last executing test programs:

1m52.633611088s ago: executing program 0 (id=526):
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
pwritev2(0xffffffffffffffff, 0x0, 0x0, 0x1800, 0x0, 0x3)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)={0x30, r1, 0x1, 0x70bd25, 0x25dfdbff, {{}, {0x0, 0x4108}, {0x14, 0x18, {0x0, @bearer=@udp='udp:syz2\x00'}}}}, 0x30}, 0x1, 0x0, 0x0, 0x4880}, 0x40090) (fail_nth: 3)
sendmsg$TIPC_CMD_SET_NODE_ADDR(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4040800}, 0x20000000)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)

1m52.633394908s ago: executing program 0 (id=527):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x6, 0x5, &(0x7f0000000680)=ANY=[@ANYBLOB="180200000020ec1f00000000080000008500000055000000c30000000000000095"], &(0x7f0000000000)='GPL\x00', 0x9, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000a00), r0)
sendmsg$NFC_CMD_DEP_LINK_UP(r0, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000680)=ANY=[@ANYBLOB='$\x00\x00', @ANYRES16=r1, @ANYBLOB="01002dbd7000ffdbdf250400000005000a0001000000080001"], 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x810)

1m52.633138068s ago: executing program 0 (id=528):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001a40)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r0, 0x0, 0x5}, 0x18)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb0100180000000000000034000000340000000400000000000000000000030000000003000000"], 0x0, 0x50, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)
ioctl$RTC_UIE_ON(r1, 0x7003)
ioctl$RTC_SET_TIME(r1, 0x4024700a, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x4, 0x2, 0xc000})
syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaa79ff030486dd601b8b97004d88c19e9ace00000000000000002100000002ff02000000000000000000000000000104004e"], 0x0)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000fc0f00000a"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ptrace$poke(0x5, r2, &(0x7f0000000080), 0x0)
socket(0x10, 0x803, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', 0x0, 0x0, &(0x7f0000000300)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@uname={'uname', 0x3d, '\xd0\xae\xde\xc1\xaa \xff\xd8\x1d\x1b\xf8\x93)!|\xb0X\xa3\x96\xed\xa2\xab@\xa2m\x93\xdd\b<\x00t\xdc\xabl\xab!\xae\x16\xc4\xcd\xf9{\xdc5_;A\xd2{eC\x014\\\xb3\xc4\xce\xc3yS2-\x01\xbe\xaarW\x96O\xd3\x0f\xe2\xd7/\x17\x1d\xa7.8\x9f8-\xea<\x8d\x91\x90j\xea\xd5\xd5\xae\xcc\xc0\x97\xef\x10\x92\xea\x98|+\x00\x00\x00\x00\x00\x00\x00\x00'}}]}})
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000800)={0xffffffffffffffff, 0xe0, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000540)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, &(0x7f0000000580)=[0x0, 0x0, 0x0, 0x0], &(0x7f00000005c0)=[0x0, 0x0], <r5=>0x0, 0xf9, &(0x7f0000000600)=[{}], 0x8, 0x10, &(0x7f0000000640), &(0x7f0000000680), 0x8, 0x18, 0x8, 0x8, &(0x7f00000006c0)}}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = msgget(0x1, 0x2b0)
msgctl$IPC_RMID(r6, 0x0)
ptrace$setsig(0x4203, r2, 0x3, &(0x7f0000000440)={0x2e, 0x80000001, 0x7})
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$inet(r7, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x33fe0}], 0x1}, 0x3)
ftruncate(0xffffffffffffffff, 0x8001)
timerfd_gettime(0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x14, 0x1d, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x638, 0x0, 0x0, 0x0, 0x7}, {}, {}, [@printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x5}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x10000}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r3}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, &(0x7f00000004c0), 0x40f00, 0x8, '\x00', 0x0, @lirc_mode2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000500)={0x1, 0x10, 0xc5, 0x8001}, 0x10, r5, r4, 0x1, &(0x7f0000000840)=[r3, r3, r3, 0xffffffffffffffff, r3, r3], &(0x7f0000000880)=[{0x0, 0x3, 0xd, 0x5}], 0x10, 0x9, @void, @value}, 0x94)
io_uring_enter(0xffffffffffffffff, 0x1a67, 0x3031, 0x2, &(0x7f00000000c0)={[0x8]}, 0x8)

1m52.40425609s ago: executing program 0 (id=530):
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000280)={[{@stripe={'stripe', 0x3d, 0x10}}, {@stripe={'stripe', 0x3d, 0x7}}, {@dioread_nolock}, {@mblk_io_submit}, {@discard}, {@nogrpid}]}, 0x1, 0x408, &(0x7f0000001180)="$eJzs3M1uG1UbAOB3JrHTpD/OJ3XxqbCIBIIgaFIHAhQhKGz52QAXECVpqUibqgkSDVkUVDasWCB2LHoDLJDYVhVCQuIWuAFUqUJpFrALGnsmcWs72Ikdp+R5pNGcMz7ue94Zd3TOxD4BHFkTEXEhIoYiYiYiKvnxNN/iZn3L2j3YWJ/f3FifT2Jr64M/k0jyY8W/leT743llMo1Ib0U8cbM57sqNtU/mlpYWr+f16dUr16ZXbqydvXxl7tLipcWr1VfOV6uzM69WX+pZrt89/dz5obcvnPn+98rd2XJ5NOvvify1xjx6ZSImts9JYSrfz/Y62ICVB90BAAA6kuZj/+Ha+L8SQ7VSXSWm1wfaOQAAAKAntt7M93tybI/vAwAAAA5W0mIOXzKvBwAAgP+QUv49gAcb6/PFNsjvIxy0+29FxPjOb5s3t/MfjmN5m1Iff986ERHXnkkq2RZ9+h0yAECju9n451yr8V8a/29oNxJRGw+N9jj+xCP15vFPeq/HIR+Sjf9ej4jNpvFfWjQZH8prJ2tDxVJy8fLS4rmIOBURk1EayerVXWK889cP77d7Lcv/l+TkqWLL4mf7nRbpveGRh9+zMLc6t5+cG93/IuLMcKv8k+3xbxIRY/uIMfT57dfavfbv+ffX1u2IZ1te/52Ve5Ld1yearn0epotPRbO/v/zxvXbxW+U/HAeXf3b9x3bPfzxpXK9ppfsYdz7+7claoUVWjfOfbj7/5eTDWrmYl302t7p6vRpRTt5tPj6z896iXrTP8p98qvX//+L+l+RrWp3I7wHd+vqbn1/YvUU9/2zL4hdzwcxXM7fW9hCyY1n+C11d/+4LL9/59aN28Ruvf6v869e/vgbYZH6kk/tfpx3cz7kDAACAx0Vae66RpFPb5TSdmqo/7zgdY+nS8srq8xeXP726UH/+MR6ltHjSVWl4Hlqt/xl9uz7zSP3FiPhfRHxbGa3Vp+aXlxYGnTwAAAAcEcfbzP8zf1QG3TsAAACgZ8YH3QEAAACg7/L5/9nTg+4IAAAA0A/7Wdfv6BayM9dp43Icjj4fzsIbP4XzcygLg74zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPN7+CQAA//8e+LAL")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x105042, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x5, 0x9, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xcc0984f9ead32b32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r5, 0x0, 0x4}, 0x18)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file1\x00', 0x8205, &(0x7f0000000180)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x8}}, {@data_err_abort}, {@grpid}, {@errors_remount}, {@abort}, {@noblock_validity}, {@barrier}, {@min_batch_time={'min_batch_time', 0x3d, 0x577}}]}, 0x1, 0x618, &(0x7f0000000640)="$eJzs3c9rHG0dAPDvzCYxed9oWpFii2LAQwvS/KjFqqe2F3soWLAHEQ8NTVJDN21oUrC1YAoeFBREvIr04j/gXYpXbyKoN89CFYl4UOnKzM60a3Y32ebN7mwznw/M9plnZvd5vjv7dJ5nNs9OALU1nz2kEWcj4k4SMdexbTbaG+eL/fb+8exutiTRan3j70kkRV65/+vi3w+zhyRiOiJ+fz3ik43ucrefPL2/0my1fT9icWdza3H7ydOLG5sr99burT1YvvTly1eWvrJ8eflY4izjunHz65/5yQ++86X1PzQvJnE1bk9+bzX2xXFc5mM+XhchduZPRMSVLNHjfXnflCEkFdeDo2kUn8fJiDgTc9HI19rmYuPHlVYOGKpWI6IF1FSi/UNNlf2Acmw/jHHwOHt1rT0A6o5/on1tJKbzsdEHe0nHyKg93j11DOVnZfz32blfZEv0uQ4xcQzl9LP7PCI+3Sv+JK/bqfwqThZ/GmnH87L0UkRMFe/FYOP/ya6c+X3ro/78vUv8ncchi/9q8W+Wf/2I5VcdPwD19PJacSLfzdbenv+ynmHZ/4ke/Z/ZHueuo6j6/Ne//1ee76fza+Tpvn5Y1t+51fsluzo5f/nRjZ/1K7+z/5ctWfllX3AUXj2POLcv/h/mHb3kzfFPehz/bJc7A5bxtT/+7Ua/bVXH33oRcb7n+OdtjzZLLe5sbpV5+76fXFzfaK4ttR97lvGb3337V/3Krzr+7PhHn/HfQcc/y9sasIxf33qx2W/b7KHxp3+dSm7nqaki57srOzuPliOmkpvFLh35lw6uS7lP+RpZ/Bc+37v994q/KCo/0Lv/9270t/XN+3v99hv4+HcPnTKvWweHe6gs/tU+n//Djv9PByzjX996/Nl9WTNl4qD4Z7pfKtl95wgBAAAAAACgPtL8O9gkXXiTTtOFhfYc3k/FB2nz4fbOF9YfPn6wGnEh/3vIybT8pnuuvZ5k68vF38OW65f2rX8xIk5HxM8bM/n6wt2HzdWqgwcAAAAAAAAAAAAAAAAAAIAx8WEx/7+8T/U/G+35/wPZOTPk2gFDN8wbzAHjTfuH+srbf1p1LYAqOP9DfWn/UF/aP9SX9g/1pf1DfWn/UF/aP9SX9g8AAAAAJ9Lpz738cxIRu1+dyZfMVLFtstKaAcP27m18fij1AEavMdKnAePkzVf/pv9D7QzU//938eOAw68OUIGkV2beOWgd3Phf9nwmAAAAAAAAAAAAADAE58+a/w91lcZvq64CUJHuifxn9wac6Oc3AOA956f/ob4+0hjfBQI4EQ6bxT/db4P5/wAAAAAAAAAAAAAwMrP5kqQLxS1AZyNNFxYiPh4Rp2IyWd9ori1FxCci4k+NyY9l68tVVxoAAAAAAAAAAAAAAAAAAABOmO0nT++vNJtrjzoT/+nKOdmJ8i6o41KfzkQkoy90JiLGIfbhJCY6cpKI3ezIj0XFHm3HWFQjzatR8X9MAAAAAAAAAAAAAAAAAABQQx1zj3s798sR1wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAARu/t/f+PnkgOeZ2qYwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k//CwAA//9vNjw9")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r3}, 0x10)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = open(&(0x7f0000000180)='./bus\x00', 0xa37e, 0x0)
r7 = open(&(0x7f0000000040)='./bus\x00', 0x46342, 0x0)
ftruncate(r7, 0x2088002)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8088e3ad122bc192, 0x4002011, r6, 0x0)
read(r0, &(0x7f0000000000), 0x2000)

1m52.31964811s ago: executing program 0 (id=532):
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_rx_ring(r1, 0x107, 0x5, 0x0, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
preadv(r2, &(0x7f0000000040)=[{&(0x7f0000000240)=""/138, 0x8a}, {}, {&(0x7f00000008c0)=""/4096, 0x1000}, {&(0x7f0000000300)=""/125, 0x7d}], 0x4, 0x73, 0x1)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
r3 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0xa3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000e41621eb70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r5}, 0x10)
ioctl$SG_IO(r3, 0x2285, 0x0)
writev(r3, &(0x7f0000000400)=[{&(0x7f0000000000)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb010052f436dd2a", 0x2a}, {&(0x7f0000000040)="aa1d484e242a03000000f7c08bfcd111fbdf23ea32db0e8f21d5bc27bd8063067a0689fff2a41cfbf0e9d85e447511703d", 0x31}], 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r6}, 0x10)
syz_emit_ethernet(0x3e, &(0x7f0000000400)={@link_local, @broadcast, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x8, 0x11, 0x0, @remote, @mcast2, {[], {0x0, 0xe22, 0x8}}}}}}, 0x0)

1m51.964297062s ago: executing program 0 (id=543):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2e, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x67, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = openat$rtc(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$BTRFS_IOC_TREE_SEARCH(r2, 0x7005, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCMIWAIT(r4, 0x545c, 0x3000000)

1m51.958722112s ago: executing program 32 (id=543):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2e, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x67, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = openat$rtc(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$BTRFS_IOC_TREE_SEARCH(r2, 0x7005, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCMIWAIT(r4, 0x545c, 0x3000000)

1m24.064007883s ago: executing program 5 (id=1073):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
ioctl$TIOCL_SETVESABLANK(r1, 0x560e, &(0x7f0000000140))
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f00000008c0)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x13, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000240)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000280)={0x0, 0x0})
fspick(r1, &(0x7f00000003c0)='./file0\x00', 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff010000850000000e000000850000005000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x18)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
r5 = socket$kcm(0x2, 0x1, 0x84)
socket$kcm(0x2, 0x1, 0x84)
setsockopt$sock_attach_bpf(r5, 0x84, 0x1f, 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000ec0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000e80)={<r6=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r4, &(0x7f00000000c0)={0x13, 0x10, 0x8, {0x0, r6, 0x1}}, 0x18)
write$RDMA_USER_CM_CMD_SET_OPTION(r1, &(0x7f0000000340)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f0000000100)=0x1, r6, 0x0, 0x1, 0x4}}, 0x20)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r7, 0x8933, &(0x7f0000000040)={'team0\x00', <r8=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=@newchain={0x34, 0x64, 0x10, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r8, {0xb, 0xfff1}, {0x10, 0x3}, {0xfff2, 0xa}}, [@TCA_RATE={0x6, 0x5, {0x2, 0x3}}, @TCA_RATE={0x6, 0x5, {0x2d, 0xd}}]}, 0x34}, 0x1, 0x0, 0x0, 0xee7fb56f97126cd0}, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[], 0x50}}, 0x40088c0)
open(&(0x7f0000000040)='./bus\x00', 0x1451c2, 0x0)

1m23.378364777s ago: executing program 5 (id=1084):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000004850000006d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000050000000000000000000024000a20000000000a03000000000000000000010000000900010073797a300000000058000000030a0104000000000000000001000000090003803d2175fbe782c2002c00048008000240172af2e40800014000000003080002401c791e7108000240423930ce08000140000000030900010073797a300000000088000000060a010400000000000000000100000008000b400000000014000480100001800b0001006e756d67656e00000900010073797a30000000004c00048048000180080001"], 0x122}}, 0x0) (fail_nth: 6)

1m21.448283348s ago: executing program 5 (id=1087):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="b4050000200080006110600000000000c60000000000000095000000000000009f33ef60916e6e893f1eeb0be20000d072f5b89c3043c47c896ce0bc8731fa595b6b4d45ef26dcca5582054d54d53cd2b6db714e4b94bdae214fa68a0557eb3c5ca683a4b6fc89398f2b9000f224891060017c4700de60beac671e8e8fdecb03588aa6007e71f871ab5c2ff88afc6002084e5b52710aeee835cf0d78e45f70983826fb8579c1fb47d2c5553d2ccb5fc5b51fe6b174ebd9907dcff414ed55b0d18a93ee341ab59016f81860324b800300000000000092d9c5fe34ccb80a61ffcb3363073fd8962823ee45f5d7394e9510f4a801efdf008499d7aca1afac6c702cfabe8a9c55c8dafcdb110036e14c1035cafdfef6a358cbfadb3579a285580a3c080d4e0a48d7bdc38a0437c8c1b3aa408a"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x12, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@map=r2, r1, 0x26, 0x0, 0x0, @void, @value}, 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000a80)={r2, &(0x7f0000000940), &(0x7f0000000a40)=@tcp6=r0}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000240)={r2, &(0x7f0000000200)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

1m21.219098019s ago: executing program 5 (id=1090):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000004000000e27f000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r3 = fcntl$dupfd(r2, 0x406, r2)
ioctl$SCSI_IOCTL_GET_PCI(r3, 0x5393, &(0x7f0000000000))
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x21081a, &(0x7f0000000300), 0x1, 0x507, &(0x7f0000000c00)="$eJzs3c9vI1cdAPCvnThxsmmTlh4AQbu0hS1arZN426jqAcoJIVQJ0SNI25B4oyh2HMVOacIesmeuSKzECY78AZz3xJ0LghuX5YDEjwi0QXCYasaTrDdrb6LND0fx5yONZt68WX+/L9a8Zz+v/QIYWtcjYjcixiLik4iYzs8X8i0+7GzpdY/37i3t791bKkSSfPzPQlafnouuf5O6lj9mOSJ++N2InxSejdva3llbrNdrm3l5tt3YmG1t79xabSyu1FZq69XqwvzC3Pu336ueWVvfaIzlR1999Ifdb/4sTWsqP9PdjrPUaXrpME5qNCK+fx7BBmAkb8/YoBPhhRQj4tWIeDO7/6djJHs2AYCrLEmmI5nuLgMAV10xmwMrFCv5XMBUFIuVSmcO77WYLNabrfbNu82t9eXOXNlMlIp3V+u1uXyucCZKhbQ8nx0/KVePlG9HxCsR8YvxiaxcWWrWlwf5wgcAhti1I+P/f8Y74z8AcMWVB50AAHDhjP8AMHyM/wAwfIz/ADB8OuP/xKDTAAAukPf/ADB8jP8AMFR+8NFH6Zbs579/vfzp9tZa89Nby7XWWqWxtVRZam5uVFaazZXsN3saxz1evdncmH83tj6b+dZGqz3b2t6502hurbfvZL/rfadWyq7avYCWAQD9vPLGwz8X0hH5g4lsi661HEoDzQw4b8VBJwAMzMigEwAGxmpfMLxO8R7f9ABcET2W6H1KudcXhJIkSc4vJeCc3fiS+X8YVl3z//4XMAwZ8/8wvMz/w/BKksJJ1/yPk14IAFxu5viBPp//v5rvf5t/OPDj5aNXPDjPrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOByG4n/Jem+kq8FPhXFYqUS8VJEzESpcHe1XpuLiJcj4k/jpfG0PD/opAGAUyr+rZCv/3Vj+u2pp6pev3Z4OBYRP/3Vx7/8bLHd3vxjxFjhX+MH59sP8vPVi88eADjewTid7bveyD/eu7d0sF1kPn//TkSUO/H398Zi/zD+aIxm+3KUImLy34W83FHI5i5Ob/d+RHyxV/sLMZXNgXRWPj0aP4390oXGLz4Vv5jVdfbp3+ILZ5ALDJuHaf/zYa/7rxjXs33v+7+c9VCnl/d/6UMt7Wd94JP4B/3fSJ/+7/pJY7z7++91jiaerbsf8eXRiIPY+139z0H8Qp/4b58w/l++8vqb/eqSX0fciN7xu2PNthsbs63tnVurjcWV2kptvVpdmF+Ye//2e9XZbI56tv9o8I8Pbr7cry5t/2Sf+OVj2v/1E7b/N///5Edfe078d946jB/dz/9rz4mfjonfOGH8xcnflfvVpfGX+7T/uOf/5gnjP/rrzjPLhgMAg9Pa3llbrNdrmw4uw0H6Ou0SpHFpD+IS/32+fdw175xN8qWx6F3187c69/SRqiR5oVj9eoyzmHUDLoPDmz4i/jvoZAAAAAAAAAAAAAAAgJ4u4ttRg24jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAV9fnAQAA//8SW80s")
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x851800, 0x0)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r4, 0x4c04, &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, "ef359f413bb90152f7d6d1ce5d29c3ee5e5ca9000f7c41499dc2aac63a01000000000000004faa2ad9c084a003ea00", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00"})
quotactl$Q_GETNEXTQUOTA(0xffffffff80000901, &(0x7f0000000040)=@loop={'/dev/loop', 0x0}, 0xee00, 0x0)

1m20.9616076s ago: executing program 5 (id=1099):
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r0 = syz_open_procfs(0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYRES8=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00"], 0x0, 0x8006, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
open_tree(r0, 0x0, 0x89901)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r0, 0xc04c5349, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000600)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000640)=@broute={'broute\x00', 0x20, 0x1, 0x170, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200006c0], 0x0, 0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0000000000000000ff0000000000000000d17d000000000000000000000000000000000000000000ffffffff0000000000000000000000000000001200000000000000000000000000080000000000000800000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff01000000110000000000000000006e72300000000000000000000000000079616d3000000001000000000000b40079616d30000000000000000000000000766574b7708ad56f5f7465616d0000000180c2000000000000000000aaaaaaaaaa000000000000000000b0000000b0000000e000000071756f74610000000000000000000000000000000000000000000000000000001800"]}, 0x19a)
write$binfmt_script(r1, &(0x7f0000000000), 0xfea7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r1, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000fc0f00000a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r3}, 0x10)
rt_sigpending(0x0, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
setsockopt$EBT_SO_SET_ENTRIES(r4, 0x0, 0x80, &(0x7f0000000640)=@broute={'broute\x00', 0x20, 0x1, 0x170, [], 0x0, 0x0, 0x0}, 0x1e8)

1m20.514480543s ago: executing program 5 (id=1111):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000080)='./file1\x00', 0x200000a, &(0x7f0000001080)=ANY=[], 0xfc, 0x2b5, &(0x7f0000000480)="$eJzs3U9rK1UUAPAz+dc8XSSIG0VwQBeuyqtbN43yBLErJYK6MfhakKQUWghYwdpVP4FL8Wu4defabyC4Fdy1i8rIZGaaxCZttP/A/n6b3t57z52TOUOyyskXr+0On+8lcXz6W7TbSdQ2YzPOkuhGLSrfRSMAgP+PsyyLP7OIaBb/JytHNmp3lxUAcJeKz//CQ+cCANyPjz/97MPe1tazj9K0Ha90Tsb9JCJ2T8b9Yr23E1/FKLbjaXTiPCK7UIzf/2DrWTTSXDfe3D0a98dz5/f+iCeT+I3oRHdx/EZaKOP7EfnfZrwQafR2mtVRnXh5cfzbC+Kj34q33pjJfz068euXsRejeB557DT+2400fS/7/vSbz/PL5PFJLfprk31TWf1+KgIAAAAAAAAAAAAAAAAAAAAAwGOwnqZJ0b5n0r8nnyr779TPJ+vraaU735+niL/oF1z0B8qibNFzlMUPVX+dp2maZuXGaXwjXm34YQEAAAAAAAAAAAAAAAAAAADIHXx9OByMRtv7Nx7Uh4NR1Q2g+lr/fz1wc2bm9TgcDurLD1xb/Vqz3QbyXK/cHI1G3MJtuX4QPz/J81my58cy339/8tq0uJ+U4VVhbvVVvPTuRYZpuVTd5OEgue5a7apwP80utWLlNJJkbmZS29H2fjZ5JM6z+Zq2l9zM1i3cjfwZbb24cOmvLMtWO+ed34salTPJpMXGamk0y8HSp6V9uRa/LD9w6VtG/abvOQAAAAAAAAAAAAAAAAAAwGLzX5z+h+MrQ2t3lhQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3LPp7/9Xg3ZEzM9cGhyVwVftKQet2D944JcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAI/B3AAAA//+VpEaB")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000100), 0xfecc)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000) (fail_nth: 1)

1m20.514311132s ago: executing program 33 (id=1111):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000080)='./file1\x00', 0x200000a, &(0x7f0000001080)=ANY=[], 0xfc, 0x2b5, &(0x7f0000000480)="$eJzs3U9rK1UUAPAz+dc8XSSIG0VwQBeuyqtbN43yBLErJYK6MfhakKQUWghYwdpVP4FL8Wu4defabyC4Fdy1i8rIZGaaxCZttP/A/n6b3t57z52TOUOyyskXr+0On+8lcXz6W7TbSdQ2YzPOkuhGLSrfRSMAgP+PsyyLP7OIaBb/JytHNmp3lxUAcJeKz//CQ+cCANyPjz/97MPe1tazj9K0Ha90Tsb9JCJ2T8b9Yr23E1/FKLbjaXTiPCK7UIzf/2DrWTTSXDfe3D0a98dz5/f+iCeT+I3oRHdx/EZaKOP7EfnfZrwQafR2mtVRnXh5cfzbC+Kj34q33pjJfz068euXsRejeB557DT+2400fS/7/vSbz/PL5PFJLfprk31TWf1+KgIAAAAAAAAAAAAAAAAAAAAAwGOwnqZJ0b5n0r8nnyr779TPJ+vraaU735+niL/oF1z0B8qibNFzlMUPVX+dp2maZuXGaXwjXm34YQEAAAAAAAAAAAAAAAAAAADIHXx9OByMRtv7Nx7Uh4NR1Q2g+lr/fz1wc2bm9TgcDurLD1xb/Vqz3QbyXK/cHI1G3MJtuX4QPz/J81my58cy339/8tq0uJ+U4VVhbvVVvPTuRYZpuVTd5OEgue5a7apwP80utWLlNJJkbmZS29H2fjZ5JM6z+Zq2l9zM1i3cjfwZbb24cOmvLMtWO+ed34salTPJpMXGamk0y8HSp6V9uRa/LD9w6VtG/abvOQAAAAAAAAAAAAAAAAAAwGLzX5z+h+MrQ2t3lhQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3LPp7/9Xg3ZEzM9cGhyVwVftKQet2D944JcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAI/B3AAAA//+VpEaB")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000100), 0xfecc)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000) (fail_nth: 1)

4.802217164s ago: executing program 2 (id=2808):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000080)={[{@nolazytime}, {}]}, 0x6, 0x4eb, &(0x7f0000000a40)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040))
write$binfmt_script(r0, &(0x7f0000000380), 0x208e24b)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSIGACCEPT(r5, 0x5607, 0x4)
ioctl$VT_ACTIVATE(r5, 0x5606, 0x4)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000240)={@fallback, 0xe, 0x1, 0xee7, 0x0, 0x0, 0x0, &(0x7f0000000180), 0x0, 0x0, <r6=>0x0}, 0x40)
bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[@ANYRES32, @ANYRESOCT=r6, @ANYRES32, @ANYRES32, @ANYBLOB="0000000000000000000000000000000000f6437689f843c4b867ad3c08aeb5d237008000000000"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="190000000400000004ff0100000000", @ANYRESDEC=r6, @ANYRES32=r6, @ANYRES8=r5, @ANYRES32], 0x48)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000280)={@map, 0xffffffffffffffff, 0x26, 0xe56192463a21952d, 0x0, @void, @void, @void, @value, r6}, 0x20)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000bc0)={@ifindex, 0xffffffffffffffff, 0x33, 0xd, 0xffffffffffffffff, @void, @value=r4, @void, @void, r6}, 0x20)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000180)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0xfffffff8, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x2, 0x0, @void, @value, @void, @value}, 0x50)
r8 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000040)=0xffffffffffffffff, 0x4)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000003c0)=ANY=[@ANYRES32=r7, @ANYRES32=r3, @ANYBLOB="1900000009200000", @ANYRES32=r3, @ANYRES32=r8, @ANYBLOB="afa4dfec21c64ee9e5e9b101eced642b5786c9f69791e424840f0d0c5e1b667d6730a557020a58b6bb87f311459536e13cfe7f4311f340a5f4688dcc361c599bee11b36b4ae5044437afd4ca1a88861164abb2163ab5275c06e541b4b65194cf982528eb9c7f92838bb0e02d3884f12a824ee2ff2e4d2723afd45a66765de8e8df9f2d85ae0988fc905b97af", @ANYRES64=r6], 0x20)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000001c0)={@fallback=r2, r0, 0x34, 0x18, 0x0, @void, @value=r1, @void, @void, r6}, 0x20)
ioctl$EXT4_IOC_MIGRATE(r0, 0x6609)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="b400000000000000791048000000000071003f00000000009500000000000000db74589d4b38cc306ac390649f72dea0e50e2317db042855d6c74ff3491c7e31e3f6c643155a8e2e01d50bc3347475750472cb929f57fa14b769e7f385ba72c60242263c05ddab05e37efe81b8bffc35cdf2ac0d93263ff755d611c4cca1684b1470af6a83366aa430ad2d700b186da622d6fba70000000000000000000000000200"/173], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mknodat$null(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x1000, 0x103)

4.586814685s ago: executing program 2 (id=2815):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
msgctl$IPC_SET(0x0, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x4, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00'}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f0000000200)=""/166}, 0x20)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'sit0\x00'})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000340)=ANY=[@ANYRES16, @ANYRESHEX=r1], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x0, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="0000186df4b1768c36153d42", @ANYRES32, @ANYBLOB="0a3f000000a3f500950004000000010045"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
socketpair(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x89f1, &(0x7f0000000080))
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x89f2, &(0x7f0000000080))
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="480000001000080500"/20, @ANYRES32=0x0, @ANYBLOB="8131020002c00000280012800b00010067656e65766500001800028005000800fe000000040006000600050000000000"], 0x48}}, 0x0)
openat$ptp0(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x50, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000280), r5)
sendmsg$IEEE802154_LIST_PHY(r5, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000000)={0x14, r7, 0x30b, 0xffffffff}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x40000)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x3d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x62000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x1016c7, 0x0, 0x0, 0x6, 0x3, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001b40)={&(0x7f0000000500)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="a1ab000000000000000032000000080017010000000008000300", @ANYRES32=0x0, @ANYBLOB="ad69a7d811db500eb5abb7ef5596edaad268c8d006b784fefc144c78f325b238125e6dec024fd2f1bb65da34486a5f117d01be084d4acb9ca42f8a6e8f3e6bbe142a9b3e7734f685ef4deb2cee550ebebddbcbbab8dcaf431dd21cf828102ebb147e8ce9584cabfcb6f099e4f5bec6feb834d3925d360df10ad900a25321e5276310b4699a10f1"], 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)

4.234628987s ago: executing program 2 (id=2819):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f"], 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000540)={{r0}, &(0x7f00000004c0), &(0x7f0000000500)='%-5lx  \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000490000000000000000000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={r2, 0x0, 0xfffffdcb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f00000008c0)="89", 0x0}, 0x32)

4.178589277s ago: executing program 2 (id=2820):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f00000003c0), 0x5, r0}, 0x38)
socket$key(0xf, 0x3, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), 0x0, 0x5, r1}, 0x38)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00'}, 0x10)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f00000007c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x328, 0x0, 0x4c, 0x1a, 0x178, 0x73, 0x258, 0x258, 0x258, 0x258, 0x258, 0x3, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00', @private1, [], [], 'veth1_vlan\x00', 'sit0\x00'}, 0x0, 0x130, 0x178, 0x0, {}, [@common=@unspec=@helper={{0x48}, {0x0, 'syz1\x00'}}, @common=@unspec=@connlimit={{0x40}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x80000, 'snmp_trap\x00'}}}, {{@uncond, 0x0, 0xa8, 0xe0}, @common=@inet=@SET3={0x38}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x388)

4.054408208s ago: executing program 2 (id=2826):
r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_emit_ethernet(0x72, &(0x7f0000000080)=ANY=[], 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f0000000040)={'batadv0\x00', <r6=>0x0})
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000580)=@setlink={0x48, 0x13, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x40}, [@IFLA_IFNAME={0x14, 0x3, 'veth0_virt_wifi\x00'}, @IFLA_ALT_IFNAME={0x14, 0x35, 'dummy0\x00'}]}, 0x48}}, 0x0)
r7 = syz_open_procfs(0x0, &(0x7f0000000040)='fdinfo/3\x00')
pread64(r7, 0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x6, 0x10, &(0x7f0000000480)=ANY=[@ANYBLOB="1864000008000000000000000000000018000000040000000000000001800000a08301000d00000018180000", @ANYRES32=r0, @ANYBLOB="000000000000000018430000f8ffffff000000000000000018290000", @ANYRES32=r0, @ANYBLOB="000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000000c005d00b700000000000000a03cba72b7ab5de9c566de0b48b5c6d69d3fca4d579e61c4cd7ba0b1ec0fec980266455f0f87873346df8e849b545f3f4d1fb96c7392247d792d1a61fcbcc675d4c1db9cea92b0cb3ff683f1fbab162c8a327642396e99"], &(0x7f0000000740)='syzkaller\x00', 0x2, 0x9b, &(0x7f00000008c0)=""/155, 0x41000, 0x42, '\x00', r6, 0x25, r7, 0x8, &(0x7f0000000980)={0x2, 0x3}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f00000009c0)=[r0, 0xffffffffffffffff, r0, r0], &(0x7f0000000a00)=[{0x3, 0x3, 0xf, 0x1}, {0x0, 0x4, 0x3, 0xa}, {0x0, 0x5, 0x0, 0x9}, {0x5, 0x1, 0x0, 0x5}], 0x10, 0x3, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r3}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r2}, 0x10)
bind$can_j1939(r0, &(0x7f0000000380)={0x1d, 0x0, 0x1, {0x2, 0x1}, 0xff}, 0x18)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0200"], 0x48)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x275a, 0x0)
r9 = creat(&(0x7f0000000040)='./file0\x00', 0x110)
close(r9)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1200"/20, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r11 = socket$caif_seqpacket(0x25, 0x5, 0x0)
r12 = dup3(r11, r10, 0x0)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f00000003c0)=ANY=[@ANYRESHEX=r10, @ANYRESHEX=r9, @ANYRES32=r1, @ANYRESHEX=r12, @ANYBLOB="2caf02f8d238"])
bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="0f00000004000000080000000800000041000000", @ANYRES32, @ANYBLOB="0600000000000000000000000000002200000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, r8, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2, 0x800000000003}, 0x100100, 0x5dd8, 0x3, 0x0, 0x0, 0x8, 0xfffe}, 0x0, 0xffffffffffffffff, r8, 0x8)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0xfffff801}]})
read$snapshot(r0, &(0x7f0000000b00)=""/220, 0xdc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000d00)='kfree\x00'}, 0x10)

3.6042319s ago: executing program 3 (id=2828):
r0 = socket$netlink(0x10, 0x3, 0xf)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
unshare(0x2a020480)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000200080006110600000000000c60000000000000095000000000000009f33ef60916e6e893f1eeb0be2566cd0723054c47c896ce0bce66a245ad99b817fd98cd824498949714ffaac8a6f77ef26dcca5582054d54d53cd2b6db714e4b94bdae214fa68a0557eb3c5ca683a4b6fc89398f2b9000f224891060017cfa6fa26fa7a34700458c60897d4a6148a1c11428607c40de60beac671e8e8fdecb03588aa623fa71f871ab542ff88afc6002084e5b52710aeee835cf0d78e45f70983826fb8579c1fb01d2c5553d2ccb5fc5b51fe6b174ebd9907dcff414ed55b0d10cdbe7009a6fe7cc78762f1d48cdbca64920db9a50f86c21632fd30bf05121438bb7447a4bd344e0bd5b1037b2a3f68e3b9db863c7585509004bb426e1230bc1cd4c02c499cccd73c5339c4ff04760ceb44276e9bd94d1c2e6d17dc57fcbe68fbbbbfcfd78a9f3fdc1f50c445e3f30e703cf05b90fbf3b0e6652d377474ed5f816f66ac3027460ae991e7f834dd7a7fc2a7003d1a6cf5478533584961c329fcf4fed5c945528273dc9753cc979113f2915a3039c3ca60ec53bb1130c2d27fe30e51eea1e085bebabe7059de9cbfc511700000000000000000000007057510278438df47e42fd583f105def70ef488572aa43c9c27694c42b09585a2adce4c83bdaa7b4872226e20ef8f1abe7960000009075a93287aabb4db2ef1b1692746b75764e9f82daea8373f01f2aa14146427ced62dbc75367c908a34c891f98e2e9f0378a49af9530dc291064f4406730c55453629056752985d9613270b880cd325ef274816a6fd3db434d1dab522410d7e469597bf124e8f4a892aa1d65df5198819f145b6493df2318bfc472bc55824986186c6ec51b3f55856d3a78bbdc75caa9104cafaf0a953cf9c069feb5006aa5df85c0bb234500"/676], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='configfs\x00', 0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x46080, 0x1)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000100)={0x3, &(0x7f0000000040)=[{0x28, 0x0, 0x0, 0x50cc}, {0x20, 0x0, 0x0, 0xfffff024}, {0x6}]}, 0x10)
sendmmsg$unix(r3, &(0x7f0000002800)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="cc85f9e3", 0x85cc}], 0x1}}], 0x1, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000080)={@map=r2, r1, 0x26, 0x0, 0x0, @void, @value}, 0x10)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f00000003c0)=0x6, 0xdc)
r5 = socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000002340)=ANY=[@ANYBLOB="170000000000000004000000fe"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r6}, 0x0, &(0x7f00000002c0)}, 0x20)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000fc0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000e80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r7}, 0x10)
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4800000010001fff00000000faffffffffffffff", @ANYRES32=0x0, @ANYBLOB="0040040000c10000280012800900010076657468"], 0x48}, 0x1, 0x0, 0x0, 0x84}, 0x0)
sendmsg$NFT_MSG_GETCHAIN(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000009196bd"], 0x14}, 0x1, 0x0, 0x0, 0xc1}, 0x0)

3.293974722s ago: executing program 1 (id=2829):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
connect$can_bcm(r1, &(0x7f0000000140), 0x10)
sendmsg$can_bcm(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="0500000003000000"], 0x48}}, 0x0)

3.053475573s ago: executing program 1 (id=2830):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f0000"], 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000540)={{r0}, &(0x7f00000004c0), &(0x7f0000000500)='%-5lx  \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000490000000000000000000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={r2, 0x0, 0xfffffdcb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f00000008c0)="89", 0x0}, 0x32)

2.999704684s ago: executing program 3 (id=2831):
r0 = add_key(&(0x7f0000000080)='user\x00', &(0x7f0000000000)={'syz', 0x2}, &(0x7f0000000040)='9', 0x1, 0xfffffffffffffffc)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x3d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x63000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100002, 0x1, 0x0, 0x6, 0x3, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
write$nci(0xffffffffffffffff, 0x0, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
ptrace$getenv(0x4201, r1, 0x42, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xa, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x1, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000001801000025fcff0000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000160000008500000006000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
keyctl$chown(0x4, r0, 0xee00, 0xffffffffffffffff)

2.940221244s ago: executing program 1 (id=2832):
syz_open_dev$tty1(0xc, 0x4, 0x1)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}}, 0x14}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000005c0)='sched_switch\x00', r3}, 0x10)
r4 = syz_io_uring_setup(0x1114, &(0x7f0000000300), &(0x7f0000000140)=<r5=>0x0, &(0x7f0000000000)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0xfffc}})
io_uring_enter(r4, 0x47fa, 0x9bbe, 0x0, 0x0, 0x0)
socket(0x840000000002, 0x3, 0xff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$selinux_attr(0xffffffffffffffff, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000100)='kmem_cache_free\x00', r7}, 0x10)
move_mount(0xffffffffffffffff, &(0x7f0000000180)='./bus\x00', 0xffffffffffffffff, &(0x7f0000000a00)='./bus/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x100)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
socket$nl_xfrm(0x10, 0x3, 0x6)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)

1.89501203s ago: executing program 1 (id=2839):
r0 = socket$packet(0x11, 0x2, 0x300)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r2, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
syz_emit_ethernet(0x256, &(0x7f0000000240)={@local, @empty, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "00cd04", 0x220, 0x3a, 0xff, @local, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x1f, 0xa, "a78c000005dc8080a2030003004003493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34060600000000000000dac15084dbaf736b41e5af0502"}, {0x0, 0x1, "000003000000000026000400"}, {0x0, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf3915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x0, 0x1d, "06aa85616177c61bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0dea07c9a1f643c822a18b79f7c5eba31fb68b2d734a6671e27182aee4df24a4a5cf390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5ac010000000000000090aa235a670670ffc5dc49dfb58d00000000000000"}]}}}}}}, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3}, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x5, 0x2, 0x1000, 0xffffffffffffffff, 0x800000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r7}, 0x10)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, r6, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kmem_cache_free\x00', r9}, 0x10)
syz_emit_ethernet(0x1011, &(0x7f0000000cc0)={@local, @local, @void, {@x25={0x805, {0x0, 0x7, 0x23, "7dd40a1c2599248983556d06315dc64c7a229e8c8a415b1041c36905bdd8b76f5dfc54391548957c536ee13a0b6b5e3e9e54c8f7d202ad30e2f4cf08f16f60fc2e6ca3b657535b8118214a1ea54d2c10e0d894ccd35484cdc4d69710a299bc8d6f485d90fbc09eaee18fd923afe9cceb8d9669d63685bcdc3570d986bdf20460787d086a5af26d2ef066931c2b9684fb737fb9c4842c537399b05ccfaa6c7a72ee4f53ea6fd7a2a22003d6b60e2aa3d6b08d9ab45760c3a71e4d38baf8a60e93237585cf60b1f692e2cd55d78266ef8d99da0555fc0b3f5e2e985a8008274fd409e27c65f0226fa37d0c18d925abbc981fafad72a02f7d48807d0c7337a59a4640d33cb091445249c10b437797384f9f6a00fbd3fb8fae4d7be6df14ece304816e757ba5ee3241aa133438f6e56f34f13b93f40cac99cf14d7673095e9edbf28524bfeaf2dfa2eca13dfcaee4691300e3e7d2f44a30b3a74e8f893874eea7d7b71accdf222df2442fe4435ba610fb2dd8da148e0efcd28fa3b99237ae7c31975d381ec7895af7719e624f220eb179516496461cdbcfd6369b92456f3c25a871eccfc63044968e131b100ca9d8d69bad8e20f26752114e01d7859a576728507fed48ffecd4664d502224b93cdb3fcec7d6d2ef40284f417252ebaa26cf859eb8e6322f5d7fa49b62dc308a4f997b1ba6d717ac8fc67b271ec0062b3b5dbcbc503e6ac2cd09bbc79c3e77228d60f5fb4680a22570f0251afe282277cce689e3b2a8ade02f7bdb1084624861b7350c91612ec5792dbd96f45b63074ccba1a5a70bd8627f0dfdd0246279add14629fc3157e4ff4bc8df94c982be0013e10555183ade2489954dec794bec955ffc5e51537f79d103957337ef065066849f393197e0fd9e1db5d2985497c691dd32fe64602b7ca9b78be7a42df590db62de48f4b14c382ec1bb821177f7c8a0443fc41ef6b68f660c83659ce36a50748116c3749f729213fa02135bfc3c2ac527c54603f7194943d66355303400b73fbd250c0b85c64fb76984ef5f223078bc2d7ce037c545e0e1ce679034ebd50dd1fd74f661123a9bdc46537d30a5492f0d619c2df7ea27591806184315e6397111f2c207c1df3d7de90f1b8c0f8e392b0d8ffff35582cd4049033ff03fc0f37df7e07249aa09d20f469bc83fd4913c2c3484df165d6f3906c339a900f5b4bc6a5a6514c08390956518ba54dd14c9559362478d648a4f1eeaede1b95e38d1510a4a969eca9e997a56d18b6278a7528049a3e5e2e63c80bb9a3ceee87f6f99921e399b3bd1ca56e5402c94aa5b9a80df239d8a57475c05a5241b231bec35c8c67751e8c91e6be6bdd14c452eb167d1135ea3d03727ce92784cb69208fee5ebaff5bd0cd641879b5441580b6fbe5ca1c2630651cbd6755cea6c95c44544b595bdc2ce2b59a288a9b205b712130e2e5806f50a8bd64b820ea06b9e339874cb427cdeb954d8c48e67c7605904ea8e8076185e3a4ede01d699b6105d29276add81e124c5244f75821e68ff7fa672e49b929d33f84789ed5550d0e9bbd6524356f36132576fe29bc2adad93d9904364c881f3239cd7d61abbca21478a99ba79e802f1880b2f3e17584ce7bccb1d6d846ecd33997c01cbab5bffc83fc00f48f97cf2b597866f87889d48591e194aecb8a3d2034fff8fc52803224be49bf5744f151d3edf378e8fac6f96e3d9ada060f85581a55bd75e471a61eb608ed4d1b856907e3179d3431968cfaf90166a6c7491438db231c2effb3aa1a317fe08e3f303dc4242adc5e4aac097b195192e415666ccbd6e6e16fdef78a94f2928123a87afe198a87b86114f4aeb04a0b4559046f460f77d31f68eaadcbb97b11b46bc5a1ab2813d481b5f4ae987acd97d89e208768d1dfa9d523214774ad80f5acde736b7c060a07f317d3deaff9ffcbd300f4392e8a0126ea3f38dda75fa06b5a9e1d3595b020305266edfa7f9f9480a46a625ba08212dff07fb22839a158d30b00b0dad55623b3b89ee4b75a53e0f1ecb983f2d9ab92eea2c6585e4e7c64f1c47b24be27d504c5db5044058c89887549ee0d289187ab09126c4f309fb7e81c1cb66fea9d9b69bfff26618d5b3dc42321a375a6fa920b7d56fb63955f97b49dd0542dbe42ae59bebdd0eb1c59196f34492b33f9d94bb65e0282d2c06c64cd5a04c3a3d9c2f8334b056d00c4b5f5710756d30fbff8104e75c5bbd490ded535157566e9f3ce010ed2a4eccc022680fe90916a67aa6cc84f433a9d735b03672097f31cf26ce1c4ae0c8b8abd49d20fcedb67cd0e5650fd765aafb07c8cfe99ffb9ae0d8841ee5557edbb37cb80c424d6a6fba846053df63504d440460a631a009a5337e00f34be955f3234770a49203150cd732ef994fe296337303cba0d68627bae51deb9610fbfb865a0ef15882856a18ac8b1714646083d9358b1f0c12e9e011fe496aba9c09f2bbc054ec4b46e33b5cdf28fb6d771d500801ce1164d57c0c12315330c7526eb83e44f74ec69e42895317f20b7fb63e259b6ba236b4f7dd7b9f3a070254aad38aad6ea7c98b9daa168350ad32931dc4ef1c0e9dea7e36bfe5e54715979c6db27eba9f652618bd7d79bbb3caffd2ba9252b01a39f771d57ffdf1ed19ba56f91f22ca184497dd71db9b27c08825f38b7ab8f7c698147ddc5a14fff0f470d6fdb852ebcc4a52a3c48a54412b37cce5165297655a6e4963a3f368a12c14af12e50cab6b9c8eede8530b1d93874bf49e014676a82537cebb7ca16dd2e41deab009e051c7a0b0eecb30d33357ca38b0c436335a9f79e7e97742994b040a7fd462167765ba48052308f56af436c8140362ebc9f8fab6e2e88660d413fb57ecc640cfa248d9f64d43b6a2d49ad7aa6080db808158d493cadc269cdd5ec11563d478c0029bda9fbbfaff5d7f320a700c901adf6b74b17251b1b50a2f7bd1ea5f570c49b9c4e17227739e4a78e1f02c917540cd2597de70c8bb1f83f75a7efe8faf2ab8567e3fcedc0f9908d8b490a52ca75f026eff4ae7444b5e1a478bd761fe144576c02b0fc7c2e373d4fccf7230fce3f1dbd504ae991558300715e1aabfba64bd06038cd6322a80b1639d0c7f5796cb7b97e9405532d24f246a5c8a5f52be1a00d8f20f3f5409d4efb85a57daa3c972fa876f9b5cdf6970d86b2c6e14204e579629a50f1e1c31f43bb4acf905986ad3b3d576b4a9cea8bb54b90f0027a4d9174f4c31bd1c3227978a8975d0fb2e3776162365d5cbedc1fe2a3cca8f7ff59606a1c77c17a2e395135ebc06f60b4c2c8848e943ebc155beb81de94d912053eac73c14c22745066e9cf898357c5b0ae5bcce1999c1c6af939c490a468b23536d68d7af7553dcc5bf9f59521d5a7260f9ff5568ede1e9d1f580f7668467fea7a78152328d1c5df2b0dfe90830dadc84a481321a55dc39ada2312a33bad20697d88951b44a9f9413bf2e05bd70c19565bf9d2f4f68c3971029ac6631619ef99911edb49acaa35899daafb10ff5844ad788a1957b81e9c5d77887b149cd5a58cf249070a2da4b5797220d3562bf7d995bfd336de8c11a697c6595a83f1d5e251a478db8b070d25138ac910e6fd692977399672885c2e9e25400e3042bf758b50918e77ff6852d867ccc9d2efd602249b8a65a3cd5221b818acd0c65f8071af08b209eaeb04f0e23d688c7ad78dd745934674da2f61dbcde27fee50ddcbc20d437d1268c706273b813f34a3f2da52e3593d438f9690859f79791d63c36b0de6fd64562cf67f4b88195cce4ee76989ee7fb37c250bda74e8ebfb475da087412c52bdbb0dafbef375e6111308b9325ab0ea81d1946774c19005cdedea20d07ffc02514da5575cd9882632fc2a53ee5f234263070e0139a159aacd528ca088bdcf648fbce2865a691a198caec5cae094f9b45b3266c45a778e46cef62145b446a2d53b0aa397165974c840d16f9353b9cb5cbd5c32591f0d6152377d10b6afa25f5458d9a401a95023dec28f09b6e83c1fc8e8c036eef81d20cefeda4f84b5b845298003c83e1e44027b38ef8c112f10ca36b6ee4641564f8cccc81ed80bc790519324ba689e4b339ff05cf797e73ada75f0bade759e2563e518a021d8709bd1513cb9a86007570ab3d8cbaf092333ccc2a9c6e8e4c1343b61e405ddace3c17c8e2c2c263e722e4fc54ed5cad1e0f84cf1daae8a9da64bda5e6e1fd6a4ad22e490e7c10e4c8cbdb28eebffc2820bf577a60ba147a333367a77a77f4172939a6d499ebb792a37d2ff8184b7cce30fad358519aca3de88e31e03f53d9e51007801fd763cf14dab6d54b9c939af51f852cd9dfdce0eff9a2350cb7762073486ac43535d7a99a5df045596fefd338e0f0ef350d7df72315d1f46ad9a673da3a68c8dc91212efcb6492ae9792efd2307b7c8f4d05fcb7e25450c4dcc9d592727ee611616faf927a4e4e7b621796d904d575f1078b299643c5cce958dffe8d3a565dc62b067f32dedef1fdcab2e17310ae72c06ddba25d75b2280f2360a9910e8994e2d475b3b0d3e9b11678c9707fb53aba0710d4a007569f4dfb32443d25a89ca305906fed1651a3ce875c9da2c3c87eff063dce2b50a4dc125c2c07096285ee19dc750a62cd3d227fbf94d376ce29dc1c88edfd1ae18405acbbea7ccc146c6b50d98843d5ba529c7c580414084558845b29ec7e47d158c26dfe5a86b724cf22784ecfee4a74665b73ab76fd738d5b23e6d085b664899bde805eff645189d316cdde57e094c2f88cc6395f3a492c08843a8541254479b425dc20f565881018e4c21e64890fa04ef8aec58d1c9a4526c638b26d1fcbe2ec995bb0ce9a95a690b377d4466065ce98ec15f0c81b6e084422927c8f14c7b620d6fc11ccc98c31f8c667b8e9eede6b9b94f72b8b5b5035a23e995f198a63f9f12a393de341e8488b7dca0c9a358f09a5a1d3ecec8e3cd40de37718f64a4e63b47706b39ffcbf7b3364505043f7768c57fce7c635f7b71386b8badc863bf3478e715ee0a399b123b1ea58aab419235853b254710abf479df565b842b436ce72609d77dac624ebadf37a68ec10ad8d945e1674fbea59483930c59a1e5a7135eea89cd6ea53f63ee620f591306f402f8ec16ddd01e3b6303499804c53f80483734adbaac92f9dd89b2d808537fb7e169224227a95ea2e15da096ab25f1b33970f3a7149793df024cfcbd3098b0fe8b870c1f0eff2afcccd23b69fa7c8ab26d2962bb732c38a2f5911aed0af5c8fa103921ab38593a3bb9cbdac7456b4bde5a6c0bfec58d3f460eec3b48950fbcec81ddd4840a69b54791bed1d006ed297c3ccd2cf728b2ccceb1b762a6aa9a31e757d2c41a574d166816fcf2aa624be2be554ec3f800c0b26df89c69d1a9b8f5139ecc7314087d7aa1319665d6cf1687f552079f8a0ae86b647e4ef3a986b48b1a14c1f162f25d37869e7b42bf280a6ba3cfe32707073a103f3bcce2849a21029bc3f7211275b6bbecac468c23c7d7f2d8a21b4936d29c87dafcb9da0e95ad596cdbed60fc634aede37e3301f89a971b643506f559120d41ba152e4fd82b9824d66a7fd6aae1dc076b07d7ff3b1a38f427372544f414eef560055a139837dffa840e8cb23f1f192fdd35c6195e856f181d31ab8b7f6d47af92cccb4a16e92ba3dcd85f4b96db1e5f08fa61489ec3bbd1b9aaa0977a4f07436e920aba095d4b432fd9164bfe46253473af35f98bde738b7e52b9e033db7419af3b26896915e0dac0a51f08036ab976676142c04367ab51a"}}}}, 0x0)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000c40)=ANY=[@ANYBLOB="580000001000010009000000000000000000ffff", @ANYRES32=r5, @ANYBLOB="00000000da44000024001a8020000a8014000700fe80000000000000000200400000000005000800020000"], 0x58}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000008c0)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x10)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
r11 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r11, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r11, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x1001}, 0x4)
sendmmsg(r11, &(0x7f0000007fc0), 0x2d, 0x0)
r12 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r12, &(0x7f0000000080)={0x18, 0x0, {0x4, @local, 'bridge_slave_1\x00'}}, 0x1e)
syz_emit_ethernet(0x3e, &(0x7f0000000400)={@link_local, @broadcast, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x8, 0x11, 0x0, @remote, @mcast2, {[], {0x0, 0xe22, 0x8}}}}}}, 0x0)

1.891297699s ago: executing program 3 (id=2840):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
connect$can_bcm(r0, &(0x7f0000000140), 0x10)
sendmsg$can_bcm(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="0500000003000000"], 0x48}}, 0x0)

1.568236141s ago: executing program 3 (id=2843):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000002540), 0x2, 0x0)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000002840), 0x400, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xf, &(0x7f0000000000)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000d00000000080000000850000006d00000095"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f00000000c0)='netlink_extack\x00', r5}, 0x10)
socket$inet6(0x10, 0x3, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000640), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_SET(r6, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000680)={0x3c, r7, 0x1, 0x0, 0x0, {0x2c}, [@DEVLINK_ATTR_PORT_INDEX={0x8, 0x58}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x3c}}, 0x0)
close_range(r1, r2, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000140)='mm_page_alloc\x00', r9}, 0x10)
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
pipe2$9p(&(0x7f0000000140)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r11, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r12 = dup(r11)
write$P9_RLERRORu(r12, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="1b0000000000000000000000eb40000000", @ANYRES32=r12, @ANYBLOB='\b'], 0xfffffffffffffcef)
write$RDMA_USER_CM_CMD_SET_OPTION(r12, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r12, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r10, @ANYBLOB=',wfdno=', @ANYRESHEX=r12])
creat(&(0x7f0000002200)='./file0\x00', 0x80)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

1.210749563s ago: executing program 4 (id=2846):
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x2e, 0x0, &(0x7f0000e5f000))
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000002c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
sendmsg$key(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="0217ea07060000002d49c3e72acfbd7080fedbdfc2f54befeabf250400030000010000060000000000000001000100000000000300"], 0x30}}, 0x0)

1.124035614s ago: executing program 4 (id=2847):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x3, &(0x7f0000000100)=[{0x5}, {0x48}, {0x6, 0x0, 0x4}]})
openat$rtc(0xffffffffffffff9c, 0x0, 0xc0000, 0x0)
r0 = io_uring_setup(0x175c, &(0x7f000009df80))
r1 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x41, 0x0)
write$binfmt_aout(r1, &(0x7f0000000b80)=ANY=[], 0xff2e)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "df3f0400000000000000000000000609000040"})
syz_open_pts(r1, 0x0)
getpgid(0x0)
socket$kcm(0x10, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
gettid()
r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r2, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f00000000c0))
close_range(r0, 0xffffffffffffffff, 0x0)

1.079229674s ago: executing program 4 (id=2849):
syz_open_dev$tty1(0xc, 0x4, 0x1)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}}, 0x14}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000005c0)='sched_switch\x00', r3}, 0x10)
r4 = syz_io_uring_setup(0x1114, &(0x7f0000000300), &(0x7f0000000140)=<r5=>0x0, &(0x7f0000000000)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0xfffc}})
io_uring_enter(r4, 0x47fa, 0x9bbe, 0x0, 0x0, 0x0)
socket(0x840000000002, 0x3, 0xff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$selinux_attr(0xffffffffffffffff, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000100)='kmem_cache_free\x00', r7}, 0x10)
move_mount(0xffffffffffffffff, &(0x7f0000000180)='./bus\x00', 0xffffffffffffffff, &(0x7f0000000a00)='./bus/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x100)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
socket$nl_xfrm(0x10, 0x3, 0x6)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)

1.078853334s ago: executing program 6 (id=2850):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000440)='rpcgss_seqno\x00', 0xffffffffffffffff, 0x0, 0xffffffffffffffff}, 0x18)
unshare(0x60400)
fsopen(&(0x7f0000000000)='devtmpfs\x00', 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$selinux_attr(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5, @void, @value}, 0x94)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r2}, 0x10)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x200000)
r3 = socket$netlink(0x10, 0x3, 0x4)
r4 = socket$packet(0x11, 0x4000000000002, 0x300)
setsockopt$packet_int(r4, 0x107, 0x9, 0x0, 0x0)
write(r3, 0x0, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x14)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='\x00'/20, @ANYRES32, @ANYBLOB='\x00'/19, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r6, @ANYRESDEC=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000001040)=ANY=[@ANYBLOB="380000000314010000000000000000000900020073797a300000000708004100736977001400330076657468305f746f5f68737200000000"], 0x38}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route(r5, &(0x7f00000003c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)=@delnexthop={0x20, 0x69, 0x0, 0x70bd26, 0x25dfdbff, {}, [{0x8, 0x1, 0x2}]}, 0x20}, 0x1, 0x0, 0x0, 0x1}, 0x4001)
syz_clone(0x40100000, 0x0, 0x0, 0x0, 0x0, 0x0)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000300)="2e00000011008108090f9becdb4cb92e0a4831371400000069bd6efb2502eaf60d000100020400bf050005001201", 0x2e}], 0x1}, 0x0)

1.078046244s ago: executing program 2 (id=2851):
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2, 0x800000000003}, 0x100000, 0x5dd8, 0x3, 0x0, 0x0, 0x8, 0xfffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r1 = socket(0x1e, 0x2, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000480), 0x4)
recvmmsg(r1, &(0x7f0000006000)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)=""/246, 0xf6}], 0x1}}], 0x1, 0x0, 0x0)
sendmsg$tipc(r1, &(0x7f0000000200)={&(0x7f0000000c00)=@id={0x1e, 0x3, 0x3, {0x4e20}}, 0x10, 0x0}, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000013860000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
r5 = socket(0x840000000002, 0x3, 0xff)
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x80000, 0x0)
r7 = syz_usbip_server_init(0x2)
sendmsg$unix(r1, &(0x7f0000000440)={&(0x7f0000000340)=@file={0x1, './file0/file0\x00'}, 0x6e, &(0x7f0000000640)=[{&(0x7f0000001e00)="da314a4331f49b6bebcc7e641186ece6d0f352dd2906679588211b558d0ba13dff842eac213782ff4e6b995303001a644d263823e847d344e38eb29f32391c53fb540331e910f947464edb1f2d8721faf170fb5dba8449c77f7f8f5c3b4374f016f19ef7e20b7ba7f00b7031debe42d11e3d3fa1e537033aa039d4cbaadd6a513da1c6dc5fdb9f2765510dfcf713a74a9f1665d34f066ae92e4b11f30a5951c5455f1634b305c637212db6030ec64faaafbc1f5dd37fce46b3bfed10acfd2f6169515ab800e663eaaa2b3f151d1266c1017f8b5df7030b2f02d53614e60873006927ac0ad818a257a9b599ef4c9e3c9bd310286d9629c56fab4d73d26a35e4b2ded37c5c54601033ef53d4ee3e5fc3bb20004f013ae199f2c2b1fd2247bb83f41ad18213a5493596779a39dabdb37cdc7b77db75b46a62ef81ea8940c8c7f2d8a346d1b996bb71329eee107c684875d3c4763ca7ea4cb54d3efeb3db2924a4eb29c48abf49d571a033cf9adca09572e4410a5fc2aa48f3ff1d64d6621fea438a1f3da35126e9854ca3e66fa59c8f2e18f3251943861d4bb8bea948e20fd1aae2db3765d774a09d54463865dde9c8486d4425a12728540c40d3d5353e129d4af24960e4299fec8211d312f02207d0c98e76048f85c7773a23dc1380a3425a37deb3a180e435bf5eacb5e137076056c3ed7a7b32b1f63aaeb3d0db95c2bd5a0c09fb5ce0ec2db78e04eca13e2afa829b92edf4a7703c66107a4246083c878595d4871b13c99e15b43d7247a2f783ba4c62db81a672d1670ae2d70c949fefa4041c9c01273759a51d55f4d771c98c26e368137846075e795e97bbd3b590267ac94f040fb96e9c85b7a01abc62c561160a74df7ca1b4c6b16af9c14e2428e841d3726870b680fa2c47416bb6b7da63394e90b157618b99fa2e69da5685a2dfb9e2296cf75702547f64920699c8756a30cc9b52d795205bbe681cd4d695a1215eb85f5ee31c8432a3fcfd4b430613fc546f692f8901ca60a327234aa8de9aff7221072f3ce0ee61669f9f75e90f78b7e9a4d7f51875d0eb9fa98df7c7d44261b21b084c90b0e6b7bc71cfe187dea3890c05bbc51abab36bfcfe41c4dab1eb282ae305e348ada7569f51baa6825c254fee47965413790acca944b612a95b8900f7bbb58a878c7f8a73beb39871fce13d2b40d72dc56fbd601f14c9a368a9dcff71d8c23b8fd49b686fac4eeb8fc1f4efea36ea505410f44f36787a5217dfaa80e50a2446619046fdfb47e194fa29e2db651d4fea44e66beb5c1cc82cf4f780a15512f2d78211f8470a2dcc58ebd3edeb548ca69fa99f414f09cca390b975f19a0e1bf55fdd97def5cc5f9beb6fb235379343fa69bea6c6cc25a3196122a625fe40df8ea7d2da28b4e6efca09ba4d7b292d8b152d4880660cad1e5d48becb1f4961cb800e5befe97188f4efc65da4be0baa1f602dedb8d93bc3fd45a417c5f140d4fe4f1baa435aa0ed0dd154b4fcb9bbf2b85a0972cd741f91c32dce27259e7f87ccfa38d5f8aeca2b55f9984ab1bcdfc3e43531bc3882b938278f8e2d33b93c49353b340db19c75ef23016ae293a45e9a03c6b6e2ff100179eaef94f3cc497985bebe06631daf090473eac1f50f6365cc48e6a6ecd361ae08de1fed299a1887df82ba50117b3f1009b210a09dbe84a685bd256a1e8a6f71a5a1e89f0d7bf968b5a491b659173bc707aae65ff37fd708a483fa7101915d905fc620ea10989b760b05ab6a203fa0f314670ed019fc095f4dd090e6085e7322e24fca208e5c2d340c56f70c844bd4e6713f24f71134354f16fd1e57a37b4ba8d9a5c8c55bfec51cc3097e434a72ea7c37c04888ab2bc146af3d2ed81d75a4fec711587a324ffb2cddf9e897e9612edabe313916dd9fdc87245ec213ada5e34d73b84dc06c8c126efbcb31c6e2a3ef3f2a0809176dd0bdc64105fa56eec11c987330e8dc1ccdbcce429fe60f638a56b053339071f1181c38c11b13d17f6eea584dbb86941d7f0f5a2082d26e326b5dd56dbb7690e90ad743c7b7af80c0cfdc5e25d255794a79bdf57e47f8b53eb9f3df1df38c7861016be39e9ff4e5c64d67713f81fdfe3f9e00bd13c9c95c01478f59d8415b1b13f27301935aefef508b2afd0fdd9403c8999d5f713fa713f700a57e4faea8b6f37c4781c1b3f5a1abc59addb314d0de6d03ce446b0c5dfbef827017077591377890365960be733ce9113e102051226a2fd12901253de501b346298bee921a12c8ad7928b7f2263017506edbf81c7af7e2fde93e53a56d1d0397166c42627faa652a97bc8e5bf81f7ebbdeb33c6fad20dc5f1091c59020a59a49610aa645859dd8d689ae879ca859dcd7a9e7748001b7978f98a305bb53e8c92e3915ae4753d145d95ed23f56b38fa7b52596fcfd4aa4c4a346207902ebbd325c44cb82273d380ceed857f845fddbb54fbb6cc90d887f44ab7bf0a25ca6580275566be52a42f20da203cc05f96fb63063f69737f72e84b52c7953834eab006b909b34b0207d32c24c40221c97a9c59d66714b20384eb632ede4fc2552694fb8e78ca2889a74c45e440b73c7667d5e8c4c13cfdd2860a1cf1306415e0b29937b8a0452772f223b67393076d2b523ed5f27680cdbb9b2a86ef5e2867fafffaa7cec37e01b1d148b2c184cff3c71fd11984e3ff0110a28daa82b475bc60c9f43916837157485f8594c9ea5c0cff3693e1b3f47281cfebfb7edd40266a76f3492bb0bb26818ad96df577317bc02c7ce008ead7caccefb08bf5d5848599d701c953297f4509f0614b874816988257359da7e4ff5b7fc6b035a06c8bd1bf7df5461650bff0ea05a7e7a9860e33d0cb52e25c7edcea4266bbe5f711cfd244fd767a2228d386452ae88188f8d70400b33cf6bd048eec1070699c7ab8041bf69144ce87f90458f3fadb0b0b89dd0829c1a38309c2058cc238598b3625e011e3c90c27fa61ba6eb103944739443159a9b4efb7a1fa687132f0b33ead50498a1b67ac81bed04a5b8bb836fa624b677a3397450ab7017caebf5ebfc818ffa5cb70b996cec9408654666a242a06bdf84a71a39488954d078586796f0282a759fcafeb4f41c8445ca36ba3610886567fcb959cea04be32ae7ab8592a579dc40b26a626fe4d198a51abe0f4da66eeaf514d6b596909a50114a31c04d27f01785132f194619f423df5a9bfc8208db308f7645b89f3931390ef3748ea21115093004e8f8609ef85400027dec793d0439d0ef3c7a03660e58472435619d524cbbd5ade943f6f101c8141471e8443ea5b684d83a0467f001373bfd0f9dc82df45b348e73de42733ba6f38b3ef66677a656662b0618ac47f2e29db2dde33fbdfa9f0d9799e9474f670abbda3833ad3df5361527b4385f4066815f50c6f00939a19309b39cf6a3c30992fdb9528569af5ac59a6d231d89f8f939a7d8436fc64412b47220e3b343cdc4135823f08789d257615aec727f22a25443ed51a5ef6ddf7f7d48ed7c6859791c381a0a03c8991ed1912940eedb5f817c20d7952bc937284e993251dae254d921028826beb6b8a6738ebc45e322828534336b08769abc3af6b032f61eb4ec31f43deb770b212582688920ed06afc7602ca5d0add179f5399b5c812a8dad969899a54d97c43b7655c7ce255ed35c9dd06f50becc11dceb9f446d73a0cf1958c9550d37499d691b42c5553f719a280d683a287597b1aab4c5e9c3538b7ade7f4f69801b01058c6b584c870f4ea2ccb8b21faff97ce13ecd74e97578d491c98547c0f7c7ef8f73a0baf13f648b4fb72fd36029ebc9ddd71e1d12b9c7b9aab4e0089f14df92e97cb33ad856c90cbc31aebded6a9b6c53fcba73a85bf9fca2ed483d9058e9a50c285e130435f4eb26f1b905e9330205ffeec51aadccede04b88474b1585851efcce0bd7932e1eda6b142bde2ef17be08d55a6e1d0e82e864498179e0979fea2c2acaa44a05dadec50ed5538151e2596fc9ec79e5ea93c8b4f769499f8d1c08fbc1f1f6323907157df233d30e9aaf07e571162676d4ce25477197692f44faa59c993e5c7d0d3e4b8586e538a026300abd83f7b314bf559276afac705bc3b2bf2842be7b9ffb9b290057d458ea8b0a55062a3deb8132235f89299beb97a34c46a64267c722a6e4db2d9f8b9867efbf4d78c57a0951525cdd76a922a6b7953b429bf434fc47378e4ced157fcd2eb3cc7bd75293aaddae6ed62f6038016c7a845d3a0003aafaabd83ae35012eaebeefa9b096166200a70de891e2cab4c297e6ed548b699e20e0483a11fed5814184bc5ec98dc2121e8b054e018dafe2eff187156c681728fe422bd5a106663a6be2f7cba391308c29c2e84b2955aa6671702f29285f96bd982f88e92b66aef711b9d067eb58f3476efd56e24b3a34fd5f3372d1af3510b8d5f62a92c677f99fabc5605721f486cedc7703ca026d44a047c7eedb0ccdfec1e4bb6ce35fd7315bf3ab8de8fd6c7964821580e33f3d9c16de34f648698bd9f8a5873980085530692d0a3900d5474fc6c0e09e0e1ccc32c20e94b6459240a89965ea5597680077fa6593eeeb66d374093987c7035fac51a76553063dcd49e1818634ea34902faeb69fc6c12426116d74242522921478bb49eea586df382337d0543f0c993848119d15eb83afca2ca986b1d9a801e4c6dede2055644f474541fceb7454120b333c6ccf5a8df36868228ad05a3c28778f4ea3cac4cc9dd8ccf044905fb7d4711a0eaf50a57235281725b16a651d6935b3aefa0d973fef63ba63cbdb9c1c304e6066122b51af535f04dcf189be25b0d65e8e98a825c3021acd9ecb6e3924ef1befc27cb566ec85d7ab949c208df7f732d66ccb54c56b1ca51c8bdd881386d8c3637bcd00882574a07bee4066f26a8df722ccc25e7cb592ca692d179694c456678b1fbcc57294611dd1bbdae55b437d0162c77cb7a1bfe16f91bb2d08f33a5709dcf2df4f16f856a070279a95a969e2c729ed6831d38a2c894d8ee09f9272d56b0d3242c8ea995d6c90c4cce67a0de403ca737c1668a0ad6f0d7c6dfa29bd77d23cc2b1c95c1d21c4717feed6d162b7080fb35234779f619468a3d2348eddeb5e79bdfc62ba6d7c33ee2ef1eb9e4848b63bcfd0473793c7c091b64591b29f2e670a35ef7fc9f5087d26cd8156e1eb1ebdfd425604b3661bbb762dda34b493c6b73d98fa7b9ff067944a5ac88d56844d44c55634ede59015e56d682dcca977225ee1ce7d84252d57749964f9dbdef5d213f861da007259d4aab033c43690843004f1c17787bfd4d6875037098e995fc7c4ab2c6783b44da02f1b93a095523fa35433bebb27448abc4de9f63d4389d67995a5f3d014455e62e27968cd22ce297238f7931b736ad46074d9134fc03da18fa19dcf41d67e2f2b9e14292ab73b1175e57bc5d91005540780e317b5f5c12d1c2324e42704d09aea6aa6f20623c006f2e6b7c55318f59cc67302ddc7f85720f16319c2aca2e999a6a06bbf8330f7378191c8d9e4bccae75df36a18671e3ab484f446e85545e3183d4ebe22b9f6abf3f751fa6912b092a6ce84de00fd3471dd0b5605e062bf473cc833848eea28442af6675274a6da5f1bb82c0a1ed292e912acd60ddbdb14c4149011d8644096f70e44337a0a8d2cb0c5b8d986a2bc825b415b8e93896a9c4bc1eea4251ba543b2887ab78728e1ce7039254bc3b8b42d8d4a7179c1fe138092602fd9d8c77e50c9619add1072f35939baffded1bacfbf8c5c219405b9f298", 0x1000}, {&(0x7f0000000780)="c9a1f0a9e38593081bc05994b36ae04dfd5aef0f85fab912d8adf77c7ad0e6c4983c111fa82f1937f91604343efd273a5a924187af8da3cd1cd320f627a322251401e27c5a6b2c8cff955b8a973b4606366437a5fd3edc3a4c0545f04d5c77566b70d81291dcb187c0b6f8b2b26204ddaeceadf98a5862fc06044d9e8a50f33b3727b1358b125d3c841402431c2dc470b762757a88718de1323623bbde6e", 0x9e}, {&(0x7f00000004c0)="e250b08531187ab70bfd5aa409cc91b7df59ba218216cc4176d00f4092cb802e0661d7711622f898268e040a8cb35539feeea9fcc800cd3f0dbc15c75e861f93b4f1855da4b0a852473e", 0x4a}, {&(0x7f0000000840)="e9d4c83ed2a25c469c75923eea7365b30e65af1295f05f44bd6113567c41b16cfe84ef01ab7e43434c58b44728dd49010b0f6991fa8461c49d0d4697681fc0058c33ae8e7954a87fa9aedcece6187a9c600ab4c35f6356", 0x57}, {&(0x7f0000000900)="65db76e5a672bff21fa90c1bdf86c5cb1a46634a6eeb3ab50cc09f61423dbd471b4fd9985066147967c7ab8881a2e761505f2f0395494f2179fe79894d4c4755e7dac7e816ed26bf681fb4b49775e317b32ab287846f6f5186b62e2252474c3ffbac2c7e699a6b8acfef9dcb16232a6ce7eb52ce184ca09f4cf49cc0198d725ba2a90ba7ee31cbbd03dfdc29f64e822757d322462812ac3617ce44aae9b22134660c750cca1e0a1a86be4fdf3f52349b3edb6e921ef0b2fb94e17fa287bc5d9acd37efd134294c04168e83638a9ce914653f0a", 0xd3}, {&(0x7f0000000a00)="9a218c6ead8e5926db66fc344ca2cefdedf5f2ebafd91cfaaa87a702c528855e5d5e681cd4c27f09b64c2b6821904915b8370356b2d158e072bc09ca131ce3e44efa3e24eefc683cfd1c378b1e76db4b9cc176c3b85214a5429bf5eafcd323a9c810806b144912d19522987710648fa7a68ba68d01bca67b11b70c4a4f4271877b07f29e427092059cbf62957a620cb588ea0892b388c75c14ddf6db06e79febb038cc45bfad0ba9efab9aee4c2a402e6f99387283a1caa640c894a198b4a3b73298fd119bf2f154d5a2ba0bc4a8a4cdc255895e0dc7e2979cf6fda4de186911ba7facc4a9c245f360", 0xe9}], 0x6, &(0x7f0000000c40)=ANY=[@ANYRES32=r6, @ANYRES32=r0, @ANYRES32=r5, @ANYRES32=r4, @ANYRES32=r3, @ANYRES32=r1, @ANYRES32=r7, @ANYBLOB='\x00\x00\x00\x00'], 0x30, 0x40000}, 0x20000014)
connect$inet(r5, &(0x7f0000000280)={0x2, 0x0, @remote}, 0x10)
sendmsg$can_bcm(r5, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x80}}, 0x8000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r2}, 0x10)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000000)={0x27}, 0x74)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000b00)=[{{&(0x7f00000000c0)=@file={0x0, './file0\x00'}, 0x6e, 0x0}}, {{&(0x7f0000000e80)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000740)=[{&(0x7f0000001dc0)="bb", 0x1}, {0x0}], 0x2}}, {{&(0x7f0000000580)=@file={0x0, './file0/file0\x00'}, 0x6e, &(0x7f00000006c0)=[{&(0x7f0000000600)='z', 0xfdef}], 0x1}}], 0x3, 0x0)
mount$tmpfs(0x0, &(0x7f0000000540)='./cgroup\x00', &(0x7f0000000580), 0x0, &(0x7f0000000000)={[{@mpol={'mpol', 0x3d, {'interleave', '=relative'}}}]})

911.432505ms ago: executing program 1 (id=2852):
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x3d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x62200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100000, 0x0, 0x0, 0x6, 0x40, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10)
r1 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r1, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r1, &(0x7f0000000740)={&(0x7f0000000040)={0x2, 0x0, @dev}, 0x10, 0x0, 0x0, &(0x7f0000004680)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f0000002bc0)=[{&(0x7f0000001900)=""/135, 0x87}], 0x1}}], 0x48}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
ioperm(0x0, 0x9, 0x5)
tee(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2000008, &(0x7f00000003c0), 0x0, 0x52e, &(0x7f0000000f00)="$eJzs3cFvI1cZAPBvnDib7GabFDhApZZCi7IVrJ00tI04lCIhOFVClPsSEieK4sRR7LSbqILsX4CEECBxggsXJP4AJLQSF44IqRKcQSoCIdiCBAfoINvjJDjjxFuceNf5/aTZeW/GM9/3vHnjGc/TOIAr69mIeC0i3k/T9IWImMmWF7IpDttT83XvPXh7pTklkaZv/DWJJFvW2VeSzW9km01GxFe/HPGN5HTc+v7B5nK1WtnN6uXG1k65vn9we2Nreb2yXtleXFx4eemVpZeW5gfSzpsR8eoX//i9b//kS6/+4jNv/eHOn299s5nWdLb+ZDse0vhZK9tNL16b7Npg9wMGexQ121PsVKb62+beBeYDAEBvzXP8D0XEJyPihZiJsbNPZwEAAIDHUPr56fh3EpHmm+ixHAAAAHiMFFpjYJNCKRsLMB2FQqnUHsP7kbheqNbqjU+v1fa2V9tjZWejWFjbqFbms7HCs1FMmvWFVvm4/mJXfTEinoyI785MteqllVp1ddhffgAAAMAVcaPr+v8fM+3rfwAAAGDEzA47AQAAAODCuf4HAACA0ef6HwAAAEbaV15/vTmlnd+/Xn1zf2+z9ubt1Up9s7S1t1Jaqe3ulNZrtfXWM/u2zttftVbb+Wxs790tNyr1Rrm+f3Bnq7a33bizEZOX0iAAAADglCc/fv93SUQcfm6qNTVNDDsp4FKMH5WSbJ7T+3//RHv+7iUlBVyKsT5e8+61/OXOE+DxNt69oEdfB0ZPcdgJAEOXnLO+5+CdX2fzTww2HwAAYPDmPpZ////8+wKHhUtID7hAOjFcXV2f8+nMsBIBLl3r/n+/A3mcLMBIKfY1AhAYZf/3/f9zpelDJQQAAAzcdGtKCqXs673pKBRKpYibrZ8FKCZrG9XKfEQ8ERG/nSlea9YXWlsm514zAAAAAAAAAAAAAAAAAAAAAAAAAABtaZpECgAAAIy0iMKfkl+2n+U/N/P8dPf3AxPJv1o/CTwREW/98I3v311uNHYXmsv/drS88YNs+YvD+AYDAAAA6Na5Tm/N/znsbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNe89eHulM/Xx8qlBxf3LFyJiNi/+eEy25pNRjIjrf09i/MR2SUSMDSD+4b2I+Ghe/KSZ1lHIvPiDeBPOiR+z2buQF//GAOLDVXa/efx5La//FeLZ1jy//41H/E/9g+p9/Iuj499Yj/5/s88YT73zs3LP+PcinhrPP/504ic94j/XZ/yvf+3goNe69EcRc53Pn9YR72SE41K5sbVTru8f3N7YWl6vrFe2FxcXXl56Zemlpfny2ka1kv2bG+M7T//8/bPafz338y/Jsund/udz9pf3mfSfd+4++HCncng6/q3ncuL/6sfZK07HL2RxPpWVm+vnOuXDdvmkZ376m2fOav/qcfuLD/P/f6vXTrud6ihP9/unAwBcgPr+weZytVrZHdlC8yr9EUhD4REsfGugO0zTNG32qZxV9yOin/0kMeCWFvLzOS70PAIM+8gEAAAM2vFJ/7AzAQAAAAAAAAAAAAAAAAAAgKvrMp6y1h3z+BHIySAeoQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBD/DQAA///dpdP7")
prctl$PR_SET_IO_FLUSHER(0x39, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0a00000001010000ff7f0000cc"], 0x48)

905.170135ms ago: executing program 3 (id=2853):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="09000000000000080000000000014e6e57006224", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100001f00702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x2, 0x3, 0x3}, 0x10)
r3 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r3, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
sendmsg$tipc(r3, &(0x7f00000002c0)={&(0x7f0000000000), 0x10, 0x0}, 0x0)
r4 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
r5 = add_key$fscrypt_v1(&(0x7f0000000180), &(0x7f00000001c0)={'fscrypt:', @desc3}, &(0x7f0000000300)={0x0, "eee32168441e148d1d5abf08342d1b466136a26ec618804e146111f9bc880bd9350e0a544c37d7e8f3133e6f402e2029b96e833b7a50c5d45835b5204aac9679", 0x38}, 0x48, r4)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r4, &(0x7f0000000240)='asymmetric\x00', &(0x7f0000000380)=@keyring={'key_or_keyring:', r5})
add_key$keyring(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x0}, 0xfeffff, 0x0, r4)
r6 = mq_open(&(0x7f0000000000)='GPL\x00', 0x800, 0x1, &(0x7f0000000040)={0x2, 0x6b33a24c, 0x65f, 0xc0})
mq_timedsend(r6, &(0x7f0000000080)="fdad3c496d6f3f7aa02dbe6b33e6aba7add155fef822bb903cb1c3fcd367b5193c2366", 0x23, 0x8, &(0x7f00000000c0))
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095000000000000006100000600000000bf91000000000000b7020000000000008500000000000000b7000000000000009500"], &(0x7f0000000100)='GPL\x00', 0x4, 0x103, &(0x7f0000000140)=""/259, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

818.298165ms ago: executing program 1 (id=2854):
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
writev(r0, &(0x7f0000000d00)=[{0x0}, {&(0x7f0000000000)="2303942fe0dfd8f8c04e6ae35e91", 0xe}], 0x2)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180500000000c800000000004b6affec850000007d000000850000002a00000095"], &(0x7f0000000800)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prlimit64(0x0, 0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100030000009500000000000000bf71000000000000b7020000000000008500000000000000b7000000000000009500000000"], &(0x7f0000000200)='syzkaller\x00', 0x8, 0xffd, &(0x7f0000001e40)=""/4093, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
acct(&(0x7f0000000200)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
chroot(&(0x7f0000000180)='./file0\x00')
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x9c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
write$cgroup_int(r2, &(0x7f0000000540), 0xfffffdd8)
madvise(&(0x7f0000000000/0x400000)=nil, 0x40001e, 0x15)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xd, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="b400000000000000611998000000000006000000000000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x4, 0x3e0, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x76, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000540))
r3 = getpid()
perf_event_open(&(0x7f0000000200)={0x4, 0x80, 0x9e, 0x1, 0x2, 0x0, 0x0, 0x40000005, 0x200, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfc, 0x3}, 0x1000, 0x0, 0x0, 0x0, 0x9, 0xfffffffe, 0x1, 0x0, 0xc70b}, r3, 0x2, 0xffffffffffffffff, 0x9)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340))

761.066895ms ago: executing program 3 (id=2855):
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x3d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x62200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100000, 0x0, 0x0, 0x6, 0x40, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r1}, 0x10)
r2 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r2, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r2, &(0x7f0000000740)={&(0x7f0000000040)={0x2, 0x0, @dev}, 0x10, 0x0, 0x0, &(0x7f0000004680)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f0000002bc0)=[{&(0x7f0000001900)=""/135, 0x87}], 0x1}}], 0x48}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
ioperm(0x0, 0x9, 0x5)
tee(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2000008, &(0x7f00000003c0), 0x0, 0x52e, &(0x7f0000000f00)="$eJzs3cFvI1cZAPBvnDib7GabFDhApZZCi7IVrJ00tI04lCIhOFVClPsSEieK4sRR7LSbqILsX4CEECBxggsXJP4AJLQSF44IqRKcQSoCIdiCBAfoINvjJDjjxFuceNf5/aTZeW/GM9/3vHnjGc/TOIAr69mIeC0i3k/T9IWImMmWF7IpDttT83XvPXh7pTklkaZv/DWJJFvW2VeSzW9km01GxFe/HPGN5HTc+v7B5nK1WtnN6uXG1k65vn9we2Nreb2yXtleXFx4eemVpZeW5gfSzpsR8eoX//i9b//kS6/+4jNv/eHOn299s5nWdLb+ZDse0vhZK9tNL16b7Npg9wMGexQ121PsVKb62+beBeYDAEBvzXP8D0XEJyPihZiJsbNPZwEAAIDHUPr56fh3EpHmm+ixHAAAAHiMFFpjYJNCKRsLMB2FQqnUHsP7kbheqNbqjU+v1fa2V9tjZWejWFjbqFbms7HCs1FMmvWFVvm4/mJXfTEinoyI785MteqllVp1ddhffgAAAMAVcaPr+v8fM+3rfwAAAGDEzA47AQAAAODCuf4HAACA0ef6HwAAAEbaV15/vTmlnd+/Xn1zf2+z9ubt1Up9s7S1t1Jaqe3ulNZrtfXWM/u2zttftVbb+Wxs790tNyr1Rrm+f3Bnq7a33bizEZOX0iAAAADglCc/fv93SUQcfm6qNTVNDDsp4FKMH5WSbJ7T+3//RHv+7iUlBVyKsT5e8+61/OXOE+DxNt69oEdfB0ZPcdgJAEOXnLO+5+CdX2fzTww2HwAAYPDmPpZ////8+wKHhUtID7hAOjFcXV2f8+nMsBIBLl3r/n+/A3mcLMBIKfY1AhAYZf/3/f9zpelDJQQAAAzcdGtKCqXs673pKBRKpYibrZ8FKCZrG9XKfEQ8ERG/nSlea9YXWlsm514zAAAAAAAAAAAAAAAAAAAAAAAAAABtaZpECgAAAIy0iMKfkl+2n+U/N/P8dPf3AxPJv1o/CTwREW/98I3v311uNHYXmsv/drS88YNs+YvD+AYDAAAA6Na5Tm/N/znsbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNe89eHulM/Xx8qlBxf3LFyJiNi/+eEy25pNRjIjrf09i/MR2SUSMDSD+4b2I+Ghe/KSZ1lHIvPiDeBPOiR+z2buQF//GAOLDVXa/efx5La//FeLZ1jy//41H/E/9g+p9/Iuj499Yj/5/s88YT73zs3LP+PcinhrPP/504ic94j/XZ/yvf+3goNe69EcRc53Pn9YR72SE41K5sbVTru8f3N7YWl6vrFe2FxcXXl56Zemlpfny2ka1kv2bG+M7T//8/bPafz338y/Jsund/udz9pf3mfSfd+4++HCncng6/q3ncuL/6sfZK07HL2RxPpWVm+vnOuXDdvmkZ376m2fOav/qcfuLD/P/f6vXTrud6ihP9/unAwBcgPr+weZytVrZHdlC8yr9EUhD4REsfGugO0zTNG32qZxV9yOin/0kMeCWFvLzOS70PAIM+8gEAAAM2vFJ/7AzAQAAAAAAAAAAAAAAAAAAgKvrMp6y1h3z+BHIySAeoQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBD/DQAA///dpdP7")
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={0x58, 0x2, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x4000000}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x1}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x58}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0a00000001010000ff7f0000cc"], 0x48)

728.422626ms ago: executing program 6 (id=2856):
fsetxattr$security_capability(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, 0x0)
r0 = socket(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0xa00000000000000, 0x80, &(0x7f00000000c0)=@broute={'broute\x00', 0x20, 0x1, 0x990, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000e00], 0x0, 0x0, &(0x7f0000000e00)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff010000000b00000000000000000062726964676530000000000000000000766c616e300000000000000000000000736974300000000000000000000000007465716c3000000000000000000000000000000000000000000000000180c20000000000000000000000b8080000b808000030090000616d6f6e670000000000000000000000000000002000000000000000000000002008000000000000140400000c000000000000000a000000000000040000000000000000000000000000080000000000000000000000000000b085da05d603888318a0cce400000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000fdffffffff00000000000000000000e4ff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005000000000000000000000000000000000000000000000000000000000000000000006fb7cd02b734bcce41ef6e95bd000000008000000000000000000000000000000000000000000000000000000000000000eeff3f000000008fc7660c490587b3ab213098a6767c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001f8f0000000000000000dbd5a834b3ab2a0cc27081310000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000440a05000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000f18a0afe993500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4f016fa70c1255400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008c7f8f1b44f000000000feffffff00000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000062f75a00627f34dd71012eed00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e0ffffff00000000000000000000000000000000000000000000001b00000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000f200000000000000000000000000000000000000000000000000000000000000fffffff90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f2573bd04a330000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000ff7f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000cb33322c9c564ae5f8eef74d5aa7cc9c000000000000000000000000000000000000000000000000000000000500000000000000000000000000000000000000003f7f1c00000000000000000000000000000000ecffffffffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000afe96d981b6f119c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d3d2e85100000000000000000000000000000000000000000000000000844caab24e79bd260000000000000000000000000000000000000000005080000000000000000000000000000000010000a600a9e85725d89818472e65aba21d9bbc1b20e8331c6fd24a5aceaeefe102e42a013ac2c00eeb782c34eab997013e0506220c21a44cc58ff5bc83d5e4066c7700"/2448]}, 0xa08)
r1 = msgget$private(0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff00000200000000de7dc0844b36448e82dfa9b39fc6c81954bf55124621e9a6da0350d9cfb6b181467250f0baffc3ff3da577d92968a6c0099cc62f9121bd4677398db830537c48864a7584c21076f7d3cf64998e7af025ef5fb42adaf6415c8d95e9f5627400868499906a63d55ba71c8bbd60c65269a2ed7a68520ddbbe7805d6c722ae20a6af3fd0d46b5bb1f9d14526763f066b12b3fcbb18aa7755a653cb56161cf344cc74dd9c98d9", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x11, 0x4, 0x4, 0x2, 0x0, 0x1, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000000000000b704000000000000850000003300000085000000d000000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r5}, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="4400000010000104000100000000000008000000", @ANYRES32=0x0, @ANYBLOB="00000000000000001c0012800b000100697036746e6c00000c0002800500090089"], 0x44}, 0x1, 0x0, 0x0, 0x80d0}, 0x0)
sendmsg$NL80211_CMD_GET_WIPHY(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="59bb22bd7000000020001100000008002b01"], 0x28}}, 0x0)
msgsnd(r1, &(0x7f0000000340)=ANY=[@ANYBLOB="0100"], 0xff, 0x800)
msgrcv(r1, &(0x7f0000000f40)={0x0, ""/255}, 0x107, 0x0, 0x0)
msgctl$IPC_RMID(r1, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = open(&(0x7f0000000000)='.\x00', 0x800, 0x0)
unlinkat(r10, &(0x7f0000000140)='./file0\x00', 0x200)
r11 = syz_genetlink_get_family_id$devlink(&(0x7f0000000200), r10)
sendmsg$DEVLINK_CMD_PORT_GET(r9, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000001c0)={0x3c, r11, 0x1, 0x0, 0x0, {0x35}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x73}}}]}, 0x3c}}, 0x0)
msgctl$IPC_INFO(r1, 0x3, &(0x7f0000000080)=""/74)
r12 = socket$vsock_stream(0x28, 0x1, 0x0)
fgetxattr(r12, &(0x7f0000000040)=ANY=[@ANYRESHEX=r12, @ANYRES16=r12, @ANYRES16=r12], 0x0, 0x0)

602.627767ms ago: executing program 6 (id=2857):
getsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x2e, 0x0, &(0x7f0000e5f000))
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000002c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="0217ea07060000002d49c3e72acfbd7080fedbdfc2f54befeabf250400030000010000060000000000000001000100000000000300"], 0x30}}, 0x0)

558.099077ms ago: executing program 4 (id=2858):
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x48e01)
syz_emit_ethernet(0x82, &(0x7f0000000040)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaa008100000086dd60f53a0400483a00fe8000000000000000000000000000bbff02000000000000000000000000000102009078000005006050835900000000fc0100000000000000000000000000000000000000003a01000000000000070800"/120], 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_MTU={0x8, 0x4, 0x9b69}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0)
r1 = syz_io_uring_setup(0x70ca, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x3, 0x179}, &(0x7f0000000100)=<r2=>0x0, &(0x7f00000007c0)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x3, 0x0, &(0x7f0000000340)=[{0x0}], 0x1})
sendmsg$NFC_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0, 0x2c}, 0x1, 0x0, 0x0, 0x10}, 0x24004091)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0600000004000000e27f000001", @ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r5}, 0x10)
io_uring_enter(r1, 0x4d10, 0x2, 0x2, 0x0, 0x0)

516.198527ms ago: executing program 6 (id=2859):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
r1 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=[{0x10}, {0x10, 0x110, 0xe}], 0x20}, 0x0)
r2 = socket(0x10, 0x3, 0x0)
r3 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r3, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x0, 0x0, 0xfffffffd}}, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
r6 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x70, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x20001300, 0x20001330], 0x0, 0x0, &(0x7f0000001300)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0x7fffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}]}, 0x108)
bind$tipc(r3, &(0x7f0000000040)=@name={0x1e, 0x2, 0x3, {{0x42, 0x2}, 0x3}}, 0x10)
r7 = socket$tipc(0x1e, 0x4, 0x0)
setsockopt$TIPC_GROUP_JOIN(r7, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x83f}, 0x10)
bind$tipc(r3, &(0x7f00000000c0)=@name={0x1e, 0x2, 0x0, {{0x42, 0x4}}}, 0x10)
r8 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r8, &(0x7f0000000380)={&(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x3, 0x4}}, 0x10, 0x0}, 0x0)
sendto$inet6(r2, &(0x7f0000000000)="7800000018002507b9409b14ffff00000204be04020506050e0204094300080004000000040010000d0068d0bf46d32345653600648d0a0012000200000049935ade4a460c89b6ec0cff3959547f509058ba86c902000000004a32000400160005000a0000000000e000e218d1ddf66ed538f25232500000", 0x78, 0x4, 0x0, 0x0)

470.031287ms ago: executing program 6 (id=2860):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc0ed000e, &(0x7f00000000c0)={[{@jqfmt_vfsold}, {@data_err_abort}, {@debug}, {@noload}, {@mblk_io_submit}, {@commit={'commit', 0x3d, 0x5}}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@debug}]}, 0xfe, 0x46d, &(0x7f0000000f00)="$eJzs3M1vFOUfAPDvTF94+/FrRXwBQapoJL60tLzIwYtGEw6amOgB46m2hVQKNbQmQohWD3g0JN6N/4XxpBejXjTxqndDQgwXUC9rZmemLMtu2aXbLnQ/n2S6zzPzdJ/nOzPP7jPz7G4APWsk+5NE/C8ifo+IoTx7a4GR/OHGtYtTf1+7OJVEpfLWX0m13PVrF6fKouX/bcszlUqR39Sg3kvvRkzOzc2cK/Jji2c+GFs4f+GF2TOTp2ZOzZydOHbs8KG9g0cnjnQkziyu67s/nt+z6/g7l9+YOnH5vZ+S/sjjjro4OmUk37sNPd3pyrpse026umOX7fvlZrrRmUA39UVEdrgGqv1/KPpiy/K2oXjts642DlhTlUqlssKr8lIF2MCS6HYLgO4o3+iz699yWaehxz3h6sv5BVAW941iybf0R5on9g3UXd920khEnFj656tsiTW6DwEAUOu7bPzzfKPxXxoP54nB7M//izmU4Yh4ICJ2RMSDEbEzIh6KqJZ9JCIebbP++hmS28c/6ZW7Dq4F2fjvpWJu69bxX1oWGe4rctur8Q8kJ2fnZg4W++RADGw6OZvMjK9Qx/ev/vZFs221479syeovx4JFO670192gm55cnFxNzLWufhqxu79R/EmU0zhJROyKiN13Wcfss/1Nt905/hU0f9qWVb6OeCY//ktRF38paTo/Of7i0YkjY5tjbubgWHlW3O7nXy+92az+VcXfAdnx39rw/F+OfzjZHLFw/sLp6nztQvt1XPrj86bXNG2e/8e3F+f/YPJ2dcVgseGjycXFc+MRg8nrt6+fuPlsZb4sn8V/YH/j/r8jbu6JxyJiT0TsjYjHs4vCou1PRMSTEbF/hfh/fOWp99uPf33mSrP4p+90/KP2+Lef6Dv9w7d3jn9zRDQ7/oerqQPFmlZe/1pt4Gr2HQAAANwv0upn4JN0dDmdpqOj+Wf4d8bWdG5+YfG5k/Mfnp3OPys/HANpeadrqOZ+6Hhxb7jMT9TlDxX3jb/s21LNj07Nz013O3jocdua9P/Mn33dbh2w5jowjwbcp/R/6F36P/SmRP+Hnqb/Q+9q1P8/aVp69Js1bQywrrz/Q+9qof8v5Q/NRwXA/cn7P/Qu/R96UtPvxqer+sr/uif+LX7P8F5pz8ZPRHpPNGPjJ/pb/jGLNhKVobz/Z2s2NSzT7VcmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAzvgvAAD//w3J5b0=")
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x200000c, 0x3032, 0xffffffffffffffff, 0x0)
r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r0, 0x0, 0x0)
getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8)
setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r0, 0x114, 0xa, &(0x7f0000000000)={0x2, "b07a"}, 0x3)

358.168308ms ago: executing program 4 (id=2861):
r0 = fsopen(&(0x7f0000000400)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000240)=',-\x10*\x00', &(0x7f0000000380)='$\x00', 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="050000001d9851e9ff0f00000800000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r2}, 0x10)
r3 = socket$key(0xf, 0x3, 0x2)
openat$selinux_load(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f00000003c0), 0x5, r4}, 0x38)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001040)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kfree\x00', r5}, 0x10)
sendmsg$key(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="020a000907000000000000000000000005001a"], 0x38}}, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e8500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
fcntl$setlease(r6, 0x400, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r8}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0, 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='\xa3\x04\x00', &(0x7f00000003c0)="c5", 0x1)
close(r0)

319.286148ms ago: executing program 4 (id=2862):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$kcm(0x29, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
statfs(0x0, 0x0)
prctl$PR_MCE_KILL(0x23, 0x9, 0x7fffffffeffe)
sendmsg$kcm(r2, &(0x7f0000000700)={&(0x7f0000000300)=@can, 0x80, &(0x7f00000006c0)=[{&(0x7f0000000380)="72def8b0116c7a18cc1c67f5a6a1e9d587ad9a0e091d339c49b5a01c8775ef262ff06ba0a07c4ff80115ffaab311377cbf57252567d29dac4a994913c4ecba90074183d4c14f25c3c40a33adee968b45f8091733542d8a41200fc7a3925f8a59d848006a6b0907719d890b8fa1dd5289aa00b482cb9540409e35b56670287b013ae6f6adc57c68e389111bff32c91a4deafae1034814d1c9f36ff3b86a2f7dbba24a7bd239a61649cb47c5e2b357dba10dc3bd70b4d43121111850dfd8d90baf06aeb50a", 0xc4}, {&(0x7f0000000740)="708fa7d22a65f6808338df0e246811f9621312d699aac13f604489c15151c5283d913735a83e6707a45ea6646f4f51162262e397e86db665fabd3288da1f032d4f263164f02e1527b263ed2ec6bb936c083211c1bac5dc5b63a43b25359197c6e118da655cd780b220e1abfcf6fb997d255cf6dc07490ba8ece401525e049d44ee8693f9678b931c978fd4219e1062510f02557df2e2d7b085acaa54bd85cf26015dbb02882f051082de537a4f359e4998c9fac54a6641de07a97de15838789dc6a73721ed806400005bb7f8a1b7a7a98fe3f333c98df9d7cbf97c1d650d2418d118702960dffa927f97481d1cf59d7896ef8c8a24bc8e7e0cabfe4c9c778f53738f47079fece71c4b3562fd91d260f4d808ae2f785b2d58d6fed9295d4de0bc77201f5a4a261716fa1335cad0508d4d53d66d588960d2f8e99658f0297bc3bc80ff46c5e3b7e1967a712bee7a3d23d86a3db91457ff75c0d327025e458ecbdf038a87440ff1d614e877fd7beac9b1862de6f11e4bfcc04d9db76fe1fd8800"/394, 0x18a}, {&(0x7f0000000540)="aa945cdc7a9a07a845b795944fb6552ba81845148cb4fa2785a4e36540ef0a2848a83baf57a8e1b221049c8c5201eeb8c2e59f7f39ff31f7b1f2539b7dd10944f3486df78b6bce806c10cf8512b6d879144fa89bd34c86c9f1ef553428395a3fdd7e6259b2b1799c4e6e14f112b2db7cd5524bd5fd7ad637", 0x78}, {&(0x7f00000005c0)="7804a0c6169ae5d2723f5f976be7be7a19a4663c611d6a1b0ef0deac6e6beaad6de2269c71659964ca24792b5a7a6c3511e443e6a8e4929adca4411686519583cc4a3a52551c6b17b65d6a4f1e9c20a0569bc255a9821612b0cf093404b533622be8146a55d01bcbfc4e555b00acc684f389cc3879aaa94baa705b0d35f1c6a882f337fb9bd084aef170c77eacb3049e2eb0c45dd0f569eb8102e16ca4549050dea813a30fbcaf59c9e84e0420eb49ae16122e86956d41b253e2acd56cf34213642f", 0xc2}], 0x4}, 0x40040c0)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0x24048091}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[], 0xa0}}, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, <r3=>0x0}, 0x100)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000140)=<r4=>0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000180)={0x0, <r5=>0x0}, &(0x7f00000001c0)=0xc)
setresuid(r3, r4, r5)
r6 = openat$selinux_status(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
syz_genetlink_get_family_id$gtp(&(0x7f0000000240), r6)

0s ago: executing program 6 (id=2863):
r0 = socket$packet(0x11, 0x2, 0x300)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r2, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
syz_emit_ethernet(0x256, &(0x7f0000000240)={@local, @empty, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "00cd04", 0x220, 0x3a, 0xff, @local, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x1f, 0xa, "a78c000005dc8080a2030003004003493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34060600000000000000dac15084dbaf736b41e5af0502"}, {0x0, 0x1, "000003000000000026000400"}, {0x0, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf3915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x0, 0x1d, "06aa85616177c61bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0dea07c9a1f643c822a18b79f7c5eba31fb68b2d734a6671e27182aee4df24a4a5cf390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5ac010000000000000090aa235a670670ffc5dc49dfb58d00000000000000"}]}}}}}}, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3}, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x5, 0x2, 0x1000, 0xffffffffffffffff, 0x800000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r7}, 0x10)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, r6, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kmem_cache_free\x00', r9}, 0x10)
syz_emit_ethernet(0x1011, &(0x7f0000000cc0)={@local, @local, @void, {@x25={0x805, {0x0, 0x7, 0x23, "7dd40a1c2599248983556d06315dc64c7a229e8c8a415b1041c36905bdd8b76f5dfc54391548957c536ee13a0b6b5e3e9e54c8f7d202ad30e2f4cf08f16f60fc2e6ca3b657535b8118214a1ea54d2c10e0d894ccd35484cdc4d69710a299bc8d6f485d90fbc09eaee18fd923afe9cceb8d9669d63685bcdc3570d986bdf20460787d086a5af26d2ef066931c2b9684fb737fb9c4842c537399b05ccfaa6c7a72ee4f53ea6fd7a2a22003d6b60e2aa3d6b08d9ab45760c3a71e4d38baf8a60e93237585cf60b1f692e2cd55d78266ef8d99da0555fc0b3f5e2e985a8008274fd409e27c65f0226fa37d0c18d925abbc981fafad72a02f7d48807d0c7337a59a4640d33cb091445249c10b437797384f9f6a00fbd3fb8fae4d7be6df14ece304816e757ba5ee3241aa133438f6e56f34f13b93f40cac99cf14d7673095e9edbf28524bfeaf2dfa2eca13dfcaee4691300e3e7d2f44a30b3a74e8f893874eea7d7b71accdf222df2442fe4435ba610fb2dd8da148e0efcd28fa3b99237ae7c31975d381ec7895af7719e624f220eb179516496461cdbcfd6369b92456f3c25a871eccfc63044968e131b100ca9d8d69bad8e20f26752114e01d7859a576728507fed48ffecd4664d502224b93cdb3fcec7d6d2ef40284f417252ebaa26cf859eb8e6322f5d7fa49b62dc308a4f997b1ba6d717ac8fc67b271ec0062b3b5dbcbc503e6ac2cd09bbc79c3e77228d60f5fb4680a22570f0251afe282277cce689e3b2a8ade02f7bdb1084624861b7350c91612ec5792dbd96f45b63074ccba1a5a70bd8627f0dfdd0246279add14629fc3157e4ff4bc8df94c982be0013e10555183ade2489954dec794bec955ffc5e51537f79d103957337ef065066849f393197e0fd9e1db5d2985497c691dd32fe64602b7ca9b78be7a42df590db62de48f4b14c382ec1bb821177f7c8a0443fc41ef6b68f660c83659ce36a50748116c3749f729213fa02135bfc3c2ac527c54603f7194943d66355303400b73fbd250c0b85c64fb76984ef5f223078bc2d7ce037c545e0e1ce679034ebd50dd1fd74f661123a9bdc46537d30a5492f0d619c2df7ea27591806184315e6397111f2c207c1df3d7de90f1b8c0f8e392b0d8ffff35582cd4049033ff03fc0f37df7e07249aa09d20f469bc83fd4913c2c3484df165d6f3906c339a900f5b4bc6a5a6514c08390956518ba54dd14c9559362478d648a4f1eeaede1b95e38d1510a4a969eca9e997a56d18b6278a7528049a3e5e2e63c80bb9a3ceee87f6f99921e399b3bd1ca56e5402c94aa5b9a80df239d8a57475c05a5241b231bec35c8c67751e8c91e6be6bdd14c452eb167d1135ea3d03727ce92784cb69208fee5ebaff5bd0cd641879b5441580b6fbe5ca1c2630651cbd6755cea6c95c44544b595bdc2ce2b59a288a9b205b712130e2e5806f50a8bd64b820ea06b9e339874cb427cdeb954d8c48e67c7605904ea8e8076185e3a4ede01d699b6105d29276add81e124c5244f75821e68ff7fa672e49b929d33f84789ed5550d0e9bbd6524356f36132576fe29bc2adad93d9904364c881f3239cd7d61abbca21478a99ba79e802f1880b2f3e17584ce7bccb1d6d846ecd33997c01cbab5bffc83fc00f48f97cf2b597866f87889d48591e194aecb8a3d2034fff8fc52803224be49bf5744f151d3edf378e8fac6f96e3d9ada060f85581a55bd75e471a61eb608ed4d1b856907e3179d3431968cfaf90166a6c7491438db231c2effb3aa1a317fe08e3f303dc4242adc5e4aac097b195192e415666ccbd6e6e16fdef78a94f2928123a87afe198a87b86114f4aeb04a0b4559046f460f77d31f68eaadcbb97b11b46bc5a1ab2813d481b5f4ae987acd97d89e208768d1dfa9d523214774ad80f5acde736b7c060a07f317d3deaff9ffcbd300f4392e8a0126ea3f38dda75fa06b5a9e1d3595b020305266edfa7f9f9480a46a625ba08212dff07fb22839a158d30b00b0dad55623b3b89ee4b75a53e0f1ecb983f2d9ab92eea2c6585e4e7c64f1c47b24be27d504c5db5044058c89887549ee0d289187ab09126c4f309fb7e81c1cb66fea9d9b69bfff26618d5b3dc42321a375a6fa920b7d56fb63955f97b49dd0542dbe42ae59bebdd0eb1c59196f34492b33f9d94bb65e0282d2c06c64cd5a04c3a3d9c2f8334b056d00c4b5f5710756d30fbff8104e75c5bbd490ded535157566e9f3ce010ed2a4eccc022680fe90916a67aa6cc84f433a9d735b03672097f31cf26ce1c4ae0c8b8abd49d20fcedb67cd0e5650fd765aafb07c8cfe99ffb9ae0d8841ee5557edbb37cb80c424d6a6fba846053df63504d440460a631a009a5337e00f34be955f3234770a49203150cd732ef994fe296337303cba0d68627bae51deb9610fbfb865a0ef15882856a18ac8b1714646083d9358b1f0c12e9e011fe496aba9c09f2bbc054ec4b46e33b5cdf28fb6d771d500801ce1164d57c0c12315330c7526eb83e44f74ec69e42895317f20b7fb63e259b6ba236b4f7dd7b9f3a070254aad38aad6ea7c98b9daa168350ad32931dc4ef1c0e9dea7e36bfe5e54715979c6db27eba9f652618bd7d79bbb3caffd2ba9252b01a39f771d57ffdf1ed19ba56f91f22ca184497dd71db9b27c08825f38b7ab8f7c698147ddc5a14fff0f470d6fdb852ebcc4a52a3c48a54412b37cce5165297655a6e4963a3f368a12c14af12e50cab6b9c8eede8530b1d93874bf49e014676a82537cebb7ca16dd2e41deab009e051c7a0b0eecb30d33357ca38b0c436335a9f79e7e97742994b040a7fd462167765ba48052308f56af436c8140362ebc9f8fab6e2e88660d413fb57ecc640cfa248d9f64d43b6a2d49ad7aa6080db808158d493cadc269cdd5ec11563d478c0029bda9fbbfaff5d7f320a700c901adf6b74b17251b1b50a2f7bd1ea5f570c49b9c4e17227739e4a78e1f02c917540cd2597de70c8bb1f83f75a7efe8faf2ab8567e3fcedc0f9908d8b490a52ca75f026eff4ae7444b5e1a478bd761fe144576c02b0fc7c2e373d4fccf7230fce3f1dbd504ae991558300715e1aabfba64bd06038cd6322a80b1639d0c7f5796cb7b97e9405532d24f246a5c8a5f52be1a00d8f20f3f5409d4efb85a57daa3c972fa876f9b5cdf6970d86b2c6e14204e579629a50f1e1c31f43bb4acf905986ad3b3d576b4a9cea8bb54b90f0027a4d9174f4c31bd1c3227978a8975d0fb2e3776162365d5cbedc1fe2a3cca8f7ff59606a1c77c17a2e395135ebc06f60b4c2c8848e943ebc155beb81de94d912053eac73c14c22745066e9cf898357c5b0ae5bcce1999c1c6af939c490a468b23536d68d7af7553dcc5bf9f59521d5a7260f9ff5568ede1e9d1f580f7668467fea7a78152328d1c5df2b0dfe90830dadc84a481321a55dc39ada2312a33bad20697d88951b44a9f9413bf2e05bd70c19565bf9d2f4f68c3971029ac6631619ef99911edb49acaa35899daafb10ff5844ad788a1957b81e9c5d77887b149cd5a58cf249070a2da4b5797220d3562bf7d995bfd336de8c11a697c6595a83f1d5e251a478db8b070d25138ac910e6fd692977399672885c2e9e25400e3042bf758b50918e77ff6852d867ccc9d2efd602249b8a65a3cd5221b818acd0c65f8071af08b209eaeb04f0e23d688c7ad78dd745934674da2f61dbcde27fee50ddcbc20d437d1268c706273b813f34a3f2da52e3593d438f9690859f79791d63c36b0de6fd64562cf67f4b88195cce4ee76989ee7fb37c250bda74e8ebfb475da087412c52bdbb0dafbef375e6111308b9325ab0ea81d1946774c19005cdedea20d07ffc02514da5575cd9882632fc2a53ee5f234263070e0139a159aacd528ca088bdcf648fbce2865a691a198caec5cae094f9b45b3266c45a778e46cef62145b446a2d53b0aa397165974c840d16f9353b9cb5cbd5c32591f0d6152377d10b6afa25f5458d9a401a95023dec28f09b6e83c1fc8e8c036eef81d20cefeda4f84b5b845298003c83e1e44027b38ef8c112f10ca36b6ee4641564f8cccc81ed80bc790519324ba689e4b339ff05cf797e73ada75f0bade759e2563e518a021d8709bd1513cb9a86007570ab3d8cbaf092333ccc2a9c6e8e4c1343b61e405ddace3c17c8e2c2c263e722e4fc54ed5cad1e0f84cf1daae8a9da64bda5e6e1fd6a4ad22e490e7c10e4c8cbdb28eebffc2820bf577a60ba147a333367a77a77f4172939a6d499ebb792a37d2ff8184b7cce30fad358519aca3de88e31e03f53d9e51007801fd763cf14dab6d54b9c939af51f852cd9dfdce0eff9a2350cb7762073486ac43535d7a99a5df045596fefd338e0f0ef350d7df72315d1f46ad9a673da3a68c8dc91212efcb6492ae9792efd2307b7c8f4d05fcb7e25450c4dcc9d592727ee611616faf927a4e4e7b621796d904d575f1078b299643c5cce958dffe8d3a565dc62b067f32dedef1fdcab2e17310ae72c06ddba25d75b2280f2360a9910e8994e2d475b3b0d3e9b11678c9707fb53aba0710d4a007569f4dfb32443d25a89ca305906fed1651a3ce875c9da2c3c87eff063dce2b50a4dc125c2c07096285ee19dc750a62cd3d227fbf94d376ce29dc1c88edfd1ae18405acbbea7ccc146c6b50d98843d5ba529c7c580414084558845b29ec7e47d158c26dfe5a86b724cf22784ecfee4a74665b73ab76fd738d5b23e6d085b664899bde805eff645189d316cdde57e094c2f88cc6395f3a492c08843a8541254479b425dc20f565881018e4c21e64890fa04ef8aec58d1c9a4526c638b26d1fcbe2ec995bb0ce9a95a690b377d4466065ce98ec15f0c81b6e084422927c8f14c7b620d6fc11ccc98c31f8c667b8e9eede6b9b94f72b8b5b5035a23e995f198a63f9f12a393de341e8488b7dca0c9a358f09a5a1d3ecec8e3cd40de37718f64a4e63b47706b39ffcbf7b3364505043f7768c57fce7c635f7b71386b8badc863bf3478e715ee0a399b123b1ea58aab419235853b254710abf479df565b842b436ce72609d77dac624ebadf37a68ec10ad8d945e1674fbea59483930c59a1e5a7135eea89cd6ea53f63ee620f591306f402f8ec16ddd01e3b6303499804c53f80483734adbaac92f9dd89b2d808537fb7e169224227a95ea2e15da096ab25f1b33970f3a7149793df024cfcbd3098b0fe8b870c1f0eff2afcccd23b69fa7c8ab26d2962bb732c38a2f5911aed0af5c8fa103921ab38593a3bb9cbdac7456b4bde5a6c0bfec58d3f460eec3b48950fbcec81ddd4840a69b54791bed1d006ed297c3ccd2cf728b2ccceb1b762a6aa9a31e757d2c41a574d166816fcf2aa624be2be554ec3f800c0b26df89c69d1a9b8f5139ecc7314087d7aa1319665d6cf1687f552079f8a0ae86b647e4ef3a986b48b1a14c1f162f25d37869e7b42bf280a6ba3cfe32707073a103f3bcce2849a21029bc3f7211275b6bbecac468c23c7d7f2d8a21b4936d29c87dafcb9da0e95ad596cdbed60fc634aede37e3301f89a971b643506f559120d41ba152e4fd82b9824d66a7fd6aae1dc076b07d7ff3b1a38f427372544f414eef560055a139837dffa840e8cb23f1f192fdd35c6195e856f181d31ab8b7f6d47af92cccb4a16e92ba3dcd85f4b96db1e5f08fa61489ec3bbd1b9aaa0977a4f07436e920aba095d4b432fd9164bfe46253473af35f98bde738b7e52b9e033db7419af3b26896915e0dac0a51f08036ab976676142c04367ab51a"}}}}, 0x0)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000c40)=ANY=[@ANYBLOB="580000001000010009000000000000000000ffff", @ANYRES32=r5, @ANYBLOB="00000000da44000024001a8020000a8014000700fe80000000000000000200400000000005000800020000"], 0x58}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000008c0)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x10)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
r11 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r11, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r11, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x1001}, 0x4)
sendmmsg(r11, &(0x7f0000007fc0), 0x2d, 0x0)
socket$pppoe(0x18, 0x1, 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000000400)={@link_local, @broadcast, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x8, 0x11, 0x0, @remote, @mcast2, {[], {0x0, 0xe22, 0x8}}}}}}, 0x0)

kernel console output (not intermixed with test programs):

10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  146.951441][T10132] R13: 0000000000000000 R14: 00007ff7f4f95fa0 R15: 00007fff326081f8
[  146.959589][T10132]  </TASK>
[  146.968117][   T29] kauditd_printk_skb: 362 callbacks suppressed
[  146.968137][   T29] audit: type=1326 audit(1732756593.970:6992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10129 comm="syz.3.2255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3224850809 code=0x7ffc0000
[  146.997976][   T29] audit: type=1326 audit(1732756593.970:6993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10129 comm="syz.3.2255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3224850809 code=0x7ffc0000
[  147.021582][   T29] audit: type=1326 audit(1732756593.970:6994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10129 comm="syz.3.2255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f3224850809 code=0x7ffc0000
[  147.045074][   T29] audit: type=1326 audit(1732756593.970:6995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10129 comm="syz.3.2255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3224850809 code=0x7ffc0000
[  147.068752][   T29] audit: type=1326 audit(1732756593.970:6996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10129 comm="syz.3.2255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f3224850809 code=0x7ffc0000
[  147.092416][   T29] audit: type=1326 audit(1732756593.970:6997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10129 comm="syz.3.2255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3224850809 code=0x7ffc0000
[  147.116151][   T29] audit: type=1326 audit(1732756593.970:6998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10129 comm="syz.3.2255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f3224850809 code=0x7ffc0000
[  147.139624][   T29] audit: type=1326 audit(1732756593.970:6999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10129 comm="syz.3.2255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3224850809 code=0x7ffc0000
[  147.163365][   T29] audit: type=1326 audit(1732756593.970:7000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10129 comm="syz.3.2255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f3224850809 code=0x7ffc0000
[  147.187138][   T29] audit: type=1326 audit(1732756593.970:7001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10129 comm="syz.3.2255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3224850809 code=0x7ffc0000
[  147.240304][T10123] loop4: detected capacity change from 0 to 1764
[  147.251102][T10123] iso9660: Unknown parameter ''
[  147.469432][T10156] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10156 comm=syz.2.2262
[  147.541754][T10149] loop3: detected capacity change from 0 to 2048
[  147.572420][T10149] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  147.598437][T10149] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  147.663202][T10155] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  147.739075][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.761439][T10170] loop4: detected capacity change from 0 to 256
[  147.765660][T10172] loop3: detected capacity change from 0 to 512
[  147.790560][T10172] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2268'.
[  147.802911][T10172] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  147.899619][T10181] FAULT_INJECTION: forcing a failure.
[  147.899619][T10181] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  147.912763][T10181] CPU: 0 UID: 0 PID: 10181 Comm: syz.1.2272 Not tainted 6.12.0-syzkaller-10313-g7d4050728c83 #0
[  147.923237][T10181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  147.933362][T10181] Call Trace:
[  147.936644][T10181]  <TASK>
[  147.939598][T10181]  dump_stack_lvl+0xf2/0x150
[  147.944203][T10181]  dump_stack+0x15/0x20
[  147.948367][T10181]  should_fail_ex+0x223/0x230
[  147.953073][T10181]  should_fail+0xb/0x10
[  147.957314][T10181]  should_fail_usercopy+0x1a/0x20
[  147.962456][T10181]  _copy_from_user+0x1e/0xb0
[  147.967059][T10181]  do_replace+0x7b/0x2d0
[  147.971316][T10181]  do_ebt_set_ctl+0x1bd/0xb80
[  147.976006][T10181]  ? kernelmode_fixup_or_oops+0x58/0xb0
[  147.981595][T10181]  ? exc_page_fault+0x4fc/0x650
[  147.986480][T10181]  ? tcp_release_cb+0xfe/0x380
[  147.991263][T10181]  ? _raw_spin_unlock_bh+0x36/0x40
[  147.996609][T10181]  ? release_sock+0x117/0x150
[  148.001325][T10181]  ? sockopt_release_sock+0x42/0x50
[  148.006654][T10181]  ? do_ip_setsockopt+0x1fcf/0x2340
[  148.011939][T10181]  nf_setsockopt+0x195/0x1b0
[  148.016547][T10181]  ip_setsockopt+0xea/0x100
[  148.021075][T10181]  tcp_setsockopt+0x93/0xb0
[  148.025744][T10181]  sock_common_setsockopt+0x64/0x80
[  148.031042][T10181]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  148.036956][T10181]  __sys_setsockopt+0x187/0x200
[  148.041899][T10181]  __x64_sys_setsockopt+0x66/0x80
[  148.047009][T10181]  x64_sys_call+0x282e/0x2dc0
[  148.051702][T10181]  do_syscall_64+0xc9/0x1c0
[  148.056321][T10181]  ? clear_bhb_loop+0x55/0xb0
[  148.061007][T10181]  ? clear_bhb_loop+0x55/0xb0
[  148.065697][T10181]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.071699][T10181] RIP: 0033:0x7ff7f4dd0809
[  148.076168][T10181] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  148.095807][T10181] RSP: 002b:00007ff7f3447058 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  148.104228][T10181] RAX: ffffffffffffffda RBX: 00007ff7f4f95fa0 RCX: 00007ff7f4dd0809
[  148.112235][T10181] RDX: 0000000000000080 RSI: 0000000000000000 RDI: 0000000000000006
[  148.120325][T10181] RBP: 00007ff7f34470a0 R08: 0000000000000298 R09: 0000000000000000
[  148.128302][T10181] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000001
[  148.136310][T10181] R13: 0000000000000000 R14: 00007ff7f4f95fa0 R15: 00007fff326081f8
[  148.144326][T10181]  </TASK>
[  148.257471][T10194] syz.4.2275[10194] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  148.257563][T10194] syz.4.2275[10194] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  148.269003][T10196] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2279'.
[  148.269572][T10196] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  148.283476][T10194] syz.4.2275[10194] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  148.505495][T10211] syzkaller1: entered promiscuous mode
[  148.523393][T10211] syzkaller1: entered allmulticast mode
[  148.643953][T10220] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10220 comm=syz.2.2288
[  149.111698][T10224] xt_CT: You must specify a L4 protocol and not use inversions on it
[  149.131932][T10222] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(11)
[  149.138578][T10222] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  149.146332][T10222] vhci_hcd vhci_hcd.0: Device attached
[  149.173813][T10222] tmpfs: Bad value for 'mpol'
[  149.174681][T10231] loop4: detected capacity change from 0 to 512
[  149.197965][T10226] vhci_hcd: connection closed
[  149.198111][   T28] vhci_hcd: stop threads
[  149.207161][   T28] vhci_hcd: release socket
[  149.211633][   T28] vhci_hcd: disconnect device
[  149.223575][T10231] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  149.273648][T10239] syz.4.2297[10239] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  149.273733][T10239] syz.4.2297[10239] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  149.285704][T10239] syz.4.2297[10239] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  149.307525][T10239] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10239 comm=syz.4.2297
[  149.335290][T10243] bridge0: port 1(bond0) entered blocking state
[  149.341712][T10243] bridge0: port 1(bond0) entered disabled state
[  149.348720][T10243] bond0: entered allmulticast mode
[  149.355226][T10243] bond0: entered promiscuous mode
[  149.427072][T10245] loop4: detected capacity change from 0 to 512
[  149.446137][T10245] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  149.473159][T10245] EXT4-fs (loop4): 1 truncate cleaned up
[  149.479680][T10245] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  149.547254][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.565344][T10251] batadv2: entered promiscuous mode
[  149.572001][T10251] 8021q: adding VLAN 0 to HW filter on device batadv2
[  149.613986][T10253] loop4: detected capacity change from 0 to 512
[  149.627778][T10253] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[  149.640072][T10253] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.2302: invalid indirect mapped block 2683928664 (level 1)
[  149.654737][T10253] EXT4-fs (loop4): Remounting filesystem read-only
[  149.665167][T10253] EXT4-fs (loop4): 1 truncate cleaned up
[  149.671290][T10253] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  149.685955][T10253] SELinux: (dev loop4, type ext4) getxattr errno 5
[  149.726741][T10253] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.753882][T10257] siw: device registration error -23
[  149.892153][T10264] __nla_validate_parse: 2 callbacks suppressed
[  149.892172][T10264] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2306'.
[  149.906932][T10276] xt_CT: You must specify a L4 protocol and not use inversions on it
[  149.956688][T10280] batadv0: entered promiscuous mode
[  149.964916][T10280] 8021q: adding VLAN 0 to HW filter on device batadv0
[  149.985304][T10279] loop3: detected capacity change from 0 to 256
[  150.108924][T10294] siw: device registration error -23
[  150.164237][T10300] loop6: detected capacity change from 0 to 512
[  150.164335][T10291] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(11)
[  150.177133][T10291] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  150.177409][T10300] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2322'.
[  150.184830][T10291] vhci_hcd vhci_hcd.0: Device attached
[  150.209701][T10300] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  150.238926][T10291] tmpfs: Bad value for 'mpol'
[  150.277263][T10301] vhci_hcd: connection closed
[  150.277509][ T3723] vhci_hcd: stop threads
[  150.284708][T10311] loop6: detected capacity change from 0 to 512
[  150.286580][ T3723] vhci_hcd: release socket
[  150.297720][ T3723] vhci_hcd: disconnect device
[  150.323898][T10311] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2325'.
[  150.337681][T10311] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  150.347452][T10312] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2323'.
[  150.408550][T10318] FAULT_INJECTION: forcing a failure.
[  150.408550][T10318] name failslab, interval 1, probability 0, space 0, times 0
[  150.421383][T10318] CPU: 1 UID: 0 PID: 10318 Comm: +}[@ Not tainted 6.12.0-syzkaller-10313-g7d4050728c83 #0
[  150.431422][T10318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  150.434184][T10320] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2329'.
[  150.441477][T10318] Call Trace:
[  150.441589][T10318]  <TASK>
[  150.450474][T10320] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2329'.
[  150.453706][T10318]  dump_stack_lvl+0xf2/0x150
[  150.470112][T10318]  dump_stack+0x15/0x20
[  150.474308][T10318]  should_fail_ex+0x223/0x230
[  150.479067][T10318]  should_failslab+0x8f/0xb0
[  150.483697][T10318]  __kmalloc_noprof+0xab/0x3f0
[  150.488492][T10318]  ? ip_options_get+0x51/0x330
[  150.493319][T10318]  ip_options_get+0x51/0x330
[  150.498008][T10318]  ? __rcu_read_unlock+0x4e/0x70
[  150.503006][T10318]  ip_cmsg_send+0x3f1/0x5e0
[  150.507537][T10318]  udp_sendmsg+0x7e7/0x12f0
[  150.512120][T10318]  ? _raw_spin_unlock_bh+0x36/0x40
[  150.517250][T10318]  ? udp_lib_get_port+0xd16/0xdc0
[  150.522373][T10318]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  150.527937][T10318]  ? __rcu_read_unlock+0x4e/0x70
[  150.532899][T10318]  ? ip4_datagram_release_cb+0x3f9/0x430
[  150.538568][T10318]  ? __pfx_udp_sendmsg+0x10/0x10
[  150.543590][T10318]  inet_sendmsg+0xaf/0xd0
[  150.547972][T10318]  __sock_sendmsg+0x102/0x180
[  150.552674][T10318]  ____sys_sendmsg+0x312/0x410
[  150.557461][T10318]  __sys_sendmmsg+0x227/0x4b0
[  150.562174][T10318]  __x64_sys_sendmmsg+0x57/0x70
[  150.567043][T10318]  x64_sys_call+0x29aa/0x2dc0
[  150.571740][T10318]  do_syscall_64+0xc9/0x1c0
[  150.576376][T10318]  ? clear_bhb_loop+0x55/0xb0
[  150.581096][T10318]  ? clear_bhb_loop+0x55/0xb0
[  150.585790][T10318]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.591764][T10318] RIP: 0033:0x7fb560020809
[  150.596290][T10318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  150.616105][T10318] RSP: 002b:00007fb55e697058 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  150.624606][T10318] RAX: ffffffffffffffda RBX: 00007fb5601e5fa0 RCX: 00007fb560020809
[  150.632585][T10318] RDX: 0000000000000001 RSI: 0000000020000780 RDI: 0000000000000004
[  150.640596][T10318] RBP: 00007fb55e6970a0 R08: 0000000000000000 R09: 0000000000000000
[  150.648593][T10318] R10: 0000000004008804 R11: 0000000000000246 R12: 0000000000000001
[  150.656574][T10318] R13: 0000000000000000 R14: 00007fb5601e5fa0 R15: 00007ffee69efce8
[  150.664574][T10318]  </TASK>
[  150.718205][T10330] siw: device registration error -23
[  150.742872][T10328] batadv2: entered promiscuous mode
[  150.748763][T10328] 8021q: adding VLAN 0 to HW filter on device batadv2
[  150.759982][T10324] vhci_hcd: invalid port number 61
[  150.835021][T10338] loop3: detected capacity change from 0 to 512
[  150.856839][T10338] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2335'.
[  150.870844][T10338] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  150.998410][T10342] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2337'.
[  151.041182][T10354] loop6: detected capacity change from 0 to 256
[  151.041850][T10357] loop4: detected capacity change from 0 to 512
[  151.105891][T10359] loop3: detected capacity change from 0 to 256
[  151.149097][T10357] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2344'.
[  151.168287][T10357] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  151.197249][T10364] loop3: detected capacity change from 0 to 128
[  151.205087][T10364] vfat: Unknown parameter '01777777777777777777777'
[  151.205142][T10366] batadv2: entered promiscuous mode
[  151.225618][T10366] 8021q: adding VLAN 0 to HW filter on device batadv2
[  151.247542][T10368] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap2
[  151.349911][T10373] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(11)
[  151.356555][T10373] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  151.364255][T10373] vhci_hcd vhci_hcd.0: Device attached
[  151.395029][T10373] tmpfs: Bad value for 'mpol'
[  151.401903][T10380] vhci_hcd: connection closed
[  151.402260][ T3723] vhci_hcd: stop threads
[  151.411458][ T3723] vhci_hcd: release socket
[  151.415883][ T3723] vhci_hcd: disconnect device
[  151.496989][T10392] bond0: left allmulticast mode
[  151.502053][T10392] bond0: left promiscuous mode
[  151.507116][T10392] bridge0: port 1(bond0) entered disabled state
[  151.580670][T10393] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2356'.
[  151.704560][T10399] xt_CT: You must specify a L4 protocol and not use inversions on it
[  151.891918][T10415] loop4: detected capacity change from 0 to 256
[  151.953398][T10419] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  152.016988][T10423] batadv0: entered promiscuous mode
[  152.023025][T10423] 8021q: adding VLAN 0 to HW filter on device batadv0
[  152.043147][T10427] xt_CT: You must specify a L4 protocol and not use inversions on it
[  152.113044][   T29] kauditd_printk_skb: 114 callbacks suppressed
[  152.113062][   T29] audit: type=1400 audit(1732756599.110:7116): avc:  denied  { read } for  pid=3058 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1
[  152.233626][T10443] loop3: detected capacity change from 0 to 512
[  152.273680][T10443] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  152.322462][T10449] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(11)
[  152.329170][T10449] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  152.336914][T10449] vhci_hcd vhci_hcd.0: Device attached
[  152.345750][T10455] xt_CT: You must specify a L4 protocol and not use inversions on it
[  152.353889][T10460] xt_CT: You must specify a L4 protocol and not use inversions on it
[  152.372928][T10449] tmpfs: Bad value for 'mpol'
[  152.381589][T10453] vhci_hcd: connection closed
[  152.391949][ T6393] vhci_hcd: stop threads
[  152.397344][T10463] loop3: detected capacity change from 0 to 512
[  152.400945][ T6393] vhci_hcd: release socket
[  152.400955][ T6393] vhci_hcd: disconnect device
[  152.416620][   T29] audit: type=1326 audit(1732756599.400:7117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10461 comm="syz.3.2386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3224850809 code=0x7ffc0000
[  152.440155][   T29] audit: type=1326 audit(1732756599.400:7118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10461 comm="syz.3.2386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3224850809 code=0x7ffc0000
[  152.463719][   T29] audit: type=1326 audit(1732756599.400:7119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10461 comm="syz.3.2386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3224850809 code=0x7ffc0000
[  152.487356][   T29] audit: type=1326 audit(1732756599.400:7120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10461 comm="syz.3.2386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3224850809 code=0x7ffc0000
[  152.511031][   T29] audit: type=1326 audit(1732756599.400:7121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10461 comm="syz.3.2386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3224850809 code=0x7ffc0000
[  152.534610][   T29] audit: type=1326 audit(1732756599.400:7122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10461 comm="syz.3.2386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3224850809 code=0x7ffc0000
[  152.558039][   T29] audit: type=1326 audit(1732756599.400:7123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10461 comm="syz.3.2386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3224850809 code=0x7ffc0000
[  152.581596][   T29] audit: type=1326 audit(1732756599.400:7124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10461 comm="syz.3.2386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3224850809 code=0x7ffc0000
[  152.591326][T10463] EXT4-fs (loop3): orphan cleanup on readonly fs
[  152.605102][   T29] audit: type=1326 audit(1732756599.400:7125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10461 comm="syz.3.2386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f3224850809 code=0x7ffc0000
[  152.643746][T10463] EXT4-fs warning (device loop3): ext4_enable_quotas:7156: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  152.652793][T10464] loop4: detected capacity change from 0 to 512
[  152.672116][T10463] EXT4-fs (loop3): Cannot turn on quotas: error -117
[  152.679430][T10463] EXT4-fs error (device loop3): ext4_ext_check_inode:524: inode #13: comm syz.3.2386: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  152.703293][T10463] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.2386: couldn't read orphan inode 13 (err -117)
[  152.716495][T10463] EXT4-fs (loop3): mounted filesystem 00000000-0000-0b00-0000-000000000000 ro without journal. Quota mode: writeback.
[  152.730720][T10464] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  152.768790][T10464] EXT4-fs (loop4): 1 truncate cleaned up
[  152.779347][T10464] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  152.797277][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0b00-0000-000000000000.
[  152.829722][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  152.876854][T10471] batadv3: entered promiscuous mode
[  152.886815][T10471] 8021q: adding VLAN 0 to HW filter on device batadv3
[  152.929555][T10478] netlink: 'syz.4.2391': attribute type 3 has an invalid length.
[  153.069739][T10494] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  153.131380][T10503] xt_CT: You must specify a L4 protocol and not use inversions on it
[  153.141709][T10506] xt_CT: You must specify a L4 protocol and not use inversions on it
[  153.180138][T10509] FAULT_INJECTION: forcing a failure.
[  153.180138][T10509] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  153.193265][T10509] CPU: 1 UID: 0 PID: 10509 Comm: syz.2.2399 Not tainted 6.12.0-syzkaller-10313-g7d4050728c83 #0
[  153.203724][T10509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  153.213790][T10509] Call Trace:
[  153.217078][T10509]  <TASK>
[  153.220045][T10509]  dump_stack_lvl+0xf2/0x150
[  153.224645][T10509]  dump_stack+0x15/0x20
[  153.228866][T10509]  should_fail_ex+0x223/0x230
[  153.233571][T10509]  should_fail+0xb/0x10
[  153.237745][T10509]  should_fail_usercopy+0x1a/0x20
[  153.242832][T10509]  _copy_from_user+0x1e/0xb0
[  153.247483][T10509]  tls_setsockopt+0x80e/0xcb0
[  153.252277][T10509]  sock_common_setsockopt+0x64/0x80
[  153.257505][T10509]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  153.263422][T10509]  __sys_setsockopt+0x187/0x200
[  153.268293][T10509]  __x64_sys_setsockopt+0x66/0x80
[  153.273329][T10509]  x64_sys_call+0x282e/0x2dc0
[  153.278016][T10509]  do_syscall_64+0xc9/0x1c0
[  153.282536][T10509]  ? clear_bhb_loop+0x55/0xb0
[  153.287261][T10509]  ? clear_bhb_loop+0x55/0xb0
[  153.291947][T10509]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.297931][T10509] RIP: 0033:0x7f6be7060809
[  153.302358][T10509] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  153.321975][T10509] RSP: 002b:00007f6be56d7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  153.330469][T10509] RAX: ffffffffffffffda RBX: 00007f6be7225fa0 RCX: 00007f6be7060809
[  153.338512][T10509] RDX: 0000000000000002 RSI: 000000000000011a RDI: 0000000000000005
[  153.346491][T10509] RBP: 00007f6be56d70a0 R08: 0000000000000038 R09: 0000000000000000
[  153.354493][T10509] R10: 0000000020000140 R11: 0000000000000246 R12: 0000000000000001
[  153.362472][T10509] R13: 0000000000000000 R14: 00007f6be7225fa0 R15: 00007fff2779eeb8
[  153.370458][T10509]  </TASK>
[  153.404454][T10515] loop6: detected capacity change from 0 to 256
[  153.423894][T10519] loop4: detected capacity change from 0 to 256
[  153.561679][T10525] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  153.691821][T10540] loop3: detected capacity change from 0 to 512
[  153.696701][T10539] siw: device registration error -23
[  153.711226][T10546] xt_CT: You must specify a L4 protocol and not use inversions on it
[  153.732478][T10540] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  153.859274][T10542] loop6: detected capacity change from 0 to 8192
[  153.920962][T10563] loop4: detected capacity change from 0 to 160
[  153.973957][T10567] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10567 comm=syz.6.2415
[  154.058071][T10569] gretap0: entered promiscuous mode
[  154.065657][T10569] batadv_slave_1: entered promiscuous mode
[  154.075234][T10575] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  154.191463][T10586] siw: device registration error -23
[  154.198441][T10580] loop4: detected capacity change from 0 to 256
[  154.292046][T10595] loop4: detected capacity change from 0 to 256
[  154.414879][T10604] loop3: detected capacity change from 0 to 1024
[  154.428915][T10604] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  154.472025][T10604] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  154.771996][T10612] loop4: detected capacity change from 0 to 512
[  154.882961][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  154.894221][T10612] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  154.949095][T10620] FAULT_INJECTION: forcing a failure.
[  154.949095][T10620] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  154.962359][T10620] CPU: 1 UID: 0 PID: 10620 Comm: syz.4.2445 Not tainted 6.12.0-syzkaller-10313-g7d4050728c83 #0
[  154.972827][T10620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  154.982906][T10620] Call Trace:
[  154.986198][T10620]  <TASK>
[  154.989160][T10620]  dump_stack_lvl+0xf2/0x150
[  154.993789][T10620]  dump_stack+0x15/0x20
[  154.997965][T10620]  should_fail_ex+0x223/0x230
[  155.002679][T10620]  should_fail+0xb/0x10
[  155.006939][T10620]  should_fail_usercopy+0x1a/0x20
[  155.012099][T10620]  _copy_from_iter+0xd5/0xd00
[  155.016820][T10620]  ? kmalloc_reserve+0x16e/0x190
[  155.021775][T10620]  ? __build_skb_around+0x196/0x1f0
[  155.027072][T10620]  ? __alloc_skb+0x21f/0x310
[  155.031677][T10620]  ? __virt_addr_valid+0x1ed/0x250
[  155.036815][T10620]  ? __check_object_size+0x364/0x520
[  155.042116][T10620]  netlink_sendmsg+0x460/0x6e0
[  155.046953][T10620]  ? __pfx_netlink_sendmsg+0x10/0x10
[  155.052275][T10620]  __sock_sendmsg+0x140/0x180
[  155.056969][T10620]  ____sys_sendmsg+0x312/0x410
[  155.061856][T10620]  __sys_sendmsg+0x19d/0x230
[  155.066484][T10620]  __x64_sys_sendmsg+0x46/0x50
[  155.071301][T10620]  x64_sys_call+0x2734/0x2dc0
[  155.076022][T10620]  do_syscall_64+0xc9/0x1c0
[  155.080554][T10620]  ? clear_bhb_loop+0x55/0xb0
[  155.085239][T10620]  ? clear_bhb_loop+0x55/0xb0
[  155.089983][T10620]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.096009][T10620] RIP: 0033:0x7fd169b50809
[  155.100429][T10620] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  155.120137][T10620] RSP: 002b:00007fd1681c7058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  155.128620][T10620] RAX: ffffffffffffffda RBX: 00007fd169d15fa0 RCX: 00007fd169b50809
[  155.136650][T10620] RDX: 0000000000008000 RSI: 0000000020001ac0 RDI: 0000000000000004
[  155.144640][T10620] RBP: 00007fd1681c70a0 R08: 0000000000000000 R09: 0000000000000000
[  155.152720][T10620] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  155.160688][T10620] R13: 0000000000000000 R14: 00007fd169d15fa0 R15: 00007ffc657f8c68
[  155.168760][T10620]  </TASK>
[  155.277278][T10631] FAULT_INJECTION: forcing a failure.
[  155.277278][T10631] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  155.290637][T10631] CPU: 0 UID: 0 PID: 10631 Comm: syz.4.2450 Not tainted 6.12.0-syzkaller-10313-g7d4050728c83 #0
[  155.301142][T10631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  155.311296][T10631] Call Trace:
[  155.314600][T10631]  <TASK>
[  155.317606][T10631]  dump_stack_lvl+0xf2/0x150
[  155.322207][T10631]  dump_stack+0x15/0x20
[  155.326386][T10631]  should_fail_ex+0x223/0x230
[  155.331085][T10631]  should_fail+0xb/0x10
[  155.335290][T10631]  should_fail_usercopy+0x1a/0x20
[  155.340411][T10631]  _copy_from_iter+0xd5/0xd00
[  155.345111][T10631]  ? kmalloc_reserve+0x16e/0x190
[  155.350136][T10631]  ? __build_skb_around+0x196/0x1f0
[  155.355472][T10631]  ? __alloc_skb+0x21f/0x310
[  155.360066][T10631]  ? __virt_addr_valid+0x1ed/0x250
[  155.365196][T10631]  ? __check_object_size+0x364/0x520
[  155.370522][T10631]  netlink_sendmsg+0x460/0x6e0
[  155.375432][T10631]  ? __pfx_netlink_sendmsg+0x10/0x10
[  155.380790][T10631]  __sock_sendmsg+0x140/0x180
[  155.385557][T10631]  ____sys_sendmsg+0x312/0x410
[  155.390403][T10631]  __sys_sendmsg+0x19d/0x230
[  155.395113][T10631]  __x64_sys_sendmsg+0x46/0x50
[  155.399895][T10631]  x64_sys_call+0x2734/0x2dc0
[  155.404589][T10631]  do_syscall_64+0xc9/0x1c0
[  155.409102][T10631]  ? clear_bhb_loop+0x55/0xb0
[  155.413798][T10631]  ? clear_bhb_loop+0x55/0xb0
[  155.418590][T10631]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.424501][T10631] RIP: 0033:0x7fd169b50809
[  155.428941][T10631] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  155.448557][T10631] RSP: 002b:00007fd1681c7058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  155.457009][T10631] RAX: ffffffffffffffda RBX: 00007fd169d15fa0 RCX: 00007fd169b50809
[  155.464992][T10631] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003
[  155.473114][T10631] RBP: 00007fd1681c70a0 R08: 0000000000000000 R09: 0000000000000000
[  155.481132][T10631] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  155.489114][T10631] R13: 0000000000000000 R14: 00007fd169d15fa0 R15: 00007ffc657f8c68
[  155.497101][T10631]  </TASK>
[  155.506758][T10638] siw: device registration error -23
[  155.582210][T10643] loop4: detected capacity change from 0 to 512
[  155.604234][T10643] __nla_validate_parse: 14 callbacks suppressed
[  155.604248][T10643] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2455'.
[  155.621060][T10636] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10636 comm=syz.2.2452
[  155.662977][T10641] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2451'.
[  155.674616][T10643] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  155.721880][T10640] pim6reg1: entered promiscuous mode
[  155.727238][T10640] pim6reg1: entered allmulticast mode
[  155.901134][T10654] xt_CT: You must specify a L4 protocol and not use inversions on it
[  155.980310][T10661] syz.6.2462[10661] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  155.990123][T10661] syz.6.2462[10661] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  156.004320][T10661] syz.6.2462[10661] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  156.044887][T10661] loop6: detected capacity change from 0 to 2048
[  156.115194][T10670] FAULT_INJECTION: forcing a failure.
[  156.115194][T10670] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  156.127998][T10661] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  156.128301][T10670] CPU: 0 UID: 0 PID: 10670 Comm: syz.2.2466 Not tainted 6.12.0-syzkaller-10313-g7d4050728c83 #0
[  156.150630][T10670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  156.160757][T10670] Call Trace:
[  156.164041][T10670]  <TASK>
[  156.167078][T10670]  dump_stack_lvl+0xf2/0x150
[  156.171713][T10670]  dump_stack+0x15/0x20
[  156.175874][T10670]  should_fail_ex+0x223/0x230
[  156.180572][T10670]  should_fail+0xb/0x10
[  156.184765][T10670]  should_fail_usercopy+0x1a/0x20
[  156.189869][T10670]  _copy_from_user+0x1e/0xb0
[  156.194466][T10670]  __sys_bpf+0x14e/0x7a0
[  156.198804][T10670]  __x64_sys_bpf+0x43/0x50
[  156.203231][T10670]  x64_sys_call+0x2914/0x2dc0
[  156.207923][T10670]  do_syscall_64+0xc9/0x1c0
[  156.212492][T10670]  ? clear_bhb_loop+0x55/0xb0
[  156.217174][T10670]  ? clear_bhb_loop+0x55/0xb0
[  156.221991][T10670]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.227948][T10670] RIP: 0033:0x7f6be7060809
[  156.232371][T10670] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  156.251988][T10670] RSP: 002b:00007f6be56d7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  156.260487][T10670] RAX: ffffffffffffffda RBX: 00007f6be7225fa0 RCX: 00007f6be7060809
[  156.268474][T10670] RDX: 0000000000000010 RSI: 00000000200007c0 RDI: 000000000000000f
[  156.276454][T10670] RBP: 00007f6be56d70a0 R08: 0000000000000000 R09: 0000000000000000
[  156.284479][T10670] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  156.292457][T10670] R13: 0000000000000000 R14: 00007f6be7225fa0 R15: 00007fff2779eeb8
[  156.300512][T10670]  </TASK>
[  156.340584][T10661] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  156.355735][T10661] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 23 with error 28
[  156.368238][T10661] EXT4-fs (loop6): This should not happen!! Data will be lost
[  156.368238][T10661] 
[  156.377898][T10661] EXT4-fs (loop6): Total free blocks count 0
[  156.383913][T10661] EXT4-fs (loop6): Free/Dirty block details
[  156.389920][T10661] EXT4-fs (loop6): free_blocks=2415919104
[  156.395658][T10661] EXT4-fs (loop6): dirty_blocks=48
[  156.400910][T10661] EXT4-fs (loop6): Block reservation details
[  156.406902][T10661] EXT4-fs (loop6): i_reserved_data_blocks=3
[  156.460363][T10678] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28
[  156.722485][T10680] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10680 comm=syz.2.2467
[  156.905467][T10688] netlink: 'syz.3.2470': attribute type 1 has an invalid length.
[  157.048176][T10699] netlink: 596 bytes leftover after parsing attributes in process `syz.1.2475'.
[  157.063140][T10700] tipc: Can't bind to reserved service type 0
[  157.194515][   T29] kauditd_printk_skb: 310 callbacks suppressed
[  157.194534][   T29] audit: type=1400 audit(1732756604.199:7435): avc:  denied  { create } for  pid=10717 comm="syz.1.2476" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  157.226374][   T29] audit: type=1400 audit(1732756604.229:7436): avc:  denied  { write } for  pid=10717 comm="syz.1.2476" name="file0" dev="tmpfs" ino=1282 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  157.243327][T10722] batadv3: entered promiscuous mode
[  157.249050][   T29] audit: type=1400 audit(1732756604.229:7437): avc:  denied  { open } for  pid=10717 comm="syz.1.2476" path="/242/file0" dev="tmpfs" ino=1282 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  157.256639][T10722] 8021q: adding VLAN 0 to HW filter on device batadv3
[  157.277290][   T29] audit: type=1400 audit(1732756604.229:7438): avc:  denied  { ioctl } for  pid=10717 comm="syz.1.2476" path="/242/file0" dev="tmpfs" ino=1282 ioctlcmd=0x1273 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  157.347632][   T29] audit: type=1400 audit(1732756604.349:7439): avc:  denied  { unlink } for  pid=7468 comm="syz-executor" name="file0" dev="tmpfs" ino=1282 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  157.467034][   T29] audit: type=1326 audit(1732756604.469:7440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10730 comm="syz.2.2482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6be7060809 code=0x7ffc0000
[  157.495256][   T29] audit: type=1326 audit(1732756604.499:7441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10730 comm="syz.2.2482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f6be7060809 code=0x7ffc0000
[  157.518898][   T29] audit: type=1326 audit(1732756604.499:7442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10730 comm="syz.2.2482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6be7060809 code=0x7ffc0000
[  157.542571][   T29] audit: type=1326 audit(1732756604.499:7443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10730 comm="syz.2.2482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6be7060809 code=0x7ffc0000
[  157.566272][   T29] audit: type=1326 audit(1732756604.499:7444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10730 comm="syz.2.2482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6be7060809 code=0x7ffc0000
[  157.614336][T10737] batadv3: entered promiscuous mode
[  157.620385][T10737] 8021q: adding VLAN 0 to HW filter on device batadv3
[  158.081204][T10751] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2490'.
[  158.084042][T10747] loop4: detected capacity change from 0 to 8192
[  158.090446][T10751] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  158.177135][T10756] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10756 comm=syz.4.2488
[  158.342059][T10768] batadv2: entered promiscuous mode
[  158.348064][T10768] 8021q: adding VLAN 0 to HW filter on device batadv2
[  158.466604][T10773] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2499'.
[  158.476879][T10773] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  158.890976][T10764] syz.2.2496 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_NOWARN|__GFP_ZERO), order=0, oom_score_adj=1000
[  158.905271][T10764] CPU: 0 UID: 0 PID: 10764 Comm: syz.2.2496 Not tainted 6.12.0-syzkaller-10313-g7d4050728c83 #0
[  158.915808][T10764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  158.925915][T10764] Call Trace:
[  158.929294][T10764]  <TASK>
[  158.932282][T10764]  dump_stack_lvl+0xf2/0x150
[  158.936907][T10764]  dump_stack+0x15/0x20
[  158.941093][T10764]  dump_header+0x83/0x2d0
[  158.945446][T10764]  oom_kill_process+0x341/0x4c0
[  158.950421][T10764]  out_of_memory+0x9af/0xbe0
[  158.955077][T10764]  ? css_next_descendant_pre+0x11c/0x140
[  158.960742][T10764]  mem_cgroup_out_of_memory+0x13e/0x190
[  158.966319][T10764]  try_charge_memcg+0x508/0x7f0
[  158.971195][T10764]  obj_cgroup_charge_pages+0xbd/0x1a0
[  158.976663][T10764]  __memcg_kmem_charge_page+0x9d/0x170
[  158.982236][T10764]  __alloc_pages_noprof+0x1bc/0x340
[  158.987490][T10764]  alloc_pages_mpol_noprof+0xb1/0x1e0
[  158.992890][T10764]  alloc_pages_noprof+0xe1/0x100
[  158.997868][T10764]  __vmalloc_node_range_noprof+0x6eb/0xe80
[  159.003696][T10764]  __kvmalloc_node_noprof+0x121/0x170
[  159.009078][T10764]  ? ip_set_alloc+0x1f/0x30
[  159.013646][T10764]  ip_set_alloc+0x1f/0x30
[  159.018027][T10764]  hash_ipport_create+0x4dc/0x9f0
[  159.023097][T10764]  ? __pfx_hash_ipport_create+0x10/0x10
[  159.028659][T10764]  ip_set_create+0x359/0x8a0
[  159.033283][T10764]  ? strnstr+0x61/0x100
[  159.037534][T10764]  ? __nla_parse+0x40/0x60
[  159.042001][T10764]  nfnetlink_rcv_msg+0x4a9/0x570
[  159.047012][T10764]  netlink_rcv_skb+0x12c/0x230
[  159.051792][T10764]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  159.057285][T10764]  nfnetlink_rcv+0x16c/0x15d0
[  159.062093][T10764]  ? kmem_cache_free+0xdc/0x2d0
[  159.066980][T10764]  ? nlmon_xmit+0x51/0x60
[  159.071324][T10764]  ? __kfree_skb+0x102/0x150
[  159.075956][T10764]  ? consume_skb+0x49/0x160
[  159.080467][T10764]  ? nlmon_xmit+0x51/0x60
[  159.084814][T10764]  ? dev_hard_start_xmit+0x3c1/0x3f0
[  159.090113][T10764]  ? __dev_queue_xmit+0xb6e/0x2090
[  159.095253][T10764]  ? ref_tracker_free+0x3a5/0x410
[  159.100353][T10764]  ? __dev_queue_xmit+0x186/0x2090
[  159.105592][T10764]  ? __netlink_deliver_tap+0x4c6/0x4f0
[  159.111106][T10764]  netlink_unicast+0x599/0x670
[  159.115883][T10764]  netlink_sendmsg+0x5cc/0x6e0
[  159.120696][T10764]  ? __pfx_netlink_sendmsg+0x10/0x10
[  159.125993][T10764]  __sock_sendmsg+0x140/0x180
[  159.130784][T10764]  ____sys_sendmsg+0x312/0x410
[  159.135563][T10764]  __sys_sendmsg+0x19d/0x230
[  159.140250][T10764]  __x64_sys_sendmsg+0x46/0x50
[  159.145059][T10764]  x64_sys_call+0x2734/0x2dc0
[  159.149764][T10764]  do_syscall_64+0xc9/0x1c0
[  159.154273][T10764]  ? clear_bhb_loop+0x55/0xb0
[  159.158956][T10764]  ? clear_bhb_loop+0x55/0xb0
[  159.163690][T10764]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.169637][T10764] RIP: 0033:0x7f6be7060809
[  159.174057][T10764] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  159.193937][T10764] RSP: 002b:00007f6be56d7058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  159.202358][T10764] RAX: ffffffffffffffda RBX: 00007f6be7225fa0 RCX: 00007f6be7060809
[  159.210364][T10764] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000005
[  159.218489][T10764] RBP: 00007f6be70d393e R08: 0000000000000000 R09: 0000000000000000
[  159.226467][T10764] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  159.234629][T10764] R13: 0000000000000000 R14: 00007f6be7225fa0 R15: 00007fff2779eeb8
[  159.242682][T10764]  </TASK>
[  159.246045][T10764] memory: usage 307200kB, limit 307200kB, failcnt 228
[  159.252961][T10764] memory+swap: usage 308764kB, limit 9007199254740988kB, failcnt 0
[  159.260931][T10764] kmem: usage 307196kB, limit 9007199254740988kB, failcnt 0
[  159.268249][T10764] Memory cgroup stats for /syz2:
[  159.270232][T10764] cache 0
[  159.278225][T10764] rss 0
[  159.281102][T10764] shmem 0
[  159.284054][T10764] mapped_file 0
[  159.287558][T10764] dirty 0
[  159.290556][T10764] writeback 0
[  159.293858][T10764] workingset_refault_anon 37
[  159.298636][T10764] workingset_refault_file 65
[  159.303315][T10764] swap 1601536
[  159.306750][T10764] swapcached 4096
[  159.310480][T10764] pgpgin 85694
[  159.313934][T10764] pgpgout 85693
[  159.317424][T10764] pgfault 111866
[  159.321011][T10764] pgmajfault 21
[  159.324493][T10764] inactive_anon 4096
[  159.328521][T10764] active_anon 0
[  159.332077][T10764] inactive_file 0
[  159.335770][T10764] active_file 0
[  159.337543][T10781] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2502'.
[  159.339236][T10764] unevictable 0
[  159.339246][T10764] hierarchical_memory_limit 314572800
[  159.339257][T10764] hierarchical_memsw_limit 9223372036854771712
[  159.339268][T10764] total_cache 0
[  159.339276][T10764] total_rss 0
[  159.339315][T10764] total_shmem 0
[  159.339324][T10764] total_mapped_file 0
[  159.339333][T10764] total_dirty 0
[  159.339341][T10764] total_writeback 0
[  159.339351][T10764] total_workingset_refault_anon 37
[  159.339361][T10764] total_workingset_refault_file 65
[  159.339371][T10764] total_swap 1601536
[  159.339380][T10764] total_swapcached 4096
[  159.339389][T10764] total_pgpgin 85694
[  159.339398][T10764] total_pgpgout 85693
[  159.411422][T10764] total_pgfault 111866
[  159.415496][T10764] total_pgmajfault 21
[  159.419485][T10764] total_inactive_anon 4096
[  159.423955][T10764] total_active_anon 0
[  159.428081][T10764] total_inactive_file 0
[  159.432252][T10764] total_active_file 0
[  159.436238][T10764] total_unevictable 0
[  159.440319][T10764] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.2496,pid=10763,uid=0
[  159.455161][T10764] Memory cgroup out of memory: Killed process 10763 (syz.2.2496) total-vm:93280kB, anon-rss:616kB, file-rss:22308kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  159.598451][T10792] loop4: detected capacity change from 0 to 256
[  159.627793][T10794] batadv2: entered promiscuous mode
[  159.635219][T10794] 8021q: adding VLAN 0 to HW filter on device batadv2
[  159.672882][T10796] loop6: detected capacity change from 0 to 256
[  159.785564][T10803] loop4: detected capacity change from 0 to 8192
[  159.871390][T10809] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10809 comm=syz.4.2512
[  159.904892][T10764] syz.2.2496 (10764) used greatest stack depth: 6256 bytes left
[  159.923493][T10813] loop6: detected capacity change from 0 to 512
[  159.946748][T10815] bond2: entered promiscuous mode
[  159.951872][T10815] bond2: entered allmulticast mode
[  159.957909][T10815] 8021q: adding VLAN 0 to HW filter on device bond2
[  159.977548][T10815] bond2 (unregistering): Released all slaves
[  159.987488][T10818] loop3: detected capacity change from 0 to 512
[  159.989607][T10813] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2516'.
[  160.003974][T10813] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  160.015076][T10818] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2518'.
[  160.026871][T10818] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  160.102375][T10827] batadv0: entered promiscuous mode
[  160.108658][T10827] 8021q: adding VLAN 0 to HW filter on device batadv0
[  160.134573][T10831] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2524'.
[  160.246855][T10842] ipip0: entered promiscuous mode
[  160.259218][T10842] FAULT_INJECTION: forcing a failure.
[  160.259218][T10842] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  160.272390][T10842] CPU: 1 UID: 0 PID: 10842 Comm: syz.6.2527 Not tainted 6.12.0-syzkaller-10313-g7d4050728c83 #0
[  160.282833][T10842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  160.292957][T10842] Call Trace:
[  160.296240][T10842]  <TASK>
[  160.299214][T10842]  dump_stack_lvl+0xf2/0x150
[  160.303817][T10842]  dump_stack+0x15/0x20
[  160.307980][T10842]  should_fail_ex+0x223/0x230
[  160.312750][T10842]  should_fail+0xb/0x10
[  160.316924][T10842]  should_fail_usercopy+0x1a/0x20
[  160.322093][T10842]  _copy_from_user+0x1e/0xb0
[  160.326691][T10842]  move_addr_to_kernel+0x82/0x120
[  160.331779][T10842]  copy_msghdr_from_user+0x271/0x2a0
[  160.337131][T10842]  __sys_sendmmsg+0x1e8/0x4b0
[  160.341863][T10842]  __x64_sys_sendmmsg+0x57/0x70
[  160.346730][T10842]  x64_sys_call+0x29aa/0x2dc0
[  160.351485][T10842]  do_syscall_64+0xc9/0x1c0
[  160.355995][T10842]  ? clear_bhb_loop+0x55/0xb0
[  160.360747][T10842]  ? clear_bhb_loop+0x55/0xb0
[  160.365546][T10842]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.371460][T10842] RIP: 0033:0x7fb560020809
[  160.376096][T10842] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  160.395779][T10842] RSP: 002b:00007fb55e697058 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  160.404204][T10842] RAX: ffffffffffffffda RBX: 00007fb5601e5fa0 RCX: 00007fb560020809
[  160.412182][T10842] RDX: 0000000000000001 RSI: 0000000020000d40 RDI: 0000000000000008
[  160.420161][T10842] RBP: 00007fb55e6970a0 R08: 0000000000000000 R09: 0000000000000000
[  160.428229][T10842] R10: 0000000000000080 R11: 0000000000000246 R12: 0000000000000001
[  160.436252][T10842] R13: 0000000000000000 R14: 00007fb5601e5fa0 R15: 00007ffee69efce8
[  160.444294][T10842]  </TASK>
[  160.459831][T10844] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2529'.
[  160.501160][T10844] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  160.540603][T10850] loop3: detected capacity change from 0 to 512
[  160.556691][T10853] batadv3: entered promiscuous mode
[  160.563133][T10853] 8021q: adding VLAN 0 to HW filter on device batadv3
[  160.594191][T10855] FAULT_INJECTION: forcing a failure.
[  160.594191][T10855] name failslab, interval 1, probability 0, space 0, times 0
[  160.606963][T10855] CPU: 1 UID: 0 PID: 10855 Comm: syz.6.2533 Not tainted 6.12.0-syzkaller-10313-g7d4050728c83 #0
[  160.617412][T10855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  160.627587][T10855] Call Trace:
[  160.630878][T10855]  <TASK>
[  160.633905][T10855]  dump_stack_lvl+0xf2/0x150
[  160.638517][T10855]  dump_stack+0x15/0x20
[  160.642766][T10855]  should_fail_ex+0x223/0x230
[  160.647587][T10855]  ? audit_log_d_path+0x96/0x250
[  160.652657][T10855]  should_failslab+0x8f/0xb0
[  160.657341][T10855]  __kmalloc_cache_noprof+0x4e/0x320
[  160.662784][T10855]  audit_log_d_path+0x96/0x250
[  160.667579][T10855]  ? __rcu_read_unlock+0x4e/0x70
[  160.672527][T10855]  audit_log_d_path_exe+0x42/0x70
[  160.677647][T10855]  audit_log_task+0x192/0x1c0
[  160.682416][T10855]  audit_seccomp+0x68/0x130
[  160.687042][T10855]  __seccomp_filter+0x6fa/0x1180
[  160.692001][T10855]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  160.697643][T10855]  ? vfs_write+0x596/0x920
[  160.702101][T10855]  ? __schedule+0x6fa/0x930
[  160.706710][T10855]  __secure_computing+0x9f/0x1c0
[  160.711753][T10855]  syscall_trace_enter+0xd1/0x1f0
[  160.716794][T10855]  do_syscall_64+0xaa/0x1c0
[  160.721306][T10855]  ? clear_bhb_loop+0x55/0xb0
[  160.726015][T10855]  ? clear_bhb_loop+0x55/0xb0
[  160.730703][T10855]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.736789][T10855] RIP: 0033:0x7fb560020809
[  160.741213][T10855] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  160.761013][T10855] RSP: 002b:00007fb55e697058 EFLAGS: 00000246 ORIG_RAX: 000000000000001b
[  160.769481][T10855] RAX: ffffffffffffffda RBX: 00007fb5601e5fa0 RCX: 00007fb560020809
[  160.777463][T10855] RDX: 0000000000000000 RSI: 0000000000003000 RDI: 0000000020bdf000
[  160.785471][T10855] RBP: 00007fb55e6970a0 R08: 0000000000000000 R09: 0000000000000000
[  160.793536][T10855] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  160.801591][T10855] R13: 0000000000000000 R14: 00007fb5601e5fa0 R15: 00007ffee69efce8
[  160.809643][T10855]  </TASK>
[  160.826650][T10850] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  160.910656][T10870] batadv2: entered promiscuous mode
[  160.916768][T10870] 8021q: adding VLAN 0 to HW filter on device batadv2
[  160.943503][T10875] __nla_validate_parse: 1 callbacks suppressed
[  160.943618][T10875] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2541'.
[  160.969788][T10871] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(11)
[  160.976456][T10871] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  160.984199][T10871] vhci_hcd vhci_hcd.0: Device attached
[  161.016757][T10871] tmpfs: Bad value for 'mpol'
[  161.034084][T10880] vhci_hcd: connection closed
[  161.034321][   T36] vhci_hcd: stop threads
[  161.043332][   T36] vhci_hcd: release socket
[  161.047766][   T36] vhci_hcd: disconnect device
[  161.057328][   T35] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x4
[  161.065126][   T35] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x2
[  161.079459][   T35] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  161.087372][   T35] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  161.095218][   T35] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  161.102905][   T35] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  161.110635][   T35] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  161.118354][   T35] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  161.126064][   T35] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  161.133746][   T35] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  161.141461][   T35] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  161.149125][   T35] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  161.156822][   T35] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  161.164720][   T35] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  161.172549][   T35] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  161.180335][   T35] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  161.190295][   T35] hid-generic 0000:3000000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  161.201025][T10894] FAULT_INJECTION: forcing a failure.
[  161.201025][T10894] name failslab, interval 1, probability 0, space 0, times 0
[  161.213797][T10894] CPU: 0 UID: 0 PID: 10894 Comm: syz.1.2546 Not tainted 6.12.0-syzkaller-10313-g7d4050728c83 #0
[  161.224332][T10894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  161.234552][T10894] Call Trace:
[  161.237948][T10894]  <TASK>
[  161.240921][T10894]  dump_stack_lvl+0xf2/0x150
[  161.245584][T10894]  dump_stack+0x15/0x20
[  161.249749][T10894]  should_fail_ex+0x223/0x230
[  161.254549][T10894]  should_failslab+0x8f/0xb0
[  161.259250][T10894]  kmem_cache_alloc_node_noprof+0x59/0x320
[  161.265083][T10894]  ? __alloc_skb+0x10b/0x310
[  161.269833][T10894]  __alloc_skb+0x10b/0x310
[  161.274272][T10894]  netlink_alloc_large_skb+0xad/0xe0
[  161.279590][T10894]  netlink_sendmsg+0x3b4/0x6e0
[  161.284456][T10894]  ? __pfx_netlink_sendmsg+0x10/0x10
[  161.289776][T10894]  __sock_sendmsg+0x140/0x180
[  161.294576][T10894]  ____sys_sendmsg+0x312/0x410
[  161.299371][T10894]  __sys_sendmsg+0x19d/0x230
[  161.304011][T10894]  __x64_sys_sendmsg+0x46/0x50
[  161.308873][T10894]  x64_sys_call+0x2734/0x2dc0
[  161.313619][T10894]  do_syscall_64+0xc9/0x1c0
[  161.318209][T10894]  ? clear_bhb_loop+0x55/0xb0
[  161.322962][T10894]  ? clear_bhb_loop+0x55/0xb0
[  161.327745][T10894]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  161.333661][T10894] RIP: 0033:0x7ff7f4dd0809
[  161.338110][T10894] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  161.357811][T10894] RSP: 002b:00007ff7f3447058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  161.366330][T10894] RAX: ffffffffffffffda RBX: 00007ff7f4f95fa0 RCX: 00007ff7f4dd0809
[  161.374392][T10894] RDX: 0000000004000004 RSI: 0000000020000200 RDI: 000000000000000a
[  161.382494][T10894] RBP: 00007ff7f34470a0 R08: 0000000000000000 R09: 0000000000000000
[  161.390476][T10894] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  161.398450][T10894] R13: 0000000000000000 R14: 00007ff7f4f95fa0 R15: 00007fff326081f8
[  161.406462][T10894]  </TASK>
[  161.419862][T10896] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2547'.
[  161.458531][T10900] FAULT_INJECTION: forcing a failure.
[  161.458531][T10900] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  161.471841][T10900] CPU: 0 UID: 0 PID: 10900 Comm: syz.2.2549 Not tainted 6.12.0-syzkaller-10313-g7d4050728c83 #0
[  161.482406][T10900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  161.492471][T10900] Call Trace:
[  161.495753][T10900]  <TASK>
[  161.498739][T10900]  dump_stack_lvl+0xf2/0x150
[  161.503394][T10900]  dump_stack+0x15/0x20
[  161.507557][T10900]  should_fail_ex+0x223/0x230
[  161.512263][T10900]  should_fail+0xb/0x10
[  161.516442][T10900]  should_fail_usercopy+0x1a/0x20
[  161.521499][T10900]  _copy_from_user+0x1e/0xb0
[  161.526105][T10900]  do_sock_getsockopt+0xd3/0x260
[  161.531132][T10900]  __x64_sys_getsockopt+0x18c/0x200
[  161.536440][T10900]  x64_sys_call+0x1288/0x2dc0
[  161.541176][T10900]  do_syscall_64+0xc9/0x1c0
[  161.545694][T10900]  ? clear_bhb_loop+0x55/0xb0
[  161.550377][T10900]  ? clear_bhb_loop+0x55/0xb0
[  161.555090][T10900]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  161.561004][T10900] RIP: 0033:0x7f6be7060809
[  161.565441][T10900] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  161.585213][T10900] RSP: 002b:00007f6be56d7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  161.593649][T10900] RAX: ffffffffffffffda RBX: 00007f6be7225fa0 RCX: 00007f6be7060809
[  161.601675][T10900] RDX: 0000000000000023 RSI: 0000000000000006 RDI: 0000000000000003
[  161.609717][T10900] RBP: 00007f6be56d70a0 R08: 0000000020000000 R09: 0000000000000000
[  161.617702][T10900] R10: 0000000020000140 R11: 0000000000000246 R12: 0000000000000001
[  161.625759][T10900] R13: 0000000000000000 R14: 00007f6be7225fa0 R15: 00007fff2779eeb8
[  161.633743][T10900]  </TASK>
[  161.659942][T10903] loop3: detected capacity change from 0 to 164
[  161.786942][T10918] loop3: detected capacity change from 0 to 512
[  161.797210][T10918] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  161.814205][T10920] siw: device registration error -23
[  161.842759][T10918] EXT4-fs (loop3): 1 truncate cleaned up
[  161.859369][T10918] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  161.920079][T10925] bond0: (slave dummy0): Releasing backup interface
[  161.950221][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.143739][T10942] FAULT_INJECTION: forcing a failure.
[  162.143739][T10942] name failslab, interval 1, probability 0, space 0, times 0
[  162.156429][T10942] CPU: 1 UID: 0 PID: 10942 Comm: syz.6.2565 Not tainted 6.12.0-syzkaller-10313-g7d4050728c83 #0
[  162.167000][T10942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  162.177071][T10942] Call Trace:
[  162.180365][T10942]  <TASK>
[  162.183369][T10942]  dump_stack_lvl+0xf2/0x150
[  162.188045][T10942]  dump_stack+0x15/0x20
[  162.192211][T10942]  should_fail_ex+0x223/0x230
[  162.196968][T10942]  ? alloc_pipe_info+0xb0/0x360
[  162.201827][T10942]  should_failslab+0x8f/0xb0
[  162.206484][T10942]  __kmalloc_cache_noprof+0x4e/0x320
[  162.211789][T10942]  alloc_pipe_info+0xb0/0x360
[  162.216510][T10942]  splice_direct_to_actor+0x60f/0x670
[  162.222000][T10942]  ? __pfx_direct_splice_actor+0x10/0x10
[  162.227652][T10942]  ? selinux_file_permission+0x327/0x360
[  162.233383][T10942]  do_splice_direct+0xd7/0x150
[  162.238224][T10942]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  162.244128][T10942]  do_sendfile+0x398/0x660
[  162.248599][T10942]  __x64_sys_sendfile64+0x110/0x150
[  162.253811][T10942]  x64_sys_call+0xfbd/0x2dc0
[  162.258431][T10942]  do_syscall_64+0xc9/0x1c0
[  162.262937][T10942]  ? clear_bhb_loop+0x55/0xb0
[  162.267651][T10942]  ? clear_bhb_loop+0x55/0xb0
[  162.272375][T10942]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.278329][T10942] RIP: 0033:0x7fb560020809
[  162.282763][T10942] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  162.302402][T10942] RSP: 002b:00007fb55e697058 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  162.310835][T10942] RAX: ffffffffffffffda RBX: 00007fb5601e5fa0 RCX: 00007fb560020809
[  162.318810][T10942] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[  162.326806][T10942] RBP: 00007fb55e6970a0 R08: 0000000000000000 R09: 0000000000000000
[  162.334925][T10942] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001
[  162.342967][T10942] R13: 0000000000000000 R14: 00007fb5601e5fa0 R15: 00007ffee69efce8
[  162.351029][T10942]  </TASK>
[  162.439630][   T29] kauditd_printk_skb: 112 callbacks suppressed
[  162.439650][   T29] audit: type=1326 audit(1732756609.358:7557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10937 comm=2B7D5B70B3 exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f3224850809 code=0x7ffc0000
[  162.469321][   T29] audit: type=1326 audit(1732756609.358:7558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10937 comm=2B7D5B70B3 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3224850809 code=0x7ffc0000
[  162.492673][   T29] audit: type=1326 audit(1732756609.358:7559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10937 comm=2B7D5B70B3 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3224850809 code=0x7ffc0000
[  162.615133][T10945] tmpfs: Bad value for 'mpol'
[  162.711885][   T29] audit: type=1326 audit(1732756609.528:7560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10937 comm=2B7D5B70B3 exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f3224850809 code=0x7ffc0000
[  162.735288][   T29] audit: type=1326 audit(1732756609.538:7561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10937 comm=2B7D5B70B3 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3224850809 code=0x7ffc0000
[  162.758766][   T29] audit: type=1326 audit(1732756609.538:7562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10937 comm=2B7D5B70B3 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3224850809 code=0x7ffc0000
[  162.782187][T10944] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(11)
[  162.788814][T10944] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  162.796460][T10944] vhci_hcd vhci_hcd.0: Device attached
[  162.813866][T10950] vhci_hcd: connection closed
[  162.815731][   T53] vhci_hcd: stop threads
[  162.824749][   T53] vhci_hcd: release socket
[  162.829174][   T53] vhci_hcd: disconnect device
[  162.888931][T10959] batadv0: entered promiscuous mode
[  162.895163][T10959] 8021q: adding VLAN 0 to HW filter on device batadv0
[  162.910869][T10961] loop4: detected capacity change from 0 to 512
[  162.924579][T10961] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  162.948226][T10961] syz.4.2571[10961] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  162.948350][T10961] syz.4.2571[10961] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  162.962990][T10961] syz.4.2571[10961] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  162.988157][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.010443][   T29] audit: type=1400 audit(1732756609.998:7563): avc:  denied  { append } for  pid=10956 comm="syz.3.2570" name="001" dev="devtmpfs" ino=147 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  163.060771][   T29] audit: type=1326 audit(1732756610.048:7564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10971 comm="syz.4.2573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd169b50809 code=0x7ffc0000
[  163.084513][   T29] audit: type=1326 audit(1732756610.058:7565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10971 comm="syz.4.2573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7fd169b50809 code=0x7ffc0000
[  163.085810][T10970] siw: device registration error -23
[  163.108009][   T29] audit: type=1326 audit(1732756610.058:7566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10971 comm="syz.4.2573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd169b50809 code=0x7ffc0000
[  163.172742][T10975] loop4: detected capacity change from 0 to 256
[  163.268577][T10982] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2577'.
[  163.277955][T10982] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  163.323017][T10986] loop4: detected capacity change from 0 to 512
[  163.341048][T10986] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  163.354148][T10986] EXT4-fs (loop4): 1 truncate cleaned up
[  163.361131][T10986] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  163.399562][T10991] FAULT_INJECTION: forcing a failure.
[  163.399562][T10991] name failslab, interval 1, probability 0, space 0, times 0
[  163.412368][T10991] CPU: 1 UID: 0 PID: 10991 Comm: syz.2.2581 Not tainted 6.12.0-syzkaller-10313-g7d4050728c83 #0
[  163.422814][T10991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  163.432962][T10991] Call Trace:
[  163.436258][T10991]  <TASK>
[  163.439215][T10991]  dump_stack_lvl+0xf2/0x150
[  163.443831][T10991]  dump_stack+0x15/0x20
[  163.447999][T10991]  should_fail_ex+0x223/0x230
[  163.452709][T10991]  should_failslab+0x8f/0xb0
[  163.457346][T10991]  kmem_cache_alloc_noprof+0x52/0x320
[  163.462813][T10991]  ? security_inode_alloc+0x37/0x100
[  163.468155][T10991]  security_inode_alloc+0x37/0x100
[  163.473345][T10991]  inode_init_always_gfp+0x4a2/0x4f0
[  163.478659][T10991]  ? __pfx_hugetlbfs_alloc_inode+0x10/0x10
[  163.484602][T10991]  alloc_inode+0x82/0x160
[  163.489026][T10991]  new_inode+0x1e/0x100
[  163.493267][T10991]  hugetlbfs_get_inode+0x7d/0x380
[  163.498406][T10991]  hugetlb_file_setup+0x188/0x3c0
[  163.503467][T10991]  ksys_mmap_pgoff+0x172/0x330
[  163.508356][T10991]  x64_sys_call+0x1940/0x2dc0
[  163.513115][T10991]  do_syscall_64+0xc9/0x1c0
[  163.517744][T10991]  ? clear_bhb_loop+0x55/0xb0
[  163.522437][T10991]  ? clear_bhb_loop+0x55/0xb0
[  163.527134][T10991]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.533165][T10991] RIP: 0033:0x7f6be7060809
[  163.537600][T10991] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  163.557247][T10991] RSP: 002b:00007f6be56d7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  163.565743][T10991] RAX: ffffffffffffffda RBX: 00007f6be7225fa0 RCX: 00007f6be7060809
[  163.573807][T10991] RDX: 0000000000000008 RSI: 0000000000c00000 RDI: 0000000020400000
[  163.581801][T10991] RBP: 00007f6be56d70a0 R08: ffffffffffffffff R09: 0000000000000000
[  163.589849][T10991] R10: 0000000000050032 R11: 0000000000000246 R12: 0000000000000001
[  163.597849][T10991] R13: 0000000000000000 R14: 00007f6be7225fa0 R15: 00007fff2779eeb8
[  163.605932][T10991]  </TASK>
[  163.616944][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.676006][T11002] FAULT_INJECTION: forcing a failure.
[  163.676006][T11002] name failslab, interval 1, probability 0, space 0, times 0
[  163.688771][T11002] CPU: 1 UID: 0 PID: 11002 Comm: syz.4.2582 Not tainted 6.12.0-syzkaller-10313-g7d4050728c83 #0
[  163.699308][T11002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  163.709391][T11002] Call Trace:
[  163.712689][T11002]  <TASK>
[  163.715632][T11002]  dump_stack_lvl+0xf2/0x150
[  163.720283][T11002]  dump_stack+0x15/0x20
[  163.724466][T11002]  should_fail_ex+0x223/0x230
[  163.729236][T11002]  should_failslab+0x8f/0xb0
[  163.733913][T11002]  kmem_cache_alloc_node_noprof+0x59/0x320
[  163.739795][T11002]  ? __alloc_skb+0x10b/0x310
[  163.744434][T11002]  __alloc_skb+0x10b/0x310
[  163.748881][T11002]  ? audit_log_start+0x34c/0x6b0
[  163.753872][T11002]  audit_log_start+0x368/0x6b0
[  163.758715][T11002]  ? kmem_cache_free+0xdc/0x2d0
[  163.763613][T11002]  audit_seccomp+0x4b/0x130
[  163.768354][T11002]  __seccomp_filter+0x6fa/0x1180
[  163.773447][T11002]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  163.779159][T11002]  ? __rcu_read_unlock+0x4e/0x70
[  163.784123][T11002]  ? __fget_files+0x17c/0x1c0
[  163.788899][T11002]  __secure_computing+0x9f/0x1c0
[  163.793864][T11002]  syscall_trace_enter+0xd1/0x1f0
[  163.799040][T11002]  ? fpregs_assert_state_consistent+0x83/0xa0
[  163.805150][T11002]  do_syscall_64+0xaa/0x1c0
[  163.809743][T11002]  ? clear_bhb_loop+0x55/0xb0
[  163.814453][T11002]  ? clear_bhb_loop+0x55/0xb0
[  163.819238][T11002]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.825192][T11002] RIP: 0033:0x7fd169b4f21c
[  163.829638][T11002] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 8e 02 00 48
[  163.849282][T11002] RSP: 002b:00007fd1681c7050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  163.857793][T11002] RAX: ffffffffffffffda RBX: 00007fd169d15fa0 RCX: 00007fd169b4f21c
[  163.865784][T11002] RDX: 000000000000000f RSI: 00007fd1681c70b0 RDI: 0000000000000006
[  163.873769][T11002] RBP: 00007fd1681c70a0 R08: 0000000000000000 R09: 0000000000000000
[  163.881752][T11002] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  163.889765][T11002] R13: 0000000000000000 R14: 00007fd169d15fa0 R15: 00007ffc657f8c68
[  163.897759][T11002]  </TASK>
[  163.903104][T11006] loop3: detected capacity change from 0 to 256
[  163.949220][T11008] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2589'.
[  163.959260][T11008] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  164.005116][T11013] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2591'.
[  164.044463][T10997] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  164.234931][T11022] pimreg: entered allmulticast mode
[  164.250025][T11024] loop6: detected capacity change from 0 to 8192
[  164.267991][T11022] pimreg: left allmulticast mode
[  164.360674][T11031] FAULT_INJECTION: forcing a failure.
[  164.360674][T11031] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  164.373942][T11031] CPU: 1 UID: 0 PID: 11031 Comm: syz.1.2598 Not tainted 6.12.0-syzkaller-10313-g7d4050728c83 #0
[  164.384384][T11031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  164.394512][T11031] Call Trace:
[  164.397811][T11031]  <TASK>
[  164.400769][T11031]  dump_stack_lvl+0xf2/0x150
[  164.402722][T11032] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11032 comm=syz.6.2596
[  164.405386][T11031]  dump_stack+0x15/0x20
[  164.422048][T11031]  should_fail_ex+0x223/0x230
[  164.426766][T11031]  should_fail+0xb/0x10
[  164.427478][T11035] batadv0: entered promiscuous mode
[  164.430945][T11031]  should_fail_usercopy+0x1a/0x20
[  164.430987][T11031]  copy_page_from_iter_atomic+0x228/0xf80
[  164.438833][T11035] 8021q: adding VLAN 0 to HW filter on device batadv0
[  164.441222][T11031]  ? shmem_write_begin+0xa2/0x180
[  164.458768][T11031]  ? shmem_write_begin+0xda/0x180
[  164.463834][T11031]  generic_perform_write+0x2f1/0x4a0
[  164.469239][T11031]  shmem_file_write_iter+0xc2/0xe0
[  164.474384][T11031]  do_iter_readv_writev+0x394/0x450
[  164.479721][T11031]  vfs_writev+0x2d4/0x880
[  164.484138][T11031]  ? proc_fail_nth_write+0x12a/0x150
[  164.489543][T11031]  __se_sys_pwritev2+0x100/0x1c0
[  164.494532][T11031]  __x64_sys_pwritev2+0x78/0x90
[  164.499419][T11031]  x64_sys_call+0x2afe/0x2dc0
[  164.504123][T11031]  do_syscall_64+0xc9/0x1c0
[  164.508668][T11031]  ? clear_bhb_loop+0x55/0xb0
[  164.513377][T11031]  ? clear_bhb_loop+0x55/0xb0
[  164.518085][T11031]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.524079][T11031] RIP: 0033:0x7ff7f4dd0809
[  164.528509][T11031] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  164.548238][T11031] RSP: 002b:00007ff7f3447058 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  164.556730][T11031] RAX: ffffffffffffffda RBX: 00007ff7f4f95fa0 RCX: 00007ff7f4dd0809
[  164.564825][T11031] RDX: 0000000000000001 RSI: 0000000020000240 RDI: 0000000000000005
[  164.572836][T11031] RBP: 00007ff7f34470a0 R08: 0000000000000000 R09: 0000000000000003
[  164.580825][T11031] R10: 0000000000007a00 R11: 0000000000000246 R12: 0000000000000001
[  164.588825][T11031] R13: 0000000000000000 R14: 00007ff7f4f95fa0 R15: 00007fff326081f8
[  164.596899][T11031]  </TASK>
[  164.759534][T11051] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2605'.
[  164.857109][T11055] netlink: 'syz.4.2608': attribute type 2 has an invalid length.
[  164.865017][T11055] netlink: 'syz.4.2608': attribute type 8 has an invalid length.
[  164.872795][T11055] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2608'.
[  164.917178][T11055] netlink: 'syz.4.2608': attribute type 39 has an invalid length.
[  164.982660][T11066] batadv3: entered promiscuous mode
[  164.999678][T11066] 8021q: adding VLAN 0 to HW filter on device batadv3
[  165.148623][T11075] xt_CT: You must specify a L4 protocol and not use inversions on it
[  165.248616][T11089] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2621'.
[  165.257659][T11089] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2621'.
[  165.266745][T11089] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2621'.
[  165.295924][T11092] loop4: detected capacity change from 0 to 8192
[  166.240222][T11143] loop6: detected capacity change from 0 to 164
[  166.257149][T11140] loop4: detected capacity change from 0 to 2048
[  166.270831][T11120] syz.2.2632 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  166.271592][T11140] EXT4-fs: Ignoring removed oldalloc option
[  166.281875][T11120] CPU: 0 UID: 0 PID: 11120 Comm: syz.2.2632 Not tainted 6.12.0-syzkaller-10313-g7d4050728c83 #0
[  166.298197][T11120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  166.308346][T11120] Call Trace:
[  166.311689][T11120]  <TASK>
[  166.314641][T11120]  dump_stack_lvl+0xf2/0x150
[  166.319306][T11120]  dump_stack+0x15/0x20
[  166.323470][T11120]  dump_header+0x83/0x2d0
[  166.327816][T11120]  oom_kill_process+0x341/0x4c0
[  166.332683][T11120]  out_of_memory+0x9af/0xbe0
[  166.337290][T11120]  ? css_next_descendant_pre+0x11c/0x140
[  166.342973][T11120]  mem_cgroup_out_of_memory+0x13e/0x190
[  166.348555][T11120]  try_charge_memcg+0x508/0x7f0
[  166.353443][T11120]  charge_memcg+0x50/0xc0
[  166.357841][T11120]  mem_cgroup_swapin_charge_folio+0xd0/0x150
[  166.363857][T11120]  __read_swap_cache_async+0x236/0x480
[  166.369427][T11120]  swap_cluster_readahead+0x381/0x3f0
[  166.374826][T11120]  swapin_readahead+0xe4/0x6f0
[  166.379675][T11120]  ? __rcu_read_unlock+0x34/0x70
[  166.384695][T11120]  ? swap_cache_get_folio+0x77/0x210
[  166.390001][T11120]  do_swap_page+0x31b/0x2550
[  166.394606][T11120]  ? __rcu_read_lock+0x36/0x50
[  166.399374][T11120]  ? __pfx_default_wake_function+0x10/0x10
[  166.405197][T11120]  handle_mm_fault+0x8e4/0x2ac0
[  166.410073][T11120]  exc_page_fault+0x3b9/0x650
[  166.414779][T11120]  asm_exc_page_fault+0x26/0x30
[  166.419705][T11120] RIP: 0033:0x7f6be6f32868
[  166.424211][T11120] Code: 31 d2 48 f7 f1 48 01 d8 49 39 c4 4c 0f 42 e0 83 3d 58 53 2f 00 00 0f 8e 99 fd ff ff e8 11 d7 fe ff 49 39 c4 72 64 0f 1f 40 00 <69> 3d 26 2e e2 00 e8 03 00 00 48 8d 1d 27 37 2f 00 e8 e2 de 12 00
[  166.443995][T11120] RSP: 002b:00007fff2779f020 EFLAGS: 00010206
[  166.450153][T11120] RAX: 0000000000028930 RBX: 00007f6be7227ba0 RCX: 0000000000028870
[  166.458130][T11120] RDX: 00000000000000c0 RSI: 00007fff2779f000 RDI: 0000000000000001
[  166.466121][T11120] RBP: 00007f6be7227ba0 R08: 000000000b7ad654 R09: 7fffffffffffffff
[  166.474149][T11120] R10: 00007f6be7d60038 R11: 0000000000000010 R12: 000000000002899a
[  166.482128][T11120] R13: 00007f6be7226080 R14: 0000000000000032 R15: ffffffffffffffff
[  166.490111][T11120]  </TASK>
[  166.493234][T11120] memory: usage 307200kB, limit 307200kB, failcnt 597
[  166.500006][T11120] memory+swap: usage 308680kB, limit 9007199254740988kB, failcnt 0
[  166.508034][T11120] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[  166.515349][T11120] Memory cgroup stats for /syz2:
[  166.523194][T11120] cache 0
[  166.531264][T11120] rss 0
[  166.534066][T11120] shmem 0
[  166.537005][T11120] mapped_file 0
[  166.540470][T11120] dirty 0
[  166.543530][T11120] writeback 0
[  166.546898][T11120] workingset_refault_anon 96
[  166.551512][T11120] workingset_refault_file 185
[  166.556226][T11120] swap 1515520
[  166.559646][T11120] swapcached 0
[  166.563041][T11120] pgpgin 94240
[  166.566413][T11120] pgpgout 94240
[  166.569870][T11120] pgfault 126403
[  166.573654][T11120] pgmajfault 62
[  166.577137][T11120] inactive_anon 0
[  166.580856][T11120] active_anon 0
[  166.584409][T11120] inactive_file 0
[  166.588041][T11120] active_file 0
[  166.591511][T11120] unevictable 0
[  166.595082][T11120] hierarchical_memory_limit 314572800
[  166.600491][T11120] hierarchical_memsw_limit 9223372036854771712
[  166.606815][T11120] total_cache 0
[  166.610284][T11120] total_rss 0
[  166.613654][T11120] total_shmem 0
[  166.617120][T11120] total_mapped_file 0
[  166.621201][T11120] total_dirty 0
[  166.624698][T11120] total_writeback 0
[  166.628503][T11120] total_workingset_refault_anon 96
[  166.632356][T11140] EXT4-fs: Mount option(s) incompatible with ext3
[  166.633658][T11120] total_workingset_refault_file 185
[  166.645328][T11120] total_swap 1515520
[  166.649233][T11120] total_swapcached 0
[  166.653251][T11120] total_pgpgin 94240
[  166.657204][T11120] total_pgpgout 94240
[  166.661278][T11120] total_pgfault 126403
[  166.665360][T11120] total_pgmajfault 62
[  166.669485][T11120] total_inactive_anon 0
[  166.670192][T11143] syz.6.2639: attempt to access beyond end of device
[  166.670192][T11143] loop6: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  166.673676][T11120] total_active_anon 0
[  166.673687][T11120] total_inactive_file 0
[  166.690109][T11143] syz.6.2639: attempt to access beyond end of device
[  166.690109][T11143] loop6: rw=0, sector=263328, nr_sectors = 4 limit=164
[  166.691678][T11120] total_active_file 0
[  166.695879][T11143] syz.6.2639: attempt to access beyond end of device
[  166.695879][T11143] loop6: rw=0, sector=263328, nr_sectors = 4 limit=164
[  166.709291][T11120] total_unevictable 0
[  166.715846][T11143] syz.6.2639: attempt to access beyond end of device
[  166.715846][T11143] loop6: rw=0, sector=263328, nr_sectors = 4 limit=164
[  166.726680][T11120] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null)
[  166.731318][T11143] syz.6.2639: attempt to access beyond end of device
[  166.731318][T11143] loop6: rw=0, sector=263328, nr_sectors = 4 limit=164
[  166.744071][T11120] ,cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.2632,pid=11120,uid=0
[  166.744171][T11120] Memory cgroup out of memory: Killed process 11120 (syz.2.2632) total-vm:95328kB, anon-rss:616kB, file-rss:22312kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  166.770355][T11140] __nla_validate_parse: 10 callbacks suppressed
[  166.770376][T11140] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2638'.
[  166.957337][T11143] syz.6.2639: attempt to access beyond end of device
[  166.957337][T11143] loop6: rw=0, sector=263328, nr_sectors = 4 limit=164
[  166.972999][T11143] syz.6.2639: attempt to access beyond end of device
[  166.972999][T11143] loop6: rw=0, sector=263328, nr_sectors = 4 limit=164
[  166.987037][T11143] syz.6.2639: attempt to access beyond end of device
[  166.987037][T11143] loop6: rw=0, sector=263328, nr_sectors = 4 limit=164
[  167.059013][T11143] syz.6.2639: attempt to access beyond end of device
[  167.059013][T11143] loop6: rw=0, sector=263328, nr_sectors = 4 limit=164
[  167.125890][T11143] syz.6.2639: attempt to access beyond end of device
[  167.125890][T11143] loop6: rw=0, sector=263328, nr_sectors = 4 limit=164
[  167.330709][T11175] loop4: detected capacity change from 0 to 256
[  167.517785][T11195] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2660'.
[  167.593033][   T29] kauditd_printk_skb: 304 callbacks suppressed
[  167.593110][   T29] audit: type=1326 audit(1732756614.598:7869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11203 comm="syz.2.2663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6be7060809 code=0x7ffc0000
[  167.644263][   T29] audit: type=1326 audit(1732756614.628:7870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11203 comm="syz.2.2663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6be7060809 code=0x7ffc0000
[  167.667867][   T29] audit: type=1326 audit(1732756614.638:7871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11203 comm="syz.2.2663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6be7060809 code=0x7ffc0000
[  167.691433][   T29] audit: type=1326 audit(1732756614.638:7872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11203 comm="syz.2.2663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6be7060809 code=0x7ffc0000
[  167.715051][   T29] audit: type=1326 audit(1732756614.638:7873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11203 comm="syz.2.2663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6be7060809 code=0x7ffc0000
[  167.738657][   T29] audit: type=1326 audit(1732756614.638:7874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11203 comm="syz.2.2663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6be7060809 code=0x7ffc0000
[  167.762500][   T29] audit: type=1326 audit(1732756614.638:7875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11203 comm="syz.2.2663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6be7060809 code=0x7ffc0000
[  167.786296][   T29] audit: type=1326 audit(1732756614.638:7876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11203 comm="syz.2.2663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6be7060809 code=0x7ffc0000
[  167.809920][   T29] audit: type=1326 audit(1732756614.638:7877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11203 comm="syz.2.2663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6be7060809 code=0x7ffc0000
[  167.811034][T11213] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2664'.
[  167.834743][   T29] audit: type=1326 audit(1732756614.768:7878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11203 comm="syz.2.2663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6be7060809 code=0x7ffc0000
[  167.846138][T11213] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  167.889292][T11196] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(11)
[  167.895932][T11196] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  167.903587][T11196] vhci_hcd vhci_hcd.0: Device attached
[  167.925257][T11196] tmpfs: Bad value for 'mpol'
[  167.932317][T11215] vhci_hcd: connection closed
[  167.935723][ T3723] vhci_hcd: stop threads
[  167.944871][ T3723] vhci_hcd: release socket
[  167.949312][ T3723] vhci_hcd: disconnect device
[  168.004259][T11228] FAULT_INJECTION: forcing a failure.
[  168.004259][T11228] name failslab, interval 1, probability 0, space 0, times 0
[  168.016989][T11228] CPU: 1 UID: 0 PID: 11228 Comm: syz.1.2670 Not tainted 6.12.0-syzkaller-10313-g7d4050728c83 #0
[  168.027652][T11228] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  168.038253][T11228] Call Trace:
[  168.041641][T11228]  <TASK>
[  168.044573][T11228]  dump_stack_lvl+0xf2/0x150
[  168.049263][T11228]  dump_stack+0x15/0x20
[  168.053420][T11228]  should_fail_ex+0x223/0x230
[  168.058138][T11228]  should_failslab+0x8f/0xb0
[  168.062737][T11228]  kmem_cache_alloc_node_noprof+0x59/0x320
[  168.068651][T11228]  ? __alloc_skb+0x10b/0x310
[  168.073258][T11228]  __alloc_skb+0x10b/0x310
[  168.077689][T11228]  ? kthread_insert_work+0xff/0x200
[  168.082916][T11228]  nfc_genl_device_removed+0x3a/0x1d0
[  168.088293][T11228]  nfc_unregister_device+0x1b/0x130
[  168.093497][T11228]  nci_unregister_device+0x14c/0x160
[  168.099019][T11228]  virtual_ncidev_close+0x2a/0x50
[  168.104053][T11228]  ? __pfx_virtual_ncidev_close+0x10/0x10
[  168.109836][T11228]  __fput+0x17a/0x6d0
[  168.113919][T11228]  ____fput+0x1c/0x30
[  168.117970][T11228]  task_work_run+0x13a/0x1a0
[  168.122575][T11228]  syscall_exit_to_user_mode+0xa8/0x120
[  168.128212][T11228]  do_syscall_64+0xd6/0x1c0
[  168.132730][T11228]  ? clear_bhb_loop+0x55/0xb0
[  168.137580][T11228]  ? clear_bhb_loop+0x55/0xb0
[  168.142459][T11228]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.148484][T11228] RIP: 0033:0x7ff7f4dd0809
[  168.152916][T11228] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  168.172640][T11228] RSP: 002b:00007ff7f3447058 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  168.181091][T11228] RAX: 0000000000000000 RBX: 00007ff7f4f95fa0 RCX: 00007ff7f4dd0809
[  168.189122][T11228] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000005
[  168.197182][T11228] RBP: 00007ff7f34470a0 R08: 0000000000000000 R09: 0000000000000000
[  168.205155][T11228] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  168.213137][T11228] R13: 0000000000000000 R14: 00007ff7f4f95fa0 R15: 00007fff326081f8
[  168.221353][T11228]  </TASK>
[  168.264513][T11241] FAULT_INJECTION: forcing a failure.
[  168.264513][T11241] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  168.277635][T11241] CPU: 0 UID: 0 PID: 11241 Comm: syz.1.2674 Not tainted 6.12.0-syzkaller-10313-g7d4050728c83 #0
[  168.288107][T11241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  168.298261][T11241] Call Trace:
[  168.301556][T11241]  <TASK>
[  168.304515][T11241]  dump_stack_lvl+0xf2/0x150
[  168.309253][T11241]  dump_stack+0x15/0x20
[  168.313612][T11241]  should_fail_ex+0x223/0x230
[  168.318322][T11241]  should_fail+0xb/0x10
[  168.322627][T11241]  should_fail_usercopy+0x1a/0x20
[  168.327677][T11241]  _copy_from_user+0x1e/0xb0
[  168.332288][T11241]  copy_msghdr_from_user+0x54/0x2a0
[  168.337531][T11241]  ? __fget_files+0x17c/0x1c0
[  168.342251][T11241]  __sys_sendmsg+0x13e/0x230
[  168.346878][T11241]  __x64_sys_sendmsg+0x46/0x50
[  168.351797][T11241]  x64_sys_call+0x2734/0x2dc0
[  168.356499][T11241]  do_syscall_64+0xc9/0x1c0
[  168.361025][T11241]  ? clear_bhb_loop+0x55/0xb0
[  168.365726][T11241]  ? clear_bhb_loop+0x55/0xb0
[  168.370483][T11241]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.376404][T11241] RIP: 0033:0x7ff7f4dd0809
[  168.380830][T11241] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  168.400568][T11241] RSP: 002b:00007ff7f3447058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  168.409049][T11241] RAX: ffffffffffffffda RBX: 00007ff7f4f95fa0 RCX: 00007ff7f4dd0809
[  168.417028][T11241] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000003
[  168.425065][T11241] RBP: 00007ff7f34470a0 R08: 0000000000000000 R09: 0000000000000000
[  168.433111][T11241] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  168.441097][T11241] R13: 0000000000000000 R14: 00007ff7f4f95fa0 R15: 00007fff326081f8
[  168.449192][T11241]  </TASK>
[  168.519232][T11257] xt_CT: You must specify a L4 protocol and not use inversions on it
[  168.652592][T11271] lo speed is unknown, defaulting to 1000
[  168.660416][T11275] siw: device registration error -23
[  168.679957][T11271] lo speed is unknown, defaulting to 1000
[  168.687335][T11274] FAULT_INJECTION: forcing a failure.
[  168.687335][T11274] name failslab, interval 1, probability 0, space 0, times 0
[  168.700063][T11274] CPU: 0 UID: 0 PID: 11274 Comm: syz.1.2687 Not tainted 6.12.0-syzkaller-10313-g7d4050728c83 #0
[  168.710544][T11274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  168.720746][T11274] Call Trace:
[  168.724043][T11274]  <TASK>
[  168.727065][T11274]  dump_stack_lvl+0xf2/0x150
[  168.731759][T11274]  dump_stack+0x15/0x20
[  168.735946][T11274]  should_fail_ex+0x223/0x230
[  168.740667][T11274]  should_failslab+0x8f/0xb0
[  168.744998][T11280] loop6: detected capacity change from 0 to 512
[  168.745311][T11274]  __kmalloc_noprof+0xab/0x3f0
[  168.756357][T11274]  ? __se_sys_memfd_create+0x230/0x5c0
[  168.756416][T11280] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[  168.761841][T11274]  __se_sys_memfd_create+0x230/0x5c0
[  168.775518][T11274]  __x64_sys_memfd_create+0x31/0x40
[  168.780760][T11274]  x64_sys_call+0x2d4c/0x2dc0
[  168.785530][T11274]  do_syscall_64+0xc9/0x1c0
[  168.790123][T11274]  ? clear_bhb_loop+0x55/0xb0
[  168.794909][T11274]  ? clear_bhb_loop+0x55/0xb0
[  168.799780][T11274]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.805702][T11274] RIP: 0033:0x7ff7f4dd0809
[  168.810124][T11274] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  168.829900][T11274] RSP: 002b:00007ff7f3446e38 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  168.838319][T11274] RAX: ffffffffffffffda RBX: 00000000000003dd RCX: 00007ff7f4dd0809
[  168.846295][T11274] RDX: 00007ff7f3446f10 RSI: 0000000000000000 RDI: 00007ff7f4e441c1
[  168.854282][T11274] RBP: 00000000200008c0 R08: 00007ff7f3446bd7 R09: 00007ff7f3446e60
[  168.862277][T11274] R10: 000000000000000a R11: 0000000000000202 R12: 0000000020000440
[  168.870252][T11274] R13: 00007ff7f3446f10 R14: 00007ff7f3446ed0 R15: 00000000200005c0
[  168.878278][T11274]  </TASK>
[  168.890384][T11271] lo speed is unknown, defaulting to 1000
[  168.897913][T11271] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  168.917598][T11282] FAULT_INJECTION: forcing a failure.
[  168.917598][T11282] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  168.930815][T11282] CPU: 1 UID: 0 PID: 11282 Comm: syz.4.2689 Not tainted 6.12.0-syzkaller-10313-g7d4050728c83 #0
[  168.941276][T11282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  168.951442][T11282] Call Trace:
[  168.954740][T11282]  <TASK>
[  168.957695][T11282]  dump_stack_lvl+0xf2/0x150
[  168.962320][T11282]  dump_stack+0x15/0x20
[  168.966648][T11282]  should_fail_ex+0x223/0x230
[  168.971355][T11282]  should_fail+0xb/0x10
[  168.975542][T11282]  should_fail_usercopy+0x1a/0x20
[  168.980733][T11282]  _copy_from_user+0x1e/0xb0
[  168.985403][T11282]  copy_msghdr_from_user+0x54/0x2a0
[  168.985484][T11286] SELinux: syz.2.2691 (11286) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  168.990637][T11282]  ? __fget_files+0x17c/0x1c0
[  168.990677][T11282]  __sys_recvmsg+0x140/0x260
[  169.013580][T11282]  __x64_sys_recvmsg+0x46/0x50
[  169.013692][T11282]  x64_sys_call+0xc64/0x2dc0
[  169.013720][T11282]  do_syscall_64+0xc9/0x1c0
[  169.013740][T11282]  ? clear_bhb_loop+0x55/0xb0
[  169.013798][T11282]  ? clear_bhb_loop+0x55/0xb0
[  169.013817][T11282]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.013926][T11282] RIP: 0033:0x7fd169b50809
[  169.013991][T11282] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  169.014067][T11282] RSP: 002b:00007fd1681c7058 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  169.014088][T11282] RAX: ffffffffffffffda RBX: 00007fd169d15fa0 RCX: 00007fd169b50809
[  169.014101][T11282] RDX: 0000000000000002 RSI: 0000000020000480 RDI: 0000000000000004
[  169.014115][T11282] RBP: 00007fd1681c70a0 R08: 0000000000000000 R09: 0000000000000000
[  169.014141][T11282] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  169.014190][T11282] R13: 0000000000000000 R14: 00007fd169d15fa0 R15: 00007ffc657f8c68
[  169.014211][T11282]  </TASK>
[  169.032213][T11271] lo speed is unknown, defaulting to 1000
[  169.121098][T11293] loop1: detected capacity change from 0 to 512
[  169.127001][T11271] lo speed is unknown, defaulting to 1000
[  169.144030][T11295] loop6: detected capacity change from 0 to 512
[  169.155279][T11294] FAULT_INJECTION: forcing a failure.
[  169.155279][T11294] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  169.168467][T11294] CPU: 1 UID: 0 PID: 11294 Comm: syz.4.2693 Not tainted 6.12.0-syzkaller-10313-g7d4050728c83 #0
[  169.169542][T11293] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  169.178884][T11294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  169.178903][T11294] Call Trace:
[  169.178936][T11294]  <TASK>
[  169.178946][T11294]  dump_stack_lvl+0xf2/0x150
[  169.209688][T11294]  dump_stack+0x15/0x20
[  169.213955][T11294]  should_fail_ex+0x223/0x230
[  169.218732][T11294]  should_fail+0xb/0x10
[  169.222927][T11294]  should_fail_usercopy+0x1a/0x20
[  169.228000][T11294]  _copy_from_user+0x1e/0xb0
[  169.232671][T11294]  packet_setsockopt+0x602/0xfd0
[  169.237669][T11294]  ? __pfx_packet_setsockopt+0x10/0x10
[  169.243251][T11294]  __sys_setsockopt+0x187/0x200
[  169.248118][T11294]  __x64_sys_setsockopt+0x66/0x80
[  169.253228][T11294]  x64_sys_call+0x282e/0x2dc0
[  169.258077][T11294]  do_syscall_64+0xc9/0x1c0
[  169.262588][T11294]  ? clear_bhb_loop+0x55/0xb0
[  169.267271][T11294]  ? clear_bhb_loop+0x55/0xb0
[  169.271986][T11294]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.277927][T11294] RIP: 0033:0x7fd169b50809
[  169.282408][T11294] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  169.302037][T11294] RSP: 002b:00007fd1681c7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  169.310468][T11294] RAX: ffffffffffffffda RBX: 00007fd169d15fa0 RCX: 00007fd169b50809
[  169.318500][T11294] RDX: 0000000000000001 RSI: 0000000000000107 RDI: 0000000000000004
[  169.326480][T11294] RBP: 00007fd1681c70a0 R08: 0000000000000010 R09: 0000000000000000
[  169.334537][T11294] R10: 0000000020000280 R11: 0000000000000246 R12: 0000000000000001
[  169.342512][T11294] R13: 0000000000000000 R14: 00007fd169d15fa0 R15: 00007ffc657f8c68
[  169.350494][T11294]  </TASK>
[  169.356151][T11271] lo speed is unknown, defaulting to 1000
[  169.363865][T11271] lo speed is unknown, defaulting to 1000
[  169.370339][T11271] lo speed is unknown, defaulting to 1000
[  169.373391][T11295] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  169.378382][T11271] lo speed is unknown, defaulting to 1000
[  169.393131][T11293] EXT4-fs (loop1): 1 truncate cleaned up
[  169.394844][T11271] lo speed is unknown, defaulting to 1000
[  169.400399][T11293] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  169.407892][T11295] ext4 filesystem being mounted at /294/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  169.491612][ T7468] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.525210][T11309] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  169.532502][T11309] IPv6: NLM_F_CREATE should be set when creating new route
[  169.550324][T11313] siw: device registration error -23
[  169.599730][T11313] lo speed is unknown, defaulting to 1000
[  169.723392][T11324] loop1: detected capacity change from 0 to 256
[  170.175490][T11333] loop1: detected capacity change from 0 to 512
[  170.217389][T11333] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2707'.
[  170.225583][T11337] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  170.235949][T11333] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  170.401381][T11349] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(11)
[  170.408099][T11349] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  170.410890][T11352] netlink: 'syz.2.2716': attribute type 10 has an invalid length.
[  170.415853][T11349] vhci_hcd vhci_hcd.0: Device attached
[  170.423578][T11352] netlink: 152 bytes leftover after parsing attributes in process `syz.2.2716'.
[  170.442074][T11349] tmpfs: Bad value for 'mpol'
[  170.448493][T11354] vhci_hcd: connection closed
[  170.473142][T11357] loop4: detected capacity change from 0 to 256
[  170.491718][  T164] vhci_hcd: stop threads
[  170.496061][  T164] vhci_hcd: release socket
[  170.500502][  T164] vhci_hcd: disconnect device
[  170.686368][T11373] loop3: detected capacity change from 0 to 512
[  170.700799][T11373] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2725'.
[  170.710807][T11373] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  170.817219][ T6647] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.896251][T11387] loop6: detected capacity change from 0 to 512
[  170.906006][T11387] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  170.922733][T11387] EXT4-fs (loop6): 1 truncate cleaned up
[  170.929405][T11387] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  170.986408][ T6647] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.005249][T11392] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2730'.
[  171.082964][T11396] sg_write: data in/out 91/2 bytes for SCSI command 0x0-- guessing data in;
[  171.082964][T11396]    program syz.1.2733 not setting count and/or reply_len properly
[  171.794778][T11409] FAULT_INJECTION: forcing a failure.
[  171.794778][T11409] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  171.808129][T11409] CPU: 0 UID: 0 PID: 11409 Comm: syz.3.2737 Not tainted 6.12.0-syzkaller-10313-g7d4050728c83 #0
[  171.818584][T11409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  171.828700][T11409] Call Trace:
[  171.832043][T11409]  <TASK>
[  171.834994][T11409]  dump_stack_lvl+0xf2/0x150
[  171.839603][T11409]  dump_stack+0x15/0x20
[  171.843782][T11409]  should_fail_ex+0x223/0x230
[  171.848495][T11409]  should_fail+0xb/0x10
[  171.852751][T11409]  should_fail_usercopy+0x1a/0x20
[  171.857881][T11409]  _copy_from_iter+0xd5/0xd00
[  171.862607][T11409]  ? kmalloc_reserve+0x16e/0x190
[  171.867610][T11409]  ? __build_skb_around+0x196/0x1f0
[  171.872872][T11409]  ? __alloc_skb+0x21f/0x310
[  171.877470][T11409]  ? __virt_addr_valid+0x1ed/0x250
[  171.882616][T11409]  ? __check_object_size+0x364/0x520
[  171.888047][T11409]  netlink_sendmsg+0x460/0x6e0
[  171.892924][T11409]  ? __pfx_netlink_sendmsg+0x10/0x10
[  171.898239][T11409]  __sock_sendmsg+0x140/0x180
[  171.903013][T11409]  ____sys_sendmsg+0x312/0x410
[  171.907843][T11409]  __sys_sendmsg+0x19d/0x230
[  171.912528][T11409]  __x64_sys_sendmsg+0x46/0x50
[  171.917384][T11409]  x64_sys_call+0x2734/0x2dc0
[  171.922137][T11409]  do_syscall_64+0xc9/0x1c0
[  171.926646][T11409]  ? clear_bhb_loop+0x55/0xb0
[  171.931329][T11409]  ? clear_bhb_loop+0x55/0xb0
[  171.936050][T11409]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.941977][T11409] RIP: 0033:0x7f3224850809
[  171.946403][T11409] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  171.966072][T11409] RSP: 002b:00007f3222ec7058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  171.974493][T11409] RAX: ffffffffffffffda RBX: 00007f3224a15fa0 RCX: 00007f3224850809
[  171.982475][T11409] RDX: 0000000000008000 RSI: 0000000020001ac0 RDI: 0000000000000003
[  171.990449][T11409] RBP: 00007f3222ec70a0 R08: 0000000000000000 R09: 0000000000000000
[  171.998431][T11409] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  172.006456][T11409] R13: 0000000000000000 R14: 00007f3224a15fa0 R15: 00007ffefc90a6a8
[  172.014448][T11409]  </TASK>
[  172.111168][T11417] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2742'.
[  172.194498][T11424] loop3: detected capacity change from 0 to 1024
[  172.272962][T11424] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  172.303579][T11441] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  172.365368][T11439] netlink: 'syz.4.2752': attribute type 10 has an invalid length.
[  172.373317][T11439] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2752'.
[  172.425354][T11439] veth1_macvtap: entered allmulticast mode
[  172.446145][T11439] A link change request failed with some changes committed already. Interface veth1_macvtap may have been left with an inconsistent configuration, please check.
[  172.446482][T11449] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2745'.
[  172.471506][T11449] netlink: 72 bytes leftover after parsing attributes in process `syz.3.2745'.
[  172.766146][T11455] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2756'.
[  172.775284][T11455] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2756'.
[  172.884148][T11455] syz_tun: entered promiscuous mode
[  172.896827][T11458] program syz.2.2756 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  172.934423][T11455] syz_tun: left promiscuous mode
[  172.958269][T11466] loop1: detected capacity change from 0 to 256
[  172.964633][   T29] kauditd_printk_skb: 204 callbacks suppressed
[  172.964647][   T29] audit: type=1400 audit(1732756619.957:8083): avc:  denied  { read append } for  pid=11467 comm="syz.4.2760" name="event3" dev="devtmpfs" ino=256 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  172.994821][   T29] audit: type=1400 audit(1732756619.957:8084): avc:  denied  { open } for  pid=11467 comm="syz.4.2760" path="/dev/input/event3" dev="devtmpfs" ino=256 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  173.040536][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.058317][   T29] audit: type=1400 audit(1732756620.057:8085): avc:  denied  { read } for  pid=11470 comm="syz.4.2762" name="ptp0" dev="devtmpfs" ino=246 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  173.061163][T11471] FAULT_INJECTION: forcing a failure.
[  173.061163][T11471] name failslab, interval 1, probability 0, space 0, times 0
[  173.082033][   T29] audit: type=1400 audit(1732756620.057:8086): avc:  denied  { open } for  pid=11470 comm="syz.4.2762" path="/dev/ptp0" dev="devtmpfs" ino=246 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  173.094271][T11471] CPU: 1 UID: 0 PID: 11471 Comm: syz.4.2762 Not tainted 6.12.0-syzkaller-10313-g7d4050728c83 #0
[  173.094305][T11471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  173.117896][   T29] audit: type=1400 audit(1732756620.057:8087): avc:  denied  { ioctl } for  pid=11470 comm="syz.4.2762" path="/dev/ptp0" dev="devtmpfs" ino=246 ioctlcmd=0x3d05 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  173.128205][T11471] Call Trace:
[  173.128215][T11471]  <TASK>
[  173.128225][T11471]  dump_stack_lvl+0xf2/0x150
[  173.174157][T11471]  dump_stack+0x15/0x20
[  173.178417][T11471]  should_fail_ex+0x223/0x230
[  173.183198][T11471]  should_failslab+0x8f/0xb0
[  173.187799][T11471]  kmem_cache_alloc_node_noprof+0x59/0x320
[  173.193625][T11471]  ? __alloc_skb+0x10b/0x310
[  173.198224][T11471]  __alloc_skb+0x10b/0x310
[  173.202760][T11471]  netlink_alloc_large_skb+0xad/0xe0
[  173.208063][T11471]  netlink_sendmsg+0x3b4/0x6e0
[  173.213097][T11471]  ? __pfx_netlink_sendmsg+0x10/0x10
[  173.218447][T11471]  __sock_sendmsg+0x140/0x180
[  173.223143][T11471]  ____sys_sendmsg+0x312/0x410
[  173.227968][T11471]  __sys_sendmsg+0x19d/0x230
[  173.232690][T11471]  __x64_sys_sendmsg+0x46/0x50
[  173.237469][T11471]  x64_sys_call+0x2734/0x2dc0
[  173.242159][T11471]  do_syscall_64+0xc9/0x1c0
[  173.246693][T11471]  ? clear_bhb_loop+0x55/0xb0
[  173.251379][T11471]  ? clear_bhb_loop+0x55/0xb0
[  173.256157][T11471]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.262108][T11471] RIP: 0033:0x7fd169b50809
[  173.266550][T11471] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  173.286167][T11471] RSP: 002b:00007fd1681c7058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  173.294586][T11471] RAX: ffffffffffffffda RBX: 00007fd169d15fa0 RCX: 00007fd169b50809
[  173.302562][T11471] RDX: 0000000004000054 RSI: 0000000020000480 RDI: 0000000000000003
[  173.310539][T11471] RBP: 00007fd1681c70a0 R08: 0000000000000000 R09: 0000000000000000
[  173.318515][T11471] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  173.326569][T11471] R13: 0000000000000000 R14: 00007fd169d15fa0 R15: 00007ffc657f8c68
[  173.334621][T11471]  </TASK>
[  173.381790][T11482] loop3: detected capacity change from 0 to 256
[  173.414880][   T29] audit: type=1326 audit(1732756620.377:8088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11479 comm=2B7D5B70B3 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd169b50809 code=0x7ffc0000
[  173.438277][   T29] audit: type=1326 audit(1732756620.377:8089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11479 comm=2B7D5B70B3 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd169b50809 code=0x7ffc0000
[  173.461676][   T29] audit: type=1326 audit(1732756620.377:8090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11479 comm=2B7D5B70B3 exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd169b50809 code=0x7ffc0000
[  173.484963][   T29] audit: type=1326 audit(1732756620.377:8091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11479 comm=2B7D5B70B3 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd169b50809 code=0x7ffc0000
[  173.508295][   T29] audit: type=1326 audit(1732756620.377:8092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11479 comm=2B7D5B70B3 exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fd169b50809 code=0x7ffc0000
[  173.645737][T11490] loop1: detected capacity change from 0 to 512
[  173.726129][T11500] netlink: 'syz.2.2772': attribute type 39 has an invalid length.
[  173.755934][T11490] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  173.789490][T11490] ext4 filesystem being mounted at /313/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  173.908501][T11508] FAULT_INJECTION: forcing a failure.
[  173.908501][T11508] name failslab, interval 1, probability 0, space 0, times 0
[  173.921232][T11508] CPU: 0 UID: 0 PID: 11508 Comm: syz.3.2774 Not tainted 6.12.0-syzkaller-10313-g7d4050728c83 #0
[  173.931674][T11508] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  173.941737][T11508] Call Trace:
[  173.945032][T11508]  <TASK>
[  173.947977][T11508]  dump_stack_lvl+0xf2/0x150
[  173.952639][T11508]  dump_stack+0x15/0x20
[  173.956815][T11508]  should_fail_ex+0x223/0x230
[  173.961522][T11508]  should_failslab+0x8f/0xb0
[  173.966138][T11508]  kmem_cache_alloc_noprof+0x52/0x320
[  173.971542][T11508]  ? skb_clone+0x154/0x1f0
[  173.976009][T11508]  skb_clone+0x154/0x1f0
[  173.980319][T11508]  pfkey_broadcast_one+0x65/0x1a0
[  173.985449][T11508]  pfkey_broadcast+0x232/0x260
[  173.990278][T11508]  pfkey_sendmsg+0x827/0x970
[  173.994914][T11508]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  174.000066][T11508]  __sock_sendmsg+0x140/0x180
[  174.004774][T11508]  ____sys_sendmsg+0x312/0x410
[  174.009655][T11508]  __sys_sendmsg+0x19d/0x230
[  174.014286][T11508]  __x64_sys_sendmsg+0x46/0x50
[  174.019097][T11508]  x64_sys_call+0x2734/0x2dc0
[  174.023792][T11508]  do_syscall_64+0xc9/0x1c0
[  174.028384][T11508]  ? clear_bhb_loop+0x55/0xb0
[  174.033087][T11508]  ? clear_bhb_loop+0x55/0xb0
[  174.037904][T11508]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  174.043871][T11508] RIP: 0033:0x7f3224850809
[  174.048300][T11508] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  174.068067][T11508] RSP: 002b:00007f3222ec7058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  174.076559][T11508] RAX: ffffffffffffffda RBX: 00007f3224a15fa0 RCX: 00007f3224850809
[  174.084550][T11508] RDX: 0000000020044080 RSI: 0000000020000200 RDI: 0000000000000003
[  174.092647][T11508] RBP: 00007f3222ec70a0 R08: 0000000000000000 R09: 0000000000000000
[  174.100664][T11508] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  174.108686][T11508] R13: 0000000000000000 R14: 00007f3224a15fa0 R15: 00007ffefc90a6a8
[  174.116737][T11508]  </TASK>
[  174.545022][ T7468] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.562581][T11522] loop3: detected capacity change from 0 to 256
[  174.568109][T11528] loop6: detected capacity change from 0 to 512
[  174.577787][T11528] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  174.632423][T11528] EXT4-fs (loop6): 1 truncate cleaned up
[  174.644142][T11528] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  174.717320][T11540] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2786'.
[  174.727993][ T6647] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.794413][T11548] loop1: detected capacity change from 0 to 256
[  174.818198][T11551] xt_CT: You must specify a L4 protocol and not use inversions on it
[  174.970131][T11567] FAULT_INJECTION: forcing a failure.
[  174.970131][T11567] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  174.983376][T11567] CPU: 1 UID: 0 PID: 11567 Comm: syz.4.2800 Not tainted 6.12.0-syzkaller-10313-g7d4050728c83 #0
[  174.993869][T11567] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  175.003947][T11567] Call Trace:
[  175.007232][T11567]  <TASK>
[  175.010174][T11567]  dump_stack_lvl+0xf2/0x150
[  175.014856][T11567]  dump_stack+0x15/0x20
[  175.019040][T11567]  should_fail_ex+0x223/0x230
[  175.023878][T11567]  should_fail+0xb/0x10
[  175.026853][T11575] loop1: detected capacity change from 0 to 256
[  175.028057][T11567]  should_fail_usercopy+0x1a/0x20
[  175.039356][T11567]  _copy_from_iter+0xd5/0xd00
[  175.044075][T11567]  ? kmalloc_reserve+0x16e/0x190
[  175.049047][T11567]  ? __build_skb_around+0x196/0x1f0
[  175.054444][T11567]  ? __alloc_skb+0x21f/0x310
[  175.059048][T11567]  ? __virt_addr_valid+0x1ed/0x250
[  175.064175][T11567]  ? __check_object_size+0x364/0x520
[  175.069529][T11567]  netlink_sendmsg+0x460/0x6e0
[  175.074314][T11567]  ? __pfx_netlink_sendmsg+0x10/0x10
[  175.079672][T11567]  __sock_sendmsg+0x140/0x180
[  175.084408][T11567]  ____sys_sendmsg+0x312/0x410
[  175.089308][T11567]  __sys_sendmsg+0x19d/0x230
[  175.093931][T11567]  __x64_sys_sendmsg+0x46/0x50
[  175.098795][T11567]  x64_sys_call+0x2734/0x2dc0
[  175.103549][T11567]  do_syscall_64+0xc9/0x1c0
[  175.108059][T11567]  ? clear_bhb_loop+0x55/0xb0
[  175.112745][T11567]  ? clear_bhb_loop+0x55/0xb0
[  175.117507][T11567]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  175.123568][T11567] RIP: 0033:0x7fd169b50809
[  175.127986][T11567] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  175.147671][T11567] RSP: 002b:00007fd1681c7058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  175.156095][T11567] RAX: ffffffffffffffda RBX: 00007fd169d15fa0 RCX: 00007fd169b50809
[  175.164159][T11567] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003
[  175.172138][T11567] RBP: 00007fd1681c70a0 R08: 0000000000000000 R09: 0000000000000000
[  175.180165][T11567] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  175.188154][T11567] R13: 0000000000000000 R14: 00007fd169d15fa0 R15: 00007ffc657f8c68
[  175.196178][T11567]  </TASK>
[  175.258763][T11582] xt_CT: You must specify a L4 protocol and not use inversions on it
[  175.345517][T11593] bond1: entered promiscuous mode
[  175.350605][T11593] bond1: entered allmulticast mode
[  175.362398][T11593] 8021q: adding VLAN 0 to HW filter on device bond1
[  175.392078][T11593] bond1 (unregistering): Released all slaves
[  175.522589][T11608] FAULT_INJECTION: forcing a failure.
[  175.522589][T11608] name failslab, interval 1, probability 0, space 0, times 0
[  175.535340][T11608] CPU: 0 UID: 0 PID: 11608 Comm: syz.4.2814 Not tainted 6.12.0-syzkaller-10313-g7d4050728c83 #0
[  175.545779][T11608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  175.555886][T11608] Call Trace:
[  175.559177][T11608]  <TASK>
[  175.562129][T11608]  dump_stack_lvl+0xf2/0x150
[  175.566822][T11608]  dump_stack+0x15/0x20
[  175.570999][T11608]  should_fail_ex+0x223/0x230
[  175.575744][T11608]  ? proc_self_get_link+0x94/0x100
[  175.580999][T11608]  should_failslab+0x8f/0xb0
[  175.585612][T11608]  __kmalloc_cache_noprof+0x4e/0x320
[  175.590962][T11608]  proc_self_get_link+0x94/0x100
[  175.595958][T11608]  ? __pfx_proc_self_get_link+0x10/0x10
[  175.601637][T11608]  pick_link+0x4a0/0x7e0
[  175.605911][T11608]  step_into+0x756/0x840
[  175.610179][T11608]  link_path_walk+0x54c/0x820
[  175.614973][T11608]  path_openat+0x1af/0x1fa0
[  175.619541][T11608]  ? sized_strscpy+0x10e/0x170
[  175.624343][T11608]  ? _raw_spin_unlock+0x26/0x50
[  175.629370][T11608]  do_filp_open+0x107/0x230
[  175.633930][T11608]  do_sys_openat2+0xab/0x120
[  175.638623][T11608]  __x64_sys_openat+0xf3/0x120
[  175.643546][T11608]  x64_sys_call+0x2b30/0x2dc0
[  175.648296][T11608]  do_syscall_64+0xc9/0x1c0
[  175.652814][T11608]  ? clear_bhb_loop+0x55/0xb0
[  175.657519][T11608]  ? clear_bhb_loop+0x55/0xb0
[  175.662224][T11608]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  175.668186][T11608] RIP: 0033:0x7fd169b4f170
[  175.672648][T11608] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 8f 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 8f 02 00 8b 44
[  175.692414][T11608] RSP: 002b:00007fd1681c6f80 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  175.700860][T11608] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd169b4f170
[  175.708917][T11608] RDX: 0000000000000000 RSI: 00007fd169bc3a56 RDI: 00000000ffffff9c
[  175.716905][T11608] RBP: 00007fd169bc3a56 R08: 0000000000000000 R09: 0000000000000000
[  175.724949][T11608] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[  175.732981][T11608] R13: 0000000000000000 R14: 00007fd169d15fa0 R15: 00007ffc657f8c68
[  175.740976][T11608]  </TASK>
[  175.805242][T11614] loop4: detected capacity change from 0 to 512
[  175.806174][T11616] loop6: detected capacity change from 0 to 256
[  175.849124][T11618] xt_CT: You must specify a L4 protocol and not use inversions on it
[  175.878161][T11614] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.2816: Failed to acquire dquot type 1
[  175.923323][T11624] xt_CT: You must specify a L4 protocol and not use inversions on it
[  175.953056][T11614] EXT4-fs (loop4): 1 truncate cleaned up
[  175.966878][T11614] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  175.979852][T11614] ext4 filesystem being mounted at /522/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  176.030396][T11637] loop6: detected capacity change from 0 to 512
[  176.050857][T11637] EXT4-fs error (device loop6): ext4_acquire_dquot:6938: comm syz.6.2825: Failed to acquire dquot type 1
[  176.075529][T11642] ip6gre1: entered promiscuous mode
[  176.080870][T11642] ip6gre1: entered allmulticast mode
[  176.109884][T11637] EXT4-fs (loop6): 1 truncate cleaned up
[  176.124491][T11637] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  176.150149][T11654] EXT4-fs error (device loop4): ext4_lookup:1817: inode #2: comm syz.4.2816: deleted inode referenced: 12
[  176.165045][T11637] ext4 filesystem being mounted at /309/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  176.174136][T11633] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2824'.
[  176.214585][T11637] EXT4-fs error (device loop6): ext4_acquire_dquot:6938: comm syz.6.2825: Failed to acquire dquot type 1
[  176.232822][T11654] EXT4-fs error (device loop4): ext4_lookup:1817: inode #2: comm syz.4.2816: deleted inode referenced: 12
[  176.301089][ T6647] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.534805][T11674] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2828'.
[  177.307067][T11702] xt_CT: You must specify a L4 protocol and not use inversions on it
[  177.443385][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  177.907527][T11712] FAULT_INJECTION: forcing a failure.
[  177.907527][T11712] name failslab, interval 1, probability 0, space 0, times 0
[  177.920434][T11712] CPU: 1 UID: 0 PID: 11712 Comm: syz.4.2838 Not tainted 6.12.0-syzkaller-10313-g7d4050728c83 #0
[  177.930955][T11712] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  177.941169][T11712] Call Trace:
[  177.944460][T11712]  <TASK>
[  177.947477][T11712]  dump_stack_lvl+0xf2/0x150
[  177.952106][T11712]  dump_stack+0x15/0x20
[  177.956420][T11712]  should_fail_ex+0x223/0x230
[  177.961180][T11712]  should_failslab+0x8f/0xb0
[  177.965808][T11712]  kmem_cache_alloc_noprof+0x52/0x320
[  177.971305][T11712]  ? skb_clone+0x154/0x1f0
[  177.975744][T11712]  skb_clone+0x154/0x1f0
[  177.980125][T11712]  __netlink_deliver_tap+0x2bd/0x4f0
[  177.985448][T11712]  netlink_unicast+0x64a/0x670
[  177.990253][T11712]  netlink_sendmsg+0x5cc/0x6e0
[  177.995055][T11712]  ? __pfx_netlink_sendmsg+0x10/0x10
[  178.000377][T11712]  __sock_sendmsg+0x140/0x180
[  178.005187][T11712]  ____sys_sendmsg+0x312/0x410
[  178.010045][T11712]  __sys_sendmsg+0x19d/0x230
[  178.014684][T11712]  __x64_sys_sendmsg+0x46/0x50
[  178.019487][T11712]  x64_sys_call+0x2734/0x2dc0
[  178.024276][T11712]  do_syscall_64+0xc9/0x1c0
[  178.028808][T11712]  ? clear_bhb_loop+0x55/0xb0
[  178.034047][T11712]  ? clear_bhb_loop+0x55/0xb0
[  178.038815][T11712]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  178.044802][T11712] RIP: 0033:0x7fd169b50809
[  178.049257][T11712] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  178.068988][T11712] RSP: 002b:00007fd1681c7058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  178.069017][T11712] RAX: ffffffffffffffda RBX: 00007fd169d15fa0 RCX: 00007fd169b50809
[  178.069034][T11712] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000005
[  178.069051][T11712] RBP: 00007fd1681c70a0 R08: 0000000000000000 R09: 0000000000000000
[  178.069068][T11712] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  178.069084][T11712] R13: 0000000000000000 R14: 00007fd169d15fa0 R15: 00007ffc657f8c68
[  178.069110][T11712]  </TASK>
[  178.076072][T11713] loop6: detected capacity change from 0 to 256
[  178.167529][T11712] bond1: entered promiscuous mode
[  178.172711][T11712] bond1: entered allmulticast mode
[  178.188223][T11712] 8021q: adding VLAN 0 to HW filter on device bond1
[  178.216467][   T29] kauditd_printk_skb: 224 callbacks suppressed
[  178.216485][   T29] audit: type=1400 audit(1732756625.216:8311): avc:  denied  { read } for  pid=11715 comm="syz.1.2839" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  178.297219][T11712] bond1 (unregistering): Released all slaves
[  178.401277][T11723] loop4: detected capacity change from 0 to 512
[  178.407799][T11721] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2839'.
[  178.440569][T11723] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  178.465057][T11725] lo speed is unknown, defaulting to 1000
[  178.502262][   T29] audit: type=1400 audit(1732756625.496:8312): avc:  denied  { setopt } for  pid=11715 comm="syz.1.2839" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  178.528208][T11723] EXT4-fs (loop4): 1 truncate cleaned up
[  178.541694][   T29] audit: type=1400 audit(1732756625.536:8313): avc:  denied  { create } for  pid=11715 comm="syz.1.2839" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  178.561445][   T29] audit: type=1400 audit(1732756625.536:8314): avc:  denied  { connect } for  pid=11715 comm="syz.1.2839" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  178.582555][   T29] audit: type=1400 audit(1732756625.586:8315): avc:  denied  { ioctl } for  pid=11724 comm="syz.6.2842" path="socket:[35070]" dev="sockfs" ino=35070 ioctlcmd=0x4c81 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  178.609428][T11723] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  178.655872][T11723] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.2841: corrupted in-inode xattr: overlapping e_value 
[  178.703222][   T29] audit: type=1400 audit(1732756625.656:8316): avc:  denied  { remove_name } for  pid=11722 comm="syz.4.2841" name="file0" dev="loop4" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  178.726215][   T29] audit: type=1400 audit(1732756625.656:8317): avc:  denied  { rename } for  pid=11722 comm="syz.4.2841" name="file0" dev="loop4" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  178.748679][   T29] audit: type=1400 audit(1732756625.656:8318): avc:  denied  { unlink } for  pid=11722 comm="syz.4.2841" name="file1" dev="loop4" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  178.806409][T11723] EXT4-fs (loop4): Remounting filesystem read-only
[  178.813195][T11723] EXT4-fs warning (device loop4): ext4_xattr_set_entry:1772: inode #15: comm syz.4.2841: unable to update i_inline_off
[  178.816081][T11737] loop6: detected capacity change from 0 to 256
[  178.899287][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.038133][   T29] audit: type=1400 audit(1732756626.036:8319): avc:  denied  { create } for  pid=11745 comm="syz.6.2850" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  179.041171][T11746] siw: device registration error -23
[  179.110946][   T29] audit: type=1400 audit(1732756626.036:8320): avc:  denied  { write } for  pid=11745 comm="syz.6.2850" path="socket:[35104]" dev="sockfs" ino=35104 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  179.118637][T11746] lo speed is unknown, defaulting to 1000
[  179.386598][T11761] ebt_among: dst integrity fail: 101
[  179.405657][T11759] loop3: detected capacity change from 0 to 512
[  179.420052][T11761] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2856'.
[  179.546624][T11769] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2859'.
[  179.573578][T11759] EXT4-fs error (device loop3): ext4_acquire_dquot:6938: comm syz.3.2855: Failed to acquire dquot type 1
[  179.598700][T11767] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(11)
[  179.605329][T11767] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  179.612958][T11767] vhci_hcd vhci_hcd.0: Device attached
[  179.653545][T11778] loop6: detected capacity change from 0 to 512
[  179.673252][T11767] tmpfs: Bad value for 'mpol'
[  179.674179][T11759] EXT4-fs (loop3): 1 truncate cleaned up
[  179.678482][T11778] EXT4-fs: Ignoring removed mblk_io_submit option
[  179.685993][T11759] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  179.705266][T11775] vhci_hcd: connection closed
[  179.713298][ T6393] vhci_hcd: stop threads
[  179.717888][T11778] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  179.717995][ T6393] vhci_hcd: release socket
[  179.735141][ T6393] vhci_hcd: disconnect device
[  179.762730][T11778] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b042c118, mo2=0002]
[  179.792815][ T1034] vhci_hcd: vhci_device speed not set
[  179.795080][T11778] System zones: 1-12
[  179.801463][T11759] ext4 filesystem being mounted at /575/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  179.844577][T11778] EXT4-fs error (device loop6): ext4_xattr_ibody_find:2240: inode #15: comm syz.6.2860: corrupted in-inode xattr: e_value size too large
[  179.903060][T11778] EXT4-fs error (device loop6): ext4_orphan_get:1394: comm syz.6.2860: couldn't read orphan inode 15 (err -117)
[  179.935434][T11778] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  180.053427][ T6647] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  180.145584][T11759] ==================================================================
[  180.153898][T11759] BUG: KCSAN: data-race in __filemap_remove_folio / folio_mapping
[  180.161844][T11759] 
[  180.164182][T11759] write to 0xffffea0005299d98 of 8 bytes by task 11639 on cpu 1:
[  180.171966][T11759]  __filemap_remove_folio+0x1ac/0x2c0
[  180.177377][T11759]  filemap_remove_folio+0x6b/0x1f0
[  180.182521][T11759]  truncate_inode_folio+0x42/0x50
[  180.187599][T11759]  shmem_undo_range+0x25b/0xa70
[  180.192493][T11759]  shmem_evict_inode+0x14d/0x530
[  180.197474][T11759]  evict+0x2f0/0x570
[  180.201412][T11759]  iput+0x42a/0x5b0
[  180.205260][T11759]  dentry_unlink_inode+0x24f/0x260
[  180.210411][T11759]  __dentry_kill+0x18b/0x4c0
[  180.215024][T11759]  dput+0x5c/0xd0
[  180.218707][T11759]  __fput+0x3fb/0x6d0
[  180.222713][T11759]  ____fput+0x1c/0x30
[  180.226734][T11759]  task_work_run+0x13a/0x1a0
[  180.231367][T11759]  do_exit+0x5dd/0x17f0
[  180.235561][T11759]  do_group_exit+0x102/0x150
[  180.240264][T11759]  get_signal+0xeb9/0x1000
[  180.244701][T11759]  arch_do_signal_or_restart+0x95/0x4b0
[  180.250285][T11759]  irqentry_exit_to_user_mode+0xa7/0x120
[  180.255952][T11759]  irqentry_exit+0x12/0x50
[  180.260402][T11759]  exc_general_protection+0x33d/0x4d0
[  180.265784][T11759]  asm_exc_general_protection+0x26/0x30
[  180.271362][T11759] 
[  180.273691][T11759] read to 0xffffea0005299d98 of 8 bytes by task 11759 on cpu 0:
[  180.281340][T11759]  folio_mapping+0xa0/0x120
[  180.285873][T11759]  evict_folios+0x2479/0x3240
[  180.290568][T11759]  try_to_shrink_lruvec+0x5d2/0x750
[  180.295804][T11759]  shrink_lruvec+0x22d/0x1840
[  180.300529][T11759]  shrink_node+0x603/0x1d80
[  180.305059][T11759]  do_try_to_free_pages+0x3c6/0xc50
[  180.310314][T11759]  try_to_free_mem_cgroup_pages+0x1e3/0x490
[  180.316244][T11759]  try_charge_memcg+0x2bc/0x7f0
[  180.321141][T11759]  obj_cgroup_charge_pages+0xbd/0x1a0
[  180.326558][T11759]  __memcg_kmem_charge_page+0x9d/0x170
[  180.332061][T11759]  __alloc_pages_noprof+0x1bc/0x340
[  180.337291][T11759]  alloc_pages_mpol_noprof+0xb1/0x1e0
[  180.342697][T11759]  alloc_pages_noprof+0xe1/0x100
[  180.347659][T11759]  __vmalloc_node_range_noprof+0x6eb/0xe80
[  180.353477][T11759]  __kvmalloc_node_noprof+0x121/0x170
[  180.358862][T11759]  ip_set_alloc+0x1f/0x30
[  180.363219][T11759]  hash_ipport_create+0x4dc/0x9f0
[  180.368272][T11759]  ip_set_create+0x359/0x8a0
[  180.372887][T11759]  nfnetlink_rcv_msg+0x4a9/0x570
[  180.377845][T11759]  netlink_rcv_skb+0x12c/0x230
[  180.382628][T11759]  nfnetlink_rcv+0x16c/0x15d0
[  180.387325][T11759]  netlink_unicast+0x599/0x670
[  180.392103][T11759]  netlink_sendmsg+0x5cc/0x6e0
[  180.396897][T11759]  __sock_sendmsg+0x140/0x180
[  180.401595][T11759]  ____sys_sendmsg+0x312/0x410
[  180.406371][T11759]  __sys_sendmsg+0x19d/0x230
[  180.410972][T11759]  __x64_sys_sendmsg+0x46/0x50
[  180.415776][T11759]  x64_sys_call+0x2734/0x2dc0
[  180.420468][T11759]  do_syscall_64+0xc9/0x1c0
[  180.424982][T11759]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  180.430895][T11759] 
[  180.433221][T11759] value changed: 0xffff888123c37070 -> 0x0000000000000000
[  180.440328][T11759] 
[  180.442648][T11759] Reported by Kernel Concurrency Sanitizer on:
[  180.448806][T11759] CPU: 0 UID: 0 PID: 11759 Comm: syz.3.2855 Not tainted 6.12.0-syzkaller-10313-g7d4050728c83 #0
[  180.459230][T11759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  180.469293][T11759] ==================================================================
[  180.539084][T11791] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2863'.
[  181.030052][T11759] syz.3.2855 (11759) used greatest stack depth: 6056 bytes left
[  181.039845][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.