last executing test programs:

56.291557193s ago: executing program 3 (id=555):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0, 0x0, 0x7}, 0x18)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$SEG6_CMD_GET_TUNSRC(r1, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001380), r2)
sendmsg$IPVS_CMD_SET_CONFIG(r2, &(0x7f00000015c0)={0x0, 0x0, &(0x7f0000001580)={&(0x7f0000000380)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100000000000000000011"], 0x24}, 0x1, 0x0, 0x0, 0x4000011}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000800)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x132b}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x4}}}, @IFLA_MASTER={0x8}]}, 0x3c}}, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
r4 = socket(0x11, 0x3, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000005c0)={'gre0\x00', <r6=>0x0})
bind$packet(r4, &(0x7f0000000180)={0x11, 0x0, r6, 0x1, 0x4, 0x6, @multicast}, 0x14)
setsockopt$packet_int(r4, 0x107, 0xf, &(0x7f0000000000)=0xe9, 0x4)
sendmsg$netlink(r4, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000280)=ANY=[@ANYBLOB="020114008cdc18000e3580009f000114600000060600ac141414e0000003808a8972bd0b72e41082b1a3d2061fd7fdfe4b88942a31f48597e36e039b1c599db6e466749c2d4c8303a0f7fbda34fb8825f80200e3c0ab42e32a097dbd4be5ffca88faca"], 0xdd12}, {&(0x7f0000000640)={0x10, 0x39, 0x100, 0x70bd2d, 0x25dfdbff}, 0x10}], 0x2, 0x0, 0x0, 0x44000}, 0x20040051)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), r2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00'}, 0x18)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_RTHDR(r9, 0x29, 0x39, &(0x7f0000000400)=ANY=[@ANYBLOB="010202"], 0x18)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000200)={{0x1, 0x1, 0x18, <r10=>0xffffffffffffffff, {0x3}}, '.\x00'})
ioctl$BLKTRACETEARDOWN(r10, 0x1276, 0x0)
sendmsg$DEVLINK_CMD_SB_POOL_SET(r7, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000180)={&(0x7f00000006c0)=ANY=[@ANYBLOB="c8010000", @ANYRES16=r8, @ANYBLOB="000329bd7000ffdbdf25100000000e0001006e657464657673696d0000000f0002006e657464657673696d30000008000b0004000000060011000400000008001300ad0000000500140001000000080001007063690011000200303030303a30303a31302e300000000008000b0009000000060011000200000008001300e30a00000500140001000000080001007063690011000200303030303a30303a31302e300000000008000b0003000000060011000700000008001300ff0300000500140000000000080001007063690011000200303030303a303a31302e300000000008000b00faffffff0600110001000000080013008c05000005001400010000000e567e1c17e7964d9f7673696d0000000f0002006e657464657673696d30000008000b00050000000600110008000000080013000700000005001400000000000e0001006e65746a657673696d0000000f0002006e657464657673696d30000008000b007f0000000600110009000000080013000900000005001400000000000e0001006e657464657673696d0000000f0002006e657464657673696d30000008000b00070000000600110001fc000008001300040000000500140001000000"], 0x1c8}, 0x1, 0x0, 0x0, 0x20000000}, 0x20048840)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x22, &(0x7f0000000040)=0x6, 0x4)
r11 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r12}, 0x10)
socket$kcm(0x10, 0x2, 0x10)

56.245024054s ago: executing program 3 (id=556):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f00000004c0), 0x208e24b)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
preadv(r2, &(0x7f0000001080)=[{&(0x7f0000000380)=""/238, 0xee}], 0x1, 0x100000, 0xfffffffa)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000a, 0x28011, r2, 0x0)
getrandom(&(0x7f0000000040)=""/133, 0xfffffffffffffdde, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000800)='./file0\x00', 0x800020, &(0x7f0000000840)={[{@sbsector={'sbsector', 0x3d, 0x9}}, {@block={'block', 0x3d, 0x200}, 0x0}, {}, {@cruft}, {@map_off}, {@dmode={'dmode', 0x3d, 0x4000000000000cf}, 0x41}, {@session={'session', 0x3d, 0x51}}, {@mode={'mode', 0x3d, 0x8}}, {@unhide}, {@nocompress}, {}, {@map_acorn}, {}]}, 0x2, 0x699, &(0x7f0000000140)="$eJzs3V1v29Ydx/EfZdmW3aEo1iEIgjycJCvgYJlCyY0DIwNWjaJsbpIokPJgAwOKrLGLIHK6JRmw+KbzzR6A7g3sbje72IsYsOu+i90MG1BsdwN2o4GHlCxFT3GjOO3y/RitqMM/z/mTVPQHbfFIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAjld13ZKjetDc2TWTedUobExZn/a2qBvpwo2Z40pO8p8KBZ1Pm85/62T1ueR/13QxfXZRheShoKO3zr1z9918rrf9lIS+DJ22wyfPjh7e63T2H79A7IJO3f3rpFxvaSU7J2OCtvxmEIdBo7LlmyAOzebGhntruxabWlD347247TeMF/m5dhiZNe+GKW1urhu/uBfuNLeqlbrfa7zz3bLrbpgfLqcnWlIx9raDej1obtmYZHUSc8d89pM0wK80jDl40Nlfn7UnSVDpRYLKs4LKbrlcKpXLpY3bm7fvuG5+pMFNOG6fRiLm/qLF18x83riBOcgl9f9vjlRXQU3taFdm7I+nqiKFakxYn+nV//du+VPHHaz/vSp/Xvp+tvqCbP2/nD67PKn+T8jFyNgNxq1xJrSf7mfRZmT0RM90pIe6p4462tfjOfRtZK7MpZcz+NmSr6YCxQoVqKGKbTFZi9GmNrQhVx9qWzXFMqopUF2+Yu0pVlu+fUV5iuSrorZCRTJak6cbMippU5tal5GvovYUakdNbamqiv7T7XYP9MAe9/UpOaoXVJoQsDwYVJ7S06T6/9NP09dpVv9d6v+bKn0dLKcPn0+LAb4Cutn1/6Dc7M2uvLqMAAAAAADAvDn2t++O/dv9JUld1YK6777utAAAAAAAwBw56i7ropzk+l/SJTlc/wMAAAAA8P/GsffYOZJW7Yf6nZM7oV7klwALZ5AiAAAAAAB4SfbO/8tLUtdOWnFFzqmu/wEAAAAAwNfAbwfm2M/35tjt9v6sn5MUt5adv/xrWdGic9za/bZzWEnWVA6zmJFPALRrF5y3s4l67cOSJPvM8y862WjZJJj9eQe/OJg1178TPZfA0sJgBxMScJKRN/LZM32mq+kmVwsamOjw3Xw2I/FqLaj7RS+s3y2pUnk71/Z327949OCXUtTfz4MHnf3iR5907ttcjpOm48Ok00+H0smNPxgnuTy18y3Yey7G7fGKar0hf9dsrDp2XLe3/wuqHOYGB5p2Ak7G/LWupefs2moau3rUn3E/2f9Csv+loj1lQ3sfLTonWZSe3/NxJ2JCFgWbxfU05vradZX/ni7b/JJ+ck7hOwtSuTh6DoayKA9mMftYOP8eORYDWdiH3pqBY7GeZPHXpKMJWayfLouRMwIAr8uBLsm+C12SncS8X4UKWd3tlYfem9qXqjuzq/sHw9X96R+6XbvBgpTP/jYxdZSCknf0NcfWoaV0l/IXxryju1ldKWjCO7r7EtUtGevPJ9+BlKU9ksV/u93u3ZId9/fPVdU/Dg03Mm5cLy8kh/DW08Of2QnwEx/vf7z/qFxe33Dfd93bZS3a3cgeFkTtAQCMmP0dOzMjnPd1NY24ev+f76VLQxXvm/2PFBT1kT5RR/d1s/cVAlfG97o68DGEm+lVqwauWs25d+7a76Ubji3p5sSrOltLB2LL/dhF9TYZrtQnseuv+CwAAHC2rs2ow+Prf2Go/t/UWhqxdmHsdfdwLc+ujvuX9JNiS7OT/2DeRwMAgDeDH33hrLZ/40RR0PqwtLlZqrS3fROF3o9MFFS3fBM0237kbVeaW75pRWE79MK6aUVaDqp+bOKdViuM2qYWRqYVxsGu/eZ3k331e+w3Ks124MWtul+JfeOFzXbFa5tqEHumtfODehBv+5HdOG75XlALvEo7CJsmDncizy8aE/v+QGBQ9ZvtoBb4OQVN04qCRiXaMz8O6zsN31T92IuCVjtMO+yNFTRrYdSw3Rbz3XGfFwAA4I3z5NnRw3udzv7j5xdWkkvztOVYE2JGF5b05FlyVZ605LNVzBEEAMBXzEkBP8VGhVeYEAAAAAAAAAAAAAAAAAAAAAAAGDH7lr5TLiyOu1lQ6rf8/O2sRb/SyS2GI/04mndip1nInXar3i0RRw8/nxK80m/pHf7BmOMz28F/fEN6y7YobcnPf6yVKSf3VSx87yA9ohNjkpVjVy33z0V+/v8ckoVHf5qwqtvtdqdvvjx8DJem7eDwQl7S46WXOAVn/14E4Gz9LwAA//+kizIB")
r3 = perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffffc}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f0000000000)='cpu~\t\t')
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100"/13], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
rt_tgsigqueueinfo(0x0, 0x0, 0x1c, &(0x7f0000000580)={0x40, 0x5e, 0x2})
r4 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = syz_open_procfs(0x0, &(0x7f0000000480)='pagemap\x00')
io_setup(0x2278, &(0x7f0000000180)=<r6=>0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
setsockopt$sock_timeval(r7, 0x1, 0x14, &(0x7f0000000000)={0x0, 0xea60}, 0x10)
r8 = eventfd(0x101)
io_submit(r6, 0x2, &(0x7f0000000140)=[&(0x7f00000001c0)={0x0, 0x4, 0x0, 0x0, 0x0, r7, &(0x7f0000000200)=' ', 0x1, 0x0, 0x0, 0x2}, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x7, 0x2, r7, 0x0, 0x0, 0x0, 0x0, 0x1, r8}])
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0)
preadv(r5, &(0x7f0000000640)=[{&(0x7f0000000b00)=""/152, 0x98}, {&(0x7f0000000500)=""/189, 0x7fffef68}], 0x2, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
socket$nl_rdma(0x10, 0x3, 0x14)

55.23849793s ago: executing program 3 (id=562):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x11, 0x3, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001140)={&(0x7f00000004c0)='mm_page_free\x00', r0, 0x0, 0x7ff}, 0x18)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/59, 0x232000, 0x1000}, 0x20)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
openat2$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket(0x1d, 0x2, 0x6)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, @perf_config_ext={0x2, 0x800800000003}, 0x1100, 0x5dd8, 0x3, 0x5, 0x0, 0x8, 0xff7b, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$nl_route(0x10, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f00000000c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x96, @void, @value}, 0x94)
r5 = syz_open_dev$usbfs(&(0x7f0000000480), 0xd, 0x141341)
ioctl$USBDEVFS_IOCTL(r5, 0xc0105512, &(0x7f0000000200))
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x20, 0x4, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xb269, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r7}, 0x10)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000a20000/0x2000)=nil)
brk(0x400000ffc020)
setsockopt$inet_int(r8, 0x0, 0x7, 0x0, 0x0)
listen(r4, 0x0)
shmget$private(0x0, 0x800000, 0x880, &(0x7f0000173000/0x800000)=nil)

55.003987753s ago: executing program 3 (id=564):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000500)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0x5}, 0x18)
perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0xec, 0x7, 0x40, 0x6, 0x0, 0x0, 0x4d299, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x7ff, 0x6, 0x0, 0xb, 0x2, 0x3ff, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
prctl$PR_SET_NAME(0xf, &(0x7f0000000500)='kfree\x00')
seccomp$SECCOMP_GET_ACTION_AVAIL(0x2, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000031c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r2}, 0x18)
stat(&(0x7f00000002c0)='./file0\x00', 0x0)
socket$tipc(0x1e, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x30, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
setxattr$incfs_metadata(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000300)="f669184087b8c6242cbef8573fd18712277769d7ba74a0ed685e031d2d83134b5e67a7257d7d0231ef52c076678e416d4649d44c8d67fd8a495b119a3be74c4b35bf22d3c21c5822ffb202943be0b3a2b808861a3eaf5cb8ab16d5db09fefd8b2930e8a0c1880920825f6e2716cb3b359fdb451beebe860cd49fa5a38786d7fd172bd1aff2e30734d993d22eeb31836c71ce38d8d8124e5e255e0338eb5c2e43a95a38e0b9d4586bd2e891f324d81d4a1454bb5760b092721aead07070f01aba25e22ef7bb4ad9d4fc60445909fb2892", 0xd0, 0x3)
socket$tipc(0x1e, 0x5, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='xprtrdma_frwr_dereg\x00', 0xffffffffffffffff, 0x0, 0x400001fffffffff}, 0x5)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x0, &(0x7f0000000080)})
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x0, 0x0)
getresuid(&(0x7f00000008c0), &(0x7f0000000900), &(0x7f0000000940)=<r5=>0x0)
mount$9p_xen(&(0x7f0000000780), &(0x7f00000007c0)='./file2\x00', &(0x7f0000000800), 0x401, &(0x7f0000000980)={'trans=xen,', {[{@ignoreqv}, {@noextend}, {@fscache}, {@posixacl}], [{@audit}, {@smackfsfloor={'smackfsfloor', 0x3d, 'sysfs\x00'}}, {@uid_gt={'uid>', r5}}]}})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x64, 0x50a, &(0x7f0000000200)="$eJzs3UFvG1kdAPD/OHZp2nSTBQ6wEsvCLkorqJ1s2DbiUIqE4FQJKPcSEieK4sRR7LRNVEEqPgASQoDECS5ckPgASKgSF44IqRKcQYBACFo4cIDOyvY4TVM7cVs3TuPfT5rMmzfz/H/P0YznzTzNBDC03oqIqxHxKE3TCxExnuXnsil2WlNju4cP7sw3piTS9Po/k0iyvPZnJdn8bFbsdER87csR30yejlvb2l6Zq1TKG9lyqb66XqptbV9cXp1bKi+V12Zmpi/NXp59b3aqL+08FxFXvvjXH3z3Z1+68qvP3PrTjb+f/1ajWmPZ+r3teEb5g1a2ml5ofhd7C2w8Z7DjKN9sYWa00xYjT+Xcfcl1AgCgs8Y5/gcj4pMRcSHGY+Tg01kAAADgFZR+fiz+l0SknZ3qkg8AAAC8QnLNMbBJrpiNBRiLXK5YbI3h/XCcyVWqtfqnF6ubawutsbITUcgtLlfKU9lY4YkoJI3l6Wb68fK7+5ZnIuL1iPj++GhzuThfrSwM+uIHAAAADImz+/r//xlv9f8BAACAE2Zi0BUAAAAAXjr9fwAAADj59P8BAADgRPvKtWuNKW2//3rh5tbmSvXmxYVybaW4ujlfnK9urBeXqtWl5jP7Vg/7vEq1uv7ZWNu8XaqXa/VSbWv7xmp1c61+Y/mJV2ADAAAAR+j1j9/7QxIRO58bbU4Np3or2uNmwHGV300l2bzDbv3H11rzvxxRpYAjMTLoCgADkx90BYCBKQy6AsDAJYes7zp457fZ/BP9rQ8AANB/kx/tfv8/d2DJnYNXA8eenRiGl/v/MLya9/97HcnrZAFOlIIzABh6L3z//1Bp+kwVAgAA+m6sOSW5YnZ5byxyuWIx4lzztQCFZHG5Up6KiNci4vfjhQ80lqebJZND+wwAAAAAAAAAAAAAAAAAAAAAAAAAQEuaJpECAAAAJ1pE7m/Jr1vP8p8cf2ds//WBU8l/xyN7ReitH1//4e25en1jupH/r938+o+y/HcHcQUDAAAAhsIzvcC/3U9v9+MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoJ8ePrgz356OMu4/vhARE53i5+N0c346ChFx5t9J5PeUy0XESB/ijzb+fKRT/KRRrd2Q++Mn7bIvaOfugfFjIvsWOsU/24f4MMzuNY4/Vzvtf7l4qznvvP/lI55Yfl7dj3+xe/wb6bL/n+sxxhv3f1HqGv9uxBv5zsefdvykS/y3e4z/ja9vb3dbl/4kYrLj70/yRKxSfXW9VNvavri8OrdUXiqvzcxMX5q9PPve7FRpcblSzv52jPG9j/3y0UHtP9Ml/sQh7X+nx/b///7tBx9qJQud4p9/u0P83/w02+Lp+O3fvk9l6cb6yXZ6p5Xe682f/+7Ng9q/0KX9h/3/z/fY/gtf/c6fe9wUADgCta3tlblKpbxxYhONXvoxqIbEMUx8u68fmKZp2tinXuBzkjgOX0szMegjEwAA0G+PT/oHXRMAAAAAAAAAAAAAAAAAAAAYXkfxOLH9MXd2U0k/HqENAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAX7wcAAP//ZWfZVg==")
fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
r6 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
write$binfmt_register(r6, &(0x7f00000000c0)={0x3a, 'syz3', 0x3a, 'M', 0x3a, 0x9, 0x3a, '+\'', 0x3a, '', 0x3a, './file2', 0x3a, [0x4f, 0x4f, 0x46, 0x43, 0x4f, 0x50, 0x43, 0x4f]}, 0x31)

54.827133676s ago: executing program 3 (id=565):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
syncfs(0xffffffffffffffff)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000500))
r3 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000540), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xd, &(0x7f0000000580)=ANY=[@ANYRES64=r2, @ANYRES64=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100400095"], &(0x7f0000000000)='syzkaller\x00', 0xffffffff, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @fallback=0xd, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
r5 = mq_open(&(0x7f0000000180)='\r\x00elinu\xef\xe3elinux\x00\x96\xf6\x92\n#*\xac\x05\xce\xf8D\\\x9a\xe6[]L+\xf6\v\xe8\xf2\xd3\b\x15\n\xb8F!Q9o\x1f#\xbdt\r\xfb\"\x18%\xfdM\xaf_t\xd2\xdcJ\x10\a\xbab\x1a\xdf\xb1\xbdU\xd7Lo\xe7\xac\x81\x10k\xce-\xf5@\xbb\x9d;\xe8\xf6\xffQ\x04\xaai\x92k\x1b;\xddM\xa2\xe1-\x0e\xd8\xde\x00\xff\x18\xdd\bL\xfb\xa2.\xb6{\xb5\x85#\x88\xdc\xf0\x0f\x05\xf1\xc4 \xdeV\x80q\xf7\x04\xf5\x85T\x1f\xc2S]*\xc9lw\xd3J\xc5\xe8\x02\xcb\xbbAHxr\xac\xb77F\xdf\x1c\xcb\xd4\xce\x88L\xf1\xf9[\x98\xd4+pTx\x95\xb5\x1b]x\x1a\x95\xe1c6\xe7`83\xb7n#\xe0\xc1_\xec\xba\xde\a\x8b\xc5\x86woo\xbc\x1c\xa3r\x82\xf3enq-\x90/\xed\xff\xad+\x03\x10\t\xda\xfd\xa2\xd0\xef4\n%\xf1\xd8', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000000040)={0x0, 0x1, 0x4})
mq_getsetattr(r5, &(0x7f0000000700)={0x800, 0x10, 0x9}, 0x0)
r6 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_DAEMON(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="0100000000000000000009000000440003800800010002000000140002007663616e300000000000000000000000080003000000000014000600ff"], 0x58}}, 0x0)
sendmsg$IPVS_CMD_SET_DEST(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000300)={&(0x7f0000000440)={0x5c, r6, 0x0, 0x70bd26, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_DAEMON={0x40, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e22}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x5}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e22}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'veth0_to_team\x00'}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x74}]}, 0x5c}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
mq_timedreceive(r5, &(0x7f0000000340)=""/195, 0xc3, 0x0, 0x0)
mq_timedreceive(r5, &(0x7f0000000080)=""/92, 0x5c, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
bpf$BPF_PROG_DETACH(0x1c, 0x0, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
statx(0xffffffffffffffff, 0x0, 0x400, 0x100, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket(0x18, 0x0, 0x0)
connect$pppoe(r9, &(0x7f0000000080)={0x18, 0x0, {0x4, @random="45e3f364e554", 'sit0\x00'}}, 0x1e)
sendmsg$nl_route(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="280000001000010800"/20, @ANYRES32=0x0, @ANYBLOB="8a6306000110000008001b00000000005c31e8a146ed"], 0x28}}, 0x0)

54.54431676s ago: executing program 3 (id=569):
openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x202, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r1}, &(0x7f0000000000), &(0x7f00000005c0)=r2}, 0x20)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
r4 = gettid()
timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000000000)=<r5=>0x0)
r6 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000000c0), 0xc0542, 0x0)
readv(r6, &(0x7f00000018c0)=[{&(0x7f0000000840)=""/4096, 0x1000}], 0x1)
timer_settime(r5, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
sendto$inet6(r3, &(0x7f0000000500)="a4", 0x34000, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r7=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000008c0)=ANY=[@ANYBLOB="1800000000000005000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r8}, 0x10)
timerfd_gettime(0xffffffffffffffff, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x6)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000a00)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r9}, 0x10)
inotify_init1(0x0)
syz_io_uring_setup(0x73eb, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000000000)=<r10=>0x0, &(0x7f0000000100)=<r11=>0x0)
socket$inet6(0xa, 0x5, 0x8b)
syz_io_uring_submit(r10, r11, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffffffffffff31})

54.54393539s ago: executing program 32 (id=569):
openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x202, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r1}, &(0x7f0000000000), &(0x7f00000005c0)=r2}, 0x20)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
r4 = gettid()
timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000000000)=<r5=>0x0)
r6 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000000c0), 0xc0542, 0x0)
readv(r6, &(0x7f00000018c0)=[{&(0x7f0000000840)=""/4096, 0x1000}], 0x1)
timer_settime(r5, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
sendto$inet6(r3, &(0x7f0000000500)="a4", 0x34000, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r7=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000008c0)=ANY=[@ANYBLOB="1800000000000005000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r8}, 0x10)
timerfd_gettime(0xffffffffffffffff, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x6)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000a00)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r9}, 0x10)
inotify_init1(0x0)
syz_io_uring_setup(0x73eb, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000000000)=<r10=>0x0, &(0x7f0000000100)=<r11=>0x0)
socket$inet6(0xa, 0x5, 0x8b)
syz_io_uring_submit(r10, r11, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffffffffffff31})

44.166257504s ago: executing program 4 (id=662):
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x3, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x2, @perf_bp={&(0x7f0000000380), 0x8}, 0x1000, 0x5dd8, 0x100000, 0x5, 0x0, 0xb, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xfffffbffffffffff, 0xffffffffffffffff, 0x2)
setxattr$system_posix_acl(0x0, &(0x7f0000000300)='system.posix_acl_access\x00', 0x0, 0x24, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x1c, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
setgid(0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
getsockname$packet(r3, &(0x7f0000000600)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYRES8=r0, @ANYRES32=r4, @ANYBLOB="f5ff0f00252155b21c0012000c000100626f6e64"], 0x3c}}, 0x40000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=@RTM_GETNSID={0x3c, 0x5a, 0x800, 0x70bd2a, 0x25dfdbfe, {}, [@NETNSA_PID={0x8, 0x2, 0xffffffffffffffff}, @NETNSA_PID={0x8}, @NETNSA_PID={0x8}, @NETNSA_FD={0x8}, @NETNSA_NSID={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x2004c0f0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18799cb61cbe217da50000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfd9bb891a00000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0500000004000000e27f00000100000000000000", @ANYRES32, @ANYBLOB='\x00'/12, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='module_request\x00'}, 0x10)
socketpair(0x0, 0x0, 0x0, &(0x7f00000006c0))
r6 = add_key$keyring(&(0x7f00000000c0), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000200)={0xffffffffffffffff, 0x0, 0x1f, 0x0, &(0x7f0000000000)="fae68670fef1c45ff0634fe72a6253b4357c978887379648e34b8e43761f35", 0x0, 0x1000, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x8000}, 0x50)
keyctl$restrict_keyring(0xa, r6, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000000)='id:cb2e')
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000bc0)=[{{&(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c, &(0x7f0000000440)=[{&(0x7f0000000500)='p', 0x1}], 0x1}}, {{&(0x7f00000001c0)={0xa, 0x4e25, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}, 0x1c, &(0x7f00000003c0)=[{&(0x7f0000001440)="95", 0x1}], 0x1}}], 0x2, 0x20000004)
shutdown(0xffffffffffffffff, 0x1)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000500)=@bpf_lsm={0x7, 0x5, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000000000000000160001000000180095000000000000000500feff"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1, 0x8001, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

44.013468706s ago: executing program 4 (id=666):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="4c00000010000100"/20, @ANYRES32=r0, @ANYBLOB="00000000000000001c0016801800018014000b00ffdfffff0000"], 0x4c}}, 0x0)
socket$packet(0x11, 0xa, 0x300)
ioctl$SIOCX25SDTEFACILITIES(0xffffffffffffffff, 0x89eb, &(0x7f0000000180)={0x1, 0x5, 0x1, 0x7, 0x3, 0xa, 0x3, "16b36def20fbf53d35f65aebecfb0f700da92341", "a06a65ac2ca59aabf879a485a983644e136b39bc"})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="180000000200000000"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
clock_gettime(0x4, &(0x7f0000000380)={<r1=>0x0, <r2=>0x0})
clock_settime(0x0, &(0x7f0000009ac0)={r1, r2+10000000})
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000c00)=ANY=[@ANYBLOB="18000000000000000000000000000040850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000300)='rcu_utilization\x00', r3, 0x0, 0x6}, 0x18)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000071121f00000000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
close(r4)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
listxattr(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x9, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702"], 0x0, 0xffffffc0, 0x0, 0x0, 0x0, 0x50, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000001b40)='sched_switch\x00', r5}, 0x10)
r6 = epoll_create1(0x0)
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r7, &(0x7f00000000c0)={0xe000001a})
read$char_usb(r7, &(0x7f0000001980)=""/179, 0xb3)
epoll_ctl$EPOLL_CTL_MOD(r6, 0x3, r7, &(0x7f0000000000))
write$RDMA_USER_CM_CMD_CREATE_ID(r7, &(0x7f0000000340)={0x0, 0x18, 0xfa00, {0x4, &(0x7f00000002c0), 0x111}}, 0x20)
signalfd(0xffffffffffffffff, 0x0, 0x0)
r8 = gettid()
rt_sigsuspend(&(0x7f0000000040)={[0x3]}, 0x8)
tkill(r8, 0x7)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000004600)=""/102381, 0xfffffceb, 0x0, 0x0)
syz_clone(0x48204411, 0x0, 0x0, 0x0, 0x0, 0x0)

43.415099616s ago: executing program 4 (id=670):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @broadcast}, 0x10)
sendto$inet(r0, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
syz_io_uring_submit(0x0, 0x0, 0x0)
fcntl$setstatus(r0, 0x4, 0x2000)
recvfrom(r0, &(0x7f0000000480)=""/110, 0x168f6f3d, 0x734, 0x0, 0xfffffffffffffecb)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup(r1)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x4000000000000, 0x4, 0x0, 0x14)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000500)=ANY=[@ANYBLOB="38000000ed000000000000000000000418010012f95e9e", @ANYRES32, @ANYBLOB="0000000000000008b7080000000039000000000000425000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
r4 = socket$packet(0x11, 0x2, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r5}, 0x10)
r6 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r7}, &(0x7f0000000180), &(0x7f00000001c0)=r6}, 0x20)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r8}, 0x10)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000940))
setsockopt$packet_tx_ring(r4, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
mmap(&(0x7f0000001000/0x3000)=nil, 0x30000, 0x0, 0x11, r4, 0x0)
setsockopt$packet_tx_ring(r4, 0x107, 0xd, &(0x7f0000000180)=@req3={0xa5e, 0x800, 0x1ff, 0x2, 0x1, 0x8, 0x5}, 0x1c)
epoll_create1(0x80000)
syz_clone3(&(0x7f00000006c0)={0x102102180, 0x0, 0x0, 0x0, {0x40}, 0x0, 0x0, 0x0, &(0x7f0000000680)=[0x0], 0x1}, 0x58)
setxattr$incfs_metadata(&(0x7f0000000040)='./file0\x00', &(0x7f0000000140), &(0x7f0000000340)="e05794c3a8d72ea3cb2684633b6ded262fcfc0048ed91d44543772378fe3f0cd42732470b43f5acd96c0b5ddc379ba7abd602c1e4a4a23aced35567e901c347088f636867c0bd2bd169123a6ae07909ff30ff1f69a88984e3f5b2429e3e376262541285ad78eeb871020d530083ed3c2f4259d03684a03dab143f8bb6f865769a4595f5de79562da275cda5b4ff7df7296b15ba767c1541e46517d28ff9ebba0fe8f3d8377c69170c3d952", 0xab, 0x2)

42.404322542s ago: executing program 4 (id=684):
r0 = syz_io_uring_setup(0xa07, &(0x7f0000000200)={0x0, 0xcc72, 0x0, 0x3}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = syz_io_uring_setup(0x10c, &(0x7f00000000c0)={0x0, 0x6d89, 0x400, 0x40000, 0x115}, &(0x7f0000000400)=<r4=>0x0, &(0x7f0000000040)=<r5=>0x0)
syz_io_uring_setup(0xbc3, &(0x7f0000001480)={0x0, 0x1064, 0x80, 0x4, 0x224}, &(0x7f0000000040)=<r6=>0x0, &(0x7f00000000c0)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000300)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x2, 0xa3d8, &(0x7f00000005c0)=[{&(0x7f0000000240)="5db5bd", 0x3}], 0x81, 0x8, 0x1, {0x2}})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x11c, &(0x7f00000001c0)=0x7f, 0x0, 0x4)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x110, &(0x7f0000000080)=0x400, 0x0, 0x4)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
syz_io_uring_submit(r4, r5, &(0x7f00000004c0)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x8, 0x0, r8, 0x0, 0x0, 0x0, 0x100})
io_uring_enter(r3, 0x8aa, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_ASYNC_CANCEL)
io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0)
r9 = socket$inet6(0xa, 0x3, 0x8)
sendmmsg$inet6(r9, &(0x7f0000004580)=[{{&(0x7f0000000080)={0xa, 0x0, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7}, 0x1c, 0x0, 0x0, &(0x7f00000004c0)=ANY=[], 0x28}}], 0x1, 0x20000000)
syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x4000, &(0x7f00000000c0), 0x2, 0xbb8, &(0x7f00000017c0)="$eJzs3M1rXFUbAPDn3kymaZv3nfTlRawbIyItiNOkkmKLYCsVNy4E3QoN6aSETD9IIjVpFhP9B0RdC24EtSgu7LobRbdutN0qLoQisVEQ0cidjyQ2mTS1M70x/f3gzD3nnpl5nmcuM/cemJkA7luD2U0asT8iTiURpeb+NCKK9V5fRK1xv6XF+bFfF+fHklhefumnJJKIuLk4P9Z6rqS53dsc9EXE188m8b831sednp2bHK1WK1PN8aGZsxcOTc/OPTFxdvRM5Uzl3PCRp0YOjxwZOjrSsVp/++74lV8eef6H2u8f/nH557ffT+J49Dfn1tbRKYMxuPKarFWIiNFOB8tJT7OetXUmhds8KO1yUgAAtJWuuYZ7IErRE6sXb6X4/JtckwMAAAA6YrknYhkAAADY4RLrfwAAANjhWt8DuLk4P9Zq+X4j4d66cSIiBhr1LzVbY6YQtfq2L3ojYs/NJNb+rDVpPOyuDUbE99ePfpK16NLvkDdTW4iIBzc6/km9/oH6r7jX159GxFAH4g/eMv431X+8A/Hzrh+A+9PVE40T2frzX7py/RMbnP8KG5y7/om8z3+t67+lddd/q/X3tLn+e3GLMS598O7FdnNZ/U9fee7jVsviZ9u7KuoO3FiIeKiwUf3JSv1Jm/pPbTFG6c+LlXZzede//F7Egdi4/pZk8/8nOjQ+Ua0MNW43jLHw1chH7eLnXX92/Pe0qb/1/0/tjv+FLcZ45eTJT9ftvL7a3bz+9Mdi8nK9V2zueW10ZmZqOKKYvLB+/+HNc2ndp/UcWf0HH938/b9R/dlnQq35OmRrgYXmNhu/fkvMZy5f+qxdPq31X57H/3Sb47+2/i8L64//m1uM8dgXbx1sN7d2/Zu1LH5rLQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALWlE9EeSllf6aVouR+yNiP/HnrR6fnrm8fHzr547nc1FDERvOj5RrQxFRKkxTrLxcL2/Oj58y/jJiNgXEe+UdtfH5bHz1dN5Fw8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCKvRHRH0lajog0IpZKaVou550VAAAA0HEDeScAAAAAdJ31PwAAAOx81v8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB02b6Hr15LIqJ2bHe9ZYrNud5cMwO6Lc07ASA3PXknAOSmkHcCQG7ucI3vcgF2oOQ2831tZ3Z1PBcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtq8D+69eSyKidmx3vWWKzbneXDMDui3NOwEgNz2bTRbuXR7AvectDvcva3wguc183+p9an+f2dW1nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYfvrrLUnLEVFs7iuXI/4TEQPRm4xPVCtDEfHfiPi21LsrGw/nnDMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACdNz07NzlarVamsk4azc7KHp3VTtJ4xWrbJR+du+wUY1uksU07eX8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQh+nZucnRarUyNZ13JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDepmfnJker1cpUFzt51wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQH7+CgAA//9gfgp0")
r10 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800000000000000000000005a0000008500000022000000180100002020702500000000002020200100000000000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000073000000950a82f353a73ee4572b53b4e43dac8c7138593723e919b0b1384d81ba93a098e98e17b6a5bab6ec54ed4e9e73a422dbe4778ef56dd2a57bacf046aae6a5ae9da86e0f266015dc382f8e1bfa4e00a4d260c0607149a50af021c5193ac79f6a653bb39b152d04ac500d7a8c4468aa0ab38d214e97b13b18"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r11 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r12 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_VIF(r12, 0x0, 0xca, &(0x7f0000000140)={0x5, 0x1, 0xc, 0x2, @vifc_lcl_addr=@rand_addr=0x64010102, @broadcast}, 0x10)
setsockopt$MRT_FLUSH(r12, 0x0, 0xd4, &(0x7f0000000040)=0x8, 0x4)
r13 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x25, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r13, @ANYRESOCT], 0x0, 0x2, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000200)=ANY=[@ANYRES32=0x0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)
write$binfmt_register(r10, &(0x7f0000000140)={0x3a, 'syz2', 0x3a, 'E', 0x3a, 0x2007, 0x3a, 'M', 0x3a, '\x84\xa3\xea\xd6O\x89|\xeb\x80\xf0\xe96\xf4`&\xd4E\xe7L\x82n;H\xd8\xdf\x9a, \\E\xd4\xab\x1ed', 0x3a, './file2', 0x3a, [0x46]}, 0x4b)
r14 = syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1258438, &(0x7f0000000f80)=ANY=[], 0xb, 0x0, &(0x7f0000000000))
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYRES64=r10, @ANYRESHEX, @ANYRES8=r14], 0x48)

42.113410126s ago: executing program 4 (id=687):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b0000000600000001f4000009000000010000", @ANYRES32, @ANYBLOB='\x00'/12, @ANYRES32=<r2=>0x0, @ANYRES32, @ANYBLOB='\x00'/14], 0x50)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c0000000203850000a26939d60000000000000f0800010001"], 0x1c}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'veth0_vlan\x00', <r4=>0x0})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xe, 0x10, &(0x7f0000000580)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYRESOCT=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='mm_page_free\x00', r5, 0x0, 0x2}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f0000000200)={[{@max_batch_time={'max_batch_time', 0x3d, 0x358}}, {@resuid}, {@stripe={'stripe', 0x3d, 0x9}}]}, 0x3, 0x44b, &(0x7f00000004c0)="$eJzs282PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rClJYO9PdLLpxz77lzztN7T3vOPW0AI2sq+yeJ2BoRf0bERD3bXGCq/t/Vy2cXrl0+u5BEtfruP0mt3JXLZxeKosV5W/LMdBqRfpHE7jb1rpw+c3y+Ulk6lednV098NLty+swLx07MH106unRy/6FDBw/MvfzS/hf7EmfWpiu7Pl3es/OtD755+/BXTfG3xNEnU90OPl2t9rm64drWkE7GhtgQ1qUUEdnlKtf6/0SUYu3iTcSbnw+1ccBAVavV6pbOh89VgXtYEs15XR5GRfFBn81/i611EPDq4IYfQ3fptfoEKIv7ar7Vj4xFmpcpt8xv+2kqIt4/9+932RaDeQ4BANDkp2z883y78V8aDzWUuy9fG5qMiPsjYntEPBAROyLiwYha2Ycj4pF11t+6SHLj+Ce92FNgtygb/72Sr201j/+K0V9MlvLctlr85eTIscrSvvw1mY7ypiw/16WOn9/44+tOxxrHf9mW1V+MBfN2XBzb1HzO4vzq/O3E3OjS+YhdY+3iT66vBCQRsTMidvVYx7Fnf9jT6djN4++iD+tM1e8jnqlf/3PREn8h6b4+Ofu/qCztmy3uihv99vuFdzrVf1vx90F2/f/f9v6/Hv9k0rheu7L+Oi789WXHOU2v9/948l4tPZ7v+2R+dfXUXMR4crje6Mb9+9fOLfJF+Sz+6b3t+//2WHsldkdEdhM/GhGPRcTjedufiIgnI2Jvl/h/ff2pD3uPf7Cy+BfXdf3XEuPRuqd9onT8lx+bKp28If5r3a//wVpqOt9zK+9/t9Ku3u5mAAAAuPukEbE1knTmejpNZ2bq35ffEZFWlldWnzuy/PHJxfpvBCYj0uJJ10TD89C5fFpfz5+PiPpXC4rjB/Lnxt+WNtfyMwvLlcVhBw8jbkuH/p/5uzTs1gED5/daMLr0fxhd+j+MLv0fRleb/r95GO0A7rx2n/+fDaEdwJ3X0v8t+8EIMf+H0aX/w+jS/2EkrWyOm/9Ivmui+Es9nn7PJqK8IZoxsESkG6IZGzZRvsv7xfDekwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPrpvwAAAP//9gndaw==")
r6 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
r7 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r8 = ioctl$LOOP_CTL_GET_FREE(r7, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r7, 0x4c81, r8)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r8)
ftruncate(r6, 0x2007ffc)
sendfile(r6, r6, 0x0, 0x3fffffffc00)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r9, 0x0, 0x6}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
epoll_create1(0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000008c0)=@getchain={0x6c, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {}, {0x9}}, [{0x8, 0xb, 0x10001}, {0x8, 0xb, 0xec}, {0x8, 0xb, 0x5}, {0x8, 0xb, 0x8}, {0x8, 0xb, 0x8}, {0x8, 0xb, 0x1}, {0x8}, {0x8, 0xb, 0x1}, {0x8, 0xb, 0x2}]}, 0x6c}}, 0x804)
r10 = memfd_create(&(0x7f00000001c0)='\x00\xc76\xbe\x91\x8d\x182)!\x9a%\xd9\x19\x17\xb0\xed|\xb3\xc2\x017h\xe9kL\xa2\xd28\xd6\x06\a\x0e\xfc\xfe\x12\x8f&\x13\xae%@T\xa3\xb0>\\\xec\xa9\xf9Q@6A\x10\x8cn|\x00\x00\x00\x00\x00\x00\x00\x00\xeb0\xdd\xe8\x87\x05=\xfb\x8b$\xdcQ\xee\xc5\x1f\x8bQ\xf7fo\"i\xa1hk\x1d\xf5z\xc1\x7f\xa4\\]\xc4\xbe3\xf9\xa8\t?:\xd8\xda\x84\xeepI[\x1c\x00\x00\x00\x00\xf9v\x00\x00\x00\x00\x00T\xb6\xbe\x0f~\xc0\x92\xe9O{\xa8\x81(\x01\x14\xfc\x83\xf9\xfb\x05\x94Tr@Lq]\xf9\x15zj\x87\xc4\x8e\xe8/\xb9-&R\x8e\xb2\xb3bBx\x1e1\x18\x8f2\xf7]#\xed,\xc7\x03\x00\x00\x00\xa3\xee\xcb\xaf\xb3\xe3\'}\x18\xe8O\xa8#K\xb6\xe4R$\xaa\x00U\x92\xd2\x99\xb8<X\xfa\xdd\x8a6\xa1\x82\xf7r\xd8z\x85\x8do\xa5\xed\xd4\xbc8\xfb\x16\x8e\x8b-W\xd4\xc9\xbc\x94CR[Du8U^\xf2tl8\xfe\xd0\x94\xfe\xf5\x1c+\x00U\te\xfa6\xca\xb9\xb4Q\xd9\xee\r6\x861h{\xc7z\'F\xc7\x91\x06x\xe1`\xf1:\xbd+\xd5\f\xb2\xce\xa4\x06\x90\x90\x9b\x1d\xcaa\xf7\x8f\x9e\x80\x93\xafT\xdfl\xec\xc6\x8e\x96', 0x5)
fsetxattr$security_selinux(r10, &(0x7f0000000480), &(0x7f00000004c0)='system_u:object_r:hwdata_t:s0\x00', 0x1a, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x31, 0x2e, &(0x7f0000000c40)=ANY=[], &(0x7f00000006c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$inet_sctp(0x2, 0x5, 0x84)
r11 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r11, 0x0, 0x48b, &(0x7f0000000000)={0x2, 'lo\x00', 0x5}, 0x18)

41.726716882s ago: executing program 4 (id=690):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0x2138, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES64=r2, @ANYBLOB="000000ff00000000b702000003000010850000008600000095"], &(0x7f0000000240)='GPL\x00', 0xfffffffd, 0x0, 0x0, 0x525cb1e040477365, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r3, 0x0, 0x192}, 0x18)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000f80)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a30000000000800054000000002580000000e0a01020000000000000040010000000900020073797a32000000001800038014000080100001800400028006000180000000000900010073797a30"], 0xc8}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000100)=@generic={&(0x7f00000000c0)='./file0\x00'}, 0x18)
unshare(0x2c020400)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_TIMEOUT={0xb, 0x11, 0x0, 0x0, 0x7, &(0x7f0000000100)={0x0, 0x989680}, 0x1, 0x4, 0x1})
io_uring_enter(0xffffffffffffffff, 0x627, 0xc1040000, 0x43, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f00000002c0)='kfree\x00', r2, 0x0, 0x5}, 0x18)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
tgkill(0x0, 0x0, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f0000000cc0)=@raw={'raw\x00', 0x8, 0x3, 0x1c8, 0x0, 0x43, 0xa0, 0x0, 0x98, 0x2d0, 0x178, 0x178, 0x2d0, 0x178, 0x49, 0x0, {[{{@ip={@empty=0x5107, @multicast2, 0x0, 0x0, 'veth0_to_bond\x00', 'ip6erspan0\x00', {0xff}, {}, 0x9}, 0x12a, 0x70, 0x90, 0x0, {0x0, 0x7a010000}}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x70, 0xa0}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{0x0, 0x5}, {0x1, 0x4, 0x5}, 0xb}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x228)
perf_event_open(&(0x7f0000000140)={0x0, 0x80, 0x40, 0x2, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x8}, 0x1100, 0x5dd9, 0x0, 0x5, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
connect$qrtr(0xffffffffffffffff, &(0x7f0000000040)={0x2a, 0xffffffff}, 0xc)
socket$netlink(0x10, 0x3, 0x14)
r6 = socket$netlink(0x10, 0x3, 0xa)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'bridge0\x00'})
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c0000000200"/38], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
r7 = socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x23c60, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}, 0x9082, 0x0, 0x0, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
creat(0x0, 0xd3)

41.616313744s ago: executing program 33 (id=690):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0x2138, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES64=r2, @ANYBLOB="000000ff00000000b702000003000010850000008600000095"], &(0x7f0000000240)='GPL\x00', 0xfffffffd, 0x0, 0x0, 0x525cb1e040477365, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r3, 0x0, 0x192}, 0x18)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000f80)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a30000000000800054000000002580000000e0a01020000000000000040010000000900020073797a32000000001800038014000080100001800400028006000180000000000900010073797a30"], 0xc8}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000100)=@generic={&(0x7f00000000c0)='./file0\x00'}, 0x18)
unshare(0x2c020400)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_TIMEOUT={0xb, 0x11, 0x0, 0x0, 0x7, &(0x7f0000000100)={0x0, 0x989680}, 0x1, 0x4, 0x1})
io_uring_enter(0xffffffffffffffff, 0x627, 0xc1040000, 0x43, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f00000002c0)='kfree\x00', r2, 0x0, 0x5}, 0x18)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
tgkill(0x0, 0x0, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f0000000cc0)=@raw={'raw\x00', 0x8, 0x3, 0x1c8, 0x0, 0x43, 0xa0, 0x0, 0x98, 0x2d0, 0x178, 0x178, 0x2d0, 0x178, 0x49, 0x0, {[{{@ip={@empty=0x5107, @multicast2, 0x0, 0x0, 'veth0_to_bond\x00', 'ip6erspan0\x00', {0xff}, {}, 0x9}, 0x12a, 0x70, 0x90, 0x0, {0x0, 0x7a010000}}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x70, 0xa0}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{0x0, 0x5}, {0x1, 0x4, 0x5}, 0xb}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x228)
perf_event_open(&(0x7f0000000140)={0x0, 0x80, 0x40, 0x2, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x8}, 0x1100, 0x5dd9, 0x0, 0x5, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
connect$qrtr(0xffffffffffffffff, &(0x7f0000000040)={0x2a, 0xffffffff}, 0xc)
socket$netlink(0x10, 0x3, 0x14)
r6 = socket$netlink(0x10, 0x3, 0xa)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'bridge0\x00'})
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c0000000200"/38], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
r7 = socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x23c60, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}, 0x9082, 0x0, 0x0, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
creat(0x0, 0xd3)

2.801768516s ago: executing program 2 (id=1325):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x2)
ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000080)={0x3, 0x5, 0x7e, 0x7d213f1b, 0x8, "f04fca79026e683c68c46babba12956200", 0x7, 0x6})
ioctl$TIOCL_PASTESEL(r0, 0x541c, &(0x7f0000000000))

2.787160746s ago: executing program 2 (id=1327):
r0 = syz_mount_image$ext4(&(0x7f0000000140)='ext3\x00', &(0x7f00000005c0)='./file1\x00', 0x8205, &(0x7f0000000000)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x15}}, {@stripe}, {@jqfmt_vfsold}, {@errors_remount}, {@quota}, {@noblock_validity}, {@minixdf}, {@min_batch_time={'min_batch_time', 0x3d, 0x16}}]}, 0x1, 0x60a, &(0x7f0000001c40)="$eJzs3c9rHNcdAPDvzEqqZKuVXYqpTUsFPdhQrB+uqduebF/qg6GG+lBCDhaW5AivbGHJEDuGyJBDAgmEkGsIvuQfyD2YXHMLgSS3nANOCA45JMEbZnbHXla78lrR/pDn84FZvXkzu+999+lp3uzo7QRQWtPZQxpxOCIuJRFTTdsmo75xurHfw+/uXM6WJGq1/32bRNLIK/Z/1Pi5P3tIIsYj4tOzEb+vbC13/dbtqwvVWt2rEbMbq2uz67duH19ZXbiydGXp2vyJf548Nfev+ZPzuxJnEde58//901uvvfSP5c+qx5M4HRdHX1mMljh2y3RMx6NGiM35IxFxKku0eV/2miKEZMD1YGcqjd/H0Yg4FFNRydfqpmLlzYFWDuipWiWiBpRUov9DSRXjgOLcvhfnwcPswZn6CdDW+Efqn43EeH5utO9h0nRmVD/fPbAL5Wdl/HznyHvZEh0+hxjZhXI62bwbEX9sF3+S1+1A/ilOFn8aadPzsvRcRIw13ot0h+VPt6z3+/fvWeJvbocs3tONn1n+2R2WP+j4ASin+2caB/LNbO3J8S8bGRbjn2gz/plsc+zaiUEf/zqP/4rj/Xj+GXnaMg7LxjwX2r/kaGvGV2+ce6dT+c3jv2zJyi/Ggv3w4G7EkZb4X88Hc8nj9k/atH+2y6Uuy/jP59+c67Rt0PHX7kUcbXv+8+SKVpaa3VhdK/Jark/OLq9Ul+bqj23L+OiTFz/oVP6g48/aPzrEv137Z3lrXZbx4YV7q522TT41/vTrseRinhpr5Ly8sLFxYz5iLDnf2KUp/8T2dSn2KV4ji//YX9v3/23izxt6s8v41/5/9WE9tfUqadftv+WvSu5Rrcs6dJLFv7jD9n+7yzJ+eOHmn1uyJorEdvFPbH2ppNv3HAAAAAAAAMooza/BJunM43SazszU5/D+Ifal1evrG39bvn7z2mLEsfz/IUfT4kr3VH09ydbnG/8PW6yfaFn/e0QcjIh3KxP5+szl69XFQQcPAAAAAAAAAAAAAAAAAAAAQ2J/Y/5/cZ/q7yv1+f9d2TjU49oBPdfLG8wBw03/h/LK+/9O7+AK7GmO/1Be+j+Ul/4P5aX/Q3np/1Be+j+Ul/4P5aX/AwAAAMBz6eBf7n+ZRMTmvyfyJTPW2DY60JoBvfbsfXy6J/UA+q/S16cBw+TxpX/T/6F0uhr//9j4csDeVwcYgKRdZj44qG3f+e+3fSYAAAAAAAAAAAAA0ANHD5v/D2WVxseDrgIwIL9iIr/vAIA9zlf/Q3k5xweeNot/vNMG8/8BAAAAAAAAAAAAoG8m8yVJZxq3AJ2MNJ2ZifhtRByI0WR5pbo0FxG/i4gvKqO/ydbnB11pAAAAAAAAAAAAAAAAAAAAeM6s37p9daFaXbrRnPhpS87znSjugjos9WlORNL/QiciYhhi701ipCknidjMWn4oKnZjPYaiGmlejQH/YQIAAAAAAAAAAAAAAAAAgBJqmnvc3pH3+1wjAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOi/J/f/33kiecrrDDpGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGBv+iUAAP//q+Q5KA==")
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r2 = accept$packet(r0, &(0x7f0000000680)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f00000006c0)=0x14)
setsockopt$packet_tx_ring(r2, 0x107, 0xd, &(0x7f0000000700)=@req3={0x1000, 0x8, 0xff, 0x1, 0x1, 0xd52, 0x5}, 0x1c)
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4005, &(0x7f0000000040)=0x81, 0x5, 0x0)
set_mempolicy_home_node(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x2, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000100850000004300000095"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r3}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
shmget$private(0x0, 0x400000, 0x0, &(0x7f000000e000/0x400000)=nil)
stat(&(0x7f00000002c0)='./file1\x00', &(0x7f0000000480))
msgget$private(0x0, 0x440)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000002c0)=0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x400, &(0x7f0000000080), 0x0, 0x5b4, &(0x7f00000000c0)="$eJzs3U9sHFcZAPBvNrZ3nTh1Cj0UBDSUQkBR17GTRlUvLRckqKoiFU49pJa9sSKvs1F2XWrjg3PiwBWJSpzgwoVTD5WKhOgJceUGNy7lgFRQBIqREBo041l7vdnNbuo/G9u/nzTeN/PezvfeyjOz83ZmXgCn1sWI2IyIiYh4JyKmI8mXJ8UUr21PWbkH9zcWtu5vLCSRpm/9c6xYw8ZC9vfpjnWei4if9IhV7kg319aX5+v12t1ifqa1cmemubb+4q2V+aXaUu323Nz12etXXr760tyBtfW5lQ8+/c6t13/4u4++/MmfNr/146x9rxZ5Wds6iiZpmu4/4KvFZxjjMdVecURkn9zr+1/7E+FM0Z6J7ozJ0dSHx1OKiM9FxPNFekdldHUCAA5Xmk5HOt05v6uUz1V2liY9ygAAx092zj8VSakaMbGdLpWq1bwPr/JMnC3VG83W5ZuN1duLkfdhXYjx0s1b9dqVvK8wohzjSTY/m+fl+fn8XNf81aKP8GflyXy+utCoL47qSw8AnHLndo//ef//v8vZ8b88zFsrEVMbv712+HUEAA6B3/oB4PR5+Pg/PpJ6AABHZ8D5f3ogN8MAAE+UjuP/UL/8AwDHX6Xr3v+edm7/AwBOgp79/2+f300/u/M4MADghHD9PwCcKt9/441sSrfSJH/+9eK7a6vLjXdfXKw1l6srqwvVhcbdO9WlRmMpf2bPSo9V3OucqTcad2avxep7M61aszXTXFu/sdJYvd26kT/X+0bNjQUAMHpPP/fxX5KI2HxlMp+iPZbD4AsCgGPOZg6n15lRVwAYmbFRVwAYGf3xwKCLe3teIjQZEe/3f0+PIWBdQwxPkEtf6NP/3/3dYG9H4f88EAiOv2Kz1g0Ap9D++v/1HsBx9ugDvxuD4CRL08R4/gBwygxxBu8SQTjhPtPv/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDKTeVTUqoWY4FPRalUrUacj4gLMZ7cvFWvXYmIpyLiz+XxcjY/O+pKAwD7VPp7Uoz/dWn6hanu3InkP+X8NSJ+9Iu3fv7efKs9dODO8tb7+fLW3bmeAcqH3wYAoMNY94L2cTp/7TiRf3B/Y6E9HWUFP/329uCiWdyt+xsLu+MRjxWVn87HKD77r2RPY5IDGph4815EPNvd/tJO/oVi5NPu+Fns84cWP/IWTu2Jv/drVCnP237NPovPTw4Z7wDqDCfFx9n+57Ve218pLuavxfY3tndnWomfPrxz/Qza+7+tdHv/t9URP1v/m+cr+b6m1/7v4rAxrv3hu33z7p1JvzgW0Y691bH/2VbJU73ivzBk/L9+6SvP9/uw0l9GXIpHxd9OzbRW7sw019Z/870P/7hUW6rdnpu7Pnv9ystXX5qbyfuoZ9o91Q/7xyuXn+rf/oizfeJXBrT/60O2/1f/feftrz4i/je/1it+KZ55RPzsmPiNIePPn/2w7/DdWfzFPu0f2xN/Ys/7smWXu1fW5x/yk7+tLw5ZVQDgCDTX1pfn6/Xa3WESpVhfnm+faPYv/MGbvy/3W8/kgBDJ5sBqZBXonRVDtWLoxEeDyozv+RAqBxt9N3GuT9avH3uF43E4NTzsxL3HKFweTVXPRL3dHzWwcFFu8L/6YSUuDlFmRDsk4MjsbvSDSo492P7Z/2jqBQAAAAAAAAAAAAAA7Gr+oHjk3wHfadR5M9yo2wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDJ9f8AAAD//+q+zdU=")
capset(&(0x7f0000000c00)={0x20080522}, &(0x7f0000000280)={0x0, 0x3, 0x7, 0x0, 0x10040, 0x8f})
setxattr$incfs_id(&(0x7f0000000080)='./cgroup.cpu/cgroup.procs\x00', &(0x7f0000000440), 0x0, 0x0, 0x2)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000100)=0x2)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0b00000005000000010001000900000001"], 0x48)
perf_event_open(&(0x7f0000000800)={0x2, 0x80, 0xa4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0430, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1220, 0x0, 0x401}, 0x0, 0xfffffdffffffffff, 0xffffffffffffffff, 0x0)
syncfs(r5)

2.623003118s ago: executing program 2 (id=1332):
readv(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x8000000000, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, @perf_bp={0x0, 0x13}, 0x2, 0xffffffff, 0x6, 0x6, 0x4, 0x1, 0xfff9, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0xb)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, 0xffffffffffffffff)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = fsmount(0xffffffffffffffff, 0x0, 0x5)
mount_setattr(r2, &(0x7f0000000000)='.\x00', 0x0, &(0x7f0000000200)={0x5}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000280)={@fallback, 0xffffffffffffffff, 0x2e, 0x1, 0xffffffffffffffff, @void, @value}, 0x20)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@deltaction={0x34, 0x18, 0x1, 0x70bd25, 0x25dfdbfe, {0xa}, [@TCA_ACT_TAB={0x20, 0x1, [{0xc, 0x7d, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0x10, 0x8, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'csum\x00'}}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x44094}, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000001240)='./file2\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x11ff, &(0x7f0000001280)="$eJzs3E+LHEUYB+B315iNG/ePGqMJiIVe9NJk9+BFL4tsQDKgJFkhEYSO26vDtDPD9LAwIkZPXv0cIojgTRBvetmL30DwthePEcSWndEko5PDSEiH5Xku80LVb6jqphuq6erD1774sLNXZXv5MBYXFmKxH5FupUixGP/4NF5+9cefnrty7fqlrVZr+3JKF7eubrySUlp9/vt3Pv7qhR+Gp9/+dvW7pThYf/fwt81fD84enDv88+oH7Sq1q9TtDVOebvR6w/xGWaTddtXJUnqrLPKqSO1uVQym2vfKXr8/Snl3d2W5PyiqKuXdUeoUozTspeFglPL383Y3ZVmWVpaD+Z24Xe18eauu64i6fjRORl3X9WOxHKfj8ViJ1ViL9Xginoyn4kw8HWfjmXg2vvnl69FRAgAAAAAAAAAAAAAAAAAAALh/5t3/f27cq+lRAwAAAAAAAAAAAAAAAAAAwPFy5dr1S1ut1vbllE5FlJ/v7+zvTH4n7Vt70Y4yirgQa/FHjHf/T0zqi2+0ti+ksfX4rLz5d/7m/s4j0/mN8ecEZuY3Jvk0nV+K5bvzm7EWZ2bnN2fmT8VLL96Vz2Itfn4velHGbhxl7+Q/2Ujp9Tdb/8qfH/cDAACA4yBLt81cv2fZvdon+TmeD0ytr4+y5080OnUiohp91MnLshgoHvriZLPD+L2u6+YPQkPFva+UpYj43/+8EBEPxwT/UzR9Z+JBuHPSmx4JAAAAAAAAAAAA83gQrxM2PUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YgeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHwVAAD//+pd0x0=")
openat$selinux_attr(0xffffffffffffff9c, 0x0, 0x2, 0x0)
execveat(0xffffffffffffff9c, &(0x7f0000000340)='./file2\x00', 0x0, 0x0, 0x0)
syz_clone3(&(0x7f0000001880)={0x100000200, 0x0, 0x0, 0x0, {0x39}, 0x0, 0x0, 0x0, 0x0}, 0x58)

2.364542872s ago: executing program 6 (id=1335):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth1_to_hsr\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0xf3f, 0xa)
sendto$packet(r0, &(0x7f0000000480)="3f031c000300140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b6800000cc9068a219e2294f4f5b6f26d8c737e644906d5411d447c33ac33121387", 0x42, 0x24000094, &(0x7f0000000540)={0xc9, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

2.350409893s ago: executing program 6 (id=1336):
syz_io_uring_setup(0x4258, &(0x7f0000000040)={0x0, 0x999f, 0x10000, 0x2, 0x121}, &(0x7f00000000c0), &(0x7f0000000100))
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
recvmsg(r3, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1, 0x0, 0x20}, 0x1f00)
sendmsg$tipc(r4, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000280)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x8000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000280)='xprtrdma_post_recvs\x00', r5, 0x0, 0x7fffffffffffffd}, 0xffffffffffffff95)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
write$cgroup_pid(r1, &(0x7f00000001c0), 0x12)
r6 = syz_clone(0x20800000, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r8 = openat$cgroup_procs(r7, &(0x7f00000003c0)='cgroup.procs\x00', 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000180)={0x0, &(0x7f0000000280)})
r9 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x1c)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r10}, 0x10)
write$cgroup_pid(r8, &(0x7f00000005c0)=r6, 0x12)
r11 = openat$cgroup_freezer_state(r0, &(0x7f0000000080), 0x2, 0x0)
write$cgroup_freezer_state(r11, &(0x7f00000000c0)='THAWED\x00', 0x7)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)

1.474734467s ago: executing program 2 (id=1343):
r0 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x141341)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$ITER_CREATE(0x21, &(0x7f0000000300), 0x8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
gettid()
timer_create(0x0, 0x0, &(0x7f0000bbdffc)=<r4=>0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000200)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
timer_delete(r4)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000040000000000000000000100000a20000000000a05000000000000000000070000010900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021800000000c0a01030000000000000000070000080900020073797a31000000000900010073797a30000000005400038050000080080003400000000244000b802c0001800a0001006c696d69740000001c0002800c00014000000000000000030c000240000000000000001014000180090001006c617374"], 0x104}}, 0x40000)

1.403052988s ago: executing program 6 (id=1346):
r0 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f00000000c0)="ff", 0x1, 0xffffffffffffffff)
r1 = add_key$keyring(&(0x7f0000000540), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r1, &(0x7f0000000200)='asymmetric\x00', &(0x7f0000000080)=@chain={'key_or_keyring:', r0})
keyctl$KEYCTL_MOVE(0x1e, r0, 0xffffffffffffffff, r1, 0x0)

1.343596079s ago: executing program 6 (id=1349):
semop(0x0, &(0x7f0000000080)=[{0x0, 0x5, 0x1000}], 0x1)
semtimedop(0x0, &(0x7f0000000040)=[{0x2, 0x7ffd}, {}], 0x2, 0x0)
semctl$GETVAL(0x0, 0xc, 0xc, &(0x7f00000000c0)=""/8)

1.298766699s ago: executing program 6 (id=1352):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0x2000000000000000}, 0x18)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r1, 0x0, 0x48b, &(0x7f0000000000)={0x1, 'veth0_virt_wifi\x00', 0x2000000}, 0x18)

1.29867394s ago: executing program 1 (id=1353):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="1801000000001f00000000000000ea1f850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xec, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0xfffffffffffffffc}, 0x18)
lsm_set_self_attr(0x66, 0x0, 0x40, 0x0)

1.133516782s ago: executing program 0 (id=1354):
readv(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x8000000000, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, @perf_bp={0x0, 0x13}, 0x2, 0xffffffff, 0x6, 0x6, 0x4, 0x1, 0xfff9, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0xb)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, 0xffffffffffffffff)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f00000002c0)={{0x1, 0x1, 0x18, r1, {0xffffff01}}, './file1\x00'})
pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = fsmount(0xffffffffffffffff, 0x0, 0x5)
mount_setattr(r2, &(0x7f0000000000)='.\x00', 0x0, &(0x7f0000000200)={0x5}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000280)={@fallback, 0xffffffffffffffff, 0x2e, 0x1, 0xffffffffffffffff, @void, @value}, 0x20)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@deltaction={0x34, 0x18, 0x1, 0x70bd25, 0x25dfdbfe, {0xa}, [@TCA_ACT_TAB={0x20, 0x1, [{0xc, 0x7d, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0x10, 0x8, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'csum\x00'}}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x44094}, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000001240)='./file2\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x11ff, &(0x7f0000001280)="$eJzs3E+LHEUYB+B315iNG/ePGqMJiIVe9NJk9+BFL4tsQDKgJFkhEYSO26vDtDPD9LAwIkZPXv0cIojgTRBvetmL30DwthePEcSWndEko5PDSEiH5Xku80LVb6jqphuq6erD1774sLNXZXv5MBYXFmKxH5FupUixGP/4NF5+9cefnrty7fqlrVZr+3JKF7eubrySUlp9/vt3Pv7qhR+Gp9/+dvW7pThYf/fwt81fD84enDv88+oH7Sq1q9TtDVOebvR6w/xGWaTddtXJUnqrLPKqSO1uVQym2vfKXr8/Snl3d2W5PyiqKuXdUeoUozTspeFglPL383Y3ZVmWVpaD+Z24Xe18eauu64i6fjRORl3X9WOxHKfj8ViJ1ViL9Xginoyn4kw8HWfjmXg2vvnl69FRAgAAAAAAAAAAAAAAAAAAALh/5t3/f27cq+lRAwAAAAAAAAAAAAAAAAAAwPFy5dr1S1ut1vbllE5FlJ/v7+zvTH4n7Vt70Y4yirgQa/FHjHf/T0zqi2+0ti+ksfX4rLz5d/7m/s4j0/mN8ecEZuY3Jvk0nV+K5bvzm7EWZ2bnN2fmT8VLL96Vz2Itfn4velHGbhxl7+Q/2Ujp9Tdb/8qfH/cDAACA4yBLt81cv2fZvdon+TmeD0ytr4+y5080OnUiohp91MnLshgoHvriZLPD+L2u6+YPQkPFva+UpYj43/+8EBEPxwT/UzR9Z+JBuHPSmx4JAAAAAAAAAAAA83gQrxM2PUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YgeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHwVAAD//+pd0x0=")
openat$selinux_attr(0xffffffffffffff9c, 0x0, 0x2, 0x0)
execveat(0xffffffffffffff9c, &(0x7f0000000340)='./file2\x00', 0x0, 0x0, 0x0)
syz_clone3(&(0x7f0000001880)={0x100000200, 0x0, 0x0, 0x0, {0x39}, 0x0, 0x0, 0x0, 0x0}, 0x58)

1.085202883s ago: executing program 1 (id=1355):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
io_setup(0x2, &(0x7f0000002400)=<r1=>0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r2}, &(0x7f0000000580), &(0x7f00000005c0)=r3}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
io_submit(r1, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, r0, &(0x7f0000000040)="5400ffff0000", 0x6, 0x0, 0x0, 0x2}])

575.682021ms ago: executing program 2 (id=1356):
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x101)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@link_local, @multicast, @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x11, 0x7c, 0x0, @multicast1}}}}}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f00000000c0)="ff", 0x1, 0xffffffffffffffff)

534.691562ms ago: executing program 6 (id=1357):
syz_io_uring_setup(0x4258, &(0x7f0000000040)={0x0, 0x999f, 0x10000, 0x2, 0x121}, &(0x7f00000000c0), &(0x7f0000000100))
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
recvmsg(r3, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1, 0x0, 0x20}, 0x1f00)
sendmsg$tipc(r4, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000280)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x8000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000280)='xprtrdma_post_recvs\x00', r5, 0x0, 0x7fffffffffffffd}, 0xffffffffffffff95)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
write$cgroup_pid(r1, &(0x7f00000001c0), 0x12)
r6 = syz_clone(0x20800000, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r8 = openat$cgroup_procs(r7, &(0x7f00000003c0)='cgroup.procs\x00', 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000180)={0x0, &(0x7f0000000280)})
r9 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x1c)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r10}, 0x10)
write$cgroup_pid(r8, &(0x7f00000005c0)=r6, 0x12)
r11 = openat$cgroup_freezer_state(r0, &(0x7f0000000080), 0x2, 0x0)
write$cgroup_freezer_state(r11, &(0x7f00000000c0)='THAWED\x00', 0x7)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)

517.953902ms ago: executing program 2 (id=1358):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)

517.516482ms ago: executing program 1 (id=1359):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
write$binfmt_script(r0, &(0x7f0000000200), 0xfffffd9d)
setsockopt$IP6T_SO_SET_ADD_COUNTERS(r0, 0x29, 0x41, &(0x7f0000000400)={'mangle\x00', 0x2, [{}, {}]}, 0x48)

436.493683ms ago: executing program 1 (id=1360):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000600)='sys_enter\x00', r1}, 0x18)
rt_sigaction(0x19, 0x0, 0x0, 0x8, &(0x7f0000000440))

436.269893ms ago: executing program 1 (id=1361):
r0 = socket(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0x3c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800019f00000000000000000a000000000000000800010001000000040004"], 0x24}, 0x1, 0x0, 0x0, 0x40085}, 0x0)

420.774253ms ago: executing program 1 (id=1362):
semop(0x0, &(0x7f0000000080)=[{0x0, 0x5, 0x1000}], 0x1)
semtimedop(0x0, &(0x7f0000000040)=[{0x2, 0x7ffd}, {}], 0x2, 0x0)
semctl$GETVAL(0x0, 0xc, 0xc, &(0x7f00000000c0)=""/8)

166.434677ms ago: executing program 0 (id=1365):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r1=>0x0})
sendto$packet(r0, &(0x7f00000002c0)="05030500d3fc030000004788800509101128", 0x100f, 0x4, &(0x7f0000000140)={0x11, 0x88a8, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

166.207627ms ago: executing program 0 (id=1367):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_NAME(0xf, &(0x7f0000000000)='\x00\a\a_x\xba\'M8#\xcc\x93t\x02he6\x1e\x00\x00')
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)

112.320528ms ago: executing program 5 (id=1368):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000400)='kmem_cache_free\x00', r0, 0x0, 0x3}, 0x18)
linkat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0)

112.051838ms ago: executing program 0 (id=1369):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000540)=@framed={{0x18, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0xfffffffd}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000480)='kfree\x00', r0}, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_RTHDR(r1, 0x29, 0x39, &(0x7f0000000400)={0x1, 0x2, 0x2, 0x10, 0x0, [@private1={0xfc, 0x1, '\x00', 0x1}]}, 0x18)

111.810638ms ago: executing program 5 (id=1370):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, @perf_config_ext={0x2, 0x800800000003}, 0x1100, 0x5dd8, 0x3, 0x5, 0x0, 0x8, 0xff7b, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0x1400c, &(0x7f0000000840)={[{@stripe={'stripe', 0x3d, 0x3d}}, {@init_itable}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x3, 0x44c, &(0x7f0000000340)="$eJzs28tvG1UXAPAzdpx++dKSUMqr5REoiIpH0qQFumABCCQWRUKCBSyjJK1C3QQ1QaJVJFIWZYUQEnvEkn+BFWwQYoXEFvaoUoWyoWVlNPZMYru2m6R2XOrfT5r23Hnk3uOZa9+ZawcwsCbSf5KI/RHxe0SM1YqNO0zU/ru+sTZ3Y2NtLolK5d2/kup+f2+szeW75seN1hciiSMt6l25eOncbLm8cCErT62e/2hq5eKlFxbPz55dOLuwNHPq1MkT0y+/NPNiV/IcjUIWvfXBV2+f/qIh/6Y8umSi08anK5UuV9dfB+riZKiPDWFHihGRnq5Stf+PRTG2Tt5YvPlZXxsH9FSlUqmMtt+8XgHuYkk0lnV5GBT5B316/5svzYOAV3s3/Oi7a6/VboDSvK9nS23L0OYTg1LT/W03TUTE++v/fJMu0ZvnEAAADX5Ixz/Pp6Od5vFfIR6o2++ebG5oPCLujYiDEXFfLMWhiLg/orrvgxHx0A7rb54kuXn8U7i6q8S2KR3/vZLNbTWO//LRX4wXs9KBav6l5MxieeF49poci9K+tDzdoY4f3/jty3bb6sd/6ZLWn48Fs3ZcHdrXeMz87Ors7eRc79rliMNDrfJPNmcCkoh4OCIO77KOxWe/e6Tdtlvn30EX5pkq30Y8Uzv/69GUfy7pPD859b8oLxyfyq+Km/3y65V32tV/W/l3QXr+/9/y+t/Mfzypn69d2XkdV/74vO09zW6v/+HkvWo8nK37ZHZ19cJ0xHByutbo+vUzW8fm5Xz/NP9jR1v3/4Ox9UociYj0In40Ih6LiMeztj8REU9GxNEO+f/8+lMfNq8b2Xb+vZXmP7+j878VDEfzmtZB8dxP3zdUOr4VZvnf6Hz+T1ajY9ma7bz/baddu7uaAQAA4L+nEBH7IylMbsaFwuRk7Tv8hyIK5eWV1efOLH+8NF/7jcB4lAr5k66xuueh09ltfa18OSJqXy3It5+IQvW58dfFkWp5cm65PN/v5GHAjbbp/6k/i/1uHdBzfq8Fg0v/h8Gl/8Pg2ln/39ezdgB7r0X/H+lHO4C91+rz/9M+tAPYe03937QfDBDP/2Bw6f8wuPR/GEgrI3HrH8l3DPK/tMvD79ogSndEM3oWROGOaIagR0F/35cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC65d8AAAD//9S+3I8=")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000)

111.566848ms ago: executing program 0 (id=1371):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@newtaction={0x228, 0x30, 0x100, 0x70bd2b, 0x25dfdbff, {}, [{0x214, 0x1, [@m_xt={0x1e0, 0x11, 0x0, 0x0, {{0x7}, {0x1b0, 0x2, 0x0, 0x1, [@TCA_IPT_INDEX={0x8, 0x3, 0x81b8}, @TCA_IPT_INDEX={0x8, 0x3, 0x5}, @TCA_IPT_TABLE={0x24, 0x1, 'filter\x00'}, @TCA_IPT_TABLE={0x24, 0x1, 'security\x00'}, @TCA_IPT_INDEX={0x8, 0x3, 0x10}, @TCA_IPT_TARG={0x2a, 0x6, {0xde1, 'security\x00', 0xfd, 0x6}}, @TCA_IPT_TARG={0x91, 0x6, {0x400, 'raw\x00', 0x0, 0x0, "e551cf7f01000a93d8d582eff186de4e6202e79be18d307cf609b54254e20133fa50a5cb05f29f9037a5804ef0d956f1ed4b7961dd7983b9b210df73967a9131c6f8de4b41e02c4e3081e8fec32916d3d414f56c06fd1d788edd4327a565904d51dfd4fa6fe9f4"}}, @TCA_IPT_TARG={0x89, 0x6, {0x8, 'security\x00', 0xe, 0x1000, "48680f5482bd7fde4a548136c8517f8d529507276bfdb614302173319647550f541a9e6835fbd797f8c5157c1a4bf9740249c295d619acf5a902eaf80d7bf404573026b4cb468622215481373a7ded79fbcdc839fea0e47580d9220f551c93"}}]}, {0x9, 0x6, "51eb4b8bb0"}, {0xc}, {0xc, 0x8, {0x2, 0x3}}}}, @m_sample={0x30, 0x10, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1, 0x2}}}}]}]}, 0x228}}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

99.350998ms ago: executing program 0 (id=1372):
recvmsg(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)=[{0x0}], 0x1}, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000380)={{{@in=@broadcast, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r0=>0x0, <r1=>0x0}}, {{@in6=@dev}, 0x0, @in6=@empty}}, &(0x7f0000000040)=0xe8)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x200, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x8, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
sendmsg$ETHTOOL_MSG_CHANNELS_GET(r2, &(0x7f0000000740)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000600)={&(0x7f0000000680)={0x84, 0x0, 0x200, 0x70bd25, 0x25dfdbfb, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r0}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_team\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg1\x00'}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r0}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}]}, 0x84}, 0x1, 0x0, 0x0, 0xc4}, 0x0)
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d0000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000001c0)='mm_page_alloc\x00', r4}, 0x10)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x4b2e9000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
connect$pppl2tp(r3, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r5, 0x8, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00', 0x2}}}, 0x32)
writev(r3, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x180204}], 0x1)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000000c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xffffffffffffffff, <r6=>0x0}}, './file0\x00'})
lchown(&(0x7f0000000000)='./file0\x00', r1, r6)
r7 = socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x2c)
prctl$PR_SET_KEEPCAPS(0x8, 0x0)
r8 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r9=>0x0})
r10 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r9, @ANYBLOB="00000000000000001c001a800800028004000500080000003e"], 0x44}}, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=@getqdisc={0x24, 0x26, 0x20, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, r9, {0xd, 0x5}, {0x10, 0xf}, {0x0, 0xc}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000001}, 0x20040000)
r11 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r12=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000080)={'lo\x00'})
sendmmsg(r11, &(0x7f00000002c0), 0x40000000000009f, 0x0)

94.906979ms ago: executing program 5 (id=1373):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
timer_getoverrun(0x0)

61.967069ms ago: executing program 5 (id=1374):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000bc0)={0x11, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b703000008000040850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000002c0)='sys_enter\x00', r1}, 0x10)
mq_getsetattr(0xffffffffffffffff, 0x0, 0x0)

391.66µs ago: executing program 5 (id=1375):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffe2e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = syz_open_dev$usbfs(&(0x7f0000000000), 0x200, 0x102)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)

0s ago: executing program 5 (id=1376):
readv(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x8000000000, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, @perf_bp={0x0, 0x13}, 0x2, 0xffffffff, 0x6, 0x6, 0x4, 0x1, 0xfff9, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0xb)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, 0xffffffffffffffff)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f00000002c0)={{0x1, 0x1, 0x18, r1, {0xffffff01}}, './file1\x00'})
pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = fsmount(0xffffffffffffffff, 0x0, 0x5)
mount_setattr(r2, &(0x7f0000000000)='.\x00', 0x0, &(0x7f0000000200)={0x5}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000280)={@fallback, 0xffffffffffffffff, 0x2e, 0x1, 0xffffffffffffffff, @void, @value}, 0x20)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@deltaction={0x34, 0x18, 0x1, 0x70bd25, 0x25dfdbfe, {0xa}, [@TCA_ACT_TAB={0x20, 0x1, [{0xc, 0x7d, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0x10, 0x8, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'csum\x00'}}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x44094}, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000001240)='./file2\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x11ff, &(0x7f0000001280)="$eJzs3E+LHEUYB+B315iNG/ePGqMJiIVe9NJk9+BFL4tsQDKgJFkhEYSO26vDtDPD9LAwIkZPXv0cIojgTRBvetmL30DwthePEcSWndEko5PDSEiH5Xku80LVb6jqphuq6erD1774sLNXZXv5MBYXFmKxH5FupUixGP/4NF5+9cefnrty7fqlrVZr+3JKF7eubrySUlp9/vt3Pv7qhR+Gp9/+dvW7pThYf/fwt81fD84enDv88+oH7Sq1q9TtDVOebvR6w/xGWaTddtXJUnqrLPKqSO1uVQym2vfKXr8/Snl3d2W5PyiqKuXdUeoUozTspeFglPL383Y3ZVmWVpaD+Z24Xe18eauu64i6fjRORl3X9WOxHKfj8ViJ1ViL9Xginoyn4kw8HWfjmXg2vvnl69FRAgAAAAAAAAAAAAAAAAAAALh/5t3/f27cq+lRAwAAAAAAAAAAAAAAAAAAwPFy5dr1S1ut1vbllE5FlJ/v7+zvTH4n7Vt70Y4yirgQa/FHjHf/T0zqi2+0ti+ksfX4rLz5d/7m/s4j0/mN8ecEZuY3Jvk0nV+K5bvzm7EWZ2bnN2fmT8VLL96Vz2Itfn4velHGbhxl7+Q/2Ujp9Tdb/8qfH/cDAACA4yBLt81cv2fZvdon+TmeD0ytr4+y5080OnUiohp91MnLshgoHvriZLPD+L2u6+YPQkPFva+UpYj43/+8EBEPxwT/UzR9Z+JBuHPSmx4JAAAAAAAAAAAA83gQrxM2PUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YgeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHwVAAD//+pd0x0=")
openat$selinux_attr(0xffffffffffffff9c, 0x0, 0x2, 0x0)
execveat(0xffffffffffffff9c, &(0x7f0000000340)='./file2\x00', 0x0, 0x0, 0x0)
syz_clone3(&(0x7f0000001880)={0x100000200, 0x0, 0x0, 0x0, {0x39}, 0x0, 0x0, 0x0, 0x0}, 0x58)

kernel console output (not intermixed with test programs):

access beyond end of device
[   77.965141][ T4852] loop0: rw=0, sector=57847, nr_sectors = 1 limit=8192
[   78.083527][ T4866] netlink: 20 bytes leftover after parsing attributes in process `syz.2.461'.
[   78.085944][ T4870] netlink: 4 bytes leftover after parsing attributes in process `syz.0.464'.
[   78.101582][ T4870] bridge0: port 3(batadv0) entered disabled state
[   78.109015][ T4870] bridge_slave_1: left allmulticast mode
[   78.114745][ T4870] bridge_slave_1: left promiscuous mode
[   78.120595][ T4870] bridge0: port 2(bridge_slave_1) entered disabled state
[   78.128718][ T4870] bridge_slave_0: left allmulticast mode
[   78.134445][ T4870] bridge_slave_0: left promiscuous mode
[   78.140248][ T4870] bridge0: port 1(bridge_slave_0) entered disabled state
[   78.190700][ T4875] ip6gre1: entered allmulticast mode
[   78.382665][ T4885] xt_TPROXY: Can be used only with -p tcp or -p udp
[   78.438144][ T4885] SELinux: failed to load policy
[   78.701960][ T2145] batman_adv: batadv0: Local translation table size (80) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[   78.716365][ T2145] batman_adv: batadv0: Local translation table size (80) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:ff:00:00:2a
[   78.730906][ T2145] batman_adv: batadv0: Local translation table size (80) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:ff:aa:aa:2a
[   78.745384][ T2145] batman_adv: batadv0: Local translation table size (80) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[   78.923772][ T4905] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   78.934669][ T4905] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   79.011773][ T4910] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   79.047709][   T10] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[   79.059791][ T4911] 8021q: adding VLAN 0 to HW filter on device bond0
[   79.067499][ T4911] bond0: (slave sit0): The slave device specified does not support setting the MAC address
[   79.109018][ T4911] bond0: (slave sit0): Error -95 calling set_mac_address
[   79.278642][ T2145] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[   79.293092][ T2145] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:ff:00:00:2a
[   79.307585][ T2145] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:ff:aa:aa:2a
[   79.323110][ T2145] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[   79.661523][ T4959] syz.3.477: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0
[   79.677148][ T4959] CPU: 0 UID: 0 PID: 4959 Comm: syz.3.477 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(voluntary) 
[   79.677201][ T4959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   79.677221][ T4959] Call Trace:
[   79.677229][ T4959]  <TASK>
[   79.677238][ T4959]  dump_stack_lvl+0xf6/0x150
[   79.677276][ T4959]  dump_stack+0x15/0x1a
[   79.677361][ T4959]  warn_alloc+0x145/0x1b0
[   79.677405][ T4959]  ? audit_log_end+0x1d0/0x1e0
[   79.677438][ T4959]  ? __vmalloc_node_range_noprof+0x8a/0xe80
[   79.677478][ T4959]  __vmalloc_node_range_noprof+0xac/0xe80
[   79.677527][ T4959]  ? slow_avc_audit+0xff/0x140
[   79.677577][ T4959]  vmalloc_user_noprof+0x59/0x70
[   79.677613][ T4959]  ? xskq_create+0x79/0xd0
[   79.677646][ T4959]  xskq_create+0x79/0xd0
[   79.677731][ T4959]  xsk_init_queue+0x82/0xd0
[   79.677765][ T4959]  xsk_setsockopt+0x3fe/0x550
[   79.677799][ T4959]  ? __pfx_xsk_setsockopt+0x10/0x10
[   79.677880][ T4959]  __sys_setsockopt+0x187/0x200
[   79.677912][ T4959]  __x64_sys_setsockopt+0x66/0x80
[   79.677945][ T4959]  x64_sys_call+0x2a09/0x2e10
[   79.677974][ T4959]  do_syscall_64+0xc9/0x1c0
[   79.678015][ T4959]  ? clear_bhb_loop+0x25/0x80
[   79.678041][ T4959]  ? clear_bhb_loop+0x25/0x80
[   79.678069][ T4959]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.678240][ T4959] RIP: 0033:0x7f35517bd169
[   79.678262][ T4959] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   79.678283][ T4959] RSP: 002b:00007f354fe1f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   79.678367][ T4959] RAX: ffffffffffffffda RBX: 00007f35519d5fa0 RCX: 00007f35517bd169
[   79.678383][ T4959] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000004
[   79.678424][ T4959] RBP: 00007f355183e2a0 R08: 0000000000000004 R09: 0000000000000000
[   79.678436][ T4959] R10: 0000200000000900 R11: 0000000000000246 R12: 0000000000000000
[   79.678447][ T4959] R13: 0000000000000000 R14: 00007f35519d5fa0 R15: 00007ffc0174c428
[   79.678495][ T4959]  </TASK>
[   79.883294][ T4959] Mem-Info:
[   79.886424][ T4959] active_anon:4642 inactive_anon:6 isolated_anon:0
[   79.886424][ T4959]  active_file:4107 inactive_file:2390 isolated_file:0
[   79.886424][ T4959]  unevictable:0 dirty:195 writeback:0
[   79.886424][ T4959]  slab_reclaimable:2862 slab_unreclaimable:45927
[   79.886424][ T4959]  mapped:28162 shmem:1260 pagetables:877
[   79.886424][ T4959]  sec_pagetables:0 bounce:0
[   79.886424][ T4959]  kernel_misc_reclaimable:0
[   79.886424][ T4959]  free:1853024 free_pcp:26681 free_cma:0
[   79.931601][ T4959] Node 0 active_anon:18568kB inactive_anon:24kB active_file:16428kB inactive_file:9560kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:112648kB dirty:780kB writeback:0kB shmem:5040kB writeback_tmp:0kB kernel_stack:2880kB pagetables:3392kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[   79.960514][ T4959] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   79.963487][ T2145] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[   79.987355][ T4959] lowmem_reserve[]: 0 2882 7860 7860
[   80.007139][ T4959] Node 0 DMA32 free:2947808kB boost:0kB min:4132kB low:7060kB high:9988kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2951336kB mlocked:0kB bounce:0kB free_pcp:3528kB local_pcp:3528kB free_cma:0kB
[   80.035771][ T4959] lowmem_reserve[]: 0 0 4978 4978
[   80.040970][ T4959] Node 0 Normal free:4448928kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB active_anon:14624kB inactive_anon:24kB active_file:16428kB inactive_file:9560kB unevictable:0kB writepending:780kB present:5242880kB managed:5098244kB mlocked:0kB bounce:0kB free_pcp:107464kB local_pcp:93332kB free_cma:0kB
[   80.071484][ T4959] lowmem_reserve[]: 0 0 0 0
[   80.076289][ T4959] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   80.089089][ T4959] Node 0 DMA32: 4*4kB (M) 0*8kB 1*16kB (M) 4*32kB (M) 5*64kB (M) 4*128kB (M) 3*256kB (M) 4*512kB (M) 3*1024kB (M) 2*2048kB (M) 717*4096kB (M) = 2947808kB
[   80.104899][ T4959] Node 0 Normal: 497*4kB (UM) 526*8kB (UM) 487*16kB (UME) 313*32kB (UME) 188*64kB (UME) 236*128kB (UME) 98*256kB (UME) 55*512kB (UME) 76*1024kB (UME) 48*2048kB (UME) 1014*4096kB (UM) = 4448964kB
[   80.124437][ T4959] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[   80.133782][ T4959] 6782 total pagecache pages
[   80.138407][ T4959] 11 pages in swap cache
[   80.142663][ T4959] Free swap  = 124964kB
[   80.146824][ T4959] Total swap = 124996kB
[   80.151038][ T4959] 2097051 pages RAM
[   80.154852][ T4959] 0 pages HighMem/MovableOnly
[   80.159569][ T4959] 80816 pages reserved
[   80.282519][ T4967] netlink: 8 bytes leftover after parsing attributes in process `syz.2.480'.
[   80.291486][ T4967] netlink: 8 bytes leftover after parsing attributes in process `syz.2.480'.
[   81.109026][ T4971] netlink: 4 bytes leftover after parsing attributes in process `syz.0.481'.
[   81.235021][ T4988] loop3: detected capacity change from 0 to 512
[   81.241869][ T4988] EXT4-fs: dax option not supported
[   81.261833][ T4988] loop3: detected capacity change from 0 to 512
[   81.268400][ T4988] ext4: Unknown parameter 'obj_user'
[   81.311137][ T4989] loop0: detected capacity change from 0 to 164
[   81.359103][ T4995] netlink: 100 bytes leftover after parsing attributes in process `syz.2.489'.
[   81.447842][ T4995] netlink: 4 bytes leftover after parsing attributes in process `syz.2.489'.
[   81.697118][ T5009] netem: change failed
[   81.705649][ T5009] lo: entered promiscuous mode
[   81.710698][ T5009] lo: entered allmulticast mode
[   81.765431][ T5015] netlink: 12 bytes leftover after parsing attributes in process `syz.4.494'.
[   81.786214][ T5018] netlink: 8 bytes leftover after parsing attributes in process `syz.0.495'.
[   81.793157][ T5015] netlink: 12 bytes leftover after parsing attributes in process `syz.4.494'.
[   81.850635][   T29] kauditd_printk_skb: 317 callbacks suppressed
[   81.850652][   T29] audit: type=1400 audit(1744150650.939:3262): avc:  denied  { read } for  pid=5025 comm="syz.0.497" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   81.884565][   T29] audit: type=1400 audit(1744150650.939:3263): avc:  denied  { bind } for  pid=5012 comm="syz.2.493" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   81.903822][   T29] audit: type=1400 audit(1744150650.939:3264): avc:  denied  { write } for  pid=5012 comm="syz.2.493" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   81.923155][   T29] audit: type=1400 audit(1744150650.969:3265): avc:  denied  { open } for  pid=5025 comm="syz.0.497" path="/dev/loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   81.947924][   T29] audit: type=1400 audit(1744150650.969:3266): avc:  denied  { ioctl } for  pid=5025 comm="syz.0.497" path="/dev/loop-control" dev="devtmpfs" ino=99 ioctlcmd=0x9426 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   81.973977][   T29] audit: type=1326 audit(1744150651.009:3267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5025 comm="syz.0.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82166bd169 code=0x7ffc0000
[   81.997359][   T29] audit: type=1326 audit(1744150651.009:3268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5025 comm="syz.0.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82166bd169 code=0x7ffc0000
[   82.020759][   T29] audit: type=1326 audit(1744150651.009:3269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5025 comm="syz.0.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f82166bd169 code=0x7ffc0000
[   82.044112][   T29] audit: type=1326 audit(1744150651.009:3270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5025 comm="syz.0.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82166bd169 code=0x7ffc0000
[   82.067498][   T29] audit: type=1326 audit(1744150651.009:3271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5025 comm="syz.0.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82166bd169 code=0x7ffc0000
[   82.112510][ T3381] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   82.120127][ T3381] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   82.128621][ T3381] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   82.136475][ T3381] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   82.144041][ T3381] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   82.151802][ T3381] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   82.159266][ T3381] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   82.166709][ T3381] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   82.174221][ T3381] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   82.181808][ T3381] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   82.189305][ T3381] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   82.190361][ T5037] loop3: detected capacity change from 0 to 512
[   82.196839][ T3381] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   82.196868][ T3381] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   82.218323][ T3381] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   82.225740][ T3381] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   82.233236][ T3381] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   82.240667][ T3381] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   82.251957][ T3381] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   82.263091][ T5037] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   82.275886][ T5037] ext4 filesystem being mounted at /107/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   82.313130][ T5044] bond0: option primary: mode dependency failed, not supported in mode balance-rr(0)
[   82.336814][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.370140][ T5049] netlink: 'syz.4.503': attribute type 11 has an invalid length.
[   83.024208][ T5067] xt_hashlimit: max too large, truncated to 1048576
[   83.031877][ T5067] Cannot find set identified by id 0 to match
[   83.053111][ T5066] veth0_macvtap: left promiscuous mode
[   83.068551][ T5066] macvtap0: refused to change device tx_queue_len
[   83.083096][ T5069] loop3: detected capacity change from 0 to 512
[   83.091878][ T5069] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   83.101584][ T5069] EXT4-fs (loop3): orphan cleanup on readonly fs
[   83.110011][ T5069] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.509: bg 0: block 248: padding at end of block bitmap is not set
[   83.124851][ T5069] EXT4-fs error (device loop3): ext4_acquire_dquot:6935: comm syz.3.509: Failed to acquire dquot type 1
[   83.137630][ T5069] EXT4-fs (loop3): 1 truncate cleaned up
[   83.147246][ T5069] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   83.178761][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.179353][ T5079] 9pnet_fd: Insufficient options for proto=fd
[   83.239499][ T5082] __nla_validate_parse: 4 callbacks suppressed
[   83.239515][ T5082] netlink: 132 bytes leftover after parsing attributes in process `syz.4.514'.
[   83.292451][ T5089] loop7: detected capacity change from 0 to 16384
[   83.351883][ T5089] Invalid logical block size (7)
[   83.482079][ T5095] loop3: detected capacity change from 0 to 2048
[   83.848424][ T5105] netlink: 3 bytes leftover after parsing attributes in process `syz.1.517'.
[   83.858000][ T5105] 0ªX¹¦À: renamed from caif0
[   83.866909][ T5105] 0ªX¹¦À: entered allmulticast mode
[   83.872220][ T5105] net_ratelimit: 33 callbacks suppressed
[   83.872230][ T5105] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[   83.961069][ T5107] hub 1-0:1.0: USB hub found
[   83.965924][ T5107] hub 1-0:1.0: 8 ports detected
[   83.989471][ T5107] netlink: 8 bytes leftover after parsing attributes in process `syz.1.518'.
[   84.038737][ T5109] can-isotp: isotp_sendmsg: can_send_ret -ENETDOWN
[   84.157578][   T37] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[   84.175430][   T37] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:ff:00:00:2a
[   84.190930][   T37] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:ff:aa:aa:2a
[   84.205275][   T37] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[   84.205525][ T5116] netlink: 16 bytes leftover after parsing attributes in process `syz.3.522'.
[   84.238140][ T5117] netlink: 12 bytes leftover after parsing attributes in process `syz.1.520'.
[   84.283014][ T5117] futex_wake_op: syz.1.520 tries to shift op by -1; fix this program
[   84.532115][ T5124] program syz.0.523 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   84.573275][ T5124] program syz.0.523 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   84.616058][ T5124] raw_sendmsg: syz.0.523 forgot to set AF_INET. Fix it!
[   84.729016][   T51] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[   84.745572][   T51] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:ff:00:00:2a
[   84.761972][   T51] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:ff:aa:aa:2a
[   84.776816][   T51] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[   84.987612][ T5131] syzkaller0: tun_chr_ioctl cmd 1074025692
[   85.017187][ T5133] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   85.044075][ T5133] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   85.299771][   T51] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[   85.581309][ T5142] netlink: 4 bytes leftover after parsing attributes in process `syz.1.529'.
[   85.654001][ T5147] sd 0:0:1:0: device reset
[   85.696721][ T5147] infiniband syz!: set down
[   85.701439][ T5147] infiniband syz!: added team_slave_0
[   85.722987][ T5147] RDS/IB: syz!: added
[   85.734108][ T5147] smc: adding ib device syz! with port count 1
[   85.759934][ T5147] smc:    ib device syz! port 1 has pnetid 
[   86.023276][ T5162] netlink: 8 bytes leftover after parsing attributes in process `syz.1.535'.
[   86.032623][ T5162] netlink: 8 bytes leftover after parsing attributes in process `syz.1.535'.
[   86.339456][ T5174] rdma_op ffff888116c80d80 conn xmit_rdma 0000000000000000
[   86.590940][ T5177] Cannot find add_set index 0 as target
[   86.730103][ T5185] netlink: 'syz.0.541': attribute type 4 has an invalid length.
[   86.767970][ T5187] loop3: detected capacity change from 0 to 1024
[   86.819373][ T5187] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   87.304060][ T5197] netlink: 16 bytes leftover after parsing attributes in process `syz.4.542'.
[   87.317095][ T5197] infiniband srz1: RDMA CMA: cma_listen_on_dev, error -98
[   87.372795][   T29] kauditd_printk_skb: 236 callbacks suppressed
[   87.379084][   T29] audit: type=1326 audit(1744150656.459:3506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5186 comm="syz.3.543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35517bd169 code=0x7ffc0000
[   87.402483][   T29] audit: type=1326 audit(1744150656.459:3507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5186 comm="syz.3.543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35517bd169 code=0x7ffc0000
[   87.618549][   T29] audit: type=1326 audit(1744150656.459:3508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5186 comm="syz.3.543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=43 compat=0 ip=0x7f35517bd169 code=0x7ffc0000
[   87.642041][   T29] audit: type=1326 audit(1744150656.459:3509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5186 comm="syz.3.543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35517bd169 code=0x7ffc0000
[   87.665486][   T29] audit: type=1326 audit(1744150656.459:3510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5186 comm="syz.3.543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f35517bd169 code=0x7ffc0000
[   87.688809][   T29] audit: type=1326 audit(1744150656.459:3511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5186 comm="syz.3.543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35517bd169 code=0x7ffc0000
[   87.712147][   T29] audit: type=1326 audit(1744150656.459:3512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5186 comm="syz.3.543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7f35517bd169 code=0x7ffc0000
[   87.735562][   T29] audit: type=1326 audit(1744150656.459:3513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5186 comm="syz.3.543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35517bd169 code=0x7ffc0000
[   87.758911][   T29] audit: type=1326 audit(1744150656.459:3514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5186 comm="syz.3.543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=450 compat=0 ip=0x7f35517bd169 code=0x7ffc0000
[   87.785114][   T29] audit: type=1326 audit(1744150656.459:3515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5186 comm="syz.3.543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35517bd169 code=0x7ffc0000
[   87.836290][ T5187] loop3: detected capacity change from 0 to 512
[   87.845760][ T5187] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[   87.859783][ T5187] EXT4-fs error (device loop3): __ext4_fill_super:5502: inode #2: comm syz.3.543: casefold flag without casefold feature
[   87.887758][ T5187] EXT4-fs (loop3): get root inode failed
[   87.893465][ T5187] EXT4-fs (loop3): mount failed
[   87.931349][ T5210] netlink: 8 bytes leftover after parsing attributes in process `syz.2.548'.
[   87.968525][ T5187] Falling back ldisc for ttyS3.
[   88.043723][ T5203] 9pnet_virtio: no channels available for device 
[   88.078351][ T5203] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(12)
[   88.085091][ T5203] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   88.092842][ T5203] vhci_hcd vhci_hcd.0: Device attached
[   88.122177][ T5203] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(14)
[   88.128838][ T5203] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   88.136589][ T5203] vhci_hcd vhci_hcd.0: Device attached
[   88.155110][ T5203] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   88.180807][ T5220] vhci_hcd: connection closed
[   88.184231][ T1929] vhci_hcd: stop threads
[   88.194125][ T1929] vhci_hcd: release socket
[   88.199080][ T1929] vhci_hcd: disconnect device
[   88.207636][ T5217] vhci_hcd: connection closed
[   88.216219][ T1929] vhci_hcd: stop threads
[   88.225529][ T1929] vhci_hcd: release socket
[   88.230026][ T1929] vhci_hcd: disconnect device
[   88.277528][ T3439] vhci_hcd: vhci_device speed not set
[   88.697069][ T3184] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[   88.909232][   T37] net_ratelimit: 23 callbacks suppressed
[   88.909248][   T37] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[   88.929468][   T37] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:ff:00:00:2a
[   88.943907][   T37] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:ff:aa:aa:2a
[   88.958846][   T37] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[   89.299748][ T3184] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[   89.310607][ T3184] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[   89.482498][   T12] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[   89.496897][   T12] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:ff:00:00:2a
[   89.511423][   T12] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:ff:aa:aa:2a
[   89.525741][   T12] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[   89.926911][ T5297] __nla_validate_parse: 1 callbacks suppressed
[   89.926926][ T5297] netlink: 16 bytes leftover after parsing attributes in process `syz.3.555'.
[   90.049542][   T12] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[   90.064020][   T12] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:ff:00:00:2a
[   90.128617][ T5313] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[   90.142698][ T5310] loop3: detected capacity change from 0 to 164
[   90.605336][ T5340] netlink: 'syz.1.559': attribute type 13 has an invalid length.
[   90.678829][ T5340] 8021q: adding VLAN 0 to HW filter on device bond0
[   90.687304][ T5340] 8021q: adding VLAN 0 to HW filter on device team0
[   90.936327][ T5348] netlink: 8 bytes leftover after parsing attributes in process `syz.0.560'.
[   90.945234][ T5348] netlink: 8 bytes leftover after parsing attributes in process `syz.0.560'.
[   91.143538][ T3381] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   91.151679][ T3381] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   91.242017][ T5380] loop3: detected capacity change from 0 to 512
[   91.264999][ T5380] EXT4-fs (loop3): orphan cleanup on readonly fs
[   91.281810][ T5380] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm kfree: bg 0: block 248: padding at end of block bitmap is not set
[   91.299778][ T5380] EXT4-fs error (device loop3): ext4_acquire_dquot:6935: comm kfree: Failed to acquire dquot type 1
[   91.316412][ T5380] EXT4-fs (loop3): 1 truncate cleaned up
[   91.338211][ T5380] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   91.380214][ T3310] EXT4-fs error (device loop3): ext4_lookup:1793: inode #2: comm syz-executor: deleted inode referenced: 12
[   91.393362][ T3310] EXT4-fs error (device loop3): ext4_lookup:1793: inode #2: comm syz-executor: deleted inode referenced: 12
[   91.517650][ T5414] netlink: 100 bytes leftover after parsing attributes in process `syz.0.566'.
[   91.684470][ T1929] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.740836][ T1929] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.785074][    C1] vcan0: j1939_tp_rxtimer: 0xffff888117eab400: rx timeout, send abort
[   91.860751][ T1929] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.886346][ T5425] chnl_net:caif_netlink_parms(): no params data found
[   91.946107][ T1929] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.959953][ T5425] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.967470][ T5425] bridge0: port 1(bridge_slave_0) entered disabled state
[   91.975617][ T5425] bridge_slave_0: entered allmulticast mode
[   91.984330][ T5425] bridge_slave_0: entered promiscuous mode
[   91.992039][ T5425] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.999205][ T5425] bridge0: port 2(bridge_slave_1) entered disabled state
[   92.018904][ T5425] bridge_slave_1: entered allmulticast mode
[   92.034355][ T5425] bridge_slave_1: entered promiscuous mode
[   92.088410][ T5425] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   92.213062][ T1929] bond0 (unregistering): Released all slaves
[   92.231930][ T5425] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   92.262632][ T5456] netlink: 8 bytes leftover after parsing attributes in process `syz.4.576'.
[   92.267857][ T5425] team0: Port device team_slave_0 added
[   92.271487][ T5456] netlink: 8 bytes leftover after parsing attributes in process `syz.4.576'.
[   92.285836][    C1] vcan0: j1939_tp_rxtimer: 0xffff888117eaaa00: rx timeout, send abort
[   92.287883][ T5425] team0: Port device team_slave_1 added
[   92.294070][    C1] vcan0: j1939_tp_rxtimer: 0xffff888117eab400: abort rx timeout. Force session deactivation
[   92.387857][   T29] kauditd_printk_skb: 435 callbacks suppressed
[   92.387872][   T29] audit: type=1326 audit(1744150661.459:3949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5460 comm="syz.0.579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82166bd169 code=0x7ffc0000
[   92.417556][   T29] audit: type=1326 audit(1744150661.459:3950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5460 comm="syz.0.579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82166bd169 code=0x7ffc0000
[   92.440920][   T29] audit: type=1326 audit(1744150661.459:3951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5460 comm="syz.0.579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f82166bd169 code=0x7ffc0000
[   92.464358][   T29] audit: type=1326 audit(1744150661.459:3952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5460 comm="syz.0.579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82166bd169 code=0x7ffc0000
[   92.469599][ T5463] netlink: 16 bytes leftover after parsing attributes in process `syz.2.580'.
[   92.488094][   T29] audit: type=1326 audit(1744150661.459:3953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5460 comm="syz.0.579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82166bd169 code=0x7ffc0000
[   92.488134][   T29] audit: type=1326 audit(1744150661.469:3954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5460 comm="syz.0.579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f82166bd169 code=0x7ffc0000
[   92.488166][   T29] audit: type=1326 audit(1744150661.469:3955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5460 comm="syz.0.579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82166bd169 code=0x7ffc0000
[   92.488220][   T29] audit: type=1326 audit(1744150661.469:3956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5460 comm="syz.0.579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82166bd169 code=0x7ffc0000
[   92.488249][   T29] audit: type=1326 audit(1744150661.479:3957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5460 comm="syz.0.579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f82166bd169 code=0x7ffc0000
[   92.488281][   T29] audit: type=1326 audit(1744150661.479:3958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5460 comm="syz.0.579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82166bd169 code=0x7ffc0000
[   92.601821][ T5474] SELinux: syz.1.578 (5474) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[   92.680953][ T1929] veth1_macvtap: left promiscuous mode
[   92.686604][ T1929] veth0_macvtap: left promiscuous mode
[   92.692439][ T1929] veth1_vlan: left promiscuous mode
[   92.699423][ T1929] veth0_vlan: left promiscuous mode
[   92.729336][ T5479] smc: ib device syz0 ibport 1 erased user defined pnetid SYZ0
[   92.785885][    C1] vcan0: j1939_tp_rxtimer: 0xffff888117eaaa00: abort rx timeout. Force session deactivation
[   92.803554][ T5425] batman_adv: batadv0: Adding interface: batadv_slave_0
[   92.810894][ T5425] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.836954][ T5425] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   92.849952][ T5425] batman_adv: batadv0: Adding interface: batadv_slave_1
[   92.857138][ T5425] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.883115][ T5425] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   92.901410][ T5477] netlink: 20 bytes leftover after parsing attributes in process `syz.4.582'.
[   92.915658][ T5484] netlink: 'syz.1.583': attribute type 27 has an invalid length.
[   92.948824][ T5484] 0ªX¹¦À: left allmulticast mode
[   92.956009][ T5484] veth0_vlan: left allmulticast mode
[   92.965235][ T5425] hsr_slave_0: entered promiscuous mode
[   92.971597][ T5425] hsr_slave_1: entered promiscuous mode
[   92.978130][ T5425] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   92.985821][ T5425] Cannot create hsr debugfs directory
[   93.044952][ T5492] bond1: entered promiscuous mode
[   93.050385][ T5492] bond1: entered allmulticast mode
[   93.055742][ T5492] 8021q: adding VLAN 0 to HW filter on device bond1
[   93.067902][ T5492] bond1 (unregistering): Released all slaves
[   93.191340][ T5425] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   93.199671][ T5502] xt_hashlimit: max too large, truncated to 1048576
[   93.209603][ T5425] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   93.218751][ T5425] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   93.228228][ T5425] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   93.250856][ T5500] netlink: 500 bytes leftover after parsing attributes in process `+}[@'.
[   93.277142][ T5500] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   93.288633][ T5425] 8021q: adding VLAN 0 to HW filter on device bond0
[   93.311902][ T5425] 8021q: adding VLAN 0 to HW filter on device team0
[   93.323322][   T37] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.330540][   T37] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.343342][   T31] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.350482][   T31] bridge0: port 2(bridge_slave_1) entered forwarding state
[   93.424335][ T5425] 8021q: adding VLAN 0 to HW filter on device batadv0
[   93.566620][ T5425] veth0_vlan: entered promiscuous mode
[   93.591948][ T5519] bond1: entered promiscuous mode
[   93.597050][ T5519] bond1: entered allmulticast mode
[   93.604386][ T5519] 8021q: adding VLAN 0 to HW filter on device bond1
[   93.613901][ T5519] bond1 (unregistering): Released all slaves
[   93.625895][ T5425] veth1_vlan: entered promiscuous mode
[   93.632108][ T5525] netlink: 'syz.4.588': attribute type 1 has an invalid length.
[   93.651658][ T5425] veth0_macvtap: entered promiscuous mode
[   93.673557][ T5425] veth1_macvtap: entered promiscuous mode
[   93.693038][ T5425] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   93.703657][ T5425] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   93.713529][ T5425] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   93.723980][ T5425] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   93.737751][ T5425] batman_adv: batadv0: Interface activated: batadv_slave_0
[   93.766288][ T5425] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   93.777111][ T5425] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   93.787341][ T5425] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   93.798039][ T5425] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   93.851921][ T5425] batman_adv: batadv0: Interface activated: batadv_slave_1
[   93.868835][ T5425] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   93.877831][ T5425] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   93.886534][ T5425] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   93.895270][ T5425] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   94.099672][ T5502] Cannot find set identified by id 0 to match
[   94.177554][   T12] net_ratelimit: 33 callbacks suppressed
[   94.177573][   T12] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[   94.197644][   T12] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:ff:00:00:2a
[   94.212016][   T12] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:ff:aa:aa:2a
[   94.226389][   T12] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[   94.269486][ T5548] IPv6: NLM_F_CREATE should be specified when creating new route
[   94.282143][ T5548] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[   94.694454][ T5563] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present!
[   94.748953][ T2145] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[   94.763507][ T2145] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:ff:00:00:2a
[   94.777814][ T2145] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:ff:aa:aa:2a
[   94.792150][ T2145] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[   94.802699][ T5570] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   95.172960][ T5587] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[   95.182398][ T5587] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5587 comm=syz.1.610
[   95.249352][ T5588] __nla_validate_parse: 1 callbacks suppressed
[   95.249372][ T5588] netlink: 4 bytes leftover after parsing attributes in process `syz.2.606'.
[   95.264563][ T5588] netlink: 4 bytes leftover after parsing attributes in process `syz.2.606'.
[   95.273432][ T5588] netlink: 4 bytes leftover after parsing attributes in process `syz.2.606'.
[   95.305184][ T5590] hub 9-0:1.0: USB hub found
[   95.310048][ T5590] hub 9-0:1.0: 8 ports detected
[   95.335820][ T5591] netlink: 3 bytes leftover after parsing attributes in process `syz.1.610'.
[   95.349537][ T2145] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[   95.363888][ T2145] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:ff:00:00:2a
[   95.405948][ T5591] 1ªX¹¦À: renamed from 
60ªX¹¦À
[   95.440589][ T5591] 1ªX¹¦À: entered allmulticast mode
[   95.481757][ T5597] SELinux: syz.4.608 (5597) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[   96.135422][ T5604] Cannot find del_set index 0 as target
[   96.160915][ T5604] netlink: 32 bytes leftover after parsing attributes in process `syz.2.614'.
[   96.553144][ T5620] team0 (unregistering): Port device team_slave_0 removed
[   96.611585][ T5620] team0 (unregistering): Port device team_slave_1 removed
[   97.266320][ T5630] netlink: 76 bytes leftover after parsing attributes in process `syz.0.621'.
[   98.023022][   T29] kauditd_printk_skb: 522 callbacks suppressed
[   98.023036][   T29] audit: type=1326 audit(1744150667.109:4481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5627 comm="syz.2.620" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fdfbe9bd169 code=0x0
[   98.152768][ T5640] netlink: 8 bytes leftover after parsing attributes in process `syz.1.623'.
[   98.171131][ T5641] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.622'.
[   98.229408][   T29] audit: type=1400 audit(1744150667.309:4482): avc:  denied  { write } for  pid=5637 comm="syz.0.622" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   98.289621][ T5638] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.622'.
[   98.429450][   T29] audit: type=1400 audit(1744150667.339:4483): avc:  denied  { egress } for  pid=36 comm="kworker/1:1" saddr=fe80::1b daddr=ff02::2 netif=gretap0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:netif_t tclass=netif permissive=1
[   98.453221][   T29] audit: type=1400 audit(1744150667.339:4484): avc:  denied  { sendto } for  pid=36 comm="kworker/1:1" saddr=fe80::1b daddr=ff02::2 netif=gretap0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:node_t tclass=node permissive=1
[   98.494682][ T5646] netlink: 40 bytes leftover after parsing attributes in process `syz.0.624'.
[   98.560355][   T29] audit: type=1326 audit(1744150667.649:4485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5636 comm="syz.1.623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f082e09d169 code=0x7ffc0000
[   98.583897][   T29] audit: type=1326 audit(1744150667.649:4486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5636 comm="syz.1.623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f082e09d169 code=0x7ffc0000
[   98.607348][   T29] audit: type=1326 audit(1744150667.649:4487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5636 comm="syz.1.623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=245 compat=0 ip=0x7f082e09d169 code=0x7ffc0000
[   98.632131][   T29] audit: type=1326 audit(1744150667.649:4488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5636 comm="syz.1.623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f082e09d169 code=0x7ffc0000
[   98.650517][ T5651] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   98.655680][   T29] audit: type=1326 audit(1744150667.649:4489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5636 comm="syz.1.623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f082e09d169 code=0x7ffc0000
[   98.685801][   T29] audit: type=1326 audit(1744150667.649:4490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5636 comm="syz.1.623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=322 compat=0 ip=0x7f082e09d169 code=0x7ffc0000
[   99.047271][ T5662] binfmt_misc: register: failed to install interpreter file ./file2
[   99.160358][ T5665] team0 (unregistering): Port device team_slave_0 removed
[   99.185095][ T5665] team0 (unregistering): Port device team_slave_1 removed
[   99.587603][ T2145] net_ratelimit: 31 callbacks suppressed
[   99.587619][ T2145] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[   99.607776][ T2145] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:ff:00:00:2a
[   99.622083][ T2145] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:ff:aa:aa:2a
[   99.636431][ T2145] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[   99.991540][ T5679] SELinux:  Context system_u:object_r:framebuf_device_t:s0 is not valid (left unmapped).
[  100.080902][ T5682] 9pnet_fd: Insufficient options for proto=fd
[  100.157569][  T174] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[  100.171970][  T174] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:ff:00:00:2a
[  100.186367][  T174] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:ff:aa:aa:2a
[  100.200700][  T174] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  100.344673][ T5696] __nla_validate_parse: 2 callbacks suppressed
[  100.344687][ T5696] netlink: 8 bytes leftover after parsing attributes in process `syz.0.640'.
[  100.359806][ T5696] netlink: 8 bytes leftover after parsing attributes in process `syz.0.640'.
[  100.412142][ T5702] netlink: 36 bytes leftover after parsing attributes in process `syz.5.644'.
[  100.421570][ T5705] batman_adv: batadv0: Local translation table size (68) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:2a
[  100.440223][ T5702] netlink: 4 bytes leftover after parsing attributes in process `syz.5.644'.
[  100.451134][ T5705] netlink: 'syz.0.643': attribute type 10 has an invalid length.
[  100.477617][ T5705] batadv0: left promiscuous mode
[  100.482620][ T5705] batadv0: left allmulticast mode
[  100.510313][ T5705] xt_CT: You must specify a L4 protocol and not use inversions on it
[  100.511122][ T5702] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5702 comm=syz.5.644
[  100.659573][ T5716] netlink: 16 bytes leftover after parsing attributes in process `syz.2.647'.
[  100.706736][ T5719] netlink: 4 bytes leftover after parsing attributes in process `syz.5.648'.
[  100.722820][   T12] batman_adv: batadv0: Local translation table size (68) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[  101.216841][ T5724] SELinux:  Context system_u:object_r:semanage_exec_t:s0 is not valid (left unmapped).
[  101.450165][ T5729] netlink: 28 bytes leftover after parsing attributes in process `syz.2.650'.
[  101.469285][ T5729] netlink: 28 bytes leftover after parsing attributes in process `syz.2.650'.
[  101.495546][ T5739] netlink: 'syz.4.653': attribute type 10 has an invalid length.
[  101.504850][ T5739] 8021q: adding VLAN 0 to HW filter on device batadv0
[  101.514344][ T5739] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  101.527223][ T5741] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  101.536010][ T5741] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  101.542109][ T5739] xt_CT: You must specify a L4 protocol and not use inversions on it
[  101.690712][ T5753] wireguard0: entered promiscuous mode
[  101.696294][ T5753] wireguard0: entered allmulticast mode
[  101.731650][ T5757] batman_adv: batadv0: Removing interface: batadv_slave_1
[  101.801725][ T5759] usb usb1: check_ctrlrecip: process 5759 (syz.1.655) requesting ep 01 but needs 81
[  101.812983][ T5759] vhci_hcd: default hub control req: 0200 v0000 i0001 l0
[  101.951868][ T5763] gtp calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  101.962621][ T5763] netlink: 'gtp': attribute type 4 has an invalid length.
[  101.969860][ T5763] netlink: 152 bytes leftover after parsing attributes in process `gtp'.
[  101.984801][ T5763] : renamed from bond0 (while UP)
[  102.073147][ T5761] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  102.091813][ T5761] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  102.200250][ T5781] netlink: 16 bytes leftover after parsing attributes in process `syz.4.666'.
[  102.269592][ T5783] netlink: 'syz.0.665': attribute type 27 has an invalid length.
[  102.312339][ T5783] batman_adv: batadv0: Interface deactivated: dummy0
[  102.358232][ T5783] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  102.372443][ T5783] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  102.403122][ T5783] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  102.412373][ T5783] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  102.421419][ T5783] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  102.430442][ T5783] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  102.456986][ T5787] SELinux: security policydb version 17 (MLS) not backwards compatible
[  102.484232][ T5787] SELinux: failed to load policy
[  103.052139][   T29] kauditd_printk_skb: 413 callbacks suppressed
[  103.052157][   T29] audit: type=1400 audit(20061263.132:4904): avc:  denied  { getopt } for  pid=5802 comm="syz.1.671" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  103.079822][   T29] audit: type=1400 audit(20061263.132:4905): avc:  denied  { setopt } for  pid=5802 comm="syz.1.671" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  103.171618][   T29] audit: type=1400 audit(20061263.252:4906): avc:  denied  { ioctl } for  pid=5807 comm="syz.1.673" path="/dev/autofs" dev="devtmpfs" ino=91 ioctlcmd=0x937e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  103.222124][ T5810] 9pnet_fd: Insufficient options for proto=fd
[  103.268046][ T5806] xt_time: unknown flags 0xc
[  103.320099][   T29] audit: type=1326 audit(20061263.402:4907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5819 comm="syz.5.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f566810d169 code=0x7ffc0000
[  103.344239][   T29] audit: type=1326 audit(20061263.402:4908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5819 comm="syz.5.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f566810d169 code=0x7ffc0000
[  103.367702][   T29] audit: type=1326 audit(20061263.402:4909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5819 comm="syz.5.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=106 compat=0 ip=0x7f566810d169 code=0x7ffc0000
[  103.390914][   T29] audit: type=1326 audit(20061263.402:4910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5819 comm="syz.5.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f566810d169 code=0x7ffc0000
[  103.414169][   T29] audit: type=1326 audit(20061263.402:4911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5819 comm="syz.5.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f566810d169 code=0x7ffc0000
[  103.437297][   T29] audit: type=1326 audit(20061263.402:4912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5819 comm="syz.5.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f566810d169 code=0x7ffc0000
[  103.460524][   T29] audit: type=1326 audit(20061263.402:4913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5819 comm="syz.5.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f566810d169 code=0x7ffc0000
[  103.532115][ T5825] bridge_slave_0: left allmulticast mode
[  103.537894][ T5825] bridge_slave_0: left promiscuous mode
[  103.543538][ T5825] bridge0: port 1(bridge_slave_0) entered disabled state
[  103.554468][ T5825] bridge_slave_1: left allmulticast mode
[  103.560212][ T5825] bridge_slave_1: left promiscuous mode
[  103.565945][ T5825] bridge0: port 2(bridge_slave_1) entered disabled state
[  103.566654][ T5830] rdma_rxe: rxe_newlink: failed to add ip6gretap0
[  103.582731][ T5825] bond0: (slave bond_slave_0): Releasing backup interface
[  103.592707][ T5825] bond0: (slave bond_slave_1): Releasing backup interface
[  103.602746][ T5825] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  103.610310][ T5825] batman_adv: batadv0: Removing interface: batadv_slave_0
[  103.624154][ T5831] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  103.624394][ T5825] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  103.641397][ T5825] batman_adv: batadv0: Removing interface: batadv_slave_1
[  103.739801][ T5837] block device autoloading is deprecated and will be removed.
[  103.794452][ T5846] loop4: detected capacity change from 0 to 4096
[  103.814853][ T5850] xt_TPROXY: Can be used only with -p tcp or -p udp
[  103.824116][ T5842] blk_print_req_error: 31 callbacks suppressed
[  103.824132][ T5842] I/O error, dev loop7, sector 3840 op 0x0:(READ) flags 0x80700 phys_seg 9 prio class 0
[  103.844313][ T5842] I/O error, dev loop7, sector 4096 op 0x0:(READ) flags 0x80700 phys_seg 8 prio class 0
[  103.856000][ T5842] I/O error, dev loop7, sector 3840 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  103.865481][ T5842] buffer_io_error: 568 callbacks suppressed
[  103.865495][ T5842] Buffer I/O error on dev loop7, logical block 480, async page read
[  103.887843][ T5846] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.907824][ T5840] I/O error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  103.914224][ T5846] dvmrp5: entered allmulticast mode
[  103.917619][ T5840] Buffer I/O error on dev loop7, logical block 0, lost async page write
[  103.931351][ T5840] Buffer I/O error on dev loop7, logical block 1, lost async page write
[  103.935178][ T5846] dvmrp5: left allmulticast mode
[  103.939736][ T5840] Buffer I/O error on dev loop7, logical block 2, lost async page write
[  103.953086][ T5840] Buffer I/O error on dev loop7, logical block 3, lost async page write
[  103.961493][ T5840] Buffer I/O error on dev loop7, logical block 4, lost async page write
[  103.969874][ T5840] Buffer I/O error on dev loop7, logical block 5, lost async page write
[  103.978364][ T5840] Buffer I/O error on dev loop7, logical block 6, lost async page write
[  103.986733][ T5840] Buffer I/O error on dev loop7, logical block 7, lost async page write
[  103.995129][ T5840] Buffer I/O error on dev loop7, logical block 8, lost async page write
[  104.006537][ T5861] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  104.013781][ T5840] I/O error, dev loop7, sector 1024 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  104.028789][ T5861] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  104.046170][ T5840] I/O error, dev loop7, sector 2048 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  104.093652][ T3302] EXT4-fs error (device loop4): ext4_readdir:264: inode #12: block 80: comm syz-executor: path /137/file1/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  104.094558][ T5840] I/O error, dev loop7, sector 3072 op 0x1:(WRITE) flags 0x800 phys_seg 96 prio class 0
[  104.136594][ T3302] EXT4-fs error (device loop4): ext4_empty_dir:3095: inode #12: block 80: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  104.159508][ T3302] EXT4-fs warning (device loop4): ext4_empty_dir:3097: inode #12: comm syz-executor: directory missing '..'
[  104.159651][ T3302] EXT4-fs error (device loop4): ext4_readdir:264: inode #12: block 80: comm syz-executor: path /137/file1/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  104.159939][ T3302] EXT4-fs error (device loop4): ext4_empty_dir:3095: inode #12: block 80: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  104.168094][ T3302] EXT4-fs warning (device loop4): ext4_empty_dir:3097: inode #12: comm syz-executor: directory missing '..'
[  104.168233][ T3302] EXT4-fs error (device loop4): ext4_readdir:264: inode #12: block 80: comm syz-executor: path /137/file1/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  104.168580][ T3302] EXT4-fs error (device loop4): ext4_empty_dir:3095: inode #12: block 80: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  104.168775][ T3302] EXT4-fs warning (device loop4): ext4_empty_dir:3097: inode #12: comm syz-executor: directory missing '..'
[  104.168897][ T3302] EXT4-fs error (device loop4): ext4_readdir:264: inode #12: block 80: comm syz-executor: path /137/file1/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  104.169188][ T3302] EXT4-fs error (device loop4): ext4_empty_dir:3095: inode #12: block 80: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  104.169373][ T3302] EXT4-fs warning (device loop4): ext4_empty_dir:3097: inode #12: comm syz-executor: directory missing '..'
[  104.169559][ T3302] EXT4-fs error (device loop4): ext4_readdir:264: inode #12: block 80: comm syz-executor: path /137/file1/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  104.169829][ T3302] EXT4-fs error (device loop4): ext4_empty_dir:3095: inode #12: block 80: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  104.169964][ T3302] EXT4-fs warning (device loop4): ext4_empty_dir:3097: inode #12: comm syz-executor: directory missing '..'
[  104.170369][ T3302] EXT4-fs warning (device loop4): ext4_empty_dir:3097: inode #12: comm syz-executor: directory missing '..'
[  104.170926][ T3302] EXT4-fs warning (device loop4): ext4_empty_dir:3097: inode #12: comm syz-executor: directory missing '..'
[  104.171349][ T3302] EXT4-fs warning (device loop4): ext4_empty_dir:3097: inode #12: comm syz-executor: directory missing '..'
[  104.171782][ T3302] EXT4-fs warning (device loop4): ext4_empty_dir:3097: inode #12: comm syz-executor: directory missing '..'
[  104.172198][ T3302] EXT4-fs warning (device loop4): ext4_empty_dir:3097: inode #12: comm syz-executor: directory missing '..'
[  104.421965][ T5884] 8021q: VLANs not supported on ip6_vti0
[  104.728122][ T5911] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  105.011031][ T5947] siw: device registration error -23
[  105.193286][ T5907] chnl_net:caif_netlink_parms(): no params data found
[  105.274877][ T5907] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.282107][ T5907] bridge0: port 1(bridge_slave_0) entered disabled state
[  105.290188][ T5907] bridge_slave_0: entered allmulticast mode
[  105.297258][ T5907] bridge_slave_0: entered promiscuous mode
[  105.304489][ T5907] bridge0: port 2(bridge_slave_1) entered blocking state
[  105.311709][ T5907] bridge0: port 2(bridge_slave_1) entered disabled state
[  105.319215][ T5907] bridge_slave_1: entered allmulticast mode
[  105.325972][ T5907] bridge_slave_1: entered promiscuous mode
[  105.361733][ T5907] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  105.373640][ T5907] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  105.401816][ T5907] team0: Port device team_slave_0 added
[  105.413466][ T5907] team0: Port device team_slave_1 added
[  105.439808][ T5907] batman_adv: batadv0: Adding interface: batadv_slave_0
[  105.446904][ T5907] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  105.472991][ T5907] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  105.487556][ T5907] batman_adv: batadv0: Adding interface: batadv_slave_1
[  105.494552][ T5907] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  105.520743][ T5907] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  105.532032][ T5978] netem: incorrect gi model size
[  105.537943][ T5978] netem: change failed
[  105.583706][ T5907] hsr_slave_0: entered promiscuous mode
[  105.591672][ T5981] x_tables: ip6_tables: sctp match: only valid for protocol 132
[  105.605147][ T5907] hsr_slave_1: entered promiscuous mode
[  105.612801][ T5907] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  105.622857][ T5907] Cannot create hsr debugfs directory
[  105.780436][ T5978] atomic_op ffff888142326528 conn xmit_atomic 0000000000000000
[  105.814821][ T5907] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  105.826894][ T5978] __nla_validate_parse: 4 callbacks suppressed
[  105.827006][ T5978] netlink: 19 bytes leftover after parsing attributes in process `syz.2.699'.
[  105.851279][ T5907] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  105.864861][ T5907] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  105.896937][ T5907] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  105.957495][ T5907] bridge0: port 2(bridge_slave_1) entered blocking state
[  105.964669][ T5907] bridge0: port 2(bridge_slave_1) entered forwarding state
[  105.971980][ T5907] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.979771][ T5907] bridge0: port 1(bridge_slave_0) entered forwarding state
[  106.051590][ T5907] 8021q: adding VLAN 0 to HW filter on device bond0
[  106.062524][  T174] bridge0: port 1(bridge_slave_0) entered disabled state
[  106.072630][  T174] bridge0: port 2(bridge_slave_1) entered disabled state
[  106.090877][ T5907] 8021q: adding VLAN 0 to HW filter on device team0
[  106.102936][  T174] bridge0: port 1(bridge_slave_0) entered blocking state
[  106.110154][  T174] bridge0: port 1(bridge_slave_0) entered forwarding state
[  106.135617][  T174] bridge0: port 2(bridge_slave_1) entered blocking state
[  106.142802][  T174] bridge0: port 2(bridge_slave_1) entered forwarding state
[  106.368044][ T5907] 8021q: adding VLAN 0 to HW filter on device batadv0
[  106.483860][ T6013] capability: warning: `syz.1.704' uses 32-bit capabilities (legacy support in use)
[  106.576539][ T5907] veth0_vlan: entered promiscuous mode
[  106.595327][ T5907] veth1_vlan: entered promiscuous mode
[  106.603274][ T5987] block device autoloading is deprecated and will be removed.
[  106.633024][ T6024] netlink: 36 bytes leftover after parsing attributes in process `syz.1.706'.
[  106.636096][ T5907] veth0_macvtap: entered promiscuous mode
[  106.652158][ T6024] x_tables: ip_tables: bpf.1 match: invalid size 528 (kernel) != (user) 536
[  106.670598][ T5907] veth1_macvtap: entered promiscuous mode
[  106.698942][ T5907] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  106.709489][ T5907] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  106.756703][ T5907] batman_adv: batadv0: Interface activated: batadv_slave_0
[  106.772509][ T5907] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  106.783143][ T5907] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  106.794396][ T5907] batman_adv: batadv0: Interface activated: batadv_slave_1
[  106.804706][ T5907] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  106.813725][ T5907] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  106.822486][ T5907] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  106.831264][ T5907] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  106.922532][ T6032] loop5: detected capacity change from 0 to 1024
[  106.956191][ T6035] netlink: 4 bytes leftover after parsing attributes in process `syz.6.691'.
[  106.965843][ T6032] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  107.058432][ T5425] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.128252][ T6047] netlink: 72 bytes leftover after parsing attributes in process `syz.5.711'.
[  107.143052][ T6047] lo: entered promiscuous mode
[  107.148023][ T6047] lo: entered allmulticast mode
[  107.164223][ T6047] loop5: detected capacity change from 0 to 1024
[  107.174523][ T6047] EXT4-fs: test_dummy_encryption option not supported
[  107.462557][ T6060] netlink: 4 bytes leftover after parsing attributes in process `syz.0.716'.
[  107.787594][ T6064] netlink: 76 bytes leftover after parsing attributes in process `syz.5.717'.
[  107.796619][ T6064] netlink: 76 bytes leftover after parsing attributes in process `syz.5.717'.
[  107.805585][ T6064] netlink: 76 bytes leftover after parsing attributes in process `syz.5.717'.
[  107.825583][ T6066] netlink: 'syz.1.718': attribute type 27 has an invalid length.
[  107.833951][ T6066] 1ªX¹¦À: left allmulticast mode
[  107.880707][ T6067] loop5: detected capacity change from 0 to 512
[  107.913161][ T6067] EXT4-fs (loop5): 1 orphan inode deleted
[  107.921637][ T6067] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  108.402534][   T12] __quota_error: 500 callbacks suppressed
[  108.402553][   T12] Quota error (device loop5): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  108.418287][   T12] EXT4-fs error (device loop5): ext4_release_dquot:6971: comm kworker/u8:0: Failed to release dquot type 1
[  108.519762][ T6083] netlink: 'syz.1.720': attribute type 13 has an invalid length.
[  108.532581][ T6082] netlink: 8 bytes leftover after parsing attributes in process `syz.0.722'.
[  108.557723][ T6083] 8021q: adding VLAN 0 to HW filter on device bond0
[  108.567528][ T6083] net_ratelimit: 3 callbacks suppressed
[  108.567540][ T6083] A link change request failed with some changes committed already. Interface 
61ªX¹¦À may have been left with an inconsistent configuration, please check.
[  108.590199][ T6082] 8021q: VLANs not supported on ip6_vti0
[  108.608840][ T5425] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.746620][   T29] audit: type=1400 audit(20061268.823:5414): avc:  denied  { read } for  pid=6089 comm="syz.5.725" laddr=127.0.0.1 lport=48336 faddr=127.0.0.1 fport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  108.793231][   T29] audit: type=1326 audit(20061268.863:5415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6095 comm="syz.6.726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b9c27d169 code=0x7ffc0000
[  108.816512][   T29] audit: type=1326 audit(20061268.863:5416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6095 comm="syz.6.726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b9c27d169 code=0x7ffc0000
[  108.839832][   T29] audit: type=1326 audit(20061268.863:5417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6095 comm="syz.6.726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f0b9c27d169 code=0x7ffc0000
[  108.862969][   T29] audit: type=1326 audit(20061268.863:5418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6095 comm="syz.6.726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b9c27d169 code=0x7ffc0000
[  108.886186][   T29] audit: type=1326 audit(20061268.863:5419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6095 comm="syz.6.726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b9c27d169 code=0x7ffc0000
[  108.904038][ T6101] loop5: detected capacity change from 0 to 512
[  108.909617][   T29] audit: type=1326 audit(20061268.863:5420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6095 comm="syz.6.726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=438 compat=0 ip=0x7f0b9c27d169 code=0x7ffc0000
[  108.909702][   T29] audit: type=1326 audit(20061268.863:5421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6095 comm="syz.6.726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b9c27d169 code=0x7ffc0000
[  108.909733][   T29] audit: type=1326 audit(20061268.863:5422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6095 comm="syz.6.726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b9c27d169 code=0x7ffc0000
[  108.933962][ T6101] EXT4-fs: Invalid want_extra_isize 5
[  109.030486][ T6106] netlink: 8 bytes leftover after parsing attributes in process `syz.2.729'.
[  109.550402][ T6096] syz.6.726 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  109.564498][ T6096] CPU: 0 UID: 0 PID: 6096 Comm: syz.6.726 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(voluntary) 
[  109.564546][ T6096] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  109.564562][ T6096] Call Trace:
[  109.564569][ T6096]  <TASK>
[  109.564578][ T6096]  dump_stack_lvl+0xf6/0x150
[  109.564608][ T6096]  dump_stack+0x15/0x1a
[  109.564628][ T6096]  dump_header+0x83/0x2d0
[  109.564663][ T6096]  oom_kill_process+0x341/0x4c0
[  109.564811][ T6096]  out_of_memory+0x9d1/0xc20
[  109.564845][ T6096]  mem_cgroup_out_of_memory+0x13f/0x190
[  109.564894][ T6096]  try_charge_memcg+0x59f/0x820
[  109.564935][ T6096]  obj_cgroup_charge_pages+0xc0/0x1a0
[  109.564991][ T6096]  __memcg_kmem_charge_page+0x9d/0x170
[  109.565023][ T6096]  __alloc_frozen_pages_noprof+0x1a6/0x360
[  109.565065][ T6096]  alloc_pages_mpol+0xb6/0x260
[  109.565159][ T6096]  alloc_pages_noprof+0xe8/0x130
[  109.565190][ T6096]  __vmalloc_node_range_noprof+0x6ea/0xe80
[  109.565242][ T6096]  __kvmalloc_node_noprof+0x311/0x520
[  109.565272][ T6096]  ? ip_set_alloc+0x1f/0x30
[  109.565301][ T6096]  ? ip_set_alloc+0x1f/0x30
[  109.565389][ T6096]  ? __kmalloc_cache_noprof+0x292/0x320
[  109.565420][ T6096]  ip_set_alloc+0x1f/0x30
[  109.565441][ T6096]  hash_netiface_create+0x273/0x730
[  109.565466][ T6096]  ? __nla_parse+0x40/0x60
[  109.565504][ T6096]  ? __pfx_hash_netiface_create+0x10/0x10
[  109.565574][ T6096]  ip_set_create+0x3b6/0x970
[  109.565626][ T6096]  ? __nla_parse+0x40/0x60
[  109.565665][ T6096]  nfnetlink_rcv_msg+0x4ba/0x580
[  109.565818][ T6096]  netlink_rcv_skb+0x12f/0x230
[  109.565847][ T6096]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  109.565917][ T6096]  nfnetlink_rcv+0x187/0x1610
[  109.565953][ T6096]  ? __kfree_skb+0x102/0x150
[  109.565986][ T6096]  ? nlmon_xmit+0x51/0x60
[  109.566103][ T6096]  ? __kfree_skb+0x102/0x150
[  109.566132][ T6096]  ? consume_skb+0x49/0x160
[  109.566161][ T6096]  ? nlmon_xmit+0x51/0x60
[  109.566201][ T6096]  ? dev_hard_start_xmit+0x3d1/0x400
[  109.566277][ T6096]  ? __dev_queue_xmit+0xb76/0x20b0
[  109.566320][ T6096]  ? should_fail_ex+0x31/0x270
[  109.566351][ T6096]  ? ref_tracker_free+0x3b8/0x420
[  109.566392][ T6096]  ? __netlink_deliver_tap+0x4c6/0x4f0
[  109.566491][ T6096]  netlink_unicast+0x605/0x6c0
[  109.566521][ T6096]  netlink_sendmsg+0x609/0x720
[  109.566576][ T6096]  ? __pfx_netlink_sendmsg+0x10/0x10
[  109.566607][ T6096]  __sock_sendmsg+0x140/0x180
[  109.566650][ T6096]  ____sys_sendmsg+0x350/0x4e0
[  109.566764][ T6096]  __sys_sendmsg+0x1a0/0x240
[  109.566818][ T6096]  __x64_sys_sendmsg+0x46/0x50
[  109.566868][ T6096]  x64_sys_call+0x26f3/0x2e10
[  109.566897][ T6096]  do_syscall_64+0xc9/0x1c0
[  109.566933][ T6096]  ? clear_bhb_loop+0x25/0x80
[  109.566959][ T6096]  ? clear_bhb_loop+0x25/0x80
[  109.566987][ T6096]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.567019][ T6096] RIP: 0033:0x7f0b9c27d169
[  109.567039][ T6096] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  109.567062][ T6096] RSP: 002b:00007f0b9a8df038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  109.567084][ T6096] RAX: ffffffffffffffda RBX: 00007f0b9c495fa0 RCX: 00007f0b9c27d169
[  109.567099][ T6096] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000003
[  109.567111][ T6096] RBP: 00007f0b9c2fe2a0 R08: 0000000000000000 R09: 0000000000000000
[  109.567123][ T6096] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  109.567146][ T6096] R13: 0000000000000000 R14: 00007f0b9c495fa0 R15: 00007fffb3dd3918
[  109.567166][ T6096]  </TASK>
[  109.567175][ T6096] memory: usage 307200kB, limit 307200kB, failcnt 155
[  109.921197][ T6096] memory+swap: usage 307384kB, limit 9007199254740988kB, failcnt 0
[  109.929205][ T6096] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[  109.936492][ T6096] Memory cgroup stats for /syz6:
[  109.936768][ T6096] cache 0
[  109.944762][ T6096] rss 0
[  109.947567][ T6096] shmem 0
[  109.950583][ T6096] mapped_file 0
[  109.954058][ T6096] dirty 0
[  109.957009][ T6096] writeback 0
[  109.960360][ T6096] workingset_refault_anon 28
[  109.965003][ T6096] workingset_refault_file 0
[  109.969590][ T6096] swap 188416
[  109.972934][ T6096] swapcached 0
[  109.976324][ T6096] pgpgin 146
[  109.979579][ T6096] pgpgout 146
[  109.982881][ T6096] pgfault 309
[  109.986228][ T6096] pgmajfault 21
[  109.989798][ T6096] inactive_anon 0
[  109.992785][ T6118] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  109.993424][ T6096] active_anon 0
[  109.993435][ T6096] inactive_file 0
[  110.004295][ T6118] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  110.005330][ T6096] active_file 0
[  110.012411][ T6118] batman_adv: batadv0: Adding interface: dummy0
[  110.016742][ T6096] unevictable 0
[  110.016753][ T6096] hierarchical_memory_limit 314572800
[  110.016765][ T6096] hierarchical_memsw_limit 9223372036854771712
[  110.020248][ T6118] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  110.022518][ T6118] batman_adv: batadv0: Interface activated: dummy0
[  110.026577][ T6096] total_cache 0
[  110.026587][ T6096] total_rss 0
[  110.026596][ T6096] total_shmem 0
[  110.039494][ T6118] batadv0: mtu less than device minimum
[  110.041662][ T6096] total_mapped_file 0
[  110.067223][ T6118] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  110.073456][ T6096] total_dirty 0
[  110.077586][ T6118] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  110.080263][ T6096] total_writeback 0
[  110.084107][ T6118] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  110.089278][ T6096] total_workingset_refault_anon 28
[  110.089289][ T6096] total_workingset_refault_file 0
[  110.089296][ T6096] total_swap 188416
[  110.089303][ T6096] total_swapcached 0
[  110.093766][ T6118] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  110.103659][ T6096] total_pgpgin 146
[  110.107631][ T6118] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  110.117484][ T6096] total_pgpgout 146
[  110.121717][ T6118] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  110.131789][ T6096] total_pgfault 309
[  110.137327][ T6118] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  110.141935][ T6096] total_pgmajfault 21
[  110.146217][ T6118] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  110.149711][ T6096] total_inactive_anon 0
[  110.222312][ T6096] total_active_anon 0
[  110.226336][ T6096] total_inactive_file 0
[  110.230533][ T6096] total_active_file 0
[  110.234540][ T6096] total_unevictable 0
[  110.238595][ T6096] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz6,task_memcg=/syz6,task=syz.6.726,pid=6095,uid=0
[  110.253921][ T6096] Memory cgroup out of memory: Killed process 6095 (syz.6.726) total-vm:93648kB, anon-rss:912kB, file-rss:22188kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  110.682055][ T6130] 8021q: VLANs not supported on ip6_vti0
[  110.819742][ T6139] lo: entered allmulticast mode
[  110.879921][ T6145] __nla_validate_parse: 2 callbacks suppressed
[  110.879949][ T6145] netlink: 16 bytes leftover after parsing attributes in process `syz.0.741'.
[  110.930728][ T6147] netlink: 8 bytes leftover after parsing attributes in process `syz.2.742'.
[  110.939615][ T6147] netlink: 8 bytes leftover after parsing attributes in process `syz.2.742'.
[  111.018100][ T6152] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 5, id = 0
[  111.635777][ T6169] netem: change failed
[  111.670280][ T6169] lo: entered promiscuous mode
[  111.675152][ T6169] lo: entered allmulticast mode
[  111.689493][ T6138] lo: left allmulticast mode
[  111.737546][ T6124] syz.5.744 (6124) used greatest stack depth: 6312 bytes left
[  111.775580][ T6178] netlink: 16 bytes leftover after parsing attributes in process `syz.5.754'.
[  111.797910][ T6181] netlink: 16 bytes leftover after parsing attributes in process `syz.6.755'.
[  111.918478][ T6183] dvmrp5: entered allmulticast mode
[  111.926190][ T6183] dvmrp5: left allmulticast mode
[  111.955614][ T6190] netlink: 8 bytes leftover after parsing attributes in process `syz.6.757'.
[  111.964863][ T6190] netlink: 8 bytes leftover after parsing attributes in process `syz.6.757'.
[  112.048779][ T6183] binfmt_misc: register: failed to install interpreter file ./file2
[  112.093286][ T6196] netlink: 100 bytes leftover after parsing attributes in process `syz.1.768'.
[  112.096220][ T6195] netlink: 8 bytes leftover after parsing attributes in process `syz.5.758'.
[  112.114200][ T6195] bond0: option primary: mode dependency failed, not supported in mode balance-rr(0)
[  112.131905][ T6196] netlink: 4 bytes leftover after parsing attributes in process `syz.1.768'.
[  112.293297][ T6205] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present!
[  113.044558][ T6217] netem: change failed
[  113.057991][ T6217] lo: entered promiscuous mode
[  113.062859][ T6217] lo: entered allmulticast mode
[  113.173131][ T6224] xt_hashlimit: max too large, truncated to 1048576
[  113.250192][ T6226] macvtap0: refused to change device tx_queue_len
[  113.409377][   T29] kauditd_printk_skb: 459 callbacks suppressed
[  113.409394][   T29] audit: type=1326 audit(20061273.493:5882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6223 comm="syz.5.766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5668104127 code=0x7ffc0000
[  113.461965][   T29] audit: type=1326 audit(20061273.523:5883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6223 comm="syz.5.766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f56680a9359 code=0x7ffc0000
[  113.485193][   T29] audit: type=1326 audit(20061273.523:5884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6223 comm="syz.5.766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5668104127 code=0x7ffc0000
[  113.508315][   T29] audit: type=1326 audit(20061273.523:5885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6223 comm="syz.5.766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f56680a9359 code=0x7ffc0000
[  113.531405][   T29] audit: type=1326 audit(20061273.523:5886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6223 comm="syz.5.766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f566810d169 code=0x7ffc0000
[  113.554630][   T29] audit: type=1326 audit(20061273.533:5887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6223 comm="syz.5.766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5668104127 code=0x7ffc0000
[  113.577749][   T29] audit: type=1326 audit(20061273.533:5888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6223 comm="syz.5.766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f56680a9359 code=0x7ffc0000
[  113.601256][   T29] audit: type=1326 audit(20061273.533:5889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6223 comm="syz.5.766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f566810d169 code=0x7ffc0000
[  113.624924][   T29] audit: type=1326 audit(20061273.543:5890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6223 comm="syz.5.766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5668104127 code=0x7ffc0000
[  113.648041][   T29] audit: type=1326 audit(20061273.543:5891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6223 comm="syz.5.766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f56680a9359 code=0x7ffc0000
[  114.234779][ T6249] hub 1-0:1.0: USB hub found
[  114.244639][ T6249] hub 1-0:1.0: 8 ports detected
[  114.379550][ T6254] x_tables: ip_tables: bpf.1 match: invalid size 528 (kernel) != (user) 536
[  114.688332][ T6265] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(3)
[  114.694887][ T6265] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  114.702616][ T6265] vhci_hcd vhci_hcd.0: Device attached
[  114.731505][ T6266] vhci_hcd: connection closed
[  114.731761][   T37] vhci_hcd: stop threads
[  114.740846][   T37] vhci_hcd: release socket
[  114.745365][   T37] vhci_hcd: disconnect device
[  114.864209][ T6272] netem: incorrect gi model size
[  114.873609][ T6272] netem: change failed
[  114.925837][ T6272] atomic_op ffff88812cb2e528 conn xmit_atomic 0000000000000000
[  115.188662][ T6291] program syz.5.789 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  115.188859][ T6291] program syz.5.789 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  115.347542][ T6299] netlink: 'syz.5.790': attribute type 13 has an invalid length.
[  115.396783][ T6299] net_ratelimit: 11 callbacks suppressed
[  115.396795][ T6299] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  116.046509][ T6271] syz.2.783 (6271) used greatest stack depth: 6216 bytes left
[  116.212549][ T6326] __nla_validate_parse: 9 callbacks suppressed
[  116.212568][ T6326] netlink: 16 bytes leftover after parsing attributes in process `syz.6.799'.
[  116.791812][ T6352] netlink: 16 bytes leftover after parsing attributes in process `syz.6.806'.
[  116.878146][ T6320] syz.1.798 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  116.889187][ T6320] CPU: 1 UID: 0 PID: 6320 Comm: syz.1.798 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(voluntary) 
[  116.889220][ T6320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  116.889249][ T6320] Call Trace:
[  116.889257][ T6320]  <TASK>
[  116.889266][ T6320]  dump_stack_lvl+0xf6/0x150
[  116.889292][ T6320]  dump_stack+0x15/0x1a
[  116.889308][ T6320]  dump_header+0x83/0x2d0
[  116.889338][ T6320]  oom_kill_process+0x341/0x4c0
[  116.889454][ T6320]  out_of_memory+0x9d1/0xc20
[  116.889491][ T6320]  mem_cgroup_out_of_memory+0x13f/0x190
[  116.889538][ T6320]  try_charge_memcg+0x59f/0x820
[  116.889634][ T6320]  charge_memcg+0x50/0xc0
[  116.889665][ T6320]  mem_cgroup_swapin_charge_folio+0xd0/0x150
[  116.889696][ T6320]  __read_swap_cache_async+0x207/0x3b0
[  116.889772][ T6320]  swap_cluster_readahead+0x27f/0x400
[  116.889808][ T6320]  swapin_readahead+0xe6/0x6f0
[  116.889842][ T6320]  ? swap_cache_get_folio+0x77/0x210
[  116.889876][ T6320]  do_swap_page+0x31c/0x2510
[  116.889980][ T6320]  ? __rcu_read_lock+0x36/0x50
[  116.890013][ T6320]  ? __pfx_default_wake_function+0x10/0x10
[  116.890052][ T6320]  handle_mm_fault+0x8ed/0x2e80
[  116.890204][ T6320]  ? mas_walk+0x204/0x320
[  116.890238][ T6320]  ? __rcu_read_unlock+0x4e/0x70
[  116.890280][ T6320]  exc_page_fault+0x3b9/0x6a0
[  116.890329][ T6320]  asm_exc_page_fault+0x26/0x30
[  116.890351][ T6320] RIP: 0033:0x7f082df73bb9
[  116.890371][ T6320] Code: 34 00 00 0f 8e 09 fe ff ff e8 f3 a6 fe ff 49 39 c4 72 66 66 0f 1f 44 00 00 69 3d e6 1a e7 00 e8 03 00 00 48 8d 1d e7 23 34 00 <e8> 02 95 12 00 eb 0c 48 81 c3 e0 00 00 00 48 39 eb 74 24 80 7b 20
[  116.890389][ T6320] RSP: 002b:00007ffc0324c3e0 EFLAGS: 00010206
[  116.890404][ T6320] RAX: 000000000001c859 RBX: 00007f082e2b5fa0 RCX: 000000000001c520
[  116.890416][ T6320] RDX: 0000000000000339 RSI: 00007ffc0324c3c0 RDI: 00000000000003e8
[  116.890458][ T6320] RBP: 00007f082e2b7ba0 R08: 00000000313424b0 R09: 7fffffffffffffff
[  116.890473][ T6320] R10: 00007f082df08038 R11: 0000000000000010 R12: 000000000001c8a7
[  116.890487][ T6320] R13: 00007f082e2b6080 R14: ffffffffffffffff R15: 00007ffc0324c4f0
[  116.890509][ T6320]  </TASK>
[  116.890517][ T6320] memory: usage 307200kB, limit 307200kB, failcnt 1501
[  116.953333][ T6354] Falling back ldisc for ttyS3.
[  116.957459][ T6320] memory+swap: usage 307804kB, limit 9007199254740988kB, failcnt 0
[  117.116578][ T6320] kmem: usage 274384kB, limit 9007199254740988kB, failcnt 0
[  117.124067][ T6320] Memory cgroup stats for /syz1:
[  117.124390][ T6320] cache 33587200
[  117.132990][ T6320] rss 0
[  117.135751][ T6320] shmem 0
[  117.138724][ T6320] mapped_file 0
[  117.142190][ T6320] dirty 0
[  117.145118][ T6320] writeback 0
[  117.148441][ T6320] workingset_refault_anon 916
[  117.153123][ T6320] workingset_refault_file 1178
[  117.157943][ T6320] swap 618496
[  117.161240][ T6320] swapcached 16384
[  117.164955][ T6320] pgpgin 169355
[  117.168463][ T6320] pgpgout 161151
[  117.172018][ T6320] pgfault 108234
[  117.175620][ T6320] pgmajfault 401
[  117.179242][ T6320] inactive_anon 16384
[  117.183234][ T6320] active_anon 0
[  117.186731][ T6320] inactive_file 0
[  117.190397][ T6320] active_file 0
[  117.193860][ T6320] unevictable 33587200
[  117.197957][ T6320] hierarchical_memory_limit 314572800
[  117.203402][ T6320] hierarchical_memsw_limit 9223372036854771712
[  117.209790][ T6320] total_cache 33587200
[  117.213873][ T6320] total_rss 0
[  117.217174][ T6320] total_shmem 0
[  117.220678][ T6320] total_mapped_file 0
[  117.224659][ T6320] total_dirty 0
[  117.228185][ T6320] total_writeback 0
[  117.231994][ T6320] total_workingset_refault_anon 916
[  117.237297][ T6320] total_workingset_refault_file 1178
[  117.242616][ T6320] total_swap 618496
[  117.246451][ T6320] total_swapcached 16384
[  117.250721][ T6320] total_pgpgin 169355
[  117.254724][ T6320] total_pgpgout 161151
[  117.258813][ T6320] total_pgfault 108234
[  117.262938][ T6320] total_pgmajfault 401
[  117.267048][ T6320] total_inactive_anon 16384
[  117.271604][ T6320] total_active_anon 0
[  117.275592][ T6320] total_inactive_file 0
[  117.279818][ T6320] total_active_file 0
[  117.283870][ T6320] total_unevictable 33587200
[  117.288571][ T6320] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.798,pid=6320,uid=0
[  117.303236][ T6320] Memory cgroup out of memory: Killed process 6320 (syz.1.798) total-vm:93720kB, anon-rss:992kB, file-rss:22316kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  117.557915][ T6373] netlink: 16 bytes leftover after parsing attributes in process `syz.6.824'.
[  117.607623][ T6375] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[  117.614238][ T6375] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  117.621958][ T6375] vhci_hcd vhci_hcd.0: Device attached
[  117.634163][ T6376] vhci_hcd: connection closed
[  117.634451][ T5626] vhci_hcd: stop threads
[  117.643585][ T5626] vhci_hcd: release socket
[  117.648095][ T5626] vhci_hcd: disconnect device
[  118.114432][ T6392] netlink: 16 bytes leftover after parsing attributes in process `syz.2.818'.
[  118.431907][   T29] kauditd_printk_skb: 608 callbacks suppressed
[  118.431924][   T29] audit: type=1326 audit(20061278.513:6500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6397 comm="syz.6.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b9c27d169 code=0x7ffc0000
[  118.472794][   T29] audit: type=1326 audit(20061278.513:6501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6397 comm="syz.6.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0b9c27d169 code=0x7ffc0000
[  118.496077][   T29] audit: type=1326 audit(20061278.513:6502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6397 comm="syz.6.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b9c27d169 code=0x7ffc0000
[  118.519663][   T29] audit: type=1326 audit(20061278.513:6503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6397 comm="syz.6.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b9c27d169 code=0x7ffc0000
[  118.542996][   T29] audit: type=1326 audit(20061278.513:6504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6397 comm="syz.6.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=295 compat=0 ip=0x7f0b9c27d169 code=0x7ffc0000
[  118.566175][   T29] audit: type=1326 audit(20061278.513:6505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6397 comm="syz.6.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b9c27d169 code=0x7ffc0000
[  118.589472][   T29] audit: type=1326 audit(20061278.513:6506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6397 comm="syz.6.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b9c27d169 code=0x7ffc0000
[  118.613007][   T29] audit: type=1326 audit(20061278.513:6507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6397 comm="syz.6.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0b9c27d169 code=0x7ffc0000
[  118.636216][   T29] audit: type=1326 audit(20061278.513:6508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6397 comm="syz.6.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b9c27d169 code=0x7ffc0000
[  118.659506][   T29] audit: type=1326 audit(20061278.523:6509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6397 comm="syz.6.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b9c27d169 code=0x7ffc0000
[  118.781237][ T6412] netlink: 16 bytes leftover after parsing attributes in process `syz.2.828'.
[  118.923963][ T6424] netlink: 16 bytes leftover after parsing attributes in process `syz.2.832'.
[  118.979352][ T6429] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  118.985923][ T6429] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  118.993741][ T6429] vhci_hcd vhci_hcd.0: Device attached
[  119.001863][ T6430] vhci_hcd: connection closed
[  119.002738][  T174] vhci_hcd: stop threads
[  119.011721][  T174] vhci_hcd: release socket
[  119.016179][  T174] vhci_hcd: disconnect device
[  119.142164][ T6435] 9pnet_virtio: no channels available for device 
[  119.152143][ T6435] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(12)
[  119.158859][ T6435] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  119.166550][ T6435] vhci_hcd vhci_hcd.0: Device attached
[  119.186255][ T6435] vhci_hcd vhci_hcd.0: pdev(0) rhport(1) sockfd(14)
[  119.192904][ T6435] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  119.200485][ T6435] vhci_hcd vhci_hcd.0: Device attached
[  119.207362][ T6435] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  119.216171][ T6441] vhci_hcd: connection closed
[  119.216299][ T5626] vhci_hcd: stop threads
[  119.216433][ T6438] vhci_hcd: connection closed
[  119.221063][ T5626] vhci_hcd: release socket
[  119.221076][ T5626] vhci_hcd: disconnect device
[  119.257710][   T37] vhci_hcd: stop threads
[  119.262008][   T37] vhci_hcd: release socket
[  119.266431][   T37] vhci_hcd: disconnect device
[  119.576366][ T6408] syz.6.826 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  119.590515][ T6408] CPU: 1 UID: 0 PID: 6408 Comm: syz.6.826 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(voluntary) 
[  119.590603][ T6408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  119.590696][ T6408] Call Trace:
[  119.590704][ T6408]  <TASK>
[  119.590713][ T6408]  dump_stack_lvl+0xf6/0x150
[  119.590765][ T6408]  dump_stack+0x15/0x1a
[  119.590796][ T6408]  dump_header+0x83/0x2d0
[  119.590828][ T6408]  oom_kill_process+0x341/0x4c0
[  119.590916][ T6408]  out_of_memory+0x9d1/0xc20
[  119.590957][ T6408]  mem_cgroup_out_of_memory+0x13f/0x190
[  119.591070][ T6408]  try_charge_memcg+0x59f/0x820
[  119.591112][ T6408]  obj_cgroup_charge_pages+0xc0/0x1a0
[  119.591144][ T6408]  __memcg_kmem_charge_page+0x9d/0x170
[  119.591176][ T6408]  __alloc_frozen_pages_noprof+0x1a6/0x360
[  119.591210][ T6408]  alloc_pages_mpol+0xb6/0x260
[  119.591319][ T6408]  alloc_pages_noprof+0xe8/0x130
[  119.591349][ T6408]  __vmalloc_node_range_noprof+0x6ea/0xe80
[  119.591397][ T6408]  __kvmalloc_node_noprof+0x311/0x520
[  119.591425][ T6408]  ? ip_set_alloc+0x1f/0x30
[  119.591497][ T6408]  ? ip_set_alloc+0x1f/0x30
[  119.591516][ T6408]  ? __kmalloc_cache_noprof+0x292/0x320
[  119.591542][ T6408]  ip_set_alloc+0x1f/0x30
[  119.591635][ T6408]  hash_netiface_create+0x273/0x730
[  119.591655][ T6408]  ? __nla_parse+0x40/0x60
[  119.591691][ T6408]  ? __pfx_hash_netiface_create+0x10/0x10
[  119.591804][ T6408]  ip_set_create+0x3b6/0x970
[  119.591841][ T6408]  ? __nla_parse+0x40/0x60
[  119.591880][ T6408]  nfnetlink_rcv_msg+0x4ba/0x580
[  119.591942][ T6408]  netlink_rcv_skb+0x12f/0x230
[  119.591983][ T6408]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  119.592055][ T6408]  nfnetlink_rcv+0x187/0x1610
[  119.592090][ T6408]  ? __kfree_skb+0x102/0x150
[  119.592199][ T6408]  ? nlmon_xmit+0x51/0x60
[  119.592259][ T6408]  ? __kfree_skb+0x102/0x150
[  119.592288][ T6408]  ? consume_skb+0x49/0x160
[  119.592317][ T6408]  ? nlmon_xmit+0x51/0x60
[  119.592397][ T6408]  ? dev_hard_start_xmit+0x3d1/0x400
[  119.592435][ T6408]  ? __dev_queue_xmit+0xb76/0x20b0
[  119.592486][ T6408]  ? should_fail_ex+0x31/0x270
[  119.592517][ T6408]  ? ref_tracker_free+0x3b8/0x420
[  119.592558][ T6408]  ? __netlink_deliver_tap+0x4c6/0x4f0
[  119.592594][ T6408]  netlink_unicast+0x605/0x6c0
[  119.592677][ T6408]  netlink_sendmsg+0x609/0x720
[  119.592713][ T6408]  ? __pfx_netlink_sendmsg+0x10/0x10
[  119.592804][ T6408]  __sock_sendmsg+0x140/0x180
[  119.592847][ T6408]  ____sys_sendmsg+0x350/0x4e0
[  119.592886][ T6408]  __sys_sendmsg+0x1a0/0x240
[  119.592938][ T6408]  __x64_sys_sendmsg+0x46/0x50
[  119.592973][ T6408]  x64_sys_call+0x26f3/0x2e10
[  119.593002][ T6408]  do_syscall_64+0xc9/0x1c0
[  119.593039][ T6408]  ? clear_bhb_loop+0x25/0x80
[  119.593143][ T6408]  ? clear_bhb_loop+0x25/0x80
[  119.593170][ T6408]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  119.593198][ T6408] RIP: 0033:0x7f0b9c27d169
[  119.593263][ T6408] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  119.593286][ T6408] RSP: 002b:00007f0b9a8df038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  119.593346][ T6408] RAX: ffffffffffffffda RBX: 00007f0b9c495fa0 RCX: 00007f0b9c27d169
[  119.593361][ T6408] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000003
[  119.593377][ T6408] RBP: 00007f0b9c2fe2a0 R08: 0000000000000000 R09: 0000000000000000
[  119.593393][ T6408] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  119.593408][ T6408] R13: 0000000000000000 R14: 00007f0b9c495fa0 R15: 00007fffb3dd3918
[  119.593431][ T6408]  </TASK>
[  119.593639][ T6408] memory: usage 307200kB, limit 307200kB, failcnt 763
[  119.621314][ T6449] netlink: 100 bytes leftover after parsing attributes in process `syz.2.837'.
[  119.622823][ T6408] memory+swap: usage 307364kB, limit 9007199254740988kB, failcnt 0
[  119.809942][ T6459] netlink: 16 bytes leftover after parsing attributes in process `syz.5.839'.
[  119.812393][ T6408] kmem: usage 307176kB, limit 9007199254740988kB, failcnt 0
[  119.812412][ T6408] Memory cgroup stats for /syz6:
[  119.986905][ T6408] cache 0
[  119.994881][ T6408] rss 12288
[  119.998088][ T6408] shmem 0
[  120.001038][ T6408] mapped_file 0
[  120.004696][ T6408] dirty 0
[  120.007971][ T6408] writeback 0
[  120.011656][ T6408] workingset_refault_anon 105
[  120.016548][ T6408] workingset_refault_file 0
[  120.021121][ T6408] swap 167936
[  120.024419][ T6408] swapcached 24576
[  120.028192][ T6408] pgpgin 12962
[  120.031740][ T6408] pgpgout 12956
[  120.035230][ T6408] pgfault 7613
[  120.038637][ T6408] pgmajfault 78
[  120.042213][ T6408] inactive_anon 24576
[  120.046271][ T6408] active_anon 0
[  120.049778][ T6408] inactive_file 0
[  120.053429][ T6408] active_file 0
[  120.056884][ T6408] unevictable 0
[  120.060406][ T6408] hierarchical_memory_limit 314572800
[  120.065793][ T6408] hierarchical_memsw_limit 9223372036854771712
[  120.071979][ T6408] total_cache 0
[  120.075458][ T6408] total_rss 12288
[  120.079134][ T6408] total_shmem 0
[  120.082604][ T6408] total_mapped_file 0
[  120.086617][ T6408] total_dirty 0
[  120.090166][ T6408] total_writeback 0
[  120.094021][ T6408] total_workingset_refault_anon 105
[  120.099304][ T6408] total_workingset_refault_file 0
[  120.104473][ T6408] total_swap 167936
[  120.108339][ T6408] total_swapcached 24576
[  120.112604][ T6408] total_pgpgin 12962
[  120.116558][ T6408] total_pgpgout 12956
[  120.120585][ T6408] total_pgfault 7613
[  120.124496][ T6408] total_pgmajfault 78
[  120.128589][ T6408] total_inactive_anon 24576
[  120.133103][ T6408] total_active_anon 0
[  120.137081][ T6408] total_inactive_file 0
[  120.141326][ T6408] total_active_file 0
[  120.145315][ T6408] total_unevictable 0
[  120.149361][ T6408] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz6,task_memcg=/syz6,task=syz.6.826,pid=6407,uid=0
[  120.164076][ T6408] Memory cgroup out of memory: Killed process 6407 (syz.6.826) total-vm:93648kB, anon-rss:912kB, file-rss:22316kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  120.433519][ T6448] Set syz1 is full, maxelem 65536 reached
[  120.455655][ T6475] sd 0:0:1:0: device reset
[  120.479437][ T6475] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  120.559430][ T6480] netem: incorrect gi model size
[  120.565320][ T6480] netem: change failed
[  120.599741][ T6480] atomic_op ffff88814e563d28 conn xmit_atomic 0000000000000000
[  120.610443][ T6480] netlink: 19 bytes leftover after parsing attributes in process `syz.6.847'.
[  120.638995][ T6493] hub 9-0:1.0: USB hub found
[  120.641981][ T6499] netlink: 16 bytes leftover after parsing attributes in process `syz.0.854'.
[  120.645780][ T6493] hub 9-0:1.0: 8 ports detected
[  120.742295][ T6508] IPv6: NLM_F_CREATE should be specified when creating new route
[  120.757182][ T6508] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  120.946826][ T6525] sd 0:0:1:0: device reset
[  121.083870][ T6525] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  122.766402][ T6550] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.840279][ T6550] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.899218][ T6550] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.965301][ T6550] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  123.008057][ T6560] Falling back ldisc for ttyS3.
[  123.019590][ T6570] __nla_validate_parse: 2 callbacks suppressed
[  123.019619][ T6570] netlink: 16 bytes leftover after parsing attributes in process `syz.6.871'.
[  123.104426][ T6550] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  123.170278][ T6550] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  123.200836][ T6550] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  123.264492][ T6583] netlink: 4 bytes leftover after parsing attributes in process `syz.5.874'.
[  123.273396][ T6583] netlink: 4 bytes leftover after parsing attributes in process `syz.5.874'.
[  123.282371][ T6583] netlink: 4 bytes leftover after parsing attributes in process `syz.5.874'.
[  123.320389][ T6584] hub 9-0:1.0: USB hub found
[  123.325266][ T6584] hub 9-0:1.0: 8 ports detected
[  123.445606][   T29] kauditd_printk_skb: 351 callbacks suppressed
[  123.445625][   T29] audit: type=1326 audit(20061283.523:6861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6575 comm="syz.6.876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b9c27d169 code=0x7ffc0000
[  123.921257][ T6550] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  123.940446][   T29] audit: type=1326 audit(20061283.563:6862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6575 comm="syz.6.876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f0b9c27d169 code=0x7ffc0000
[  123.963747][   T29] audit: type=1326 audit(20061283.563:6863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6575 comm="syz.6.876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f0b9c27d1a3 code=0x7ffc0000
[  123.986832][   T29] audit: type=1326 audit(20061283.563:6864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6575 comm="syz.6.876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f0b9c27bc1f code=0x7ffc0000
[  124.009890][   T29] audit: type=1326 audit(20061283.573:6865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6575 comm="syz.6.876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f0b9c27d1f7 code=0x7ffc0000
[  124.033048][   T29] audit: type=1326 audit(20061283.573:6866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6575 comm="syz.6.876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0b9c27bad0 code=0x7ffc0000
[  124.056303][   T29] audit: type=1326 audit(20061283.573:6867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6575 comm="syz.6.876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f0b9c27bdca code=0x7ffc0000
[  124.079381][   T29] audit: type=1326 audit(20061283.583:6868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6575 comm="syz.6.876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b9c27d169 code=0x7ffc0000
[  124.102578][   T29] audit: type=1326 audit(20061283.583:6869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6575 comm="syz.6.876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b9c27d169 code=0x7ffc0000
[  124.125846][   T29] audit: type=1326 audit(20061283.653:6870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6575 comm="syz.6.876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f0b9c27d169 code=0x7ffc0000
[  124.404862][ T6593] netlink: 16 bytes leftover after parsing attributes in process `syz.2.882'.
[  124.725353][ T6625] netlink: 8 bytes leftover after parsing attributes in process `syz.5.893'.
[  124.734415][ T6625] netlink: 24 bytes leftover after parsing attributes in process `syz.5.893'.
[  125.041054][ T6642] netlink: 8 bytes leftover after parsing attributes in process `syz.0.907'.
[  125.049897][ T6642] netlink: 24 bytes leftover after parsing attributes in process `syz.0.907'.
[  125.062100][ T6643] netlink: 4 bytes leftover after parsing attributes in process `syz.6.895'.
[  125.117693][ T6646] hub 9-0:1.0: USB hub found
[  125.122481][ T6646] hub 9-0:1.0: 8 ports detected
[  126.046762][ T6675] x_tables: ip_tables: bpf.1 match: invalid size 528 (kernel) != (user) 536
[  126.109700][ T6675] block device autoloading is deprecated and will be removed.
[  128.132711][ T6779] __nla_validate_parse: 11 callbacks suppressed
[  128.132757][ T6779] netlink: 8 bytes leftover after parsing attributes in process `syz.0.917'.
[  128.463803][   T29] kauditd_printk_skb: 201 callbacks suppressed
[  128.463832][   T29] audit: type=1326 audit(20061288.543:7072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6819 comm="syz.0.920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82166bd169 code=0x7ffc0000
[  128.542656][   T29] audit: type=1326 audit(20061288.583:7073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6819 comm="syz.0.920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f82166bd169 code=0x7ffc0000
[  128.566092][   T29] audit: type=1326 audit(20061288.583:7074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6819 comm="syz.0.920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82166bd169 code=0x7ffc0000
[  128.589359][   T29] audit: type=1326 audit(20061288.583:7075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6819 comm="syz.0.920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82166bd169 code=0x7ffc0000
[  128.613081][   T29] audit: type=1326 audit(20061288.583:7076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6819 comm="syz.0.920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=250 compat=0 ip=0x7f82166bd169 code=0x7ffc0000
[  128.636887][   T29] audit: type=1326 audit(20061288.583:7077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6819 comm="syz.0.920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82166bd169 code=0x7ffc0000
[  128.660259][   T29] audit: type=1326 audit(20061288.583:7078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6819 comm="syz.0.920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82166bd169 code=0x7ffc0000
[  128.683552][   T29] audit: type=1326 audit(20061288.583:7079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6819 comm="syz.0.920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f82166bd169 code=0x7ffc0000
[  128.706858][   T29] audit: type=1326 audit(20061288.583:7080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6819 comm="syz.0.920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82166bd169 code=0x7ffc0000
[  128.730059][   T29] audit: type=1326 audit(20061288.583:7081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6819 comm="syz.0.920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82166bd169 code=0x7ffc0000
[  129.416369][ T6857] netlink: 16 bytes leftover after parsing attributes in process `syz.1.930'.
[  129.519696][ T6869] netlink: 4 bytes leftover after parsing attributes in process `syz.6.929'.
[  129.528604][ T6869] netlink: 4 bytes leftover after parsing attributes in process `syz.6.929'.
[  129.537625][ T6869] netlink: 4 bytes leftover after parsing attributes in process `syz.6.929'.
[  130.212157][ T6885] netlink: 'syz.1.937': attribute type 27 has an invalid length.
[  130.223247][ T6885] lo: left promiscuous mode
[  130.228032][ T6885] lo: left allmulticast mode
[  130.269397][ T6885] batman_adv: batadv0: Interface deactivated: dummy0
[  130.312554][ T6881] loop1: detected capacity change from 0 to 2048
[  130.340548][ T6897] netlink: 4 bytes leftover after parsing attributes in process `syz.6.938'.
[  130.364603][ T6881] Alternate GPT is invalid, using primary GPT.
[  130.371026][ T6881]  loop1: p2 p3 p7
[  130.398185][ T6897] hsr_slave_1 (unregistering): left promiscuous mode
[  130.960560][ T6922] SELinux: security policydb version 17 (MLS) not backwards compatible
[  131.030133][ T6922] SELinux: failed to load policy
[  131.658399][ T6934] SET target dimension over the limit!
[  131.797328][ T6945] netlink: 32 bytes leftover after parsing attributes in process `syz.1.941'.
[  131.854113][ T6954] netlink: 4 bytes leftover after parsing attributes in process `syz.2.950'.
[  131.863162][ T6954] netlink: 4 bytes leftover after parsing attributes in process `syz.2.950'.
[  131.875240][ T6954] netlink: 4 bytes leftover after parsing attributes in process `syz.2.950'.
[  132.138856][ T7002] netdevsim netdevsim5 netdevsim0: entered promiscuous mode
[  133.068230][ T7029] Falling back ldisc for ttyS3.
[  133.243432][ T7064] loop1: detected capacity change from 0 to 128
[  133.273049][ T7066] __nla_validate_parse: 8 callbacks suppressed
[  133.273067][ T7066] netlink: 132 bytes leftover after parsing attributes in process `syz.5.974'.
[  133.322035][ T7072] netlink: 4 bytes leftover after parsing attributes in process `syz.6.976'.
[  133.330928][ T7072] netlink: 4 bytes leftover after parsing attributes in process `syz.6.976'.
[  133.348411][ T7072] netlink: 4 bytes leftover after parsing attributes in process `syz.6.976'.
[  133.362280][ T7075] netlink: 'syz.0.977': attribute type 10 has an invalid length.
[  133.376711][ T7078] netlink: 16 bytes leftover after parsing attributes in process `syz.1.978'.
[  133.408536][ T7083] netlink: 116 bytes leftover after parsing attributes in process `syz.6.981'.
[  133.463573][ T7091] loop1: detected capacity change from 0 to 1024
[  133.477309][ T7091] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  133.517643][   T29] kauditd_printk_skb: 238 callbacks suppressed
[  133.517660][   T29] audit: type=1326 audit(20061293.593:7320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7090 comm="syz.1.985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f082e09d169 code=0x7ffc0000
[  133.547450][   T29] audit: type=1326 audit(20061293.593:7321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7090 comm="syz.1.985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f082e09d169 code=0x7ffc0000
[  133.570734][   T29] audit: type=1326 audit(20061293.593:7322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7090 comm="syz.1.985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=43 compat=0 ip=0x7f082e09d169 code=0x7ffc0000
[  133.593832][   T29] audit: type=1326 audit(20061293.593:7323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7090 comm="syz.1.985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f082e09d169 code=0x7ffc0000
[  133.597173][ T7091] loop1: detected capacity change from 0 to 512
[  133.617156][   T29] audit: type=1326 audit(20061293.593:7324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7090 comm="syz.1.985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f082e09d169 code=0x7ffc0000
[  133.646752][   T29] audit: type=1326 audit(20061293.593:7325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7090 comm="syz.1.985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f082e09d169 code=0x7ffc0000
[  133.669923][   T29] audit: type=1326 audit(20061293.593:7326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7090 comm="syz.1.985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f082e09d169 code=0x7ffc0000
[  133.693079][   T29] audit: type=1326 audit(20061293.593:7327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7090 comm="syz.1.985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7f082e09d169 code=0x7ffc0000
[  133.716381][   T29] audit: type=1326 audit(20061293.593:7328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7090 comm="syz.1.985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f082e09d169 code=0x7ffc0000
[  133.739542][   T29] audit: type=1326 audit(20061293.593:7329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7090 comm="syz.1.985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=450 compat=0 ip=0x7f082e09d169 code=0x7ffc0000
[  133.770174][ T7091] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  133.873555][ T7091] EXT4-fs error (device loop1): __ext4_fill_super:5502: inode #2: comm syz.1.985: casefold flag without casefold feature
[  133.887456][ T7091] EXT4-fs (loop1): get root inode failed
[  133.893204][ T7091] EXT4-fs (loop1): mount failed
[  134.286213][ T7091] Falling back ldisc for ttyS3.
[  134.340484][ T7140] loop1: detected capacity change from 0 to 256
[  134.440314][ T7152] loop1: detected capacity change from 0 to 512
[  134.463962][ T7152] EXT4-fs (loop1): orphan cleanup on readonly fs
[  134.472780][ T7152] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1008: bg 0: block 248: padding at end of block bitmap is not set
[  134.491043][ T7152] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.1008: Failed to acquire dquot type 1
[  134.503275][ T7152] EXT4-fs (loop1): 1 truncate cleaned up
[  134.511554][ T7152] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  134.517591][ T7153] Falling back ldisc for ttyS3.
[  134.557333][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.591264][ T7159] loop1: detected capacity change from 0 to 512
[  134.600063][ T7159] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  134.609503][ T7159] EXT4-fs (loop1): orphan cleanup on readonly fs
[  134.616234][ T7159] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.1011: invalid indirect mapped block 256 (level 2)
[  134.631866][ T7159] EXT4-fs (loop1): 2 truncates cleaned up
[  134.638152][ T7159] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  134.687798][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.716979][ T7170] loop1: detected capacity change from 0 to 1024
[  134.729922][ T7170] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  134.804124][ T7175] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1018'.
[  134.813205][ T7175] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1018'.
[  134.820112][ T7170] loop1: detected capacity change from 0 to 512
[  134.833901][ T7181] Cannot find del_set index 0 as target
[  134.851037][ T7170] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  134.860428][ T7184] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1023'.
[  134.875580][ T7170] EXT4-fs error (device loop1): __ext4_fill_super:5502: inode #2: comm syz.1.1015: casefold flag without casefold feature
[  134.889911][ T7181] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1020'.
[  134.926502][ T7170] EXT4-fs (loop1): get root inode failed
[  134.932268][ T7170] EXT4-fs (loop1): mount failed
[  135.324425][ T7239] veth0_to_bond: entered allmulticast mode
[  135.484359][ T7240] loop1: detected capacity change from 0 to 8192
[  135.519890][ T7240] syz.1.1045: attempt to access beyond end of device
[  135.519890][ T7240] loop1: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  135.533495][ T7240] buffer_io_error: 471 callbacks suppressed
[  135.533510][ T7240] Buffer I/O error on dev loop1, logical block 57847, async page read
[  136.949356][ T7354] vhci_hcd: invalid port number 23
[  136.954590][ T7354] vhci_hcd: Wrong hub descriptor type for USB 3.0 roothub.
[  137.017717][ T7357] Falling back ldisc for ttyS3.
[  137.297803][ T7391] Falling back ldisc for ttyS3.
[  137.373563][ T7415] netlink: 'syz.1.1122': attribute type 1 has an invalid length.
[  137.508382][ T7432] binfmt_misc: register: failed to install interpreter file ./file2
[  137.588563][ T7443] netlink: 'syz.2.1136': attribute type 32 has an invalid length.
[  137.879390][ T7493] bpf: Bad value for 'gid'
[  138.087265][ T7515] netlink: 'syz.6.1169': attribute type 10 has an invalid length.
[  138.103226][ T7515] veth1_macvtap: left promiscuous mode
[  138.307681][ T7535] Falling back ldisc for ttyS3.
[  138.367523][ T7541] Falling back ldisc for ttyS3.
[  138.412482][ T7555] __nla_validate_parse: 18 callbacks suppressed
[  138.412501][ T7555] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1186'.
[  138.649457][ T7567] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1188'.
[  138.658421][ T7567] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1188'.
[  138.667340][ T7567] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1188'.
[  138.937442][   T29] kauditd_printk_skb: 852 callbacks suppressed
[  138.937462][   T29] audit: type=1326 audit(20061298.963:8180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7556 comm="syz.5.1187" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f566810d169 code=0x0
[  139.028348][   T29] audit: type=1400 audit(20061299.073:8181): avc:  denied  { create } for  pid=7572 comm="syz.6.1192" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  139.029392][ T7579] loop1: detected capacity change from 0 to 1024
[  139.048079][   T29] audit: type=1400 audit(20061299.073:8182): avc:  denied  { ioctl } for  pid=7572 comm="syz.6.1192" path="socket:[19015]" dev="sockfs" ino=19015 ioctlcmd=0x890b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  139.079616][   T29] audit: type=1400 audit(20061299.103:8183): avc:  denied  { create } for  pid=7580 comm="syz.6.1196" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  139.100972][ T7579] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  139.119283][ T7585] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1198'.
[  139.132974][   T29] audit: type=1326 audit(20061299.213:8184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7578 comm="syz.1.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f082e09d169 code=0x7ffc0000
[  139.156742][ T7585] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1198'.
[  139.184301][ T7579] loop1: detected capacity change from 0 to 512
[  139.193799][   T29] audit: type=1326 audit(20061299.243:8185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7578 comm="syz.1.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=43 compat=0 ip=0x7f082e09d169 code=0x7ffc0000
[  139.217476][   T29] audit: type=1326 audit(20061299.243:8186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7578 comm="syz.1.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f082e09d169 code=0x7ffc0000
[  139.241091][   T29] audit: type=1326 audit(20061299.243:8187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7578 comm="syz.1.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f082e09d169 code=0x7ffc0000
[  139.241473][ T7587] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1199'.
[  139.264414][   T29] audit: type=1326 audit(20061299.243:8188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7578 comm="syz.1.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f082e09d169 code=0x7ffc0000
[  139.296593][   T29] audit: type=1326 audit(20061299.243:8189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7578 comm="syz.1.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f082e09d169 code=0x7ffc0000
[  139.299268][ T7579] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  139.384174][ T7579] EXT4-fs error (device loop1): __ext4_fill_super:5502: inode #2: comm syz.1.1195: casefold flag without casefold feature
[  139.406183][ T7579] EXT4-fs (loop1): get root inode failed
[  139.412036][ T7579] EXT4-fs (loop1): mount failed
[  139.479305][ T7579] Falling back ldisc for ttyS3.
[  139.540399][ T7613] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1211'.
[  139.775322][ T7639] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1212'.
[  139.784388][ T7639] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1212'.
[  140.140614][ T7655] (unnamed net_device) (uninitialized): option tlb_dynamic_lb: invalid value (98)
[  140.196035][ T7664] binfmt_misc: register: failed to install interpreter file ./file0
[  140.675075][ T7702] loop1: detected capacity change from 0 to 8192
[  140.866700][ T7702] syz.1.1246: attempt to access beyond end of device
[  140.866700][ T7702] loop1: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  140.880227][ T7702] Buffer I/O error on dev loop1, logical block 57847, async page read
[  141.246626][ T7763] netlink: 'syz.0.1273': attribute type 27 has an invalid length.
[  141.255770][ T7763] veth0_to_bond: left allmulticast mode
[  141.339833][ T7771] SELinux:  Context system_u:object_r:bin_t:s0 is not valid (left unmapped).
[  141.369068][ T7695] syz.1.1246 (7695) used greatest stack depth: 6136 bytes left
[  141.514261][ T7793] loop1: detected capacity change from 0 to 128
[  141.748775][ T7805] loop1: detected capacity change from 0 to 8192
[  141.787331][ T7805] syz.1.1290: attempt to access beyond end of device
[  141.787331][ T7805] loop1: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  141.801021][ T7805] Buffer I/O error on dev loop1, logical block 57847, async page read
[  142.123174][ T7840] bridge1: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  142.133114][ T7840] bridge1: entered allmulticast mode
[  142.707681][ T7862] Falling back ldisc for ttyS3.
[  142.812435][ T7869] loop1: detected capacity change from 0 to 8192
[  142.897450][ T7869] syz.1.1314: attempt to access beyond end of device
[  142.897450][ T7869] loop1: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  142.910942][ T7869] Buffer I/O error on dev loop1, logical block 57847, async page read
[  143.214384][ T7881] bridge0: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  143.224308][ T7881] bridge0: entered allmulticast mode
[  143.527698][ T7898] Falling back ldisc for ttyS3.
[  144.012399][   T29] kauditd_printk_skb: 803 callbacks suppressed
[  144.012415][   T29] audit: type=1326 audit(20061304.093:8993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7926 comm="syz.2.1332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7fdfbe9bd169 code=0x7ffc0000
[  144.159730][   T29] audit: type=1326 audit(20061304.243:8994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7924 comm="syz.6.1336" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0b9c27d169 code=0x0
[  144.419994][ T7935] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  144.528759][   T29] audit: type=1326 audit(20061304.613:8995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7945 comm="syz.0.1342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82166bd169 code=0x7ffc0000
[  144.552272][   T29] audit: type=1326 audit(20061304.613:8996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7945 comm="syz.0.1342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=43 compat=0 ip=0x7f82166bd169 code=0x7ffc0000
[  144.575557][   T29] audit: type=1326 audit(20061304.613:8997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7945 comm="syz.0.1342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82166bd169 code=0x7ffc0000
[  144.598975][   T29] audit: type=1326 audit(20061304.613:8998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7945 comm="syz.0.1342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f82166bd169 code=0x7ffc0000
[  144.622172][   T29] audit: type=1326 audit(20061304.613:8999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7945 comm="syz.0.1342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82166bd169 code=0x7ffc0000
[  144.645833][   T29] audit: type=1326 audit(20061304.613:9000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7945 comm="syz.0.1342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7f82166bd169 code=0x7ffc0000
[  144.669218][   T29] audit: type=1326 audit(20061304.613:9001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7945 comm="syz.0.1342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82166bd169 code=0x7ffc0000
[  144.692488][   T29] audit: type=1326 audit(20061304.613:9002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7945 comm="syz.0.1342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=450 compat=0 ip=0x7f82166bd169 code=0x7ffc0000
[  144.765403][ T7949] __nla_validate_parse: 13 callbacks suppressed
[  144.765421][ T7949] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1344'.
[  144.944759][ T7969] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1343'.
[  144.953744][ T7969] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1343'.
[  144.962790][ T7969] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1343'.
[  145.557265][ T7978] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  146.007256][ T7973] syz.0.1354 (7973) used greatest stack depth: 6040 bytes left
[  146.334726][ T8028] ==================================================================
[  146.342938][ T8028] BUG: KCSAN: data-race in __filemap_remove_folio / folio_mapping
[  146.350903][ T8028] 
[  146.353246][ T8028] write to 0xffffea000482b0d8 of 8 bytes by task 8030 on cpu 0:
[  146.360876][ T8028]  __filemap_remove_folio+0x1ae/0x2c0
[  146.366254][ T8028]  filemap_remove_folio+0x6b/0x1c0
[  146.371455][ T8028]  truncate_inode_folio+0x42/0x50
[  146.376474][ T8028]  shmem_undo_range+0x25d/0xa80
[  146.381341][ T8028]  shmem_evict_inode+0x13b/0x520
[  146.386277][ T8028]  evict+0x2de/0x550
[  146.390184][ T8028]  iput+0x42a/0x5b0
[  146.393986][ T8028]  dentry_unlink_inode+0x24f/0x260
[  146.399097][ T8028]  __dentry_kill+0x18b/0x4c0
[  146.403680][ T8028]  dput+0x5c/0xd0
[  146.407307][ T8028]  __fput+0x428/0x640
[  146.411304][ T8028]  fput_close_sync+0xc0/0x110
[  146.415978][ T8028]  __x64_sys_close+0x55/0xe0
[  146.420575][ T8028]  x64_sys_call+0x262b/0x2e10
[  146.425251][ T8028]  do_syscall_64+0xc9/0x1c0
[  146.429782][ T8028]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.435681][ T8028] 
[  146.438028][ T8028] read to 0xffffea000482b0d8 of 8 bytes by task 8028 on cpu 1:
[  146.445563][ T8028]  folio_mapping+0xa0/0x120
[  146.450067][ T8028]  move_folios_to_lru+0x12c/0x690
[  146.455096][ T8028]  evict_folios+0x2c03/0x2fb0
[  146.459770][ T8028]  try_to_shrink_lruvec+0x405/0x590
[  146.464967][ T8028]  shrink_lruvec+0x220/0x1970
[  146.469747][ T8028]  shrink_node+0x60b/0x1da0
[  146.474248][ T8028]  do_try_to_free_pages+0x3c6/0xc10
[  146.479442][ T8028]  try_to_free_mem_cgroup_pages+0x1e6/0x4a0
[  146.485332][ T8028]  try_charge_memcg+0x364/0x820
[  146.490183][ T8028]  obj_cgroup_charge_pages+0xc0/0x1a0
[  146.495554][ T8028]  __memcg_kmem_charge_page+0x9d/0x170
[  146.501360][ T8028]  __alloc_frozen_pages_noprof+0x1a6/0x360
[  146.507171][ T8028]  alloc_pages_mpol+0xb6/0x260
[  146.511932][ T8028]  alloc_pages_noprof+0xe8/0x130
[  146.516868][ T8028]  __vmalloc_node_range_noprof+0x6ea/0xe80
[  146.522678][ T8028]  __kvmalloc_node_noprof+0x311/0x520
[  146.528484][ T8028]  ip_set_alloc+0x1f/0x30
[  146.532823][ T8028]  hash_netiface_create+0x273/0x730
[  146.538031][ T8028]  ip_set_create+0x3b6/0x970
[  146.542630][ T8028]  nfnetlink_rcv_msg+0x4ba/0x580
[  146.547587][ T8028]  netlink_rcv_skb+0x12f/0x230
[  146.552355][ T8028]  nfnetlink_rcv+0x187/0x1610
[  146.557044][ T8028]  netlink_unicast+0x605/0x6c0
[  146.561808][ T8028]  netlink_sendmsg+0x609/0x720
[  146.566572][ T8028]  __sock_sendmsg+0x140/0x180
[  146.571255][ T8028]  ____sys_sendmsg+0x350/0x4e0
[  146.576018][ T8028]  __sys_sendmsg+0x1a0/0x240
[  146.580607][ T8028]  __x64_sys_sendmsg+0x46/0x50
[  146.585371][ T8028]  x64_sys_call+0x26f3/0x2e10
[  146.590046][ T8028]  do_syscall_64+0xc9/0x1c0
[  146.594556][ T8028]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.600446][ T8028] 
[  146.602777][ T8028] value changed: 0xffff888117bbfc10 -> 0x0000000000000000
[  146.609968][ T8028] 
[  146.612287][ T8028] Reported by Kernel Concurrency Sanitizer on:
[  146.618431][ T8028] CPU: 1 UID: 0 PID: 8028 Comm: syz.5.1376 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(voluntary) 
[  146.630838][ T8028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  146.640906][ T8028] ==================================================================