0x112, &(0x7f0000000680)={0x0, 0xcfb6, 0x10, 0x5, 0xfffffff9}, &(0x7f0000000000)=<r7=>0x0, &(0x7f0000000440)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f00000002c0)=0x9, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f0000000180)=@IORING_OP_STATX={0x15, 0xa, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000001740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x7ff, 0x6000})
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000020000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000001100000850000008600000095"], &(0x7f00000001c0)='GPL\x00', 0xfffffffe, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r9}, 0x10)
execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1000)

953.856584ms ago: executing program 4 (id=3700):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_WIPHY(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000380)={0x14, r3, 0x301, 0x70bd2a, 0x20000000, {{}, {@val={0x8, 0x7, 0x2}, @val={0x8}, @val={0xc, 0x99, {0xfffffffe, 0x31}}}}}, 0x30}, 0x1, 0x0, 0x0, 0x48045}, 0x20004000)

910.600394ms ago: executing program 4 (id=3703):
kexec_load(0x0, 0x2, &(0x7f00000010c0)=[{&(0x7f0000000000)="7f187887a30c6c7068da2031236bbc6b0cf7e1c55e321caa5a7ef399bff219452c3f0d7cf5812e7dd9157f193bf780a3148b1559c0c553c28f7e3796e584865b49cc93715c7684d2bf42ef8cce0ace04ad14609621150e2919eb468811005d506668c26aa4a4f5dcc5039d7b554f94ebce4f8c44e63cde428941eb995ff7726de9bdd5d17b9ece3ae63a5a7c9eba5eef6d9c95cac7a660409dfca6bd2ce97a95c6c7ae55b8af7c446e4ea57cc7dd207d8b656c", 0xb3, 0x8, 0x80000006}, {&(0x7f00000000c0)="504b4c23e56d69c900123ae96974f710ce8ae4cb964699f823ad37655871dc118d0cc03ad7111931c548d525db02386abd64f900e24072ae76879212e655e0f2d9df1f2cd1026d6f617d53c36e9eeba1e8bef876b2a8dc2dea7df216d2465667e7613585752d5ae99139e834e9a9bcf1c9f450cea7c805ab94b143e6a42f942c971c3dd4b880d42551ab00fb86e171642aae03790a423c39d1fb2bfa02df5667619c09efe906472daae3a88a4cc098b0fecef69eb6aeed4d4dac285615288d8d961171f72a09dd28ecd44ddb3f6144aef17d7f041f4b6030281730c699cb89bd965e68cf38e0006b69c0f163230ee325be545ab58ec1ab94436299e230e2a5207a87f8a643b3f0fe47a27968a39980e0a701fe3deb9c344490ac417c7d385075493e1e6069666e027cf82acfddcf2ff3c6203c822bcb7fba2fdf2dab7e014f230e32382a304156dc4bab3f1310839078ea14567299a2b5572b0e63b73dcab9acb825350a2ec20ef1d53ed5bef4a236b8e33fb5eb48463c54630711ce1e20d9ff86f7a6dafce198a7afe64fe72c48020f3772cc045602ecd1ee2c3f2e350a3f5a17a9c67c01ae4ea9aa39d54c2b254a12d36d94eab5473863d704619b240cb3b1f52a0d031bac2f1cca27c2a76f501f0d31ab9c8651ebce31ea7b53857125e6cb0a3b4913757bc1e502e759205368d557c14473c86559f60f9582ab38eb340e417525bd1c203266a0700866375e8631390c48d785eb2af0cf40d1e365010391f24e91bed40f673a027f77e79cf81cf3ae65b6dbb42b300ccf431af4d18c0ab9aa888de8ead7e47afbff9d2dd32845df70a19a97a413cec536bdd3cb4d3a57a7e0c337373cdf026bb56a65f8cc2c35db88369cf0cc51c7bb329f0da42d30d1b3c3c4a37a8cfd6177029d382cedd1568a97647ff8881b6e900e2e41f9353c0d3bdbee579f9d06c3724e4f41f0aecd21ac281810207924dddb38269c4fa893828d327308f309181031ca9cc0394b45e1fe7da645f9b4cc2057c3cd0d0e66d7047cb7296e7f550726101fddeb77da67e38910790eb55455b1b493e02ee25c00a9d036f4ca345ccfad86a0f23d0df8f983e50c0f6bc374ca0d7fb44d985f7b60eb13c84a7e40028ec953dca48eac23c746b2826fce95dd1f6f976219af3d806782d98a0dcd8513952c9c768f357e17df702f78ffe24276ac8278be5e98805eb6cd6659f89941db5804cc0dd8373b6fe6ba384ee2c27422d81347fc62abe276057caa24c655fd5a32c0ca372ac9dd81fd60c47ae40026a5587c1ca6e1cae4abee217a99c99ca929ca714bdbba6e5509b9cd8526f044ca383fbc1b9e5cb2f82e7886cd644d4d1a4f3b33cfb177fb5b444ac93a717229f33b4f556495d1ae8f576b1fe084744c20f59664c707aa1df53bafda13b42af573d658f3f7fe4c1c19ade4a63ea1ba408ab702a45b5fccb67b0e824abba3a489b4e9a407105ea553d93205ad35db371c6fdf20fa2a49dc0f40cfcb80f84473e70591ed5dfb3d57f7131e48ae12bcbeb9e10a59e1559a4a73d091e83dda9ace8096eb6c8b3b31f93b6d694ceeb1a49dbcff62a91223e9c7c5cfdee4e70773a2cf1e2c0548d30ddebc9c3d7377ad86e0a19784891216c6734947db92f92a10daa10a288b3f8f0d521e9b698cb60b4c07cdebfd89d2781b430e9e0cf1ce921b336041bdf78fa808ae86bc8f6060ae495d2780a93bab728504557f2464530e03013e196b17f7656ebe1c298c15fe8dfe14ecb6f19dc75702cefe9b61aef6b745046dd53c632773f649a3533248eab6020cc9937a9acb4146403dcae7ce90cf56b1dbb9af94dedd81fc1c5e0e900f7d2fab9792cdfad5d2ad1fde9f1f13032adc2130d13cff77bef757ea7518d4483722b3f23d0cb8fe7dd828cfd17a02d2bf8cca740e37bc0d7435c92cd0d03ab873cf6502dc6598f22c2d6f073467ed32fbc0106131ca7028c6708226402fcaf8b052f1e2d2acf65825779b8bdf648425fa1d54757fb6f321753075b1c9af5d6c8337dd60b49f5527b51e42d0367bdabb2e0b2f4a4498800291d6b3c46d54da57288ab5743c99c1c49d813fe9f6a24a98af900cd24a59bd82a7d431e6cb85a10f78d558ff984c2be12e8f389b9d26ecda7872ff3a910e6db96d38ccb3a98a83298f81e1ae969fadaf022e649fac0cffce10a647d601d236b5699df9396c436d9bf51da4cc2bf5e2648f547d5760a9d8ca80ef589fd3e2225f6ba35cae360a3ef3889f28412667a0c77f68144c2524f3e8fd611726c995ffb0fcc9f5427cb62140747acc552b11db176c41ec443a521bf65b175819eb806da951d18148393914220d33dc7f4051c49b71a380c3f60cafc33c2339f674bf0af1967d6fafaa281296e2b9d7357fd89849bcbfa44642b2ec370751b7744b212b9059ae5ab039836a8b60ccc82eadedaaa3eb589b83a2513ce1cbca5ad4a141e294d27b3ddc27691af81f8f32a356d46cd4481a1e79c15d7ecb1f52776228248bbaef81aed3052addf827803feb381ae0e5d4b1476abf9a581545c2e2236b8e2f56b7b1b4202e0d6cae176ecec87f3c7da93b6ef2785ed0977c9ff75bbe3742ec48d24e70a6e476a765c995dc0e9070a9796139a2f710e501f6388d0dfe7e8a8f14bdc90b677e6e0faaea092aaaa0636140f63d07c0294a46f19726558604c0efb899695d4b52cb61982507afeae7e6563f5770b020674c3d3ffe2e63adbb40c98392c88df6dbca55e7e5f01677022dbd87cabf4c402aacfbd222ad2de56d3ce60c7e85ec74167d6a60066c5394dae41357bdc9b68e1726b5654c702df9f81e1571146d7fdcb26d49ec33bcad2c81979a070c6d061d40ab8f15157305b1594af5e104becce7281eca0102fcb32c027d4c40d93251e54fdfe50c0356cb8383b81d72bc8875b4bf9af2809ffa371ebc2c53ccd7f79baac379a51c3e234018213dbf257d6c54befeffdf0f52f8f6f40a63231bd80be90ecdd15120d7c9d06d1cfd2a17b22eec4c81930e90771a3ba39e2c3991432268b8737e3c205131df2c7dd719cbdef077730397e63c0e3cf2817ce7247f0d16c0bef42b95e2887ea682cd0945c2e3b31ee62aa640c6df27708a155c0748eca715b31bcfb25248fd17df0c01ddba50bf01c8f64ced704cef0259f64853534d6bc927c63273c6785e863f15478e64293f11efc72c49c29828ef6d4abdb98714953076e96230860f6db322eb8b8930847b1db146534171cfeca9848af193b1a1a8040f991556d152ba71ff4d2d0da5ef33e28b68b96b45d8cb8479702e5c08ca580b1805fb7cbe4bf9cfd85f9fc1254815d3c214de71c4ac71c696ec8d1107409ce5161c7ccbfe61c95a1e18961e139c86dfef38aac978a017b40888fde3fec8f999ace6daa85453593ea632cd82f143f74297c5e02c548e1ff95f69fb805439d169d5449b14853369fa29c3692ff7cd7ebda4359c905f78648c37f37682a6fb85aa2ecc2c9c7953ec25ee14a471c512f70f94212a7a9d5c73a8b7436e42d4f8587f2b133d3d8496a2760619e601ecbcabb61cf228ca98cd27496d256b87e5d5d95f793c056c47f1fcd6abad13404c50a28b0c403f49157725e4b54fa91254f0d1bc485d4225641efcd216c070fe12368e1c1b8c04755c3da54e4be36185cb6fa6c1fab21d1eb7b605c47d97869f71764934be854fe7b07af8265070faa6cd934f32146da3f48738b12220e0e26f16c50c830e35e67ecdfb15f65d9b64d7f745ee6b2ecf1eb6cdce6c9b38c1a56f9f873ead5846d95a484e8a77fad3859a59e8dea206106bfd6b77ce381b9c2820fec18e8f67d523aa667d295d058de7840802b78c8a7686bc682848d2a9351e8e34d4e8d22cc2dabc14948e90c31a4d36b4e87ab083125e4bcbce3b9f258f5c3921c46fcb83c3f9794bc08823f2ee3e650e037d69ab47880a531674aa16766a2d6a98f3c08a1f7ccb4b6f6186eb08b55c2cf46555a6dcf39192128e05f1b72d636314f299b3944bb271532056c95f14c34c7d00b6e24d00caedbbc4e5649271c6ae0a80958926fbdfb7e0a6730f3a510db406a6c01e20b6d6f61d2e1b12dbfa2b2b49b0007967ae14c374e136ac12739311beca1b1d248bb8d0886d14438aa80ac72b2879d3e73b638f9853e50c661eae3af79256b353c397a5421e63d79a94aae26ebca0b6e48230a9dc3e6525a8ae30609aa7a4ace4a0220c30d847769babfa218fe2a6c5353ffe5d7fdd515ba7181d562e6e94b8066a2e106dd235c2919d3e79ac2a1176633fb2d9ebc89b08200fb172f32d45101ed77facb5bbb2e65b1e35328dc0229e48d7e882b7a3ab9d8df91129f043228cb6bcf51e3894509a90797b6e2403f977d15691ee05ba46485ffa015bbb941dadf0d2d04914c9276faf600080f7341ca90b1898981504310ad01a569b8769f9d18e9343d1b3b75121227a9e5d5692b3005d6acb4d1c02e36bbbed4e1bfc06f85ebb8c1332c046f8f71d1185caa0dbe6a82299e8f576d7b8f7a41074796ded222bf105f319945dd07d92069024842c50dc033a73129e686ed4d140623d31a1d00d5ad909685aff5f450718c4f66c1eb6d992626e1d212635e2da72a33f0ffb1076e3eb0ccdca1b15130116b8a494dcc6db9260b37d9be5cd08482bf626574f3122e161aa2aa824e33731400e720083941a33c93dfcd513c040cde02638e9194b9824054010cb8a4de0bb1b2ee611c26fe56773d18aadc9586be8c62e63e9d4860cd61c226029a5e0d5a4991bc5cb8717e1a76a1d91d137bc15ad146f04fd60e06332156baf0cbf1ba775fd84ef8f48f4194e5adeb2323aa359d77fa792c3ac398ff4effddedb21f49b981f50630d96b98da96dfe6653160f570be05d02ca56be34a8ed87a3b95c3b4b696bbe7efa02764927d0bdd3bf086c0bcfa0ba97cb444a7192d9319040ba7a49cefc6cacee311a37bc6e9c7d4a90ac71b89b2a83c0883cda644a33f68a3569c08be53ace6789cff7b1477aa521af277c32af50b036eb8f199e2a06f59bfebc679df20e65e2f80616a4110a87680d498ce661a1a81aa52f79bb55d56ed51d895cebc802b51a90df80d82362c0ee1ce5f4f9d8725c54a67b755096833e5ce28ce9082640da8efb4aea4c88f60e28c4ae01e4560b0ef3109736b82617d34c841e1834e347fcc41fff283b1a982353b85da9a187277432b2d4aad64478174783d533d352eecb96bd230ae585dd0299216a53959a7a0cf72b44aa5f79b612307a85bfb80c615537e700c94c41859da8eb660b65c00646e8f4d405dc6aa1718b11298f866dfe10297e45a8db5e264d93242536371d1869b2e78fd5c4cfa15cc44287c9823e66ca5ea7315e734d40aace432d0ed1005ea7bb8ab5c0fda4600f03f22db982c2d3d4dc86c79354123ca55d0ad28ea800303f07b30560efae7a6587c75351a5ab570ec7d07ec1db2973f6940b0064cf8f0712b12a06c26ce5f12cdb042fe60ab17d06381b820dd603141e2429ebd414ff4d9729bf1d2c4bf6b39e320bfcdf42f2c90c92872bcbfff622ede60dc4ecf85a1b311610b7242e7c2b63ada09819c4cf6e3937a1973c1ea7ce26e09feebdfa01b5d7a01ccafa2708e507a87af60fedb15f46930e0ceb147d0b884aed9033d428105eb5174b32deb8f1925cc392dc09eaaf958edd0d225fbb1dd4ab2e6b000e2d00c1bc620e3997d83d016f87bfbe55888025ff6b743943c236f573d39a93aae04130211cdbda4bfbf0fa060a8e96798f7f58a932d3dc91ba7820176f", 0x1000, 0x0, 0x3}], 0x0)

854.857343ms ago: executing program 4 (id=3705):
r0 = socket$kcm(0xa, 0x2, 0x3a)
recvmsg$kcm(r0, &(0x7f0000001f80)={0x0, 0x0, 0x0}, 0x40000100)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
sendmsg$kcm(r0, &(0x7f0000000440)={&(0x7f0000000800)=@in6={0xa, 0x0, 0x0, @mcast2, 0x1a}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000780)="80005b02", 0x4}], 0x1, 0x0, 0x0, 0x900}, 0x0)

696.301923ms ago: executing program 3 (id=3716):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
bind$inet(r1, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r1, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000000040)="d6", 0x1}], 0x1, 0x0)
timer_create(0xfffffffffffffffc, 0x0, &(0x7f0000001400)=<r2=>0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
timer_settime(r2, 0x0, &(0x7f00000005c0)={{}, {0x0, 0x989680}}, &(0x7f0000000600))
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x14}, 0x0)
r3 = socket(0x15, 0x5, 0x0)
getsockopt(r3, 0x200000000114, 0x271e, 0x0, &(0x7f0000000100))
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFC_CMD_GET_TARGET(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000040)={0x14, 0x0, 0x4, 0x70bd26}, 0x14}, 0x1, 0x0, 0x0, 0x861}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000001c0)='sched_switch\x00', r5}, 0x10)
syz_genetlink_get_family_id$nfc(&(0x7f0000000140), r4)
r6 = syz_io_uring_setup(0x83f, &(0x7f00000000c0)={0x0, 0xb96f, 0x400, 0x3, 0x8002ae}, &(0x7f0000000140)=<r7=>0x0, &(0x7f0000000280)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x109880})
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000001400000000000000ff000000850000000e000000850000000700000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r9}, 0x10)
io_uring_enter(r6, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000f7850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x1da05, &(0x7f00000004c0)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x8}}, {@data_err_abort}, {@oldalloc}, {@errors_remount}, {@abort}, {@sysvgroups}, {@barrier}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x5}}, {@nodioread_nolock}, {@dax_never}], [{@fowner_lt}]}, 0x1, 0x618, &(0x7f0000000640)="$eJzs3c9rHG0dAPDvzCYxed9oWpFii2LAQwvS/KjFqqe2F3soWLAHEQ8NTVJDN21oUrC1YAoeFBREvIr04j/gXYpXbyKoN89CFYl4UOnKzM60a3Y32ebN7mwznw/M9plnZvd5vjv7dJ5nNs9OALU1nz2kEWcj4k4SMdexbTbaG+eL/fb+8exutiTRan3j70kkRV65/+vi3w+zhyRiOiJ+fz3ik43ucrefPL2/0my1fT9icWdza3H7ydOLG5sr99burT1YvvTly1eWvrJ8eflY4izjunHz65/5yQ++86X1PzQvJnE1bk9+bzX2xXFc5mM+XhchduZPRMSVLNHjfXnflCEkFdeDo2kUn8fJiDgTc9HI19rmYuPHlVYOGKpWI6IF1FSi/UNNlf2Acmw/jHHwOHt1rT0A6o5/on1tJKbzsdEHe0nHyKg93j11DOVnZfz32blfZEv0uQ4xcQzl9LP7PCI+3Sv+JK/bqfwqThZ/GmnH87L0UkRMFe/FYOP/ya6c+X3ro/78vUv8ncchi/9q8W+Wf/2I5VcdPwD19PJacSLfzdbenv+ynmHZ/4ke/Z/ZHueuo6j6/Ne//1ee76fza+Tpvn5Y1t+51fsluzo5f/nRjZ/1K7+z/5ctWfllX3AUXj2POLcv/h/mHb3kzfFPehz/bJc7A5bxtT/+7Ua/bVXH33oRcb7n+OdtjzZLLe5sbpV5+76fXFzfaK4ttR97lvGb3337V/3Krzr+7PhHn/HfQcc/y9sasIxf33qx2W/b7KHxp3+dSm7nqaki57srOzuPliOmkpvFLh35lw6uS7lP+RpZ/Bc+37v994q/KCo/0Lv/9270t/XN+3v99hv4+HcPnTKvWweHe6gs/tU+n//Djv9PByzjX996/Nl9WTNl4qD4Z7pfKtl95wgBAAAAAACgPtL8O9gkXXiTTtOFhfYc3k/FB2nz4fbOF9YfPn6wGnEh/3vIybT8pnuuvZ5k68vF38OW65f2rX8xIk5HxM8bM/n6wt2HzdWqgwcAAAAAAAAAAAAAAAAAAIAx8WEx/7+8T/U/G+35/wPZOTPk2gFDN8wbzAHjTfuH+srbf1p1LYAqOP9DfWn/UF/aP9SX9g/1pf1DfWn/UF/aP9SX9g8AAAAAJ9Lpz738cxIRu1+dyZfMVLFtstKaAcP27m18fij1AEavMdKnAePkzVf/pv9D7QzU//938eOAw68OUIGkV2beOWgd3Phf9nwmAAAAAAAAAAAAADAE58+a/w91lcZvq64CUJHuifxn9wac6Oc3AOA956f/ob4+0hjfBQI4EQ6bxT/db4P5/wAAAAAAAAAAAAAwMrP5kqQLxS1AZyNNFxYiPh4Rp2IyWd9ori1FxCci4k+NyY9l68tVVxoAAAAAAAAAAAAAAAAAAABOmO0nT++vNJtrjzoT/+nKOdmJ8i6o41KfzkQkoy90JiLGIfbhJCY6cpKI3ezIj0XFHm3HWFQjzatR8X9MAAAAAAAAAAAAAAAAAABQQx1zj3s798sR1wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAARu/t/f+PnkgOeZ2qYwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k//CwAA//9vNjw9")
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
sendmsg$NFT_MSG_GETRULE(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000700)=ANY=[@ANYBLOB="20000000070a01889a000000000000000100000a0900010073797a3000000000"], 0x20}, 0x1, 0x0, 0x0, 0x400c0}, 0x10)

554.549112ms ago: executing program 0 (id=3721):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="01000000060000000800000009"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0}, &(0x7f0000000400), &(0x7f0000000340)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x4801})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x8200, 0x0)
close(r3)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000500))
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000400)={'syzkaller0\x00', @broadcast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r4, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'})

424.502372ms ago: executing program 0 (id=3722):
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000580)=@o_path={&(0x7f00000004c0)='./file0\x00'}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
r0 = socket$key(0xf, 0x3, 0x2)
dup3(r0, 0xffffffffffffffff, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x101102)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r1, 0xc08c5334, &(0x7f0000000140)={0x0, 0x0, 0x0, 'queue1\x00'})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{}, 0x0, &(0x7f0000000040)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='block_bio_remap\x00', r2}, 0x10)
quotactl$Q_SYNC(0xffffffff80000100, 0x0, 0x0, 0x0)
fsetxattr(r3, &(0x7f0000000300)=@known='user.incfs.metadata\x00', &(0x7f0000000400)='block_bio_remap\x00', 0x10, 0x0)

373.384401ms ago: executing program 0 (id=3723):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)
r0 = syz_io_uring_setup(0x24f1, &(0x7f0000000080)={0x0, 0x89aa, 0x10100, 0x0, 0xe6}, &(0x7f0000000300), &(0x7f0000000380))
io_uring_enter(r0, 0x31fa, 0x9cd9, 0x0, 0x0, 0x0)
io_uring_enter(r0, 0x0, 0x400000, 0x1, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000001ffffeb00000000eb658e0d850000007b000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mmap(&(0x7f0000004000/0x400000)=nil, 0x400000, 0x0, 0x11, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCSMASK(r1, 0x40104593, &(0x7f0000000000)={0x0, 0x0, 0x0})
r2 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r2, &(0x7f0000000040)="e2", 0x2250)

349.940402ms ago: executing program 2 (id=3724):
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000040)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)
ioctl$PPPIOCGCHAN(r0, 0x80047437, &(0x7f0000001f00))
setsockopt$inet_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x0, 0x2a, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=@framed={{}, [@ringbuf_output]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000440)='kmem_cache_free\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x7}, 0x18)
connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast2}, 0x4, 0x0, 0x3}}, 0x2e)
syz_emit_ethernet(0x83, &(0x7f0000000140)=ANY=[@ANYBLOB="99177fa54f29ece65b5c8d9b86dd600008000000000000000000000000000000bbfe8000000000000000000000000000aa00000e22004d9078028300000000000030b00afe4e708c64e24d4701a217c5b9d78b5d0ee11ea3a2a166d302c4240102f7093ba14fda73bec6944608c4e64e49915bc94d0d42276a29b09e6d360000000000"], 0x0)

349.477001ms ago: executing program 3 (id=3725):
r0 = socket(0x18, 0x0, 0x0)
connect$pppoe(r0, &(0x7f0000000080)={0x18, 0x0, {0x5, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, 'sit0\x00'}}, 0x1e)
r1 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r1, &(0x7f0000000080)={0x18, 0x0, {0xc, @broadcast, 'veth1_to_team\x00'}}, 0x1e)
close(0x3)
syz_io_uring_complete(0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="24000000000000002900000032000000fc0100"/31, @ANYBLOB="00000000710f0000497bbc340117d6af3dd2210da678d2e2bab893d4e9605c22008278"], 0x28}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b40)={&(0x7f0000000600)='kfree\x00'}, 0x10)
r3 = socket(0x10, 0x3, 0x0)
sendto$inet6(r3, &(0x7f0000000000)="78fe000018002507b9409b14ffff00000204be04020506050e0204094300080004000000040010000d0068d0bf46d32345653600648d0a0012000200000049935ade4a460c89b6ec0cff3959547f509058ba86c902000000004a32000400160005000a0000000000e000e218d1ddf66ed538f25232500000", 0x78, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
r4 = creat(&(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1f5)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmmsg$unix(r6, &(0x7f0000004cc0)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000380)="a1", 0x1}], 0x1, &(0x7f0000000a40)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r5, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32=r6], 0x30, 0x40400d1}}], 0x1, 0x10)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e0000000400000008"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r9}, 0x18)
splice(r5, 0x0, r7, 0x0, 0x400000, 0x0)
sync_file_range(r4, 0x8, 0x0, 0x3)
socket$inet6_udp(0xa, 0x2, 0x0)

349.150561ms ago: executing program 2 (id=3726):
r0 = socket$unix(0x1, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r1}, &(0x7f0000000040), &(0x7f0000000280)='%pS    \x00'}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x6c, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='kfree\x00', r2}, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'ipvlan0\x00', <r3=>0x0})
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000580)=ANY=[@ANYBLOB="3c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b0001006d616373656300000400038008000500", @ANYRES32=r3], 0x3c}}, 0x0)

317.696801ms ago: executing program 0 (id=3727):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="5800000010000104000020000000000000000000", @ANYRES32=0x0, @ANYBLOB="2b12020000000000280012800b00010067656e657665000018000280060005004e20000004000600050008"], 0x58}}, 0x0) (async)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000047b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000007b00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
r2 = timerfd_create(0x0, 0x0) (async)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x25, &(0x7f0000000040)=0x61d2, 0x4) (async)
bind$inet(r3, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) (async)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x0, @rand_addr=0x64010102}, 0x10) (async)
setsockopt$SO_TIMESTAMP(r1, 0x1, 0x3f, &(0x7f0000000080)=0x3ff, 0x4) (async)
sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0x0) (async)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x200000, &(0x7f0000000180), 0xfc, 0x57c, &(0x7f00000013c0)="$eJzs3U1rG9caAOB3xnbifNxrB0K4t4tiyKIpaaTY7kcKXaTL0oYG2n0qbMUEy1Gw5BC7gSaLZtNNCYVSGijtvvsuQ/9Af0WgDYQSTLvoxmXkkaPEki078kei54Gxz5kZ+ZxXM+/xGY2EAuhbY9mPNOL/EfF1EjHSsm0w8o1jq/stP745lS1JrKx88mcSSb6uuX+S/z6SV/4XEb9+GXE6Xd9ubXFptlSplOfzejGSa8Xa4tKZK3OlmfJM+erE5OS5tyYn3n3n7Z7F+vrFv7/7+P4H5746ufztzw+P3U3ifBzNt7XG8RxutVbGYix/Tobi/DM7jvegsf0k2esOsC0DeZ4PRTYGjMRAnvVtrYzsZteAHfZFltZAn0rkP/Sp5jygeW3fo+vgF8aj91cvgNbHP7j62kgMN66NDi8nT10ZZde7oz1oP2vjlz/u3c2W6N3rEACbunU7Is4ODq4f/5J8/Nu+s13s82wbxj/YPfez+c8b7eY/6dr8J9rMf460yd3t2Dz/04c9aKajbP73Xtv579pNq9GBvPafxpxvKLl8pVLOxrb/RsSpGDqY1Te4n/NZuvxgpdPG1vlftmTtN+eCeT8eDh58+jHTpXrpuYJu8eh2xCtt57/J2vFP2hz/7Pm42GUbJ8r3Xu20bfP4d9bKjxGvtT3+T+5oZaVifa7T/cli43woNs+K9f66c+K3Tu3vdfzZ8T+8cfyjSev92trW2/hh+J9yp23bPf8PJJ82ygfydTdK9fr8eMSB5KP16yeePLZZb+6fxX/q5MbjX7vz/1CW2F3Gf+f4ndZdh7cW/87K4p/e0vHfeuHBh59/36n97o7/m43SqXxNN+Nftx18nucOAAAAAAAA9ps0Io5GkhbWymlaKKy+v+N4HE4r1Vr99OXqwtXpaHxWdjSG0uad7pGW90OM5++HbdYnnqlPRsSxiPhm4FCjXpiqVqb3OngAAAAAAAAAAAAAAAAAAADYJ45EDLf7/H/m94G97h2w4zb4ym/gJdc5//MtvfimJ2Bfas3/g3vYD2D3mf9D/+oi/9Pd6Aew+/z/h/4l/6F/yX/oX/If+tdW8v+nCzvYEQAAAAAAAAAAAAAAAAAAAAAAAAAAAHg5XLxwIVtWlh/fnMrq09cXF2ar189Ml2uzhbmFqcJUdf5aYaZanamUC1PVuc3+XqVavTY+EQs3ivVyrV6sLS5dmqsuXK1fujJXmilfKg/tSlQAAAAAAAAAAAAAAAAAAADwYqktLs2WKpXyvILCtgqD+6MbnQppfqLvl/68MIU9HpgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoMW/AQAA//+LGzah")
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0xd, 0x13, r4, 0x0)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fffffff7850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sys_enter\x00', r5, 0x0, 0xfffffffffffffffc}, 0x18) (async)
epoll_pwait(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r6, &(0x7f00000000c0)='a', 0x200000c1, 0x9000) (async)
recvmmsg(r3, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0) (async)
read(r2, 0x0, 0x0) (async)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8fe00000000bfa200000000000007020000f8ffffffb703000008000000b70400008f2000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x31, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @fallback=0x31, r4, 0x0, 0x0, 0xfffffffffffffc81, 0x0, 0x0, 0x0, 0x0, r8, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r9}, 0x10) (async)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00') (async)
newfstatat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x0, 0x2100)

270.151241ms ago: executing program 3 (id=3729):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454da, &(0x7f0000000240)={'bond_slave_0\x00'})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x5, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000080000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x18)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'dvmrp1\x00', 0x1})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454da, &(0x7f0000000140)={'bond0\x00', 0x4000})
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000100)={'nicvf0\x00', 0x1432})

235.471331ms ago: executing program 0 (id=3730):
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x2000042, &(0x7f0000000cc0)={[{@nombcache}, {@oldalloc}, {@inlinecrypt}, {@delalloc}, {@noload}, {@delalloc}, {@noload}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@lazytime}]}, 0x3, 0x4ea, &(0x7f00000006c0)="$eJzs3UtvG1sdAPD/OPa9yW3AuYVFqURb+lCKoE7S9BGxKK3EY1UJUfZpSJwoihNXidM2UQXuJwChCpBYsWKDxAdAQv0ICKkS7FiwAlWQ0gUbZDR+tI1jh+TWjdvk95NO58w59fz/x4/xnJlRHMCRdSYibkbEQERciIh8sz3TLFFtlPT/vdh6NJuWJGq1O/9MImm2tW/zWPNhqe9/N+KHyc64axubSzOlUnF1e/PmpcXlmYXiQnFlcnLi2tT1qatT43scSZLdrXc4Im586+XPf/Kb79z4w9cf/G36Hxd/lKZ1t9nfaRy90Bh6LgZbDdV3EaV/0vdNtj5CAAA+BOcj4nhEnI2Ir0Y+BmLXw2gAAADgA1T75vDHrSoAAABwOGXq98YmmULzft/hyGQKhcY9vF+MTzKl8lrla/Pl9ZW5xj20I5HLzC+WiuPNe4VHIpek6xP1+uv1y23rkxHxaUQ8yQ+l6/U+AAAA4GAca5v/v8w35v8AAADAIeNiPAAAABx+5v8AAABw+Jn/AwAAwKH2vdu301J7sfWo/jsAc/c31pfK9y/NFdeWCsvrs4XZ8uq9wkK5vFAqFgb+//ZK5fK9K7Gy/nCskl2rjK1tbE4vl9dXKtP13/WeLh4/gDEBAAAA2316+ulfkoiofmOoXlIfNftyfc0MeI8k2baGu1/pUyZAT+zhlP52Z9bfTSLAgWv/TgeODnN8IGlvaDswGOx2qPDH/cdyzAEAAP0x+iXX/+GoyvQ7AaBvftrvBIC+cS4ejq7c/u8ABA6ZHdf/2wx269jz9f9abV8JAQAAPTfcWFSjeS1wODKZQuHVZcFkfrFUHI+Iz0fEn/O5j9P1iT7mCwAAAAAAAAAAAAAAAAAAAAAAAAAfolotiRoAAABwqEVk/p40f/9rNH9+uP38wEfJf/L1ZUQ8+NWdXzycqVRWJ9L2f71qr/yy2X65H2cwAAAA4CjK7drbmqe35vEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Esvth7NtspBxn1+K4ZipFP8bAzWl4ORi4hP/p1E9o3HJREx0IP41ccRcaJT/CRNK0aaWbTHz0TEUJ/jH+tBfDjKnt6KiJudPn+ZOFNfdv78ZZvlbT2/Vf+Qd4zf2v8NdNn/fW6PMU4++91Y1/iPI05mO+9/WvGTLvHP7TH+3R9sbnbrq/06YrTj90+yLdZYZfne2NrG5qXF5ZmF4kJxZXJy4trU9amrU+Nj84ulYvPfjjF+9uXfV590HX+mvnwzfmucI40Mf9xt/Of3OP7/Pnu49YVGNbczfsTFc51f/xP1ZefnP31PXGh+D6T9o616tVF/06nf/ulUt9zS+HNdnv/G65+vdRv/xb0Nf8eYAYD+WtvYXJoplYqrB1A5e6V3G0wOKGeVLpXB9yONg658+6230zocfpvt/LVn40rnDJ27+rxjAgAAeu71QX+/MwEAAAAAAAAAAAAAAAAAAICj6zP98bDT+3tUe8xqf4YKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALCr/wUAAP//GpnIcw==")
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1b, &(0x7f00000000c0)={0x0, 0x5a, "44fc21c597b7344ac6977fb0fd112b50cbf8d41b6a367ff5e94f601c0996e1e18aa4e5a0cdafae472898736e7e729db60d13a267986d24cb8e00112bae06f872e72a9f124a798bf8968cc8103f342f3a6a8dc4e3fe517e33e6de"}, &(0x7f0000000180)=0x62)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
r1 = open(&(0x7f0000000480)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f00000004c0)={0x0, 0x2904c, 0x0, 0x10003, '\x00', [{0x0, 0x0, 0x0, 0x3}, {0xffffffff, 0x5, 0x0, 0x0, 0x0, 0xffffffffffffffff}]})

235.113801ms ago: executing program 1 (id=3731):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
r2 = fsopen(&(0x7f0000001680)='9p\x00', 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r4}, 0x10)
creat(0x0, 0x0)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,')
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000001600)='\xcfD\xbc\xbf\x95@\xd6j\'$\x1d\x14\xb7!G:\xb0\xdfj\x96\x7f\x03\xe5\x94\x04J\x02\xa9[>\xf9\xcah\x85\xb8\xbeSAk\xf4\xb6 \xdf\xa0P\x18\x19\xae\x8c\x9a\x19mm\xfc<|\xe8\x9e\xa0x\x84p2\xf9\xe2\xed\xb0\f\x7f;\xf6J18G\x84c\x88\x9d{\xf4~\xdby\xe9\xdf\x1a\xae\xd6ez\xe5\xa8\xe1\'\x00'/110, &(0x7f00000005c0)='\x80\x82\xdfo\x973\x92\x0f\xca\a\x93\'\x13I\xfegAQ\x12KF\xde\xb8\xb3\xd5E6\xbe\xd3\x1d\xa1\x11\xb9\xc6\xe5\xe4\x1df\xf2\'R!\xaa$\x10\x19\r\xa1\xe9\xde\x06\x17\x95\x94\xcet\xb3U\xc5O\x9a\x1b\xe3\x1c\xad)\f])]\x10\xd2m\x1c\x05\xdf\x17\x06t \xa2\xf5\xf9k\xd0P\xcd\x17NF\x9c\xb6f\xd0),:\x19\xb8\xaf\x99\xa5W\x01%g+\xa7\x11\xc5\xea\x9e]\xa85^\xae\xbb\x0f\x068\xc5\xd6\xeds\vvb\xa2~\x8d\x16\x1e\xfc\x8d\f\x8d\xc9\xc0p;\x0e\x7f\xf8\xfc\x87\x94\xb7\xd4\xf6Z\x90\xfc\x01\xbd\xffjr\x19\\0\x8c\x9d\xc9\xb9\xde\x92\xe9p\xb8\xe1BSb3\xfcF6\x14\xad\xce\xc8Do\x05\xa5\n\'\x10\xe7\xa8\x11\xe4\xb5\xe0\xbb\xae\x8a\xb9\xa4.d\xafP\xbf\x1d\xec\xd6\r\xc3\xecM\xcb\x85Xs&G\xa3U\xccE\x19F\xa6\x94\x1a7\x8a1\xdb\xc5\xcf\x0fx\xfe)KP{s\xbc\v\x93\xe8\xcf\xff\xdc\xcf\xf9=\xe1\'K\x81\xbd\x80\xe0\xb3\x87\x03\x7f\x1e\x99\xcd\x1b\xe5\xd6R2j\xf2\x1d!\xc5\xb8\x8d\xb6/\x97\xf8\x96C\xe0\xbbp\xc3M\r\xe6\x98\x81\xe1\x0f\"\x99\xee\xf9\x02`\xfe.\x1e.\x8c\xa6\xf8\xb2s\x8d\x83\xbb\x82\xe3\x8d\x12y\x06\x80\x9f\xc3\xf5~m\xd9\xc2Q\xf5:\x0f\x90Z:\xcf(\x1a_\x8f\aCZ\'\xb0C0\xb4\xff\x8d\x12\xf0\xcdn\xdaSY\xd4\xe3G\x90i\x94\xb7\xdd\x18S\xbd]e\x1c\xbe,\xf5\x81\xe5\xf0\x0f\x04\xe0\x93\xaa\x8c\x9a\x97\x8d\x86\x1c2\xf7,H\xb5^>\xe3\x9c\xb3@\xb6\xb2\x19H\x9d8y3m\xd8.5\x16N\xa0\x88\x02\x9a\xb7YI\x89\xcd\x88\x13?\a\xcc@\xe7\xb2L\xbe\xf6\xe4\xbb\xf2P\xe7\x82\xeb5!P\x06\xc1\x8c\xe5\xc9\x993|\n\xdb<\xae]\xab?X\x82\xde\xa7', 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r5=>0x0})
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000280)={r5, 0x11, 0x6}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000180)={r5, 0x1, 0x6, @multicast}, 0x10)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0100000007000000010000000900000001000000", @ANYRES32, @ANYBLOB="0200000000000000000000000000000000000000e8ec8394a74e23d2d3c7b6c67b0a32c88fe6ead957f6fc2a635e20ac07ce7a8e8286255d5522211c2bb052dd833a8a12955bef3832369622d0416ece9cb315d3437dbbc8660ed79e813e0a670b88b41be7e394913d58ce37afc6b1f4a4f6a614b47d37", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r6}, &(0x7f0000000340), &(0x7f0000000380)}, 0x20)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r7, &(0x7f0000000340)={0xa, 0x0, 0x7, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x3e}}, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r7, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r7, 0x11a, 0x1, &(0x7f0000003100)=@gcm_128={{0x303}, "0400", "0d07080000e8ff00", "cf0d00", "8657e2b7e43b34f5"}, 0x28)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r7, 0x6, 0x14, &(0x7f0000000040)=0x1, 0x4)
writev(r7, &(0x7f0000000080)=[{&(0x7f00000002c0)="ec", 0x1}], 0x1)

185.822371ms ago: executing program 2 (id=3732):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="01000000060000000800000009"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x4801})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x8200, 0x0)
close(r3)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000500))
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000400)={'syzkaller0\x00', @broadcast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r4, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'})

179.872771ms ago: executing program 1 (id=3733):
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x37, 0x0, 0x8)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='signal_generate\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0x8000000000000000}, 0x18)
syz_mount_image$vfat(&(0x7f00000005c0), &(0x7f00000002c0)='./file0\x00', 0xc80, &(0x7f0000000180)=ANY=[@ANYBLOB="00631dda01aef2456795dd9b26209f1c0f624854ea3dd5a00bd6df44035f5c3ae796fec6d633a0ffad0569794acfef7da01767fd4175f2cd82df769aa2ee7bfe3640554507d2e660c9f9e222a72e1e3e71145c480657d2864e5e276f028d64701ae31cde0ceaf408fdb05c0f4142da00e900000100000149e6d308cbe315789f4baffe39bbced9b1d421d2e290e9fc563b62225f002ee310e1fa7321000000000000d6231001a4b2d467825f3abb0c167e129cf1fa0e7854103f4bf2d3a0194983bc86cbd3d75ccef3c8ac4516dac102"], 0x1, 0x266, &(0x7f0000000340)="$eJzs281OE1EYxvGHDwVBmCqKgjG+0Y1uJlCvoCGQGJtokBo/EpNBptp0aEmnwdQYYefW6yAu3ZkYb4CNV+DCHRuXLIxjmKnQlhrDQiba/29zXnJ4mnP6njZn0dl58Ha1XAzdoldXf59pUNrUrpRRvwaU6GuO/XF9Uq02dWMi/+XyvYePbufy+flFs4Xc0s2smY1f+fji1burn+qj99+PfxjSdubJzrfs1+3J7amdH0vPS6GVQqtU6+bZcrVa95YD31ZKYdk1uxv4XuhbqRL6tbb5YlBdW2uYV1kZG1mr+WFoXqVhZb9h9arVaw3znnmlirmua2Mjwp8UthYXvVzaq8DfVavlvDlJ04dmClupLAgAAKSK+38v4/7fC/bu/4+bn9923P8BAAAAAAAAAAAAAAAAAAAAAPgX7EaRE0WR82s8IcVP+ETNv09JGpE0Kum0pDFJ45IcSRlJZySdlTQh6Zyk85ImJV2QdFHSVMtrpb1XHEb/exv97230v7e1PLg7LK2+WS+sF5Ixmc8VVVIgXzNy9D3uZVNSL9zKz89YLKNLqxvN/MZ6YaA9Pytn78B0y88meWvPD8Xnbj+flbN3wLrls13zw7p+rSXvytHnp6oq0Ep8Jg/yr2fN5u7kO/LT8f/971zb17V/rvu7+SR/hPPR8f4Oanow3b1DChsvy14Q+DUKCgqK/SLtbyYch4Omp70SAAAAAAAAAAAAAAAAAMBRHMfPCdPeIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnX4GAAD//5KSYE0=")
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x81000)
renameat2(r2, &(0x7f0000000000)='./file0\x00', r2, &(0x7f0000000980)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)

172.018741ms ago: executing program 3 (id=3734):
socket$nl_route(0x10, 0x3, 0x0)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000580)=@o_path={&(0x7f00000004c0)='./file0\x00'}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
r0 = socket$key(0xf, 0x3, 0x2)
dup3(r0, 0xffffffffffffffff, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x101102)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r1, 0xc08c5334, &(0x7f0000000140)={0x0, 0x0, 0x0, 'queue1\x00'})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{}, 0x0, &(0x7f0000000040)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='block_bio_remap\x00', r2}, 0x10)
quotactl$Q_SYNC(0xffffffff80000100, 0x0, 0x0, 0x0)
fsetxattr(r3, &(0x7f0000000300)=@known='user.incfs.metadata\x00', &(0x7f0000000400)='block_bio_remap\x00', 0x10, 0x0)

106.75269ms ago: executing program 1 (id=3735):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000280)='%pS    \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
link(&(0x7f00000009c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000000)='./file0\x00')

91.29122ms ago: executing program 3 (id=3736):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000001c0)={0xffffffffffffffff, 0x20, &(0x7f0000000140)={&(0x7f0000000040)=""/203, 0xcb, <r2=>0x0, &(0x7f00000003c0)=""/183, 0xb7}}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000580)=ANY=[@ANYRES32=r0, @ANYRES32=r1, @ANYBLOB="0000000000000000b7081e00000800007b8a946f6c606e757c87ea73138cbcb31cf8ff00000000bfa20024f8000000070200000300ffffb7030000080000109f04000000000000050000000100000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r3}, 0x10) (async)
sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000011c0)=ANY=[@ANYBLOB="5400000010000104000000000000000100000000", @ANYRES32=0x0, @ANYBLOB="fff00000000000002c0012800e00010069703667726574617000000018000280140007002001000000000000000000000000000208000a00", @ANYRES32], 0x54}}, 0x0)

79.49612ms ago: executing program 1 (id=3737):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)
r0 = syz_io_uring_setup(0x24f1, &(0x7f0000000080)={0x0, 0x89aa, 0x10100, 0x0, 0xe6}, &(0x7f0000000300), &(0x7f0000000380))
io_uring_enter(r0, 0x31fa, 0x9cd9, 0x0, 0x0, 0x0)
io_uring_enter(r0, 0x0, 0x400000, 0x1, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000001ffffeb00000000eb658e0d850000007b000000"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mmap(&(0x7f0000004000/0x400000)=nil, 0x400000, 0x0, 0x11, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$evdev(0x0, 0x2, 0x0)
ioctl$EVIOCSMASK(r1, 0x40104593, &(0x7f0000000000)={0x0, 0x0, 0x0})
r2 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r2, &(0x7f0000000040)="e2", 0x2250)

77.53013ms ago: executing program 0 (id=3738):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="0b00000007000000d7c900000900000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20) (async, rerun: 32)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0xc, 0xd, &(0x7f00000008c0)=ANY=[@ANYBLOB="1800000000000005000000000000000018110000", @ANYRES32=0x0, @ANYRESOCT=r0], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (rerun: 32)
r3 = socket(0x10, 0x803, 0x0) (async, rerun: 32)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) (rerun: 32)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) (async)
socket(0x400000000010, 0x3, 0x0)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, 0x0, 0x0) (async, rerun: 32)
bind$inet6(r5, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) (async, rerun: 32)
sendto$inet6(r5, &(0x7f0000847fff), 0x0, 0x24000001, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) (async)
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r5, 0x84, 0x10, 0x0, &(0x7f0000000180)) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) (async)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x7) (async)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000c80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
syz_emit_ethernet(0xfffffffffffffecc, 0x0, 0x0) (async, rerun: 64)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async, rerun: 64)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r9, &(0x7f0000002180)=[{{&(0x7f00000003c0)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f00000001c0)=[{&(0x7f0000002000)="c62015b41811a3938eaf059e23a95262b58b77779f04713c97ae7460c3f3df3567f972351ace2f9891049bf5dfb75c1f1b8e2af7aa2a6c476d3e76af60583f87d06ae1b9658e7ff79c3a9ff163ebcf3d835a6e0160231009cce3181e004ce558ae28ffcca41eec742ee905261d358c75e6daff164a8f2f9049bf720baaa0a1133f4ab5398289e3d150827b2380af533b8c3f7c9d5abc085780ca33ff5f822c1f6f9a70334b75df33cc852db6c0a1ae9b563b4e7c9976d2a4be430951fbf80bc03883aef7bb10b209991b7b4245bda974dc5ac02fb3712476d5ddd805769b062b614eb63feed7d63040090c27ed543819108f685da874e0fe019d5f221a06d1462b68ce757d81b10dbd2e88f1e30a", 0x10e}, {&(0x7f0000000600)="3ebba26cbbd3a4d372ad1aab041b7d6ebf2b867be60ff8e309279c667b2dd4272119a781a7374c9952665d601cb0b56609ff928e899644213ef6bb0f61be6aa22e0162206fb2c92952bd4496e443b75a18c3f4a0d36686ab4c0a90faef26c31d713ca3fba2470a743716c76712d3159d589b45224ce89f79b8df", 0x7a}], 0x2, 0x0, 0x0, 0x40004}}, {{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000680)="ff377c69bf3c49ff1278d5e9d932e743b296fbfb4b708a48fb6d5a56cee55e16da5988e6bfe4baa717fe98270af269d52f5aed11b3d5f15b240708c24b01f33cd5ef74b1a79ea33eba1b4ece60e5a80439a008acb46826ca830fb16419062dcc0dae2b2d4daf1ef8f41dac6e008aec135f1eafd4d2e8f52e224fe270238dd54ed317c770aeba7da008c86156f50c00be9fedfd9e77839e4c932eed971c228d", 0x9f}, {&(0x7f0000000900)="2bb5713f5c9e229162f32f64214bf8e89f564fe386c3c888318dcdef0a66c2724421051bd2210178fc42de732b875a580de9e659b3d2e28b463c403fc521db6676fa6841569c24723a8cea5ce5e749b40025a53257bfd68d79580cbf", 0x5c}], 0x2, &(0x7f0000002240)=[@cred={{0x1c, 0x1, 0x2, {r6}}}, @rights={{0x24, 0x1, 0x1, [r3, r4, r2, r4, r3]}}, @rights={{0x2c, 0x1, 0x1, [r5, r8, r4, r1, r1, r0, r4]}}, @cred={{0x1c, 0x1, 0x2, {r6}}}, @cred={{0x1c, 0x1, 0x2, {r6}}}, @cred={{0x1c, 0x1, 0x2, {r6}}}, @rights={{0x24, 0x1, 0x1, [r5, r7, r0, r1, r3]}}], 0x100, 0x10}}, {{&(0x7f0000000c80)=@file={0x1, './file1\x00'}, 0x6e, &(0x7f0000001f80)=[{&(0x7f0000000d00)="791813422f12175909ec4bc3bd35cb709fcdc124b19573109c30b8b5603cf96d5fe9a61eb5c83bc7a38170eca596590aa61e889bfcf9950d6971254b18cfaae23979aa31e5c75b660585ef4777f7721f81a34eff54f8e50faa788cadb86ef5b61ca87328fc50d51f6c0eadaaa0b316e262e6c20ec9d3ff314e9e0bebdc02e831761f699714afff596b7e8355af983f5be5052bdc476851d2f3f79254344ea5c9c98a7b813ce3cf420c7251d3cd62d9683d3f05d0a3fab579c027c1d96db1e5d22028a33624c5f4bce1504f7aefcf7326f9a10f69fd7ffd8f359ca8e2ca57ae93e4977d1c74a3b0c22ead2ccc0ef185cef2585257a8204391b433bc3901bd968d592f2089b85dfd755b7a14f8cf602dcca963896beb5af40f7cfe24964781e34155e68b2d2a03b3b478b25fd475d22016ffa58ae8240f75c15b7d769fa5d9f7a14293688e0967eb11eb8e92d67f06897be7141c24482b400bd8c29018fe88eef60fef3db2d174b45071c014d04a0406b6eb7efba05f4655481e07034d6ba4691f0c98dcfcb42177df45d9e6db03ff154620bcc1a4f8eb2a7faf339f7c77c4886c963dcf37a9390b3ccb86c86fa3687bf439a5ce360ace476e4229e2575bea131795ef0832fbd40b825835cd1f9375e94b1b5f9525564c5ed53954beb82daaea131a059203ece591ad95cbe46b77e011b6f25b9d1e4c9f8e492d8333b933017c55d157a79a51bcca713e0d883a179d73c0998f5bf986db23823a2f7efe2af30769872023d00f01473cd381057576b1083d06b37fd2f27d9f9c238b9acd1e23f4a01bb1078b43112f97b048f7377ba21972ce58746cf9d03a8f89c2f253d52a9b0394fb564c36608449f723864e4ec9f98ec3d114ef48458451802975750c4371669f929cb0689a0ef9ca8ff4a8e4c4ae0f3e9533d8f64a2ee0516b24ffaaade24fbfcaeda76c535130049e7a1773eae40910e53c242f8f49b5b4573381dd981e989caccdca86e0eeb47cf0d3820a72cc75fe57fdd106fa065a216421aa227ca7606a84f7aad555a5c953bdaa6e516d06cf1946e2d96b3db885a4281f18ba1caadb416eddd9021ce29abb7f56011b0d69ba95d6284b9407368a99ffe7f6ecfd7093e83dc680be7a9804d389aa6ecd9d19010b968920500d907cd87b63cfcd2444edd484cff476a33fce494f57a9bfa3f1e7f96e08afab87a2e3cb6d81f8f4112f72a1efe12ccaf64595099dbbc1b302f744661d6642a72b7001471cb9cdd0320a4e744fff3ef2fcf9fd04e0feeb482d5a700b2a7ac0c0dd5c6a76412f9a81dc65f1a3a6233d40e15c1a6fe441a4053428c963dcee36d2ac5f2af395b778a062e1f4f94d970e99e4dfbb75c9287e85e34f0916974c2d11db280dbb7f3d3e277391d90dda54b2f27dda4b34073f24a937c2c71c2c29ef95ffd455fcf33a2233d9da9c0ce97d8b137679840b6d97c2803611e3800fa5e8a84a8a25c39dd6b2eb2e25ffa99e092320a0898fc0671f7b6bd6488bf37d631ccc1d4fd2599242d819b7b133079d997606e1ba2648bde7dbb0dfdb374871a21c9404ec6d517d098baa3cf9c23ea0095a6c75f8e1f153a8999667d2c902fde96808ed7980c5889ce5b4bb6b7e6589ee7644ee6743824d91307ed86f1002f422f2bb92981d889fae1d0e3dcd762112b5bed2ef740db36d78ab3c9b4e334a17131d0d7a70e5dc613716cea137bdc4ba28259657f6574d79e305419af0a4c50d3ce0531d3560e4eb3f35c1f649ef9bb348b4c820d4f39cb0282103d683d06f41b34bfc215e2bb65907ead28b86829109d39542e730d9f4760bad0d18e2ea81490dad1b5c2b2edc3fee755b9fcead8f4eda2bc896fe07159720e124b7a42357a7700f1d26fbaaf3e21142f71236b20fea27387272e6a38f040093451f86cb7ae97705b4be675f4e67d6a1f75aba1da6254ba538779ea7eca77e249814f68e9966ec9e61a20091e0d849949706fbba06c87da7e2a1f24c0a6ff76983cebd7714efaa3e83d56b40bfe61d5e55c3c54394d1e99895fb60e26ddf486ec1ff24c6e52ac2614575d3407a35666dbd6b0ef0232c44dd13530f7a839723eb19c6e69eda2bfdcf5006583e730746b3384ce964f4c44c2fdc4d1b3940e3d687621c67551916740891248b4b34cc4aaafe68c82676937ef42d593ccd0ff8fd0c1efb55ea5e803fa541a211236eabefab0fee0cdb371958a691fa17a1f804bd7359aba8e445db7bec07f1a3ba8653d54854b691b1feac5a638df77130b23307ba79bada52df38d9bd3847c7e297ca27346d1fbb93b4f7758a7c2d4273cce62a57d8083d3a2c4b0ef3efc39c6245c25a6953bd14a02ca38a0c3feb31c1f80054b56adf91ee3869e54ac432734cde4c4710203402c514ae65b1203dfbb3fda6c1cd3d31fa0eb537ee7e9d8169b160766af3aabac26367ee852ed73e56c49322cffcd48f3510ed0c944dcb8cd3d4021f7dd7a684454c28c8a141bdb74adb8b0538c58ca75ceb5916b607c1756aa4d8ef01e4c430928968cfd446f706313eb9ad7786454c9c123e8ab08b6e9e3e182f460fccae56b819a586a6d6fd38f95e9d52b13046ff93d1e974f9acc4c75afc8c37397f6aa39a43978d90430ddce4406aae75d81ed88600f3b2f75784eb232889b91dda46003c6c5bb2cd1ca46821bb59a277354c4f0a3dddc2a590e7a85c1fb2bb5b86f6a6b6cd880777d689eecab2f966a47e21f7e06b489cb2a7323a9624a409424bc8a092a0d95fa258bcabd50351dfe08d2fa7007caf8bb31a70879c491ad448b928f74ea13400dd26f53b295559df9a0307a1495cc9548de7d0d8d0379ddcb76602cf493bd96bb477eebed9de44f98800a664fc5a3bd206241628f709c2a8638d8852ebf1bd42af4c032257d783205dc2e4e9f678b42a301abbcb46ac741f1a35f2533cbf3f8267c3de7e18c1b05231289395f49244a356f7dd55766d66e306e97c2f64889635a4d5f9e0019be062bf9c9bd2f8b4590c9622689827190cb5587341e7fffd9371a625b0c0b9322187c63cd59beb9bed9b580fbeb58c9067484e8723592b42563569378bff495523702fb4319f8afca804f37fc72ca85106cfaef834b3a9df18a3003f9fa46b4958acc4bc05a2f271d9b21cdaa0838d6dcd78134daceb3bb47425162f48b3fa692f452b20c266327aec42f4cdea929d6f18b349edc01b4276ff5360ccd20199c937f192214594be81a5bfb579a9620ab72a8c0aa935a82a1008a183266212dbf5b08376a1be8360a029acc04ccd6cd3b84dee13077da64c5e6639580858128fdacf431ceec427642accd4cf3350b2531be02d2ad8add8e11c5be5e413ae273101729ea99390d91bbd9f4d3d654a6484da8ae14683cc2e5b61832e528e299ad7e1c6843b9ec0defa3d8743fc14c3eed9e979305374938db4912193725547b81329e218789587b72b14b650e12efee6fbd58c5df09a58cbe222893948005bac6c13007ca7cdd1bbb39c9110fa852bc2cdf40276860abd420e4e23a7cfc043c13fe70f45ad609db628187619b6fdd7a4d2ac258bcc22c67933ba8264197dbbb44497d6bc326ae5a1878a13b2fb930769263ed3793d5ac1d73597e1471872247f655b960b1939513524d99cbcbbf3aeff5bf6c9f83d9e980c2495a107d3b688f7c22c97e8f21ba9c60315b2f42029e029492cb786aa1fbe0e633e96804bbef129909815692ed03da9321def610afb3ca631f3aad52b32e57bcbd9004e994088a23b08fae7a42a6cc3a60f8bb4490e5970464c00e1b92ef2fc9d39c0ef07db93dcb08a3cab58e6098720f934788b4fabbd257a0de902f5c5ec3fc2495a26db0e0081dc384cf98b6c507f3c2f205bb09983c579c959efe9b4d1b9470d3735aa45e5f5ee7bc9b25ba5a9ddfcea7cb68e76cf51a62f5ecdd1bac9f97f4ee05041fd21faf51d5440fdc15175dcbf75e3e0aa64054b6684b5671d8e80a02e13f29b3872b27fea973643fcb4480e4afe21b8f6b2ec33d4aa58c6258cea98feb3ec04a7a8688b3cf519ff05ca8711d795d4bd482667dbe0e0d6b337eb3c036913c0f22b79f2801e49a7efb37c9008fe4cfaf420fbe1bb241f13647967ba3bbf73886c0d189ce1772077eab6461cf585c19a67ad5b5b89f70eef21d1b9210d48e4bca220e84a168f1dd07e5556276a0d9022578ee6f891b8668405bfeba47bdf198b3a77dcbf9718b67c93cfe0aade0f86c0703f93da0bbe7ed0c5bac8b1036b81ae844b71648bfe05f7afc7ae0f408b0a4bf9991fce6f1ecf3d45e95a3aff8f5cd1fe468af834bfa8f45588e5ddafd02f0e4f27f9f686520dee98c9a474fe1607763f8c177805c70e518723d12b11b028981d5e0566b5f570a2f3850b036cb519bf647a3599fc79810bf67d4ea561b2b4b1c4a879558d170817e07839850975f0138f718dbd3d97134bbc55bf7650b565a6c85c51b8c5fa5ca369c7e814725016be1f73865778c73d59649a9d4056f87b67366b690e65dab4bf10f7dbdcbdfc5877235f7088f272e92a99e8d5ced401690d9ccb6915019c393c8e8cb995bdeb584e13811f7e0dfae637c2aef20894dde914c8e0a9cf696d44e9620f9bb9aa2da8c748137b9bd5f362a93d8861d83db7b49007f491bd656db733e9ac65e7cf2f92e6ded549a90b1b77b547cd0a546e771aac7cbb6b04061dc29eb941c8a7270af60b1d4fa8d52ed34c995ae949e0a31e71b710c35290415eb7f70658dc193949e5d3de0353f4e27ea7cc489c6207ede86ca83534cbdcc95b4653c5bf76cdf34102f6aee5a36e72e25706d831ed15447f59d1bdf477d823c24d7a694bd55fa463a800de3a0ed0a25c309fa01e10f75e7071cfb5d160b92b221f037ef084363f0ae57f0eded4f54b5af3b4c4db7eecb453d115c049c64b69d3489c628425d838e7c25c3816bdea344b4429f00b1cc19309e54d6f0e62dba22d0d4bb029692dc707655622e07c8a4689e42f9fa92b903e6cc80f75a46e0492e3e3837af6aa6e21217356b0f03fa84d833d368940d4cff55f52ea75c5cdda6171a07c743372853388035524597a021dbc9a556d99eba7b6aecb674ab029b493ada31154239b4c4c25cdf6038127de8e465667bfb4671ca44394de6cfdd2c312b1bcedb6a2d761974aba6aeebf2d009c714f9bdcab9d269d234f521da7dc2ac180d0f0cf7ca6ec2b4cf6985ed46c7ca03113d49d3b76e70fcdfbc65ee4a1c4c613ff2424ab217cad782fd649eb6b5c33ad2e1680cc96e5e9f3bba9288734620c5372d32dfd608862a46661874d0603e27c1f05f121fb758e9e8e8ab88ace82e490eeadf0d9208e11aac804c1f565daa2e08671e54e6abf26426e9cc18cefe264fb49f4267a85e98d97e4eb6fe52d61777c0e7c6c4fc47e708a2f10221a06414487bfcbc242d592bb4dae656b9444dbd548a8622b663b06631d9ccb35cd28e47062a5fd64085396d45f76147ac54bfea8f556e09ab5fbd90400b5d4eb953f8d4b46793f14249c364c362a73b4b5a7dddf896704bac1f646d8b2f7362659c3331e5e0f08dda553c531942e6da1c67c0bfd0e192bda195d4a0b9d04065bb065aedb57291a2c7a54af30f5a0dac9b2d883426de047c186b30f651920640b15c734b77900f4d6f79a8927ece9698fcbf6a64464594a051a13a507bb762355fe2629c52ff78850c780a0d8369e6dc5c75b71df152f8fcc00d07eff83797dd621af91fdc2e405626985a9c90bc27c7b96813a3d58af0dd0a566393d5faca43435309635c01970019128fd66", 0x1000}, {&(0x7f0000001d00)="26df043a8c88b0b0d7df03699ba09b1d74ce70e709e293598b9494030dc973bfabb2586f6e549145a6909992029c6febb9e9cadee28b79d1d644241cfa785766c52a3d8c10887c0380e8dd91969e219f398290094f7f06dc372c472acedb071b8fa15ce1f0b8b3", 0x67}, {&(0x7f0000000b00)="4c0a74fdfb791dca7b10b8a0206d4e7566a96fd8930788838ef4f431bee8cf9396f8f3c5d40cd89c76eb35fe5b97e998e84b591f840f24381563a50615dda0731d38ad773e07106cf5b826155429c7ac073ff1fe54d5f8c27ac65bd90395c3c6af906dd4fcfd51668b2185df39533aee7d7ef72f5ac269417de23e2cd865d1f94f6e9d85b5ea04aff88d8eaf2cdc0b302dc9dea3c033f23a39131254c50a92fc06b69bf4be9ef2f562e9cb7b36a089f76e151364a55c13daa812c78f5479a7f654bb467c65354b9b", 0xc8}, {&(0x7f0000001e80)="b749b8bf2b7a2729e687ded1e64a415bf008e6219bc395a629897980cb6b8113d0533f45557aafdf45048d347d5e6551f8e132427333aa476aa73de8b885cc4396b61885f45f2169ea11753e69c823060f80ba23494e6baa25ad7f9cc811d93b6e71d20c6bcae32f1d39", 0x6a}, {&(0x7f0000001f00)="7955749c021658e0dec0fd5156aa69e86b33c1b50ef282f3394eccdce4dfcd8d77f2c640402f4324f613ddf505b0855d70561d84f4300f1876e0850eaec6b02aeace8f6526fbdaeefde298189465d73075355b3e20ae5c6c83765a87ee45b5fa553cf1e7fa31f71fd6358455c715321864fe430adc15d2129cdfed3a618466", 0x7f}], 0x5, &(0x7f0000000980)=[@rights={{0x14, 0x1, 0x1, [r5]}}, @rights={{0x14, 0x1, 0x1, [r8]}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {r6, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [r7, 0xffffffffffffffff, r0, r7, r2, r7]}}], 0xb8, 0x1}}], 0x3, 0x0) (async)
recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
socket$inet6(0xa, 0x80002, 0x0) (async)
bpf$MAP_CREATE(0x0, 0x0, 0xffffffffffffff65) (async)
r10 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x99, 0x0, 0x0, 0x0, 0x30, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r10, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r11 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r11}, 0x10)

55.512401ms ago: executing program 1 (id=3739):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_WIPHY(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000380)={0x14, r4, 0x301, 0x70bd2a, 0x20000000, {{}, {@val={0x8, 0x7, 0x2}, @val={0x8}, @val={0xc, 0x99, {0xfffffffe, 0x31}}}}}, 0x30}, 0x1, 0x0, 0x0, 0x48045}, 0x20004000)

39.31052ms ago: executing program 2 (id=3740):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="01000000060000000800000009"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x4801})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x8200, 0x0)
close(r3)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000500))
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000400)={'syzkaller0\x00', @broadcast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r4, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'})

7.23452ms ago: executing program 4 (id=3741):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x90a2, 0x2, &(0x7f0000006680))
r0 = socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCGIFCONF(r0, 0x8912, &(0x7f00000003c0)=@req={0x28, &(0x7f0000000380)={'erspan0\x00', @ifru_hwaddr=@local}})
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty, 0x2}, 0x1c)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r2, &(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, r1, {0x2, 0x0, @multicast2}, 0x4, 0x0, 0x3}}, 0x2e)
ioctl$PPPIOCGCHAN(r2, 0x80047437, &(0x7f0000000080))
syz_emit_ethernet(0x4c, &(0x7f0000000140)={@random="99177fa54f29", @random="ece65b5c8d9b", @void, {@ipv6={0x86dd, @udp={0x0, 0x6, '\x00\b\x00', 0x16, 0x11, 0x0, @remote, @local, {[], {0x0, 0xe22, 0x16, 0x0, @gue={{0x2, 0x0, 0x0, 0x83}, "30b00afe4e70"}}}}}}}, 0x0)

6.93295ms ago: executing program 4 (id=3742):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x90a2, 0x2, &(0x7f0000006680))
r0 = socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCGIFCONF(r0, 0x8912, &(0x7f00000003c0)=@req={0x28, &(0x7f0000000380)={'erspan0\x00', @ifru_hwaddr=@local}})
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty, 0x2}, 0x1c)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r2, &(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, r1, {0x2, 0x0, @multicast2}, 0x4, 0x0, 0x3}}, 0x2e)
ioctl$PPPIOCGCHAN(r2, 0x80047437, &(0x7f0000000080))
syz_emit_ethernet(0x4c, &(0x7f0000000140)={@random="99177fa54f29", @random="ece65b5c8d9b", @void, {@ipv6={0x86dd, @udp={0x0, 0x6, '\x00\b\x00', 0x16, 0x11, 0x0, @remote, @local, {[], {0x0, 0xe22, 0x16, 0x0, @gue={{0x2, 0x0, 0x0, 0x83}, "30b00afe4e70"}}}}}}}, 0x0)

565.28µs ago: executing program 3 (id=3743):
r0 = socket$unix(0x1, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r1}, &(0x7f0000000040), &(0x7f0000000280)='%pS    \x00'}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x6c, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='kfree\x00', r2}, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'ipvlan0\x00', <r3=>0x0})
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000580)=ANY=[@ANYBLOB="3c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b0001006d616373656300000400038008000500", @ANYRES32=r3], 0x3c}}, 0x0)

0s ago: executing program 1 (id=3744):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
r2 = fsopen(&(0x7f0000001680)='9p\x00', 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r4}, 0x10)
creat(0x0, 0x0)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,')
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000001600)='\xcfD\xbc\xbf\x95@\xd6j\'$\x1d\x14\xb7!G:\xb0\xdfj\x96\x7f\x03\xe5\x94\x04J\x02\xa9[>\xf9\xcah\x85\xb8\xbeSAk\xf4\xb6 \xdf\xa0P\x18\x19\xae\x8c\x9a\x19mm\xfc<|\xe8\x9e\xa0x\x84p2\xf9\xe2\xed\xb0\f\x7f;\xf6J18G\x84c\x88\x9d{\xf4~\xdby\xe9\xdf\x1a\xae\xd6ez\xe5\xa8\xe1\'\x00'/110, &(0x7f00000005c0)='\x80\x82\xdfo\x973\x92\x0f\xca\a\x93\'\x13I\xfegAQ\x12KF\xde\xb8\xb3\xd5E6\xbe\xd3\x1d\xa1\x11\xb9\xc6\xe5\xe4\x1df\xf2\'R!\xaa$\x10\x19\r\xa1\xe9\xde\x06\x17\x95\x94\xcet\xb3U\xc5O\x9a\x1b\xe3\x1c\xad)\f])]\x10\xd2m\x1c\x05\xdf\x17\x06t \xa2\xf5\xf9k\xd0P\xcd\x17NF\x9c\xb6f\xd0),:\x19\xb8\xaf\x99\xa5W\x01%g+\xa7\x11\xc5\xea\x9e]\xa85^\xae\xbb\x0f\x068\xc5\xd6\xeds\vvb\xa2~\x8d\x16\x1e\xfc\x8d\f\x8d\xc9\xc0p;\x0e\x7f\xf8\xfc\x87\x94\xb7\xd4\xf6Z\x90\xfc\x01\xbd\xffjr\x19\\0\x8c\x9d\xc9\xb9\xde\x92\xe9p\xb8\xe1BSb3\xfcF6\x14\xad\xce\xc8Do\x05\xa5\n\'\x10\xe7\xa8\x11\xe4\xb5\xe0\xbb\xae\x8a\xb9\xa4.d\xafP\xbf\x1d\xec\xd6\r\xc3\xecM\xcb\x85Xs&G\xa3U\xccE\x19F\xa6\x94\x1a7\x8a1\xdb\xc5\xcf\x0fx\xfe)KP{s\xbc\v\x93\xe8\xcf\xff\xdc\xcf\xf9=\xe1\'K\x81\xbd\x80\xe0\xb3\x87\x03\x7f\x1e\x99\xcd\x1b\xe5\xd6R2j\xf2\x1d!\xc5\xb8\x8d\xb6/\x97\xf8\x96C\xe0\xbbp\xc3M\r\xe6\x98\x81\xe1\x0f\"\x99\xee\xf9\x02`\xfe.\x1e.\x8c\xa6\xf8\xb2s\x8d\x83\xbb\x82\xe3\x8d\x12y\x06\x80\x9f\xc3\xf5~m\xd9\xc2Q\xf5:\x0f\x90Z:\xcf(\x1a_\x8f\aCZ\'\xb0C0\xb4\xff\x8d\x12\xf0\xcdn\xdaSY\xd4\xe3G\x90i\x94\xb7\xdd\x18S\xbd]e\x1c\xbe,\xf5\x81\xe5\xf0\x0f\x04\xe0\x93\xaa\x8c\x9a\x97\x8d\x86\x1c2\xf7,H\xb5^>\xe3\x9c\xb3@\xb6\xb2\x19H\x9d8y3m\xd8.5\x16N\xa0\x88\x02\x9a\xb7YI\x89\xcd\x88\x13?\a\xcc@\xe7\xb2L\xbe\xf6\xe4\xbb\xf2P\xe7\x82\xeb5!P\x06\xc1\x8c\xe5\xc9\x993|\n\xdb<\xae]\xab?X\x82\xde\xa7', 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r5=>0x0})
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000280)={r5, 0x11, 0x6}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000180)={r5, 0x1, 0x6, @multicast}, 0x10)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0100000007000000010000000900000001000000", @ANYRES32, @ANYBLOB="0200000000000000000000000000000000000000e8ec8394a74e23d2d3c7b6c67b0a32c88fe6ead957f6fc2a635e20ac07ce7a8e8286255d5522211c2bb052dd833a8a12955bef3832369622d0416ece9cb315d3437dbbc8660ed79e813e0a670b88b41be7e394913d58ce37afc6b1f4a4f6a614b47d37", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r6}, &(0x7f0000000340), &(0x7f0000000380)}, 0x20)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r7, &(0x7f0000000340)={0xa, 0x0, 0x7, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x3e}}, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r7, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r7, 0x11a, 0x1, &(0x7f0000003100)=@gcm_128={{0x303}, "0400", "0d07080000e8ff00", "cf0d00", "8657e2b7e43b34f5"}, 0x28)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r7, 0x6, 0x14, &(0x7f0000000040)=0x1, 0x4)
writev(r7, &(0x7f0000000080)=[{&(0x7f00000002c0)="ec", 0x1}], 0x1)

kernel console output (not intermixed with test programs):

 146.654277][T11615] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  146.664103][T11615] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  146.674547][T11615] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  146.685041][T11615] batman_adv: batadv0: Interface activated: batadv_slave_1
[  146.697139][T11615] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  146.705920][T11615] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  146.714589][T11736] loop2: detected capacity change from 0 to 2048
[  146.720993][T11615] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  146.729747][T11615] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  146.797141][T11747] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2925'.
[  146.828807][T11752] syzkaller0: entered promiscuous mode
[  146.834365][T11752] syzkaller0: entered allmulticast mode
[  146.846367][T11754] loop0: detected capacity change from 0 to 128
[  147.355178][T11765] loop2: detected capacity change from 0 to 1024
[  147.361934][T11765] EXT4-fs: Ignoring removed orlov option
[  147.367686][T11765] EXT4-fs: Ignoring removed orlov option
[  147.377420][T11765] EXT4-fs error (device loop2): ext4_expand_extra_isize_ea:2793: inode #12: comm syz.2.2969: corrupted in-inode xattr: bad magic number in in-inode xattr
[  147.393202][T11765] EXT4-fs (loop2): Remounting filesystem read-only
[  147.631905][T11774] lo: entered allmulticast mode
[  147.696591][T11781] loop2: detected capacity change from 0 to 1024
[  147.703378][T11781] EXT4-fs: Ignoring removed orlov option
[  147.709073][T11781] EXT4-fs: Ignoring removed orlov option
[  147.772963][T11792] netlink: 'syz.0.2979': attribute type 10 has an invalid length.
[  147.783847][T11792] bond0: (slave netdevsim1): Enslaving as an active interface with an up link
[  147.829480][T11798] loop0: detected capacity change from 0 to 2048
[  147.919243][T11805] loop0: detected capacity change from 0 to 1024
[  147.926153][T11805] EXT4-fs: Ignoring removed orlov option
[  147.931852][T11805] EXT4-fs: Ignoring removed orlov option
[  147.946937][T11805] EXT4-fs error (device loop0): ext4_expand_extra_isize_ea:2793: inode #12: comm syz.0.2983: corrupted in-inode xattr: bad magic number in in-inode xattr
[  147.963515][T11805] EXT4-fs (loop0): Remounting filesystem read-only
[  147.987602][T11808] macvlan0: entered promiscuous mode
[  147.994838][T11808] ipvlan0: entered promiscuous mode
[  148.000593][T11808] ipvlan0: left promiscuous mode
[  148.006113][T11808] macvlan0: left promiscuous mode
[  148.022762][T11814] loop0: detected capacity change from 0 to 164
[  148.029328][T11814] iso9660: Unknown parameter 'ÿÿÿÿ00000000000000000000ÿ'
[  148.042471][T11814] loop0: detected capacity change from 0 to 1024
[  148.049528][T11814] EXT4-fs: Ignoring removed orlov option
[  148.056315][T11814] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  148.087693][T11814] EXT4-fs error (device loop0): ext4_read_inline_dir:1566: inode #12: block 7: comm syz.0.2986: path /585/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[  148.110234][T11814] EXT4-fs (loop0): Remounting filesystem read-only
[  148.188616][T11832] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2995'.
[  148.213237][T11836] syz.2.2996[11836] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  148.213342][T11836] syz.2.2996[11836] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  148.226788][T11836] syz.2.2996[11836] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  148.245673][T11838] loop0: detected capacity change from 0 to 512
[  148.261748][T11842] netlink: 'syz.4.2999': attribute type 46 has an invalid length.
[  148.308292][T11838] ext4 filesystem being mounted at /589/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  148.431513][T11861] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3006'.
[  148.441435][T11861] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3006'.
[  148.480676][T11865] FAULT_INJECTION: forcing a failure.
[  148.480676][T11865] name failslab, interval 1, probability 0, space 0, times 0
[  148.493335][T11865] CPU: 0 UID: 0 PID: 11865 Comm: syz.0.3008 Not tainted 6.13.0-rc6-syzkaller-00059-g643e2e259c2b #0
[  148.504110][T11865] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  148.514182][T11865] Call Trace:
[  148.517470][T11865]  <TASK>
[  148.520406][T11865]  dump_stack_lvl+0xf2/0x150
[  148.525075][T11865]  dump_stack+0x15/0x1a
[  148.529304][T11865]  should_fail_ex+0x223/0x230
[  148.533988][T11865]  should_failslab+0x8f/0xb0
[  148.538641][T11865]  __kmalloc_node_track_caller_noprof+0xa8/0x410
[  148.545012][T11865]  ? sidtab_sid2str_get+0xb8/0x140
[  148.550240][T11865]  kmemdup_noprof+0x2a/0x60
[  148.554789][T11865]  sidtab_sid2str_get+0xb8/0x140
[  148.559739][T11865]  security_sid_to_context_core+0x1eb/0x2f0
[  148.565634][T11865]  security_sid_to_context+0x27/0x30
[  148.571003][T11865]  selinux_lsmprop_to_secctx+0x2c/0x40
[  148.576466][T11865]  security_lsmprop_to_secctx+0x4a/0x90
[  148.582028][T11865]  audit_log_task_context+0x93/0x1c0
[  148.587382][T11865]  audit_log_task+0xf9/0x1c0
[  148.591992][T11865]  audit_seccomp+0x68/0x130
[  148.596589][T11865]  __seccomp_filter+0x6fa/0x1180
[  148.601525][T11865]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  148.607265][T11865]  ? vfs_write+0x596/0x920
[  148.611723][T11865]  ? __schedule+0x6fa/0x930
[  148.616298][T11865]  __secure_computing+0x9f/0x1c0
[  148.621241][T11865]  syscall_trace_enter+0xd1/0x1f0
[  148.626291][T11865]  do_syscall_64+0xaa/0x1c0
[  148.630787][T11865]  ? clear_bhb_loop+0x55/0xb0
[  148.635470][T11865]  ? clear_bhb_loop+0x55/0xb0
[  148.640158][T11865]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.646130][T11865] RIP: 0033:0x7fcebddd5d29
[  148.650606][T11865] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  148.670256][T11865] RSP: 002b:00007fcebc447038 EFLAGS: 00000246 ORIG_RAX: 000000000000010d
[  148.678665][T11865] RAX: ffffffffffffffda RBX: 00007fcebdfc5fa0 RCX: 00007fcebddd5d29
[  148.686658][T11865] RDX: 0000000000000005 RSI: 0000000020000000 RDI: 0000000000000005
[  148.694667][T11865] RBP: 00007fcebc447090 R08: 0000000000000000 R09: 0000000000000000
[  148.702628][T11865] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  148.710589][T11865] R13: 0000000000000000 R14: 00007fcebdfc5fa0 R15: 00007ffebf18a848
[  148.718630][T11865]  </TASK>
[  148.741656][T11869] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3010'.
[  148.767956][T11873] loop2: detected capacity change from 0 to 2048
[  148.804380][T11880] IPv6: Can't replace route, no match found
[  148.850136][T11888] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3018'.
[  148.859463][T11888] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3018'.
[  148.918502][T11900] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3024'.
[  148.963141][T11905] loop4: detected capacity change from 0 to 1764
[  148.969906][T11905] iso9660: Unknown parameter 'cruf¥'
[  149.127246][T11907] xt_HMARK: spi-set and port-set can't be combined
[  149.415479][T11913] bridge0: entered promiscuous mode
[  149.422343][T11912] bridge0: left promiscuous mode
[  149.449452][T11915] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3030'.
[  149.460593][T11915] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3030'.
[  149.567726][T11923] FAULT_INJECTION: forcing a failure.
[  149.567726][T11923] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  149.580827][T11923] CPU: 0 UID: 0 PID: 11923 Comm: +}[@ Not tainted 6.13.0-rc6-syzkaller-00059-g643e2e259c2b #0
[  149.591125][T11923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  149.601191][T11923] Call Trace:
[  149.604487][T11923]  <TASK>
[  149.607404][T11923]  dump_stack_lvl+0xf2/0x150
[  149.612002][T11923]  dump_stack+0x15/0x1a
[  149.616184][T11923]  should_fail_ex+0x223/0x230
[  149.620879][T11923]  should_fail+0xb/0x10
[  149.625021][T11923]  should_fail_usercopy+0x1a/0x20
[  149.630099][T11923]  _copy_from_iter+0xd5/0xd00
[  149.634903][T11923]  ? kmalloc_reserve+0x16e/0x190
[  149.639843][T11923]  ? __build_skb_around+0x196/0x1f0
[  149.645029][T11923]  ? __alloc_skb+0x21f/0x310
[  149.649676][T11923]  ? __virt_addr_valid+0x1ed/0x250
[  149.654795][T11923]  ? __check_object_size+0x364/0x520
[  149.660072][T11923]  netlink_sendmsg+0x460/0x6e0
[  149.664894][T11923]  ? __pfx_netlink_sendmsg+0x10/0x10
[  149.670286][T11923]  __sock_sendmsg+0x140/0x180
[  149.675037][T11923]  ____sys_sendmsg+0x312/0x410
[  149.679796][T11923]  __sys_sendmsg+0x19d/0x230
[  149.684462][T11923]  __x64_sys_sendmsg+0x46/0x50
[  149.689277][T11923]  x64_sys_call+0x2734/0x2dc0
[  149.693946][T11923]  do_syscall_64+0xc9/0x1c0
[  149.698432][T11923]  ? clear_bhb_loop+0x55/0xb0
[  149.703099][T11923]  ? clear_bhb_loop+0x55/0xb0
[  149.707762][T11923]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.713713][T11923] RIP: 0033:0x7f7d83ff5d29
[  149.718126][T11923] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  149.737760][T11923] RSP: 002b:00007f7d82667038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  149.746278][T11923] RAX: ffffffffffffffda RBX: 00007f7d841e5fa0 RCX: 00007f7d83ff5d29
[  149.754239][T11923] RDX: 0000000000000010 RSI: 00000000200001c0 RDI: 0000000000000003
[  149.762246][T11923] RBP: 00007f7d82667090 R08: 0000000000000000 R09: 0000000000000000
[  149.770269][T11923] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  149.778232][T11923] R13: 0000000000000000 R14: 00007f7d841e5fa0 R15: 00007fff9150fa48
[  149.786203][T11923]  </TASK>
[  149.842780][T11929] syzkaller0: entered promiscuous mode
[  149.848357][T11929] syzkaller0: entered allmulticast mode
[  149.850675][T11931] loop2: detected capacity change from 0 to 2048
[  149.889216][T11935] loop2: detected capacity change from 0 to 512
[  149.896365][T11935] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  149.911136][T11935] EXT4-fs (loop2): 1 truncate cleaned up
[  149.923109][T11940] bridge0: entered promiscuous mode
[  149.929872][T11939] bridge0: left promiscuous mode
[  150.011818][T11954] random: crng reseeded on system resumption
[  150.015860][T11952] loop2: detected capacity change from 0 to 2048
[  150.071535][T11959] FAULT_INJECTION: forcing a failure.
[  150.071535][T11959] name failslab, interval 1, probability 0, space 0, times 0
[  150.084210][T11959] CPU: 0 UID: 0 PID: 11959 Comm: syz.2.3049 Not tainted 6.13.0-rc6-syzkaller-00059-g643e2e259c2b #0
[  150.095045][T11959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  150.105501][T11959] Call Trace:
[  150.108774][T11959]  <TASK>
[  150.111700][T11959]  dump_stack_lvl+0xf2/0x150
[  150.116569][T11959]  dump_stack+0x15/0x1a
[  150.120723][T11959]  should_fail_ex+0x223/0x230
[  150.125509][T11959]  should_failslab+0x8f/0xb0
[  150.130114][T11959]  kmem_cache_alloc_noprof+0x52/0x320
[  150.135481][T11959]  ? security_file_alloc+0x32/0x100
[  150.140708][T11959]  security_file_alloc+0x32/0x100
[  150.145736][T11959]  init_file+0x5b/0x1b0
[  150.149953][T11959]  alloc_empty_file+0xea/0x200
[  150.154811][T11959]  path_openat+0x6a/0x1fa0
[  150.159298][T11959]  ? kernelmode_fixup_or_oops+0x58/0xb0
[  150.164851][T11959]  ? exc_page_fault+0x4fc/0x650
[  150.171767][T11959]  ? kernelmode_fixup_or_oops+0x58/0xb0
[  150.177319][T11959]  ? __check_object_size+0x74/0x520
[  150.182530][T11959]  do_filp_open+0x107/0x230
[  150.187139][T11959]  do_sys_openat2+0xab/0x120
[  150.191724][T11959]  __x64_sys_openat+0xf3/0x120
[  150.196535][T11959]  x64_sys_call+0x2b30/0x2dc0
[  150.201217][T11959]  do_syscall_64+0xc9/0x1c0
[  150.205712][T11959]  ? clear_bhb_loop+0x55/0xb0
[  150.210397][T11959]  ? clear_bhb_loop+0x55/0xb0
[  150.215241][T11959]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.221194][T11959] RIP: 0033:0x7fb3f1fe5d29
[  150.225613][T11959] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  150.245269][T11959] RSP: 002b:00007fb3f0651038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  150.253683][T11959] RAX: ffffffffffffffda RBX: 00007fb3f21d5fa0 RCX: 00007fb3f1fe5d29
[  150.261645][T11959] RDX: 0000000000002081 RSI: 0000000020000000 RDI: ffffffffffffff9c
[  150.269610][T11959] RBP: 00007fb3f0651090 R08: 0000000000000000 R09: 0000000000000000
[  150.277613][T11959] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  150.285578][T11959] R13: 0000000000000000 R14: 00007fb3f21d5fa0 R15: 00007ffc60af8718
[  150.293550][T11959]  </TASK>
[  150.324063][   T29] kauditd_printk_skb: 227 callbacks suppressed
[  150.324079][   T29] audit: type=1326 audit(1736498918.371:6602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11960 comm="syz.4.3050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f791c725d29 code=0x7ffc0000
[  150.331176][T11963] syzkaller0: entered promiscuous mode
[  150.353771][   T29] audit: type=1326 audit(1736498918.371:6603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11960 comm="syz.4.3050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f791c725d29 code=0x7ffc0000
[  150.353818][   T29] audit: type=1326 audit(1736498918.371:6604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11960 comm="syz.4.3050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=92 compat=0 ip=0x7f791c725d29 code=0x7ffc0000
[  150.359297][T11963] syzkaller0: entered allmulticast mode
[  150.411778][T11968] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3052'.
[  150.420816][   T29] audit: type=1326 audit(1736498918.371:6605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11960 comm="syz.4.3050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f791c725d29 code=0x7ffc0000
[  150.444293][   T29] audit: type=1326 audit(1736498918.371:6606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11960 comm="syz.4.3050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f791c725d29 code=0x7ffc0000
[  150.472180][T11971] bridge0: entered promiscuous mode
[  150.480970][T11964] bridge0: left promiscuous mode
[  150.534456][T11981] loop2: detected capacity change from 0 to 512
[  150.541860][T11981] EXT4-fs: Ignoring removed oldalloc option
[  150.547971][T11981] EXT4-fs: inline encryption not supported
[  150.554543][T11981] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  150.585624][T11981] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3059: bg 0: block 64: padding at end of block bitmap is not set
[  150.600090][T11981] Quota error (device loop2): write_blk: dquota write failed
[  150.607645][T11981] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  150.617740][T11981] EXT4-fs error (device loop2): ext4_acquire_dquot:6938: comm syz.2.3059: Failed to acquire dquot type 0
[  150.629562][T11981] EXT4-fs (loop2): 1 truncate cleaned up
[  150.666211][T11991] loop1: detected capacity change from 0 to 128
[  150.687456][T11991] syz.1.3063: attempt to access beyond end of device
[  150.687456][T11991] loop1: rw=2049, sector=145, nr_sectors = 896 limit=128
[  150.692642][T11993] loop4: detected capacity change from 0 to 128
[  150.708444][T11991] syz.1.3063[11991] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  150.708509][T11991] syz.1.3063[11991] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  150.725365][T11993] syz.4.3064: attempt to access beyond end of device
[  150.725365][T11993] loop4: rw=2049, sector=145, nr_sectors = 896 limit=128
[  150.734224][T11991] syz.1.3063[11991] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  150.739514][T11993] syz.4.3064[11993] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  150.764341][T11993] syz.4.3064[11993] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  150.776631][T11993] syz.4.3064[11993] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  150.777146][T11991] FAULT_INJECTION: forcing a failure.
[  150.777146][T11991] name failslab, interval 1, probability 0, space 0, times 0
[  150.812128][T11991] CPU: 0 UID: 0 PID: 11991 Comm: syz.1.3063 Not tainted 6.13.0-rc6-syzkaller-00059-g643e2e259c2b #0
[  150.822918][T11991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  150.832965][T11991] Call Trace:
[  150.836234][T11991]  <TASK>
[  150.839155][T11991]  dump_stack_lvl+0xf2/0x150
[  150.843824][T11991]  dump_stack+0x15/0x1a
[  150.848004][T11991]  should_fail_ex+0x223/0x230
[  150.852691][T11991]  should_failslab+0x8f/0xb0
[  150.857290][T11991]  kmem_cache_alloc_noprof+0x52/0x320
[  150.862668][T11991]  ? vm_area_dup+0x2c/0x130
[  150.867242][T11991]  ? rep_movs_alternative+0x13/0x70
[  150.872491][T11991]  vm_area_dup+0x2c/0x130
[  150.876820][T11991]  __split_vma+0xf7/0x6a0
[  150.881155][T11991]  ? mntput+0x49/0x70
[  150.885136][T11991]  ? terminate_walk+0x260/0x280
[  150.889980][T11991]  vma_modify+0xd3/0x1e0
[  150.894221][T11991]  vma_modify_flags+0xf1/0x120
[  150.899007][T11991]  mlock_fixup+0x113/0x450
[  150.903825][T11991]  apply_vma_lock_flags+0x194/0x240
[  150.909034][T11991]  do_mlock+0x35b/0x510
[  150.913185][T11991]  ? __bpf_trace_sys_enter+0x10/0x30
[  150.918566][T11991]  ? trace_sys_enter+0xcd/0x110
[  150.923427][T11991]  __x64_sys_mlock2+0x72/0x90
[  150.928106][T11991]  x64_sys_call+0x971/0x2dc0
[  150.932694][T11991]  do_syscall_64+0xc9/0x1c0
[  150.937262][T11991]  ? clear_bhb_loop+0x55/0xb0
[  150.941944][T11991]  ? clear_bhb_loop+0x55/0xb0
[  150.946665][T11991]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.952588][T11991] RIP: 0033:0x7f7d83ff5d29
[  150.956993][T11991] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  150.976715][T11991] RSP: 002b:00007f7d82667038 EFLAGS: 00000246 ORIG_RAX: 0000000000000145
[  150.985198][T11991] RAX: ffffffffffffffda RBX: 00007f7d841e5fa0 RCX: 00007f7d83ff5d29
[  150.993221][T11991] RDX: 0000000000000000 RSI: 0000000000004000 RDI: 0000000020004000
[  151.001219][T11991] RBP: 00007f7d82667090 R08: 0000000000000000 R09: 0000000000000000
[  151.009282][T11991] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  151.017320][T11991] R13: 0000000000000000 R14: 00007f7d841e5fa0 R15: 00007fff9150fa48
[  151.025316][T11991]  </TASK>
[  151.100846][T11993] syz.4.3064: attempt to access beyond end of device
[  151.100846][T11993] loop4: rw=524288, sector=145, nr_sectors = 224 limit=128
[  151.114856][T11993] syz.4.3064: attempt to access beyond end of device
[  151.114856][T11993] loop4: rw=0, sector=145, nr_sectors = 8 limit=128
[  151.128043][T11993] syz.4.3064: attempt to access beyond end of device
[  151.128043][T11993] loop4: rw=0, sector=145, nr_sectors = 8 limit=128
[  151.141668][T11993] syz.4.3064: attempt to access beyond end of device
[  151.141668][T11993] loop4: rw=0, sector=145, nr_sectors = 8 limit=128
[  151.154898][T11993] syz.4.3064: attempt to access beyond end of device
[  151.154898][T11993] loop4: rw=0, sector=145, nr_sectors = 8 limit=128
[  151.168897][T11993] syz.4.3064: attempt to access beyond end of device
[  151.168897][T11993] loop4: rw=0, sector=145, nr_sectors = 8 limit=128
[  151.170534][T12000] bridge0: entered promiscuous mode
[  151.189047][T11993] syz.4.3064: attempt to access beyond end of device
[  151.189047][T11993] loop4: rw=0, sector=145, nr_sectors = 8 limit=128
[  151.192962][T11999] bridge0: left promiscuous mode
[  151.212429][T11993] syz.4.3064: attempt to access beyond end of device
[  151.212429][T11993] loop4: rw=0, sector=145, nr_sectors = 8 limit=128
[  151.311919][T12008] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[  151.320265][T12008] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[  151.332604][   T29] audit: type=1400 audit(1736498919.381:6607): avc:  denied  { relabelfrom } for  pid=12007 comm="syz.1.3071" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  151.352695][   T29] audit: type=1400 audit(1736498919.381:6608): avc:  denied  { relabelto } for  pid=12007 comm="syz.1.3071" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  151.375901][T12010] loop2: detected capacity change from 0 to 512
[  151.382394][T12010] EXT4-fs: Ignoring removed oldalloc option
[  151.388400][T12010] EXT4-fs: inline encryption not supported
[  151.403209][T12010] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  151.425732][T12010] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3072: bg 0: block 64: padding at end of block bitmap is not set
[  151.441106][T12010] Quota error (device loop2): write_blk: dquota write failed
[  151.449132][T12010] EXT4-fs error (device loop2): ext4_acquire_dquot:6938: comm syz.2.3072: Failed to acquire dquot type 0
[  151.461351][T12010] EXT4-fs (loop2): 1 truncate cleaned up
[  151.544836][T12020] FAULT_INJECTION: forcing a failure.
[  151.544836][T12020] name failslab, interval 1, probability 0, space 0, times 0
[  151.557541][T12020] CPU: 0 UID: 0 PID: 12020 Comm: syz.4.3076 Not tainted 6.13.0-rc6-syzkaller-00059-g643e2e259c2b #0
[  151.566072][T12023] bridge0: entered promiscuous mode
[  151.568343][T12020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  151.576230][T12022] bridge0: left promiscuous mode
[  151.583580][T12020] Call Trace:
[  151.591902][T12020]  <TASK>
[  151.594833][T12020]  dump_stack_lvl+0xf2/0x150
[  151.599440][T12020]  dump_stack+0x15/0x1a
[  151.605628][T12020]  should_fail_ex+0x223/0x230
[  151.610435][T12020]  should_failslab+0x8f/0xb0
[  151.615083][T12020]  kmem_cache_alloc_node_noprof+0x59/0x320
[  151.620888][T12020]  ? __alloc_skb+0x10b/0x310
[  151.625462][T12020]  __alloc_skb+0x10b/0x310
[  151.629968][T12020]  netlink_alloc_large_skb+0xad/0xe0
[  151.635239][T12020]  netlink_sendmsg+0x3b4/0x6e0
[  151.639992][T12020]  ? __pfx_netlink_sendmsg+0x10/0x10
[  151.645301][T12020]  __sock_sendmsg+0x140/0x180
[  151.650070][T12020]  ____sys_sendmsg+0x312/0x410
[  151.654896][T12020]  __sys_sendmsg+0x19d/0x230
[  151.659546][T12020]  __x64_sys_sendmsg+0x46/0x50
[  151.664396][T12020]  x64_sys_call+0x2734/0x2dc0
[  151.669078][T12020]  do_syscall_64+0xc9/0x1c0
[  151.673662][T12020]  ? clear_bhb_loop+0x55/0xb0
[  151.678335][T12020]  ? clear_bhb_loop+0x55/0xb0
[  151.683055][T12020]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.689007][T12020] RIP: 0033:0x7f791c725d29
[  151.693448][T12020] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  151.713122][T12020] RSP: 002b:00007f791ad97038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  151.721567][T12020] RAX: ffffffffffffffda RBX: 00007f791c915fa0 RCX: 00007f791c725d29
[  151.729547][T12020] RDX: 0000000000040000 RSI: 0000000020000640 RDI: 0000000000000004
[  151.737520][T12020] RBP: 00007f791ad97090 R08: 0000000000000000 R09: 0000000000000000
[  151.745565][T12020] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  151.753534][T12020] R13: 0000000000000000 R14: 00007f791c915fa0 R15: 00007fff53a54568
[  151.761538][T12020]  </TASK>
[  151.776158][T12026] FAULT_INJECTION: forcing a failure.
[  151.776158][T12026] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  151.789307][T12026] CPU: 0 UID: 0 PID: 12026 Comm: syz.0.3079 Not tainted 6.13.0-rc6-syzkaller-00059-g643e2e259c2b #0
[  151.800230][T12026] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  151.810342][T12026] Call Trace:
[  151.813685][T12026]  <TASK>
[  151.816611][T12026]  dump_stack_lvl+0xf2/0x150
[  151.821254][T12026]  dump_stack+0x15/0x1a
[  151.825417][T12026]  should_fail_ex+0x223/0x230
[  151.830150][T12026]  should_fail+0xb/0x10
[  151.834312][T12026]  should_fail_usercopy+0x1a/0x20
[  151.839348][T12026]  _copy_from_user+0x1e/0xb0
[  151.844003][T12026]  usbdev_ioctl+0xab2/0x3e00
[  151.848597][T12026]  ? do_vfs_ioctl+0x96e/0x1530
[  151.853378][T12026]  ? selinux_file_ioctl+0x2f7/0x380
[  151.858582][T12026]  ? __fget_files+0x17c/0x1c0
[  151.863278][T12026]  ? __pfx_usbdev_ioctl+0x10/0x10
[  151.868293][T12026]  __se_sys_ioctl+0xc9/0x140
[  151.872891][T12026]  __x64_sys_ioctl+0x43/0x50
[  151.877469][T12026]  x64_sys_call+0x1690/0x2dc0
[  151.882129][T12026]  do_syscall_64+0xc9/0x1c0
[  151.886679][T12026]  ? clear_bhb_loop+0x55/0xb0
[  151.891444][T12026]  ? clear_bhb_loop+0x55/0xb0
[  151.896121][T12026]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.902014][T12026] RIP: 0033:0x7fcebddd5d29
[  151.906413][T12026] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  151.926020][T12026] RSP: 002b:00007fcebc447038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  151.934532][T12026] RAX: ffffffffffffffda RBX: 00007fcebdfc5fa0 RCX: 00007fcebddd5d29
[  151.942551][T12026] RDX: 00000000200000c0 RSI: 00000000c0185500 RDI: 0000000000000003
[  151.950570][T12026] RBP: 00007fcebc447090 R08: 0000000000000000 R09: 0000000000000000
[  151.958615][T12026] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  151.966633][T12026] R13: 0000000000000000 R14: 00007fcebdfc5fa0 R15: 00007ffebf18a848
[  151.974593][T12026]  </TASK>
[  152.009377][T12039] loop0: detected capacity change from 0 to 2048
[  152.020104][T12034] syzkaller0: entered promiscuous mode
[  152.025810][T12034] syzkaller0: entered allmulticast mode
[  152.234918][T12054] chnl_net:caif_netlink_parms(): no params data found
[  152.265918][T12054] bridge0: port 1(bridge_slave_0) entered blocking state
[  152.273086][T12054] bridge0: port 1(bridge_slave_0) entered disabled state
[  152.280316][T12054] bridge_slave_0: entered allmulticast mode
[  152.286691][T12054] bridge_slave_0: entered promiscuous mode
[  152.293456][T12054] bridge0: port 2(bridge_slave_1) entered blocking state
[  152.300593][T12054] bridge0: port 2(bridge_slave_1) entered disabled state
[  152.307816][T12054] bridge_slave_1: entered allmulticast mode
[  152.315095][T12054] bridge_slave_1: entered promiscuous mode
[  152.331203][T12054] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  152.341589][T12054] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  152.362398][T12054] team0: Port device team_slave_0 added
[  152.369266][T12054] team0: Port device team_slave_1 added
[  152.385970][T12054] batman_adv: batadv0: Adding interface: batadv_slave_0
[  152.393025][T12054] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  152.418978][T12054] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  152.430172][T12054] batman_adv: batadv0: Adding interface: batadv_slave_1
[  152.437246][T12054] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  152.463156][T12054] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  152.490582][T12054] hsr_slave_0: entered promiscuous mode
[  152.496611][T12054] hsr_slave_1: entered promiscuous mode
[  152.502467][T12054] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  152.510048][T12054] Cannot create hsr debugfs directory
[  152.623155][T12054] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.661819][T12097] syzkaller0: entered promiscuous mode
[  152.667360][T12097] syzkaller0: entered allmulticast mode
[  152.676660][T12054] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.726155][T12054] bond0: (slave netdevsim1): Releasing backup interface
[  152.735310][T12054] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.752878][T12099] loop1: detected capacity change from 0 to 512
[  152.759628][T12099] EXT4-fs: Ignoring removed oldalloc option
[  152.765580][T12099] EXT4-fs: inline encryption not supported
[  152.772314][T12099] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  152.786734][T12099] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.3098: bg 0: block 64: padding at end of block bitmap is not set
[  152.801266][T12099] EXT4-fs error (device loop1): ext4_acquire_dquot:6938: comm syz.1.3098: Failed to acquire dquot type 0
[  152.802191][T12054] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.813199][T12099] EXT4-fs (loop1): 1 truncate cleaned up
[  152.886079][T12054] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  152.895611][T12054] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  152.904405][T12054] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  152.916835][T12054] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  152.961567][T12054] 8021q: adding VLAN 0 to HW filter on device bond0
[  152.977766][T12054] 8021q: adding VLAN 0 to HW filter on device team0
[  152.988432][T10099] bridge0: port 1(bridge_slave_0) entered blocking state
[  152.995607][T10099] bridge0: port 1(bridge_slave_0) entered forwarding state
[  153.028843][T10105] bridge0: port 2(bridge_slave_1) entered blocking state
[  153.035996][T10105] bridge0: port 2(bridge_slave_1) entered forwarding state
[  153.079509][T12124] syzkaller0: entered promiscuous mode
[  153.085076][T12124] syzkaller0: entered allmulticast mode
[  153.117271][T12126] syz.1.3106[12126] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  153.132368][T12126] loop1: detected capacity change from 0 to 1024
[  153.164544][T12054] 8021q: adding VLAN 0 to HW filter on device batadv0
[  153.205840][T12137] loop2: detected capacity change from 0 to 1024
[  153.212511][T12137] EXT4-fs: Ignoring removed orlov option
[  153.218236][T12137] EXT4-fs: Ignoring removed orlov option
[  153.250438][T12142] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12142 comm=syz.1.3106
[  153.270916][T12054] veth0_vlan: entered promiscuous mode
[  153.274354][T12137] EXT4-fs error (device loop2): ext4_expand_extra_isize_ea:2793: inode #12: comm syz.2.3108: corrupted in-inode xattr: bad magic number in in-inode xattr
[  153.278930][T12054] veth1_vlan: entered promiscuous mode
[  153.292113][T12142] __nla_validate_parse: 13 callbacks suppressed
[  153.292143][T12142] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3106'.
[  153.305109][T12054] veth0_macvtap: entered promiscuous mode
[  153.322534][T12137] EXT4-fs (loop2): Remounting filesystem read-only
[  153.326142][T12054] veth1_macvtap: entered promiscuous mode
[  153.338594][T12054] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  153.349212][T12054] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.359113][T12054] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  153.369614][T12054] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.379475][T12054] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  153.389939][T12054] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.401234][T12054] batman_adv: batadv0: Interface activated: batadv_slave_0
[  153.409610][T12142] (unnamed net_device) (uninitialized): option arp_all_targets: invalid value (5001216)
[  153.431915][T12149] FAULT_INJECTION: forcing a failure.
[  153.431915][T12149] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  153.435320][T12054] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  153.445122][T12149] CPU: 1 UID: 0 PID: 12149 Comm: syz.2.3109 Not tainted 6.13.0-rc6-syzkaller-00059-g643e2e259c2b #0
[  153.455461][T12054] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.466153][T12149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  153.466166][T12149] Call Trace:
[  153.466172][T12149]  <TASK>
[  153.466180][T12149]  dump_stack_lvl+0xf2/0x150
[  153.475984][T12054] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  153.486008][T12149]  dump_stack+0x15/0x1a
[  153.489276][T12054] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.492191][T12149]  should_fail_ex+0x223/0x230
[  153.496848][T12054] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  153.507209][T12149]  should_fail+0xb/0x10
[  153.507232][T12149]  should_fail_usercopy+0x1a/0x20
[  153.511458][T12054] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.515826][T12054] batman_adv: batadv0: Interface activated: batadv_slave_1
[  153.521234][T12149]  _copy_from_user+0x1e/0xb0
[  153.530820][T12054] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  153.536293][T12149]  memdup_user+0x64/0xc0
[  153.536326][T12149]  strndup_user+0x68/0xa0
[  153.540509][T12054] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  153.545484][T12149]  __se_sys_request_key+0xe3/0x290
[  153.545513][T12149]  ? fput+0x1c4/0x200
[  153.555327][T12054] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  153.562463][T12149]  __x64_sys_request_key+0x55/0x70
[  153.567056][T12054] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  153.575671][T12149]  x64_sys_call+0x296e/0x2dc0
[  153.575693][T12149]  do_syscall_64+0xc9/0x1c0
[  153.575713][T12149]  ? clear_bhb_loop+0x55/0xb0
[  153.638707][T12149]  ? clear_bhb_loop+0x55/0xb0
[  153.643458][T12149]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.649441][T12149] RIP: 0033:0x7fb3f1fe5d29
[  153.653840][T12149] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  153.673498][T12149] RSP: 002b:00007fb3f0651038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f9
[  153.682025][T12149] RAX: ffffffffffffffda RBX: 00007fb3f21d5fa0 RCX: 00007fb3f1fe5d29
[  153.689987][T12149] RDX: 0000000020000140 RSI: 0000000020000100 RDI: 00000000200000c0
[  153.697954][T12149] RBP: 00007fb3f0651090 R08: 0000000000000000 R09: 0000000000000000
[  153.705985][T12149] R10: fffffffffffffffe R11: 0000000000000246 R12: 0000000000000001
[  153.713966][T12149] R13: 0000000000000000 R14: 00007fb3f21d5fa0 R15: 00007ffc60af8718
[  153.721971][T12149]  </TASK>
[  153.810455][T12166] syzkaller0: entered promiscuous mode
[  153.816066][T12166] syzkaller0: entered allmulticast mode
[  153.904154][    C0] bridge0: port 1(gretap0) entered learning state
[  153.947300][T12178] netlink: 56 bytes leftover after parsing attributes in process `syz.1.3120'.
[  154.012151][T12187] bridge0: entered promiscuous mode
[  154.018541][T12186] bridge0: left promiscuous mode
[  154.127396][T12200] loop1: detected capacity change from 0 to 1024
[  154.134177][T12200] EXT4-fs: Ignoring removed orlov option
[  154.139868][T12200] EXT4-fs: Ignoring removed orlov option
[  154.168569][T12200] EXT4-fs error (device loop1): ext4_expand_extra_isize_ea:2793: inode #12: comm syz.1.3130: corrupted in-inode xattr: bad magic number in in-inode xattr
[  154.184837][T12200] EXT4-fs (loop1): Remounting filesystem read-only
[  154.236419][T12205] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3131'.
[  154.247314][T12205] netlink: 108 bytes leftover after parsing attributes in process `syz.1.3131'.
[  154.257790][T12205] bpf_get_probe_write_proto: 2 callbacks suppressed
[  154.257800][T12205] syz.1.3131[12205] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  154.264666][T12205] syz.1.3131[12205] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  154.276284][T12205] syz.1.3131[12205] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  154.297677][T12205] loop1: detected capacity change from 0 to 1024
[  154.369400][T12208] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12208 comm=syz.1.3131
[  154.381927][T12208] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3131'.
[  154.390945][T12208] (unnamed net_device) (uninitialized): option arp_all_targets: invalid value (5001216)
[  154.728973][T12217] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3135'.
[  154.743320][T12220] bridge0: entered promiscuous mode
[  154.749899][T12219] bridge0: left promiscuous mode
[  154.774313][T12225] loop2: detected capacity change from 0 to 512
[  154.780954][T12225] EXT4-fs: Ignoring removed oldalloc option
[  154.787082][T12225] EXT4-fs: inline encryption not supported
[  154.793464][T12225] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  154.825911][T12225] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3138: bg 0: block 64: padding at end of block bitmap is not set
[  154.841131][T12225] EXT4-fs error (device loop2): ext4_acquire_dquot:6938: comm syz.2.3138: Failed to acquire dquot type 0
[  154.852603][T12225] EXT4-fs (loop2): 1 truncate cleaned up
[  154.987102][T12241] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3145'.
[  154.997517][T12241] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3145'.
[  155.011306][T12241] hsr_slave_0 (unregistering): left promiscuous mode
[  155.052993][T12245] syzkaller0: entered promiscuous mode
[  155.058546][T12245] syzkaller0: entered allmulticast mode
[  155.066598][T12247] bridge0: entered promiscuous mode
[  155.075088][T12246] bridge0: left promiscuous mode
[  155.177757][T12257] lo: entered allmulticast mode
[  155.183060][T12253] lo: left allmulticast mode
[  155.293844][T12272] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3156'.
[  155.308154][T12272] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3156'.
[  155.345686][T12278] loop1: detected capacity change from 0 to 2048
[  155.377950][T12281] syzkaller0: entered promiscuous mode
[  155.383493][T12281] syzkaller0: entered allmulticast mode
[  155.427711][T12287] loop2: detected capacity change from 0 to 512
[  155.434812][T12287] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  155.436760][T12289] syz.1.3164[12289] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  155.445186][T12289] syz.1.3164[12289] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  155.456641][T12287] EXT4-fs (loop2): 1 truncate cleaned up
[  155.473803][T12289] syz.1.3164[12289] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  155.587064][T12296] lo: left allmulticast mode
[  155.813350][T12310] loop2: detected capacity change from 0 to 2048
[  155.852390][T12319] loop2: detected capacity change from 0 to 512
[  155.859153][T12319] EXT4-fs: Ignoring removed oldalloc option
[  155.865130][T12319] EXT4-fs: inline encryption not supported
[  155.871602][T12319] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  155.896071][T12319] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3175: bg 0: block 64: padding at end of block bitmap is not set
[  155.910847][T12319] __quota_error: 34 callbacks suppressed
[  155.910863][T12319] Quota error (device loop2): write_blk: dquota write failed
[  155.926233][T12319] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  155.936743][T12319] EXT4-fs error (device loop2): ext4_acquire_dquot:6938: comm syz.2.3175: Failed to acquire dquot type 0
[  155.947855][   T29] audit: type=1326 audit(1736498924.001:6636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12323 comm="syz.1.3176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d83ff5d29 code=0x7ffc0000
[  155.949548][T12319] EXT4-fs (loop2): 1 truncate cleaned up
[  155.985957][T12324] loop1: detected capacity change from 0 to 512
[  155.993200][T12324] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  155.994222][   T29] audit: type=1326 audit(1736498924.031:6637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12323 comm="syz.1.3176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d83ff5d29 code=0x7ffc0000
[  156.013682][T12324] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002]
[  156.024868][   T29] audit: type=1326 audit(1736498924.031:6638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12323 comm="syz.1.3176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7d83ff5d29 code=0x7ffc0000
[  156.056356][   T29] audit: type=1326 audit(1736498924.031:6639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12323 comm="syz.1.3176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d83ff5d29 code=0x7ffc0000
[  156.058885][T12324] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.3176: corrupted in-inode xattr: e_value size too large
[  156.079815][   T29] audit: type=1326 audit(1736498924.031:6640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12323 comm="syz.1.3176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d83ff5d29 code=0x7ffc0000
[  156.079843][   T29] audit: type=1326 audit(1736498924.031:6641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12323 comm="syz.1.3176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7d83ff5d29 code=0x7ffc0000
[  156.079866][   T29] audit: type=1326 audit(1736498924.031:6642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12323 comm="syz.1.3176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d83ff5d29 code=0x7ffc0000
[  156.095768][T12324] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.3176: couldn't read orphan inode 15 (err -117)
[  156.117340][   T29] audit: type=1326 audit(1736498924.031:6643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12323 comm="syz.1.3176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d83ff5d29 code=0x7ffc0000
[  156.291741][T12335] loop2: detected capacity change from 0 to 1024
[  156.298582][T12335] EXT4-fs: Ignoring removed orlov option
[  156.304495][T12335] EXT4-fs: Ignoring removed orlov option
[  156.322710][T12336] loop1: detected capacity change from 0 to 764
[  156.332933][T12335] EXT4-fs error (device loop2): ext4_expand_extra_isize_ea:2793: inode #12: comm syz.2.3181: corrupted in-inode xattr: bad magic number in in-inode xattr
[  156.371269][T12335] EXT4-fs (loop2): Remounting filesystem read-only
[  156.448525][T12336] Symlink component flag not implemented
[  156.472913][T12336] Symlink component flag not implemented (101)
[  156.600101][T12352] loop1: detected capacity change from 0 to 512
[  156.608107][T12352] EXT4-fs: Ignoring removed oldalloc option
[  156.614105][T12352] EXT4-fs: inline encryption not supported
[  156.621996][T12352] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  156.659011][T12352] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.3187: bg 0: block 64: padding at end of block bitmap is not set
[  156.673962][T12352] EXT4-fs error (device loop1): ext4_acquire_dquot:6938: comm syz.1.3187: Failed to acquire dquot type 0
[  156.686521][T12352] EXT4-fs (loop1): 1 truncate cleaned up
[  156.692633][T12352] EXT4-fs mount: 78 callbacks suppressed
[  156.692646][T12352] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  156.723412][T11431] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  156.754551][T12363] syzkaller0: entered promiscuous mode
[  156.760032][T12363] syzkaller0: entered allmulticast mode
[  156.958542][T12383] loop2: detected capacity change from 0 to 2048
[  156.986566][T12383] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  157.010700][T11215] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.079133][T12394] loop0: detected capacity change from 0 to 1024
[  157.096123][T12394] EXT4-fs: Ignoring removed orlov option
[  157.101849][T12394] EXT4-fs: Ignoring removed orlov option
[  157.126078][T12394] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  157.148388][T12394] EXT4-fs error (device loop0): ext4_expand_extra_isize_ea:2793: inode #12: comm syz.0.3203: corrupted in-inode xattr: bad magic number in in-inode xattr
[  157.165191][T12394] EXT4-fs (loop0): Remounting filesystem read-only
[  157.186663][T12054] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.210107][T12405] loop2: detected capacity change from 0 to 1024
[  157.216942][T12405] EXT4-fs: Ignoring removed orlov option
[  157.222706][T12405] EXT4-fs: Ignoring removed orlov option
[  157.236301][T12405] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  157.256397][T12405] EXT4-fs error (device loop2): ext4_expand_extra_isize_ea:2793: inode #12: comm syz.2.3208: corrupted in-inode xattr: bad magic number in in-inode xattr
[  157.272707][T12405] EXT4-fs (loop2): Remounting filesystem read-only
[  157.292154][T12413] loop0: detected capacity change from 0 to 512
[  157.306190][T12413] EXT4-fs: Ignoring removed oldalloc option
[  157.312166][T12413] EXT4-fs: inline encryption not supported
[  157.318429][T11215] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.335402][T12413] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  157.356313][T12419] loop2: detected capacity change from 0 to 2048
[  157.376600][T12413] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3210: bg 0: block 64: padding at end of block bitmap is not set
[  157.391854][T12419] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  157.404260][T12413] EXT4-fs error (device loop0): ext4_acquire_dquot:6938: comm syz.0.3210: Failed to acquire dquot type 0
[  157.426476][T12413] EXT4-fs (loop0): 1 truncate cleaned up
[  157.432845][T11215] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.439673][T12413] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  157.486840][T12054] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.615817][T12443] syzkaller0: entered promiscuous mode
[  157.621365][T12443] syzkaller0: entered allmulticast mode
[  157.681956][T12453] FAULT_INJECTION: forcing a failure.
[  157.681956][T12453] name failslab, interval 1, probability 0, space 0, times 0
[  157.694634][T12453] CPU: 0 UID: 0 PID: 12453 Comm: syz.1.3225 Not tainted 6.13.0-rc6-syzkaller-00059-g643e2e259c2b #0
[  157.705413][T12453] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  157.715509][T12453] Call Trace:
[  157.718795][T12453]  <TASK>
[  157.721730][T12453]  dump_stack_lvl+0xf2/0x150
[  157.726340][T12453]  dump_stack+0x15/0x1a
[  157.730528][T12453]  should_fail_ex+0x223/0x230
[  157.735222][T12453]  should_failslab+0x8f/0xb0
[  157.739827][T12453]  kmem_cache_alloc_noprof+0x52/0x320
[  157.745211][T12453]  ? getname_flags+0x81/0x3b0
[  157.749973][T12453]  getname_flags+0x81/0x3b0
[  157.754481][T12453]  getname+0x17/0x20
[  157.758387][T12453]  do_sys_openat2+0x67/0x120
[  157.763057][T12453]  __x64_sys_openat+0xf3/0x120
[  157.767837][T12453]  x64_sys_call+0x2b30/0x2dc0
[  157.772524][T12453]  do_syscall_64+0xc9/0x1c0
[  157.777201][T12453]  ? clear_bhb_loop+0x55/0xb0
[  157.781883][T12453]  ? clear_bhb_loop+0x55/0xb0
[  157.786594][T12453]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.792580][T12453] RIP: 0033:0x7f7d83ff4690
[  157.797000][T12453] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[  157.816676][T12453] RSP: 002b:00007f7d82666f60 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  157.825182][T12453] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f7d83ff4690
[  157.833185][T12453] RDX: 0000000000000000 RSI: 00007f7d84071c20 RDI: 00000000ffffff9c
[  157.841222][T12453] RBP: 00007f7d84071c20 R08: 0000000000000000 R09: 0000000000000000
[  157.849198][T12453] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  157.857249][T12453] R13: 0000000000000000 R14: 00007f7d841e5fa0 R15: 00007fff9150fa48
[  157.857271][T12453]  </TASK>
[  157.882387][T12459] ip6_tunnel: non-ECT from fe88:0000:0000:0000:0000:0000:0000:0001 with DS=0xe
[  157.901552][T12461] bridge0: entered promiscuous mode
[  157.908848][T12460] bridge0: left promiscuous mode
[  157.962195][T12469] FAULT_INJECTION: forcing a failure.
[  157.962195][T12469] name failslab, interval 1, probability 0, space 0, times 0
[  157.962222][T12469] CPU: 1 UID: 0 PID: 12469 Comm: syz.2.3231 Not tainted 6.13.0-rc6-syzkaller-00059-g643e2e259c2b #0
[  157.962248][T12469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  157.962258][T12469] Call Trace:
[  157.962264][T12469]  <TASK>
[  157.962271][T12469]  dump_stack_lvl+0xf2/0x150
[  157.962402][T12469]  dump_stack+0x15/0x1a
[  158.010731][T12469]  should_fail_ex+0x223/0x230
[  158.015478][T12469]  should_failslab+0x8f/0xb0
[  158.020141][T12469]  __kmalloc_node_track_caller_noprof+0xa8/0x410
[  158.026462][T12469]  ? should_failslab+0x8f/0xb0
[  158.031347][T12469]  ? ip6_setup_cork+0x1de/0x7d0
[  158.036190][T12469]  kmemdup_noprof+0x2a/0x60
[  158.040695][T12469]  ip6_setup_cork+0x1de/0x7d0
[  158.045423][T12469]  ip6_make_skb+0x102/0x510
[  158.049917][T12469]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  158.055516][T12469]  udpv6_sendmsg+0x14b0/0x1590
[  158.060314][T12469]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  158.065865][T12469]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  158.071009][T12469]  inet6_sendmsg+0xaf/0xd0
[  158.075425][T12469]  __sock_sendmsg+0x8b/0x180
[  158.080063][T12469]  ____sys_sendmsg+0x312/0x410
[  158.084865][T12469]  __sys_sendmmsg+0x227/0x4b0
[  158.089687][T12469]  __x64_sys_sendmmsg+0x57/0x70
[  158.094538][T12469]  x64_sys_call+0x29aa/0x2dc0
[  158.099208][T12469]  do_syscall_64+0xc9/0x1c0
[  158.103743][T12469]  ? clear_bhb_loop+0x55/0xb0
[  158.108419][T12469]  ? clear_bhb_loop+0x55/0xb0
[  158.113089][T12469]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.118994][T12469] RIP: 0033:0x7fb3f1fe5d29
[  158.123400][T12469] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  158.143041][T12469] RSP: 002b:00007fb3f0651038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  158.151450][T12469] RAX: ffffffffffffffda RBX: 00007fb3f21d5fa0 RCX: 00007fb3f1fe5d29
[  158.159518][T12469] RDX: 0000000000000062 RSI: 0000000020002940 RDI: 0000000000000003
[  158.167559][T12469] RBP: 00007fb3f0651090 R08: 0000000000000000 R09: 0000000000000000
[  158.175527][T12469] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  158.183638][T12469] R13: 0000000000000000 R14: 00007fb3f21d5fa0 R15: 00007ffc60af8718
[  158.191613][T12469]  </TASK>
[  158.251253][T12482] FAULT_INJECTION: forcing a failure.
[  158.251253][T12482] name failslab, interval 1, probability 0, space 0, times 0
[  158.264026][T12482] CPU: 0 UID: 0 PID: 12482 Comm: syz.2.3236 Not tainted 6.13.0-rc6-syzkaller-00059-g643e2e259c2b #0
[  158.274833][T12482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  158.284888][T12482] Call Trace:
[  158.288167][T12482]  <TASK>
[  158.291097][T12482]  dump_stack_lvl+0xf2/0x150
[  158.295689][T12482]  dump_stack+0x15/0x1a
[  158.299837][T12482]  should_fail_ex+0x223/0x230
[  158.304524][T12482]  ? hugetlb_vm_op_open+0x232/0x3a0
[  158.309722][T12482]  should_failslab+0x8f/0xb0
[  158.314356][T12482]  __kmalloc_cache_noprof+0x4e/0x320
[  158.319716][T12482]  hugetlb_vm_op_open+0x232/0x3a0
[  158.324731][T12482]  ? __pfx_hugetlb_vm_op_open+0x10/0x10
[  158.330322][T12482]  __split_vma+0x374/0x6a0
[  158.334780][T12482]  vms_gather_munmap_vmas+0x171/0x7a0
[  158.340225][T12482]  ? mas_walk+0x204/0x320
[  158.344550][T12482]  __mmap_region+0x306/0x1400
[  158.349214][T12482]  ? selinux_file_open+0x34a/0x3b0
[  158.354315][T12482]  ? do_dentry_open+0x7a7/0xa20
[  158.359321][T12482]  ? __rcu_read_unlock+0x4e/0x70
[  158.364334][T12482]  mmap_region+0x18c/0x1e0
[  158.368756][T12482]  do_mmap+0x732/0xbb0
[  158.372817][T12482]  __se_sys_remap_file_pages+0x617/0x770
[  158.378435][T12482]  ? __bpf_trace_sys_enter+0x10/0x30
[  158.383790][T12482]  ? trace_sys_enter+0xcd/0x110
[  158.388640][T12482]  __x64_sys_remap_file_pages+0x67/0x80
[  158.394190][T12482]  x64_sys_call+0x10b2/0x2dc0
[  158.398973][T12482]  do_syscall_64+0xc9/0x1c0
[  158.403586][T12482]  ? clear_bhb_loop+0x55/0xb0
[  158.408292][T12482]  ? clear_bhb_loop+0x55/0xb0
[  158.412960][T12482]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.418927][T12482] RIP: 0033:0x7fb3f1fe5d29
[  158.423352][T12482] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  158.443096][T12482] RSP: 002b:00007fb3f0651038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d8
[  158.451504][T12482] RAX: ffffffffffffffda RBX: 00007fb3f21d5fa0 RCX: 00007fb3f1fe5d29
[  158.459480][T12482] RDX: 0000000000000000 RSI: 0000000000800000 RDI: 0000000020800000
[  158.467444][T12482] RBP: 00007fb3f0651090 R08: 0000000000000000 R09: 0000000000000000
[  158.475406][T12482] R10: 0000000000000600 R11: 0000000000000246 R12: 0000000000000001
[  158.483444][T12482] R13: 0000000000000000 R14: 00007fb3f21d5fa0 R15: 00007ffc60af8718
[  158.491414][T12482]  </TASK>
[  158.495645][T12482] HugeTLB: unable to allocate vma specific lock
[  158.540204][T12487] __nla_validate_parse: 4 callbacks suppressed
[  158.540219][T12487] netlink: 56 bytes leftover after parsing attributes in process `syz.2.3238'.
[  158.688370][T12492] netlink: 'syz.2.3240': attribute type 10 has an invalid length.
[  158.691079][T12492] batman_adv: batadv0: Adding interface: team0
[  158.691131][T12492] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  158.691160][T12492] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  158.773236][T12500] ip6_tunnel: non-ECT from fe88:0000:0000:0000:0000:0000:0000:0004 with DS=0xe
[  158.851985][T12508] bridge0: entered promiscuous mode
[  158.859475][T12507] bridge0: left promiscuous mode
[  158.887132][T12510] bridge0: entered promiscuous mode
[  158.894188][T12509] bridge0: left promiscuous mode
[  158.997691][T12521] netlink: 56 bytes leftover after parsing attributes in process `syz.4.3250'.
[  159.198908][T12533] loop4: detected capacity change from 0 to 128
[  159.244162][T12535] loop4: detected capacity change from 0 to 512
[  159.250874][T12535] EXT4-fs: Ignoring removed oldalloc option
[  159.256886][T12535] EXT4-fs: inline encryption not supported
[  159.263164][T12535] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  159.275576][T12535] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3256: bg 0: block 64: padding at end of block bitmap is not set
[  159.290170][T12535] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.3256: Failed to acquire dquot type 0
[  159.302380][T12535] EXT4-fs (loop4): 1 truncate cleaned up
[  159.308322][T12535] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  159.332740][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  159.562042][T12543] chnl_net:caif_netlink_parms(): no params data found
[  159.593677][T12543] bridge0: port 1(bridge_slave_0) entered blocking state
[  159.600985][T12543] bridge0: port 1(bridge_slave_0) entered disabled state
[  159.608282][T12543] bridge_slave_0: entered allmulticast mode
[  159.614744][T12543] bridge_slave_0: entered promiscuous mode
[  159.621443][T12543] bridge0: port 2(bridge_slave_1) entered blocking state
[  159.628625][T12543] bridge0: port 2(bridge_slave_1) entered disabled state
[  159.635891][T12543] bridge_slave_1: entered allmulticast mode
[  159.642415][T12543] bridge_slave_1: entered promiscuous mode
[  159.658273][T12543] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  159.669339][T12543] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  159.687085][T12543] team0: Port device team_slave_0 added
[  159.693604][T12543] team0: Port device team_slave_1 added
[  159.707899][T12543] batman_adv: batadv0: Adding interface: batadv_slave_0
[  159.714870][T12543] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  159.740848][T12543] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  159.751974][T12543] batman_adv: batadv0: Adding interface: batadv_slave_1
[  159.759024][T12543] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  159.784976][T12543] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  159.811021][T12543] hsr_slave_0: entered promiscuous mode
[  159.817714][T12543] hsr_slave_1: entered promiscuous mode
[  159.823736][T12543] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  159.832602][T12543] Cannot create hsr debugfs directory
[  159.889291][T12543] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.946812][T12543] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.006587][T12543] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.061672][T12564] loop1: detected capacity change from 0 to 512
[  160.069502][T12564] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  160.075301][T12543] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.093082][T12564] EXT4-fs (loop1): 1 truncate cleaned up
[  160.099361][T12564] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  160.139744][T12543] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  160.147612][T11431] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.148797][T12543] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  160.166234][T12543] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  160.175791][T12543] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  160.194644][T12543] bridge0: port 2(bridge_slave_1) entered blocking state
[  160.201737][T12543] bridge0: port 2(bridge_slave_1) entered forwarding state
[  160.209052][T12543] bridge0: port 1(bridge_slave_0) entered blocking state
[  160.216214][T12543] bridge0: port 1(bridge_slave_0) entered forwarding state
[  160.251043][T12543] 8021q: adding VLAN 0 to HW filter on device bond0
[  160.264857][   T40] bridge0: port 1(bridge_slave_0) entered disabled state
[  160.272901][   T40] bridge0: port 2(bridge_slave_1) entered disabled state
[  160.288127][T12543] 8021q: adding VLAN 0 to HW filter on device team0
[  160.297798][T10087] bridge0: port 1(bridge_slave_0) entered blocking state
[  160.304885][T10087] bridge0: port 1(bridge_slave_0) entered forwarding state
[  160.316215][T12573] loop1: detected capacity change from 0 to 2048
[  160.325143][T12543] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  160.335680][T12543] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  160.348335][T10087] bridge0: port 2(bridge_slave_1) entered blocking state
[  160.355410][T10087] bridge0: port 2(bridge_slave_1) entered forwarding state
[  160.360795][T12573] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  160.389239][T11431] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.432620][T12543] 8021q: adding VLAN 0 to HW filter on device batadv0
[  160.547721][T12543] veth0_vlan: entered promiscuous mode
[  160.557505][T12543] veth1_vlan: entered promiscuous mode
[  160.572834][T12543] veth0_macvtap: entered promiscuous mode
[  160.581622][T12543] veth1_macvtap: entered promiscuous mode
[  160.599640][T12543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  160.610190][T12543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  160.620177][T12543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  160.630438][T12604] loop1: detected capacity change from 0 to 512
[  160.630642][T12543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  160.642013][T12604] EXT4-fs: Ignoring removed oldalloc option
[  160.646841][T12543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  160.652619][T12604] EXT4-fs: inline encryption not supported
[  160.663053][T12543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  160.678844][T12543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  160.679079][T12604] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  160.689330][T12543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  160.710673][T12543] batman_adv: batadv0: Interface activated: batadv_slave_0
[  160.721451][T12543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  160.731967][T12543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  160.741881][T12543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  160.752323][T12543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  160.762189][T12543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  160.772739][T12543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  160.782601][T12543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  160.793129][T12543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  160.806673][T12543] batman_adv: batadv0: Interface activated: batadv_slave_1
[  160.807114][T12604] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.3272: bg 0: block 64: padding at end of block bitmap is not set
[  160.815302][T12543] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  160.829052][T12604] EXT4-fs error (device loop1): ext4_acquire_dquot:6938: comm syz.1.3272: Failed to acquire dquot type 0
[  160.836878][T12543] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  160.836917][T12543] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  160.849372][T12604] EXT4-fs (loop1): 1 truncate cleaned up
[  160.856807][T12543] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  160.867057][T12604] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  160.948006][T11431] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.985794][   T29] kauditd_printk_skb: 119 callbacks suppressed
[  160.985807][   T29] audit: type=1326 audit(1736498929.041:6755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12609 comm="syz.1.3273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d83ff5d29 code=0x7ffc0000
[  161.024033][   T29] audit: type=1326 audit(1736498929.041:6756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12609 comm="syz.1.3273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f7d83ff5d29 code=0x7ffc0000
[  161.047740][   T29] audit: type=1326 audit(1736498929.041:6757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12609 comm="syz.1.3273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d83ff5d29 code=0x7ffc0000
[  161.071291][   T29] audit: type=1326 audit(1736498929.041:6758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12609 comm="syz.1.3273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=89 compat=0 ip=0x7f7d83ff5d29 code=0x7ffc0000
[  161.094722][   T29] audit: type=1326 audit(1736498929.041:6759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12609 comm="syz.1.3273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d83ff5d29 code=0x7ffc0000
[  161.118434][   T29] audit: type=1326 audit(1736498929.041:6760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12609 comm="syz.1.3273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7d83ff5d29 code=0x7ffc0000
[  161.141941][   T29] audit: type=1326 audit(1736498929.041:6761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12609 comm="syz.1.3273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d83ff5d29 code=0x7ffc0000
[  161.165519][   T29] audit: type=1326 audit(1736498929.041:6762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12609 comm="syz.1.3273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7d83ff4690 code=0x7ffc0000
[  161.189146][   T29] audit: type=1400 audit(1736498929.041:6763): avc:  denied  { append } for  pid=12609 comm="syz.1.3273" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  161.212906][   T29] audit: type=1326 audit(1736498929.041:6764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12609 comm="syz.1.3273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d83ff5d29 code=0x7ffc0000
[  161.250685][T12618] loop4: detected capacity change from 0 to 512
[  161.257282][T12618] EXT4-fs: Ignoring removed oldalloc option
[  161.263280][T12618] EXT4-fs: inline encryption not supported
[  161.270143][T12618] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  161.305627][T12618] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3275: bg 0: block 64: padding at end of block bitmap is not set
[  161.321177][T12618] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.3275: Failed to acquire dquot type 0
[  161.333177][T12618] EXT4-fs (loop4): 1 truncate cleaned up
[  161.339709][T12618] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  161.371439][T12543] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.382454][T12630] bridge0: entered promiscuous mode
[  161.389976][T12629] bridge0: left promiscuous mode
[  161.397508][T12632] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3280'.
[  161.407346][T12632] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3280'.
[  161.418424][T12632] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3280'.
[  161.443472][T12636] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3282'.
[  161.473267][T12636] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3282'.
[  161.626294][T12652] netlink: 56 bytes leftover after parsing attributes in process `syz.3.3291'.
[  161.695971][T12658] loop2: detected capacity change from 0 to 512
[  161.713055][T12658] EXT4-fs (loop2): can't read group descriptor 0
[  161.752158][T12658] SELinux:  policydb version 536871040 does not match my version range 15-33
[  161.771628][T12658] SELinux: failed to load policy
[  161.886687][T12679] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[  161.895033][T12679] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[  161.976832][T12680] ip6_tunnel: non-ECT from fe88:0000:0000:0000:0000:0000:0000:0003 with DS=0xe
[  162.106061][T12698] loop1: detected capacity change from 0 to 1024
[  162.144376][T12705] SELinux:  policydb version 536 does not match my version range 15-33
[  162.152809][T12705] SELinux: failed to load policy
[  162.165624][T12698] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  162.210838][T11431] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.409022][T12734] FAULT_INJECTION: forcing a failure.
[  162.409022][T12734] name failslab, interval 1, probability 0, space 0, times 0
[  162.421614][T12736] loop4: detected capacity change from 0 to 1024
[  162.421864][T12734] CPU: 0 UID: 0 PID: 12734 Comm: syz.3.3321 Not tainted 6.13.0-rc6-syzkaller-00059-g643e2e259c2b #0
[  162.428397][T12736] EXT4-fs: Ignoring removed orlov option
[  162.438822][T12734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  162.438837][T12734] Call Trace:
[  162.438844][T12734]  <TASK>
[  162.438914][T12734]  dump_stack_lvl+0xf2/0x150
[  162.444556][T12736] EXT4-fs: Ignoring removed orlov option
[  162.454572][T12734]  dump_stack+0x15/0x1a
[  162.475159][T12734]  should_fail_ex+0x223/0x230
[  162.479885][T12734]  ? sctp_auth_asoc_copy_shkeys+0x101/0x340
[  162.485769][T12734]  should_failslab+0x8f/0xb0
[  162.488614][T12736] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  162.490409][T12734]  __kmalloc_cache_noprof+0x4e/0x320
[  162.490438][T12734]  sctp_auth_asoc_copy_shkeys+0x101/0x340
[  162.509697][T12736] EXT4-fs error (device loop4): ext4_expand_extra_isize_ea:2793: inode #12: comm syz.4.3322: corrupted in-inode xattr: bad magic number in in-inode xattr
[  162.513394][T12734]  sctp_association_new+0xe78/0x1130
[  162.529188][T12736] EXT4-fs (loop4): Remounting filesystem read-only
[  162.534103][T12734]  sctp_connect_new_asoc+0x1b0/0x3b0
[  162.545977][T12734]  ? __rcu_read_unlock+0x4e/0x70
[  162.550938][T12734]  __sctp_connect+0x41d/0x7a0
[  162.555625][T12734]  ? release_sock+0x117/0x150
[  162.560322][T12734]  ? lock_sock_nested+0x10f/0x140
[  162.565427][T12734]  ? selinux_netlbl_socket_connect+0x113/0x130
[  162.571564][T12734]  sctp_inet_connect+0xe5/0x100
[  162.576399][T12734]  ? __pfx_sctp_inet_connect+0x10/0x10
[  162.581924][T12734]  __sys_connect+0x18f/0x1b0
[  162.586579][T12734]  __x64_sys_connect+0x41/0x50
[  162.591343][T12734]  x64_sys_call+0x22a7/0x2dc0
[  162.596029][T12734]  do_syscall_64+0xc9/0x1c0
[  162.600542][T12734]  ? clear_bhb_loop+0x55/0xb0
[  162.605205][T12734]  ? clear_bhb_loop+0x55/0xb0
[  162.609864][T12734]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.615751][T12734] RIP: 0033:0x7fcbabf45d29
[  162.620198][T12734] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  162.639926][T12734] RSP: 002b:00007fcbaa5b1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  162.648335][T12734] RAX: ffffffffffffffda RBX: 00007fcbac135fa0 RCX: 00007fcbabf45d29
[  162.656306][T12734] RDX: 000000000000001c RSI: 0000000020000040 RDI: 0000000000000003
[  162.664267][T12734] RBP: 00007fcbaa5b1090 R08: 0000000000000000 R09: 0000000000000000
[  162.672269][T12734] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  162.680234][T12734] R13: 0000000000000000 R14: 00007fcbac135fa0 R15: 00007ffdbdad4a78
[  162.688246][T12734]  </TASK>
[  162.698854][T12543] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.716529][T12740] netlink: 56 bytes leftover after parsing attributes in process `syz.3.3324'.
[  162.742959][T12745] bridge0: entered promiscuous mode
[  162.749676][T12743] bridge0: left promiscuous mode
[  162.784480][T12752] loop4: detected capacity change from 0 to 512
[  162.791074][T12752] EXT4-fs: Ignoring removed oldalloc option
[  162.797043][T12752] EXT4-fs: inline encryption not supported
[  162.803382][T12752] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  162.827355][T12752] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3329: bg 0: block 64: padding at end of block bitmap is not set
[  162.842179][T12752] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.3329: Failed to acquire dquot type 0
[  162.854098][T12752] EXT4-fs (loop4): 1 truncate cleaned up
[  162.860081][T12752] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  162.877479][T12760] syzkaller0: entered promiscuous mode
[  162.883043][T12760] syzkaller0: entered allmulticast mode
[  162.890945][T12543] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.960752][T12765] lo: entered allmulticast mode
[  162.965974][T12765] lo: left allmulticast mode
[  163.619973][T12770] 9pnet: p9_errstr2errno: server reported unknown error 
[  163.679137][T12772] bridge0: entered promiscuous mode
[  163.685724][T12771] bridge0: left promiscuous mode
[  163.707458][T12774] syzkaller0: entered promiscuous mode
[  163.712943][T12774] syzkaller0: entered allmulticast mode
[  163.846848][T12783] loop4: detected capacity change from 0 to 1024
[  163.853638][T12783] EXT4-fs: Ignoring removed orlov option
[  163.859309][T12783] EXT4-fs: Ignoring removed orlov option
[  163.867103][T12784] veth0_to_team: entered promiscuous mode
[  163.872921][T12784] veth0_to_team: entered allmulticast mode
[  163.885667][T12783] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  163.905000][T12783] EXT4-fs error (device loop4): ext4_expand_extra_isize_ea:2793: inode #12: comm syz.4.3342: corrupted in-inode xattr: bad magic number in in-inode xattr
[  163.922313][T12790] syzkaller0: entered promiscuous mode
[  163.927902][T12790] syzkaller0: entered allmulticast mode
[  163.932122][T12783] EXT4-fs (loop4): Remounting filesystem read-only
[  163.956400][T12543] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.991386][T12796] FAULT_INJECTION: forcing a failure.
[  163.991386][T12796] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  164.004515][T12796] CPU: 0 UID: 0 PID: 12796 Comm: syz.4.3347 Not tainted 6.13.0-rc6-syzkaller-00059-g643e2e259c2b #0
[  164.015285][T12796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  164.025382][T12796] Call Trace:
[  164.028754][T12796]  <TASK>
[  164.031667][T12796]  dump_stack_lvl+0xf2/0x150
[  164.036350][T12796]  dump_stack+0x15/0x1a
[  164.040531][T12796]  should_fail_ex+0x223/0x230
[  164.045205][T12796]  should_fail+0xb/0x10
[  164.049450][T12796]  should_fail_usercopy+0x1a/0x20
[  164.054816][T12796]  _copy_to_user+0x20/0xa0
[  164.059332][T12796]  simple_read_from_buffer+0xa0/0x110
[  164.064712][T12796]  proc_fail_nth_read+0xf9/0x140
[  164.069670][T12796]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  164.075246][T12796]  vfs_read+0x1a2/0x700
[  164.079413][T12796]  ? __rcu_read_unlock+0x4e/0x70
[  164.084374][T12796]  ? __fget_files+0x17c/0x1c0
[  164.089117][T12796]  ksys_read+0xe8/0x1b0
[  164.093266][T12796]  __x64_sys_read+0x42/0x50
[  164.097850][T12796]  x64_sys_call+0x2874/0x2dc0
[  164.102538][T12796]  do_syscall_64+0xc9/0x1c0
[  164.107136][T12796]  ? clear_bhb_loop+0x55/0xb0
[  164.111825][T12796]  ? clear_bhb_loop+0x55/0xb0
[  164.116538][T12796]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.122428][T12796] RIP: 0033:0x7f2ebdbd473c
[  164.126860][T12796] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  164.146472][T12796] RSP: 002b:00007f2ebc247030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  164.154925][T12796] RAX: ffffffffffffffda RBX: 00007f2ebddc5fa0 RCX: 00007f2ebdbd473c
[  164.162969][T12796] RDX: 000000000000000f RSI: 00007f2ebc2470a0 RDI: 0000000000000003
[  164.170957][T12796] RBP: 00007f2ebc247090 R08: 0000000000000000 R09: 0000000000000000
[  164.178941][T12796] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  164.186960][T12796] R13: 0000000000000000 R14: 00007f2ebddc5fa0 R15: 00007ffd61bd62b8
[  164.194939][T12796]  </TASK>
[  164.239892][T12800] netlink: 256 bytes leftover after parsing attributes in process `+}[@'.
[  164.244884][T12798] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[  164.256663][T12798] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[  164.408842][T12814] 9pnet_fd: Insufficient options for proto=fd
[  164.453856][T12816] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3355'.
[  164.463143][T12816] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3355'.
[  164.512616][T12824] syzkaller0: entered promiscuous mode
[  164.518330][T12824] syzkaller0: entered allmulticast mode
[  164.525335][T12826] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3360'.
[  164.537909][T12826] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3360'.
[  164.627715][T12828] lo: entered allmulticast mode
[  164.632864][T12828] lo: left allmulticast mode
[  164.703448][T12837] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[  164.711830][T12837] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[  164.785357][T12840] loop1: detected capacity change from 0 to 1024
[  164.793155][T12842] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3367'.
[  164.802918][T12842] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3367'.
[  164.824254][T12840] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  164.836499][T12840] ext4 filesystem being mounted at /123/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  164.846589][T12846] loop2: detected capacity change from 0 to 512
[  164.868408][T12846] EXT4-fs: Ignoring removed oldalloc option
[  164.874393][T12846] EXT4-fs: inline encryption not supported
[  164.891648][T12846] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  164.893941][T12840] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3366'.
[  164.912052][T12852] loop0: detected capacity change from 0 to 512
[  164.919009][T12852] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  164.940564][T12852] EXT4-fs (loop0): 1 truncate cleaned up
[  164.947082][T12852] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  164.955979][T12846] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3368: bg 0: block 64: padding at end of block bitmap is not set
[  164.975672][T12857] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3366'.
[  164.979320][T12846] EXT4-fs error (device loop2): ext4_acquire_dquot:6938: comm syz.2.3368: Failed to acquire dquot type 0
[  164.987130][T12857] netlink: 100 bytes leftover after parsing attributes in process `syz.1.3366'.
[  164.998053][T12846] EXT4-fs (loop2): 1 truncate cleaned up
[  165.013209][T12846] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  165.035397][T12054] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.097727][T12840] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 46 with max blocks 1 with error 28
[  165.110360][T12840] EXT4-fs (loop1): This should not happen!! Data will be lost
[  165.110360][T12840] 
[  165.120257][T12840] EXT4-fs (loop1): Total free blocks count 0
[  165.126291][T12840] EXT4-fs (loop1): Free/Dirty block details
[  165.130421][T12861] loop4: detected capacity change from 0 to 2048
[  165.132217][T12840] EXT4-fs (loop1): free_blocks=0
[  165.132232][T12840] EXT4-fs (loop1): dirty_blocks=0
[  165.132244][T12840] EXT4-fs (loop1): Block reservation details
[  165.154584][T12840] EXT4-fs (loop1): i_reserved_data_blocks=0
[  165.161534][T11215] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.183521][T12861] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  165.196722][T11431] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.207585][T12861] veth0_to_team: entered promiscuous mode
[  165.213429][T12861] veth0_to_team: entered allmulticast mode
[  165.222197][T12870] bridge_slave_1: left allmulticast mode
[  165.227966][T12870] bridge_slave_1: left promiscuous mode
[  165.233634][T12870] bridge0: port 2(bridge_slave_1) entered disabled state
[  165.250670][T12543] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.267487][T12870] bridge_slave_0: left allmulticast mode
[  165.273255][T12870] bridge_slave_0: left promiscuous mode
[  165.279019][T12870] bridge0: port 1(bridge_slave_0) entered disabled state
[  165.344123][T12874] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  165.352552][T12874] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  165.453049][T12896] loop2: detected capacity change from 0 to 1024
[  165.463399][T12896] EXT4-fs: Ignoring removed orlov option
[  165.469149][T12896] EXT4-fs: Ignoring removed orlov option
[  165.536634][T12902] loop1: detected capacity change from 0 to 8192
[  165.592060][T12896] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  165.608772][T12896] EXT4-fs error (device loop2): ext4_expand_extra_isize_ea:2793: inode #12: comm syz.2.3382: corrupted in-inode xattr: bad magic number in in-inode xattr
[  165.641809][T12896] EXT4-fs (loop2): Remounting filesystem read-only
[  165.694961][T11215] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.705268][T12905] loop4: detected capacity change from 0 to 512
[  165.718722][T12905] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  165.738792][T12915] loop2: detected capacity change from 0 to 2048
[  165.746451][T12905] EXT4-fs (loop4): 1 orphan inode deleted
[  165.752201][T12905] EXT4-fs (loop4): 1 truncate cleaned up
[  165.755365][T12915] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  165.758414][T12905] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  165.795353][T11215] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.816445][T12543] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.908259][T12925] loop4: detected capacity change from 0 to 8192
[  165.920431][T12930] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[  165.928808][T12930] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[  166.058513][T12944] veth0_to_team: entered promiscuous mode
[  166.064741][T12944] veth0_to_team: entered allmulticast mode
[  166.208108][   T29] kauditd_printk_skb: 171 callbacks suppressed
[  166.208122][   T29] audit: type=1326 audit(1736498934.261:6930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12949 comm="syz.3.3403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbabf45d29 code=0x7ffc0000
[  166.238038][   T29] audit: type=1326 audit(1736498934.261:6931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12949 comm="syz.3.3403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbabf45d29 code=0x7ffc0000
[  166.264050][   T29] audit: type=1326 audit(1736498934.321:6932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12949 comm="syz.3.3403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=303 compat=0 ip=0x7fcbabf45d29 code=0x7ffc0000
[  166.287694][   T29] audit: type=1326 audit(1736498934.321:6933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12949 comm="syz.3.3403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbabf45d29 code=0x7ffc0000
[  166.311358][   T29] audit: type=1326 audit(1736498934.321:6934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12949 comm="syz.3.3403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbabf45d29 code=0x7ffc0000
[  166.362426][T12965] loop4: detected capacity change from 0 to 512
[  166.369443][T12965] EXT4-fs: Ignoring removed oldalloc option
[  166.375439][T12965] EXT4-fs: inline encryption not supported
[  166.395675][T12965] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  166.413398][   T29] audit: type=1326 audit(1736498934.471:6935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12970 comm="syz.3.3410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbabf45d29 code=0x7ffc0000
[  166.436997][   T29] audit: type=1326 audit(1736498934.471:6936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12970 comm="syz.3.3410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcbabf45d29 code=0x7ffc0000
[  166.460524][   T29] audit: type=1326 audit(1736498934.471:6937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12970 comm="syz.3.3410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbabf45d29 code=0x7ffc0000
[  166.487492][   T29] audit: type=1326 audit(1736498934.541:6938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12970 comm="syz.3.3410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcbabf45d29 code=0x7ffc0000
[  166.513583][   T29] audit: type=1326 audit(1736498934.541:6939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12970 comm="syz.3.3410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbabf45d29 code=0x7ffc0000
[  166.545410][T12965] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3407: bg 0: block 64: padding at end of block bitmap is not set
[  166.561325][T12965] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.3407: Failed to acquire dquot type 0
[  166.573698][T12965] EXT4-fs (loop4): 1 truncate cleaned up
[  166.580005][T12965] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.608447][T12543] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.757586][T12995] loop1: detected capacity change from 0 to 1024
[  166.779399][T12995] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  166.937095][T13006] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[  166.945377][T13006] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[  167.002883][T13011] loop2: detected capacity change from 0 to 1024
[  167.025609][T13011] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  167.130045][T13015] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  167.171154][T13015] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 16384 with max blocks 1 with error 28
[  167.183834][T13015] EXT4-fs (loop1): This should not happen!! Data will be lost
[  167.183834][T13015] 
[  167.193611][T13015] EXT4-fs (loop1): Total free blocks count 0
[  167.199618][T13015] EXT4-fs (loop1): Free/Dirty block details
[  167.205543][T13015] EXT4-fs (loop1): free_blocks=68451041280
[  167.211414][T13015] EXT4-fs (loop1): dirty_blocks=16
[  167.216580][T13015] EXT4-fs (loop1): Block reservation details
[  167.222579][T13015] EXT4-fs (loop1): i_reserved_data_blocks=1
[  167.273729][T13021] loop0: detected capacity change from 0 to 2048
[  167.286232][T13024] FAULT_INJECTION: forcing a failure.
[  167.286232][T13024] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  167.299530][T13024] CPU: 1 UID: 0 PID: 13024 Comm: syz.2.3424 Not tainted 6.13.0-rc6-syzkaller-00059-g643e2e259c2b #0
[  167.310327][T13024] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  167.320395][T13024] Call Trace:
[  167.320444][T13023] lo: entered allmulticast mode
[  167.323729][T13024]  <TASK>
[  167.323740][T13024]  dump_stack_lvl+0xf2/0x150
[  167.336095][T13024]  dump_stack+0x15/0x1a
[  167.340278][T13024]  should_fail_ex+0x223/0x230
[  167.342116][T13023] lo: left allmulticast mode
[  167.344961][T13024]  should_fail_alloc_page+0xfd/0x110
[  167.344997][T13024]  __alloc_pages_noprof+0x109/0x340
[  167.345102][T13024]  alloc_pages_mpol_noprof+0xb1/0x1e0
[  167.345128][T13024]  folio_alloc_noprof+0xee/0x130
[  167.345152][T13024]  filemap_alloc_folio_noprof+0x69/0x220
[  167.345175][T13024]  __filemap_get_folio+0x298/0x5b0
[  167.345238][T13024]  ? ext4_prepare_inline_data+0x78/0x150
[  167.345261][T13024]  ext4_da_write_inline_data_begin+0x1a8/0x6b0
[  167.345379][T13024]  ext4_da_write_begin+0x25a/0x540
[  167.345403][T13024]  generic_perform_write+0x1a8/0x4a0
[  167.345429][T13024]  ? __mark_inode_dirty+0x45e/0x7e0
[  167.345452][T13024]  ext4_buffered_write_iter+0x1ea/0x370
[  167.345530][T13024]  ext4_file_write_iter+0x383/0xf20
[  167.345701][T13024]  ? path_openat+0x1a5a/0x1fa0
[  167.345726][T13024]  ? _parse_integer_limit+0x167/0x180
[  167.345749][T13024]  ? _parse_integer+0x27/0x30
[  167.345767][T13024]  ? kstrtoull+0x110/0x140
[  167.345783][T13024]  ? __import_iovec+0x443/0x560
[  167.444152][T13024]  do_iter_readv_writev+0x394/0x450
[  167.449425][T13024]  vfs_writev+0x2d4/0x880
[  167.453777][T13024]  ? proc_fail_nth_write+0x12a/0x150
[  167.459155][T13024]  __se_sys_pwritev2+0x100/0x1c0
[  167.464193][T13024]  __x64_sys_pwritev2+0x78/0x90
[  167.469058][T13024]  x64_sys_call+0x2afe/0x2dc0
[  167.473738][T13024]  do_syscall_64+0xc9/0x1c0
[  167.478242][T13024]  ? clear_bhb_loop+0x55/0xb0
[  167.482917][T13024]  ? clear_bhb_loop+0x55/0xb0
[  167.487584][T13024]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.493533][T13024] RIP: 0033:0x7fb3f1fe5d29
[  167.498013][T13024] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  167.517624][T13024] RSP: 002b:00007fb3f060f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  167.526051][T13024] RAX: ffffffffffffffda RBX: 00007fb3f21d6160 RCX: 00007fb3f1fe5d29
[  167.534069][T13024] RDX: 0000000000000001 RSI: 0000000020000500 RDI: 0000000000000004
[  167.542076][T13024] RBP: 00007fb3f060f090 R08: 0000000000000000 R09: 0000000000000000
[  167.550047][T13024] R10: 0000000001000000 R11: 0000000000000246 R12: 0000000000000001
[  167.558035][T13024] R13: 0000000000000000 R14: 00007fb3f21d6160 R15: 00007ffc60af8718
[  167.566024][T13024]  </TASK>
[  167.675696][T13021] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  167.759979][T12054] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.770400][T11431] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.789492][T13035] netlink: 'syz.0.3431': attribute type 4 has an invalid length.
[  167.826949][T13035] netlink: 'syz.0.3431': attribute type 4 has an invalid length.
[  167.929648][T11215] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.990311][T13045] loop4: detected capacity change from 0 to 512
[  168.001521][T13045] EXT4-fs: Ignoring removed oldalloc option
[  168.007580][T13045] EXT4-fs: inline encryption not supported
[  168.017325][T13045] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  168.037835][T13045] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3435: bg 0: block 64: padding at end of block bitmap is not set
[  168.052920][T13045] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.3435: Failed to acquire dquot type 0
[  168.060851][T13052] loop0: detected capacity change from 0 to 512
[  168.070424][T13045] EXT4-fs (loop4): 1 truncate cleaned up
[  168.070783][T13045] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.076401][T13052] EXT4-fs: Ignoring removed oldalloc option
[  168.094694][T13052] EXT4-fs: inline encryption not supported
[  168.104492][T13052] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  168.131333][T12543] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.143143][T13052] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3437: bg 0: block 64: padding at end of block bitmap is not set
[  168.167356][T13056] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  168.167456][T13058] loop4: detected capacity change from 0 to 512
[  168.175605][T13056] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  168.191611][T13052] EXT4-fs error (device loop0): ext4_acquire_dquot:6938: comm syz.0.3437: Failed to acquire dquot type 0
[  168.191936][T13058] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  168.214521][T13052] EXT4-fs (loop0): 1 truncate cleaned up
[  168.220633][T13052] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.226105][T13058] EXT4-fs (loop4): 1 truncate cleaned up
[  168.240216][T13058] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.254279][T12054] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.291527][T12543] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.311685][T13065] lo: entered allmulticast mode
[  168.318011][T13065] lo: left allmulticast mode
[  168.328725][T13063] loop0: detected capacity change from 0 to 2048
[  168.358164][T13063] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  168.375988][T13074] loop2: detected capacity change from 0 to 128
[  168.396387][T12054] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.446353][T13086] loop2: detected capacity change from 0 to 512
[  168.463168][T13086] EXT4-fs: Ignoring removed oldalloc option
[  168.469218][T13086] EXT4-fs: inline encryption not supported
[  168.489790][T13086] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  168.506144][T13086] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3450: bg 0: block 64: padding at end of block bitmap is not set
[  168.522137][T13086] EXT4-fs error (device loop2): ext4_acquire_dquot:6938: comm syz.2.3450: Failed to acquire dquot type 0
[  168.534840][T13086] EXT4-fs (loop2): 1 truncate cleaned up
[  168.543313][T13097] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[  168.551033][T13086] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.551612][T13097] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[  168.588092][T11215] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.597824][T13101] lo: entered allmulticast mode
[  168.603114][T13101] lo: left allmulticast mode
[  168.612662][T13103] loop2: detected capacity change from 0 to 128
[  168.627619][T13105] loop4: detected capacity change from 0 to 512
[  168.634707][T13105] EXT4-fs: Ignoring removed oldalloc option
[  168.640806][T13105] EXT4-fs: inline encryption not supported
[  168.656066][T13105] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  168.679695][T13109] loop0: detected capacity change from 0 to 2048
[  168.688712][T13105] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3458: bg 0: block 64: padding at end of block bitmap is not set
[  168.704968][T13105] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.3458: Failed to acquire dquot type 0
[  168.718172][T13105] EXT4-fs (loop4): 1 truncate cleaned up
[  168.718252][T13109] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  168.724688][T13105] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.806426][T13126] loop4: detected capacity change from 0 to 512
[  168.807129][T13127] FAULT_INJECTION: forcing a failure.
[  168.807129][T13127] name failslab, interval 1, probability 0, space 0, times 0
[  168.812939][T13126] EXT4-fs: Ignoring removed oldalloc option
[  168.825527][T13127] CPU: 1 UID: 0 PID: 13127 Comm: syz.2.3466 Not tainted 6.13.0-rc6-syzkaller-00059-g643e2e259c2b #0
[  168.831384][T13126] EXT4-fs: inline encryption not supported
[  168.842093][T13127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  168.842109][T13127] Call Trace:
[  168.861420][T13127]  <TASK>
[  168.864352][T13127]  dump_stack_lvl+0xf2/0x150
[  168.868955][T13127]  dump_stack+0x15/0x1a
[  168.873177][T13127]  should_fail_ex+0x223/0x230
[  168.877952][T13127]  ? __hw_addr_add_ex+0x13d/0x360
[  168.882991][T13127]  should_failslab+0x8f/0xb0
[  168.887672][T13127]  __kmalloc_cache_noprof+0x4e/0x320
[  168.892998][T13127]  __hw_addr_add_ex+0x13d/0x360
[  168.897883][T13127]  dev_addr_init+0xb2/0x120
[  168.902389][T13127]  alloc_netdev_mqs+0x1e1/0x9c0
[  168.907320][T13127]  ? __pfx_tun_setup+0x10/0x10
[  168.912154][T13127]  tun_set_iff+0x434/0x810
[  168.916637][T13127]  __tun_chr_ioctl+0x64c/0x1860
[  168.921492][T13127]  tun_chr_ioctl+0x27/0x30
[  168.925959][T13127]  ? __pfx_tun_chr_ioctl+0x10/0x10
[  168.931134][T13127]  __se_sys_ioctl+0xc9/0x140
[  168.935734][T13127]  __x64_sys_ioctl+0x43/0x50
[  168.940341][T13127]  x64_sys_call+0x1690/0x2dc0
[  168.945011][T13127]  do_syscall_64+0xc9/0x1c0
[  168.949539][T13127]  ? clear_bhb_loop+0x55/0xb0
[  168.954262][T13127]  ? clear_bhb_loop+0x55/0xb0
[  168.958999][T13127]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.964895][T13127] RIP: 0033:0x7fb3f1fe5d29
[  168.969303][T13127] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  168.988972][T13127] RSP: 002b:00007fb3f0651038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  168.997408][T13127] RAX: ffffffffffffffda RBX: 00007fb3f21d5fa0 RCX: 00007fb3f1fe5d29
[  169.005428][T13127] RDX: 0000000020000100 RSI: 00000000400454ca RDI: 0000000000000005
[  169.013394][T13127] RBP: 00007fb3f0651090 R08: 0000000000000000 R09: 0000000000000000
[  169.021399][T13127] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  169.029470][T13127] R13: 0000000000000000 R14: 00007fb3f21d5fa0 R15: 00007ffc60af8718
[  169.037461][T13127]  </TASK>
[  169.047993][T13126] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  169.071077][T13129] lo: entered allmulticast mode
[  169.076278][T13129] lo: left allmulticast mode
[  169.082193][T13126] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3467: bg 0: block 64: padding at end of block bitmap is not set
[  169.106021][T13126] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.3467: Failed to acquire dquot type 0
[  169.129912][T13126] EXT4-fs (loop4): 1 truncate cleaned up
[  169.227039][T13141] loop0: detected capacity change from 0 to 1024
[  169.237278][T13143] syzkaller0: entered promiscuous mode
[  169.242804][T13143] syzkaller0: entered allmulticast mode
[  169.257612][T13140] __nla_validate_parse: 35 callbacks suppressed
[  169.257626][T13140] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3473'.
[  169.301395][T13140] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3473'.
[  169.310758][T13140] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3473'.
[  169.322250][T13140] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3473'.
[  169.333262][T13140] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3473'.
[  169.359485][T13140] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3473'.
[  169.368721][T13140] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3473'.
[  169.378039][T13140] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3473'.
[  169.389118][T13140] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3473'.
[  169.395942][T13159] lo: entered allmulticast mode
[  169.416071][T13140] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3473'.
[  169.427264][T13159] lo: left allmulticast mode
[  169.449319][T13162] loop4: detected capacity change from 0 to 512
[  169.476309][T13162] EXT4-fs: Ignoring removed oldalloc option
[  169.482416][T13162] EXT4-fs: inline encryption not supported
[  169.496619][T13162] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  169.518379][T13162] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3481: bg 0: block 64: padding at end of block bitmap is not set
[  169.534538][T13162] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.3481: Failed to acquire dquot type 0
[  169.546956][T13162] EXT4-fs (loop4): 1 truncate cleaned up
[  169.599524][T13171] blktrace: Concurrent blktraces are not allowed on sg0
[  169.721124][T13181] loop4: detected capacity change from 0 to 1024
[  169.729864][T13181] EXT4-fs: Ignoring removed orlov option
[  169.735574][T13181] EXT4-fs: Ignoring removed orlov option
[  169.760372][T13181] EXT4-fs error (device loop4): ext4_expand_extra_isize_ea:2793: inode #12: comm syz.4.3488: corrupted in-inode xattr: bad magic number in in-inode xattr
[  169.787501][T13181] EXT4-fs (loop4): Remounting filesystem read-only
[  169.805885][T13187] SET target dimension over the limit!
[  169.927546][T13200] FAULT_INJECTION: forcing a failure.
[  169.927546][T13200] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  169.929873][T13198] loop4: detected capacity change from 0 to 164
[  169.940627][T13200] CPU: 1 UID: 0 PID: 13200 Comm: syz.2.3496 Not tainted 6.13.0-rc6-syzkaller-00059-g643e2e259c2b #0
[  169.940654][T13200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  169.940666][T13200] Call Trace:
[  169.971093][T13200]  <TASK>
[  169.974028][T13200]  dump_stack_lvl+0xf2/0x150
[  169.978637][T13200]  dump_stack+0x15/0x1a
[  169.982803][T13200]  should_fail_ex+0x223/0x230
[  169.987590][T13200]  should_fail+0xb/0x10
[  169.991828][T13200]  should_fail_usercopy+0x1a/0x20
[  169.996902][T13200]  _copy_from_iter+0xd5/0xd00
[  170.001612][T13200]  ? kmalloc_reserve+0x16e/0x190
[  170.006612][T13200]  ? __build_skb_around+0x196/0x1f0
[  170.011915][T13200]  ? __alloc_skb+0x21f/0x310
[  170.016509][T13200]  ? __virt_addr_valid+0x1ed/0x250
[  170.021688][T13200]  ? __check_object_size+0x364/0x520
[  170.027048][T13200]  netlink_sendmsg+0x460/0x6e0
[  170.031841][T13200]  ? __pfx_netlink_sendmsg+0x10/0x10
[  170.037210][T13200]  __sock_sendmsg+0x140/0x180
[  170.041971][T13200]  ____sys_sendmsg+0x312/0x410
[  170.046739][T13200]  __sys_sendmsg+0x19d/0x230
[  170.051364][T13200]  __x64_sys_sendmsg+0x46/0x50
[  170.056123][T13200]  x64_sys_call+0x2734/0x2dc0
[  170.060791][T13200]  do_syscall_64+0xc9/0x1c0
[  170.065442][T13200]  ? clear_bhb_loop+0x55/0xb0
[  170.070169][T13200]  ? clear_bhb_loop+0x55/0xb0
[  170.074917][T13200]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.080836][T13200] RIP: 0033:0x7fb3f1fe5d29
[  170.085243][T13200] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  170.104919][T13200] RSP: 002b:00007fb3f0651038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  170.113351][T13200] RAX: ffffffffffffffda RBX: 00007fb3f21d5fa0 RCX: 00007fb3f1fe5d29
[  170.121338][T13200] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003
[  170.129313][T13200] RBP: 00007fb3f0651090 R08: 0000000000000000 R09: 0000000000000000
[  170.137320][T13200] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  170.145282][T13200] R13: 0000000000000000 R14: 00007fb3f21d5fa0 R15: 00007ffc60af8718
[  170.153253][T13200]  </TASK>
[  170.242208][T13214] loop0: detected capacity change from 0 to 512
[  170.255834][T13214] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  170.264944][T13214] EXT4-fs (loop0): orphan cleanup on readonly fs
[  170.271721][T13214] EXT4-fs warning (device loop0): ext4_enable_quotas:7156: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  170.291210][T13214] EXT4-fs (loop0): Cannot turn on quotas: error -117
[  170.299748][T13214] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3503: bg 0: block 40: padding at end of block bitmap is not set
[  170.315277][T13214] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  170.322576][T13222] loop4: detected capacity change from 0 to 256
[  170.324356][T13214] EXT4-fs (loop0): 1 truncate cleaned up
[  170.330718][T13222] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  170.368670][T13214] EXT4-fs error (device loop0): ext4_xattr_block_get:596: inode #16: comm syz.0.3503: corrupted xattr block 31: invalid header
[  170.378535][T13228] loop2: detected capacity change from 0 to 512
[  170.388988][T13214] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop0 ino=16
[  170.401689][T13226] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  170.409536][T13228] ext4 filesystem being mounted at /173/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  171.127426][T13303] loop1: detected capacity change from 0 to 128
[  171.178859][T13309] loop4: detected capacity change from 0 to 512
[  171.188241][T13309] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  171.210066][T13309] EXT4-fs (loop4): 1 truncate cleaned up
[  171.246250][T13316] loop4: detected capacity change from 0 to 512
[  171.252711][T13316] EXT4-fs: Ignoring removed oldalloc option
[  171.258710][T13316] EXT4-fs: inline encryption not supported
[  171.265124][T13316] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  171.296222][T13316] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3545: bg 0: block 64: padding at end of block bitmap is not set
[  171.310744][T13316] __quota_error: 363 callbacks suppressed
[  171.310753][T13316] Quota error (device loop4): write_blk: dquota write failed
[  171.323909][T13316] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  171.333966][T13316] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.3545: Failed to acquire dquot type 0
[  171.345511][T13316] EXT4-fs (loop4): 1 truncate cleaned up
[  171.398012][   T29] audit: type=1400 audit(1736498939.451:7288): avc:  denied  { setopt } for  pid=13323 comm="syz.4.3548" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  171.418897][   T29] audit: type=1400 audit(1736498939.451:7289): avc:  denied  { nlmsg_read } for  pid=13323 comm="syz.4.3548" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  171.446439][T13324] dummy0: entered promiscuous mode
[  171.452984][T13324] dummy0: left promiscuous mode
[  171.863881][T13332] loop0: detected capacity change from 0 to 2048
[  171.961036][T13339] loop0: detected capacity change from 0 to 1024
[  171.967687][T13339] EXT4-fs: Ignoring removed orlov option
[  171.973363][T13339] EXT4-fs: Ignoring removed orlov option
[  171.988126][T13339] EXT4-fs error (device loop0): ext4_expand_extra_isize_ea:2793: inode #12: comm syz.0.3553: corrupted in-inode xattr: bad magic number in in-inode xattr
[  172.003914][T13339] EXT4-fs (loop0): Remounting filesystem read-only
[  172.034110][T13343] loop0: detected capacity change from 0 to 128
[  172.103937][   T29] audit: type=1400 audit(1736498940.151:7290): avc:  denied  { getopt } for  pid=13351 comm="syz.0.3559" lport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  172.151738][   T29] audit: type=1326 audit(1736498940.201:7291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13359 comm="syz.3.3561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbabf45d29 code=0x7ffc0000
[  172.195620][T13363] lo: entered allmulticast mode
[  172.200859][T13363] lo: left allmulticast mode
[  172.204383][   T29] audit: type=1326 audit(1736498940.241:7292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13359 comm="syz.3.3561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=92 compat=0 ip=0x7fcbabf45d29 code=0x7ffc0000
[  172.228940][   T29] audit: type=1326 audit(1736498940.241:7293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13359 comm="syz.3.3561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbabf45d29 code=0x7ffc0000
[  172.252573][   T29] audit: type=1326 audit(1736498940.241:7294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13359 comm="syz.3.3561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbabf45d29 code=0x7ffc0000
[  172.299498][T13367] loop4: detected capacity change from 0 to 512
[  172.306346][T13367] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  172.317750][T13367] EXT4-fs (loop4): 1 truncate cleaned up
[  172.343312][   T29] audit: type=1326 audit(1736498940.391:7295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13369 comm="syz.3.3565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbabf45d29 code=0x7ffc0000
[  172.524995][T13391] lo: entered allmulticast mode
[  172.530372][T13391] lo: left allmulticast mode
[  172.559357][T13394] geneve2: entered promiscuous mode
[  172.564630][T13394] geneve2: entered allmulticast mode
[  172.594367][T13396] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[  172.602613][T13396] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[  172.736698][T13416] loop0: detected capacity change from 0 to 512
[  172.746564][T13416] journal_path: Non-blockdev passed as './file0'
[  172.752970][T13416] EXT4-fs: error: could not find journal device path
[  172.858131][T13428] loop0: detected capacity change from 0 to 128
[  172.911216][T13432] lo: entered allmulticast mode
[  172.916433][T13432] lo: left allmulticast mode
[  173.075096][T13447] loop2: detected capacity change from 0 to 512
[  173.082092][T13447] EXT4-fs: Ignoring removed oldalloc option
[  173.088117][T13447] EXT4-fs: inline encryption not supported
[  173.096673][T13447] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  173.135294][T13447] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3596: bg 0: block 64: padding at end of block bitmap is not set
[  173.170310][T13447] EXT4-fs error (device loop2): ext4_acquire_dquot:6938: comm syz.2.3596: Failed to acquire dquot type 0
[  173.189459][T13447] EXT4-fs (loop2): 1 truncate cleaned up
[  173.383407][T13458] loop4: detected capacity change from 0 to 1024
[  173.459943][T13472] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[  173.460373][T13476] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13476 comm=syz.4.3601
[  173.468194][T13472] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[  173.490970][T13476] (unnamed net_device) (uninitialized): option arp_all_targets: invalid value (5001216)
[  173.890514][T13493] loop0: detected capacity change from 0 to 2048
[  174.089186][T13511] lo: entered allmulticast mode
[  174.094423][T13511] lo: left allmulticast mode
[  174.135125][T13515] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[  174.143356][T13515] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[  174.175468][T13519] bridge0: entered promiscuous mode
[  174.182246][T13518] bridge0: left promiscuous mode
[  174.247205][T13529] loop0: detected capacity change from 0 to 512
[  174.254247][T13529] EXT4-fs: Ignoring removed oldalloc option
[  174.260388][T13529] EXT4-fs: inline encryption not supported
[  174.268228][T13529] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  174.294534][T13529] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3631: bg 0: block 64: padding at end of block bitmap is not set
[  174.305302][T13537] lo: entered allmulticast mode
[  174.312075][T13529] EXT4-fs error (device loop0): ext4_acquire_dquot:6938: comm syz.0.3631: Failed to acquire dquot type 0
[  174.320634][T13537] lo: left allmulticast mode
[  174.326427][T13539] __nla_validate_parse: 45 callbacks suppressed
[  174.326445][T13539] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3635'.
[  174.345344][T13529] EXT4-fs (loop0): 1 truncate cleaned up
[  174.357692][T13539] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3635'.
[  174.386091][T13541] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3636'.
[  174.400364][T13541] netlink: 108 bytes leftover after parsing attributes in process `syz.1.3636'.
[  174.424602][T13541] loop1: detected capacity change from 0 to 1024
[  174.496524][T13556] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13556 comm=syz.1.3636
[  174.501029][T13555] syzkaller0: entered promiscuous mode
[  174.509797][T13556] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3636'.
[  174.514664][T13555] syzkaller0: entered allmulticast mode
[  174.530896][T13556] (unnamed net_device) (uninitialized): option arp_all_targets: invalid value (5001216)
[  174.575221][T13558] loop2: detected capacity change from 0 to 128
[  174.693733][T13576] FAULT_INJECTION: forcing a failure.
[  174.693733][T13576] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  174.707059][T13576] CPU: 0 UID: 0 PID: 13576 Comm: syz.2.3652 Not tainted 6.13.0-rc6-syzkaller-00059-g643e2e259c2b #0
[  174.717879][T13576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  174.727969][T13576] Call Trace:
[  174.731320][T13576]  <TASK>
[  174.734331][T13576]  dump_stack_lvl+0xf2/0x150
[  174.738970][T13576]  dump_stack+0x15/0x1a
[  174.743177][T13576]  should_fail_ex+0x223/0x230
[  174.747870][T13576]  should_fail_alloc_page+0xfd/0x110
[  174.753191][T13576]  __alloc_pages_noprof+0x109/0x340
[  174.758401][T13576]  alloc_pages_mpol_noprof+0xb1/0x1e0
[  174.763774][T13576]  folio_alloc_mpol_noprof+0x36/0x70
[  174.769073][T13576]  shmem_get_folio_gfp+0x3d1/0xd90
[  174.774228][T13576]  shmem_fallocate+0x593/0x860
[  174.779064][T13576]  vfs_fallocate+0x368/0x3b0
[  174.783666][T13576]  __x64_sys_fallocate+0x78/0xc0
[  174.788751][T13576]  x64_sys_call+0x43c/0x2dc0
[  174.793369][T13576]  do_syscall_64+0xc9/0x1c0
[  174.797880][T13576]  ? clear_bhb_loop+0x55/0xb0
[  174.802554][T13576]  ? clear_bhb_loop+0x55/0xb0
[  174.807279][T13576]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  174.813237][T13576] RIP: 0033:0x7fb3f1fe5d29
[  174.817729][T13576] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  174.837392][T13576] RSP: 002b:00007fb3f0651038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[  174.845807][T13576] RAX: ffffffffffffffda RBX: 00007fb3f21d5fa0 RCX: 00007fb3f1fe5d29
[  174.853773][T13576] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  174.861744][T13576] RBP: 00007fb3f0651090 R08: 0000000000000000 R09: 0000000000000000
[  174.869708][T13576] R10: 00000000001001f0 R11: 0000000000000246 R12: 0000000000000001
[  174.877675][T13576] R13: 0000000000000000 R14: 00007fb3f21d5fa0 R15: 00007ffc60af8718
[  174.885648][T13576]  </TASK>
[  174.984950][T13588] loop0: detected capacity change from 0 to 2048
[  175.038204][T13598] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3661'.
[  175.060791][T13598] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3661'.
[  175.075441][T13598] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3661'.
[  175.095847][T13606] loop4: detected capacity change from 0 to 128
[  175.432148][T13621] FAULT_INJECTION: forcing a failure.
[  175.432148][T13621] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  175.445639][T13621] CPU: 1 UID: 0 PID: 13621 Comm: syz.0.3670 Not tainted 6.13.0-rc6-syzkaller-00059-g643e2e259c2b #0
[  175.456505][T13621] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  175.466621][T13621] Call Trace:
[  175.469929][T13621]  <TASK>
[  175.472861][T13621]  dump_stack_lvl+0xf2/0x150
[  175.477466][T13621]  dump_stack+0x15/0x1a
[  175.481666][T13621]  should_fail_ex+0x223/0x230
[  175.486353][T13621]  should_fail_alloc_page+0xfd/0x110
[  175.491722][T13621]  __alloc_pages_noprof+0x109/0x340
[  175.497071][T13621]  alloc_pages_mpol_noprof+0xb1/0x1e0
[  175.502456][T13621]  vma_alloc_folio_noprof+0x1a0/0x2f0
[  175.507923][T13621]  handle_mm_fault+0xdd7/0x2ac0
[  175.513056][T13621]  exc_page_fault+0x3b9/0x650
[  175.517847][T13621]  asm_exc_page_fault+0x26/0x30
[  175.522796][T13621] RIP: 0033:0x7f1cb841335b
[  175.527364][T13621] Code: c0 8b 87 c0 00 00 00 66 0f 6c c0 85 c0 0f 85 44 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 21 00 00 48 8d 7c 24 20 <0f> 29 44 24 40 49 89 e4 48 89 44 24 50 8b 43 74 48 89 9c 24 00 01
[  175.546978][T13621] RSP: 002b:00007f1cb6acee10 EFLAGS: 00010246
[  175.553057][T13621] RAX: 00007f1cb6ad0f30 RBX: 00007f1cb862b620 RCX: 0000000000000000
[  175.561039][T13621] RDX: 00007f1cb6ad0f78 RSI: 00007f1cb84c5bd8 RDI: 00007f1cb6acee30
[  175.569018][T13621] RBP: 0000000000000009 R08: 0000000000000000 R09: 0000000000000000
[  175.577121][T13621] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  175.585110][T13621] R13: 0000000000000000 R14: 00007f1cb8655fa0 R15: 00007ffe56a51578
[  175.593099][T13621]  </TASK>
[  175.596292][T13621] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  175.630503][T13623] loop0: detected capacity change from 0 to 512
[  175.637889][T13623] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  175.650163][T13623] EXT4-fs (loop0): 1 truncate cleaned up
[  175.812329][T13640] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3678'.
[  175.837771][T13640] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3678'.
[  175.902280][T13650] loop0: detected capacity change from 0 to 1024
[  175.909299][T13650] EXT4-fs: Ignoring removed orlov option
[  175.914994][T13650] EXT4-fs: Ignoring removed orlov option
[  175.931240][T13650] EXT4-fs error (device loop0): ext4_expand_extra_isize_ea:2793: inode #12: comm syz.0.3683: corrupted in-inode xattr: bad magic number in in-inode xattr
[  175.948830][T13650] EXT4-fs (loop0): Remounting filesystem read-only
[  176.104064][T13681] syzkaller0: entered promiscuous mode
[  176.109626][T13681] syzkaller0: entered allmulticast mode
[  176.124658][T13684] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  176.138726][T13684] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  176.262319][T13706] lo: entered allmulticast mode
[  176.267506][T13706] lo: left allmulticast mode
[  176.310784][T13710] bridge0: entered promiscuous mode
[  176.317597][T13709] bridge0: left promiscuous mode
[  176.337755][T13714] syzkaller0: entered promiscuous mode
[  176.343282][T13714] syzkaller0: entered allmulticast mode
[  176.368589][   T29] kauditd_printk_skb: 143 callbacks suppressed
[  176.368604][   T29] audit: type=1400 audit(1736498944.421:7435): avc:  denied  { connect } for  pid=13719 comm="syz.3.3716" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  176.415322][   T29] audit: type=1326 audit(1736498944.471:7436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13721 comm="syz.0.3717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cb8465d29 code=0x7ffc0000
[  176.455921][   T29] audit: type=1326 audit(1736498944.491:7437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13721 comm="syz.0.3717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=92 compat=0 ip=0x7f1cb8465d29 code=0x7ffc0000
[  176.479430][   T29] audit: type=1326 audit(1736498944.491:7438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13721 comm="syz.0.3717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cb8465d29 code=0x7ffc0000
[  176.510331][T13731] loop1: detected capacity change from 0 to 512
[  176.519348][T13730] syzkaller0: entered promiscuous mode
[  176.524925][T13730] syzkaller0: entered allmulticast mode
[  176.531024][T13731] EXT4-fs: Ignoring removed oldalloc option
[  176.532645][   T29] audit: type=1400 audit(1736498944.561:7439): avc:  denied  { getopt } for  pid=13719 comm="syz.3.3716" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  176.537152][T13731] EXT4-fs: inline encryption not supported
[  176.569553][T13731] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  176.596239][T13731] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.3719: bg 0: block 64: padding at end of block bitmap is not set
[  176.610934][T13731] Quota error (device loop1): write_blk: dquota write failed
[  176.623237][T13731] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  176.635627][T13731] EXT4-fs error (device loop1): ext4_acquire_dquot:6938: comm syz.1.3719: Failed to acquire dquot type 0
[  176.647914][T13731] EXT4-fs (loop1): 1 truncate cleaned up
[  176.715666][   T29] audit: type=1326 audit(1736498944.761:7440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13739 comm="syz.3.3725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbabf45d29 code=0x7ffc0000
[  176.746995][   T29] audit: type=1326 audit(1736498944.781:7441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13739 comm="syz.3.3725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcbabf45d29 code=0x7ffc0000
[  176.755824][T13747] loop0: detected capacity change from 0 to 1024
[  176.770531][   T29] audit: type=1326 audit(1736498944.781:7442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13739 comm="syz.3.3725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbabf45d29 code=0x7ffc0000
[  176.831806][T13756] bridge0: entered promiscuous mode
[  176.832749][T13758] loop0: detected capacity change from 0 to 512
[  176.844538][T13755] bridge0: left promiscuous mode
[  176.847139][T13758] EXT4-fs: Ignoring removed oldalloc option
[  176.855430][T13758] EXT4-fs: inline encryption not supported
[  176.862092][T13758] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  176.887552][T13763] loop1: detected capacity change from 0 to 128
[  176.895030][T13758] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3730: bg 0: block 64: padding at end of block bitmap is not set
[  176.897590][T13760] syzkaller0: entered promiscuous mode
[  176.913467][T13758] EXT4-fs error (device loop0): ext4_acquire_dquot:6938: comm syz.0.3730: Failed to acquire dquot type 0
[  176.914821][T13760] syzkaller0: entered allmulticast mode
[  176.927207][T13758] EXT4-fs (loop0): 1 truncate cleaned up
[  177.043291][T13783] syzkaller0: entered promiscuous mode
[  177.048929][T13783] syzkaller0: entered allmulticast mode
[  177.062543][T10087] ==================================================================
[  177.070659][T10087] BUG: KCSAN: data-race in l2tp_tunnel_del_work / sk_common_release
[  177.078666][T10087] 
[  177.080987][T10087] write to 0xffff8881036bce20 of 8 bytes by task 13786 on cpu 1:
[  177.088702][T10087]  sk_common_release+0xa6/0x220
[  177.093559][T10087]  udp_lib_close+0x15/0x20
[  177.097972][T10087]  inet_release+0xce/0xf0
[  177.102305][T10087]  inet6_release+0x3e/0x60
[  177.106720][T10087]  sock_close+0x68/0x150
[  177.110957][T10087]  __fput+0x17a/0x6d0
[  177.114930][T10087]  ____fput+0x1c/0x30
[  177.118902][T10087]  task_work_run+0x13a/0x1a0
[  177.123574][T10087]  syscall_exit_to_user_mode+0xa8/0x120
[  177.129120][T10087]  do_syscall_64+0xd6/0x1c0
[  177.133615][T10087]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  177.139508][T10087] 
[  177.141816][T10087] read to 0xffff8881036bce20 of 8 bytes by task 10087 on cpu 0:
[  177.149436][T10087]  l2tp_tunnel_del_work+0x30/0x1a0
[  177.154549][T10087]  process_scheduled_works+0x483/0x9a0
[  177.160003][T10087]  worker_thread+0x51d/0x6f0
[  177.164591][T10087]  kthread+0x1d1/0x210
[  177.168647][T10087]  ret_from_fork+0x4b/0x60
[  177.173053][T10087]  ret_from_fork_asm+0x1a/0x30
[  177.177808][T10087] 
[  177.180118][T10087] value changed: 0xffff8881048b0d00 -> 0x0000000000000000
[  177.187213][T10087] 
[  177.189521][T10087] Reported by Kernel Concurrency Sanitizer on:
[  177.195671][T10087] CPU: 0 UID: 0 PID: 10087 Comm: kworker/u8:11 Not tainted 6.13.0-rc6-syzkaller-00059-g643e2e259c2b #0
[  177.206682][T10087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  177.216727][T10087] Workqueue: l2tp l2tp_tunnel_del_work
[  177.222188][T10087] ==================================================================
[  177.241902][T13792] bridge0: entered promiscuous mode
[  177.248852][T13791] bridge0: left promiscuous mode
[  183.984088][    C0] bridge0: port 1(gretap0) entered forwarding state
[  183.990706][    C0] bridge0: topology change detected, propagating