last executing test programs:

56.434685078s ago: executing program 2 (id=765):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000040)={0x18, 0x78, 0x601, 0x0, 0x0, "", [@typed={0x7, 0x0, 0x0, 0x0, @str='\a\x00\x00'}]}, 0x18}], 0x1}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$rds(0x15, 0x5, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r3, <r5=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f00000005c0)=r4}, 0x20)
perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x2, @perf_config_ext={0xfffffffffffffffb, 0x7}}, 0x0, 0x0, 0xffffffffffffffff, 0xf)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r2, 0x8933, &(0x7f00000009c0)={'wg0\x00', <r6=>0x0})
sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f0000000b00)={&(0x7f0000000980)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a00)={0x4c, 0x12, 0x300, 0x70bd2a, 0x25dfdbfc, {0x1a, 0x8, 0x5, 0x7f, {0x4e23, 0x4e21, [0x7, 0xfffff706, 0xf, 0x5], [0x2, 0x30000, 0x2, 0x2], r6, [0xfffffffa, 0xaf5]}, 0x8000, 0x2}}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x4044000)
setsockopt$RDS_GET_MR_FOR_DEST(r2, 0x114, 0x7, 0x0, 0x0)
sendmsg(r2, &(0x7f0000000940)={&(0x7f0000000300)=@l2tp={0x2, 0x0, @local, 0x1}, 0x80, &(0x7f00000006c0)=[{&(0x7f0000000380)="2a9eb54bc27201c68fbc0144d10f7194d9b8168c3f103a7da16cb0735ddf0a8c06b408421436", 0x26}, {&(0x7f00000005c0)="b43f75626e45933f33252c336e93105604d67b1b29ba6d20b3a03e78ca726e3a1813f96b9d228d207fbc1ead62f7b3ef177d5fbcfa92d5f8e1bfa8ac5af1f35a10244dc6e13d4d9209ece233ad5ee1c6", 0x50}, {&(0x7f0000000640)="adfe38e07fb78308eed35b436c067b3d54b0c055e76d4a0bca545d36d71bd57706f30c7141b54a73a2188c4c03c6156328f0f7830011712ae63e21b77973cf37953de922db348a084b948790becf1d5dadc2d4c9165c31b1", 0x58}, {&(0x7f0000003000)="97769c72d82d97ae31a4e0416d463164b925c03408b65c7aaafb123fa6b82987e45cd464087fe23decc9b06308161e0b7ee253e24ac7faf676ff967c41544ff187be001dfcc7a721c6a6f05a2a8b66f5b20b8120b868abef2628332d32e900bcfffe00645c197c1571b75b7437a9e44ecef2582f96db47c92aabe4b2dc507621424f837a1f88474730bbb1a1b0b8370018493ef7cddf4528df2d98c9ee247ab84f470c374eec7c2dffbf93cf7b9f35f22ff03765b111c48a77f1b93525749f46b923769281f25df2d48c60be2b0f8f57e3a812e5d5f9f10a88caddfc2dea753252330da7db716be3a81d69b4008de9383e10601a5f651aa60f05e3093a0aa2d5e3124ae37bdc4c4caf1c5279bab7d1d3a70bb46c965a7e9d9d57fd321a2840a98fd6e83052a97b24c926e2eb2d25c1c481c58c8769c87ebabc3a96b931a7cc720c15cd1d0007911b64266b145e09872cb31c00e45621b953a164506d12a2495034b9af3ddaa21fee7e37578e0dd50c11437624ee38fb730a6dbf6b8d3c4c1da1514c6323f1ac11d8ccedd647a1f5d8cb73e5f0fbf024187ab4110616a56a27beb5fba492c82cc163a04643aec0e44e8a0903878199bd31106c33e5c002ea32454933c7b281dacc32ab2b91f7adefe60e80d2366ffe1e14ea1354497f6c8e064247fb2572a1d08cc6036a8986a887db698d63575b6dbdaeb975b10a4ce7aeeccafe0fe7b9c85d9dfa25c688ecf80d66e541e98e88382c9da2341d675d440e1408abc3e12b738a66efde53a270d532b48cad55eb4b5843a1fe24db970dd26c46793df594c31da7b1a095f0c49f04c62f5c31dc322acac3db5b31c0571d9cf2ef1fa34f8ed812edcfeaf882a5beb444060275f4edb8f3371cc9ea9077fe46375cf06d17da2d6d1a395fd41d2274a35a589b83a42eadeaeba288d8626a189cf1e75f897302edc39845df21a56b31a20b5fd9ca371c5dfb741ce88cd3737698c1a14e880a67e39a16d3a2c8c8a71c69e7380038a2635e8dc8a4f6de8fdd6e472311285d044d56f8456645a5c5f5f938a48e1f8c86f3f251e7f86cf49c3378aa23402ab0999aa647eaeaad78098086eb1ca11bbb367598ca8de814ebdefbae6098542009b77c0f7b951f712e94dc926dd466f8b0bda8b6256595efb9bc4fcf5a4b6507c0bbfcc7bdc426491c8e8f979abba5858a9e10f429374dc1a679faffaaa79c126f7cc0ae0616108b77833a11d46ec5972b57bc2532908b6d42f5b4bfe6f4ed96d95d2540616f5ce6f0cd7ba42307fbdeb5fa9f43f5ecd4f5996ad6541c6fcd65b150c12fb47c0607ae4376c921241e9a7c8958590e7dece74371127ed3eb5b93927a74f6ff1a639a1fe361814ba4d2e4c4acf89fdf0e2140613355e46986898a4d9bc5540a9fa070e4b5d77f641fef840e4e003d7a11c01a57abdb9b635f63441b3118bb1f124b98b2384bf45df9ad492d381a346379fa56e05dc983701e62ea4f83e9f67396c0933f7dd6a99d47a6d5f23f277a2e908032c5781448217417aef3d62f4a87b12c985a4342f85736b4f26b17166a856b7d9bfa27da77468686a3947157d851c63272872f65f20d108dddfcfd05f8dba4b844a9dfe17f20e876705a0c832fb0997f6ac0e4668af29b819aebc5a97e83036e81c287da4d116a8139d34abebdeaa78d6ae65e0adb1a4bccfe42e37b8bf390d738c8066013bb1143c1ea0b626a47de68e46ae92fc7c2daedd1887f32682e1ce44d2a97e1a7b9a8943ffb9fda66ba186df55d83a8f93ec2220d2e7c48b040ad2879d34fcd73704b7f78f8113cc4d6c0f1e1c0c3dd7ea6c3382d7b378e13303bfad76b26aee3b5fe473553951cb54b361bc21f887a336ba91f9a8cb2e176be178d9e231deb1ecdaf7003da3f9520c095d525f7bb714cecb093a334e7c981317f1d20348ebbed1c9761658c05be5e556f18f6a47badc693e7a242da090a21663adb1d5182ddc68a61309695790d808efa15e7d985724e5487e1272e03c3a8944589392610b4c1d557a34155e88c6642a94c8b0f511e7509b6ef0bd7e33ee7f4386833e3e05db482b75e3b7b029282a2041c4fbc0218358281a86e19a73195fbd24baad91ea916bbaf70c62eaebf94d88a03d41aa63c05afb5864a3a9ae3cf538f0e076034d7c5680c27d35ef0acfd2d47b4d7bc4a18ee978fe6fc02506a4b41c2a83552d341b0690257cba7f02e8e2e93d51abbcda7fa8787e20ce24c35fbc36c767df6746ce3baf4336c365107ec165f877253fa9c503ebc337e52da7d103181af2dd1d356d5ab50f4aed54da2e8947d18d0587f8219e6c9e18e9da73a21d750c6f9546eff1de4f6d1f1c5c3ff7eb826ce1a9a272c7b0d303723d6bdf33c110e2cdb5fedce93c26b35d5fe5e4d4a59c0dde37c69080bf7894a0e596c5311d1c04547b2eac865fb905a847d2fbc90ad27aaef6248d36ac510945a3980fb6d265b49c52f9d82381ef9f2037b9cd6e12f7b3c0b8f40a99bb23d4a5c8bd82c4297460bc55bf4f44d6f30ee5a95f857cd77e0f9f4656b0ff210350b69b7d97c9f8d057f7cdd1d5dd4ffdb51d00765bbb129a9a6121e829a038a57d3df4ada595daa12e0ffb29c7460a21cc7ddabbcb3ef133162d4019f6daba6dc0162e97f0247993ed85bc1216e0c9bbd342b8f8e9e53d1236270f0ae51fd98e37d6fe66361d2238f5484f6076338172eff3524b95d8558f313e581cea16ac603915ea4a73abe9545c5f1388646f92a7d3411626bddb4d1e7342496d139bb43550e6abcc7df7fc977e11272385624a358efd61417caa881eab6eac35fb05c4c9ed3348d885123ca8945fb723f0e5dccf5a62ad347018a683b43224ba1ecd6c0ff2021063e456b26b8b4621c43017ef3557fa044183f6fece4d21b167a69fe035f3cc63ed4df4c06df14dcd5c32092aa6f71866c4a5b1fa4aa543c7ff653e056a8496a7739fab68374548031c79856b3fb1e028d0a6e31e7ade6fba6eea22315296701788e8c067e2138c308d964d6b7cdb05f53957c2f8e4d1695a5d90f059c82ba377bfad9e0167958b543315fbbffefae256014f28f66f9a90f519e01eac0f93ae28259b421f2cf710a5aeeb25b5efa70c7b0ab93501d1db718ecd4d684b55dfc86ece07c0f35811405f7eda6e50b3704e3b75eaf74fce2483992f4513dee85e78c7d4e39a2f848e30a58c27d94521e9098f88d06094998a4df239fba1c8e04197ce7c78312989517a2101934ae42f5d41e7f53889f2c049c30cc244ef8083d64d80c982a102f322c8405dfdf658e5ee3baf5fa648d73b0cf7725a92ee5a23fcaaa0667b8817aed6f84d9022e71d948abc4074e1a2a31bf80e3c0da634a93fd57aadbba4d0677f37341f09a3b12540483fdf9cf5c03e778169d2e18cc750bc2376838cf350a340ecaf3b303ad0fe0ed53c19c37ab0289bd8c7637dd34ea12d3cff9ffb9719da146f95bacc5ffa30787d7e59e3549c85255a372a9c8995838605c5a47b2f32d8ff579793a5ae17242ea888c158a334d3298f104b449ea3fc989a7ea471831d30350663f40f52d686beebb0b46dad391950b2d65d9fa2d4498e47c343f324b9c4f0f8adc666998e599c2167be8c57c54faccb9ae734ad47704505f90e65fd252170e170f682349f251f71378f0d740abfbe61cefe4b53c2b0362927042461d2f16b8ac42b73306fbdb49699ef208f220bdbd0fbb25c5d8ee71f96ab2034dba40e3e5229c26c25856a0129e9cc21a2939ea490e8abc5a983f7190cac1d1d81c62e3fc55eb614eaa76e47c48a4b394efd9b4894a49ea06e303b82a57cbfb97ee2f77de3dbe3ed033e8e530d65d046dea594a88429f4a4ee815cd6f894f742a3cc8e98a18ac4c0e9e5026e9bfb0f0c3e2817aa68a1e524a607df5fc210486ee6a49c78a4d34351304ea2f78ae07ff3aa897ccac5fb7dd41e0ed62a6d03d65fbfcc661061688538c568c3e09ab2ce0d38369ba072876b03ded4d429649025c65d4b2d60ed2b09b1a30e0af083417ef96d3cf345f47a904ba603877398391c62a7939f3def175b2614a8e4a93fa8bfe495067c7ba98d0e1725095fff4c65166751b8ab5d46020d459741ae44518e9058bece7448016efc175ba609404ebab34ed2a596c16ce13699bc0279d544abfbc36669013b2737a948f344db5af274f0c6b1569c7240d244b1877bc4c64ef5f1915c11feef8c1fe98a11bc7e53ddab1175173624cbec9323a85603d19506c831fd02e2440ff2847c41883aa135e52f88025ce1690459a3e210059416a48bebd3b32f1f407540185126afd16bdfe71adc070d74adec5080c7ddde5e8753a8c6f73afc34e1b0479bf50ece48fec9b63f2dfd300135f338062d191b02f37cb235e8d8fb3074bc71286fa8559f96956f37c302169d61f9b9f889f3122cc263244ca6c9abc0f452143cb70dfa6e273c6c83abd4ae69f765196ff397957e9581570af17e2ca15576e82d46ba9d0796b44d6ff49d8de03f55b8f7f120b670c58a87cdb827598263f8806b2c9a5c7c48a30c48d06da657c49bff52aae9b8a10971f4d1958fe8cd327d7df32ea2407e9b6b616f2acd455a4051195e8c0f1f8bbd984d99dcb418b5eac5b48868dd3c5d1cde3123d5c3c33112095eb89966f8f68275b02058c6fff83a0da8f84440503126cc213b954296169d2441240564652e247935c751baaca22d22064525b66f2b257fe8a009ab077add934b0c5cdef3d0b78ac4b53b6c1557bb9ea51d2ac320ea52c59cfaa4df7d97a9299fc479afe6f8971175df2b7d8b835837f527dca801f8572f670aac568611d165ba99757c66be4ec1ef3a80d41b4a0a79fc8463c27c79980a218cc14ec95a0232a1f1eef9b897f81a05bc6951ca713633d0593397343df45db394306fcae8c0531fdb8141334115884bbc3d656422d36e18fd69cfe318a045e71b38f738842a787f7b48c5e3fec2fcfa01b7e98bb9a241c01565d7b528cc0c52f0d8af69bf7747a6fb1214dfb632618a3ce74c2cc46c493108018cabd45174fab0e70a2d9c6a7aefedb9dbcc150765c212dce164950619443aae2710d381f224474c78f0c16e09c539fd8bba30b03c481a9d1c8d4b8ac017b74de519a5069caa4cc7985d8e5c0532873d2067479eeea160bdc3fece0ce931e0fb297152d87e3c51e638e2297fb8c8cd05ab06994c0fe65e45988b77c218f1bfa833c5558804f11d37b0e5413d327019ad8ed57ff64a301a55cc7f3e06836b119a34894f2d6751d8be7fef3c7ae02c6a5c45c3f6a128aa6a6dec20cf4ae49fc6e97baf6a7d820bf790dbcf6b97ecde1c950f3e889a0750d88965a89e0b12a5c625d5dd8ab3005cee9f45d9cb1f6b39b1362c588aa343da1b283231cdb7f7a2d3857e9118593eba5aaa9d93e1506b9bebe1ca3da54646568040cfd75009d87e0e900a4a578078c4fce0124ba4f62f67c049cda2de7bcf9bf0fb552edb9722822e0729e8d70ef1602dde504d9f44e988a12e46ebac1ac6bd0313b790879bf50d76c79d618e13b01a36b343ea8be25e0d37455047a5dc0e359e1c92db0f5b760dfe7364c63c1924afeff94d13590b1d155e8eac047ce04cca3c894d0890efd25faadcde7938358344d4e9d36428579647d4b1813d2060a3467d463a034774701809025e3e2b26083346b0f3fdf224f58e05334039fe2c6cbc8cdbbc15d9d5847131ef0188d682bb84122742cfaac0ad1484bfee7dc5a4c8bcb63069c7000eefc46d487a6a5cd866e80a7ae31b0210c7d33424c8cfa69094fae7b", 0x1000}], 0x4, &(0x7f0000000b40)=ANY=[@ANYBLOB="c80018f877953f1d88953b6c483f91d447a7a8cd67bdbfde6b634dd980ee67eeaceb074a0550496233e1da432d6d01b38893e576a0b24b9e885f19a3dda1b4d111587940d41440b027be2b74293a278f3d5d2e72817e8e0952698bb5e6633c9a7f05582071d64490910bffb7a3d95867851499a9981c4e6db54a622599cdb34160816d6f3f2a8e89171119987330e32e4159e9d052cb6386372f03d3d1db418f78a2b1c6678e000000000030000000000000000000000054a2000032d89e44db10d530c459e2ec0b4717f20c2c5d9eea670c62e3bceaec9492d9b32000000000000000110100005500000031c610b8582c155f69ba2600000000004800000000000000060000007b010000f7a48542d85fe14ea5d7cd54c05eaf520175f048e5f899c920ebc1da15909c2b036eb5920677af9f08999c2b4e9e8a6d222bc9dd6019312d68000000000000000600000000020000461d3546b8f618ee795c863e4a15de3707a72b19ceb22e1b8c2b30963ccdf007cf6e2790144af8943f150d735e8fb6b9b3eb7156314a487d87f2d9d4a25dd87b1c3f2aa3f446be1c69dbd49656e6759a3a9212a4cc239b00000000000000000001000000000000fb79b19eb08b9e50872fe3ca90462cf4df0772d42a2fc46e782a2d80e79b5e04386877a6f8e2e2f64f8bb9439b24e83f16b62043349cae5b61a600"/514], 0x1c8}, 0x24000010)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000008500000050", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r8}, 0x10)
r9 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x3f)
r10 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r10, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000005c0)}], 0x1}, 0x0)
ioctl$TIOCSETD(r9, 0x5423, &(0x7f00000002c0)=0x1)
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000a80)=ANY=[@ANYRES8, @ANYRESDEC, @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfd32, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r11}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00'}, 0x10)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)

55.668630009s ago: executing program 2 (id=777):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xb, 0xb76e}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r3, 0x0)

55.640198579s ago: executing program 2 (id=779):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b700000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0xf2de1000)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)

55.432506793s ago: executing program 2 (id=784):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000440)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa4000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000480)='kfree\x00', r1}, 0x18)
r2 = syz_open_dev$usbfs(&(0x7f0000000040), 0x201, 0x802)
r3 = dup(r2)
ioctl$USBDEVFS_CONTROL(r3, 0xc0185500, &(0x7f0000000380)={0x80, 0x6, 0xf00, 0xe0, 0x0, 0x0, 0x0})

55.351377724s ago: executing program 2 (id=787):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0xffffffffffffff34, &(0x7f0000000080)={0x0, 0xb8}}, 0x0)
getsockname$packet(r1, &(0x7f0000000000)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x3c)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x51)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x51)
ioctl$FS_IOC_FSSETXATTR(r5, 0x401c5820, &(0x7f0000000080)={0x8})
ioctl$FS_IOC_FSSETXATTR(r4, 0x401c5820, &(0x7f0000000080)={0x8, 0x0, 0xfffffffc, 0xe4c, 0xf2})
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee80000040000000010000000", @ANYRES32=r3, @ANYBLOB="ddfffffdff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=@ipv4_newaddr={0x20, 0x14, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0xff, r3}, [@IFA_LOCAL={0x8, 0x2, @local}]}, 0x20}}, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0x4401})
r6 = socket$inet(0x2, 0x3, 0x2)
setsockopt$packet_tx_ring(r4, 0x107, 0xd, &(0x7f0000000240)=@req={0x7, 0x36e0, 0xb9, 0x1bfa}, 0x10)
setsockopt$inet_mreqsrc(r6, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local}, 0xc)
socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
wait4(0x0, 0x0, 0x80000000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
fadvise64(0xffffffffffffffff, 0xfffffffffffffff1, 0x81, 0x3)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xb, &(0x7f00000001c0)=ANY=[@ANYRES8=<r9=>r7], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xec3, @void, @value}, 0x94)
r10 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r8, 0x0, 0xefffffff}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f00000500000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000010206e000000000000000000000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x20, 0xc, &(0x7f0000000680)=ANY=[@ANYRES64=r9], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r11}, 0x18)

54.799636912s ago: executing program 2 (id=792):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000000)=@filter={'filter\x00', 0xe, 0x2, 0x250, [], 0x2, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="00000000000000000000000000000000000000100000000000000000000000000000002000000000ffffffff0000000000000000000000000000050000000000000000000000000000000000000000000000000000000000ffffffff0100000003000000000000000000697036677265300000000000000000007465616d30000000000000000000000076657468305f746f5f626f6e6400000076657468305f746f5f626f6e64000000aaaaaaaaaa0000000000000024ffff"]}, 0x131)
sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000180)={0x60, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x4c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0xa, 0x0, @loopback}}, {0x20, 0x2, @in6={0xa, 0x0, 0x0, @mcast1}}}}]}]}, 0x60}}, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000000c0)={<r2=>0x0, @multicast1, @remote}, &(0x7f0000000380)=0xc)
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000400)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000003c0)={&(0x7f0000000800)={0x940, 0x0, 0x304, 0x70bd28, 0x25dfdbfe, {}, [@WGDEVICE_A_PEERS={0x8d4, 0x8, 0x0, 0x1, [{0x46c, 0x0, 0x0, 0x1, [@WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "1b60be765e63c4ae13bfbac0e34f170abe7c9141eee1930ba422389276eee157"}, @WGPEER_A_ALLOWEDIPS={0x40c, 0x9, 0x0, 0x1, [{0x64, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x2}}]}, {0x40, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x3}}]}, {0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5}}]}, {0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @rand_addr=' \x01\x00'}, {0x5, 0x3, 0x3}}]}, {0xc4, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x20}}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010100}, {0x5, 0x3, 0x1}}]}, {0x58, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x1}}]}, {0xc4, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x1}}]}, {0x7c, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @private=0xa010102}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x31}}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5, 0x3, 0x3}}]}, {0xb8, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @private=0xa010100}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @private=0xa010101}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x3a}}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, {0x5, 0x3, 0x3}}]}]}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e22, 0x8001, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}, 0xb}}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x2}]}, {0x1f0, 0x0, 0x0, 0x1, [@WGPEER_A_PRESHARED_KEY={0x24, 0x2, "42a403685f9b8dcaf09af20ea6ccb05554fb7f44b77140e088c314687f4271ce"}, @WGPEER_A_ALLOWEDIPS={0x19c, 0x9, 0x0, 0x1, [{0x40, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @private2}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x10}}, {0x5, 0x3, 0x1}}]}, {0x4c, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @multicast1}}, {0x5}}]}, {0x10c, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x27}}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010100}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}}, {0x5}}]}]}, @WGPEER_A_PUBLIC_KEY={0x24}, @WGPEER_A_PROTOCOL_VERSION={0x8}]}, {0x64, 0x0, 0x0, 0x1, [@WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e23, 0xfffffff8, @mcast2, 0x9}}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e21, 0x7, @rand_addr=' \x01\x00', 0x1}}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x9}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x31}, @WGPEER_A_FLAGS={0x8, 0x3, 0xd}, @WGPEER_A_PROTOCOL_VERSION={0x8}]}, {0x30, 0x0, 0x0, 0x1, [@WGPEER_A_FLAGS={0x8, 0x3, 0x2}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @neg}]}, {0x194, 0x0, 0x0, 0x1, [@WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e21, 0x481, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, 0xf99}}, @WGPEER_A_ALLOWEDIPS={0x15c, 0x9, 0x0, 0x1, [{0xc4, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @private2}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x26}}, {0x5}}]}, {0x94, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @rand_addr=' \x01\x00'}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5}}]}]}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e22, @remote}}]}, {0x4c, 0x0, 0x0, 0x1, [@WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e23, 0x1, @rand_addr=' \x01\x00', 0x101}}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e24, 0x3, @mcast2, 0x6}}]}]}, @WGDEVICE_A_FWMARK={0x8, 0x7, 0x6}, @WGDEVICE_A_FWMARK={0x8, 0x7, 0x101}, @WGDEVICE_A_PRIVATE_KEY={0x24}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg1\x00'}, @WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e24}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r2}]}, 0x940}, 0x1, 0x0, 0x0, 0x44800}, 0x8000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x4000005}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
r5 = socket$packet(0x11, 0x2, 0x300)
getsockname$packet(r5, &(0x7f0000000440)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000480)=0x14)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r7}, 0x10)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB="48000000100001040000000004000000000000008b294286c876e91fc533dd8c4cfdeb9154727cdd5e205371cee6d560d0bfa445e55053726516621e0d67e78cf23ef8b1641502c3786c35f3b9d9b3a6e0d53d4fca3c9affbf4033c53fbb07d1e5ce213eb0fcf429c0e7dbb8b7a676af277a40b3d02c97f5f1403b965068a21c13f09cef6482f3e1b6acb5b52648aed97d060f942b", @ANYRES32=r6, @ANYBLOB="000000000014040028001280090001007665746800000000180002801400010000000000", @ANYRES32=r6, @ANYBLOB="0000000043030000"], 0x48}}, 0x0)

39.750297944s ago: executing program 32 (id=792):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000000)=@filter={'filter\x00', 0xe, 0x2, 0x250, [], 0x2, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="00000000000000000000000000000000000000100000000000000000000000000000002000000000ffffffff0000000000000000000000000000050000000000000000000000000000000000000000000000000000000000ffffffff0100000003000000000000000000697036677265300000000000000000007465616d30000000000000000000000076657468305f746f5f626f6e6400000076657468305f746f5f626f6e64000000aaaaaaaaaa0000000000000024ffff"]}, 0x131)
sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000180)={0x60, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x4c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0xa, 0x0, @loopback}}, {0x20, 0x2, @in6={0xa, 0x0, 0x0, @mcast1}}}}]}]}, 0x60}}, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000000c0)={<r2=>0x0, @multicast1, @remote}, &(0x7f0000000380)=0xc)
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000400)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000003c0)={&(0x7f0000000800)={0x940, 0x0, 0x304, 0x70bd28, 0x25dfdbfe, {}, [@WGDEVICE_A_PEERS={0x8d4, 0x8, 0x0, 0x1, [{0x46c, 0x0, 0x0, 0x1, [@WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "1b60be765e63c4ae13bfbac0e34f170abe7c9141eee1930ba422389276eee157"}, @WGPEER_A_ALLOWEDIPS={0x40c, 0x9, 0x0, 0x1, [{0x64, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x2}}]}, {0x40, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x3}}]}, {0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5}}]}, {0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @rand_addr=' \x01\x00'}, {0x5, 0x3, 0x3}}]}, {0xc4, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x20}}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010100}, {0x5, 0x3, 0x1}}]}, {0x58, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x1}}]}, {0xc4, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x1}}]}, {0x7c, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @private=0xa010102}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x31}}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5, 0x3, 0x3}}]}, {0xb8, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @private=0xa010100}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @private=0xa010101}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x3a}}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, {0x5, 0x3, 0x3}}]}]}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e22, 0x8001, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}, 0xb}}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x2}]}, {0x1f0, 0x0, 0x0, 0x1, [@WGPEER_A_PRESHARED_KEY={0x24, 0x2, "42a403685f9b8dcaf09af20ea6ccb05554fb7f44b77140e088c314687f4271ce"}, @WGPEER_A_ALLOWEDIPS={0x19c, 0x9, 0x0, 0x1, [{0x40, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @private2}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x10}}, {0x5, 0x3, 0x1}}]}, {0x4c, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @multicast1}}, {0x5}}]}, {0x10c, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x27}}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010100}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}}, {0x5}}]}]}, @WGPEER_A_PUBLIC_KEY={0x24}, @WGPEER_A_PROTOCOL_VERSION={0x8}]}, {0x64, 0x0, 0x0, 0x1, [@WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e23, 0xfffffff8, @mcast2, 0x9}}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e21, 0x7, @rand_addr=' \x01\x00', 0x1}}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x9}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x31}, @WGPEER_A_FLAGS={0x8, 0x3, 0xd}, @WGPEER_A_PROTOCOL_VERSION={0x8}]}, {0x30, 0x0, 0x0, 0x1, [@WGPEER_A_FLAGS={0x8, 0x3, 0x2}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @neg}]}, {0x194, 0x0, 0x0, 0x1, [@WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e21, 0x481, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, 0xf99}}, @WGPEER_A_ALLOWEDIPS={0x15c, 0x9, 0x0, 0x1, [{0xc4, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @private2}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x26}}, {0x5}}]}, {0x94, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @rand_addr=' \x01\x00'}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5}}]}]}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e22, @remote}}]}, {0x4c, 0x0, 0x0, 0x1, [@WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e23, 0x1, @rand_addr=' \x01\x00', 0x101}}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e24, 0x3, @mcast2, 0x6}}]}]}, @WGDEVICE_A_FWMARK={0x8, 0x7, 0x6}, @WGDEVICE_A_FWMARK={0x8, 0x7, 0x101}, @WGDEVICE_A_PRIVATE_KEY={0x24}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg1\x00'}, @WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e24}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r2}]}, 0x940}, 0x1, 0x0, 0x0, 0x44800}, 0x8000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x4000005}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
r5 = socket$packet(0x11, 0x2, 0x300)
getsockname$packet(r5, &(0x7f0000000440)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000480)=0x14)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r7}, 0x10)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB="48000000100001040000000004000000000000008b294286c876e91fc533dd8c4cfdeb9154727cdd5e205371cee6d560d0bfa445e55053726516621e0d67e78cf23ef8b1641502c3786c35f3b9d9b3a6e0d53d4fca3c9affbf4033c53fbb07d1e5ce213eb0fcf429c0e7dbb8b7a676af277a40b3d02c97f5f1403b965068a21c13f09cef6482f3e1b6acb5b52648aed97d060f942b", @ANYRES32=r6, @ANYBLOB="000000000014040028001280090001007665746800000000180002801400010000000000", @ANYRES32=r6, @ANYBLOB="0000000043030000"], 0x48}}, 0x0)

24.167272264s ago: executing program 5 (id=1110):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x6e, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r3}, 0x18)
ftruncate(r2, 0xc17a)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0xc2d41, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000700000e0000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a30000000000800054000000002600000000c0a01080000000000000000010000000900020073797a32000000003400038030000080080003400000000224000b80200001800e000100636f6e6e6c696d69740000000c00028008000140000000000900010073797a30"], 0xe4}, 0x1, 0x0, 0x0, 0x4718a05f20824a9e}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0xe1f898c0e826aadf)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r5 = socket$inet6(0xa, 0x1, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r5, 0x89f1, &(0x7f00000004c0)={'ip6tnl0\x00', &(0x7f0000000740)={'syztnl1\x00', 0x0, 0x29, 0x0, 0x3, 0x0, 0x0, @local, @local, 0x10, 0x7, 0x2, 0x8}})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r5, 0x89f2, &(0x7f0000000600)={'syztnl1\x00', 0x0})
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10)
setpgid(0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r7, &(0x7f00000000c0)={0x2, 0x4e20, @broadcast}, 0x10)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x2400, 0xc3)
sendmsg$NFT_BATCH(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000840)=ANY=[@ANYBLOB="140000001000010000000000000000000000000aec000000000a01020000000000000000050000020900010073797a300000000008000240000000023c0006e808cf7384552f120183af56c4b2b79056586784bdcd8587885c60e5aa03d08d86c3f3fb99dac62aecd67dae229b4fb1f5e5cc1fdb5a5790010c00044000000000000000027300060019b59eb8f88251e50df3a7832fa66219e3adfb6f7f9e540e5d75f5287b5e577d484288d63bf01771d1421e03c82f09584c5fccf3c638eda875b512ced355af6eac1595e41486cd23fbd7165585760593db53e7aaf06ae70b4224d1c9d423d0daa28bf927198015adbbcc6fd9c1e5600008000240000000"], 0x114}, 0x1, 0x0, 0x0, 0x8004}, 0x4)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x1ff, {0x0, 0x0, 0x0, 0x0, {0xfff2}, {}, {0x8, 0x10}}}, 0x24}}, 0x0)
sendto$inet(r7, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)

23.860356518s ago: executing program 5 (id=1117):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e21, 0x1, @remote, 0x2}, 0x1c)
r1 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r1, &(0x7f0000001200)=[{&(0x7f0000000080)="580000001400add427323b472545b45602117fffffff810000400e227f000001925aa80020007b00090080007f000006e809000000ff0000f03ac71002000000ffffffffffffffffffe7ee00000000000000000200000000", 0x58}], 0x1)
perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x0, 0x0, 0x3, 0x0, 0x0, 0x4003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xf}, 0x0, 0xfffffffffffffffd, 0x80000001, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x3, 0x0, 0x7}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb79100a000000800000000642"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1100}, 0x48)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000202300800000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x7, 0x0, 0x0, 0x40f00, 0x9, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000640)='kmem_cache_free\x00', r3, 0x0, 0x80001}, 0x18)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000000c0)='./file2\x00', 0x280880f, &(0x7f0000000040), 0x3a, 0x527, &(0x7f0000000100)="$eJzs3c9vHFcdAPDvjL1tNnFZt/RQKtFWtMiOIGu7Jq3VQ6ESglOlQrkHY2+M5bU3stdpbBXqiD8ACSFAQkJwgQsSB46VUP4EhBSJ3BEgEIIEDhwCg3Z3NjjOrn80u57E/nyk8bx5O7vf79NoZ+e9Gc8EcGq9FBGTEZGlWXY+Iip5fZpPsdOZWuvduf3+QmtKIsve/Xs5kryu+1lP5vNz+dvORMRXvxzxjeTBuBtb2yvz9XptPV+eaq4md7Ns+8Ly6vxSbam2Njs789rc63MX56YH0s7xiHjzi3/+wXd/8aU3f/PZ9/5w6a+T3+40sGN3OwYpifIDdaMRsT6MYAVptaeUly8etPL14ecDAEB/reP9ZyLiUxFxPiox0j6aAwAAAE6S7PNjcTeJyAAAAIATK42IsUjSakRcfbZVTtNqtXMN77NxNq03NpqfySr3xgvGo5ReXq7XpvNrB8ajlLSWZ/JrbLvLr+5Zno2IpyPi+5Vye7m60KgvFjryAQAAAKfHuV39/zQi/lXp9P8BAACAE2b8iOuPDCkPAAAAYHiO2v8HAAAAHj9H7f+/tfnr2SGlAgAAAAzeO2+/3X5Yd/f514tXtzZXGlcvLNY2VqqrmwvVhcb6lepSo7HUvmff6kGfV280rnwu1javTTVrG82pja3tS6uNzbXmpeX248ABAACAAjz94o1bSUTsvFFOu3VP5PNSRNb9V/8Pf/6T54rJEBiW9Cgr/2l4eQDHz6184PQaLToBoDClohMACvfgfuD+I4O+F+/89uDPTu5m2UdMCwAAGKCJT9y41T3U33mj3J53z/8nHxSXFzB8+fn/JCk6EeDYOf8Pp1dn3P+b5aLzAI5fab8jAJ0COPHSQ3zVH+b8f4drAAAAoGhj7SlJq3k/YOzFNK1WI55qPxaglFxertemI+JjEfH7SunJ1vJM+52J4QEAAAAAAAAAAAAAAAAAAAAAAAAAOKQsSyIDAAAATrSI9C9JexxgJCYqr4ztHR94Ivl3pT2PiPd+/O4Pr803m+szrfp/3Ktv/iivf7WIEQwAAABgr24/vduPBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBBunP7/YXudJxx//ZWRIz3ij8aZ9rzM1GKiLP/TGJ01/uSiBgZQPyd6xHxXK/4SSutGM+z2Bs/jYhywfHPDSA+nGY3WvufL/T6/qXxUnve+/s3mk8Pq//+L723/xvps/976pAxnr/5q6m+8a9HPD/ae//TjZ/0if/yIeN//Wvb2/1ey34WMdHz9ye5L9ZUc/XK1MbW9oXl1fml2lJtbXZ25rW51+cuzk1PXV6u1/K/PWN875Mf/ne/9p/tE3/8gPa/csj2/+fmtdsf7xRLe14qxU+zbPLlXvG/9U7WVsn2xu/+9n06/x1oLU90yzud8m4v/PJ3L+zX/sU+7T9o+08esv3nv/KdPx5yVQDgGGxsba/M1+u19cep8Ew8Emk80oU038A9Xiofez7lXmkMqzAfj8gm+KD/JngMCgXulAAAgKH4/0H/fdVpYQkBAAAAAAAAAAAAAAAAAADAKXTQbcBiALcT2xtzp5imAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADs638BAAD//2PM4P8=")
r4 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000100)="5c00000015006bab9e3fe3d86e17aa31026b876c1d0000007ea60847160af36504000a0038001d000d0000009ee517d34460bc24eab556a705251e6182949a3651f60a84c9f4d4930400e7861000bdd7fcf50ea1e190b4714751d0c9", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x8800)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="9feb01001800000000000000300000003000000004000000020000000000000e0300000000000000000000000100000d000000000000600001000000020000000000000c02000000000061"], 0x0, 0x4c, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)

23.306037436s ago: executing program 5 (id=1124):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
syz_emit_ethernet(0x22, &(0x7f0000001b40)={@local, @multicast, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x2, 0x13, 0x14, 0x67, 0x0, 0x2, 0x32, 0x0, @empty, @broadcast}}}}}, 0x0)

23.305562527s ago: executing program 5 (id=1125):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f0000000700)={[{@jqfmt_vfsv1}, {}, {@quota}, {@noauto_da_alloc}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@discard}, {@barrier_val={'barrier', 0x3d, 0x6}}, {@stripe={'stripe', 0x3d, 0x5}}, {@orlov}]}, 0xfc, 0x56f, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hzcpouowmHWsduD24F19kCCIOxD/Adx+H/4B/xUAHQ0bRBxEiN73psjZp2i4z2fL5wG3Pyb23535z7vf2nNyEBDC0jqU/chEvR8Q3ScShlnX5yFYeW9tu9eH1mXRJol7/9M8kkuyx5vZJ9vtAVnkpIn79KuJkbnO71eWV+WK5XFrM6hO1hSsT1eWVU5cWinOludLlqenpM29NT737zts9i/X1839//8ndD898fXz1u5/vH76dxNk4mK1rjeMJ3GitHCv+m5VG4+yGDSd70NggSfp9AOzKSJbno5FeAw7FSJb1wPPvy4ioA0Mqkf8wpJrjgObcvkfz4GfGgw/WJkCN2Mda48+vvTYSextzo/2ryWMzo3S+O96D9tM2fvnjzu10ia1fh9jXpQ6wIzduRsTpfH7z9T/Jrn+7d7rx4vHWNrYxbP9/oJ/upuOfN9qN/3Lr459oM/450CZ3d6N7/ufu96CZjtLx33ttx7/rl67xkaz2QmPMN5pcvFQunY6IFyPiRNS73vo4s3qv3mld6/gvXdL2m2PB7Dju5/c8vs9ssVaMiLFdhvyYBzcjXsm3iz9Z7/+kTf+nz8f5bbZxtHTn1U7rusf/dNV/initbf8/6tZk6/uTE43zYaJ5Vmz2162jv3Vqv9/xp/2/f+v4x5PW+7XVnbfx495/Sp3W7fb8H0s+a5SbSXCtWKstTkaMJR9vfnzq0b7NenP7NP4Tx7e+/rU7/9PJ1+fbjP/WkVsdNx2E/p/dUf/vvHDvoy9+6NT+9vr/zUbpRPZIdv1rLztXtnuAT/r8AQAAAAAAwCDJRcTBSHKF9XIuVyisvb/jSOzPlSvV2smLlaXLs9H4rOx4jOaad7oPtbwfYjJ7P2yzPrWhPh0RhyPi25F9jXphplKe7XfwAAAAAAAAAAAAAAAAAAAAMCAOdPj8f+r3kX4fHfDUNb7YYE+/jwLoh65f+d+Lb3oCBlLX/AeeW/Ifhpf8h+El/2F4yX8YXvIfhpf8h+El/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly711YfXZ9L67NXlpfnK1VOzpep8YWFppjBTWbxSmKtU5sqlwkxlodvfK1cqVyanYunaRK1UrU1Ul1cuLFSWLtcuXFoozpUulEb/l6gAAAAAAAAAAAAAAAAAAADg2VJdXpkvlsulRYWOhfdjIA7jaQa4Zle75wclCoUOhZtZ9+5srz5elAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/8CAAD//4yLMZo=")
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000380), 0xffffffffffffffff)
mkdir(&(0x7f0000005740)='./file0\x00', 0x3b)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='configfs\x00', 0x0, 0x0)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
getdents64(r2, &(0x7f0000000040)=""/138, 0x8a)
getdents(r2, 0x0, 0x22)
sendmsg$FOU_CMD_GET(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000003c0)=ANY=[@ANYBLOB="b4fe0000", @ANYRES16=r1, @ANYBLOB="010200000000000000250300000008000800ac1e0001"], 0x1c}}, 0x4000804)
chdir(&(0x7f0000000240)='./file0\x00')
symlink(&(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
getsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f0000000800)={{{@in=@loopback, @in6=@remote}}, {{@in=@remote}, 0x0, @in=@empty}}, &(0x7f0000000180)=0xe8)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f00000001c0), &(0x7f0000000200)=0xc)
geteuid()
pipe(&(0x7f00000006c0)={<r4=>0xffffffffffffffff})
getsockopt$inet_IP_IPSEC_POLICY(r4, 0x0, 0x10, &(0x7f0000000cc0)={{{@in6=@private1, @in=@loopback}}, {{@in6=@ipv4={""/10, ""/2, @initdev}}, 0x0, @in6=@local}}, &(0x7f0000000280)=0x73)
getsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f0000000a00)={{{@in6=@private2}}, {{@in6=@local}, 0x0, @in6=@dev}}, &(0x7f00000002c0)=0xe8)
lstat(&(0x7f0000000480)='./file1\x00', &(0x7f0000000640))
getgid()
socket$inet6_sctp(0xa, 0x5, 0x84)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r6=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r6, @ANYBLOB="00000000000000001c001a800800028008000200080000003e120000080002001040e5"], 0x44}}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
sendmmsg(r7, &(0x7f0000000000), 0x4000000000001f2, 0x0)
getgroups(0x1, &(0x7f0000000300)=[0xee00])
r8 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)

22.155818443s ago: executing program 5 (id=1137):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000700002c0000000000000004850000002a00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000940)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x16, 0x7, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r2, 0x0, 0xe, 0x0, &(0x7f00000004c0)="0000000000005eefc9bb9fd1b208", 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000040), r3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r0}, 0x18)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000000000007111ae00000000008510000002000000850000000500000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000100)={r4, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x10, &(0x7f0000002e00), 0x0, 0x0, 0xa0, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={r4, 0xe8, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r5 = io_uring_setup(0x332, &(0x7f0000000080)={0x0, 0xfffffffe, 0x10})
io_uring_register$IORING_REGISTER_BUFFERS(r5, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)

19.71710202s ago: executing program 5 (id=1160):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004"], 0x50)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={0x0, r1}, 0x18)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="200000000f14010029b97800fedbdf250d"], 0x20}, 0x1, 0x0, 0x0, 0x40004}, 0x48010)

19.67448085s ago: executing program 33 (id=1160):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004"], 0x50)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={0x0, r1}, 0x18)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="200000000f14010029b97800fedbdf250d"], 0x20}, 0x1, 0x0, 0x0, 0x40004}, 0x48010)

3.292092212s ago: executing program 6 (id=1339):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1810f1", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c30000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x38, '\x00', 0x0, @fallback=0x77, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xd5fcaff2b90ca14f, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000380)='sched_switch\x00', r1}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_NEW(r2, &(0x7f0000004e80)={0x0, 0x0, &(0x7f0000004e40)={&(0x7f0000004dc0)={0x28, 0x0, 0x7, 0x801, 0x0, 0x0, {0x5, 0x0, 0x6}, [@NFACCT_NAME={0x9, 0x1, 'syz0\x00'}, @NFACCT_FLAGS={0x8, 0x5, 0x1, 0x0, 0x7}]}, 0x28}, 0x1, 0x0, 0x0, 0x40005}, 0x4004)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x1c, 0x2, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5, 0x4, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40094}, 0x4008000)
sendmsg$NL80211_CMD_GET_MPP(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB='\x00\x00\x00\b', @ANYRES16=r4, @ANYBLOB="10002dbd7000fbdbdf256b0000000a001a0008021100000100000a001a00ffffffffffff00000a001a0008021100000000000a00060008021100000100000a001a00ffffffffffff0000"], 0x50}, 0x1, 0x0, 0x0, 0x8010}, 0x80)
close(r3)

2.842970268s ago: executing program 6 (id=1342):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x6e, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r3}, 0x18)
ftruncate(r2, 0xc17a)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0xc2d41, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000700000e0000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a30000000000800054000000002600000000c0a01080000000000000000010000000900020073797a32000000003400038030000080080003400000000224000b80200001800e000100636f6e6e6c696d69740000000c00028008000140000000000900010073797a30"], 0xe4}, 0x1, 0x0, 0x0, 0x4718a05f20824a9e}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0xe1f898c0e826aadf)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r5 = socket$inet6(0xa, 0x1, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r5, 0x89f1, &(0x7f00000004c0)={'ip6tnl0\x00', &(0x7f0000000740)={'syztnl1\x00', 0x0, 0x29, 0x0, 0x3, 0x0, 0x0, @local, @local, 0x10, 0x7, 0x2, 0x8}})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r5, 0x89f2, &(0x7f0000000600)={'syztnl1\x00', 0x0})
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10)
setpgid(0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r7, &(0x7f00000000c0)={0x2, 0x4e20, @broadcast}, 0x10)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x2400, 0xc3)
sendmsg$NFT_BATCH(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000840)=ANY=[@ANYBLOB="140000001000010000000000000000000000000aec000000000a01020000000000000000050000020900010073797a300000000008000240000000023c0006e808cf7384552f120183af56c4b2b79056586784bdcd8587885c60e5aa03d08d86c3f3fb99dac62aecd67dae229b4fb1f5e5cc1fdb5a5790010c00044000000000000000027300060019b59eb8f88251e50df3a7832fa66219e3adfb6f7f9e540e5d75f5287b5e577d484288d63bf01771d1421e03c82f09584c5fccf3c638eda875b512ced355"], 0x114}, 0x1, 0x0, 0x0, 0x8004}, 0x4)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x1ff, {0x0, 0x0, 0x0, 0x0, {0xfff2}, {}, {0x8, 0x10}}}, 0x24}}, 0x0)
sendto$inet(r7, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)

2.838001989s ago: executing program 1 (id=1343):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1, <r2=>0xffffffffffffffff}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xcf49ef40c12336e3, 0x18, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b0000000000000004a100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000a1f10a58335bbbab56a8a7b6359569e87ac1527011a57d9fd588a401cbf1626dce755b749e1ea8", @ANYBLOB="e2e7e6b7bbc18041d370a44db49c4abeb30acafb71064d6d7b7f57652240c424d5f30ad2f5c4a01e5af65a2fac5b02262e4e60dbdc4c75542f6f0cf7c7fa9bbb60cea4df5a506b228f626ec89e58dc699418f70ced7b679b3e7cc612cd72381cab35790b3f2c9f81c08bffb6c2825d775b0b7f0bab3aa12ee1e7e09fcb8b946d5d1a2574b8e8e0e23c36e099a0b0cda11d850fac3b596a390e55f7f975", @ANYRES32=r2], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x18)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000140), 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x2, 0x4, 0xc, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000380)={r6}, 0xc)
sendmsg$TIPC_CMD_RESET_LINK_STATS(r5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r3, 0x0, 0x100000001}, 0x18)
add_key(&(0x7f0000000540)='rxrpc\x00', 0x0, &(0x7f0000000100)="01000000020000000000006bb55a2a630bf7c045f94cd977", 0x18, 0xffffffffffffffff)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="200000000f14010029b97800fedbdf250d0045"], 0x20}, 0x1, 0x0, 0x0, 0x40004}, 0x48010)

2.257815237s ago: executing program 3 (id=1346):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000010700000521000000000000bff4000051226395be8d80fe7c0ca643bef058ca00d92b4542c27e6fcc3f341ee9b1ce44be978fcd17bf32fa4e90d4d5a92d785f2eff4c0f51703db449f524510b0d8d463a17b13fca88c59e132a9b64f57c2b702e31ac7ab0d799de5555942ae300002304fc92fdc15a581a40dbb7d2d57ba35b20ad916bc07d50d3f6bc22df1979e9201f6c288ca6c03a3b8d0b7a9019f140810e266583fa65c3d2ad34376697ff10f6a87a427433211c457b064938e5fe69eaac6da2f5af206243", @ANYRES32=r0, @ANYRES64=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = dup(0xffffffffffffffff)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="7472616e733d66642c7266646e6f3d9a83d25630512d6fcfc668e41e22da7e3647062e463a96efc708d0c8ebd9c862fe174549bea545ecefdd76b9b5bf7d073d3758f84d31f817e2af4e1596b4bf05168a00"/98, @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',k'])
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000680)='ext4_ext_remove_space\x00', r1}, 0x18)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r3 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_SET_FORCE_PACK_ID(r3, 0x227b, &(0x7f00000001c0)=0x2001)
fcntl$dupfd(r3, 0x0, r3)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x9, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a0ef01"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000200)='kmem_cache_free\x00', r6}, 0x18)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)
mq_unlink(&(0x7f0000000340)='eth0\x00')
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e00000018"], 0x50}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0xc04, &(0x7f0000000200)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@user_xattr}, {@dioread_lock}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f0000000300), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0)
open(&(0x7f0000000000)='./file2\x00', 0x280, 0x21)
unlink(&(0x7f0000000180)='./file1\x00')
mlockall(0x3)
prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000001000/0x4000)=nil)
syz_io_uring_setup(0x3338, &(0x7f0000000180)={0x0, 0x2418, 0x80, 0xfffffffe, 0x10e}, &(0x7f0000000200), &(0x7f0000000340))
brk(0x400000ffc000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r4}, 0x10)

2.193862958s ago: executing program 0 (id=1347):
mkdir(&(0x7f0000000000)='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x60)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="50020000", @ANYRES16=r1, @ANYBLOB="0100000000000000000001000000080001000000000004000480080002000100000010000c7d0c000b8008000a00b4ed000004000880c8000c8024000900f36aad4208000a156878badf10076800d5441e0f080009002bd49f3b0c00008008000a00697100002c000b800800"], 0x250}}, 0x4c000)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket(0x10, 0x3, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000007c0)={0x20, 0x2, 0x1, 0x201, 0x0, 0x0, {0x1, 0x0, 0x3}, [@CTA_TUPLE_REPLY={0x4}, @CTA_FILTER={0x4}, @CTA_TUPLE_ORIG={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x4008804}, 0x0)
r5 = socket$inet(0x2, 0x1, 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000001040)={'sit0\x00'})
sendmsg$nl_xfrm(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="fc00000019000100000000000000000000000000000000000000000000000002fe8000000000000000000000000000bb00000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000007000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000004400050020010000000000000000000000000000000000022b0000000a000000fc010000000000000000000000000000000000000400"/180], 0xfc}}, 0x0)
setsockopt$SO_BINDTODEVICE(r5, 0x1, 0x19, &(0x7f0000000040)='batadv_slave_0\x00', 0x10)
connect$inet(r5, &(0x7f0000000080)={0x2, 0x0, @broadcast}, 0x10)
io_setup(0x7ff, &(0x7f0000001000))
write(r3, &(0x7f0000000000)="2400000011005f0414f9f40700090400810000000d0000000000000008000f0001000000", 0x24)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x80000001}, 0x18)
getsockname$inet6(r3, &(0x7f0000001080)={0xa, 0x0, 0x0, @private1}, &(0x7f00000010c0)=0x1c)
r7 = syz_io_uring_setup(0x7b, &(0x7f0000000540)={0x0, 0x3bce, 0x10100, 0x0, 0x313}, &(0x7f00000005c0)=<r8=>0x0, &(0x7f0000000100)=<r9=>0x0)
r10 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_tcp_TCP_REPAIR_WINDOW(r10, 0x6, 0x1d, &(0x7f0000000080), &(0x7f00000000c0)=0x14)
syz_io_uring_submit(r8, r9, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x40, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{0x0}, {0x0}], 0x2}, 0x0, 0x40000103})
keyctl$KEYCTL_MOVE(0x1e, 0x0, 0xfffffffffffffffe, 0x0, 0xfe)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x12, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1})
r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r11, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r11, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000ac0)={0x6, 0xb, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000000800a0018010000756c6c2500000000002020207b1af8ff000000009fa100000000000007010000f8ffffffb702000008000000b70300000000080085000000c800000095"], &(0x7f0000000080)='GPL\x00', 0x7, 0x78, &(0x7f0000000b80)=""/120, 0x40f00, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$VT_WAITACTIVE(r11, 0x5607)
io_uring_enter(r7, 0x46f3, 0x0, 0x0, 0x0, 0x0)

2.176408228s ago: executing program 1 (id=1348):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x80000001}, 0x18)
r1 = syz_io_uring_setup(0x7b, &(0x7f0000000540)={0x0, 0x3bce, 0x10100, 0x0, 0x313}, &(0x7f00000005c0)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x40, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{0x0}, {0x0}], 0x2}, 0x0, 0x40000103})
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x12, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r1, 0x46f3, 0x0, 0x0, 0x0, 0x0)

2.145624819s ago: executing program 1 (id=1349):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xb, 0xb76e}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10)
r3 = io_uring_setup(0x6ed0, &(0x7f0000000140)={0x0, 0x49fd, 0x10003, 0x20002, 0x185})
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r4)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r4, 0x0, 0x0)
listen(r5, 0x0)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r6, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
close_range(r3, 0xffffffffffffffff, 0x0)

1.893659663s ago: executing program 6 (id=1351):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0xe644fe9ba65bdedb, 0x5, &(0x7f0000000000)=ANY=[@ANYRES8], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x39)
mlock(&(0x7f0000e1d000/0xe000)=nil, 0xe000)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r2 = socket$kcm(0xa, 0x2, 0x11)
sendmsg$sock(r2, &(0x7f0000000400)={&(0x7f00000006c0)=@in6={0xa, 0x4e20, 0x0, @remote}, 0x80, 0x0, 0x0, &(0x7f0000000140)=[@mark={{0x14, 0x1, 0x51, 0x490}}], 0x18}, 0x24000040)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{r1}, &(0x7f0000000000), &(0x7f0000000040)='%ps    \x00'}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000006c0)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x2000}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x40, 0x7ffc1ffb}]})
r3 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r3, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r4 = socket$netlink(0x10, 0x3, 0x0)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
writev(r4, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
setsockopt$inet_mreqsrc(r3, 0x0, 0x27, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)
prlimit64(0x0, 0xd, &(0x7f0000000140)={0x200000000005, 0x8000000000200003}, 0x0)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000700)="c7f70eb874fc99a5acee1a5d00aab89019f200d3eae1b8541c2c15adef592c806fd37521fea22bf58d2a1dddf6ce34d089df9ad066d80fab74a78eab5b90466846c79e239e8dfd7cc07450740547728c375f0b5ff46a9c24b55021cca5a07dc9a4ab4f67a6e21f9efbbfd1c2d8464ef4dde2224f8bcf394f776ec0603769ca8f43abdbe7e179edef24b1491fd2f8e94ea9d169b3d38eb6ef24a9d1b4", 0x9c}], 0x1)
setpriority(0x1, 0x0, 0xffffffffffffffd1)
r5 = socket$pptp(0x18, 0x1, 0x2)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r6}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f0000000180)={'veth1_vlan\x00', &(0x7f0000000580)=@ethtool_gstrings={0x1b, 0x4, 0xab, "2c0c968fb8843f62f9b56289821cd967f293e383c784f8ce094d8c0483c2df86d868cb71c101f53e0debf274dc811a06200d2cc22fc274e1184e2beb2430f2a85a5f307217382598be166198a159016ff571efd05a42a35b66c8e8227dfc2d981c8cc45e9e07e2fbc90da405c02b67a68eff2f3c4b140351d540786be6d0a4fdbc095e21cf4c20577cfbfa69ba6d78ab6134ad0d7169b58cca2a00a5f273cface7804f6d0169aa09d0265c"}})
socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r8=>0x0})
bind$can_j1939(r7, &(0x7f0000000340)={0x1d, r8, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18)
setsockopt$sock_int(r7, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)

1.873878353s ago: executing program 1 (id=1352):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000040)={0x18, 0x78, 0x601, 0x0, 0x0, "", [@typed={0x7, 0x0, 0x0, 0x0, @str='\a\x00\x00'}]}, 0x18}], 0x1}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$rds(0x15, 0x5, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r3, <r5=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f00000005c0)=r4}, 0x20)
perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x2, @perf_config_ext={0xfffffffffffffffb, 0x7}}, 0x0, 0x0, 0xffffffffffffffff, 0xf)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r2, 0x8933, &(0x7f00000009c0)={'wg0\x00', <r6=>0x0})
sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f0000000b00)={&(0x7f0000000980)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a00)={0x4c, 0x12, 0x300, 0x70bd2a, 0x25dfdbfc, {0x1a, 0x8, 0x5, 0x7f, {0x4e23, 0x4e21, [0x7, 0xfffff706, 0xf, 0x5], [0x2, 0x30000, 0x2, 0x2], r6, [0xfffffffa, 0xaf5]}, 0x8000, 0x2}}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x4044000)
setsockopt$RDS_GET_MR_FOR_DEST(r2, 0x114, 0x7, 0x0, 0x0)
sendmsg(r2, &(0x7f0000000940)={&(0x7f0000000300)=@l2tp={0x2, 0x0, @local, 0x1}, 0x80, &(0x7f00000006c0)=[{&(0x7f0000000380)="2a9eb54bc27201c68fbc0144d10f7194d9b8168c3f103a7da16cb0735ddf0a8c06b408421436", 0x26}, {&(0x7f00000005c0)="b43f75626e45933f33252c336e93105604d67b1b29ba6d20b3a03e78ca726e3a1813f96b9d228d207fbc1ead62f7b3ef177d5fbcfa92d5f8e1bfa8ac5af1f35a10244dc6e13d4d9209ece233ad5ee1c6", 0x50}, {&(0x7f0000000640)="adfe38e07fb78308eed35b436c067b3d54b0c055e76d4a0bca545d36d71bd57706f30c7141b54a73a2188c4c03c6156328f0f7830011712ae63e21b77973cf37953de922db348a084b948790becf1d5dadc2d4c9165c31b1", 0x58}, {&(0x7f0000003000)="97769c72d82d97ae31a4e0416d463164b925c03408b65c7aaafb123fa6b82987e45cd464087fe23decc9b06308161e0b7ee253e24ac7faf676ff967c41544ff187be001dfcc7a721c6a6f05a2a8b66f5b20b8120b868abef2628332d32e900bcfffe00645c197c1571b75b7437a9e44ecef2582f96db47c92aabe4b2dc507621424f837a1f88474730bbb1a1b0b8370018493ef7cddf4528df2d98c9ee247ab84f470c374eec7c2dffbf93cf7b9f35f22ff03765b111c48a77f1b93525749f46b923769281f25df2d48c60be2b0f8f57e3a812e5d5f9f10a88caddfc2dea753252330da7db716be3a81d69b4008de9383e10601a5f651aa60f05e3093a0aa2d5e3124ae37bdc4c4caf1c5279bab7d1d3a70bb46c965a7e9d9d57fd321a2840a98fd6e83052a97b24c926e2eb2d25c1c481c58c8769c87ebabc3a96b931a7cc720c15cd1d0007911b64266b145e09872cb31c00e45621b953a164506d12a2495034b9af3ddaa21fee7e37578e0dd50c11437624ee38fb730a6dbf6b8d3c4c1da1514c6323f1ac11d8ccedd647a1f5d8cb73e5f0fbf024187ab4110616a56a27beb5fba492c82cc163a04643aec0e44e8a0903878199bd31106c33e5c002ea32454933c7b281dacc32ab2b91f7adefe60e80d2366ffe1e14ea1354497f6c8e064247fb2572a1d08cc6036a8986a887db698d63575b6dbdaeb975b10a4ce7aeeccafe0fe7b9c85d9dfa25c688ecf80d66e541e98e88382c9da2341d675d440e1408abc3e12b738a66efde53a270d532b48cad55eb4b5843a1fe24db970dd26c46793df594c31da7b1a095f0c49f04c62f5c31dc322acac3db5b31c0571d9cf2ef1fa34f8ed812edcfeaf882a5beb444060275f4edb8f3371cc9ea9077fe46375cf06d17da2d6d1a395fd41d2274a35a589b83a42eadeaeba288d8626a189cf1e75f897302edc39845df21a56b31a20b5fd9ca371c5dfb741ce88cd3737698c1a14e880a67e39a16d3a2c8c8a71c69e7380038a2635e8dc8a4f6de8fdd6e472311285d044d56f8456645a5c5f5f938a48e1f8c86f3f251e7f86cf49c3378aa23402ab0999aa647eaeaad78098086eb1ca11bbb367598ca8de814ebdefbae6098542009b77c0f7b951f712e94dc926dd466f8b0bda8b6256595efb9bc4fcf5a4b6507c0bbfcc7bdc426491c8e8f979abba5858a9e10f429374dc1a679faffaaa79c126f7cc0ae0616108b77833a11d46ec5972b57bc2532908b6d42f5b4bfe6f4ed96d95d2540616f5ce6f0cd7ba42307fbdeb5fa9f43f5ecd4f5996ad6541c6fcd65b150c12fb47c0607ae4376c921241e9a7c8958590e7dece74371127ed3eb5b93927a74f6ff1a639a1fe361814ba4d2e4c4acf89fdf0e2140613355e46986898a4d9bc5540a9fa070e4b5d77f641fef840e4e003d7a11c01a57abdb9b635f63441b3118bb1f124b98b2384bf45df9ad492d381a346379fa56e05dc983701e62ea4f83e9f67396c0933f7dd6a99d47a6d5f23f277a2e908032c5781448217417aef3d62f4a87b12c985a4342f85736b4f26b17166a856b7d9bfa27da77468686a3947157d851c63272872f65f20d108dddfcfd05f8dba4b844a9dfe17f20e876705a0c832fb0997f6ac0e4668af29b819aebc5a97e83036e81c287da4d116a8139d34abebdeaa78d6ae65e0adb1a4bccfe42e37b8bf390d738c8066013bb1143c1ea0b626a47de68e46ae92fc7c2daedd1887f32682e1ce44d2a97e1a7b9a8943ffb9fda66ba186df55d83a8f93ec2220d2e7c48b040ad2879d34fcd73704b7f78f8113cc4d6c0f1e1c0c3dd7ea6c3382d7b378e13303bfad76b26aee3b5fe473553951cb54b361bc21f887a336ba91f9a8cb2e176be178d9e231deb1ecdaf7003da3f9520c095d525f7bb714cecb093a334e7c981317f1d20348ebbed1c9761658c05be5e556f18f6a47badc693e7a242da090a21663adb1d5182ddc68a61309695790d808efa15e7d985724e5487e1272e03c3a8944589392610b4c1d557a34155e88c6642a94c8b0f511e7509b6ef0bd7e33ee7f4386833e3e05db482b75e3b7b029282a2041c4fbc0218358281a86e19a73195fbd24baad91ea916bbaf70c62eaebf94d88a03d41aa63c05afb5864a3a9ae3cf538f0e076034d7c5680c27d35ef0acfd2d47b4d7bc4a18ee978fe6fc02506a4b41c2a83552d341b0690257cba7f02e8e2e93d51abbcda7fa8787e20ce24c35fbc36c767df6746ce3baf4336c365107ec165f877253fa9c503ebc337e52da7d103181af2dd1d356d5ab50f4aed54da2e8947d18d0587f8219e6c9e18e9da73a21d750c6f9546eff1de4f6d1f1c5c3ff7eb826ce1a9a272c7b0d303723d6bdf33c110e2cdb5fedce93c26b35d5fe5e4d4a59c0dde37c69080bf7894a0e596c5311d1c04547b2eac865fb905a847d2fbc90ad27aaef6248d36ac510945a3980fb6d265b49c52f9d82381ef9f2037b9cd6e12f7b3c0b8f40a99bb23d4a5c8bd82c4297460bc55bf4f44d6f30ee5a95f857cd77e0f9f4656b0ff210350b69b7d97c9f8d057f7cdd1d5dd4ffdb51d00765bbb129a9a6121e829a038a57d3df4ada595daa12e0ffb29c7460a21cc7ddabbcb3ef133162d4019f6daba6dc0162e97f0247993ed85bc1216e0c9bbd342b8f8e9e53d1236270f0ae51fd98e37d6fe66361d2238f5484f6076338172eff3524b95d8558f313e581cea16ac603915ea4a73abe9545c5f1388646f92a7d3411626bddb4d1e7342496d139bb43550e6abcc7df7fc977e11272385624a358efd61417caa881eab6eac35fb05c4c9ed3348d885123ca8945fb723f0e5dccf5a62ad347018a683b43224ba1ecd6c0ff2021063e456b26b8b4621c43017ef3557fa044183f6fece4d21b167a69fe035f3cc63ed4df4c06df14dcd5c32092aa6f71866c4a5b1fa4aa543c7ff653e056a8496a7739fab68374548031c79856b3fb1e028d0a6e31e7ade6fba6eea22315296701788e8c067e2138c308d964d6b7cdb05f53957c2f8e4d1695a5d90f059c82ba377bfad9e0167958b543315fbbffefae256014f28f66f9a90f519e01eac0f93ae28259b421f2cf710a5aeeb25b5efa70c7b0ab93501d1db718ecd4d684b55dfc86ece07c0f35811405f7eda6e50b3704e3b75eaf74fce2483992f4513dee85e78c7d4e39a2f848e30a58c27d94521e9098f88d06094998a4df239fba1c8e04197ce7c78312989517a2101934ae42f5d41e7f53889f2c049c30cc244ef8083d64d80c982a102f322c8405dfdf658e5ee3baf5fa648d73b0cf7725a92ee5a23fcaaa0667b8817aed6f84d9022e71d948abc4074e1a2a31bf80e3c0da634a93fd57aadbba4d0677f37341f09a3b12540483fdf9cf5c03e778169d2e18cc750bc2376838cf350a340ecaf3b303ad0fe0ed53c19c37ab0289bd8c7637dd34ea12d3cff9ffb9719da146f95bacc5ffa30787d7e59e3549c85255a372a9c8995838605c5a47b2f32d8ff579793a5ae17242ea888c158a334d3298f104b449ea3fc989a7ea471831d30350663f40f52d686beebb0b46dad391950b2d65d9fa2d4498e47c343f324b9c4f0f8adc666998e599c2167be8c57c54faccb9ae734ad47704505f90e65fd252170e170f682349f251f71378f0d740abfbe61cefe4b53c2b0362927042461d2f16b8ac42b73306fbdb49699ef208f220bdbd0fbb25c5d8ee71f96ab2034dba40e3e5229c26c25856a0129e9cc21a2939ea490e8abc5a983f7190cac1d1d81c62e3fc55eb614eaa76e47c48a4b394efd9b4894a49ea06e303b82a57cbfb97ee2f77de3dbe3ed033e8e530d65d046dea594a88429f4a4ee815cd6f894f742a3cc8e98a18ac4c0e9e5026e9bfb0f0c3e2817aa68a1e524a607df5fc210486ee6a49c78a4d34351304ea2f78ae07ff3aa897ccac5fb7dd41e0ed62a6d03d65fbfcc661061688538c568c3e09ab2ce0d38369ba072876b03ded4d429649025c65d4b2d60ed2b09b1a30e0af083417ef96d3cf345f47a904ba603877398391c62a7939f3def175b2614a8e4a93fa8bfe495067c7ba98d0e1725095fff4c65166751b8ab5d46020d459741ae44518e9058bece7448016efc175ba609404ebab34ed2a596c16ce13699bc0279d544abfbc36669013b2737a948f344db5af274f0c6b1569c7240d244b1877bc4c64ef5f1915c11feef8c1fe98a11bc7e53ddab1175173624cbec9323a85603d19506c831fd02e2440ff2847c41883aa135e52f88025ce1690459a3e210059416a48bebd3b32f1f407540185126afd16bdfe71adc070d74adec5080c7ddde5e8753a8c6f73afc34e1b0479bf50ece48fec9b63f2dfd300135f338062d191b02f37cb235e8d8fb3074bc71286fa8559f96956f37c302169d61f9b9f889f3122cc263244ca6c9abc0f452143cb70dfa6e273c6c83abd4ae69f765196ff397957e9581570af17e2ca15576e82d46ba9d0796b44d6ff49d8de03f55b8f7f120b670c58a87cdb827598263f8806b2c9a5c7c48a30c48d06da657c49bff52aae9b8a10971f4d1958fe8cd327d7df32ea2407e9b6b616f2acd455a4051195e8c0f1f8bbd984d99dcb418b5eac5b48868dd3c5d1cde3123d5c3c33112095eb89966f8f68275b02058c6fff83a0da8f84440503126cc213b954296169d2441240564652e247935c751baaca22d22064525b66f2b257fe8a009ab077add934b0c5cdef3d0b78ac4b53b6c1557bb9ea51d2ac320ea52c59cfaa4df7d97a9299fc479afe6f8971175df2b7d8b835837f527dca801f8572f670aac568611d165ba99757c66be4ec1ef3a80d41b4a0a79fc8463c27c79980a218cc14ec95a0232a1f1eef9b897f81a05bc6951ca713633d0593397343df45db394306fcae8c0531fdb8141334115884bbc3d656422d36e18fd69cfe318a045e71b38f738842a787f7b48c5e3fec2fcfa01b7e98bb9a241c01565d7b528cc0c52f0d8af69bf7747a6fb1214dfb632618a3ce74c2cc46c493108018cabd45174fab0e70a2d9c6a7aefedb9dbcc150765c212dce164950619443aae2710d381f224474c78f0c16e09c539fd8bba30b03c481a9d1c8d4b8ac017b74de519a5069caa4cc7985d8e5c0532873d2067479eeea160bdc3fece0ce931e0fb297152d87e3c51e638e2297fb8c8cd05ab06994c0fe65e45988b77c218f1bfa833c5558804f11d37b0e5413d327019ad8ed57ff64a301a55cc7f3e06836b119a34894f2d6751d8be7fef3c7ae02c6a5c45c3f6a128aa6a6dec20cf4ae49fc6e97baf6a7d820bf790dbcf6b97ecde1c950f3e889a0750d88965a89e0b12a5c625d5dd8ab3005cee9f45d9cb1f6b39b1362c588aa343da1b283231cdb7f7a2d3857e9118593eba5aaa9d93e1506b9bebe1ca3da54646568040cfd75009d87e0e900a4a578078c4fce0124ba4f62f67c049cda2de7bcf9bf0fb552edb9722822e0729e8d70ef1602dde504d9f44e988a12e46ebac1ac6bd0313b790879bf50d76c79d618e13b01a36b343ea8be25e0d37455047a5dc0e359e1c92db0f5b760dfe7364c63c1924afeff94d13590b1d155e8eac047ce04cca3c894d0890efd25faadcde7938358344d4e9d36428579647d4b1813d2060a3467d463a034774701809025e3e2b26083346b0f3fdf224f58e05334039fe2c6cbc8cdbbc15d9d5847131ef0188d682bb84122742cfaac0ad1484bfee7dc5a4c8bcb63069c7000eefc46d487a6a5cd866e80a7ae31b0210c7d33424c8cfa69094fae7b", 0x1000}], 0x4, &(0x7f0000000b40)=ANY=[@ANYBLOB="c80018f877953f1d88953b6c483f91d447a7a8cd67bdbfde6b634dd980ee67eeaceb074a0550496233e1da432d6d01b38893e576a0b24b9e885f19a3dda1b4d111587940d41440b027be2b74293a278f3d5d2e72817e8e0952698bb5e6633c9a7f05582071d64490910bffb7a3d95867851499a9981c4e6db54a622599cdb34160816d6f3f2a8e89171119987330e32e4159e9d052cb6386372f03d3d1db418f78a2b1c6678e000000000030000000000000000000000054a2000032d89e44db10d530c459e2ec0b4717f20c2c5d9eea670c62e3bceaec9492d9b32000000000000000110100005500000031c610b8582c155f69ba2600000000004800000000000000060000007b010000f7a48542d85fe14ea5d7cd54c05eaf520175f048e5f899c920ebc1da15909c2b036eb5920677af9f08999c2b4e9e8a6d222bc9dd6019312d68000000000000000600000000020000461d3546b8f618ee795c863e4a15de3707a72b19ceb22e1b8c2b30963ccdf007cf6e2790144af8943f150d735e8fb6b9b3eb7156314a487d87f2d9d4a25dd87b1c3f2aa3f446be1c69dbd49656e6759a3a9212a4cc239b00000000000000000001000000000000fb79b19eb08b9e50872fe3ca90462cf4df0772d42a2fc46e782a2d80e79b5e04386877a6f8e2e2f64f8bb9439b24e83f16b62043349cae5b61a600"/514], 0x1c8}, 0x24000010)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000008500000050", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r8}, 0x10)
r9 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x3f)
r10 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r10, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000005c0)="d8000000180081064e81f782db44b904021d080006007c09e8fe55a10a0015000300142603600e1208000f0000000401a8001600a400014005000200036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0)
ioctl$TIOCSETD(r9, 0x5423, &(0x7f00000002c0)=0x1)
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000a80)=ANY=[@ANYRES8, @ANYRESDEC, @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfd32, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r11}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00'}, 0x10)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)

1.567356398s ago: executing program 4 (id=1355):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$rds(0x15, 0x5, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="19000000040000000800000008", @ANYBLOB='Z'], 0x48)
socket$pppoe(0x18, 0x1, 0x0)
mq_open(&(0x7f0000000080)=',\x00', 0x40, 0x20, &(0x7f0000000200)={0x4, 0x6, 0x8, 0x5})
r0 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000140)={[{@abort}, {@nodioread_nolock}, {@block_validity}, {@max_batch_time={'max_batch_time', 0x3d, 0x2}}]}, 0x2, 0x564, &(0x7f0000000700)="$eJzs3c9rHOUbAPBnNtm2afv9NoVSVEQCPVip3TSJPyp4qEfRYkHvddlsQ8mmW7Kb0sSC7cFevEgRRCyId717LN7Fv6KghSIl6MFLZDazaX7sJpt0Y6Lz+cCE992Z3XeenXnevLPvLBtAbo2kfwoRz0fEF0nEsYhIsnWDka0cWd5u8cmtSroksbT04e9Ja7u03n6t9vOOZJXnIuKnzyLOFDa225hfmC7XatXZrD7anLk+2phfOHt1pjxVnapeG5+YOP/6xPhbb77Rt1hfufTn1x88ePf856cWv/rh0fF7SVyIo8urhiKi0ocmbq+ujMRI9p4U48K6Dcf60Nh+kuz1DrAjA1meFyPtA47FQJb1wH/fpxGxBORUIv8hp9rjgPa1/err+Tx4/M7yBdDG+AeXPxuJQ61ro8OLyZoro/R6d7gP7adt/Pjb/XvpEus+TwHYTbfvRMS5wcGN/V+S9X87d66Hbda3of+Df86DdPzzaqfxT2Fl/BMdxj9HOuTuTmyd/4VHfWimq3T893bH8e/KpNXwQFb7X2vMV0yuXK1V077t/xFxOooH0/pm8znnFx8udVu3evyXLmn77bFgth+PBg+ufc5kuVl+lphXe3wn4oWO499k5fgnHY5/+n5c6rGNk9X7L3Vbt3X8bcXtBdajpe8iXu54/J/OaCWbz0+Ots6H0fZZsdEfd0/+0q393uPfHenxP7x5/MPJ6vnaxvbb+PbQX9Vu69bEH72f/weSj1rlA9ljN8vN5uxYxIHk/Y2Pjz99brve3j6N//Spzfu/Tuf/UER83GP8d098/2JP8e/R8Z/c1vHffuHhe59806393vq/11ql09kjvfR/ve7gs7x3AAAAAAAAsN8UIuJoJIXSSrlQKJWW7+84EYcLtXqjeeZKfe7aZLS+KzscxUJ7pvvYqvshxrL7Ydv18XX1iYg4HhFfDgy16qVKvTa518EDAAAAAAAAAAAAAAAAAADAPnGky/f/U78O7PXeAbvOT35Dfm2Z//34pSdgX/L/H/JL/kN+yX/IL/kP+SX/Ib/kP+SX/If8kv8AAAAAAAAAAAAAAAAAAAAAAAAAAADQV5cuXkyXpcUntyppffLG/Nx0/cbZyWpjujQzVylV6rPXS1P1+lStWqrUZ7Z6vVq9fn1sPOZujjarjeZoY37h8kx97lrz8tWZ8lT1crW4suXPuxwZAAAAAAAAAAAAAAAAAAAA/Hs05hemy7VadVZBYUeFwf2xGwp9LjztI4b2soMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIj4OwAA//+HNjY1")
openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
r1 = syz_io_uring_setup(0x70c9, &(0x7f0000000080)={0x0, 0xb8ba, 0x14102, 0x0, 0x13c}, &(0x7f0000000100)=<r2=>0x0, &(0x7f00000007c0)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x3, 0x0, &(0x7f0000000440)=[{&(0x7f0000000580)="1a", 0x38}, {0x0}], 0x2})
io_uring_enter(r1, 0x4d0a, 0x2, 0x7f, 0x0, 0x0)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000000)='./file1\x00', &(0x7f00000001c0), &(0x7f00000006c0)=ANY=[], 0x841, 0x1)
socket$netlink(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000001c0)={{r4}, &(0x7f00000004c0), &(0x7f0000000500)='%pK    \x00'}, 0x20)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000500)={0x0, 0xf8}}, 0x0)
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000080), 0x1200042, 0x0)
r5 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000001000000000000000000851000000600000018000000", @ANYRES32, @ANYRES16=r0], &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000a80)='kfree\x00', r7, 0x0, 0xfffffffffffffffd}, 0x18)
r8 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r8, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000140), 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(r8, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000), 0x13f, 0x5}}, 0x20)
close_range(r6, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r5, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29}, './file0\x00'})

1.567031478s ago: executing program 6 (id=1356):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000480)='page_pool_state_release\x00', r1, 0x0, 0x5}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000300)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, @fallback=0x34, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x8, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x109, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000240)='kfree\x00', r3}, 0x18)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0xc0a85320, &(0x7f00000003c0)={{0x80}, 'port0\x00', 0x511e36599023629, 0x100000, 0x480000f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4})
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r4, 0x0)
r5 = syz_io_uring_setup(0x24fa, &(0x7f00000002c0)={0x0, 0x0, 0x10100}, &(0x7f0000000240)=<r6=>0x0, &(0x7f0000000200)=<r7=>0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r8, &(0x7f00000001c0)=ANY=[@ANYBLOB='2'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r8, 0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_READ_FIXED)
io_uring_enter(r5, 0x2d3e, 0x0, 0x4, 0x0, 0x0)

1.566591338s ago: executing program 0 (id=1357):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, [@ringbuf_output={{0x18, 0x2, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xc}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000001640)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001980)=ANY=[@ANYBLOB="200000001000010700000000000000000a0000000c0002006e6c3830323131"], 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x40050)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
r4 = socket(0x10, 0x80003, 0x0)
write(r4, 0x0, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r5, 0x408c5333, &(0x7f0000000040)={0x0, 0x8b63, 0x1, 'queue0\x00'})
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000640)='./file1\x00', 0x3014850, &(0x7f0000000700)={[{@quota}, {@max_batch_time={'max_batch_time', 0x3d, 0xb1}}, {@grpjquota}, {@norecovery}, {@dioread_lock}]}, 0x1, 0x4e5, &(0x7f0000001700)="$eJzs3d1rHGsZAPBnNkmbtKlJ1YtatBatpEW7mzS2DV7UCKJXBWu9jzHZhJBNNmQ3bROKpPgHCOIXeuWVN4LXIkj/BBUKei8iStG2XpwD55w97Ga2Hzm72eR0P9rk94M3M+/MbJ7nnWXf3XdmmAngyDofEdMR0RcRlyJiJF2eSUts75Tqdk+f3J+rliQqldv/TSJJl9X/V5JOT6YvG4yI73474gfJR+OWNreWZwuF/Hpaz5VX1nKlza3LSyuzi/nF/Or05MS1qetTV6fG29bWG9/8189//Ntv3fjTV+7+Y+Y/F39YTWs4jtXWvdyOFp7vlv3YafpAbV/U9UfE+sFSf2P1pe0Z6HUiAADsS/XH7Ccj4gsR8exXvc4GAAAA6ITK14fjvSSiAgAAABxamdo1sEkmm14LMByZTDa7cw3vp+NEplAslb+8UNxYna+uixiNgczCUiE/nl4rPBoDSbU+UZt/Ub+yqz4ZEacj4qcjQ7V6dq5YmO/1wQ8AAAA4Ik7uGv//f2Rn/A8AAAAcMqO9TgAAAADoOON/AAAAOPyajv+T/u4mAgAAAHTCd27erJZK/fnX83c2N5aLdy7P50vL2ZWNuexccX0tu1gsLtbu2bfS6v8VisW1r8bqxr1cOV8q50qbWzMrxY3V8kztud4zec+JBgAAgO47/fmHf08iYvtrQ7VSdSxdt4+x+nRnswM6KXOwzZNO5QF0X1+vEwB6psUFvn/5bLcSAbrO+XigxcD+Z7vqBzxsAAAAvAnGPvNa5/+dD4S3mIE8HF0f6/z/qfbnAXSfG3zB0dV0jN9yYDDU9lyAHjjeepPBZiv+3OZcAACAjhmulSSTTYf8w5HJZLM7h/hHYyBZWCrkxyPiExHxt5GB49X6RK+TBgAAAAAAAAAAAAAAAAAAAAAAAIC3TKWSRAUAAAA41CIy/07SB/mPjVwY3n184FjyzkhtGhF3f337F/dmy+X1iery/z1fXv5luvxKL45gAAAAALvVx+n1cTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtNPTJ/fn6qWbcR9/IyJGG8Xvj8HadPAPIxFx4lkS/S+9LomIvjbE334QEWcaxU+qacVomsXu+JmIGOpx/JNtiA9H2cNq/zPd6POXifO1aePPX39aXtfj8836v0y9/6v1c436v1P7jHH20e9zTeM/iDjb37j/qcdPXrP//f73traarav8JmKs4fdP8kqsXHllLVfa3Lq8tDK7mF/Mr05OTlybuj51dWo8t7BUyKd/G8b4yef++MFe7T/RJP5oi/Zf2Gf7339078mn9oh/8Yu7479be//P7BG/uu+/lH4PVNeP1ee3d+Zfdu53fz23V/vnm7S/1ft/cZ/tv3TrR//c56YAQBeUNreWZwuF/LqZt3Jm4LC9g8O9TmMoer8T2jhzK/2gH/jlPe6YAACAtnvxo7/XmQAAAAAAAAAAAAAAAAAAAMDR1fGbkB1/9c4Cg71rKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAnj4MAAD//zZU0wo=")
unlink(&(0x7f0000000100)='./file1\x00')
r6 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_DEL_MIF(r6, 0x29, 0xc8, 0x0, 0xc000000)
setsockopt$MRT6_ADD_MFC_PROXY(r6, 0x29, 0xd0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000001580)={0x8ab, 0x8000, 0x64868eb2, 0xe2, <r7=>0x0}, &(0x7f00000015c0)=0x10)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r6, 0x84, 0x6, &(0x7f0000001600)={r7, @in6={{0xa, 0x4e24, 0x0, @mcast2, 0x1}}}, &(0x7f00000016c0)=0x84)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, 0x0)
r8 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0)
ioctl$SG_GET_VERSION_NUM(r8, 0x2284, &(0x7f0000000080))
syz_read_part_table(0x104c, &(0x7f0000000000)="$eJzsz7sNwkAQBNA5f5DdBU1RkJshoAUSOiIhxsh3JqAABMF7yWo0qz1d+Knr3CXpk7KlKRnX3MqWhto/3lWytNnlUOc6Zsw0HM9Tv8XnvlVam/v8+dDSzteV/WLJ6fL9HwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/3sFAAD//1s1CY4=")
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000215c0000000c0a01030000000000000000070000000900020073797a31000000000900010073797a3000000000300003802c0000800400018024000b8010000180090001006c6173740000000010000180090001006c617374"], 0xe0}, 0x1, 0x0, 0x0, 0x10}, 0x0)
bind$inet(r3, &(0x7f0000000200)={0x2, 0x4e24, @multicast2}, 0x10)
setsockopt$inet6_tcp_TCP_ULP(r4, 0x6, 0x1f, &(0x7f0000000100), 0x4)

1.37853404s ago: executing program 6 (id=1358):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
unshare(0x8000000)
semget$private(0x0, 0x4000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$team(0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r2 = syz_io_uring_setup(0x1725, &(0x7f0000000100)={0x0, 0x1b2f, 0x800, 0x1, 0x333}, &(0x7f0000000400)=<r3=>0x0, &(0x7f0000000200)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000240)=0xfffffc04, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000180)=@IORING_OP_SENDMSG={0x9, 0x1c, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000005c0)=[{0x0}, {0x0}], 0x2}, 0x0, 0x4080})
io_uring_enter(r2, 0x47f6, 0x0, 0x0, 0x0, 0x0)

1.291475792s ago: executing program 4 (id=1359):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00'}, 0x10)
r0 = io_uring_setup(0x6ed0, &(0x7f0000000140)={0x0, 0x49fd, 0x10003, 0x20002, 0x185})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r1)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c)
listen(r2, 0x0)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
close_range(r0, 0xffffffffffffffff, 0x0)

1.044458885s ago: executing program 6 (id=1360):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000cae1c6cd0ccf9e95890ec50ccea302fe77eb41bdafd9d7a3b47e5cb4fbcffa13283ab23ecbfbbda06cdf2c9cc665d5d91561ff4eac5ad6f4eeff01fba761cbc56b211d442e65ff384385253d58389babf34d3f64636061ef4b8a1c879cb6711e5d2d341ce233694e5ee90fd67ead58a8c035017f3f24bef002f1ea252103", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0, <r1=>0xffffffffffffffff}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f80f25ffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYRES8=r1], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
fcntl$setlease(r2, 0x400, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x106, 0x40001, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x2, @perf_config_ext={0x0, 0x10000}, 0x1320, 0xfffffffd, 0x3, 0x7, 0x4, 0x1088f105, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002380)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f00000001c0)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r4)
r5 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x0, 0x81, 0x1ff, 0x1, 0x1}, 0x1c)
recvmmsg$unix(r5, &(0x7f0000001e40)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000980)=""/4096, 0x1000}], 0x1}}], 0x1, 0x400122a0, 0x0)
sendmmsg(r5, &(0x7f00000030c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x9200000000000000)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
ioctl$INCFS_IOC_CREATE_FILE(r2, 0xc058671e, &(0x7f0000000580)={{'\x00', 0x3}, {0x8}, 0xf, 0x0, 0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000003c0)='./file0/file0\x00', &(0x7f0000000780), 0x0, 0x0, &(0x7f0000000980)={0x2, 0x15d, {0x0, 0xc, 0xf9, "a39d075f09fd118d93829d318c29e6b440824413b38cb82c38773347b014433e0197593d501bdbbdd216a583742262a62f05f5d0d755dd4848c3f6e5b24e9065bbda21b7fa49969a844af0d805b631512137295bf0e1091f453dd20d8f824bd208fa4b30a08f038adf7034236632416b57f95ad50cfde8c65ccd9be8c4f0b569e415ca39e77a759c8efbadcb434471a2dac210c798c8495fbc80c3b2ff162f4c1b3fa991f734a3a51bb5ad8aeae131065754380fa7e69e9078c09a271735e8688e875f01f7290452c383c15749cef758eeb2dc44cd0ed54499e9a66251df3d40d7e3f6cbdb9a2afdbf40ca9fbf9f185699aa927d1b9eda020e", 0x57, "494c5075eb8b4284fcdf7af958665a927ac80029caabbfd73a67ca55cb91264fb12d1c9c5ae9efedbe0f764fc04910a27182a74c939be3f4f36b4b9b37141b8dc3be1bb4f82d250a8c0afa0a18e72d0dddef44285db641"}, 0xe1, "1b0e32e238a78937189a6cd892e13b7249cf6fea977eba0dd9052dcea5faf36949808521f6287e2adcbe335a6b1f74353f3e53f27b39abdea3b62758479664a0793bf96268cfbb7ed02d1ded94941110e005dcc63f10308950949c5895143ad95f650f6905e5dfdb90ffcc944a0575756dbf81d7c15577e43d31f92a4dd0bea9c092f213869105cd1582a2296fb9daf0009c351911023e25f3f625367d9b4f902a744b45f2a0ba3bca3883984be24649d0b9708ddb338b1d9507e20d9c2b17354f3fa5ee0799523ef69e282d410b04f41245ec05707b489d7f68e63451bf9db54b"}, 0x24a})
ioctl$EXT4_IOC_SWAP_BOOT(0xffffffffffffffff, 0x6611)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
socket$packet(0x11, 0xa, 0x300)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f288476d2610054c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r7, 0x0, 0x7}, 0x18)
syz_emit_ethernet(0x6a, &(0x7f0000000d00)=ANY=[@ANYBLOB="aaaaaaaaaaaa424e1aa2e0d4001190780a010101ac14142900004e2000006d4dfdeb8cf7bbfe143803bec2ce783e0402000000dd8ddec71cb8adfce542a4bc5a026c208f9a7dd21809a5d0c45787e4aa384e3d26b21ea3dea5434075262d471dfb3edaed84f2ee306e49e84d755aa3527d707195fc2c0e5e53926972c8f09c0dedf616df1e4fd200"/145], 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r8, 0x5, 0xb68, 0x6, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x9, 0x6, 0x0)
mremap(&(0x7f00003c9000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f00001de000/0x2000)=nil)
mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)

1.044023825s ago: executing program 4 (id=1361):
personality(0x4600005)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYRESHEX], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f00000002c0)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000020000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$kcm(0x10, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@newtaction={0x88, 0x30, 0x1, 0x0, 0x0, {0x0, 0x0, 0x1300}, [{0x74, 0x1, [@m_mirred={0x70, 0x1, 0x0, 0x0, {{0xb}, {0x44, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x4, {{0xffdff7e8, 0x8000}}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x1, 0x0, 0x1, 0x400, 0xfffffff7}, 0x3}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000800)=ANY=[@ANYBLOB="1c0000003e000701fcfffffffedbdf25017c0000060004"], 0x1c}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
pipe(&(0x7f0000000080))
syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/time\x00')
r5 = socket(0x10, 0x3, 0x0)
write(r5, &(0x7f0000000000)="3c00000058001f000307f4f9002304000a04d65f0800010002010002170003800500000099db973b91aa057972513500b0406700912deb5b85932234", 0x3c)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a08000000000000080007000800000900000012", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000400)={0x0, 'batadv0\x00', {0x5}})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r7=>0x0})
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=@newtfilter={0x24, 0x11, 0x1, 0x691522eb, 0x0, {0x0, 0x0, 0x74, r7, {0x10, 0x4}, {}, {0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0) (fail_nth: 4)

993.907196ms ago: executing program 0 (id=1362):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xb, 0xb76e}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10)
r3 = io_uring_setup(0x6ed0, &(0x7f0000000140)={0x0, 0x49fd, 0x10003, 0x20002, 0x185})
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r4)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c)
listen(r5, 0x0)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r6, 0x0, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)

990.308196ms ago: executing program 3 (id=1363):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a20299ce512b165"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
utimes(&(0x7f0000000040)='./file0\x00', 0x0)

630.345501ms ago: executing program 4 (id=1364):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000400008500000072000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
syz_emit_ethernet(0x22, &(0x7f0000001b40)={@local, @multicast, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x2, 0x13, 0x14, 0x67, 0x0, 0x2, 0x32, 0x0, @empty, @broadcast}}}}}, 0x0)

629.768291ms ago: executing program 0 (id=1365):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
r2 = io_uring_setup(0x6ed0, &(0x7f0000000140)={0x0, 0x49fd, 0x10003, 0x20002, 0x185})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r3)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c)
listen(r4, 0x0)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r5, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
close_range(r2, 0xffffffffffffffff, 0x0)

622.868271ms ago: executing program 3 (id=1366):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x4)
mkdir(&(0x7f0000000000)='./control\x00', 0x0)
mount$bind(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)='./control\x00', 0x0, 0x2000, 0x0) (fail_nth: 7)

360.525135ms ago: executing program 4 (id=1367):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = timerfd_create(0x7, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f00000001c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x64, 0x64, 0x4, [@type_tag={0x5, 0x0, 0x0, 0x12, 0x1}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x1, 0x4}}, @const={0xe, 0x0, 0x0, 0xa, 0x5}, @union={0xb, 0x1, 0x0, 0x5, 0x1, 0x0, [{0x7, 0x4, 0x2}]}, @var={0x6, 0x0, 0x0, 0xe, 0x1, 0x1}, @func={0xa, 0x0, 0x0, 0xc, 0x1}]}, {0x0, [0x0, 0x61]}}, &(0x7f0000000240)=""/247, 0x80, 0xf7, 0x0, 0x4, 0x10000, @value}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000080)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70400e0ba91fffc3a0170f1ac000800000085000000950000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @fallback=0x8, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(0xffffffffffffff9c, 0x0, r3, 0x0, 0x46)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r4}, 0x10)
timerfd_gettime(r0, &(0x7f0000001200))

334.146646ms ago: executing program 1 (id=1368):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000181200", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0xf2de1000)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)

227.092537ms ago: executing program 4 (id=1369):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1, <r2=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xcf49ef40c12336e3, 0x18, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b0000000000000004a100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000a1f10a58335bbbab56a8a7b6359569e87ac1527011a57d9fd588a401cbf1626dce755b749e1ea8", @ANYBLOB="e2e7e6b7bbc18041d370a44db49c4abeb30acafb71064d6d7b7f57652240c424d5f30ad2f5c4a01e5af65a2fac5b02262e4e60dbdc4c75542f6f0cf7c7fa9bbb60cea4df5a506b228f626ec89e58dc699418f70ced7b679b3e7cc612cd72381cab35790b3f2c9f81c08bffb6c2825d775b0b7f0bab3aa12ee1e7e09fcb8b946d5d1a2574b8e8e0e23c36e099a0b0cda11d850fac3b596a390e55f7f975", @ANYRES32=r2], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x18)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000140), 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x2, 0x4, 0xc, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000380)={r5}, 0xc)
sendmsg$TIPC_CMD_RESET_LINK_STATS(r4, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
add_key(&(0x7f0000000540)='rxrpc\x00', 0x0, &(0x7f0000000100)="01000000020000000000006bb55a2a630bf7c045f94cd977", 0x18, 0xffffffffffffffff)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="200000000f14010029b97800fedbdf250d0045"], 0x20}, 0x1, 0x0, 0x0, 0x40004}, 0x48010)

226.826517ms ago: executing program 3 (id=1370):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
unshare(0x8000000)
semget$private(0x0, 0x4000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$team(0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r2 = syz_io_uring_setup(0x1725, &(0x7f0000000100)={0x0, 0x1b2f, 0x800, 0x1, 0x333}, &(0x7f0000000400)=<r3=>0x0, &(0x7f0000000200)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000240)=0xfffffc04, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000180)=@IORING_OP_SENDMSG={0x9, 0x1c, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000005c0)=[{0x0}, {0x0}], 0x2}, 0x0, 0x4080})
io_uring_enter(r2, 0x47f6, 0x0, 0x0, 0x0, 0x0)

112.142689ms ago: executing program 0 (id=1371):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x4)
mkdir(&(0x7f0000000000)='./control\x00', 0x0)
r0 = socket(0x400000000010, 0x3, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@newqdisc={0x8c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x83, [0x9, 0x8, 0xb, 0xd, 0xe, 0x0, 0x1, 0x0, 0x4, 0x4, 0xc, 0x10, 0x4, 0x50, 0x7, 0x6], 0x0, [0x8, 0x2, 0x59, 0x9, 0x6, 0xfff7, 0x5, 0x5, 0x6, 0xe, 0x9, 0xa223, 0x6, 0x4, 0x2, 0xc], [0xa, 0xff81, 0x2d, 0x8, 0x5, 0x3, 0x7ff, 0x7ff, 0x81, 0x7fff, 0x3, 0x7, 0x6, 0x7189, 0x20bf, 0x22]}}]}}]}, 0x8c}}, 0x0)
setsockopt$IP_VS_SO_SET_TIMEOUT(r0, 0x0, 0x48a, &(0x7f0000000100)={0xc96f, 0xffffff81, 0x5}, 0xc)
prctl$PR_SET_VMA(0x23, 0x0, &(0x7f000098b000/0x2000)=nil, 0x2000, &(0x7f0000000040)='))$/^\x00')
mount$bind(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)='./control\x00', 0x0, 0x2000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./control\x00', &(0x7f00000000c0), 0x0, 0x0)

91.290099ms ago: executing program 3 (id=1372):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00'}, 0x10)
r1 = io_uring_setup(0x6ed0, &(0x7f0000000140)={0x0, 0x49fd, 0x10003, 0x20002, 0x185})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r2)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c)
listen(r3, 0x0)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
close_range(r1, 0xffffffffffffffff, 0x0)

22.31379ms ago: executing program 0 (id=1373):
r0 = getpid() (async)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000000), 0xffffffffffffffff) (async, rerun: 64)
r1 = socket$key(0xf, 0x3, 0x2) (rerun: 64)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x18) (async, rerun: 64)
sendmsg$key(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=ANY=[@ANYBLOB="02130000050000000000000000000000030008"], 0x28}}, 0x0) (async, rerun: 64)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) (async, rerun: 32)
r4 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xff, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async, rerun: 32)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) (async, rerun: 32)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x1, 0x0, 0x0, 0x41000, 0x37, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200, @void, @value}, 0x94) (async, rerun: 32)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r5}, &(0x7f0000000180), &(0x7f00000001c0)=r4}, 0x20) (async)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/partitions\x00', 0x0, 0x0) (async)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r6}, 0x10)
mount_setattr(r3, &(0x7f0000001d80)='.\x00', 0x0, &(0x7f0000001dc0)={0x0, 0x0, 0x80000}, 0x20)
syz_pidfd_open(r0, 0x0) (async)
r7 = syz_open_procfs$namespace(r0, &(0x7f0000000280)='ns/time_for_children\x00')
setns(r7, 0x8000000) (async)
r8 = syz_clone(0x16040000, 0x0, 0x0, 0x0, 0x0, 0x0)
setuid(0xee00) (async, rerun: 64)
r9 = syz_pidfd_open(r8, 0x0) (rerun: 64)
setns(r9, 0x10000000)

20.89719ms ago: executing program 3 (id=1383):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0) (async)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) (async)
r2 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
sendmsg$NFT_MSG_GETSETELEM(r2, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3c0000000d0a00000000000000000000010000061c0003000800008014000b80100001800a00010071756571650000000900010073797a3100000000"], 0x3c}, 0x1, 0x0, 0x0, 0x4000040}, 0x1) (async)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
r4 = openat$binfmt(0xffffffffffffff9c, r3, 0x42, 0x1ff)
close(r4) (async)
r5 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
execveat$binfmt(0xffffffffffffff9c, r5, 0x0, 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f0000000200)=""/166}, 0x20)
r6 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
readahead(r6, 0x1, 0xe) (async)
perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x9, 0x10000, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x803}, 0x0, 0x800, 0xffffffffffffffff, 0x0) (async)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6_vti0\x00', 0x200}) (async)
ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x89f1, &(0x7f0000000080))

0s ago: executing program 1 (id=1374):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r0, 0x0, 0x80}, 0x18)
rt_sigaction(0x19, &(0x7f0000000000)={0xfffffffffffffffc, 0x44000006, 0x0}, 0x0, 0x8, &(0x7f0000000440))
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000181100"/20, @ANYRES8=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000208500000004"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x10000000, 0xfffffffffffffd82, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
syz_emit_ethernet(0x32, &(0x7f0000000000)={@random="e90c610faca2", @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0xe000, 0x3, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x10, 0x0, @opaque="24dc6170e1e03185"}}}}}, 0x0)
syz_emit_ethernet(0x32, &(0x7f0000000080)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1f}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x2, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x7, 0x10, 0x0, @gue={{0x2, 0x1, 0x3, 0xfd, 0x100, @val=0x80}}}}}}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='workqueue_queue_work\x00', r2}, 0x18)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='workqueue_queue_work\x00', r5}, 0x10)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000080)={<r6=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r6, 0x1, 0x1d, &(0x7f00000001c0), 0x4)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r7}, 0x10)
arch_prctl$ARCH_GET_XCOMP_PERM(0x1022, &(0x7f00000004c0))
r8 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
fchdir(r8)
r9 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents(r9, &(0x7f0000000bc0)=""/116, 0x74)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
getdents(r9, &(0x7f0000001fc0)=""/184, 0xb8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000080000085000000d0000000a50000009700000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0xffffffffffffff0f, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

kernel console output (not intermixed with test programs):

x10/0x10
[   92.856873][ T6317]  ? vfs_write+0x75e/0x8e0
[   92.856900][ T6317]  ? __rcu_read_unlock+0x4f/0x70
[   92.856938][ T6317]  ? __fget_files+0x184/0x1c0
[   92.856975][ T6317]  __secure_computing+0x82/0x150
[   92.857072][ T6317]  syscall_trace_enter+0xcf/0x1e0
[   92.857106][ T6317]  do_syscall_64+0xac/0x200
[   92.857137][ T6317]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   92.857165][ T6317]  ? clear_bhb_loop+0x40/0x90
[   92.857188][ T6317]  ? clear_bhb_loop+0x40/0x90
[   92.857251][ T6317]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.857279][ T6317] RIP: 0033:0x7fe83f58e929
[   92.857299][ T6317] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   92.857321][ T6317] RSP: 002b:00007fe83dbf7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000eb
[   92.857341][ T6317] RAX: ffffffffffffffda RBX: 00007fe83f7b5fa0 RCX: 00007fe83f58e929
[   92.857358][ T6317] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000040
[   92.857371][ T6317] RBP: 00007fe83dbf7090 R08: 0000000000000000 R09: 0000000000000000
[   92.857384][ T6317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   92.857419][ T6317] R13: 0000000000000000 R14: 00007fe83f7b5fa0 R15: 00007ffe57db9fc8
[   92.857445][ T6317]  </TASK>
[   93.144127][ T6323] SELinux:  Context system_u:object_r:net_conf_t:s0 is not valid (left unmapped).
[   93.219590][ T6327] loop3: detected capacity change from 0 to 512
[   93.231031][ T6327] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   93.346717][ T6327] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   93.423497][ T6327] ext4 filesystem being mounted at /240/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   93.676366][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.861755][ T6344] netlink: 'syz.4.1042': attribute type 1 has an invalid length.
[   93.870505][ T6344] __nla_validate_parse: 7 callbacks suppressed
[   93.870521][ T6344] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1042'.
[   94.147198][ T6349] FAULT_INJECTION: forcing a failure.
[   94.147198][ T6349] name failslab, interval 1, probability 0, space 0, times 0
[   94.161016][ T6349] CPU: 0 UID: 0 PID: 6349 Comm: syz.3.1041 Not tainted 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(voluntary) 
[   94.161054][ T6349] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   94.161071][ T6349] Call Trace:
[   94.161081][ T6349]  <TASK>
[   94.161092][ T6349]  __dump_stack+0x1d/0x30
[   94.161119][ T6349]  dump_stack_lvl+0xe8/0x140
[   94.161169][ T6349]  dump_stack+0x15/0x1b
[   94.161260][ T6349]  should_fail_ex+0x265/0x280
[   94.161283][ T6349]  should_failslab+0x8c/0xb0
[   94.161309][ T6349]  __kmalloc_node_noprof+0xa9/0x410
[   94.161345][ T6349]  ? __vmalloc_node_range_noprof+0x3f9/0xe00
[   94.161460][ T6349]  __vmalloc_node_range_noprof+0x3f9/0xe00
[   94.161570][ T6349]  ? rep_movs_alternative+0xf/0x90
[   94.161612][ T6349]  ? fixup_exception+0x72e/0xd00
[   94.161641][ T6349]  ? selinux_capable+0x1f9/0x270
[   94.161661][ T6349]  ? bpf_prog_alloc_no_stats+0x47/0x390
[   94.161747][ T6349]  __vmalloc_noprof+0x83/0xc0
[   94.161786][ T6349]  ? bpf_prog_alloc_no_stats+0x47/0x390
[   94.161832][ T6349]  bpf_prog_alloc_no_stats+0x47/0x390
[   94.161912][ T6349]  ? bpf_prog_alloc+0x2a/0x150
[   94.161984][ T6349]  bpf_prog_alloc+0x3c/0x150
[   94.162026][ T6349]  bpf_prog_load+0x514/0x1070
[   94.162137][ T6349]  ? security_bpf+0x2b/0x90
[   94.162170][ T6349]  __sys_bpf+0x51d/0x790
[   94.162230][ T6349]  __x64_sys_bpf+0x41/0x50
[   94.162263][ T6349]  x64_sys_call+0x2478/0x2fb0
[   94.162285][ T6349]  do_syscall_64+0xd2/0x200
[   94.162370][ T6349]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   94.162406][ T6349]  ? clear_bhb_loop+0x40/0x90
[   94.162433][ T6349]  ? clear_bhb_loop+0x40/0x90
[   94.162567][ T6349]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.162662][ T6349] RIP: 0033:0x7ff4b4abe929
[   94.162684][ T6349] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.162706][ T6349] RSP: 002b:00007ff4b3127038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   94.162730][ T6349] RAX: ffffffffffffffda RBX: 00007ff4b4ce5fa0 RCX: 00007ff4b4abe929
[   94.162743][ T6349] RDX: 0000000000000094 RSI: 00002000000000c0 RDI: 0000000000000005
[   94.162755][ T6349] RBP: 00007ff4b3127090 R08: 0000000000000000 R09: 0000000000000000
[   94.162767][ T6349] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   94.162832][ T6349] R13: 0000000000000001 R14: 00007ff4b4ce5fa0 R15: 00007ffde5e9a218
[   94.162853][ T6349]  </TASK>
[   94.162861][ T6349] syz.3.1041: vmalloc error: size 4096, failed to allocated page array size 8, mode:0x500dc2(GFP_HIGHUSER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null)
[   94.309636][ T6351] random: crng reseeded on system resumption
[   94.311405][ T6349] ,cpuset=/,mems_allowed=0
[   94.311446][ T6349] CPU: 0 UID: 0 PID: 6349 Comm: syz.3.1041 Not tainted 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(voluntary) 
[   94.311495][ T6349] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   94.311511][ T6349] Call Trace:
[   94.311520][ T6349]  <TASK>
[   94.311531][ T6349]  __dump_stack+0x1d/0x30
[   94.311564][ T6349]  dump_stack_lvl+0xe8/0x140
[   94.311594][ T6349]  dump_stack+0x15/0x1b
[   94.311619][ T6349]  warn_alloc+0x12b/0x1a0
[   94.311718][ T6349]  ? should_failslab+0x8c/0xb0
[   94.311761][ T6349]  __vmalloc_node_range_noprof+0x497/0xe00
[   94.311845][ T6349]  ? rep_movs_alternative+0xf/0x90
[   94.311893][ T6349]  ? fixup_exception+0x72e/0xd00
[   94.311962][ T6349]  ? selinux_capable+0x1f9/0x270
[   94.312005][ T6349]  ? bpf_prog_alloc_no_stats+0x47/0x390
[   94.312138][ T6349]  __vmalloc_noprof+0x83/0xc0
[   94.312255][ T6349]  ? bpf_prog_alloc_no_stats+0x47/0x390
[   94.312305][ T6349]  bpf_prog_alloc_no_stats+0x47/0x390
[   94.312419][ T6349]  ? bpf_prog_alloc+0x2a/0x150
[   94.312466][ T6349]  bpf_prog_alloc+0x3c/0x150
[   94.312514][ T6349]  bpf_prog_load+0x514/0x1070
[   94.312555][ T6349]  ? security_bpf+0x2b/0x90
[   94.312627][ T6349]  __sys_bpf+0x51d/0x790
[   94.312686][ T6349]  __x64_sys_bpf+0x41/0x50
[   94.312729][ T6349]  x64_sys_call+0x2478/0x2fb0
[   94.312773][ T6349]  do_syscall_64+0xd2/0x200
[   94.312934][ T6349]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   94.312982][ T6349]  ? clear_bhb_loop+0x40/0x90
[   94.313015][ T6349]  ? clear_bhb_loop+0x40/0x90
[   94.313078][ T6349]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.313112][ T6349] RIP: 0033:0x7ff4b4abe929
[   94.313137][ T6349] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.313172][ T6349] RSP: 002b:00007ff4b3127038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   94.313220][ T6349] RAX: ffffffffffffffda RBX: 00007ff4b4ce5fa0 RCX: 00007ff4b4abe929
[   94.313238][ T6349] RDX: 0000000000000094 RSI: 00002000000000c0 RDI: 0000000000000005
[   94.313256][ T6349] RBP: 00007ff4b3127090 R08: 0000000000000000 R09: 0000000000000000
[   94.313274][ T6349] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   94.313292][ T6349] R13: 0000000000000001 R14: 00007ff4b4ce5fa0 R15: 00007ffde5e9a218
[   94.313321][ T6349]  </TASK>
[   94.313349][ T6349] Mem-Info:
[   94.566316][ T6356] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1043'.
[   94.570144][ T6349] active_anon:48654 inactive_anon:0 isolated_anon:870
[   94.570144][ T6349]  active_file:5451 inactive_file:19128 isolated_file:0
[   94.570144][ T6349]  unevictable:8867 dirty:268 writeback:0
[   94.570144][ T6349]  slab_reclaimable:3100 slab_unreclaimable:14370
[   94.570144][ T6349]  mapped:35470 shmem:46240 pagetables:940
[   94.570144][ T6349]  sec_pagetables:0 bounce:0
[   94.570144][ T6349]  kernel_misc_reclaimable:0
[   94.570144][ T6349]  free:1834016 free_pcp:10393 free_cma:0
[   94.750037][ T6349] Node 0 active_anon:190904kB inactive_anon:0kB active_file:21804kB inactive_file:83240kB unevictable:204kB isolated(anon):0kB isolated(file):0kB mapped:139816kB dirty:1072kB writeback:0kB shmem:178696kB writeback_tmp:0kB kernel_stack:3136kB pagetables:3760kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[   94.780215][ T6349] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   94.809713][ T6349] lowmem_reserve[]: 0 2882 7861 7861
[   94.815193][ T6349] Node 0 DMA32 free:2947832kB boost:0kB min:4132kB low:7060kB high:9988kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2951460kB mlocked:0kB bounce:0kB free_pcp:3628kB local_pcp:100kB free_cma:0kB
[   94.847284][ T6349] lowmem_reserve[]: 0 0 4978 4978
[   94.852682][ T6349] Node 0 Normal free:4372784kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB free_highatomic:0KB active_anon:161412kB inactive_anon:0kB active_file:21804kB inactive_file:83320kB unevictable:112kB writepending:1060kB present:5242880kB managed:5098232kB mlocked:112kB bounce:0kB free_pcp:103560kB local_pcp:32860kB free_cma:0kB
[   94.888504][ T6349] lowmem_reserve[]: 0 0 0 0
[   94.893357][ T6349] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   94.906923][ T6349] Node 0 DMA32: 4*4kB (M) 3*8kB (M) 3*16kB (M) 1*32kB (M) 2*64kB (M) 2*128kB (M) 3*256kB (M) 3*512kB (M) 4*1024kB (M) 2*2048kB (M) 717*4096kB (M) = 2947832kB
[   94.924697][ T6349] Node 0 Normal: 243*4kB (UME) 149*8kB (UME) 91*16kB (UM) 83*32kB (UME) 38*64kB (UM) 20*128kB (UM) 8*256kB (UM) 5*512kB (UM) 3*1024kB (UE) 3*2048kB (U) 1063*4096kB (UM) = 4379140kB
[   94.944311][ T6349] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[   94.954380][ T6349] 57049 total pagecache pages
[   94.959371][ T6349] 0 pages in swap cache
[   94.963806][ T6349] Free swap  = 124996kB
[   94.968251][ T6349] Total swap = 124996kB
[   94.972793][ T6349] 2097051 pages RAM
[   94.976763][ T6349] 0 pages HighMem/MovableOnly
[   94.981570][ T6349] 80788 pages reserved
[   94.988233][ T6355] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1043'.
[   95.061313][ T6361] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1046'.
[   95.205465][ T6371] FAULT_INJECTION: forcing a failure.
[   95.205465][ T6371] name failslab, interval 1, probability 0, space 0, times 0
[   95.219205][ T6371] CPU: 0 UID: 0 PID: 6371 Comm: syz.1.1049 Not tainted 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(voluntary) 
[   95.219245][ T6371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   95.219314][ T6371] Call Trace:
[   95.219324][ T6371]  <TASK>
[   95.219335][ T6371]  __dump_stack+0x1d/0x30
[   95.219435][ T6371]  dump_stack_lvl+0xe8/0x140
[   95.219462][ T6371]  dump_stack+0x15/0x1b
[   95.219483][ T6371]  should_fail_ex+0x265/0x280
[   95.219512][ T6371]  should_failslab+0x8c/0xb0
[   95.219600][ T6371]  kmem_cache_alloc_node_noprof+0x57/0x320
[   95.219633][ T6371]  ? __alloc_skb+0x101/0x320
[   95.219657][ T6371]  __alloc_skb+0x101/0x320
[   95.219679][ T6371]  alloc_skb_with_frags+0x7d/0x470
[   95.219703][ T6371]  ? ____sys_sendmsg+0x345/0x4e0
[   95.219877][ T6371]  ? ___sys_sendmsg+0x17b/0x1d0
[   95.219912][ T6371]  ? __sys_sendmmsg+0x178/0x300
[   95.220061][ T6371]  ? __x64_sys_sendmmsg+0x57/0x70
[   95.220083][ T6371]  ? x64_sys_call+0x2f2f/0x2fb0
[   95.220147][ T6371]  ? do_syscall_64+0xd2/0x200
[   95.220236][ T6371]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.220266][ T6371]  ? percpu_counter_add_batch+0xb6/0x130
[   95.220317][ T6371]  sock_alloc_send_pskb+0x43a/0x4f0
[   95.220360][ T6371]  raw_send_hdrinc+0x186/0xa20
[   95.220469][ T6371]  ? ip_route_output_flow+0xf1/0x130
[   95.220504][ T6371]  raw_sendmsg+0xbce/0xe50
[   95.220554][ T6371]  ? __pfx_raw_sendmsg+0x10/0x10
[   95.220583][ T6371]  inet_sendmsg+0xc5/0xd0
[   95.220614][ T6371]  __sock_sendmsg+0x102/0x180
[   95.220740][ T6371]  ____sys_sendmsg+0x345/0x4e0
[   95.220774][ T6371]  ___sys_sendmsg+0x17b/0x1d0
[   95.220826][ T6371]  __sys_sendmmsg+0x178/0x300
[   95.220867][ T6371]  __x64_sys_sendmmsg+0x57/0x70
[   95.220898][ T6371]  x64_sys_call+0x2f2f/0x2fb0
[   95.220962][ T6371]  do_syscall_64+0xd2/0x200
[   95.220994][ T6371]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   95.221059][ T6371]  ? clear_bhb_loop+0x40/0x90
[   95.221162][ T6371]  ? clear_bhb_loop+0x40/0x90
[   95.221192][ T6371]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.221221][ T6371] RIP: 0033:0x7fe83f58e929
[   95.221242][ T6371] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.221261][ T6371] RSP: 002b:00007fe83dbf7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   95.221295][ T6371] RAX: ffffffffffffffda RBX: 00007fe83f7b5fa0 RCX: 00007fe83f58e929
[   95.221313][ T6371] RDX: 0000000000000002 RSI: 0000200000003a40 RDI: 0000000000000003
[   95.221330][ T6371] RBP: 00007fe83dbf7090 R08: 0000000000000000 R09: 0000000000000000
[   95.221347][ T6371] R10: 0000000000000840 R11: 0000000000000246 R12: 0000000000000001
[   95.221399][ T6371] R13: 0000000000000000 R14: 00007fe83f7b5fa0 R15: 00007ffe57db9fc8
[   95.221427][ T6371]  </TASK>
[   95.326617][ T6377] 9pnet_fd: Insufficient options for proto=fd
[   95.431486][ T6380] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1052'.
[   95.519193][ T6380] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1052'.
[   95.536789][ T6377] loop0: detected capacity change from 0 to 512
[   95.542164][ T6384] loop4: detected capacity change from 0 to 512
[   95.546776][   T29] kauditd_printk_skb: 75 callbacks suppressed
[   95.546855][   T29] audit: type=1400 audit(1749384610.498:9960): avc:  denied  { bind } for  pid=6378 comm="syz.1.1053" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   95.587055][ T6384] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   95.601076][ T6377] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   95.606783][ T6384] ext4 filesystem being mounted at /220/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   95.614156][ T6377] EXT4-fs (loop0): 1 truncate cleaned up
[   95.627661][ T6377] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   95.660864][   T29] audit: type=1400 audit(1749384610.618:9961): avc:  denied  { create } for  pid=6392 comm="syz.1.1055" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   95.664004][ T6393] loop9: detected capacity change from 0 to 7
[   95.681253][   T29] audit: type=1400 audit(1749384610.618:9962): avc:  denied  { write } for  pid=6392 comm="syz.1.1055" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   95.687928][ T6393] Buffer I/O error on dev loop9, logical block 0, async page read
[   95.716475][ T6393] Buffer I/O error on dev loop9, logical block 0, async page read
[   95.724411][ T6393]  loop9: unable to read partition table
[   95.730136][ T6393] loop_reread_partitions: partition scan of loop9 (þ被üŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨�â·û
[   95.730136][ T6393] 
Uªÿÿÿÿÿÿ) failed (rc=-5)
[   95.780755][ T6377] EXT4-fs error (device loop0): mb_free_blocks:1948: group 0, inode 15: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[   95.854540][   T29] audit: type=1400 audit(1749384610.618:9963): avc:  denied  { append } for  pid=6392 comm="syz.1.1055" name="loop9" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   95.879059][   T29] audit: type=1400 audit(1749384610.768:9964): avc:  denied  { setattr } for  pid=6383 comm="syz.4.1054" path="socket:[14261]" dev="sockfs" ino=14261 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   95.902729][   T29] audit: type=1400 audit(1749384610.768:9965): avc:  denied  { ioctl } for  pid=6383 comm="syz.4.1054" path="socket:[14264]" dev="sockfs" ino=14264 ioctlcmd=0x8918 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   95.927761][   T29] audit: type=1400 audit(1749384610.798:9966): avc:  denied  { read } for  pid=2985 comm="acpid" name="event8" dev="devtmpfs" ino=579 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1
[   95.949652][   T29] audit: type=1400 audit(1749384610.798:9967): avc:  denied  { open } for  pid=2985 comm="acpid" path="/dev/input/event8" dev="devtmpfs" ino=579 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1
[   95.972594][   T29] audit: type=1400 audit(1749384610.798:9968): avc:  denied  { ioctl } for  pid=2985 comm="acpid" path="/dev/input/event8" dev="devtmpfs" ino=579 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1
[   96.038215][ T6401] SELinux:  Context system_u:object_r:hwdata_t:s0 is not valid (left unmapped).
[   96.070819][   T29] audit: type=1400 audit(1749384611.008:9969): avc:  denied  { relabelto } for  pid=6383 comm="syz.4.1054" name="memfd:" dev="hugetlbfs" ino=14267 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:hwdata_t:s0"
[   96.160762][ T6403] netlink: 'syz.1.1056': attribute type 1 has an invalid length.
[   96.168928][ T6403] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1056'.
[   96.433880][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.556049][ T6413] lo speed is unknown, defaulting to 1000
[   97.008359][ T6418] loop3: detected capacity change from 0 to 512
[   97.030678][ T6418] EXT4-fs error (device loop3): ext4_expand_extra_isize_ea:2798: inode #11: comm syz.3.1061: corrupted xattr block 95: invalid header
[   97.065807][ T6418] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.1061: bg 0: block 7: invalid block bitmap
[   97.098876][ T6418] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[   97.128156][ T6418] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2962: inode #11: comm syz.3.1061: corrupted xattr block 95: invalid header
[   97.234027][ T6418] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -117)
[   97.255177][ T6418] EXT4-fs (loop3): 1 orphan inode deleted
[   97.255231][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.273958][ T6418] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   97.333706][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.395060][ T6427] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1063'.
[   97.473075][ T6435] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1066'.
[   97.482966][ T6435] batman_adv: batadv0: Removing interface: batadv_slave_0
[   97.494867][ T6435] batman_adv: batadv0: Removing interface: batadv_slave_1
[   97.578763][ T6441] netlink: 'syz.1.1068': attribute type 1 has an invalid length.
[   97.587857][ T6441] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1068'.
[   97.598977][   T10] usb 9-1: enqueue for inactive port 0
[   97.604748][   T10] usb 9-1: enqueue for inactive port 0
[   97.674505][   T10] vhci_hcd: vhci_device speed not set
[   97.743077][ T6449] loop4: detected capacity change from 0 to 1024
[   97.767418][ T6447] lo speed is unknown, defaulting to 1000
[   97.808530][ T6449] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   97.854072][ T6449] IPv6: NLM_F_CREATE should be specified when creating new route
[   97.913483][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.973251][ T6463] random: crng reseeded on system resumption
[   97.987412][ T2963] hid-generic 0000:0004:0000.0001: unknown main item tag 0x0
[   97.995249][ T2963] hid-generic 0000:0004:0000.0001: unknown main item tag 0x0
[   98.002934][ T2963] hid-generic 0000:0004:0000.0001: unknown main item tag 0x0
[   98.019845][ T6465] FAULT_INJECTION: forcing a failure.
[   98.019845][ T6465] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   98.035925][ T6465] CPU: 0 UID: 0 PID: 6465 Comm: syz.5.1075 Not tainted 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(voluntary) 
[   98.035958][ T6465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   98.035974][ T6465] Call Trace:
[   98.035983][ T6465]  <TASK>
[   98.036051][ T6465]  __dump_stack+0x1d/0x30
[   98.036097][ T6465]  dump_stack_lvl+0xe8/0x140
[   98.036124][ T6465]  dump_stack+0x15/0x1b
[   98.036227][ T6465]  should_fail_ex+0x265/0x280
[   98.036251][ T6465]  should_fail+0xb/0x20
[   98.036361][ T6465]  should_fail_usercopy+0x1a/0x20
[   98.036455][ T6465]  _copy_to_user+0x20/0xa0
[   98.036550][ T6465]  simple_read_from_buffer+0xb5/0x130
[   98.036643][ T6465]  proc_fail_nth_read+0x100/0x140
[   98.036806][ T6465]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   98.036837][ T6465]  vfs_read+0x1a0/0x6f0
[   98.036889][ T6465]  ? __rcu_read_unlock+0x4f/0x70
[   98.036919][ T6465]  ? __fget_files+0x184/0x1c0
[   98.036955][ T6465]  ksys_read+0xda/0x1a0
[   98.037061][ T6465]  __x64_sys_read+0x40/0x50
[   98.037083][ T6465]  x64_sys_call+0x2d77/0x2fb0
[   98.037106][ T6465]  do_syscall_64+0xd2/0x200
[   98.037135][ T6465]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   98.037173][ T6465]  ? clear_bhb_loop+0x40/0x90
[   98.037204][ T6465]  ? clear_bhb_loop+0x40/0x90
[   98.037236][ T6465]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.037277][ T6465] RIP: 0033:0x7f45d7fed33c
[   98.037294][ T6465] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   98.037313][ T6465] RSP: 002b:00007f45d6657030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   98.037333][ T6465] RAX: ffffffffffffffda RBX: 00007f45d8215fa0 RCX: 00007f45d7fed33c
[   98.037384][ T6465] RDX: 000000000000000f RSI: 00007f45d66570a0 RDI: 0000000000000004
[   98.037401][ T6465] RBP: 00007f45d6657090 R08: 0000000000000000 R09: 0000000000000000
[   98.037415][ T6465] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   98.037427][ T6465] R13: 0000000000000000 R14: 00007f45d8215fa0 R15: 00007ffd286c6bd8
[   98.037448][ T6465]  </TASK>
[   98.041851][ T2963] hid-generic 0000:0004:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   98.271994][ T6476] wireguard0: entered promiscuous mode
[   98.277743][ T6476] wireguard0: entered allmulticast mode
[   98.289788][ T6486] loop1: detected capacity change from 0 to 512
[   98.341139][ T6486] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1080: bg 0: block 248: padding at end of block bitmap is not set
[   98.405338][ T6494] loop0: detected capacity change from 0 to 512
[   98.423707][ T6494] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   98.444738][ T6486] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.1080: Failed to acquire dquot type 1
[   98.467187][ T6494] EXT4-fs (loop0): 1 truncate cleaned up
[   98.473830][ T6494] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   98.488647][ T6486] EXT4-fs (loop1): 1 truncate cleaned up
[   98.505386][ T6486] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   98.520788][ T6486] ext4 filesystem being mounted at /210/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   98.533676][ T6486] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.575622][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.625295][ T6486] syz.1.1080 (6486) used greatest stack depth: 9096 bytes left
[   98.633496][ T6500] 9pnet_fd: Insufficient options for proto=fd
[   98.780339][ T6514] loop4: detected capacity change from 0 to 128
[   98.788703][ T6514] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[   98.819104][ T3411] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[   98.826824][ T3411] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[   98.834298][ T3411] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[   98.842643][ T3411] hid-generic 0000:0004:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   98.853669][ T6515] lo speed is unknown, defaulting to 1000
[   99.012219][ T6528] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[   99.051165][ T6528] 9pnet: Could not find request transport: rdma00000000000068Rb…È\DQc0Èv‹}giVÞ¨ñaòöOÕ´B#Õ.²¶EYÍÈüþ·Ê8Só{hçáég
[   99.081676][ T6531] __nla_validate_parse: 7 callbacks suppressed
[   99.081698][ T6531] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1094'.
[   99.183363][ T6538] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1095'.
[   99.210471][ T6540] syz.3.1097 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   99.221873][ T6542] loop5: detected capacity change from 0 to 1024
[   99.309899][ T6542] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   99.343724][ T6542] IPv6: NLM_F_CREATE should be specified when creating new route
[   99.446255][ T6007] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.520563][ T6560] loop1: detected capacity change from 0 to 512
[   99.577103][ T6566] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1105'.
[   99.589469][ T6560] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -13
[   99.600037][ T6560] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #13: comm syz.1.1103: iget: bad i_size value: 12154757448730
[   99.645842][ T6568] loop3: detected capacity change from 0 to 1024
[   99.663649][ T6560] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.1103: couldn't read orphan inode 13 (err -117)
[   99.695975][ T6568] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   99.745222][ T6568] FAULT_INJECTION: forcing a failure.
[   99.745222][ T6568] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   99.759196][ T6568] CPU: 0 UID: 0 PID: 6568 Comm: syz.3.1106 Not tainted 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(voluntary) 
[   99.759234][ T6568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   99.759314][ T6568] Call Trace:
[   99.759323][ T6568]  <TASK>
[   99.759333][ T6568]  __dump_stack+0x1d/0x30
[   99.759437][ T6568]  dump_stack_lvl+0xe8/0x140
[   99.759485][ T6568]  dump_stack+0x15/0x1b
[   99.759505][ T6568]  should_fail_ex+0x265/0x280
[   99.759533][ T6568]  should_fail+0xb/0x20
[   99.759587][ T6568]  should_fail_usercopy+0x1a/0x20
[   99.759610][ T6568]  strncpy_from_user+0x25/0x230
[   99.759642][ T6568]  ? __rcu_read_unlock+0x34/0x70
[   99.759666][ T6568]  strncpy_from_user_nofault+0x68/0xf0
[   99.759735][ T6568]  bpf_probe_read_compat_str+0xb4/0x130
[   99.759780][ T6568]  bpf_prog_d73d3bb03d5a037f+0x3e/0x44
[   99.759810][ T6568]  bpf_trace_run3+0x10c/0x1d0
[   99.759870][ T6568]  ? __kfree_skb+0x109/0x150
[   99.759898][ T6568]  ? __kfree_skb+0x109/0x150
[   99.759916][ T6568]  __traceiter_kmem_cache_free+0x38/0x60
[   99.760088][ T6568]  ? __kfree_skb+0x109/0x150
[   99.760110][ T6568]  kmem_cache_free+0x257/0x300
[   99.760269][ T6568]  __kfree_skb+0x109/0x150
[   99.760288][ T6568]  ? nlmon_xmit+0x4f/0x60
[   99.760378][ T6568]  consume_skb+0x49/0x150
[   99.760408][ T6568]  nlmon_xmit+0x4f/0x60
[   99.760434][ T6568]  dev_hard_start_xmit+0x122/0x3e0
[   99.760459][ T6568]  __dev_queue_xmit+0x10b9/0x1fb0
[   99.760549][ T6568]  ? __dev_queue_xmit+0x182/0x1fb0
[   99.760579][ T6568]  ? __rcu_read_unlock+0x4f/0x70
[   99.760609][ T6568]  __netlink_deliver_tap+0x3c3/0x500
[   99.760649][ T6568]  netlink_unicast+0x64c/0x670
[   99.760678][ T6568]  netlink_sendmsg+0x58b/0x6b0
[   99.760712][ T6568]  ? __pfx_netlink_sendmsg+0x10/0x10
[   99.760744][ T6568]  __sock_sendmsg+0x142/0x180
[   99.760829][ T6568]  ____sys_sendmsg+0x31e/0x4e0
[   99.760910][ T6568]  ___sys_sendmsg+0x17b/0x1d0
[   99.760960][ T6568]  __x64_sys_sendmsg+0xd4/0x160
[   99.760995][ T6568]  x64_sys_call+0x2999/0x2fb0
[   99.761018][ T6568]  do_syscall_64+0xd2/0x200
[   99.761166][ T6568]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   99.761201][ T6568]  ? clear_bhb_loop+0x40/0x90
[   99.761225][ T6568]  ? clear_bhb_loop+0x40/0x90
[   99.761308][ T6568]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.761332][ T6568] RIP: 0033:0x7ff4b4abe929
[   99.761347][ T6568] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   99.761446][ T6568] RSP: 002b:00007ff4b3127038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   99.761471][ T6568] RAX: ffffffffffffffda RBX: 00007ff4b4ce5fa0 RCX: 00007ff4b4abe929
[   99.761487][ T6568] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000000000000006
[   99.761503][ T6568] RBP: 00007ff4b3127090 R08: 0000000000000000 R09: 0000000000000000
[   99.761519][ T6568] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   99.761535][ T6568] R13: 0000000000000000 R14: 00007ff4b4ce5fa0 R15: 00007ffde5e9a218
[   99.761635][ T6568]  </TASK>
[   99.761676][ T6568] IPv6: NLM_F_CREATE should be specified when creating new route
[   99.857751][ T6560] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.090807][ T6560] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[  100.101518][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.104338][ T6560] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  100.136732][ T6581] random: crng reseeded on system resumption
[  100.165755][ T6584] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1108'.
[  100.189380][ T3313] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.199284][ T6581] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1110'.
[  100.336557][ T6593] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  100.336631][ T6588] lo speed is unknown, defaulting to 1000
[  100.374499][ T6592] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1114'.
[  100.383679][ T6592] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1114'.
[  100.441525][ T6599] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1116'.
[  100.471598][ T6592] IPv6: Can't replace route, no match found
[  100.521678][ T6602] netlink: 24 bytes leftover after parsing attributes in process `+}[@'.
[  100.535375][ T6603] loop5: detected capacity change from 0 to 512
[  100.580806][ T6603] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  100.621053][ T6605] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1119'.
[  100.641048][   T29] kauditd_printk_skb: 236 callbacks suppressed
[  100.641069][   T29] audit: type=1326 audit(1749384615.598:10204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6601 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28d2d4e929 code=0x7ffc0000
[  100.671963][   T29] audit: type=1326 audit(1749384615.638:10205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6601 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28d2d4e929 code=0x7ffc0000
[  100.682159][ T6603] EXT4-fs (loop5): orphan cleanup on readonly fs
[  100.742331][   T29] audit: type=1326 audit(1749384615.698:10206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6601 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f28d2d4e929 code=0x7ffc0000
[  100.742761][ T6603] EXT4-fs warning (device loop5): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  100.765960][   T29] audit: type=1326 audit(1749384615.698:10207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6601 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28d2d4e929 code=0x7ffc0000
[  100.766079][   T29] audit: type=1326 audit(1749384615.698:10208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6601 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28d2d4e929 code=0x7ffc0000
[  100.830249][ T6603] EXT4-fs (loop5): Cannot turn on quotas: error -22
[  100.842876][ T6603] EXT4-fs error (device loop5): ext4_orphan_get:1393: inode #16: comm syz.5.1117: iget: immutable or append flags not allowed on symlinks
[  100.874125][   T29] audit: type=1326 audit(1749384615.798:10209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6601 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f28d2d4e52b code=0x7ffc0000
[  100.874348][   T29] audit: type=1326 audit(1749384615.798:10210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6601 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28d2d4e929 code=0x7ffc0000
[  100.874390][   T29] audit: type=1326 audit(1749384615.798:10211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6601 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28d2d4e929 code=0x7ffc0000
[  100.874442][   T29] audit: type=1326 audit(1749384615.798:10212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6601 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f28d2d4e929 code=0x7ffc0000
[  100.874547][   T29] audit: type=1326 audit(1749384615.798:10213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6601 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28d2d4e929 code=0x7ffc0000
[  100.879215][ T6603] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.1117: couldn't read orphan inode 16 (err -117)
[  100.880223][ T6603] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  100.956316][ T6007] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.977661][ T6619] loop4: detected capacity change from 0 to 512
[  100.977923][ T6619] ext4: Unknown parameter 'nouser_xattr'
[  101.006472][ T6621] loop5: detected capacity change from 0 to 1024
[  101.007208][ T6621] EXT4-fs: Ignoring removed orlov option
[  101.011195][ T6621] EXT4-fs (loop5): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  101.202358][ T6621] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.235285][ T6632] FAULT_INJECTION: forcing a failure.
[  101.235285][ T6632] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  101.248441][ T6632] CPU: 0 UID: 0 PID: 6632 Comm: syz.4.1129 Not tainted 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(voluntary) 
[  101.248548][ T6632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  101.248565][ T6632] Call Trace:
[  101.248575][ T6632]  <TASK>
[  101.248584][ T6632]  __dump_stack+0x1d/0x30
[  101.248613][ T6632]  dump_stack_lvl+0xe8/0x140
[  101.248645][ T6632]  dump_stack+0x15/0x1b
[  101.248663][ T6632]  should_fail_ex+0x265/0x280
[  101.248693][ T6632]  should_fail+0xb/0x20
[  101.248716][ T6632]  should_fail_usercopy+0x1a/0x20
[  101.248743][ T6632]  _copy_from_user+0x1c/0xb0
[  101.248840][ T6632]  memdup_user+0x5e/0xd0
[  101.248876][ T6632]  strndup_user+0x68/0xb0
[  101.248904][ T6632]  __se_sys_mount+0x8e/0x2e0
[  101.248974][ T6632]  ? fput+0x8f/0xc0
[  101.249013][ T6632]  ? ksys_write+0x192/0x1a0
[  101.249043][ T6632]  __x64_sys_mount+0x67/0x80
[  101.249072][ T6632]  x64_sys_call+0xd36/0x2fb0
[  101.249102][ T6632]  do_syscall_64+0xd2/0x200
[  101.249259][ T6632]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  101.249286][ T6632]  ? clear_bhb_loop+0x40/0x90
[  101.249307][ T6632]  ? clear_bhb_loop+0x40/0x90
[  101.249374][ T6632]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.249404][ T6632] RIP: 0033:0x7f28d2d4e929
[  101.249488][ T6632] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.249536][ T6632] RSP: 002b:00007f28d13b7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  101.249561][ T6632] RAX: ffffffffffffffda RBX: 00007f28d2f75fa0 RCX: 00007f28d2d4e929
[  101.249579][ T6632] RDX: 0000000000000000 RSI: 00002000000004c0 RDI: 0000200000000480
[  101.249671][ T6632] RBP: 00007f28d13b7090 R08: 0000000000000000 R09: 0000000000000000
[  101.249688][ T6632] R10: 0000000000002000 R11: 0000000000000246 R12: 0000000000000001
[  101.249705][ T6632] R13: 0000000000000000 R14: 00007f28d2f75fa0 R15: 00007fff2bb92508
[  101.249730][ T6632]  </TASK>
[  101.865174][ T6651] FAULT_INJECTION: forcing a failure.
[  101.865174][ T6651] name failslab, interval 1, probability 0, space 0, times 0
[  101.878565][ T6651] CPU: 0 UID: 0 PID: 6651 Comm: syz.4.1136 Not tainted 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(voluntary) 
[  101.878597][ T6651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  101.878610][ T6651] Call Trace:
[  101.878620][ T6651]  <TASK>
[  101.878630][ T6651]  __dump_stack+0x1d/0x30
[  101.878658][ T6651]  dump_stack_lvl+0xe8/0x140
[  101.878683][ T6651]  dump_stack+0x15/0x1b
[  101.878704][ T6651]  should_fail_ex+0x265/0x280
[  101.878789][ T6651]  ? io_getxattr_prep+0x129/0x200
[  101.878819][ T6651]  should_failslab+0x8c/0xb0
[  101.878846][ T6651]  __kmalloc_cache_noprof+0x4c/0x320
[  101.878877][ T6651]  ? __io_alloc_req_refill+0x12e/0x1d0
[  101.878970][ T6651]  io_getxattr_prep+0x129/0x200
[  101.879015][ T6651]  io_submit_sqes+0x5e2/0xfd0
[  101.879138][ T6651]  __se_sys_io_uring_enter+0x1c1/0x1b70
[  101.879183][ T6651]  ? 0xffffffff81000000
[  101.879197][ T6651]  ? __rcu_read_unlock+0x4f/0x70
[  101.879225][ T6651]  ? get_pid_task+0x96/0xd0
[  101.879253][ T6651]  ? proc_fail_nth_write+0x12d/0x160
[  101.879285][ T6651]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  101.879316][ T6651]  ? vfs_write+0x75e/0x8e0
[  101.879343][ T6651]  ? __rcu_read_unlock+0x4f/0x70
[  101.879411][ T6651]  ? __fget_files+0x184/0x1c0
[  101.879444][ T6651]  ? fput+0x8f/0xc0
[  101.879484][ T6651]  __x64_sys_io_uring_enter+0x78/0x90
[  101.879533][ T6651]  x64_sys_call+0x28c8/0x2fb0
[  101.879589][ T6651]  do_syscall_64+0xd2/0x200
[  101.879614][ T6651]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  101.879650][ T6651]  ? clear_bhb_loop+0x40/0x90
[  101.879679][ T6651]  ? clear_bhb_loop+0x40/0x90
[  101.879710][ T6651]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.879733][ T6651] RIP: 0033:0x7f28d2d4e929
[  101.879761][ T6651] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.879780][ T6651] RSP: 002b:00007f28d13b7038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  101.879799][ T6651] RAX: ffffffffffffffda RBX: 00007f28d2f75fa0 RCX: 00007f28d2d4e929
[  101.879812][ T6651] RDX: 0000000000000002 RSI: 00000000000047bc RDI: 0000000000000004
[  101.879825][ T6651] RBP: 00007f28d13b7090 R08: 0000000000000000 R09: 0000000000000000
[  101.879837][ T6651] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  101.879850][ T6651] R13: 0000000000000000 R14: 00007f28d2f75fa0 R15: 00007fff2bb92508
[  101.879872][ T6651]  </TASK>
[  102.142930][ T6007] EXT4-fs error (device loop5): ext4_read_inline_dir:1502: inode #12: block 7: comm syz-executor: path /21/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[  102.211542][ T6656] FAULT_INJECTION: forcing a failure.
[  102.211542][ T6656] name failslab, interval 1, probability 0, space 0, times 0
[  102.224718][ T6656] CPU: 0 UID: 0 PID: 6656 Comm: syz.3.1139 Not tainted 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(voluntary) 
[  102.224810][ T6656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  102.224826][ T6656] Call Trace:
[  102.224855][ T6656]  <TASK>
[  102.224865][ T6656]  __dump_stack+0x1d/0x30
[  102.224900][ T6656]  dump_stack_lvl+0xe8/0x140
[  102.224922][ T6656]  dump_stack+0x15/0x1b
[  102.224963][ T6656]  should_fail_ex+0x265/0x280
[  102.224987][ T6656]  should_failslab+0x8c/0xb0
[  102.225018][ T6656]  kmem_cache_alloc_noprof+0x50/0x310
[  102.225049][ T6656]  ? skb_clone+0x151/0x1f0
[  102.225076][ T6656]  skb_clone+0x151/0x1f0
[  102.225107][ T6656]  __netlink_deliver_tap+0x2c9/0x500
[  102.225221][ T6656]  netlink_unicast+0x64c/0x670
[  102.225248][ T6656]  netlink_sendmsg+0x58b/0x6b0
[  102.225279][ T6656]  ? __pfx_netlink_sendmsg+0x10/0x10
[  102.225306][ T6656]  __sock_sendmsg+0x142/0x180
[  102.225387][ T6656]  ____sys_sendmsg+0x31e/0x4e0
[  102.225420][ T6656]  ___sys_sendmsg+0x17b/0x1d0
[  102.225466][ T6656]  __x64_sys_sendmsg+0xd4/0x160
[  102.225496][ T6656]  x64_sys_call+0x2999/0x2fb0
[  102.225518][ T6656]  do_syscall_64+0xd2/0x200
[  102.225574][ T6656]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  102.225607][ T6656]  ? clear_bhb_loop+0x40/0x90
[  102.225634][ T6656]  ? clear_bhb_loop+0x40/0x90
[  102.225662][ T6656]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.225732][ T6656] RIP: 0033:0x7ff4b4abe929
[  102.225754][ T6656] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  102.225777][ T6656] RSP: 002b:00007ff4b3127038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  102.225801][ T6656] RAX: ffffffffffffffda RBX: 00007ff4b4ce5fa0 RCX: 00007ff4b4abe929
[  102.225817][ T6656] RDX: 0000000000000000 RSI: 00002000000037c0 RDI: 0000000000000006
[  102.225832][ T6656] RBP: 00007ff4b3127090 R08: 0000000000000000 R09: 0000000000000000
[  102.225847][ T6656] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  102.225870][ T6656] R13: 0000000000000000 R14: 00007ff4b4ce5fa0 R15: 00007ffde5e9a218
[  102.225894][ T6656]  </TASK>
[  102.244656][ T6007] EXT4-fs error (device loop5): ext4_read_inline_dir:1502: inode #12: block 7: comm syz-executor: path /21/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[  102.370589][ T6663] 9pnet_fd: Insufficient options for proto=fd
[  102.379267][ T6007] EXT4-fs error (device loop5): empty_inline_dir:1786: inode #12: block 7: comm syz-executor: bad entry in directory: rec_len is too small for name_len - offset=20, inode=14, rec_len=40, size=60 fake=0
[  102.403879][ T6663] loop1: detected capacity change from 0 to 512
[  102.468758][ T6668] FAULT_INJECTION: forcing a failure.
[  102.468758][ T6668] name failslab, interval 1, probability 0, space 0, times 0
[  102.486033][ T6663] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  102.500065][ T6668] CPU: 1 UID: 0 PID: 6668 Comm: syz.4.1142 Not tainted 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(voluntary) 
[  102.500106][ T6668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  102.500124][ T6668] Call Trace:
[  102.500135][ T6668]  <TASK>
[  102.500150][ T6668]  __dump_stack+0x1d/0x30
[  102.500293][ T6668]  dump_stack_lvl+0xe8/0x140
[  102.500323][ T6668]  dump_stack+0x15/0x1b
[  102.500348][ T6668]  should_fail_ex+0x265/0x280
[  102.500382][ T6668]  should_failslab+0x8c/0xb0
[  102.500446][ T6668]  __kmalloc_noprof+0xa5/0x3e0
[  102.500492][ T6668]  ? io_cache_alloc_new+0x2a/0xb0
[  102.500533][ T6668]  io_cache_alloc_new+0x2a/0xb0
[  102.500572][ T6668]  __io_prep_rw+0xcf/0x660
[  102.500661][ T6668]  ? __rcu_read_unlock+0x4f/0x70
[  102.500697][ T6668]  io_prep_rwv+0x33/0x230
[  102.500748][ T6668]  io_prep_readv+0x1f/0x30
[  102.500847][ T6668]  io_submit_sqes+0x5e2/0xfd0
[  102.500912][ T6668]  __se_sys_io_uring_enter+0x1c1/0x1b70
[  102.501031][ T6668]  ? 0xffffffff81000000
[  102.501051][ T6668]  ? __rcu_read_unlock+0x4f/0x70
[  102.501084][ T6668]  ? get_pid_task+0x96/0xd0
[  102.501115][ T6668]  ? proc_fail_nth_write+0x12d/0x160
[  102.501163][ T6668]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  102.501199][ T6668]  ? vfs_write+0x75e/0x8e0
[  102.501230][ T6668]  ? __rcu_read_unlock+0x4f/0x70
[  102.501271][ T6668]  ? __fget_files+0x184/0x1c0
[  102.501353][ T6668]  ? fput+0x8f/0xc0
[  102.501399][ T6668]  __x64_sys_io_uring_enter+0x78/0x90
[  102.501496][ T6668]  x64_sys_call+0x28c8/0x2fb0
[  102.501529][ T6668]  do_syscall_64+0xd2/0x200
[  102.501572][ T6668]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  102.501614][ T6668]  ? clear_bhb_loop+0x40/0x90
[  102.501647][ T6668]  ? clear_bhb_loop+0x40/0x90
[  102.501788][ T6668]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.501823][ T6668] RIP: 0033:0x7f28d2d4e929
[  102.501847][ T6668] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  102.501910][ T6668] RSP: 002b:00007f28d1396038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  102.502035][ T6668] RAX: ffffffffffffffda RBX: 00007f28d2f76080 RCX: 00007f28d2d4e929
[  102.502054][ T6668] RDX: 000000000000a1ff RSI: 0000000000000567 RDI: 0000000000000004
[  102.502072][ T6668] RBP: 00007f28d1396090 R08: 0000000000000000 R09: 0000000000000000
[  102.502091][ T6668] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  102.502110][ T6668] R13: 0000000000000000 R14: 00007f28d2f76080 R15: 00007fff2bb92508
[  102.502140][ T6668]  </TASK>
[  102.502838][ T6007] EXT4-fs warning (device loop5): empty_inline_dir:1793: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  102.545924][ T6663] EXT4-fs (loop1): 1 truncate cleaned up
[  102.602056][ T6007] EXT4-fs error (device loop5): ext4_read_inline_dir:1502: inode #12: block 7: comm syz-executor: path /21/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[  102.644098][ T6676] loop4: detected capacity change from 0 to 2048
[  102.677287][ T6007] EXT4-fs error (device loop5): ext4_read_inline_dir:1502: inode #12: block 7: comm syz-executor: path /21/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[  102.684793][ T6663] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.711385][ T6007] EXT4-fs error (device loop5): empty_inline_dir:1786: inode #12: block 7: comm syz-executor: bad entry in directory: rec_len is too small for name_len - offset=20, inode=14, rec_len=40, size=60 fake=0
[  102.711610][ T6007] EXT4-fs warning (device loop5): empty_inline_dir:1793: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  102.778399][ T6679] loop3: detected capacity change from 0 to 512
[  102.800381][ T6680] loop0: detected capacity change from 0 to 1024
[  102.812816][ T6007] EXT4-fs error (device loop5): ext4_read_inline_dir:1502: inode #12: block 7: comm syz-executor: path /21/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[  102.831526][ T6680] EXT4-fs: dax option not supported
[  102.836551][ T6676] Alternate GPT is invalid, using primary GPT.
[  102.871977][ T6680] loop0: detected capacity change from 0 to 512
[  102.891640][ T6676]  loop4: p1 p2 p3
[  102.908193][ T6007] EXT4-fs error (device loop5): ext4_read_inline_dir:1502: inode #12: block 7: comm syz-executor: path /21/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[  102.913611][ T6679] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846c118, mo2=0002]
[  102.921820][ T6663] EXT4-fs error (device loop1): mb_free_blocks:1948: group 0, 
[  102.944184][ T6679] System zones: 
[  102.948567][ T6663] inode 15: 
[  102.954795][ T6679] 1-12
[  102.961064][ T6663] block 33:freeing already freed block (bit 32); block bitmap corrupt.
[  102.964866][ T6679] 
[  103.017757][ T6007] EXT4-fs error (device loop5): empty_inline_dir:1786: inode #12: block 7: comm syz-executor: bad entry in directory: rec_len is too small for name_len - offset=20, inode=14, rec_len=40, size=60 fake=0
[  103.022819][ T6679] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #2: block 3: comm syz.3.1146: lblock 0 mapped to illegal pblock 3 (length 1)
[  103.039499][ T6007] EXT4-fs warning (device loop5): empty_inline_dir:1793: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  103.074501][ T6007] EXT4-fs error (device loop5): ext4_read_inline_dir:1502: inode #12: block 7: comm syz-executor: path /21/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[  103.111912][ T6679] EXT4-fs warning (device loop3): dx_probe:791: inode #2: lblock 0: comm syz.3.1146: error -117 reading directory block
[  103.115129][ T6007] EXT4-fs warning (device loop5): empty_inline_dir:1793: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  103.139399][ T6679] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117
[  103.158799][ T6679] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.175166][ T6679] EXT4-fs error (device loop3): ext4_xattr_block_get:593: inode #2: comm syz.3.1146: corrupted xattr block 255: invalid header
[  103.185032][ T6007] EXT4-fs warning (device loop5): empty_inline_dir:1793: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  103.190403][ T6679] SELinux: (dev loop3, type ext4) getxattr errno 117
[  103.222157][ T6679] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.238767][ T6007] EXT4-fs warning (device loop5): empty_inline_dir:1793: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  103.263891][ T6007] EXT4-fs warning (device loop5): empty_inline_dir:1793: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  103.304698][ T6679] loop3: detected capacity change from 0 to 512
[  103.311587][ T6679] EXT4-fs: Ignoring removed i_version option
[  103.319285][ T6007] EXT4-fs warning (device loop5): empty_inline_dir:1793: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  103.354549][ T6679] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  103.366113][ T6007] EXT4-fs warning (device loop5): empty_inline_dir:1793: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  103.388256][ T6679] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2842e12c, mo2=0002]
[  103.395235][ T6007] EXT4-fs warning (device loop5): empty_inline_dir:1793: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  103.429512][ T6679] System zones: 1-12
[  103.433949][ T6679] EXT4-fs (loop3): orphan cleanup on readonly fs
[  103.441665][ T6679] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.1146: invalid indirect mapped block 12 (level 1)
[  103.485531][ T6679] EXT4-fs (loop3): Remounting filesystem read-only
[  103.492504][ T6679] EXT4-fs (loop3): 1 truncate cleaned up
[  103.499600][ T6679] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[  103.513101][ T6696] FAULT_INJECTION: forcing a failure.
[  103.513101][ T6696] name failslab, interval 1, probability 0, space 0, times 0
[  103.526124][ T6696] CPU: 0 UID: 0 PID: 6696 Comm: syz.4.1153 Not tainted 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(voluntary) 
[  103.526198][ T6696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  103.526211][ T6696] Call Trace:
[  103.526221][ T6696]  <TASK>
[  103.526232][ T6696]  __dump_stack+0x1d/0x30
[  103.526265][ T6696]  dump_stack_lvl+0xe8/0x140
[  103.526331][ T6696]  dump_stack+0x15/0x1b
[  103.526360][ T6696]  should_fail_ex+0x265/0x280
[  103.526384][ T6696]  ? xfrm_policy_alloc+0x62/0x1b0
[  103.526428][ T6696]  should_failslab+0x8c/0xb0
[  103.526459][ T6696]  __kmalloc_cache_noprof+0x4c/0x320
[  103.526497][ T6696]  xfrm_policy_alloc+0x62/0x1b0
[  103.526539][ T6696]  pfkey_compile_policy+0x193/0x410
[  103.526614][ T6696]  ? xfrm_compile_policy+0x106/0x240
[  103.526650][ T6696]  ? __pfx_pfkey_compile_policy+0x10/0x10
[  103.526755][ T6696]  xfrm_user_policy+0x297/0x540
[  103.526798][ T6696]  do_ipv6_setsockopt+0x13c5/0x22e0
[  103.526839][ T6696]  ? kstrtoull+0x111/0x140
[  103.526880][ T6696]  ? __rcu_read_unlock+0x4f/0x70
[  103.526973][ T6696]  ? avc_has_perm_noaudit+0x1b1/0x200
[  103.527035][ T6696]  ? selinux_netlbl_socket_setsockopt+0x1f9/0x2d0
[  103.527075][ T6696]  ipv6_setsockopt+0x59/0x130
[  103.527168][ T6696]  rawv6_setsockopt+0x1d2/0x420
[  103.527208][ T6696]  sock_common_setsockopt+0x69/0x80
[  103.527311][ T6696]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  103.527425][ T6696]  __sys_setsockopt+0x184/0x200
[  103.527449][ T6696]  __x64_sys_setsockopt+0x64/0x80
[  103.527473][ T6696]  x64_sys_call+0x2bd5/0x2fb0
[  103.527509][ T6696]  do_syscall_64+0xd2/0x200
[  103.527541][ T6696]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  103.527626][ T6696]  ? clear_bhb_loop+0x40/0x90
[  103.527656][ T6696]  ? clear_bhb_loop+0x40/0x90
[  103.527686][ T6696]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.527715][ T6696] RIP: 0033:0x7f28d2d4e929
[  103.527811][ T6696] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  103.527831][ T6696] RSP: 002b:00007f28d13b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  103.527851][ T6696] RAX: ffffffffffffffda RBX: 00007f28d2f75fa0 RCX: 00007f28d2d4e929
[  103.527864][ T6696] RDX: 0000000000000022 RSI: 0000000000000029 RDI: 0000000000000006
[  103.527876][ T6696] RBP: 00007f28d13b7090 R08: 000000000000005c R09: 0000000000000000
[  103.527889][ T6696] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  103.527937][ T6696] R13: 0000000000000000 R14: 00007f28d2f75fa0 R15: 00007fff2bb92508
[  103.527964][ T6696]  </TASK>
[  103.936661][ T6699] batadv_slave_0: entered promiscuous mode
[  103.945749][ T6699] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  104.195304][ T6705] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10842 sclass=netlink_route_socket pid=6705 comm=syz.4.1154
[  104.268164][ T6007] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.296945][ T6699] batadv_slave_0 (unregistering): left promiscuous mode
[  104.307130][ T3313] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.320405][ T6699] batman_adv: batadv0: Removing interface: batadv_slave_0
[  104.346652][ T6703] lo speed is unknown, defaulting to 1000
[  104.405696][  T337] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.489888][ T6708] vhci_hcd: invalid port number 96
[  104.495152][ T6708] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  104.514140][  T337] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.555457][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  104.588570][  T337] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.628165][ T6718] netlink: 'syz.3.1157': attribute type 4 has an invalid length.
[  104.663783][ T6726] __nla_validate_parse: 6 callbacks suppressed
[  104.663804][ T6726] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1164'.
[  104.703814][  T337] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.732369][ T6729] netlink: 'syz.0.1165': attribute type 29 has an invalid length.
[  104.748776][ T6735] FAULT_INJECTION: forcing a failure.
[  104.748776][ T6735] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  104.762665][ T6735] CPU: 0 UID: 0 PID: 6735 Comm: syz.3.1168 Not tainted 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(voluntary) 
[  104.762701][ T6735] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  104.762718][ T6735] Call Trace:
[  104.762728][ T6735]  <TASK>
[  104.762775][ T6735]  __dump_stack+0x1d/0x30
[  104.762814][ T6735]  dump_stack_lvl+0xe8/0x140
[  104.762836][ T6735]  dump_stack+0x15/0x1b
[  104.763001][ T6735]  should_fail_ex+0x265/0x280
[  104.763037][ T6735]  should_fail+0xb/0x20
[  104.763058][ T6735]  should_fail_usercopy+0x1a/0x20
[  104.763083][ T6735]  _copy_from_user+0x1c/0xb0
[  104.763196][ T6735]  ___sys_sendmsg+0xc1/0x1d0
[  104.763389][ T6735]  __x64_sys_sendmsg+0xd4/0x160
[  104.763429][ T6735]  x64_sys_call+0x2999/0x2fb0
[  104.763456][ T6735]  do_syscall_64+0xd2/0x200
[  104.763481][ T6735]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  104.763511][ T6735]  ? clear_bhb_loop+0x40/0x90
[  104.763547][ T6735]  ? clear_bhb_loop+0x40/0x90
[  104.763575][ T6735]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.763598][ T6735] RIP: 0033:0x7ff4b4abe929
[  104.763661][ T6735] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  104.763683][ T6735] RSP: 002b:00007ff4b3127038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  104.763743][ T6735] RAX: ffffffffffffffda RBX: 00007ff4b4ce5fa0 RCX: 00007ff4b4abe929
[  104.763769][ T6735] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000005
[  104.763781][ T6735] RBP: 00007ff4b3127090 R08: 0000000000000000 R09: 0000000000000000
[  104.763794][ T6735] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  104.763809][ T6735] R13: 0000000000000000 R14: 00007ff4b4ce5fa0 R15: 00007ffde5e9a218
[  104.763836][ T6735]  </TASK>
[  105.023001][  T337] bridge_slave_1: left allmulticast mode
[  105.023025][  T337] bridge_slave_1: left promiscuous mode
[  105.023129][  T337] bridge0: port 2(bridge_slave_1) entered disabled state
[  105.052123][ T6742] FAULT_INJECTION: forcing a failure.
[  105.052123][ T6742] name failslab, interval 1, probability 0, space 0, times 0
[  105.065302][ T6742] CPU: 0 UID: 0 PID: 6742 Comm: syz.3.1169 Not tainted 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(voluntary) 
[  105.065351][ T6742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  105.065366][ T6742] Call Trace:
[  105.065373][ T6742]  <TASK>
[  105.065383][ T6742]  __dump_stack+0x1d/0x30
[  105.065455][ T6742]  dump_stack_lvl+0xe8/0x140
[  105.065491][ T6742]  dump_stack+0x15/0x1b
[  105.065510][ T6742]  should_fail_ex+0x265/0x280
[  105.065593][ T6742]  should_failslab+0x8c/0xb0
[  105.065624][ T6742]  __kvmalloc_node_noprof+0x123/0x4e0
[  105.065890][ T6742]  ? vmemdup_user+0x26/0xd0
[  105.065929][ T6742]  ? should_fail_usercopy+0x1a/0x20
[  105.066005][ T6742]  vmemdup_user+0x26/0xd0
[  105.066037][ T6742]  path_setxattrat+0x1b6/0x310
[  105.066094][ T6742]  __x64_sys_setxattr+0x6e/0x90
[  105.066183][ T6742]  x64_sys_call+0x28a7/0x2fb0
[  105.066216][ T6742]  do_syscall_64+0xd2/0x200
[  105.066249][ T6742]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  105.066284][ T6742]  ? clear_bhb_loop+0x40/0x90
[  105.066312][ T6742]  ? clear_bhb_loop+0x40/0x90
[  105.066359][ T6742]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.066387][ T6742] RIP: 0033:0x7ff4b4abe929
[  105.066443][ T6742] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  105.066466][ T6742] RSP: 002b:00007ff4b3127038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[  105.066491][ T6742] RAX: ffffffffffffffda RBX: 00007ff4b4ce5fa0 RCX: 00007ff4b4abe929
[  105.066508][ T6742] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000000
[  105.066605][ T6742] RBP: 00007ff4b3127090 R08: 0000000000000000 R09: 0000000000000000
[  105.066624][ T6742] R10: 0000000000000381 R11: 0000000000000246 R12: 0000000000000001
[  105.066642][ T6742] R13: 0000000000000000 R14: 00007ff4b4ce5fa0 R15: 00007ffde5e9a218
[  105.066667][ T6742]  </TASK>
[  105.067074][  T337] bridge_slave_0: left allmulticast mode
[  105.273438][  T337] bridge_slave_0: left promiscuous mode
[  105.279488][  T337] bridge0: port 1(bridge_slave_0) entered disabled state
[  105.299554][ T6757] RDS: rds_bind could not find a transport for fe80::, load rds_tcp or rds_rdma?
[  105.381623][ T6761] netlink: 'syz.1.1176': attribute type 13 has an invalid length.
[  105.429336][  T337] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  105.447449][  T337] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  105.458123][  T337] bond0 (unregistering): Released all slaves
[  105.471649][ T6760] netlink: 'syz.1.1176': attribute type 15 has an invalid length.
[  105.629739][ T6761] bridge0: port 2(bridge_slave_1) entered disabled state
[  105.637640][ T6761] bridge0: port 1(bridge_slave_0) entered disabled state
[  105.711128][ T6761] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  105.724269][ T6774] random: crng reseeded on system resumption
[  105.732761][ T6761] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  105.790978][ T6761] netdevsim netdevsim1 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  105.800837][ T6761] netdevsim netdevsim1 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  105.809563][ T6761] netdevsim netdevsim1 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  105.818663][ T6761] netdevsim netdevsim1 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  105.849273][ T6751] lo speed is unknown, defaulting to 1000
[  105.860647][ T3410] lo speed is unknown, defaulting to 1000
[  105.866741][ T3410] syz0: Port: 1 Link DOWN
[  105.879378][  T337] hsr_slave_0: left promiscuous mode
[  105.892422][  T337] hsr_slave_1: left promiscuous mode
[  105.904771][  T337] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  105.913425][  T337] batman_adv: batadv0: Removing interface: batadv_slave_0
[  105.934831][  T337] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  105.942932][  T337] batman_adv: batadv0: Removing interface: batadv_slave_1
[  105.955632][  T337] veth1_macvtap: left promiscuous mode
[  105.961651][  T337] veth0_macvtap: left promiscuous mode
[  105.967395][  T337] veth1_vlan: left promiscuous mode
[  105.972859][  T337] veth0_vlan: left promiscuous mode
[  106.038575][ T6781] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1178'.
[  106.093257][  T337] team0 (unregistering): Port device team_slave_1 removed
[  106.104186][  T337] team0 (unregistering): Port device team_slave_0 removed
[  106.181211][   T29] kauditd_printk_skb: 121 callbacks suppressed
[  106.181231][   T29] audit: type=1326 audit(1749384621.138:10335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6783 comm="syz.1.1179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe83f58e929 code=0x7ffc0000
[  106.214265][   T29] audit: type=1326 audit(1749384621.148:10336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6783 comm="syz.1.1179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe83f58e929 code=0x7ffc0000
[  106.240638][   T29] audit: type=1326 audit(1749384621.148:10337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6783 comm="syz.1.1179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7fe83f58e929 code=0x7ffc0000
[  106.267823][   T29] audit: type=1326 audit(1749384621.148:10338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6783 comm="syz.1.1179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe83f58e929 code=0x7ffc0000
[  106.292364][   T29] audit: type=1326 audit(1749384621.148:10339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6783 comm="syz.1.1179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe83f58e929 code=0x7ffc0000
[  106.318275][   T29] audit: type=1326 audit(1749384621.178:10340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6783 comm="syz.1.1179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe83f58e929 code=0x7ffc0000
[  106.342494][   T29] audit: type=1326 audit(1749384621.178:10341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6783 comm="syz.1.1179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe83f58e929 code=0x7ffc0000
[  106.368702][   T29] audit: type=1326 audit(1749384621.178:10342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6783 comm="syz.1.1179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7fe83f58e929 code=0x7ffc0000
[  106.393647][   T29] audit: type=1326 audit(1749384621.178:10343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6783 comm="syz.1.1179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe83f58e929 code=0x7ffc0000
[  106.417913][   T29] audit: type=1326 audit(1749384621.178:10344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6783 comm="syz.1.1179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=424 compat=0 ip=0x7fe83f58e929 code=0x7ffc0000
[  106.434515][ T6736] lo speed is unknown, defaulting to 1000
[  106.465496][ T6790] netlink: 'syz.0.1181': attribute type 1 has an invalid length.
[  106.474063][ T6790] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1181'.
[  106.616038][ T6800] netlink: 'syz.4.1185': attribute type 29 has an invalid length.
[  106.632374][ T6736] chnl_net:caif_netlink_parms(): no params data found
[  106.637500][ T6796] random: crng reseeded on system resumption
[  106.728737][ T6800] netlink: 'syz.4.1185': attribute type 29 has an invalid length.
[  106.764025][ T6736] bridge0: port 1(bridge_slave_0) entered blocking state
[  106.771724][ T6736] bridge0: port 1(bridge_slave_0) entered disabled state
[  106.800319][ T6736] bridge_slave_0: entered allmulticast mode
[  106.813755][ T6813] FAULT_INJECTION: forcing a failure.
[  106.813755][ T6813] name failslab, interval 1, probability 0, space 0, times 0
[  106.815464][ T6736] bridge_slave_0: entered promiscuous mode
[  106.826777][ T6813] CPU: 1 UID: 0 PID: 6813 Comm: syz.3.1189 Not tainted 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(voluntary) 
[  106.826817][ T6813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  106.826836][ T6813] Call Trace:
[  106.826846][ T6813]  <TASK>
[  106.826928][ T6813]  __dump_stack+0x1d/0x30
[  106.826984][ T6813]  dump_stack_lvl+0xe8/0x140
[  106.827047][ T6813]  dump_stack+0x15/0x1b
[  106.827071][ T6813]  should_fail_ex+0x265/0x280
[  106.827105][ T6813]  should_failslab+0x8c/0xb0
[  106.827142][ T6813]  kmem_cache_alloc_noprof+0x50/0x310
[  106.827265][ T6813]  ? __send_signal_locked+0x154/0x760
[  106.827313][ T6813]  __send_signal_locked+0x154/0x760
[  106.827438][ T6813]  send_signal_locked+0x34e/0x3c0
[  106.827484][ T6813]  do_send_sig_info+0x9f/0xf0
[  106.827527][ T6813]  kill_pid_info_type+0x81/0xd0
[  106.827671][ T6813]  __se_sys_rt_sigqueueinfo+0x11f/0x3b0
[  106.827788][ T6813]  ? __fget_files+0x184/0x1c0
[  106.827829][ T6813]  ? __secure_computing+0x82/0x150
[  106.827883][ T6813]  __x64_sys_rt_sigqueueinfo+0x43/0x50
[  106.827983][ T6813]  x64_sys_call+0x271b/0x2fb0
[  106.828017][ T6813]  do_syscall_64+0xd2/0x200
[  106.828053][ T6813]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  106.828095][ T6813]  ? clear_bhb_loop+0x40/0x90
[  106.828187][ T6813]  ? clear_bhb_loop+0x40/0x90
[  106.828251][ T6813]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.828288][ T6813] RIP: 0033:0x7ff4b4abe929
[  106.828313][ T6813] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  106.828345][ T6813] RSP: 002b:00007ff4b3127038 EFLAGS: 00000246 ORIG_RAX: 0000000000000081
[  106.828469][ T6813] RAX: ffffffffffffffda RBX: 00007ff4b4ce5fa0 RCX: 00007ff4b4abe929
[  106.828490][ T6813] RDX: 0000200000000000 RSI: 0000000000000021 RDI: 00000000000002c3
[  106.828510][ T6813] RBP: 00007ff4b3127090 R08: 0000000000000000 R09: 0000000000000000
[  106.828539][ T6813] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  106.828559][ T6813] R13: 0000000000000000 R14: 00007ff4b4ce5fa0 R15: 00007ffde5e9a218
[  106.828590][ T6813]  </TASK>
[  107.054661][ T6736] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.062208][ T6736] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.072904][ T6736] bridge_slave_1: entered allmulticast mode
[  107.080491][ T6736] bridge_slave_1: entered promiscuous mode
[  107.168366][ T6811] lo speed is unknown, defaulting to 1000
[  107.198310][ T6736] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  107.232323][ T6736] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  107.270922][ T6822] sch_fq: defrate 4294967295 ignored.
[  107.277906][ T6736] team0: Port device team_slave_0 added
[  107.299896][ T6736] team0: Port device team_slave_1 added
[  107.335364][ T6736] batman_adv: batadv0: Adding interface: batadv_slave_0
[  107.342547][ T6736] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  107.371342][ T6736] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  107.399933][ T6736] batman_adv: batadv0: Adding interface: batadv_slave_1
[  107.407493][ T6736] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  107.433997][ T6736] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  107.525921][ T6825] loop0: detected capacity change from 0 to 164
[  107.606669][ T6825] lo speed is unknown, defaulting to 1000
[  107.618511][ T6736] hsr_slave_0: entered promiscuous mode
[  107.635411][ T6736] hsr_slave_1: entered promiscuous mode
[  107.643102][ T6736] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  107.665549][ T6736] Cannot create hsr debugfs directory
[  107.687585][ T6825] lo speed is unknown, defaulting to 1000
[  107.703670][ T6833] FAULT_INJECTION: forcing a failure.
[  107.703670][ T6833] name failslab, interval 1, probability 0, space 0, times 0
[  107.716876][ T6833] CPU: 0 UID: 0 PID: 6833 Comm: syz.4.1194 Not tainted 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(voluntary) 
[  107.716911][ T6833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  107.716936][ T6833] Call Trace:
[  107.716943][ T6833]  <TASK>
[  107.716950][ T6833]  __dump_stack+0x1d/0x30
[  107.716994][ T6833]  dump_stack_lvl+0xe8/0x140
[  107.717016][ T6833]  dump_stack+0x15/0x1b
[  107.717104][ T6833]  should_fail_ex+0x265/0x280
[  107.717211][ T6833]  should_failslab+0x8c/0xb0
[  107.717243][ T6833]  kmem_cache_alloc_node_noprof+0x57/0x320
[  107.717279][ T6833]  ? __alloc_skb+0x101/0x320
[  107.717331][ T6833]  __alloc_skb+0x101/0x320
[  107.717357][ T6833]  netlink_alloc_large_skb+0xba/0xf0
[  107.717450][ T6833]  netlink_sendmsg+0x3cf/0x6b0
[  107.717485][ T6833]  ? __pfx_netlink_sendmsg+0x10/0x10
[  107.717517][ T6833]  __sock_sendmsg+0x142/0x180
[  107.717632][ T6833]  ____sys_sendmsg+0x31e/0x4e0
[  107.717675][ T6833]  ___sys_sendmsg+0x17b/0x1d0
[  107.717732][ T6833]  __x64_sys_sendmsg+0xd4/0x160
[  107.717760][ T6833]  x64_sys_call+0x2999/0x2fb0
[  107.717841][ T6833]  do_syscall_64+0xd2/0x200
[  107.717877][ T6833]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  107.717911][ T6833]  ? clear_bhb_loop+0x40/0x90
[  107.717933][ T6833]  ? clear_bhb_loop+0x40/0x90
[  107.717978][ T6833]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.718006][ T6833] RIP: 0033:0x7f28d2d4e929
[  107.718031][ T6833] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  107.718059][ T6833] RSP: 002b:00007f28d1396038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  107.718153][ T6833] RAX: ffffffffffffffda RBX: 00007f28d2f76080 RCX: 00007f28d2d4e929
[  107.718166][ T6833] RDX: 0000000000000000 RSI: 0000200000001740 RDI: 0000000000000004
[  107.718230][ T6833] RBP: 00007f28d1396090 R08: 0000000000000000 R09: 0000000000000000
[  107.718252][ T6833] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  107.718268][ T6833] R13: 0000000000000001 R14: 00007f28d2f76080 R15: 00007fff2bb92508
[  107.718294][ T6833]  </TASK>
[  107.943289][ T6825] lo speed is unknown, defaulting to 1000
[  107.988153][ T6835] 9pnet_fd: Insufficient options for proto=fd
[  107.998106][ T6835] loop4: detected capacity change from 0 to 512
[  108.006148][ T6835] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  108.028694][ T6825] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  108.036986][ T6839] 9pnet_fd: Insufficient options for proto=fd
[  108.042565][ T6839] loop3: detected capacity change from 0 to 512
[  108.068011][ T6835] EXT4-fs (loop4): 1 truncate cleaned up
[  108.074306][ T6835] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  108.102228][ T6839] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  108.141665][ T6839] EXT4-fs (loop3): 1 truncate cleaned up
[  108.145789][ T6736] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  108.156185][ T6835] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 15: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[  108.157463][ T6839] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  108.189504][ T6736] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  108.211742][ T6736] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  108.230670][ T6839] EXT4-fs error (device loop3): mb_free_blocks:1948: group 0, inode 15: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[  108.260651][ T6825] lo speed is unknown, defaulting to 1000
[  108.268910][ T6736] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  108.344113][ T6825] lo speed is unknown, defaulting to 1000
[  108.401981][ T6850] loop1: detected capacity change from 0 to 1024
[  108.425310][ T6736] 8021q: adding VLAN 0 to HW filter on device bond0
[  108.436591][ T6850] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  108.447376][ T6825] lo speed is unknown, defaulting to 1000
[  108.456112][ T6736] 8021q: adding VLAN 0 to HW filter on device team0
[  108.465165][ T6850] IPv6: NLM_F_CREATE should be specified when creating new route
[  108.484978][ T6825] lo speed is unknown, defaulting to 1000
[  108.491365][ T6825] lo speed is unknown, defaulting to 1000
[  108.493313][  T180] bridge0: port 1(bridge_slave_0) entered blocking state
[  108.504569][  T180] bridge0: port 1(bridge_slave_0) entered forwarding state
[  108.523145][  T180] bridge0: port 2(bridge_slave_1) entered blocking state
[  108.530365][  T180] bridge0: port 2(bridge_slave_1) entered forwarding state
[  108.607016][ T3313] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.620408][ T6859] random: crng reseeded on system resumption
[  108.672676][ T6736] 8021q: adding VLAN 0 to HW filter on device batadv0
[  108.685662][ T6859] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1201'.
[  108.695902][ T6864] FAULT_INJECTION: forcing a failure.
[  108.695902][ T6864] name failslab, interval 1, probability 0, space 0, times 0
[  108.708848][ T6864] CPU: 0 UID: 0 PID: 6864 Comm: syz.1.1200 Not tainted 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(voluntary) 
[  108.708929][ T6864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  108.708947][ T6864] Call Trace:
[  108.708956][ T6864]  <TASK>
[  108.708966][ T6864]  __dump_stack+0x1d/0x30
[  108.708994][ T6864]  dump_stack_lvl+0xe8/0x140
[  108.709147][ T6864]  dump_stack+0x15/0x1b
[  108.709170][ T6864]  should_fail_ex+0x265/0x280
[  108.709199][ T6864]  should_failslab+0x8c/0xb0
[  108.709284][ T6864]  __kmalloc_noprof+0xa5/0x3e0
[  108.709321][ T6864]  ? security_prepare_creds+0x52/0x120
[  108.709368][ T6864]  security_prepare_creds+0x52/0x120
[  108.709405][ T6864]  prepare_creds+0x34a/0x4c0
[  108.709438][ T6864]  copy_creds+0x8f/0x3f0
[  108.709470][ T6864]  copy_process+0x658/0x1fe0
[  108.709504][ T6864]  ? kstrtouint+0x76/0xc0
[  108.709550][ T6864]  ? __rcu_read_unlock+0x4f/0x70
[  108.709666][ T6864]  kernel_clone+0x16c/0x5b0
[  108.709696][ T6864]  ? vfs_write+0x75e/0x8e0
[  108.709721][ T6864]  __x64_sys_clone+0xe6/0x120
[  108.709891][ T6864]  x64_sys_call+0x2c59/0x2fb0
[  108.710003][ T6864]  do_syscall_64+0xd2/0x200
[  108.710030][ T6864]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  108.710058][ T6864]  ? clear_bhb_loop+0x40/0x90
[  108.710082][ T6864]  ? clear_bhb_loop+0x40/0x90
[  108.710149][ T6864]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.710244][ T6864] RIP: 0033:0x7fe83f58e929
[  108.710264][ T6864] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  108.710288][ T6864] RSP: 002b:00007fe83dbf6fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  108.710314][ T6864] RAX: ffffffffffffffda RBX: 00007fe83f7b5fa0 RCX: 00007fe83f58e929
[  108.710330][ T6864] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
[  108.710347][ T6864] RBP: 00007fe83dbf7090 R08: 0000000000000000 R09: 0000000000000000
[  108.710364][ T6864] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[  108.710410][ T6864] R13: 0000000000000000 R14: 00007fe83f7b5fa0 R15: 00007ffe57db9fc8
[  108.710436][ T6864]  </TASK>
[  108.938031][ T6736] veth0_vlan: entered promiscuous mode
[  108.999052][ T6736] veth1_vlan: entered promiscuous mode
[  109.007780][ T6879] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  109.033304][ T6879] 9pnet_fd: Insufficient options for proto=fd
[  109.058048][ T6736] veth0_macvtap: entered promiscuous mode
[  109.068778][ T6736] veth1_macvtap: entered promiscuous mode
[  109.084451][ T6736] batman_adv: batadv0: Interface activated: batadv_slave_0
[  109.102646][ T6736] batman_adv: batadv0: Interface activated: batadv_slave_1
[  109.122354][ T6736] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  109.133215][ T6736] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  109.144301][ T6736] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  109.153674][ T6736] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  109.228633][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.408347][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.411241][ T6894] loop6: detected capacity change from 0 to 2048
[  109.427760][ T6894] EXT4-fs: Ignoring removed bh option
[  109.433406][ T6894] ext4: Unknown parameter 'subj_type'
[  109.446534][ T6894] loop6: detected capacity change from 0 to 512
[  109.465516][ T6897] netlink: 'syz.4.1207': attribute type 15 has an invalid length.
[  109.476601][ T6894] EXT4-fs (loop6): too many log groups per flexible block group
[  109.484872][ T6894] EXT4-fs (loop6): failed to initialize mballoc (-12)
[  109.499563][ T6894] EXT4-fs (loop6): mount failed
[  109.527642][ T6894] netlink: 208 bytes leftover after parsing attributes in process `syz.6.1206'.
[  109.537440][ T6894] unsupported nla_type 8573
[  109.542714][ T6897] netlink: 'syz.4.1207': attribute type 13 has an invalid length.
[  109.610150][ T6897] bridge0: port 2(bridge_slave_1) entered disabled state
[  109.618087][ T6897] bridge0: port 1(bridge_slave_0) entered disabled state
[  109.630659][ T6903] FAULT_INJECTION: forcing a failure.
[  109.630659][ T6903] name failslab, interval 1, probability 0, space 0, times 0
[  109.643428][ T6903] CPU: 1 UID: 0 PID: 6903 Comm: syz.6.1210 Not tainted 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(voluntary) 
[  109.643519][ T6903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  109.643537][ T6903] Call Trace:
[  109.643564][ T6903]  <TASK>
[  109.643575][ T6903]  __dump_stack+0x1d/0x30
[  109.643603][ T6903]  dump_stack_lvl+0xe8/0x140
[  109.643626][ T6903]  dump_stack+0x15/0x1b
[  109.643653][ T6903]  should_fail_ex+0x265/0x280
[  109.643679][ T6903]  should_failslab+0x8c/0xb0
[  109.643782][ T6903]  kmem_cache_alloc_noprof+0x50/0x310
[  109.643838][ T6903]  ? audit_log_start+0x365/0x6c0
[  109.643958][ T6903]  audit_log_start+0x365/0x6c0
[  109.644047][ T6903]  audit_seccomp+0x48/0x100
[  109.644084][ T6903]  ? __seccomp_filter+0x68c/0x10d0
[  109.644115][ T6903]  __seccomp_filter+0x69d/0x10d0
[  109.644141][ T6903]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  109.644256][ T6903]  ? vfs_write+0x75e/0x8e0
[  109.644281][ T6903]  ? __rcu_read_unlock+0x4f/0x70
[  109.644318][ T6903]  ? __fget_files+0x184/0x1c0
[  109.644354][ T6903]  __secure_computing+0x82/0x150
[  109.644406][ T6903]  syscall_trace_enter+0xcf/0x1e0
[  109.644434][ T6903]  do_syscall_64+0xac/0x200
[  109.644457][ T6903]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  109.644490][ T6903]  ? clear_bhb_loop+0x40/0x90
[  109.644568][ T6903]  ? clear_bhb_loop+0x40/0x90
[  109.644607][ T6903]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.644636][ T6903] RIP: 0033:0x7f2fd477e929
[  109.644656][ T6903] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  109.644679][ T6903] RSP: 002b:00007f2fd2de7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000042
[  109.644703][ T6903] RAX: ffffffffffffffda RBX: 00007f2fd49a5fa0 RCX: 00007f2fd477e929
[  109.644718][ T6903] RDX: 0000000000000013 RSI: 0000000000000003 RDI: 0000000000000000
[  109.644733][ T6903] RBP: 00007f2fd2de7090 R08: 0000000000000000 R09: 0000000000000000
[  109.644796][ T6903] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  109.644811][ T6903] R13: 0000000000000000 R14: 00007f2fd49a5fa0 R15: 00007ffe35a36f58
[  109.644835][ T6903]  </TASK>
[  109.651550][ T6905] random: crng reseeded on system resumption
[  109.841592][ T6911] netlink: 'syz.6.1211': attribute type 21 has an invalid length.
[  109.929383][ T6897] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  109.989904][ T6897] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  109.999351][ T6897] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  110.008736][ T6897] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  110.017879][ T6897] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  110.116049][ T6917] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1213'.
[  110.189683][ T6919] --map-set only usable from mangle table
[  110.231531][ T6922] FAULT_INJECTION: forcing a failure.
[  110.231531][ T6922] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  110.246348][ T6922] CPU: 0 UID: 0 PID: 6922 Comm: syz.0.1215 Not tainted 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(voluntary) 
[  110.246388][ T6922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  110.246405][ T6922] Call Trace:
[  110.246465][ T6922]  <TASK>
[  110.246476][ T6922]  __dump_stack+0x1d/0x30
[  110.246504][ T6922]  dump_stack_lvl+0xe8/0x140
[  110.246524][ T6922]  dump_stack+0x15/0x1b
[  110.246540][ T6922]  should_fail_ex+0x265/0x280
[  110.246592][ T6922]  should_fail+0xb/0x20
[  110.246615][ T6922]  should_fail_usercopy+0x1a/0x20
[  110.246645][ T6922]  _copy_from_user+0x1c/0xb0
[  110.246676][ T6922]  restore_altstack+0x4b/0x2d0
[  110.246707][ T6922]  ? __set_task_blocked+0x23a/0x2a0
[  110.246839][ T6922]  __ia32_sys_rt_sigreturn+0xdc/0x350
[  110.246893][ T6922]  ? _raw_spin_unlock_irq+0x26/0x50
[  110.246933][ T6922]  ? signal_setup_done+0x266/0x290
[  110.246965][ T6922]  ? xfd_validate_state+0x45/0xf0
[  110.247023][ T6922]  ? fpu__clear_user_states+0x63/0x1e0
[  110.247062][ T6922]  ? fpregs_mark_activate+0x66/0x140
[  110.247095][ T6922]  ? fpu__clear_user_states+0x63/0x1e0
[  110.247179][ T6922]  ? arch_do_signal_or_restart+0x2f3/0x480
[  110.247220][ T6922]  ? __rcu_read_unlock+0x4f/0x70
[  110.247253][ T6922]  x64_sys_call+0x2e8a/0x2fb0
[  110.247338][ T6922]  do_syscall_64+0xd2/0x200
[  110.247365][ T6922]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  110.247402][ T6922]  ? clear_bhb_loop+0x40/0x90
[  110.247432][ T6922]  ? clear_bhb_loop+0x40/0x90
[  110.247490][ T6922]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.247569][ T6922] RIP: 0033:0x7f07ac2fab19
[  110.247649][ T6922] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
[  110.247668][ T6922] RSP: 002b:00007f07aa9c6a80 EFLAGS: 00000202 ORIG_RAX: 000000000000000f
[  110.247688][ T6922] RAX: ffffffffffffffda RBX: 00007f07ac585fa0 RCX: 00007f07ac2fab19
[  110.247703][ T6922] RDX: 00007f07aa9c6a80 RSI: 00007f07aa9c6bb0 RDI: 0000000000000021
[  110.247720][ T6922] RBP: 00007f07aa9c7090 R08: 0000000000000000 R09: 0000000000000000
[  110.247736][ T6922] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001
[  110.247752][ T6922] R13: 0000000000000000 R14: 00007f07ac585fa0 R15: 00007ffc450b5cb8
[  110.247779][ T6922]  </TASK>
[  110.680841][ T6933] netlink: 180 bytes leftover after parsing attributes in process `syz.0.1217'.
[  111.422042][   T29] kauditd_printk_skb: 244 callbacks suppressed
[  111.422060][   T29] audit: type=1400 audit(1749384626.378:10585): avc:  denied  { write } for  pid=6944 comm="syz.3.1221" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  111.422285][   T29] audit: type=1400 audit(1749384626.378:10586): avc:  denied  { module_request } for  pid=6944 comm="syz.3.1221" kmod="rdma-client-" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  111.655515][ T6954] 9pnet_fd: Insufficient options for proto=fd
[  111.663022][ T6954] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1224'.
[  111.672053][ T6954] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1224'.
[  111.683616][   T29] audit: type=1400 audit(1749384626.618:10587): avc:  denied  { write } for  pid=6953 comm="syz.4.1224" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  111.708444][   T29] audit: type=1400 audit(1749384626.618:10588): avc:  denied  { ioctl } for  pid=6953 comm="syz.4.1224" path="/dev/sg0" dev="devtmpfs" ino=135 ioctlcmd=0x227b scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  111.747741][ T6954] loop4: detected capacity change from 0 to 512
[  111.784293][ T6954] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  111.805399][ T6958] FAULT_INJECTION: forcing a failure.
[  111.805399][ T6958] name failslab, interval 1, probability 0, space 0, times 0
[  111.818462][ T6958] CPU: 1 UID: 0 PID: 6958 Comm: syz.6.1223 Not tainted 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(voluntary) 
[  111.818497][ T6958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  111.818543][ T6958] Call Trace:
[  111.818551][ T6958]  <TASK>
[  111.818564][ T6958]  __dump_stack+0x1d/0x30
[  111.818590][ T6958]  dump_stack_lvl+0xe8/0x140
[  111.818621][ T6958]  dump_stack+0x15/0x1b
[  111.818647][ T6958]  should_fail_ex+0x265/0x280
[  111.818722][ T6958]  should_failslab+0x8c/0xb0
[  111.818761][ T6958]  kmem_cache_alloc_noprof+0x50/0x310
[  111.818799][ T6958]  ? audit_log_start+0x365/0x6c0
[  111.818912][ T6958]  audit_log_start+0x365/0x6c0
[  111.818968][ T6958]  audit_seccomp+0x48/0x100
[  111.819016][ T6958]  ? __seccomp_filter+0x68c/0x10d0
[  111.819073][ T6958]  __seccomp_filter+0x69d/0x10d0
[  111.819105][ T6958]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  111.819221][ T6958]  ? vfs_write+0x75e/0x8e0
[  111.819242][ T6958]  ? __rcu_read_unlock+0x4f/0x70
[  111.819274][ T6958]  ? __fget_files+0x184/0x1c0
[  111.819323][ T6958]  __secure_computing+0x82/0x150
[  111.819356][ T6958]  syscall_trace_enter+0xcf/0x1e0
[  111.819386][ T6958]  do_syscall_64+0xac/0x200
[  111.819413][ T6958]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  111.819440][ T6958]  ? clear_bhb_loop+0x40/0x90
[  111.819465][ T6958]  ? clear_bhb_loop+0x40/0x90
[  111.819488][ T6958]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.819547][ T6958] RIP: 0033:0x7f2fd477d33c
[  111.819567][ T6958] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  111.819586][ T6958] RSP: 002b:00007f2fd2de7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  111.819605][ T6958] RAX: ffffffffffffffda RBX: 00007f2fd49a5fa0 RCX: 00007f2fd477d33c
[  111.819622][ T6958] RDX: 000000000000000f RSI: 00007f2fd2de70a0 RDI: 0000000000000003
[  111.819639][ T6958] RBP: 00007f2fd2de7090 R08: 0000000000000000 R09: 0000000000000000
[  111.819678][ T6958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  111.819757][ T6958] R13: 0000000000000000 R14: 00007f2fd49a5fa0 R15: 00007ffe35a36f58
[  111.819789][ T6958]  </TASK>
[  111.819799][ T6958] audit: audit_lost=9 audit_rate_limit=0 audit_backlog_limit=64
[  111.948658][   T29] audit: type=1326 audit(1749384626.758:10589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6957 comm="syz.6.1223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fd477e929 code=0x7ffc0000
[  111.952269][ T6958] audit: out of memory in audit_log_start
[  111.957027][   T29] audit: type=1326 audit(1749384626.758:10590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6957 comm="syz.6.1223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fd477e929 code=0x7ffc0000
[  112.105545][   T29] audit: type=1326 audit(1749384626.768:10591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6957 comm="syz.6.1223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2fd477e929 code=0x7ffc0000
[  112.129204][   T29] audit: type=1326 audit(1749384626.768:10592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6957 comm="syz.6.1223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fd477e929 code=0x7ffc0000
[  112.156674][ T6954] EXT4-fs (loop4): 1 truncate cleaned up
[  112.162827][ T6954] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  112.222073][ T6954] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 15: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[  112.304739][ T6966] netlink: 'syz.0.1229': attribute type 21 has an invalid length.
[  112.346658][ T6971] FAULT_INJECTION: forcing a failure.
[  112.346658][ T6971] name failslab, interval 1, probability 0, space 0, times 0
[  112.360323][ T6971] CPU: 0 UID: 0 PID: 6971 Comm: syz.6.1230 Not tainted 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(voluntary) 
[  112.360425][ T6971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  112.360443][ T6971] Call Trace:
[  112.360452][ T6971]  <TASK>
[  112.360462][ T6971]  __dump_stack+0x1d/0x30
[  112.360484][ T6971]  dump_stack_lvl+0xe8/0x140
[  112.360528][ T6971]  dump_stack+0x15/0x1b
[  112.360544][ T6971]  should_fail_ex+0x265/0x280
[  112.360565][ T6971]  should_failslab+0x8c/0xb0
[  112.360594][ T6971]  kmem_cache_alloc_node_noprof+0x57/0x320
[  112.360649][ T6971]  ? __alloc_skb+0x101/0x320
[  112.360669][ T6971]  __alloc_skb+0x101/0x320
[  112.360687][ T6971]  netlink_alloc_large_skb+0xba/0xf0
[  112.360755][ T6971]  netlink_sendmsg+0x3cf/0x6b0
[  112.360785][ T6971]  ? __pfx_netlink_sendmsg+0x10/0x10
[  112.360813][ T6971]  __sock_sendmsg+0x142/0x180
[  112.360851][ T6971]  ____sys_sendmsg+0x31e/0x4e0
[  112.360916][ T6971]  ___sys_sendmsg+0x17b/0x1d0
[  112.360973][ T6971]  __x64_sys_sendmsg+0xd4/0x160
[  112.361007][ T6971]  x64_sys_call+0x2999/0x2fb0
[  112.361029][ T6971]  do_syscall_64+0xd2/0x200
[  112.361104][ T6971]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  112.361140][ T6971]  ? clear_bhb_loop+0x40/0x90
[  112.361242][ T6971]  ? clear_bhb_loop+0x40/0x90
[  112.361265][ T6971]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.361288][ T6971] RIP: 0033:0x7f2fd477e929
[  112.361310][ T6971] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  112.361335][ T6971] RSP: 002b:00007f2fd2de7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  112.361359][ T6971] RAX: ffffffffffffffda RBX: 00007f2fd49a5fa0 RCX: 00007f2fd477e929
[  112.361375][ T6971] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000006
[  112.361391][ T6971] RBP: 00007f2fd2de7090 R08: 0000000000000000 R09: 0000000000000000
[  112.361404][ T6971] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  112.361416][ T6971] R13: 0000000000000000 R14: 00007f2fd49a5fa0 R15: 00007ffe35a36f58
[  112.361491][ T6971]  </TASK>
[  112.640127][ T6973] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[  112.701737][ T6978] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1232'.
[  112.984967][ T6989] loop6: detected capacity change from 0 to 2048
[  113.032488][ T6963] loop3: detected capacity change from 0 to 65536
[  113.049748][ T6963] vfat: Unknown parameter '¨7'
[  113.075319][ T6989]  loop6: p1 < > p4
[  113.081167][ T6989] loop6: p4 size 8388608 extends beyond EOD, truncated
[  113.332683][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.400614][ T7011] loop4: detected capacity change from 0 to 1024
[  113.418766][ T7011] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  113.430744][ T7009] loop6: detected capacity change from 0 to 2048
[  113.475278][ T7009]  loop6: p1 < > p4
[  113.480093][ T7017] loop3: detected capacity change from 0 to 2048
[  113.480477][ T7009] loop6: p4 size 8388608 extends beyond EOD, truncated
[  113.524731][ T7017]  loop3: p1 < > p4
[  113.530045][ T7017] loop3: p4 size 8388608 extends beyond EOD, truncated
[  113.762486][ T7027] loop3: detected capacity change from 0 to 512
[  113.771265][ T7027] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  113.783378][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.803126][ T7027] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  113.817985][ T7027] ext4 filesystem being mounted at /285/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  113.867302][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.892196][ T7034] lo speed is unknown, defaulting to 1000
[  113.932465][ T7034] lo speed is unknown, defaulting to 1000
[  113.945474][ T7040] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1252'.
[  114.008608][ T7046] sch_tbf: burst 88 is lower than device veth3 mtu (1514) !
[  114.019187][ T7041] hub 8-0:1.0: USB hub found
[  114.028855][ T7041] hub 8-0:1.0: 8 ports detected
[  114.209443][ T7053] loop0: detected capacity change from 0 to 2048
[  114.265321][ T7053]  loop0: p1 < > p4
[  114.275852][ T7053] loop0: p4 size 8388608 extends beyond EOD, truncated
[  114.412654][ T7059] loop3: detected capacity change from 0 to 2048
[  114.475469][ T7059] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  114.556628][ T7067] loop0: detected capacity change from 0 to 1024
[  114.590848][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.612696][ T7067] EXT4-fs: Ignoring removed oldalloc option
[  114.642545][ T7067] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  114.669106][ T7072] FAULT_INJECTION: forcing a failure.
[  114.669106][ T7072] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  114.675383][ T7066] Falling back ldisc for ttyS3.
[  114.684678][ T7072] CPU: 0 UID: 0 PID: 7072 Comm: syz.3.1261 Not tainted 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(voluntary) 
[  114.684726][ T7072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  114.684821][ T7072] Call Trace:
[  114.684832][ T7072]  <TASK>
[  114.684847][ T7072]  __dump_stack+0x1d/0x30
[  114.684880][ T7072]  dump_stack_lvl+0xe8/0x140
[  114.684959][ T7072]  dump_stack+0x15/0x1b
[  114.685049][ T7072]  should_fail_ex+0x265/0x280
[  114.685080][ T7072]  should_fail+0xb/0x20
[  114.685106][ T7072]  should_fail_usercopy+0x1a/0x20
[  114.685151][ T7072]  _copy_from_user+0x1c/0xb0
[  114.685189][ T7072]  ___sys_sendmsg+0xc1/0x1d0
[  114.685309][ T7072]  __x64_sys_sendmsg+0xd4/0x160
[  114.685350][ T7072]  x64_sys_call+0x2999/0x2fb0
[  114.685382][ T7072]  do_syscall_64+0xd2/0x200
[  114.685420][ T7072]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  114.685461][ T7072]  ? clear_bhb_loop+0x40/0x90
[  114.685503][ T7072]  ? clear_bhb_loop+0x40/0x90
[  114.685546][ T7072]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.685580][ T7072] RIP: 0033:0x7ff4b4abe929
[  114.685604][ T7072] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  114.685633][ T7072] RSP: 002b:00007ff4b3127038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  114.685663][ T7072] RAX: ffffffffffffffda RBX: 00007ff4b4ce5fa0 RCX: 00007ff4b4abe929
[  114.685753][ T7072] RDX: 0000000000044084 RSI: 0000200000004bc0 RDI: 0000000000000006
[  114.685779][ T7072] RBP: 00007ff4b3127090 R08: 0000000000000000 R09: 0000000000000000
[  114.685797][ T7072] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  114.685822][ T7072] R13: 0000000000000000 R14: 00007ff4b4ce5fa0 R15: 00007ffde5e9a218
[  114.685850][ T7072]  </TASK>
[  114.811579][ T7074] loop4: detected capacity change from 0 to 512
[  114.920846][ T7067] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  114.985764][ T7074] ext3: Unknown parameter 'smackfshat'
[  115.165982][ T7112] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1271'.
[  115.277956][ T7116] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  115.279894][ T7121] loop3: detected capacity change from 0 to 512
[  115.298019][ T7116] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  115.333074][ T7121] EXT4-fs (loop3): orphan cleanup on readonly fs
[  115.349655][ T7114] loop4: detected capacity change from 0 to 2048
[  115.389140][ T7121] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1274: bg 0: block 248: padding at end of block bitmap is not set
[  115.406474][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.501607][ T7121] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.1274: Failed to acquire dquot type 1
[  115.505806][ T7114]  loop4: p1 < > p4
[  115.539724][ T7121] EXT4-fs (loop3): 1 truncate cleaned up
[  115.546680][ T7121] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  115.560404][ T7114] loop4: p4 size 8388608 extends beyond EOD, truncated
[  115.603812][ T7121] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  115.657853][ T7121] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  115.766052][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.846925][ T7139] FAULT_INJECTION: forcing a failure.
[  115.846925][ T7139] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  115.860448][ T7139] CPU: 1 UID: 0 PID: 7139 Comm: syz.6.1280 Not tainted 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(voluntary) 
[  115.860517][ T7139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  115.860532][ T7139] Call Trace:
[  115.860540][ T7139]  <TASK>
[  115.860549][ T7139]  __dump_stack+0x1d/0x30
[  115.860599][ T7139]  dump_stack_lvl+0xe8/0x140
[  115.860634][ T7139]  dump_stack+0x15/0x1b
[  115.860651][ T7139]  should_fail_ex+0x265/0x280
[  115.860674][ T7139]  should_fail+0xb/0x20
[  115.860692][ T7139]  should_fail_usercopy+0x1a/0x20
[  115.860715][ T7139]  _copy_from_user+0x1c/0xb0
[  115.860788][ T7139]  ___sys_sendmsg+0xc1/0x1d0
[  115.860906][ T7139]  __x64_sys_sendmsg+0xd4/0x160
[  115.860936][ T7139]  x64_sys_call+0x2999/0x2fb0
[  115.860992][ T7139]  do_syscall_64+0xd2/0x200
[  115.861017][ T7139]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  115.861046][ T7139]  ? clear_bhb_loop+0x40/0x90
[  115.861070][ T7139]  ? clear_bhb_loop+0x40/0x90
[  115.861164][ T7139]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.861187][ T7139] RIP: 0033:0x7f2fd477e929
[  115.861203][ T7139] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  115.861284][ T7139] RSP: 002b:00007f2fd2de7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  115.861303][ T7139] RAX: ffffffffffffffda RBX: 00007f2fd49a5fa0 RCX: 00007f2fd477e929
[  115.861316][ T7139] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000007
[  115.861329][ T7139] RBP: 00007f2fd2de7090 R08: 0000000000000000 R09: 0000000000000000
[  115.861342][ T7139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  115.861355][ T7139] R13: 0000000000000000 R14: 00007f2fd49a5fa0 R15: 00007ffe35a36f58
[  115.861411][ T7139]  </TASK>
[  116.170671][ T7149] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1284'.
[  116.200508][ T7150] netlink: 'syz.1.1283': attribute type 21 has an invalid length.
[  116.250886][ T7148] netlink: 'syz.3.1285': attribute type 21 has an invalid length.
[  116.370877][ T7154] netlink: 'syz.4.1287': attribute type 13 has an invalid length.
[  116.901188][   T29] kauditd_printk_skb: 628 callbacks suppressed
[  116.901264][   T29] audit: type=1400 audit(1749384631.858:11218): avc:  denied  { ioctl } for  pid=7165 comm="syz.6.1289" path="socket:[16942]" dev="sockfs" ino=16942 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  117.011198][ T7169] 9pnet_fd: Insufficient options for proto=fd
[  117.029785][ T7171] FAULT_INJECTION: forcing a failure.
[  117.029785][ T7171] name failslab, interval 1, probability 0, space 0, times 0
[  117.042515][ T7171] CPU: 1 UID: 0 PID: 7171 Comm: syz.1.1291 Not tainted 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(voluntary) 
[  117.042572][ T7171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  117.042588][ T7171] Call Trace:
[  117.042621][ T7171]  <TASK>
[  117.042630][ T7171]  __dump_stack+0x1d/0x30
[  117.042721][ T7171]  dump_stack_lvl+0xe8/0x140
[  117.042795][ T7171]  dump_stack+0x15/0x1b
[  117.042818][ T7171]  should_fail_ex+0x265/0x280
[  117.042846][ T7171]  ? pagemap_read+0x184/0x5e0
[  117.042872][ T7171]  should_failslab+0x8c/0xb0
[  117.042899][ T7171]  __kmalloc_cache_noprof+0x4c/0x320
[  117.043097][ T7171]  pagemap_read+0x184/0x5e0
[  117.043129][ T7171]  ? __pfx_pagemap_read+0x10/0x10
[  117.043156][ T7171]  vfs_read+0x1a0/0x6f0
[  117.043182][ T7171]  ? __rcu_read_unlock+0x4f/0x70
[  117.043214][ T7171]  ? __fget_files+0x184/0x1c0
[  117.043305][ T7171]  __x64_sys_pread64+0xfd/0x150
[  117.043390][ T7171]  x64_sys_call+0x296d/0x2fb0
[  117.043421][ T7171]  do_syscall_64+0xd2/0x200
[  117.043490][ T7171]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  117.043571][ T7171]  ? clear_bhb_loop+0x40/0x90
[  117.043601][ T7171]  ? clear_bhb_loop+0x40/0x90
[  117.043703][ T7171]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.043757][ T7171] RIP: 0033:0x7fe83f58e929
[  117.043776][ T7171] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  117.043801][ T7171] RSP: 002b:00007fe83dbf7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[  117.043827][ T7171] RAX: ffffffffffffffda RBX: 00007fe83f7b5fa0 RCX: 00007fe83f58e929
[  117.043894][ T7171] RDX: 0000000000200000 RSI: 0000200000001240 RDI: 0000000000000006
[  117.043912][ T7171] RBP: 00007fe83dbf7090 R08: 0000000000000000 R09: 0000000000000000
[  117.043927][ T7171] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  117.043940][ T7171] R13: 0000000000000000 R14: 00007fe83f7b5fa0 R15: 00007ffe57db9fc8
[  117.044038][ T7171]  </TASK>
[  117.062865][ T7172] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1290'.
[  117.262316][ T7172] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1290'.
[  117.277633][ T7169] loop6: detected capacity change from 0 to 512
[  117.304801][   T29] audit: type=1326 audit(1749384632.238:11219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7173 comm="syz.4.1292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28d2d4e929 code=0x7ffc0000
[  117.331241][   T29] audit: type=1326 audit(1749384632.238:11220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7173 comm="syz.4.1292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28d2d4e929 code=0x7ffc0000
[  117.356891][   T29] audit: type=1326 audit(1749384632.238:11221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7173 comm="syz.4.1292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f28d2d4e929 code=0x7ffc0000
[  117.381335][   T29] audit: type=1326 audit(1749384632.238:11222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7173 comm="syz.4.1292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28d2d4e929 code=0x7ffc0000
[  117.415130][   T29] audit: type=1326 audit(1749384632.238:11223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7173 comm="syz.4.1292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7f28d2d4e929 code=0x7ffc0000
[  117.435316][ T7169] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  117.441969][   T29] audit: type=1326 audit(1749384632.238:11224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7173 comm="syz.4.1292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28d2d4e929 code=0x7ffc0000
[  117.477351][   T29] audit: type=1326 audit(1749384632.238:11225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7173 comm="syz.4.1292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f28d2d4e929 code=0x7ffc0000
[  117.502080][   T29] audit: type=1326 audit(1749384632.238:11226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7173 comm="syz.4.1292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28d2d4e929 code=0x7ffc0000
[  117.525771][   T29] audit: type=1326 audit(1749384632.238:11227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7173 comm="syz.4.1292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f28d2d50847 code=0x7ffc0000
[  117.559536][ T7169] EXT4-fs (loop6): 1 truncate cleaned up
[  117.571966][ T7169] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  117.616909][ T7169] EXT4-fs error (device loop6): mb_free_blocks:1948: group 0, inode 15: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[  117.670414][ T7186] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1297'.
[  118.065834][ T7204] netlink: 'syz.1.1302': attribute type 21 has an invalid length.
[  118.111073][ T7201] loop4: detected capacity change from 0 to 164
[  118.124423][ T7201] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  118.135566][ T7201] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  118.146182][ T7201] Symlink component flag not implemented
[  118.151917][ T7201] Symlink component flag not implemented
[  118.158089][ T7201] Symlink component flag not implemented (7)
[  118.165066][ T7201] Symlink component flag not implemented (116)
[  118.244705][ T7206] loop3: detected capacity change from 0 to 512
[  118.257719][ T7206] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  118.292109][ T7206] ext4 filesystem being mounted at /300/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  118.426190][   T36] IPVS: starting estimator thread 0...
[  118.464663][ T7212] IPVS: ovf: UDP 224.0.0.2:20004 - no destination available
[  118.541660][ T7219] netlink: 260 bytes leftover after parsing attributes in process `syz.4.1306'.
[  118.644589][ T7217] IPVS: using max 2256 ests per chain, 112800 per kthread
[  118.746573][ T7227] loop4: detected capacity change from 0 to 512
[  118.770902][ T7227] EXT4-fs: Ignoring removed nomblk_io_submit option
[  118.858306][ T6736] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.876167][ T7227] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  118.885196][ T7227] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=c040e118, mo2=0002]
[  118.945731][ T7227] EXT4-fs (loop4): orphan cleanup on readonly fs
[  118.977829][ T7227] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  118.996163][ T7227] EXT4-fs (loop4): Cannot turn on quotas: error -22
[  119.038064][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.058044][ T7227] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1309: bg 0: block 40: padding at end of block bitmap is not set
[  119.087829][ T7227] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  119.099488][ T7227] EXT4-fs (loop4): 1 truncate cleaned up
[  119.113229][ T7227] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  119.133548][ T7227] netlink: 'syz.4.1309': attribute type 10 has an invalid length.
[  119.145677][ T7227] team0: Port device dummy0 added
[  119.151793][ T7227] netlink: 'syz.4.1309': attribute type 10 has an invalid length.
[  119.161381][ T7227] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  119.173087][ T7227] team0: Failed to send options change via netlink (err -105)
[  119.180935][ T7227] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  119.200809][ T7227] team0: Port device dummy0 removed
[  119.237311][ T7227] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  119.377100][ T7251] netlink: 'syz.0.1317': attribute type 21 has an invalid length.
[  119.631397][ T7261] lo speed is unknown, defaulting to 1000
[  119.639629][ T7261] lo speed is unknown, defaulting to 1000
[  119.714887][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.742152][ T7264] loop6: detected capacity change from 0 to 512
[  119.766935][ T7264] EXT4-fs error (device loop6): ext4_orphan_get:1419: comm syz.6.1319: bad orphan inode 11
[  119.778256][ T7264] ext4_test_bit(bit=10, block=4) = 1
[  119.783914][ T7264] is_bad_inode(inode)=0
[  119.789055][ T7264] NEXT_ORPHAN(inode)=2080374784
[  119.794572][ T7264] max_ino=32
[  119.797891][ T7264] i_nlink=0
[  119.804112][ T7267] 9pnet_fd: Insufficient options for proto=fd
[  119.812731][ T7267] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1320'.
[  119.817048][ T7269] loop4: detected capacity change from 0 to 2048
[  119.823012][ T7267] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1320'.
[  119.831120][ T7264] EXT4-fs (loop6): 1 truncate cleaned up
[  119.848017][ T7267] loop3: detected capacity change from 0 to 512
[  119.857691][ T7264] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  119.872175][ T7267] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  119.903164][ T7269]  loop4: p1 < > p4
[  119.908453][ T7269] loop4: p4 size 8388608 extends beyond EOD, truncated
[  119.922992][ T7267] EXT4-fs (loop3): 1 truncate cleaned up
[  119.930815][ T7267] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  119.955953][ T7267] EXT4-fs error (device loop3): mb_free_blocks:1948: group 0, inode 15: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[  119.986134][ T6736] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  120.036940][ T7274] 9pnet_fd: Insufficient options for proto=fd
[  120.160095][ T7285] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  120.207744][ T7285] SELinux: failed to load policy
[  120.520271][ T7307] netlink: 'syz.1.1332': attribute type 21 has an invalid length.
[  120.903849][ T7313] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1333'.
[  120.916696][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.076369][ T7322] loop4: detected capacity change from 0 to 2048
[  121.165473][ T7322]  loop4: p1 < > p4
[  121.170821][ T7322] loop4: p4 size 8388608 extends beyond EOD, truncated
[  121.473015][ T7336] random: crng reseeded on system resumption
[  121.834167][ T7336] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1342'.
[  121.856861][ T7336] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1342'.
[  122.058032][ T7350] 9pnet_fd: Insufficient options for proto=fd
[  122.106466][ T7350] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1346'.
[  122.115459][ T7350] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1346'.
[  122.126602][ T7352] netlink: 332 bytes leftover after parsing attributes in process `syz.0.1347'.
[  122.138498][ T7350] loop3: detected capacity change from 0 to 512
[  122.145838][ T7352] netlink: 'syz.0.1347': attribute type 9 has an invalid length.
[  122.153732][ T7352] netlink: 108 bytes leftover after parsing attributes in process `syz.0.1347'.
[  122.162939][ T7352] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1347'.
[  122.172139][ T7350] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  122.187498][ T7357] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1347'.
[  122.196523][ T7350] EXT4-fs (loop3): 1 truncate cleaned up
[  122.196993][ T7350] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  122.202574][ T7357] bridge_slave_1: left allmulticast mode
[  122.220797][ T7357] bridge_slave_1: left promiscuous mode
[  122.221740][   T29] kauditd_printk_skb: 373 callbacks suppressed
[  122.221834][   T29] audit: type=1400 audit(1749384637.148:11600): avc:  denied  { ioctl } for  pid=7351 comm="syz.0.1347" path="socket:[17206]" dev="sockfs" ino=17206 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  122.226570][ T7357] bridge0: port 2(bridge_slave_1) entered disabled state
[  122.241016][ T7350] EXT4-fs error (device loop3): mb_free_blocks:1948: group 0, inode 15: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[  122.287658][ T7357] bridge_slave_0: left allmulticast mode
[  122.293790][ T7357] bridge_slave_0: left promiscuous mode
[  122.299985][ T7357] bridge0: port 1(bridge_slave_0) entered disabled state
[  122.399507][ T7362] lo speed is unknown, defaulting to 1000
[  122.413029][ T7362] lo speed is unknown, defaulting to 1000
[  122.425719][ T7365] netlink: 'syz.6.1351': attribute type 4 has an invalid length.
[  122.426747][   T29] audit: type=1326 audit(1749384637.378:11601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7363 comm="syz.6.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fd477e929 code=0x7ffc0000
[  122.449901][ T7365] netlink: 'syz.6.1351': attribute type 4 has an invalid length.
[  122.458688][   T29] audit: type=1326 audit(1749384637.388:11602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7363 comm="syz.6.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2fd477e929 code=0x7ffc0000
[  122.492436][   T29] audit: type=1326 audit(1749384637.388:11603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7363 comm="syz.6.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fd477e929 code=0x7ffc0000
[  122.518650][   T29] audit: type=1326 audit(1749384637.388:11604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7363 comm="syz.6.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f2fd477e929 code=0x7ffc0000
[  122.542653][   T29] audit: type=1326 audit(1749384637.388:11605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7363 comm="syz.6.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fd477e929 code=0x7ffc0000
[  122.566651][   T29] audit: type=1326 audit(1749384637.388:11606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7363 comm="syz.6.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2fd477e929 code=0x7ffc0000
[  122.590944][   T29] audit: type=1326 audit(1749384637.388:11607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7363 comm="syz.6.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fd477e929 code=0x7ffc0000
[  122.616315][   T29] audit: type=1326 audit(1749384637.388:11608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7363 comm="syz.6.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=20 compat=0 ip=0x7f2fd477e929 code=0x7ffc0000
[  122.641827][   T29] audit: type=1326 audit(1749384637.388:11609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7363 comm="syz.6.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fd477e929 code=0x7ffc0000
[  122.698708][ T7366] netlink: 'syz.1.1352': attribute type 21 has an invalid length.
[  122.733912][ T7380] loop4: detected capacity change from 0 to 1024
[  122.771839][ T7382] loop0: detected capacity change from 0 to 512
[  122.785398][ T7382] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  122.828028][ T7382] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  122.842708][ T7382] ext4 filesystem being mounted at /263/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  122.856993][ T7380] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  122.925664][ T7382] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  123.020663][ T3309] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 16: block 81:freeing already freed block (bit 5); block bitmap corrupt.
[  123.059744][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  123.264866][ T7399] netlink: 'syz.4.1361': attribute type 4 has an invalid length.
[  123.300830][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  123.312613][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  123.327480][ T7399] netlink: 'syz.4.1361': attribute type 3 has an invalid length.
[  123.337310][ T7399] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1361'.
[  123.351347][ T7399] FAULT_INJECTION: forcing a failure.
[  123.351347][ T7399] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  123.365880][ T7399] CPU: 1 UID: 0 PID: 7399 Comm: syz.4.1361 Not tainted 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(voluntary) 
[  123.365945][ T7399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  123.365962][ T7399] Call Trace:
[  123.365971][ T7399]  <TASK>
[  123.366021][ T7399]  __dump_stack+0x1d/0x30
[  123.366048][ T7399]  dump_stack_lvl+0xe8/0x140
[  123.366095][ T7399]  dump_stack+0x15/0x1b
[  123.366117][ T7399]  should_fail_ex+0x265/0x280
[  123.366145][ T7399]  should_fail+0xb/0x20
[  123.366167][ T7399]  should_fail_usercopy+0x1a/0x20
[  123.366248][ T7399]  _copy_from_iter+0xcf/0xe40
[  123.366372][ T7399]  ? __build_skb_around+0x1a0/0x200
[  123.366418][ T7399]  ? __alloc_skb+0x223/0x320
[  123.366444][ T7399]  netlink_sendmsg+0x471/0x6b0
[  123.366479][ T7399]  ? __pfx_netlink_sendmsg+0x10/0x10
[  123.366571][ T7399]  __sock_sendmsg+0x142/0x180
[  123.366618][ T7399]  ____sys_sendmsg+0x31e/0x4e0
[  123.366652][ T7399]  ___sys_sendmsg+0x17b/0x1d0
[  123.366729][ T7399]  __x64_sys_sendmsg+0xd4/0x160
[  123.366774][ T7399]  x64_sys_call+0x2999/0x2fb0
[  123.366802][ T7399]  do_syscall_64+0xd2/0x200
[  123.366873][ T7399]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  123.366909][ T7399]  ? clear_bhb_loop+0x40/0x90
[  123.366938][ T7399]  ? clear_bhb_loop+0x40/0x90
[  123.367005][ T7399]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.367029][ T7399] RIP: 0033:0x7f28d2d4e929
[  123.367045][ T7399] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  123.367066][ T7399] RSP: 002b:00007f28d13b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  123.367087][ T7399] RAX: ffffffffffffffda RBX: 00007f28d2f75fa0 RCX: 00007f28d2d4e929
[  123.367121][ T7399] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 000000000000000f
[  123.367134][ T7399] RBP: 00007f28d13b7090 R08: 0000000000000000 R09: 0000000000000000
[  123.367147][ T7399] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  123.367211][ T7399] R13: 0000000000000000 R14: 00007f28d2f75fa0 R15: 00007fff2bb92508
[  123.367232][ T7399]  </TASK>
[  123.678066][ T7411] FAULT_INJECTION: forcing a failure.
[  123.678066][ T7411] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  123.692353][ T7411] CPU: 0 UID: 0 PID: 7411 Comm: syz.3.1366 Not tainted 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(voluntary) 
[  123.692391][ T7411] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  123.692424][ T7411] Call Trace:
[  123.692432][ T7411]  <TASK>
[  123.692443][ T7411]  __dump_stack+0x1d/0x30
[  123.692472][ T7411]  dump_stack_lvl+0xe8/0x140
[  123.692500][ T7411]  dump_stack+0x15/0x1b
[  123.692522][ T7411]  should_fail_ex+0x265/0x280
[  123.692547][ T7411]  should_fail+0xb/0x20
[  123.692571][ T7411]  should_fail_usercopy+0x1a/0x20
[  123.692604][ T7411]  _copy_to_user+0x20/0xa0
[  123.692661][ T7411]  simple_read_from_buffer+0xb5/0x130
[  123.692710][ T7411]  proc_fail_nth_read+0x100/0x140
[  123.692744][ T7411]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  123.692792][ T7411]  vfs_read+0x1a0/0x6f0
[  123.692814][ T7411]  ? __rcu_read_unlock+0x4f/0x70
[  123.692914][ T7411]  ? __fget_files+0x184/0x1c0
[  123.692953][ T7411]  ksys_read+0xda/0x1a0
[  123.693038][ T7411]  __x64_sys_read+0x40/0x50
[  123.693069][ T7411]  x64_sys_call+0x2d77/0x2fb0
[  123.693110][ T7411]  do_syscall_64+0xd2/0x200
[  123.693142][ T7411]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  123.693211][ T7411]  ? clear_bhb_loop+0x40/0x90
[  123.693242][ T7411]  ? clear_bhb_loop+0x40/0x90
[  123.693296][ T7411]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.693325][ T7411] RIP: 0033:0x7ff4b4abd33c
[  123.693347][ T7411] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  123.693373][ T7411] RSP: 002b:00007ff4b3127030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  123.693400][ T7411] RAX: ffffffffffffffda RBX: 00007ff4b4ce5fa0 RCX: 00007ff4b4abd33c
[  123.693417][ T7411] RDX: 000000000000000f RSI: 00007ff4b31270a0 RDI: 0000000000000003
[  123.693435][ T7411] RBP: 00007ff4b3127090 R08: 0000000000000000 R09: 0000000000000000
[  123.693528][ T7411] R10: 0000000000002000 R11: 0000000000000246 R12: 0000000000000001
[  123.693547][ T7411] R13: 0000000000000000 R14: 00007ff4b4ce5fa0 R15: 00007ffde5e9a218
[  123.693576][ T7411]  </TASK>
[  124.296582][ T7441] ==================================================================
[  124.306543][ T7441] BUG: KCSAN: data-race in call_rcu / mas_state_walk
[  124.316335][ T7441] 
[  124.319595][ T7441] write to 0xffff888104662608 of 8 bytes by task 7437 on cpu 1:
[  124.330305][ T7441]  call_rcu+0x48/0x3e0
[  124.335063][ T7441]  mas_wmb_replace+0xc6a/0x14a0
[  124.341375][ T7441]  mas_wr_store_entry+0x1773/0x2b50
[  124.347172][ T7441]  mas_store_prealloc+0x74d/0x9e0
[  124.354003][ T7441]  vma_iter_store_new+0x1c5/0x200
[  124.359374][ T7441]  vma_complete+0x125/0x580
[  124.364235][ T7441]  __split_vma+0x591/0x650
[  124.369343][ T7441]  vma_modify+0x21e/0xca0
[  124.373860][ T7441]  vma_modify_flags+0x101/0x130
[  124.379011][ T7441]  mprotect_fixup+0x2cc/0x570
[  124.384516][ T7441]  do_mprotect_pkey+0x6d6/0x980
[  124.389527][ T7441]  __x64_sys_mprotect+0x48/0x60
[  124.394871][ T7441]  x64_sys_call+0x2794/0x2fb0
[  124.400434][ T7441]  do_syscall_64+0xd2/0x200
[  124.405435][ T7441]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.412014][ T7441] 
[  124.415507][ T7441] read to 0xffff888104662608 of 8 bytes by task 7441 on cpu 0:
[  124.427519][ T7441]  mas_state_walk+0x28f/0x650
[  124.432458][ T7441]  mas_walk+0x30/0x120
[  124.436833][ T7441]  lock_vma_under_rcu+0xa2/0x2f0
[  124.442462][ T7441]  do_user_addr_fault+0x233/0x1090
[  124.447996][ T7441]  exc_page_fault+0x62/0xa0
[  124.452671][ T7441]  asm_exc_page_fault+0x26/0x30
[  124.457850][ T7441] 
[  124.460310][ T7441] value changed: 0x000055555f07afff -> 0xffff888104662908
[  124.467809][ T7441] 
[  124.470601][ T7441] Reported by Kernel Concurrency Sanitizer on:
[  124.477837][ T7441] CPU: 0 UID: 0 PID: 7441 Comm: syz.3.1383 Not tainted 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(voluntary) 
[  124.490961][ T7441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  124.502567][ T7441] ==================================================================