last executing test programs:

1.254481798s ago: executing program 4 (id=1255):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r1 = socket$inet6(0xa, 0x1, 0x8010000000000084)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c)
shutdown(r1, 0x1)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f00000000c0)=@assoc_value={0x0, 0xc4}, 0x8)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000180)={'batadv_slave_0\x00', <r3=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4)
bind$xdp(r0, &(0x7f0000000100)={0x2c, 0x6, r3, 0x0, r0}, 0x10)
r4 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
pread64(r4, &(0x7f0000001240)=""/102400, 0x200000, 0x0)

1.254296808s ago: executing program 2 (id=1256):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0affff0000000000000000000400000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000ac0), &(0x7f0000000300), 0x800, r0}, 0x38)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000002c0)={r0, 0x0, &(0x7f0000000040)=""/7}, 0x20)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f00000000c0)=0xc)
move_pages(r1, 0x1, &(0x7f0000000100)=[&(0x7f0000ffc000/0x1000)=nil], &(0x7f0000000140)=[0x100, 0x0], &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x4)

1.250744828s ago: executing program 2 (id=1257):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, &(0x7f0000000040)})
rt_sigaction(0x19, &(0x7f0000000000)={0xfffffffffffffffc, 0x44000006, 0x0}, 0x0, 0x8, &(0x7f0000000440))
r0 = memfd_create(&(0x7f00000006c0)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\xf2\xed\x04\x00\x00\x00\xd4N\x12\x9b\x1f\t\xd1Z+\x86T\x16\xf8\x01\x00\x00\x00\x9f+\x8d!\x0fG\xab\xc2\xdc\xa3\xb3\xae8\x9f9?\xefo\xa4k\x01\xb2>\xa1\x9c\x86xm\xe6\x9bZ4\x91\x1a\xdb\xdd\x89\xb9\xc0LF;\xd6\x84\x195\x06\x00\x00\x00~\xf3S\x12\"p^\xc1jP\x8a\xc6[\xbd\xe7q]\xdd\r\x1aZS\x01*\x1b\xfd\xbcMA\xdcq\xa1\x00\xb3\xf9\x91r\x7f\xdc\xf1\xc3G,\xdb\xccS\x15\x95b\x17\xab\xe4?\x96\x95\xa4kP\x99YO\xb8V\xd5p\x90X\xaaf', 0x0)
signalfd(r0, &(0x7f0000000080)={[0x4]}, 0x8)
ioctl$EXT4_IOC_GET_ES_CACHE(r0, 0xc020662a, 0x0)
r1 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setlease(r1, 0x400, 0x300)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001", @ANYRES16=r3], 0x7c}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r5}, 0x0, &(0x7f0000000200)}, 0x20)
mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000000300)={0x0, 0xfffffffffffffff7, 0x7})
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
r7 = socket$netlink(0x10, 0x3, 0x14)
r8 = openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
write$binfmt_misc(r8, &(0x7f00000006c0)="8b9add72c10cfcacfa9c1d600d5a1f254cd9fa9a819c35e26928c08a2cdf7f3e72f75134a333769fad806281b1e4d9b7a022e390dd52916e48a9d21bb06a31c4eb02ed940071875354fa8486bf2bcd087df1f37cbddd961282ccdcac47189c1bf43bbebcf1e700bba2cd1d4ef4127a23e5fd98fa0e2f36ead8d40229e46cc88be62deba7ee78629fa7709926e31e362b954180209e2bc021e720268f845ed6b9e7b6b24825fd3f6f", 0xa8)
r9 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r10 = syz_pidfd_open(r9, 0x0)
process_madvise(r10, 0x0, 0x0, 0x0, 0x0)
r11 = syz_genetlink_get_family_id$smc(&(0x7f0000000200), r7)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f00000004c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000480)={&(0x7f00000003c0)=ANY=[@ANYBLOB='( \x00\x00', @ANYRES16=r11, @ANYBLOB="02002bbd7000fedbdf25020000000900030073797a30000000000500040002000000"], 0x28}}, 0x40)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x38, 0x1403, 0x1, 0x0, 0x0, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'bond_slave_1\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4080004}, 0x0)
r12 = syz_open_procfs(0x0, &(0x7f0000000280)='cmdline\x00')
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="7472616d73a0834a14d3923c8909eef60e9432ddc45b269c830511d7cd45594c3a1719ee5d3550e33bd70869482e4ca98e9d4e4737d01d5e004b7ba92e046f7a3111cc81000000000000000000000000000000da346f38c631bd92fae0276bd5538ba4699c10ed8fc67c59bb966dc3221fd6e78f16cca99d76dae0fd6798ced06a253f9f9952ec3016bf1a1ad0d43ad4c5849ae0bafe9a2bcc1e56c41231c2c53f0edf8a691587b060f59a99bdf425a2b39faa6eff7afae7c51b288299141dcf64dfae6353b563390f4a2bd553c76810434446cf8dcab36ca73176495f546c7c4e422ba10d85", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r12, @ANYBLOB=',\x00'])
syz_io_uring_setup(0x4973, &(0x7f0000000380)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000340))

1.201842648s ago: executing program 2 (id=1258):
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000000)={0x18, 0x0, {0x2, @dev, 'veth1_to_batadv\x00'}}, 0x1e)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000300000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
connect$pppoe(r0, &(0x7f0000000900)={0x18, 0x0, {0x0, @empty, 'vlan0\x00'}}, 0x1e)

1.142590438s ago: executing program 2 (id=1260):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000030000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r2)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="7961000000e2ffffff007e000000"], 0x14}}, 0x4000054)

1.112543108s ago: executing program 2 (id=1262):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000440)={'gre0\x00', 0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000500)={'ip6gre0\x00', 0x0})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff00000085"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
inotify_init() (fail_nth: 7)

853.098689ms ago: executing program 4 (id=1265):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = socket(0x1e, 0x4, 0x0)
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
sendmmsg(r2, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
close_range(r1, 0xffffffffffffffff, 0x0)

810.137309ms ago: executing program 2 (id=1267):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x210000000013, &(0x7f0000000580)=0x100000001, 0x4)
connect$inet(r1, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000600), 0x0)
ioctl$sock_inet_tcp_SIOCINQ(r1, 0x541b, &(0x7f00000000c0))
clock_nanosleep(0x2, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x0)

748.858869ms ago: executing program 4 (id=1271):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x20000000000000f4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000003c0)={@cgroup, 0x3c, 0x0, 0xa, &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0], 0x4, 0x0, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000340)=[0x0, 0x0], <r4=>0x0}, 0x40)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f00000004c0)={0x3, <r5=>0x0}, 0x8)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000400)={@fallback=r0, r2, 0xd, 0x2020, 0x0, @void, @void, @value=r5, @void, r4}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
r7 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r7, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000000)={<r8=>0xffffffffffffffff}, 0x2, 0xc}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r7, &(0x7f0000000280)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0x7ff, @empty, 0x1}, {0xa, 0x4e20, 0x1ff, @dev={0xfe, 0x80, '\x00', 0x2f}, 0x9}, r8, 0xb}}, 0x48)
write$RDMA_USER_CM_CMD_DESTROY_ID(r7, &(0x7f0000000380)={0x1, 0x10, 0xfa00, {&(0x7f0000000300), r8}}, 0x18)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

698.342499ms ago: executing program 3 (id=1272):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
accept4$vsock_stream(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r0, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r1, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x2, 0x13, 0x0, 0x0, 0x2}, 0x10}}, 0x0)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f00000001c0), 0x4)
sendmsg$key(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x2, 0x12, 0x0, 0x0, 0x2}, 0x10}}, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

698.143329ms ago: executing program 4 (id=1273):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000030000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r2)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="7961000000e2ffffff007e000000"], 0x14}}, 0x4000054)

645.447249ms ago: executing program 4 (id=1274):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
accept4$vsock_stream(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r0, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r1, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2c}}, 0x10)
connect$inet(r2, &(0x7f0000000080)={0x2, 0x0, @multicast2}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r4}, 0x10)
sendmmsg$inet(r2, &(0x7f0000004540)=[{{&(0x7f0000000040)={0x2, 0x4e22, @multicast1}, 0x7e1f, 0x0}, 0xee0000b0}, {{0x0, 0x0, &(0x7f00000012c0)=[{&(0x7f0000001100)="15b26f226e2966667482d50903b0a8d92ccd9e69d5cc4cb3d467a670b237a9225fb56c0f7ea725dee27c4bb43bb50c6748c83b71d59f0537405dfab648c096607340fac939a2efd31cbe2f8ca29c409e87ea0974b7bceff9afef5d07d691575f5115f2f961ad488e3386036913e98181a6034febaab853a3e928b9035b0e3a8e1cb393c70f6d0448970e0af2476f8b923ee09c19deca55d58f70e8eeff55dda6381cb96afe97196c0af0a8fd450a1447a1a521e2c211fb84cbcf4aebd31298972ec6bea1764fbde5500fa30c5f2459cff4d7f123ab94cfd5762d586ec7a28abc2f8c9e608f8f964b96ecb0883d60d444f317834a3d734cb304051a60d1a084a84da8f9a23a1b9d4951c0a81985c63ae193f40e9deb358b2f08553324fd6086be9e70e5061568abefebcda50e70f4dab2e4dc0cf6d85aced044d7005326922886194895267165f7f592036ebe11dcf1cad98f5cda766eaea90fb4cb5e793525126c7594f8599055192d63a81d3cd26aadd50983f1c3f1d4655c1b5f59e80f733e3abc4792b760729fd26298ef15141cf76cc4", 0xc3}, {&(0x7f0000000d80)="7d68e6de85f9b0cbc9d710267f321ec64eab043ecad9af7e01e9463218ec45924a99867163e468d36a682fadd749caa325e685d75559a87139e02fae7271be8f55671cfd32a09896278d1941370174720838039d0989bc3394b8a4c4f4a30f0496be313d6d60fe47966c634a3ee1f659e8ef310647725bda0130d5de5028220a4cf5fc808a75694738ee26cb21302b4bba4265b845a5d5dce706d9820c6936b122f9658446d74a9016b94424971dd443a6907eb5c73b6b200e92b23f2c36a214729b0bc231511e4c", 0xc8}, {&(0x7f0000000380)="73fd71361e8d6c80ae1bc9953e2a4aeac7a314273066fc7f65a51969b46df1774bb0be94ccd4824f2d57ad2cd37242b1258402395481f9f07e067652e52aa8ccefcd0962ba0c48757b68d493f3ad702e65d4daa7dfc1605a173185472ae12470eea64c70ef4e64793b8a830447de0f423bef3964934eef4243cac42939ba6fa68d821b9373b5f3e2c26e7ca75ed8fb3203aef3a6637cecdd0251532b99537e02f604058f50e66c8a657d59beeed127695475f082d3d2b9790181fc987ad000ac00887d1506be89f388ecb405660b4ea196ee8f5a92b12ec43bbf49567db613d478ebe2358364f7600bf4f80ef4b2756fb13416c4fa22880cc96a03f07888575aedb001d5a74bb2f906797912b5ac080a0a3d361425f1a92ab03bbe65d5dcb235f43b5ad1162a16ebdc647baac013bf076945126cdd5a080853976a97ad55184601102fbb8df86b21aa8162858d74465c5fb7dc766602a3567f6eaf441f85ec50ca7fb3a4fdb450d1420531da25d01a412958a5e3895c59542238cf8e188e7fb5641eb24a5f1819bf8d2e9dd6c1d0e93564d723e311db9cd268bb1e477036e822b135cdbaf40f812aa7db01d22c829ab01ae24997dae96ddeed49e62d285701d5419e3f94a8b95790cf5a296ed15bffae1f71470c6a6eda872528844a2df42590d898630263cab5cccec57b7cea365ad8c91bfbe7cb419635ce6bf340a56115c0ad922b6fade9538e543bc5def2a85d35ab16d20c219c4733837be2c14ba4d3d32c3a6882ce6857626f55109b4cdcb634425d710bf3108f9b31b4af0cc17a58e49e871a56126dd8bed08e038ba64008587237b3442d28032e52fc9fae1a5784ba59d0edfa03d38352724903ed6f6970b3f4dfa6e40bf933b6765c6ee648174765f1e8ec71b80cac86abd065a3005b40a43a665707cc590997c5048183006a9dd8026d39def05950183b3d4f12f4e1644ef78cddac7c5569985c2c232bb350f28857675339e53f63a868704d2e0b38993dc57a02d3e297fc9a5b9384622841018c303a05bac25d509df5a2d0e3232927283fcc3ec67e4fa7b71d22f115cf693851dcceab4bce38cbfbb32829e211cdcb6a359e14fe416663541050d340aef2555dbd292bd9cbab8fcf20378149cc994569c2bc95fb33fd2d9321b8ac8e5160b02e202492f470eb719a8f2ac3a4be37ea0918b54b14789b7aa228d47f7b13fd9af608740c5a8fe02109a7cc0e555b22628ef790e513ecadfd338d30aed8ca219e64ee4fb0bd0e21e5101bf2072ffa071eb1aa0454caccc015ff1e166813f819a142b56a22e4ff387bb319288a0ef747c6fc8fdee3a0e193b0d086eb816e97e0322fcdaa30da61cd26ac9d8d0748fccd911ce0fd4adc953e9486e137fe66bc8aedfd5b78c562ebfc578ac9f96a453311766564541e16955e30b95914e9411a0b4cd95e0d8732d5ff7a4f921ef41d986a195334266585353b16b9449955523913a30c087532bcb899f733af3abea59baea174cf04359547a633b5f8a582ae3ef12a1d0125bef8c6e8c9fb589d3597c5ab3879491b0c5e3607203f06836a6805d3f7979c4325f9fecb2aceddedb272237132460cda812ef7d613a585898d59f92ef68ec95f12b47b440f6d899ecbfab48055e0c1605ba4cd9dbc17c4cbfec8a953ebbd38c45a6737a57ee58e21a20e530171137968ae4f0d0366cdb0b9d6a4667b011fcd7cd9e77364e5221989d8f0d80793260e748e3bd394849c090c744f6044328304cd6f02e941c5405647daffc1fd2f2864b37f92bbf4931c8e4a7c6bafd0ea79d39d330e70e6776bf6a926de227e5a43653bba04883e98d67bb64aa86e8bf271ba87604bc598e47f2992c7618ad25068860a481554b53352c7339de7e79c3bd1aed5bef8f398432858c888a5d8651969ea40eb3d486e9fe61d49b20500fdfd1548f567da970103d36730657c35d03d2c36b142665f62203b1fb12d616478cfef6f38b34cda87a634dd06d359f33e98b94a5e5b46b2a8d73126352d1d5b65af75055455cc903e384c41876fbdff935d047284d9d203b147a6ba0e9cb50beef7798886c33d2f2f0c0d9abe0e32c7c809f8b0b28fc59471987353c862a311776b8275bf319d5cb9a59f8f103b6e567ef5dd8859973cc3fe41e356bf5bd3186240e49286977eca36a8ad44185973b276cd7958b73e14a221b7fd567818bebf54ad27ee95161bd2aeeb356482ff467500a7d36f0464f58a591ec6b728f984ec78d0abe14c6d3411ac3ffc4c3179d1f95d029f26cceb545723519d3d4209a2b1243e78767273c13dc2bd320512674b6f1a50313bae7b9d16aebb476dbc829e8fd8dd46a1696efaff5795cf75de57c90f05ed9ef4a5cdfbf20d3d9ed95fb4114b1d5c9ade0856212e7ba330ce5bccf2c993dff89112b28bd3b17d3fcfacef7590f62bf948977dd79e2d8025946c80bf263e34035409b5ba1443d4929727180761bd56d258c3670a0aa4de21111fc3172367582de2d164ff3a18d0696b8dd8e5c1423b2ea1e2c0cfe141e4cf04f8cdaed48976b94c40d6a581300458661bbdbfeeb4969af6319eb1798843d0872f68f0c6537bbc9c7dd1e9b0564bf442d8d25f8aa884aba1df074d374f99750d9227bb821ba0355f60de2829a5c8cd47c89d29a2e3d7d53d59db5c3ace8f484664202c210c68a3b33076fb00d59938e84fbad6d6618c0bb89cf94035fa2de4da351e0d71df416450ea7ec3af33aa5c0313c63e654bd79c73b39dc1933636956761058d76648746daca469f8fce62c17a8160cdefc6a927eef9ec4a8dd684e46f35282546ce2362ab8afedd39bf699fd7c2cde538f52ea43c08558f42ba77b2986b800c45fa76a130b30919b3e1d504573e3c1e7dd2dc5d81379df53d736511f1da4ad8791e46adb27bb5c38129e89edda0aed99dcc03fe400f7d05d48e3e9e17744e8487f8ac464c86f7332211fb9799e9d27a6832d5f17ccd1a2da255f6da047e4728dd80860c04391bca4b7833f0346866401ec20033bcf6dfa85fd1520de5a03b4f9f6f5d2f8d7b6e7d7df1cbe5c05e23e080cf335639c94c48aaeb0bfebbe79530d67d35fb101c91839954c0e50dd4b90a86428b22b0be1e906fee30f68d7ce4bf9c68eafe695f07f5e4e4d473d77104b7b1b5dcfeb84e8c83624c0068d4e1cccfe740f8e5d5699603f8481ef2a1f2d4b8fd2314c5cb1985fe34cf8ede7d2e8bddea269422490903489c7f5951114d7ccb29a19455a987d538955712a460243105b25ccb6e6f34c370a6bbb234bee150dbcea5188e45305253f1014f7c0b5d60d517d2d05707f5ca9249a921d6c5307caf41deca0509b49102d801320db65c00f6e1c05fb8c2e1cc554673bf6168dd64086b19af28eec508fd0c304837e802173ac9947c4d73929c61d9632ab929a25f2a04350954612c2de705c1c25215284fe933fc8ccfd30ab3fc9ff5e04dd68d4720d95a29d6da176ac9d332c9ce77358f3c262777ea828fe6473638bc77be2aa586a3733e275744bc42c3742c1ad8f89d25c31958902f2f498c58fc85e9b78fb7a331734cb081cfa9ccfd262df927c0ff46983f8765af4add3532de2b91f2436df028", 0x9fd}], 0x3}}, {{0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000001700)="a6", 0x1}], 0x300}}], 0x3, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x2, 0x13, 0x0, 0x0, 0x2}, 0x10}}, 0x0)
setsockopt$sock_int(r5, 0x1, 0x8, &(0x7f00000001c0), 0x4)
sendmsg$key(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x2, 0x12, 0x0, 0x0, 0x2}, 0x10}}, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

601.949799ms ago: executing program 3 (id=1276):
ioperm(0x83, 0x6, 0x4)
ioperm(0x5, 0xfffffffffffffa05, 0x8)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r2=>r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000600)='sys_enter\x00', r3}, 0x10)
move_pages(0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f00000000c0), 0x4b)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0xa, 0xc, &(0x7f00000007c0)=ANY=[@ANYRES16=r4, @ANYRESOCT=r0, @ANYBLOB="48ee25f5948ea62d621d08af78a874f48ca71dda63b0aa2f916fa3f436de989bc55f3774017976ccff6a4541bec315e0cc5f01121eb06d4afd5ff8ceca7a42c90edab2d18d02d7cf3e4e5a7ffe33465c3548c898e5b6cdced5740cc68d0b4b7c9ca3e2a73253192ee445c86b0e77b691cc9fcd594dbcd731bb02f9dcf786ab68f7d6801b71047f9f0beacb51b3030a5ad945eb37628caff35b3e2a14214afeb208fd3260fb22ef01b21783a511cbed9d1c70dd134ebb38303cceecffba3da14c87bca3af90bb90df3b180844c0116a716044ad31b57765a6749d3fa139f94bb0888ac33b49b7d603", @ANYRESDEC=r0, @ANYRESDEC=r1, @ANYRESOCT=r2], &(0x7f0000000380)='GPL\x00', 0x1000, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
rt_sigprocmask(0x0, 0x0, 0x0, 0x0)
r6 = getpid()
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r7, 0x0)
migrate_pages(0x0, 0xa6, &(0x7f0000000000)=0x8001, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r8 = add_key(&(0x7f00000002c0)='keyring\x00', &(0x7f0000000300)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
r9 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, r8)
r10 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB="00100000007c3f00000040000000000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r10, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r11}, 0x10)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r9, &(0x7f0000000240)='asymmetric\x00', &(0x7f00000000c0)=@chain)
add_key$keyring(&(0x7f00000003c0), &(0x7f0000000340)={'syz', 0x1}, 0x0, 0x0, r9)
rt_tgsigqueueinfo(r6, 0x0, 0xb, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r5}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

582.120939ms ago: executing program 4 (id=1279):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x33, 0x1, 0x0, 0x81, 0x0, 0x0, 0x10402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x26f16861, 0x3}, 0x0, 0x0, 0xfffffffd, 0x0, 0x2, 0x0, 0x1}, 0x0, 0x2, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000a00)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x4, 0xa2721, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x1)
r1 = socket$inet6_sctp(0xa, 0x801, 0x84)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = socket(0x1, 0x803, 0x0)
sendmsg$nl_xfrm(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="4000000012000501000001000000000005001900000000002800", @ANYRES64=r3], 0x40}}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f00000000c0)='lp\x00', 0x3)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000280))
socket$inet6(0xa, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_emit_ethernet(0xd2, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
getpid()
poll(0x0, 0x0, 0xe7f1)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCMIWAIT(r4, 0x545c, 0x0)
ioctl$TIOCVHANGUP(r4, 0x5437, 0x0)

533.226379ms ago: executing program 3 (id=1280):
r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000040), 0x8002)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="0b00000005000000020000c10400000005000000aed97f731501ce3adac506000000000000005140", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\b\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa600000000000007020000f8ffffffb703000008000000752e4500c9a1b70400000000000085000000030000009500"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000080)={'ip6tnl0\x00', &(0x7f0000000280)={'syztnl2\x00', <r4=>0x0, 0x4, 0x1, 0x8, 0xffff, 0x29, @dev={0xfe, 0x80, '\x00', 0xb}, @private1={0xfc, 0x1, '\x00', 0x1}, 0x20, 0x8, 0x577, 0xc0dc}})
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r4, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='hrtimer_init\x00', r5}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1e, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000940)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000200)='btrfs_clear_extent_bit\x00', r6, 0x0, 0x80}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000580)={{r3}, &(0x7f00000004c0), &(0x7f0000000500)=r5}, 0x20)
socketpair(0xa, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0_macvtap\x00'})
sendto$packet(r2, &(0x7f00000001c0)="0b040700e0ff030002004788aa96a13bb10e00000010000000000000007b7487fc1074ba02cd23f719a0ef95f052b3004305400f088d73f696ee60c5", 0x41, 0x10, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x11, 0x6, @broadcast}, 0x14)
write$binfmt_aout(r0, &(0x7f0000000380)=ANY=[@ANYBLOB="03070000b5"], 0xc8)
write$binfmt_aout(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="03010000b5"], 0xc8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000008c0)='rpc_request\x00'}, 0x18)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021501700001e0a05010000000000000000070000000900020073797a31000000000900010073797a300000000024170380300000802c000180250001"], 0x17d4}}, 0x2000c000)
r9 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNDEL(r9, 0x400448c9, &(0x7f0000000000))
perf_event_open(&(0x7f00000003c0)={0x4, 0x80, 0x3b, 0x1, 0x0, 0x0, 0x0, 0x89, 0x100a8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x2, @perf_config_ext={0x2, 0x7ffffffd}, 0xee50, 0x0, 0x2, 0x30b81f5e35be5d4c, 0x2, 0x0, 0x0, 0x0, 0x2, 0x0, 0x10000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$vcsu(&(0x7f0000000040), 0x1d, 0x200000)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="1b00000000000000000000006a0a000000000000", @ANYRES32, @ANYBLOB="0300"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000000000966814083ca344342fdea036b21e6a2e0ea038ea5ad53cf3315a1449f8e5ee0b82c924e086b2a7341837987f3b51d78d4be7f57f420a2d6e160fd8460b6e66a11dc04dea42b0e5cecf50432a76b1b59a6ae8d9ce86fd47489fcc9222d3592dd7be4316c2ea118cf62dbff4e07dfa464bbf6bad83ecac0dc27cbe2cc4b9b0945aaafcbc0c514d71427ccb4f23df902fc563f5cdc8994f7dd2847920b3d77abb1bf1d4e3d1fed6e58e0bd730fa7e63f352cb591f2e13e2e0aac9ee887665cf59eefc2100c062d71f00b333a56f0d8243a2c772ad714d452695b8055f40f92242ddfd33df17c14bb92bd6fb0de517368d58251d3f1a1b52d4c52ed698babcd1b7ffe4b0916356ff975ef91bb4ca54f3c66699299135740e85933b55e7342fac9612868ded9a454ed51ab38c8233163ba4d016eae28839fcb365149196e2"], 0x50)
socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r7, 0x10f, 0x87, &(0x7f0000000900)={0x4a, 0x1}, 0x10)
r10 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r10, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0x5}}, 0x10)
socket$tipc(0x1e, 0x5, 0x0)

445.403729ms ago: executing program 0 (id=1284):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000030000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r2)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="7961000000e2ffffff007e000000"], 0x14}}, 0x4000054)

432.393999ms ago: executing program 3 (id=1285):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800"/14, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000027b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket(0x11, 0x3, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000005c0)={'gre0\x00', <r4=>0x0})
bind$packet(r2, &(0x7f0000000180)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @dev}, 0x14)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000240)=0xe9, 0x4)
sendmsg$netlink(r2, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000280)=ANY=[@ANYBLOB="02011400012918000e3580009f0001140000002f0600ac141414e0000003808a8972bd0b72e41082b1a3d2061fd7fdfe4b88942a31f48597e36e039b1c599db6e466749c2d4c8303a0f7fbda34fb8825f80200e3c0aba61f6304a80500ffffca88faca"], 0xdd12}], 0x1}, 0x0)

397.34613ms ago: executing program 3 (id=1287):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000027b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket(0x11, 0x3, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000005c0)={'gre0\x00', <r4=>0x0})
bind$packet(r2, &(0x7f0000000180)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @dev}, 0x14)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000240)=0xe9, 0x4)
sendmsg$netlink(r2, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000280)=ANY=[@ANYBLOB="02011400012918000e3580009f0001140000002f0600ac141414e0000003808a8972bd0b72e41082b1a3d2061fd7fdfe4b88942a31f48597e36e039b1c599db6e466749c2d4c8303a0f7fbda34fb8825f80200e3c0aba61f6304a80500ffffca88faca"], 0xdd12}], 0x1}, 0x0)

392.53929ms ago: executing program 0 (id=1288):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0a000000010000000a00000007"], 0x48)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000005000000005e002200850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r2, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
sendto$inet6(r2, 0x0, 0x0, 0x0, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
recvfrom$inet6(r2, 0x0, 0x0, 0x0, 0x0, 0x0)

366.7678ms ago: executing program 3 (id=1289):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0xfe80, &(0x7f00000005c0)=[{&(0x7f0000000940)="2e00000010008188e6b62aa73772cc9f1ba1f8482e0000005e140602000000020e000a001000000002800000128c", 0x2e}], 0x1}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x7, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount_setattr(r4, &(0x7f0000001d80)='.\x00', 0x8000, &(0x7f0000001dc0)={0x1, 0x70, 0x20000}, 0x20)
socket$rds(0x15, 0x5, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000000040)={'vxcan0\x00', <r6=>0x0})
r7 = socket$can_raw(0x1d, 0x3, 0x1)
socket(0x23, 0x4, 0x4)
bind$can_raw(r7, &(0x7f0000000280)={0x1d, r6}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
sendmsg$inet(r9, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r8, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r10=>0xffffffffffffffff})
close_range(r10, 0xffffffffffffffff, 0x2)
sendmsg$nl_route_sched(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)=@getchain={0x24, 0x11, 0x1, 0x0, 0x2000000, {0x0, 0x0, 0x0, r6, {0x7}, {0x9}, {0x1}}}, 0x24}}, 0x40044)
ioctl$FITHAW(r5, 0xc0045878)
ioctl$ifreq_SIOCGIFINDEX_team(r7, 0x8933, &(0x7f0000000000))

246.9162ms ago: executing program 0 (id=1293):
creat(0x0, 0x8)
pipe2$9p(&(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = socket(0x1e, 0x3, 0x0)
write$9p(r0, &(0x7f00000000c0)="13401f26e671a29f1373c7ca1d9b023eeeb43cb0", 0x14)
sendmsg$nl_generic(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001200)=ANY=[@ANYBLOB="1400005d19bab9d9440c0bf2c9d1000008000000"], 0x14}}, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.current\x00', 0x275a, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000480)={[{@journal_path={'journal_path', 0x3d, './file1'}}, {@resuid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@jqfmt_vfsv0}, {@nombcache}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r3 = socket$tipc(0x1e, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f0000000e40)=ANY=[@ANYRES32], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1b, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r4, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r4, &(0x7f0000000000)={&(0x7f0000000040)={0x2, 0x0, @private=0xa010100}, 0x10, 0x0, 0x0, &(0x7f0000000780)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f0000000300)=[{&(0x7f0000002640)=""/102389, 0x18ff5}], 0x1, 0x1903d}}], 0x48}, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
io_setup(0x3, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x5, &(0x7f0000000500)=ANY=[@ANYBLOB="180000000000060000000000000000008500000007000000850000000e00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000012c0)={&(0x7f0000000040)='kfree\x00', r5}, 0x10)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001300)=@newtaction={0x1270, 0x30, 0x1, 0x0, 0x0, {}, [{0x125c, 0x1, [@m_connmark={0x10f8, 0x5, 0x0, 0x0, {{0xd}, {0xc8, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x101, 0x1, 0xffffffffffffffff, 0x6a4, 0x5}, 0x9}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x3, 0xbd55, 0x3, 0x1262, 0x2}, 0x2}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0xcda, 0xf2a, 0x0, 0x3c1, 0x7}, 0x9}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0xfffff3d2, 0x2, 0xffffffffffffffff, 0x8be, 0xfffffff6}, 0x2000}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x6, 0x5, 0x1, 0x4, 0x1000}, 0x6}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x6, 0x18c7, 0x6, 0x3e, 0xa1d1}, 0x8000}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x6, 0xa2a0, 0x8, 0x2, 0x4}, 0x4000}}]}, {0x1004, 0x6, "03ab475da8b12474102eaef56edd3b80839fa6403e7813ae2d5bccd195e46bed96fd17755db32560eb8ee6edbf31075d5e601908dd5b43d34ba4370ec67bfa47c87da90df40046b0fce8360a26ad07f795d4213b30318d49d715eb7b40b841fd95664b9456c1b56e29e192c4e4e3f00c0e69c7c5b611c3b6995f22b61c6c0340aff4256a96f69f3691540432d48596dca67c7243f3556eadafda8a36f426d67f757804b40a6d80841e50fee9f96267ea0584e6d45e03995fca227e74a3e3aefe99309adc13a34b9d8ec0cbd127a8782e84cb4b91830cd4b268dec15df422e5ee2b410375ee7d2ef0b8b20e52504a06fd3ce523b909ea81bd937e7ff26c4be6b914cdc03346b0e4c5c733cbb8abbd489351c96cbd4da2a371985e77dac3dbf66bcb643f7ad47c9b20b009b01b4ada8ed02504f6676735e597aba58fa8401cb35e2cafe73a9f5d567b88cbef9d0ee4f45188baaa83d2db30fae621789bec190e3fe3bbb84f128fbab1a1b4ee6689886a7566e50f3f1cbdd021eaa74ab7be4fd3baa6b10160e21d768367872e661b7d3addb3874dd07d107985520da6b85a2f42a1efdf236a73ebd630bb44b6a27428eb781a98bdf9697601803ac4a899f0333a7a8b1b18ba107de50257e7fb70fba2438b92600ffbbad57725606233c842bfc7268f62ecb9143a41f11b72be28ae3c44fd2c6ff960c38e45b091fd64a2d18b7ddc87ee9a3ceef95e890842ac384367419d7f6e6c0592b9ff569abc593b3c870d25e5cf24ff0dba587ad096c18178ce53bd0ee475240f0ff04356f806d0dc808229d75a51138bdf2565c51eca6eaab189022b50938bf6b15b1d3fe80dc3b7901df7fcd0175235f65040299516e679289992df8afcf6c8253de70d6e85834af47601727e5a6cf3411dbcb0d09409e9c6ac321abfbadfbc26f1c1279f96f4e116c4025a5d9442d1c3c0756d8817cd656126d775101a549c0035ae46a6c0f65bb62680de662d13bb1ee42b62cd898d7ce14048e352e0cfccd3337e617a9d18ddfee2f380b8cba6f2590c097a6495084dd89c6ea302a5df0e82e7f1cca6a9b24f84bbba75302304ce4312640190e65e04397683606dc3f83f875929ab87b74f1bf265dbcd194b7fa8dd568d17668d80e3b5b592f03060a70be26dc05891f3b5a45dbc7efe115964a13dffa8f5654b561ae27ebe0efb145afe0c9db8e3451036ba906a9dd0eb84d93bda7623510ba0b88000246fc0698d64f5d968e89ea06fd9c1709465f61e05d0736346edf1be89cf5ed8c59b0668e6c2a2d8d9c9624078d5269c25d8e101f9593c12a17a8d173ca5d9d6684dbd04e1671d01bea796e62404e674a10a932d602ce356b2d662340d497fc62b8d66eea549d08c40ced2ac8447dc509be6fae5b3c3ec42569b0690e0b99518db957bcd8848b66bdf5e16211cef378f798b4dc76c19cbe5b2a33582491edb3afcd652322a8c7bcfc44d28aa2ad7923fb3019e7927d375248ab110a7f8b2f15f7ef83cdd1505552003b7f04a2ecf40abdb44f4dcea75e14dd3893317baa1f2e85be8eef8721cf2e7ee91a65a081ce298bf05ada83802545d96a6fb907d549efb2dea0c3cf116923b3111dfaa46dd408e250a3ee5689b1f4d53387f5f22e7a8152da3496c4314df63a79de5f78e654fe1019df6577c71a2c73d9fe72cae2386b09e5029748cef0a9830e1629bdaf435f6ce641dd457175e6d42e73daccd9e2c800680958f242952213ec045e7b8573ef5c89e0bc15a998bee49f09f67b66e0e8982b5a6b5c56fe9de047e3a9d84c2d0591b36f30f105a0c77e04ce72dee82505e67ee9c671c091a0093f94af579a5d402badb3c8046e5aa5ffb261bb137a7b8d28897547f48f3a7a9a3ec2baebfd5b0d453feb00883075f61297d1b85527ca8dc197f479abcf9f7c83ea02fdcca0926ada2d01911fd4060054bef228db90c56581b207370a0778aad86422eb2df984604d6fb0457bc9af4e9c948786d2b2a92f520153b9f8c747e8c0eacca7315c64565942cb5a2d0e552df0c9d02304ea948ce9f10990ab27b7e408021e4f86368b4f14d6f3cad4ec8ca81bb81ed03545bf45a658fceab384cf0c656e088ac868f0ec1e5fc9f9a60988d980e307fcfb617300491ce07f183fd7264b8ab30183ddd0a336164b79f0f01818b58919576425e9838a7d83ad4762d5cca1f77330c31d5f6f268fb1cfd93005fcdd7f52e573ff96cff8f21c9e1c91672eb2eced39ff913f754b9837d08433536fe44a97c0b6854ed8b69cecc39513a723ebf3f9f3875890c21686647b3b387deaa6c742278fba5432383f503449e7810245374994c644b4c0a5aba999b44169c145f97e92665d1f8c5fc12d9195d11baf7a0b993a63d6cd56e3a15f225146dc2511542c4841507aea14e832527bfc3cc4070b3f80a4d304107d34db8d10d06d814e67bb1614c0264e2db5aab2dc3e103fc929b2c34e094e91a64a4743746579a44ffd540aa942ea53c642e69e2ae40fb3435f4270d3406f832a28825836326c4b0039fd8df3bc48da9848bd8438f1a99b26dbb2d706b7855669cc4ac92ebd49b9eb25c2300aa5e55fd72fe8b4126e5219e8d1cdde6ae7eee349e9ae2247b5405bbdbcd358a0e079c79095f3842772c143a7c7e4701cd38ae08c25ddedc935db1538ba66d8dbac6e7731005cd63bcce8872a3b6699b1ecfa7fefec075492949d80b4b6e25d0f31d1dd5a2af3ae28febbf40008a45a9fc15a54cc3ac1b5d20bd72e374bc3fe522e549eeed81afae1e0c3600f1441e8e8e3bb55172679423681fc9182f9240b117a4895c2747be594997b45f56152e91fa93063bdddfb267c7b7cacc440a08585e738a0a2fa04300abc4e3a9f1c9485670da93396919d039c7002008d1372575b67dd598423b92d8fee16644d1e8973c48efb5db18c038270b5a9b55335abf81cb60d2bbf56b6fe4dfdc9bf17f3a09aa90b91f3afa1198ebd9b37e30ce0deb94fddf828002a58c6621edb9bd660ce67267183afedec1fe4843f9b86ccb12f5895f667055e0fc315509ef27d1cabeb29f62b1b8506f2c0261631c9b6068d10da9958acf371fc8a23e609b3407d91f0e1ee4ea72d7581fb77d18c5e904ea7c96adfdeaa10f1a8fe56c9793fb312214f4b46f2e07b15535356236fdb6a27414bd1934d15e394675ab339c78431c8cc9dfa5fc64aee316c1e2026fe6ab14f63f3b9362f358024eb7f8107881ae6b85d7b145c434e1c41f22c5586d6d16f9ebb54e5d5e1f7be1bc8f4190fd944190bbca4273a6f884a8e5fb0d9fdfd7f54dc08349e33eacd29035c3eefc080f562ef0608ea015b57a375f69a2b63c7a209ac7bfe49ed935f6846863f4472cd5e7b324f61a209bf61125082829ef8ce69dbc5d3eeb2236f4c2be89b7048e62ddab2527f9826101b4cc0d198d8f1d2aa58ed92deebf5dfdb7ae2a4efa6e284785bb297d45b8bc2783be6dd102ed1d93665710d40fa91c2680647c3691612faa2cff6683317d64e6acf3636cf96b79c949e686d88fa1ae7a57a217b62398f230be6f5a59deb0dbe9dcd05dfabbbfd57c74848f8bb19ad2c31a39509250a371ee2f26ac9e3ce938a9083f1baf691419cdeb652327c4bdd42a0d23cf46ced1e464a46e083e0a44dc991470ee4951b3a9afc6ac7023fc7b59172f54acf0a354563794364b62ef14447744e7af70e82bb6b3d3db9a39f9b8ec13a0bfaad7a3694d7b202312640f1655786d6f609e399dbc484cddb9eb4a6cd19d708e53609b0027d0f32b6ea5f57a3311eccfdb7fc1de10e8fd33df7fe67a4dc1d470c17889726ef9c5960d1436984f161df2a93ce7e647dcc5b58a3669dab69baa04c0125e680f0a4c23bd1cbb821035607f423d35d9a4286298cb7879baddca5601d4609e4e7569f11ab0448b2f046032a81144b984fc0fcc1ed82c66884565b813ef269cfa2071b17b5eae99d07ebd35f2926f4acebc37d833102935eae7224b175aab94d5abacc81d87371b792d0331be78047b3107e11b46e31dfb2478aef84eb663f4854f22f3e3383a03a278bdc6136b6dd2a6c43ce3a82c8b9e827737cf47366769f8a438623e6172eb3e7c21f465decc9dfcd7bb92190ec7b26d7474f44f2cefdfc99a5189dd99842ebd13c92219734e6e3bdfffc640ebf2eed9b9e0e47d059f6ebee61f3f2c23400e8690023b0ccf2b1a3faee91a605dccf9d571840ca15b0c312f121dc479da81518975acaccf0de83b4df5f5a70981fc07ddb905f71f08f941c33b82d487c0c4fadabc9296631b61efbc781af7cb489f04e82cbc0f5df70cb2e1cb81caf59b1ee523afc92425e5f113b98d86c8c1506d57b6f6ff22b12823d17978e8363eb641a799d09315ae8353170e9ef5924ff617d9caf384a649759b9c6d62c651769fc2cdd70d557e56487223ca02c4a6826eead4d56593f717a6bb114495f3638f476875d62c7f76eaf69f7b82c58f9d86662530bf698944c4abad9d81617b2a9b57190b8f0788e5e3987ea3897961fdfa0196ff88d5421ecf0917a3c472733512a3db073250fdc894ededca2471b9fad9651df8fb9a30c2e5e4739568bbce0c2cc56de24e4edef36d4094aaed775ffb7d6524ed2227e53a0030a9e8631ee82016ae76773befa5d5d39fcad852ac39b5b407a73f489b900258dba4d35eb63eb104df7f3753ff4aaeb899def2fabe9136552b04f89bbf59cee438435a22c4d9aa86dd0cf068eb577e65ee5efd75a2da8102b72ffc84632695e90f22a28c77901043948146de2b252db88d2f20997d2ee529a2064a133dc5686e7ce46c443bb340053107ba52939a858987f089ce7b6d2673b97c535cf87797d0968b74272e8eac25be819f5dc29a48bcc827dfa5637cc20db8533d843dffd69b468d03f2ab6c443635043878469b56893ddcbd6701561b629e415d7f691f45fefb57e66e5dd4f85b4c515b751c8e95a0b2816f6c234de71bf478db57c3432d1f5d1f5e453e013c950194e200ec4affae4f9ee4c862e5290c099c4f301cd322db720d88bf72eb66d9f5152ecf4ad79cd284f6e48147d09f0fd1d854a9d70cec09c5cb0d0418820b11d67c8e6d476b28dbcd74904f186ce22b82e5e9a96ee376875f302239f8766241c6b10ab817fa8ab04affde1ba76f5b58e2986a739a3a8324c44011ec1a47248147882af9dc61eb4d5f909ef9ca0474917388beb151b54caead586902b6b2acddb5601623ef0d261b23ad99131cc1dda23d984c92e268e3be576595416cb4f362d0852a4ad9bb561f0d6a5705b752efb32009da9d0b3db3fc454f21535a64e663cb13188affe00a3b9e76d9acfefa5b5e817c10c4ff6053404e5003d1e84de83f340007e2e0a826c69d00a8d8a63cfb3e2b011cb7430a1908c5f262573b98f7cde710cf9f2ee46710c93c32fa786dc5ccf6ed10c8ff0cbd8045195ea05054fd647db427a288cb792c9e6fb9856313007135c39fb653826c5884b6d8af38388390a2f921d84f44b616523783ce72ad2b69e906f9a648195366551e5d945959733bd71aeb6abd49f31c02b63bcf7d519c50863f23e953aa462390bab262d2758a529d63f1a908d01b3a0caace0bdc37b5630db1e57a4a84f7353dc63a10a42c057124847678b80f2171ee78fe127051dd95681a9867104229d2037aae93b9f75720bbda5c6e3891c73aedcf1d9cc081d79fdf1e70100196b0a0c6129d083aaa1f1ae020d9d35f481d1b682df6664dab5ba192718445e2b7446c53a1f25444eb723042637962539a9356e58359"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x3}}}}, @m_ife={0x160, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0xfffffffffffffffe}}}]}, {0x119, 0x6, "b5831b8a53056b7bd85e8de07a78d0dd78598d2267ba1b59a53774f4bc695da5e4c8ae24b4c09ef9dc226a70570c0df26e967f6445c1266ce7e48720f83795e6faa336369b55343679021b8ed4f9dffdffc90e02893a5d515552dde765a002c9d0c4b17210cb000395e1dc1e8c48e9d2355625ae213e8798b7f62a9a437a7c414f1791a3b795c175bd7a415e6189254487ce1165d3e7ebf679be212b14be85385460c670521032e356ce5da347cee8aed2ad5d21a9ea646f561a34c5752a7845aa65385d03a37ad382755dec2b3e4ff6dc0138f45235eef91428788544b208625f911847e3b27b605cdc9899b5440ad90a542a45c7944a1d84bccd5e45a3ff517f476ce449a77ef310620c28b3c86b075769072d11"}, {0xc}, {0xc}}}]}]}, 0x1270}}, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r8 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x400000)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r8, 0xc0a85320, &(0x7f00000003c0)={{0x80, 0x8}, 'port1\x00', 0x22, 0x0, 0xffff, 0x7, 0x598, 0x4000036e, 0x0, 0x0, 0x2, 0x46})
r9 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x1a0682)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r9, 0xc08c5332, &(0x7f0000000340)={0x8000000, 0x0, 0x0, 'queue0\x00'})
read(r8, &(0x7f00000001c0)=""/176, 0xb0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r7}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00.\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00r\b\x00\x00'], 0x48)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000dc0)={r10, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}, 0x50)

246.68654ms ago: executing program 1 (id=1294):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
close(r0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2f00000000002020207b1af8ff00000000bfa1000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x18)
syz_emit_ethernet(0xfffffffffffffecc, 0x0, 0x0)

220.6053ms ago: executing program 0 (id=1295):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$VT_RESIZEX(r0, 0x560a, &(0x7f0000000000)={0x9, 0x0, 0x7fff, 0x0, 0x4})
ioctl$KDSKBMODE(r0, 0x4b45, &(0x7f0000000040)=0x2)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000500)='\a\x99[@%\xe6l\xef\x86\xce\xe9\xf0\xd40\x11\\d3\xdcL0\xae\x0e\x1c\xea\x9e\fLx\xdd\xca\xe4\xed\xeeD \\\rfJ\xdc\xad_\v\x7f\x8b\x92a.,\xe0|@\xff\v\x85\xd4t\'[f\x89f!t\xea\xa4\t\xadp\xb3\xf0\x00?\xae\x87\x9fr\x0e\xfc\xc8m\xcd\xe5\xbb\xc1H\xdbG\xa94\x05\x1a\x9b1\xaeg\xa4!\x7fN2kQ\x04\xff\t\x9d\x9a\xfa\xc9\xdb\x87B\x14\x8c\x8c\x05\xe7\xfc\xb2\x18\x85\x87\xde\xcf\xa9\x99S\xae\x01l<\xda\xc4#H\a\x87\xa2L@Q\xafx\xc4\xe7\xb7?\x8e\x1f\x1c\x1c2e\'\xc5\xbd\x8ai\xdf\r\x95x\x8d\xff\x8e}k\x96\xaf\x9f\x05\xe6\xd4\xfc\x98\xbc3\x85\x96\x8a-\xe0\x84\r\xe9\xb8mv\x02')
r3 = perf_event_open(&(0x7f0000000040)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x2000000}, 0x0, 0x0, 0xffffffffffffffff, 0x3)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r4}, 0x10)
r5 = getpid()
setreuid(0xee00, 0x0)
r6 = syz_pidfd_open(r5, 0x0)
getegid()
fchdir(r4)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000000))
setns(r6, 0x24020000)
syz_clone3(&(0x7f00000008c0)={0x15340180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f00000002c0)=[r5], 0x1}, 0x58)
mmap$perf(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x11, r3, 0x0)
perf_event_open(&(0x7f0000000040)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x307, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x8000}, 0x0, 0x0, r3, 0x3)

154.56087ms ago: executing program 1 (id=1296):
r0 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x5, 0x4, 0x8a, 0xe7c9, 0x10108, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0, @void, @value, @value=r0}, 0x50)

154.24662ms ago: executing program 1 (id=1297):
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000000)={0x18, 0x0, {0x2, @dev, 'veth1_to_batadv\x00'}}, 0x1e)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000300000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
connect$pppoe(r0, &(0x7f0000000900)={0x18, 0x0, {0x0, @empty, 'vlan0\x00'}}, 0x1e)

134.30251ms ago: executing program 0 (id=1298):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
shutdown(r2, 0x0)
sendmsg$unix(r3, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000014}, 0x40010)

133.49659ms ago: executing program 1 (id=1299):
r0 = memfd_create(&(0x7f0000000f80)='\x103q}2[\xe0\x9a\xee\xaf\x03\x97\x9et\v\"|Ma\x86\xe7\xc0\x14\x9f\xb9h\xb1\x96\xe7=I\x860S6\xb5\xa8\xc2\x95Je%\xfeG\'\b\x00\x00\x00\x00\x00\x00\x00\x1c\xa6\xab\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94k\xcd\t\x00\x90k\xd6\x05\xb6&\xd0\x9daA\xc5\x9c_\xd4\x18,\f\xd4s\xb2\x99/\xc0\x9a\xf2Oc\xc0c\x03gB!\xb0\xb8n\x01\x9bT\x95\x10\x86\xe8$\x7f\r[\xf9\x0e1v\xb1\n\x88\v\x95uy\xb5:`\x00\x00\x00\x00\x00\x00\x00\x00\xaf\xc7\xa3\xac\xa2D\xb5\xe2\xe1\xdc(\xfd\x05\x9fB\x84O\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1a\xa0\x17\xe3\xac\xe9\xc9\xa7\x8a\x1b\x03\"&\xac\xcap>\xccZ\x01\xbc\x18\xc1\xb9\xe9\v\x8b\x9c\xb4Q\xda\x96EV<>\x99\xca\xb3\xe0\xc4tL\xed\xf5W\xbd#\xcf\x8a\x84\xed\x9f/\xd4\xbb\xea;-Dp\xf8\xd0F\x90\xf8\x92Ip6\xf4\x16\xe8\x14\xe0\x92!\x92-F\xe2\x14D\x91\xa8b\x04\xdd\x1d\a\xdc\xe0\x18\x85{\x80Q\xf6k\x96\xfaQ\x9fW\vO\xf0\xe4O\\\xceS\xe2\x05\x049d\x06#\x88\xc3\xdf\x85O\x1c\xc3\xad?r\xd7\x0e\x00\xd7\x83\xb0\x88\x9c\xf6Y7F\x98\xdd\x9c~\xfd\x95\xc3\xb6lC\xaa\"Y\xa2K\xecz\x84:*\xf5Y\xd1\x9b1\xbd\x9b\x15\xd4\xec\x02o\x01&\xaa\x90w\xc4\xc7\x8en\xb5\x1ag\xab\x8b?\xbe\xcb\xe8v\xa8\xe0\xa4\x81sW\xacf\x149\xd2}\xef\x03Ga\x9a$4\x8c\xa5!p\x83\x05\x96%\x02%\xabj\n\b\xc8NC\x91}&y\xd3\xe1\xeep\'\xc5\xab\x19GsX5\x8c\n\x9fh\xee;4\xb1%V\xe0\xa9\x8e\xf30:\xd8\x18N~G\x139\xcaf2\x02F1\xc6\x82\x00E\xae\x9d\x17\x871N:\xb4\xea \x8e\xdelP\x83\x1f\'\xe2\xd6\xc0\xc3\xfc\xc9677u\xf3RUP@o>\xee\xb8\xa3\t\x02\xb7\\,\xebK\xed\x1b\xc9e\xb3\x16\xce\x9bI\xdb\xfa\x82\x85\t\x9bg\xd0s\xe2\f{\x8cp~;\xf8\x96\xf2\x91\x06\x89\xa6D\xce\xac\x03\xc1\x83\xd1\xe6 |\xa75\xd7\x80t\xfc\xf8\xd2\x12N\x1cB7^\xfd4\xae\xb0VFw\b!\xae\x1baTv\xc0z\x19\xc5\xc8w\xba\x97N\x9a`\x8f\xfc\x9ee\xf9\x00\x1cQA\x14]\r\xd4\"\xc2\x12GD\xdb{\x88\xaa\x81\xc8\xa2\xdeI\xa2\xbel\x0e\xec\x17fNI\x05\xff\x8d\xf4_\x1a\vqA\xb7\xe0d<\x98\xee\xb8\x19\xec\x9f\xee\xe1_\xacG\x8b\xa3\xc3\x13\x80\x0f\xf4I\xdeAwG\xbdkno\xa2\b\x126\x97\x9b\xf9|P\xd94\v\x15\xcb\xc0\x9d\x11\xf3\x18\xae!2\x1b\x12\xa9\xc8~\xb7S\x94\xb5\xc7;\xa90D>s\xe9\xa4N\xf8\xdb\xab\xa0\x94~\xa1]b\xa4\xe5e\x1c\x8b\xd2\xc7Md\x93]\x1f\x96\xb5\x90M\x02\xd8\xb0,\xeb\x03\xaa\v\xed\x9bR\x8a\x80\xc2\x1f\x17ej\x973wv\x83a\xe06\x96\xde\xbc%Uh;H\xf8S\xf1\xa1g\x02\xc4\xc3\xa4\xa8\x96\t\xfex\xa2?\xcb\\Y\x1e\xfe\xca\xa0i\x80O\x11\xac\xb7$\xdb\xbc\xb0\xcb\xacqU\xb5*\x00\x00\x00\x00\x00\x00\x00\f\xda\xf8oV\x89\xd3\x1f\x99+M4\x1c\xc6\x7f\xd4\xf2\xcc\xd3\x94\xca\xd4\x00\x00\x00\x00\x00\x00\x00\x00\x00~A9\xf6IBu2L\x9e\xa2\xd0\x92\xd1\xbc\xb8\tJ\xa1\aN\x87\x95\xbb\xa9s\xab\x90\x06\xc6!p\x9e?~\xf9\xe6\xae*\v\xa3\xd9gxKN\'z]*\x93\xf7\b\x91\xd0\xff\xd9\xc6a\xb5q\x9c\xa1Go\xd58\x93\xe0,\x9f\xe4\xa9\xd9A\x9e\x95e\x98\xd0V\x9d\xed\x97\xf1\xc5\xce\xf5\x90!d\x9a\xd8\x10\xbbx\r8\xff\x8bNUK\xebA\xe5\x92f\xc4\xd1\xa8\x15\xbf\xb5iW\xdb.kbf*\x89\xf0\xecq m-~\xbbf?\xec=\xd2\xe2\x1e\x8d/o\xcd\xc8x\xdb\xe6\xd0W\xca\xc5kz\x8e9\xfa\x86\x0f\x96p7\x85\xf0i^Zc_0\xecb\xf5\x1a\xdc\x9f\x1fD\xcf\xe1\xbb\xe7d\xb0`\xbdlF]\xbf;\x0f\x99\xa3\x03`L(\xf1HN\xc0\x94\xbe\xcf\x1c\xb8\x18\xdf7\r\x13RO\xb2\xf0\xe8%\x9b\x80\xf5e{\x10\xbc\xdf\x90\\\xaa\x86\x1c\x12\xd3\xb6\x1e3\x15S\x9c\xc8\x1a\x85\x06\xdbT\xcav\xbb\x87\x8d\xb0\xef\xc4\xc2?\x88\xaeG\x9b.\x83]\xfdY\xd5Y\x05\xa10\x84\xf8>\x9cr\xfa\x11\xaf\xc1b\xb8\x1f\xc9\xe6\x8f\xe3\xad\x1f\xffQ\x8e7\x86\x92\x115\x87\xcf\xafC\xbfu\x0e\xe4L\xd0\xea\xae~\xdf\xbf\x81\x06\x92\x84\xf3\xe8\x8dB\x12\x9b\xda\x85i\xdc\a\x1a\xe3\\\xd5\x03\xeb\x12\xb70\b_\xa9pE\x15\xd4b6\xfc\xcfT\xb0\xbf,\xb1\xd7{\xea\xa3\x04\xe4\x01\xce\xb4\xd7\xdfP\xfe\x93\v\xe7\x8eJ\xee\xb7\x85\xef\xf3\xc2^w\xaf\xc4\xf1\xa5\xbcl\x1aSH\x1c\x0f\xe9\x1e\xfb\xad*\xc2\xef\xe2\xf8\x02$ \xce\xcc\x87=\x9c\xde6\x04\x1c,\x83\xc7\xe2\x19\x95\xa6+\xfc\xee\xde7]\xedV0\x10\x15\xec\x1cm:\x1b\xe9\xdfP=6\xbfG\x986\xf4\xe6\xcf\x80\xc2\xad\xc1\n\x87TM\xa8\xdca\xea\x8c\'\x8e\xe1\xec\xcc|\xff\xe0\xd7\x7f\x99\x15\xb7\xc7ndY?\x03\xa3\xc39\x96\x99\xf8|L\x05a\xea\xd8L\x0eY\x97\x81\x8e\x04\xee8&\x9ce(MY \xecJJmRj}\x92@n\xb2\xce\xbd\xd3i\xb2\xde\xaa\xc8\x00\x00\x00', 0x5)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1000001})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x3e, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0xc0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kmem_cache_free\x00', r4}, 0x10)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1, 0x0, 0x3, 0x3)
mbind(&(0x7f00005f7000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000000082295"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0x1f4, 0x300, 0x0, 0x0, 0x0, 0x6, 0x300, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
sendto$inet6(r3, 0x0, 0x0, 0x20000003, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$fou(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="7904000000000000000001"], 0x38}}, 0x0)
fcntl$addseals(r0, 0x409, 0xb)
accept4$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000040)=0x14, 0x80000)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r10, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETQUEUE(r10, 0x400454d9, &(0x7f0000000200)={'caif0\x00', 0x400})
close(r9)

94.06968ms ago: executing program 0 (id=1300):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[@ANYRES8=r0, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r0}, &(0x7f0000000380), &(0x7f00000003c0)=r1}, 0x20)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x4055, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
socket$kcm(0x29, 0x5, 0x0)
r2 = socket$inet_dccp(0x2, 0x6, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r3 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r3, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @empty, 0x6}, 0x1c)
r4 = socket$inet_dccp(0x2, 0x6, 0x0)
listen(r3, 0x5)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e20, @dev}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
r5 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r5, 0x0, 0x23, 0x0, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
writev(r6, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
writev(r6, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d0000000000", 0x2e}], 0x1)
r7 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_msfilter(r7, 0x0, 0x29, 0x0, 0x57)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
timer_create(0x6, &(0x7f0000000080)={0x0, 0x19, 0x1, @thr={0x0, &(0x7f0000000340)}}, 0x0)
rmdir(0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
getsockopt$inet_int(r2, 0x10d, 0xd7, &(0x7f0000000040), &(0x7f0000000080)=0x4)
unshare(0x2040400)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x90)

6.41344ms ago: executing program 1 (id=1301):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = fsopen(&(0x7f0000000400)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000240)=',-\x10*\x00', &(0x7f0000000380)='$\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r1, 0x5, &(0x7f00000005c0)='dE\x00', 0x0, r1)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000001800)='\xd0\x9e^\xa0\xee\xc8\x17T\xb1GI\x90\xe2Q1\xb0\x8f\xe1\xa8\x95\xa0\xcd\fL\xf1<e\a\xa5\x8f\xab\x1a\xdaY\xfb\x03dhS\x97nZ\xf8\xc6\x1f\xd3K\xfa\xc8\x8d#\xce)\x9bg-D#g\x16\xf4\xd9\x00\x00\x00\x00\x00eA\x9f\xc3\x11\x18\xe6\xc5\x95\x9e!^\x97\b\x14\xc5\xad\t\f\xdeg\x8d\x16wW\xf6\xacE\xa3\xc8\xe7\xec\xd6\xbd\x1c+\n\xc7Q( \xba\xff\x17N\x1fBy\x15\x83\xec(B4/#W\xc5\x05\x9d\xd6\x02\fU!a\xdc|6\xdc\xee$\xb5\x1deC\xfb\xa2\xaa\xe0#\xcb\xde;sa\xad\xa6\xb6P\xa3\xf7\xc3\x93\xd4\xb6\x95\x02\xd8*\xa8\xd2\x94\xa3\x89\xa9\xa0\xc5\xc9=\xa5^\v\xfbO\xf3\xff\x1bf\xedC\xbd\xd1\xf1#\xb3\xe5\t\x9a\xddk\x95\xd5N\xf3\x98\x1a\xa3\xca%N\xf8\xc6\xbcJw\xd8\x99f\xf1\xb5\x93^x|\x05\x00\x00\x00o*\xd3\xab\x05$<\xa3KQm\x00\xd3M\xb2\xd0,\xeeP\x1a\xd0 yI!\x17\x9b\xe7\xef\t\xba\xa0]\xf4\xb7\x00_g/\r\xd2\x06\xc5\x15\x1d\xcc\x0eB\x87\xe9 \x81P\"\xea\xd5#\xa4\xe5\xa1\x19Wp\x83\xf8tC\x10\xbe\xe3\xa9H\xc7\x89\x0eN\xd3\xc1\xd7\x99\xd8\x88\x1dZ\x91\r\xd1\x1c\xac\xe26b\x04\xecB[\xf3Lp\xfcQ\xf8\xec\xa0\x87\xd3\xde\x8bo\xd2\xbb~;\x8d\xc2\xf1\tP\xdfB\"VD\v\x90\xfb`\x8b\xfbr\x87B\xc3\x1c\x99\xe1ft\xd1\xdb\x0e\x86\xa3\xfc;y\x9d\xe6\xe25\x9f9\nj\x8a\xba\xb5\xc7\x92`\xed\x89\xf4\xbd\xc3\xe7l\xa9\xda\xde\xe0\xcf\xeaM\xb2~\x159\x92\xf60\x0e\xa0\xc2\x17\x8aC\xa5\xcf\xcd\x16\xdb\x83v\xe8\xf1\x82\xe2\xa5\xf0\xc7K\xe4?|\xc9\xdfx\xf0\xb1', &(0x7f0000001600)='\xb8\x8b\xadTd\xdcJ\x03\xf7\n\x11x\xf5\x93Q#\xfe\xb4\xeb\xd9/\x90\xad\xc5\xd0\a\xef\x06$*\xf0\v7>\xa8`\xf1)\xec\xba\xb7\x85\a\x92I\xbb\xfe2\xa0\xc1\xb3\x13p\xa2l', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r1, 0x2, &(0x7f0000000580)='\xa3\x04\x00', &(0x7f00000003c0)="c5", 0x1)
r2 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xe}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
close(r1)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
syz_emit_ethernet(0x32, &(0x7f0000000240)={@local, @dev, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x88, 0x0, @empty}, {0x0, 0x1, 0x10, 0x0, @gue={{0x2, 0x0, 0x1, 0x9}}}}}}}, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00', r5, 0x0, 0x10000}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f0000000600)={0x0, 0xfe80, &(0x7f00000005c0)=[{&(0x7f0000000940)="2e00000010008188e6b62aa73772cc9f1ba1f8482e0000005e140602000000000e000a001000000002800000128c", 0x2e}], 0x1}, 0x0)

0s ago: executing program 1 (id=1302):
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x240601, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
flock(r1, 0x1)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="2300000001040000060000000100000000000000", @ANYRES32=r1, @ANYBLOB="0700000000000000000000000000ee31eeca00007aa50071d4e7f4aba0d254f92a67c33293df6b47ffa1c080867b01b836a660db21ce41978a9643b10cc612c1835ff75ce0033c05a2e19f38a6c7e3150f51a2590c530c185f8122b3cda9b9d40e8913d454cd142b6099f115f629d00e983a0453b6ccf10ddf9d5306e36f0d63dea1650a7467511353c7c77f9435a4ee2fb9ceeb1fe935a95bf5905c8c1a22dd8b8e474956710d5be660dd99d668a8bd66abf34bf921202c70d047e4fec1a7f652d4e49d837e", @ANYRES32=0x0, @ANYRES32=r0, @ANYBLOB="05000000040000000100"/28], 0x50) (async, rerun: 64)
r3 = socket$igmp(0x2, 0x3, 0x2) (rerun: 64)
setsockopt$MRT_DONE(r3, 0x0, 0xc9, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r4}, 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f00000003c0), 0x5, r5}, 0x38) (async)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001040)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kfree\x00', r6}, 0x10)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1) (async)
r7 = creat(&(0x7f00000000c0)='./file0\x00', 0xc9028ba210c11f88)
ioctl$BLKTRACESETUP(r7, 0xc0481273, &(0x7f0000000000)={'\x00', 0x8, 0x2, 0x80400, 0x2004, 0x800}) (async)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
flock(r1, 0x2) (async)
syz_io_uring_setup(0x4bb6, &(0x7f00000003c0)={0x0, 0x0, 0x40, 0x3, 0x0, 0x0, r1}, 0x0, 0x0) (async, rerun: 32)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000ff01000000000000002000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (rerun: 32)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x10) (async, rerun: 32)
r9 = socket$inet_tcp(0x2, 0x1, 0x0) (rerun: 32)
setsockopt$EBT_SO_SET_ENTRIES(r9, 0x0, 0x80, &(0x7f0000000240)=@filter={'filter\x00', 0xe, 0x1, 0x130, [0x0, 0x20000100, 0x20000130, 0x20000160], 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0000000000002a7b000000000000000000000000030000000023b500000000000100000000000000feffffff0000000000000000000000000012c31aa8b556307b0000160900000000000000000000000000000000000000ffffffff00000000000000000000000000000000000000000000000000ffffff7f000000000000000000000000000000feffffff010000001100000009000000000000000000106cf4aa4ac99e8d000000006c6f00000000000000000000000000e2ffffffffff01000001000000100000fa6215e1c90fed90ac00000010a85f001a4b000000000000000580000000aaaaaabd0000020000000000007000000070000000a000000041554449540000000000000000000000000000000000000000000000000000000800000000000d000000000000000000"]}, 0x1a8)
r10 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f00000001c0)={'bridge0\x00', <r11=>0x0})
sendto$packet(r10, 0x0, 0x0, 0x4, &(0x7f0000000540)={0xc9, 0x5, r11, 0x1, 0xa0, 0x6, @broadcast}, 0x14)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)

kernel console output (not intermixed with test programs):

T6147] loop1: detected capacity change from 0 to 1024
[   81.297303][ T6134] EXT4-fs (loop3): Remounting filesystem read-only
[   81.304061][ T6134] EXT4-fs (loop3): 1 orphan inode deleted
[   81.315233][ T6147] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   81.320843][ T6134] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   81.326279][ T6147] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   81.348140][ T6134] SELinux: (dev loop3, type ext4) getxattr errno 5
[   81.354739][ T6147] JBD2: no valid journal superblock found
[   81.360482][ T6147] EXT4-fs (loop1): Could not load journal inode
[   81.367552][ T6134] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.389154][ T6147] FAULT_INJECTION: forcing a failure.
[   81.389154][ T6147] name failslab, interval 1, probability 0, space 0, times 0
[   81.401972][ T6147] CPU: 1 UID: 0 PID: 6147 Comm: syz.1.764 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[   81.412596][ T6147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   81.422737][ T6147] Call Trace:
[   81.426031][ T6147]  <TASK>
[   81.428971][ T6147]  dump_stack_lvl+0xf2/0x150
[   81.433626][ T6147]  dump_stack+0x15/0x1a
[   81.437880][ T6147]  should_fail_ex+0x223/0x230
[   81.442573][ T6147]  should_failslab+0x8f/0xb0
[   81.447193][ T6147]  kmem_cache_alloc_noprof+0x52/0x320
[   81.452579][ T6147]  ? mas_alloc_nodes+0x1e3/0x490
[   81.457573][ T6147]  mas_alloc_nodes+0x1e3/0x490
[   81.462351][ T6147]  mas_preallocate+0x44a/0x650
[   81.467150][ T6147]  __mmap_region+0x809/0x13f0
[   81.471945][ T6147]  mmap_region+0x164/0x1e0
[   81.476444][ T6147]  do_mmap+0x718/0xb60
[   81.480590][ T6147]  vm_mmap_pgoff+0x133/0x290
[   81.485213][ T6147]  ksys_mmap_pgoff+0xd0/0x330
[   81.489993][ T6147]  ? fpregs_assert_state_consistent+0x83/0xa0
[   81.496087][ T6147]  x64_sys_call+0x1940/0x2dc0
[   81.500914][ T6147]  do_syscall_64+0xc9/0x1c0
[   81.505496][ T6147]  ? clear_bhb_loop+0x55/0xb0
[   81.510227][ T6147]  ? clear_bhb_loop+0x55/0xb0
[   81.514982][ T6147]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   81.521004][ T6147] RIP: 0033:0x7fc3fe67ff13
[   81.525429][ T6147] Code: f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 89 ca 41 f7 c1 ff 0f 00 00 75 14 b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 25 c3 0f 1f 40 00 48 c7 c0 a8 ff ff ff 64 c7
[   81.545090][ T6147] RSP: 002b:00007fc3fccf6e38 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[   81.553517][ T6147] RAX: ffffffffffffffda RBX: 000000000000046a RCX: 00007fc3fe67ff13
[   81.561530][ T6147] RDX: 0000000000000003 RSI: 0000000008400000 RDI: 0000000000000000
[   81.569513][ T6147] RBP: 00000000200004c2 R08: 00000000ffffffff R09: 0000000000000000
[   81.577526][ T6147] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000004
[   81.585509][ T6147] R13: 00007fc3fccf6f10 R14: 00007fc3fccf6ed0 R15: 0000000020000300
[   81.593498][ T6147]  </TASK>
[   81.686615][ T6152] loop3: detected capacity change from 0 to 512
[   81.726974][ T6152] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.742729][ T6158] xt_hashlimit: max too large, truncated to 1048576
[   81.751117][ T6152] ext4 filesystem being mounted at /170/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   81.763767][ T6158] Cannot find set identified by id 0 to match
[   81.771738][ T6154] loop1: detected capacity change from 0 to 764
[   81.799512][ T6154] Symlink component flag not implemented
[   81.805835][ T6154] Symlink component flag not implemented (129)
[   81.830665][ T6154] rock: directory entry would overflow storage
[   81.836939][ T6154] rock: sig=0x4f50, size=4, remaining=3
[   81.842585][ T6154] iso9660: Corrupted directory entry in block 6 of inode 1792
[   81.858342][ T6165] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[   81.893694][ T6120] batadv_slave_1: left promiscuous mode
[   81.968425][ T6171] netlink: 'syz.1.773': attribute type 10 has an invalid length.
[   81.985372][ T6173] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[   82.061461][ T6182] FAULT_INJECTION: forcing a failure.
[   82.061461][ T6182] name failslab, interval 1, probability 0, space 0, times 0
[   82.074216][ T6182] CPU: 1 UID: 0 PID: 6182 Comm: syz.1.778 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[   82.084082][ T6176] rdma_rxe: rxe_newlink: failed to add sit0
[   82.084882][ T6182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   82.100875][ T6182] Call Trace:
[   82.104216][ T6182]  <TASK>
[   82.107174][ T6182]  dump_stack_lvl+0xf2/0x150
[   82.111832][ T6182]  dump_stack+0x15/0x1a
[   82.116057][ T6182]  should_fail_ex+0x223/0x230
[   82.120842][ T6182]  ? alloc_pipe_info+0xb0/0x360
[   82.125728][ T6182]  should_failslab+0x8f/0xb0
[   82.130403][ T6182]  __kmalloc_cache_noprof+0x4e/0x320
[   82.135721][ T6182]  alloc_pipe_info+0xb0/0x360
[   82.140496][ T6182]  splice_direct_to_actor+0x60f/0x670
[   82.145981][ T6182]  ? __pfx_direct_splice_actor+0x10/0x10
[   82.151634][ T6182]  ? 0xffffffff81000000
[   82.155849][ T6182]  ? selinux_file_permission+0x22a/0x360
[   82.161500][ T6182]  ? __rcu_read_unlock+0x4e/0x70
[   82.166458][ T6182]  ? avc_policy_seqno+0x15/0x20
[   82.171329][ T6182]  ? selinux_file_permission+0x22a/0x360
[   82.176989][ T6182]  do_splice_direct+0xd7/0x150
[   82.181874][ T6182]  ? __pfx_direct_file_splice_eof+0x10/0x10
[   82.187896][ T6182]  do_sendfile+0x398/0x660
[   82.192333][ T6182]  __x64_sys_sendfile64+0xbd/0x150
[   82.197457][ T6182]  x64_sys_call+0xfbd/0x2dc0
[   82.202058][ T6182]  do_syscall_64+0xc9/0x1c0
[   82.206664][ T6182]  ? clear_bhb_loop+0x55/0xb0
[   82.211355][ T6182]  ? clear_bhb_loop+0x55/0xb0
[   82.216042][ T6182]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.222056][ T6182] RIP: 0033:0x7fc3fe67fed9
[   82.226513][ T6182] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   82.246311][ T6182] RSP: 002b:00007fc3fccf7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   82.254799][ T6182] RAX: ffffffffffffffda RBX: 00007fc3fe845fa0 RCX: 00007fc3fe67fed9
[   82.262780][ T6182] RDX: 0000000020000000 RSI: 0000000000000003 RDI: 0000000000000004
[   82.270859][ T6182] RBP: 00007fc3fccf70a0 R08: 0000000000000000 R09: 0000000000000000
[   82.278905][ T6182] R10: 00000000003fffff R11: 0000000000000246 R12: 0000000000000001
[   82.286965][ T6182] R13: 0000000000000000 R14: 00007fc3fe845fa0 R15: 00007ffd0f14eac8
[   82.294953][ T6182]  </TASK>
[   82.315511][ T6183] rdma_rxe: rxe_newlink: failed to add syzkaller0
[   82.431131][ T6189] xt_hashlimit: max too large, truncated to 1048576
[   82.439915][ T6189] Cannot find set identified by id 0 to match
[   82.537373][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.708040][ T6196] loop0: detected capacity change from 0 to 512
[   82.770805][ T6198] xt_hashlimit: max too large, truncated to 1048576
[   82.814253][ T6201] loop0: detected capacity change from 0 to 512
[   82.826954][ T6201] journal_path: Lookup failure for './file1'
[   82.833096][ T6201] EXT4-fs: error: could not find journal device path
[   82.896779][ T6205] can: request_module (can-proto-3) failed.
[   82.904932][ T6208] netlink: 12 bytes leftover after parsing attributes in process `syz.3.789'.
[   82.966920][ T6210] FAULT_INJECTION: forcing a failure.
[   82.966920][ T6210] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   82.980157][ T6210] CPU: 0 UID: 0 PID: 6210 Comm: syz.0.791 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[   82.990883][ T6210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   83.001022][ T6210] Call Trace:
[   83.004378][ T6210]  <TASK>
[   83.007329][ T6210]  dump_stack_lvl+0xf2/0x150
[   83.011981][ T6210]  dump_stack+0x15/0x1a
[   83.016325][ T6210]  should_fail_ex+0x223/0x230
[   83.021102][ T6210]  should_fail+0xb/0x10
[   83.025330][ T6210]  should_fail_usercopy+0x1a/0x20
[   83.030484][ T6210]  _copy_from_user+0x1e/0xb0
[   83.035115][ T6210]  copy_bpf_fprog_from_user+0xda/0x240
[   83.040748][ T6210]  sk_setsockopt+0x1477/0x1f80
[   83.045586][ T6210]  sock_setsockopt+0x3c/0x50
[   83.050204][ T6210]  __sys_setsockopt+0x13d/0x200
[   83.055137][ T6210]  __x64_sys_setsockopt+0x66/0x80
[   83.060264][ T6210]  x64_sys_call+0x282e/0x2dc0
[   83.064972][ T6210]  do_syscall_64+0xc9/0x1c0
[   83.069644][ T6210]  ? clear_bhb_loop+0x55/0xb0
[   83.074364][ T6210]  ? clear_bhb_loop+0x55/0xb0
[   83.079135][ T6210]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.085159][ T6210] RIP: 0033:0x7f18cb59fed9
[   83.089584][ T6210] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   83.109261][ T6210] RSP: 002b:00007f18c9c17058 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   83.117729][ T6210] RAX: ffffffffffffffda RBX: 00007f18cb765fa0 RCX: 00007f18cb59fed9
[   83.125716][ T6210] RDX: 0000000000000033 RSI: 0000000000000001 RDI: 0000000000000005
[   83.133701][ T6210] RBP: 00007f18c9c170a0 R08: 0000000000000010 R09: 0000000000000000
[   83.141773][ T6210] R10: 00000000200a2000 R11: 0000000000000246 R12: 0000000000000001
[   83.149759][ T6210] R13: 0000000000000000 R14: 00007f18cb765fa0 R15: 00007ffeb89c07f8
[   83.157797][ T6210]  </TASK>
[   83.167055][ T6219] loop1: detected capacity change from 0 to 256
[   83.174438][ T6219] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   83.190094][ T6219] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   83.262929][ T6221] loop4: detected capacity change from 0 to 2048
[   83.295862][ T6221] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   83.314567][ T6228] loop3: detected capacity change from 0 to 512
[   83.382807][ T6240] loop2: detected capacity change from 0 to 128
[   83.389517][ T6240] EXT4-fs: Ignoring removed nobh option
[   83.403363][ T6240] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   83.404468][ T6228] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   83.418956][ T6240] ext4 filesystem being mounted at /157/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   83.438660][ T6221] Falling back ldisc for ttyS3.
[   83.450525][ T6228] ext4 filesystem being mounted at /176/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   83.467755][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.487397][ T6228] ext4: Unknown parameter ''
[   83.493126][ T3300] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   83.518889][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.690916][ T6280] loop2: detected capacity change from 0 to 1024
[   83.699359][ T6280] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   83.713195][ T6280] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   83.721434][ T6280] EXT4-fs (loop2): orphan cleanup on readonly fs
[   83.728478][ T6280] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5837: Corrupt filesystem
[   83.746304][ T6280] EXT4-fs (loop2): Remounting filesystem read-only
[   83.755246][ T6280] EXT4-fs (loop2): 1 orphan inode deleted
[   83.765898][ T6280] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   83.778057][ T6280] SELinux: (dev loop2, type ext4) getxattr errno 5
[   83.785095][ T6280] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.870687][ T6293] loop1: detected capacity change from 0 to 512
[   83.877543][ T6293] journal_path: Lookup failure for './file1'
[   83.883741][ T6293] EXT4-fs: error: could not find journal device path
[   83.918911][ T6296] loop1: detected capacity change from 0 to 128
[   83.981755][ T6297] sg_write: data in/out 231/42 bytes for SCSI command 0x0-- guessing data in;
[   83.981755][ T6297]    program syz.1.815 not setting count and/or reply_len properly
[   84.245499][ T6302] loop1: detected capacity change from 0 to 128
[   84.253402][ T6302] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[   84.261519][ T6301] rdma_rxe: rxe_newlink: failed to add sit0
[   84.301439][ T6302] FAT-fs (loop1): FAT read failed (blocknr 128)
[   84.321980][ T6302] bpf_get_probe_write_proto: 2 callbacks suppressed
[   84.321999][ T6302] syz.1.816[6302] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   84.329023][ T6302] syz.1.816[6302] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   84.340570][ T6302] syz.1.816[6302] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   84.493773][ T6309] loop3: detected capacity change from 0 to 128
[   84.575278][ T6310] sg_write: data in/out 231/42 bytes for SCSI command 0x0-- guessing data in;
[   84.575278][ T6310]    program syz.3.819 not setting count and/or reply_len properly
[   84.665767][ T6313] pim6reg1: entered promiscuous mode
[   84.671174][ T6313] pim6reg1: entered allmulticast mode
[   84.796185][ T6318] netlink: 16 bytes leftover after parsing attributes in process `syz.2.821'.
[   84.886132][ T6324] FAULT_INJECTION: forcing a failure.
[   84.886132][ T6324] name failslab, interval 1, probability 0, space 0, times 0
[   84.898918][ T6324] CPU: 1 UID: 0 PID: 6324 Comm: syz.1.825 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[   84.909552][ T6324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   84.919664][ T6324] Call Trace:
[   84.922956][ T6324]  <TASK>
[   84.925905][ T6324]  dump_stack_lvl+0xf2/0x150
[   84.930558][ T6324]  dump_stack+0x15/0x1a
[   84.934798][ T6324]  should_fail_ex+0x223/0x230
[   84.939540][ T6324]  should_failslab+0x8f/0xb0
[   84.944165][ T6324]  __kmalloc_noprof+0xab/0x3f0
[   84.949039][ T6324]  ? copy_splice_read+0xc7/0x5d0
[   84.954021][ T6324]  copy_splice_read+0xc7/0x5d0
[   84.958862][ T6324]  ? __pfx_copy_splice_read+0x10/0x10
[   84.964352][ T6324]  splice_direct_to_actor+0x269/0x670
[   84.969783][ T6324]  ? __pfx_direct_splice_actor+0x10/0x10
[   84.975489][ T6324]  do_splice_direct+0xd7/0x150
[   84.980372][ T6324]  ? __pfx_direct_file_splice_eof+0x10/0x10
[   84.986324][ T6324]  do_sendfile+0x398/0x660
[   84.986780][ T6327] loop0: detected capacity change from 0 to 256
[   84.990878][ T6324]  __x64_sys_sendfile64+0x110/0x150
[   84.990910][ T6324]  x64_sys_call+0xfbd/0x2dc0
[   84.990940][ T6324]  do_syscall_64+0xc9/0x1c0
[   84.991031][ T6324]  ? clear_bhb_loop+0x55/0xb0
[   84.991058][ T6324]  ? clear_bhb_loop+0x55/0xb0
[   85.020614][ T6327] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   85.021017][ T6324]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.021136][ T6324] RIP: 0033:0x7fc3fe67fed9
[   85.021158][ T6324] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   85.063050][ T6324] RSP: 002b:00007fc3fccf7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   85.071534][ T6324] RAX: ffffffffffffffda RBX: 00007fc3fe845fa0 RCX: 00007fc3fe67fed9
[   85.079528][ T6324] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[   85.087637][ T6324] RBP: 00007fc3fccf70a0 R08: 0000000000000000 R09: 0000000000000000
[   85.095755][ T6324] R10: 0000020000023896 R11: 0000000000000246 R12: 0000000000000001
[   85.103742][ T6324] R13: 0000000000000000 R14: 00007fc3fe845fa0 R15: 00007ffd0f14eac8
[   85.111772][ T6324]  </TASK>
[   85.134250][ T6327] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   85.168083][ T6332] loop4: detected capacity change from 0 to 128
[   85.175068][ T6330] syz1: rxe_newlink: already configured on bond_slave_1
[   85.183797][ T6332] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[   85.231545][ T6335] loop3: detected capacity change from 0 to 512
[   85.248657][ T6335] journal_path: Lookup failure for './file1'
[   85.254779][ T6335] EXT4-fs: error: could not find journal device path
[   85.255319][ T6337] loop1: detected capacity change from 0 to 128
[   85.270580][ T6332] netlink: 48 bytes leftover after parsing attributes in process `syz.4.828'.
[   85.296493][ T6332] sctp: [Deprecated]: syz.4.828 (pid 6332) Use of struct sctp_assoc_value in delayed_ack socket option.
[   85.296493][ T6332] Use struct sctp_sack_info instead
[   85.322975][ T6337] FAT-fs (loop1): error, invalid access to FAT (entry 0x0ffffff6)
[   85.351110][ T6337] syz.1.830[6337] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   85.351784][ T6337] syz.1.830[6337] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   85.371256][ T6337] syz.1.830[6337] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   85.384458][ T6337] syz.1.830[6337] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   85.395925][ T6337] syz.1.830[6337] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   85.415542][ T6337] syz.1.830[6337] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   85.475113][   T29] kauditd_printk_skb: 400 callbacks suppressed
[   85.475131][   T29] audit: type=1400 audit(1733650864.793:4598): avc:  denied  { execmem } for  pid=6344 comm="syz.4.835" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   85.616055][ T6348] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[   85.622681][ T6348] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   85.630219][ T6348] vhci_hcd vhci_hcd.0: Device attached
[   86.097093][ T6349] vhci_hcd: connection closed
[   86.121686][   T52] vhci_hcd: stop threads
[   86.130713][   T52] vhci_hcd: release socket
[   86.135249][   T52] vhci_hcd: disconnect device
[   86.161667][ T3377] vhci_hcd: vhci_device speed not set
[   86.169124][   T29] audit: type=1326 audit(1733650865.493:4599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6353 comm="syz.1.837" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3fe67fed9 code=0x7ffc0000
[   86.220695][   T29] audit: type=1326 audit(1733650865.493:4600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6353 comm="syz.1.837" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3fe67fed9 code=0x7ffc0000
[   86.244166][   T29] audit: type=1326 audit(1733650865.513:4601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6353 comm="syz.1.837" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc3fe67fed9 code=0x7ffc0000
[   86.267716][   T29] audit: type=1326 audit(1733650865.513:4602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6353 comm="syz.1.837" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3fe67fed9 code=0x7ffc0000
[   86.291153][   T29] audit: type=1326 audit(1733650865.513:4603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6353 comm="syz.1.837" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc3fe67fed9 code=0x7ffc0000
[   86.314520][   T29] audit: type=1326 audit(1733650865.513:4604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6353 comm="syz.1.837" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3fe67fed9 code=0x7ffc0000
[   86.337864][   T29] audit: type=1326 audit(1733650865.513:4605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6353 comm="syz.1.837" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc3fe67fed9 code=0x7ffc0000
[   86.361321][   T29] audit: type=1326 audit(1733650865.513:4606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6353 comm="syz.1.837" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3fe67fed9 code=0x7ffc0000
[   86.384676][   T29] audit: type=1326 audit(1733650865.513:4607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6353 comm="syz.1.837" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fc3fe67fed9 code=0x7ffc0000
[   86.528425][ T6359] rdma_rxe: rxe_newlink: failed to add bond_slave_1
[   86.583561][ T6363] syz.1.840[6363] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   86.633269][ T6366] loop6: detected capacity change from 0 to 7
[   86.650912][ T6366] Buffer I/O error on dev loop6, logical block 0, async page read
[   86.659267][ T6366] Buffer I/O error on dev loop6, logical block 0, async page read
[   86.667192][ T6366]  loop6: unable to read partition table
[   86.677108][ T6366] loop_reread_partitions: partition scan of loop6 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨�â·û
[   86.677108][ T6366] 
) failed (rc=-5)
[   86.827956][ T6384] netlink: 36 bytes leftover after parsing attributes in process `syz.3.849'.
[   86.859335][ T6390] loop4: detected capacity change from 0 to 128
[   86.883717][ T6393] loop6: detected capacity change from 0 to 7
[   86.900051][ T6393] Buffer I/O error on dev loop6, logical block 0, async page read
[   86.917387][ T6393] Buffer I/O error on dev loop6, logical block 0, async page read
[   86.925334][ T6393]  loop6: unable to read partition table
[   86.933965][ T6393] loop_reread_partitions: partition scan of loop6 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨�â·û
[   86.933965][ T6393] 
) failed (rc=-5)
[   87.005334][ T3373] hid-generic 4100:0000:0000.0002: unknown main item tag 0x0
[   87.010927][ T6401] loop3: detected capacity change from 0 to 128
[   87.012901][ T3373] hid-generic 4100:0000:0000.0002: unknown main item tag 0x0
[   87.012928][ T3373] hid-generic 4100:0000:0000.0002: unknown main item tag 0x0
[   87.034095][ T3373] hid-generic 4100:0000:0000.0002: unknown main item tag 0x0
[   87.041573][ T3373] hid-generic 4100:0000:0000.0002: unknown main item tag 0x0
[   87.049160][ T3373] hid-generic 4100:0000:0000.0002: unknown main item tag 0x0
[   87.056685][ T3373] hid-generic 4100:0000:0000.0002: unknown main item tag 0x0
[   87.064247][ T3373] hid-generic 4100:0000:0000.0002: unknown main item tag 0x0
[   87.071765][ T3373] hid-generic 4100:0000:0000.0002: unknown main item tag 0x0
[   87.079218][ T3373] hid-generic 4100:0000:0000.0002: unknown main item tag 0x0
[   87.086672][ T3373] hid-generic 4100:0000:0000.0002: unknown main item tag 0x0
[   87.094113][ T3373] hid-generic 4100:0000:0000.0002: unknown main item tag 0x0
[   87.101573][ T3373] hid-generic 4100:0000:0000.0002: unknown main item tag 0x0
[   87.109100][ T3373] hid-generic 4100:0000:0000.0002: unknown main item tag 0x0
[   87.116597][ T3373] hid-generic 4100:0000:0000.0002: unknown main item tag 0x0
[   87.124084][ T3373] hid-generic 4100:0000:0000.0002: unknown main item tag 0x0
[   87.131498][ T3373] hid-generic 4100:0000:0000.0002: unknown main item tag 0x0
[   87.138934][ T3373] hid-generic 4100:0000:0000.0002: unknown main item tag 0x0
[   87.146365][ T3373] hid-generic 4100:0000:0000.0002: unknown main item tag 0x0
[   87.153834][ T3373] hid-generic 4100:0000:0000.0002: unknown main item tag 0x0
[   87.161295][ T3373] hid-generic 4100:0000:0000.0002: unknown main item tag 0x0
[   87.162074][ T6402] bio_check_eod: 56 callbacks suppressed
[   87.162091][ T6402] syz.0.854: attempt to access beyond end of device
[   87.162091][ T6402] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   87.168721][ T3373] hid-generic 4100:0000:0000.0002: unknown main item tag 0x0
[   87.183900][ T6404] sg_write: data in/out 231/42 bytes for SCSI command 0x0-- guessing data in;
[   87.183900][ T6404]    program syz.3.857 not setting count and/or reply_len properly
[   87.187345][ T3373] hid-generic 4100:0000:0000.0002: unknown main item tag 0x0
[   87.211619][ T6395] sit0 speed is unknown, defaulting to 1000
[   87.218738][ T3373] hid-generic 4100:0000:0000.0002: unknown main item tag 0x0
[   87.232121][ T3373] hid-generic 4100:0000:0000.0002: unknown main item tag 0x0
[   87.239535][ T3373] hid-generic 4100:0000:0000.0002: unknown main item tag 0x0
[   87.246985][ T3373] hid-generic 4100:0000:0000.0002: unknown main item tag 0x0
[   87.254450][ T3373] hid-generic 4100:0000:0000.0002: unknown main item tag 0x0
[   87.261965][ T3373] hid-generic 4100:0000:0000.0002: unknown main item tag 0x0
[   87.269379][ T3373] hid-generic 4100:0000:0000.0002: unknown main item tag 0x0
[   87.276852][ T3373] hid-generic 4100:0000:0000.0002: unknown main item tag 0x0
[   87.284407][ T3373] hid-generic 4100:0000:0000.0002: unknown main item tag 0x0
[   87.295591][ T3373] hid-generic 4100:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[   87.402356][ T6407] loop4: detected capacity change from 0 to 512
[   87.442803][ T6407] netlink: 24 bytes leftover after parsing attributes in process `syz.4.858'.
[   87.732983][ T6420] loop3: detected capacity change from 0 to 1024
[   87.769860][ T6420] EXT4-fs: Ignoring removed nomblk_io_submit option
[   87.802416][ T6420] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   87.815449][ T6425] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   87.872059][ T6434] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[   87.957067][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.247917][ T6425] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.324016][ T6455] loop1: detected capacity change from 0 to 8192
[   88.349530][ T6457] loop4: detected capacity change from 0 to 4096
[   88.360157][ T6455] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   88.360439][ T6425] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.419519][ T6457] FAULT_INJECTION: forcing a failure.
[   88.419519][ T6457] name failslab, interval 1, probability 0, space 0, times 0
[   88.432294][ T6457] CPU: 0 UID: 0 PID: 6457 Comm: syz.4.878 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[   88.442926][ T6457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   88.453112][ T6457] Call Trace:
[   88.456457][ T6457]  <TASK>
[   88.459436][ T6457]  dump_stack_lvl+0xf2/0x150
[   88.464087][ T6457]  dump_stack+0x15/0x1a
[   88.468282][ T6457]  should_fail_ex+0x223/0x230
[   88.472981][ T6457]  ? percpu_ref_init+0x96/0x240
[   88.474138][ T6463] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   88.477909][ T6457]  should_failslab+0x8f/0xb0
[   88.490929][ T6457]  ? __pfx_free_ioctx_reqs+0x10/0x10
[   88.496437][ T6457]  __kmalloc_cache_noprof+0x4e/0x320
[   88.501788][ T6457]  ? __pfx_free_ioctx_reqs+0x10/0x10
[   88.507215][ T6457]  percpu_ref_init+0x96/0x240
[   88.511929][ T6457]  ioctx_alloc+0x1fe/0x4c0
[   88.516372][ T6457]  __se_sys_io_setup+0x6b/0x1b0
[   88.521425][ T6457]  __x64_sys_io_setup+0x31/0x40
[   88.526456][ T6457]  x64_sys_call+0x160f/0x2dc0
[   88.531148][ T6457]  do_syscall_64+0xc9/0x1c0
[   88.535663][ T6457]  ? clear_bhb_loop+0x55/0xb0
[   88.540400][ T6457]  ? clear_bhb_loop+0x55/0xb0
[   88.545185][ T6457]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.551109][ T6457] RIP: 0033:0x7f1f5967fed9
[   88.555542][ T6457] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   88.575315][ T6457] RSP: 002b:00007f1f57cf7058 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce
[   88.583747][ T6457] RAX: ffffffffffffffda RBX: 00007f1f59845fa0 RCX: 00007f1f5967fed9
[   88.591765][ T6457] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 00000000000003fe
[   88.599805][ T6457] RBP: 00007f1f57cf70a0 R08: 0000000000000000 R09: 0000000000000000
[   88.607901][ T6457] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   88.615928][ T6457] R13: 0000000000000000 R14: 00007f1f59845fa0 R15: 00007fff953ccf48
[   88.623955][ T6457]  </TASK>
[   88.637819][ T6463] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   88.663905][ T6425] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.735592][ T6463] batadv_slave_1: entered promiscuous mode
[   88.760992][ T6468] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[   88.785593][ T6470] 9pnet_fd: Insufficient options for proto=fd
[   88.813996][ T6470] netlink: 4 bytes leftover after parsing attributes in process `syz.2.882'.
[   88.839422][ T6425] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   88.839840][ T6472] loop4: detected capacity change from 0 to 128
[   88.851416][ T6425] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   88.865724][ T6425] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   88.872057][ T6474] netlink: 268 bytes leftover after parsing attributes in process `syz.3.884'.
[   88.883066][ T6474] unsupported nla_type 65024
[   88.890614][ T6472] msdos: Unknown parameter 'GÄøÓ²h3ÿý6•u�B½dots'
[   88.894265][ T6425] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   88.969060][ T6479] netlink: 4 bytes leftover after parsing attributes in process `syz.0.885'.
[   88.999606][ T6485] loop2: detected capacity change from 0 to 128
[   89.009640][ T6484] loop4: detected capacity change from 0 to 128
[   89.028813][ T6485] FAT-fs (loop2): error, invalid access to FAT (entry 0x0ffffff6)
[   89.088611][ T6487] syz.4.886: attempt to access beyond end of device
[   89.088611][ T6487] loop4: rw=2049, sector=292, nr_sectors = 1 limit=128
[   89.106175][ T6487] sg_write: data in/out 231/42 bytes for SCSI command 0x0-- guessing data in;
[   89.106175][ T6487]    program syz.4.886 not setting count and/or reply_len properly
[   89.210136][ T6487] syz.4.886: attempt to access beyond end of device
[   89.210136][ T6487] loop4: rw=2049, sector=292, nr_sectors = 8 limit=128
[   89.223831][ T6487] syz.4.886: attempt to access beyond end of device
[   89.223831][ T6487] loop4: rw=2049, sector=308, nr_sectors = 8 limit=128
[   89.242654][ T6487] syz.4.886: attempt to access beyond end of device
[   89.242654][ T6487] loop4: rw=2049, sector=324, nr_sectors = 8 limit=128
[   89.256749][ T6487] syz.4.886: attempt to access beyond end of device
[   89.256749][ T6487] loop4: rw=2049, sector=340, nr_sectors = 8 limit=128
[   89.270744][ T6487] syz.4.886: attempt to access beyond end of device
[   89.270744][ T6487] loop4: rw=2049, sector=356, nr_sectors = 8 limit=128
[   89.284673][ T6487] syz.4.886: attempt to access beyond end of device
[   89.284673][ T6487] loop4: rw=2049, sector=372, nr_sectors = 8 limit=128
[   89.300269][ T6487] syz.4.886: attempt to access beyond end of device
[   89.300269][ T6487] loop4: rw=2049, sector=388, nr_sectors = 8 limit=128
[   89.314086][ T6487] syz.4.886: attempt to access beyond end of device
[   89.314086][ T6487] loop4: rw=2049, sector=404, nr_sectors = 8 limit=128
[   89.585044][ T6498] rdma_rxe: rxe_newlink: failed to add bond_slave_1
[   89.602013][ T6444] batadv_slave_1: left promiscuous mode
[   89.791140][ T6503] netlink: 8 bytes leftover after parsing attributes in process `+}[@'.
[   90.034231][ T6508] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[   90.037966][ T6506] netlink: 'syz.4.895': attribute type 1 has an invalid length.
[   90.080393][ T6514] loop4: detected capacity change from 0 to 512
[   90.103523][ T6514] netlink: 24 bytes leftover after parsing attributes in process `syz.4.898'.
[   90.120512][ T6518] loop6: detected capacity change from 0 to 7
[   90.139903][ T6518] Buffer I/O error on dev loop6, logical block 0, async page read
[   90.148288][ T6518] Buffer I/O error on dev loop6, logical block 0, async page read
[   90.156220][ T6518]  loop6: unable to read partition table
[   90.162504][ T6518] loop_reread_partitions: partition scan of loop6 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨�â·û
[   90.162504][ T6518] 
) failed (rc=-5)
[   90.203440][ T6520] loop4: detected capacity change from 0 to 512
[   90.219147][ T6520] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   90.245026][ T6520] EXT4-fs (loop4): 1 truncate cleaned up
[   90.246870][ T6526] loop6: detected capacity change from 0 to 7
[   90.251070][ T6520] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   90.257109][ T6526] Buffer I/O error on dev loop6, logical block 0, async page read
[   90.278831][ T6526] Buffer I/O error on dev loop6, logical block 0, async page read
[   90.286862][ T6526]  loop6: unable to read partition table
[   90.297885][ T6526] loop_reread_partitions: partition scan of loop6 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨�â·û
[   90.297885][ T6526] 
) failed (rc=-5)
[   90.304094][ T6520] EXT4-fs error (device loop4): ext4_clear_blocks:876: inode #14: comm syz.4.902: attempt to clear invalid blocks 1886221359 len 1
[   90.315340][ T6531] bpf_get_probe_write_proto: 5 callbacks suppressed
[   90.315396][ T6531] syz.1.905[6531] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   90.331920][ T6531] syz.1.905[6531] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   90.346762][ T6531] syz.1.905[6531] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   90.381463][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.404575][ T6537] netlink: 'syz.3.908': attribute type 1 has an invalid length.
[   90.459327][ T6544] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[   90.559583][   T29] kauditd_printk_skb: 310 callbacks suppressed
[   90.559602][   T29] audit: type=1326 audit(1733650869.883:4918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6530 comm="syz.1.905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc3fe61c0e9 code=0x7ffc0000
[   90.589459][   T29] audit: type=1326 audit(1733650869.883:4919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6530 comm="syz.1.905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3fe67fed9 code=0x7ffc0000
[   90.613601][   T29] audit: type=1326 audit(1733650869.883:4920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6530 comm="syz.1.905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3fe67fed9 code=0x7ffc0000
[   90.654853][ T6550] pim6reg1: entered promiscuous mode
[   90.660233][ T6550] pim6reg1: entered allmulticast mode
[   90.699348][   T29] audit: type=1400 audit(1733650870.023:4921): avc:  denied  { create } for  pid=6545 comm="syz.3.911" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[   90.762778][ T6553] xt_hashlimit: max too large, truncated to 1048576
[   90.770339][ T6553] Cannot find set identified by id 0 to match
[   90.796105][   T29] audit: type=1326 audit(1733650870.123:4922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6556 comm="syz.3.916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40e244fed9 code=0x7ffc0000
[   90.838807][ T6559] SELinux:  Context system_u:object_r:dhcp_state_t:s0 is not valid (left unmapped).
[   90.848678][   T29] audit: type=1326 audit(1733650870.153:4923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6556 comm="syz.3.916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f40e244fed9 code=0x7ffc0000
[   90.872112][   T29] audit: type=1326 audit(1733650870.153:4924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6556 comm="syz.3.916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40e244fed9 code=0x7ffc0000
[   90.895524][   T29] audit: type=1326 audit(1733650870.153:4925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6556 comm="syz.3.916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f40e244fed9 code=0x7ffc0000
[   90.918839][   T29] audit: type=1326 audit(1733650870.153:4926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6556 comm="syz.3.916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40e244fed9 code=0x7ffc0000
[   90.942492][   T29] audit: type=1326 audit(1733650870.153:4927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6556 comm="syz.3.916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f40e244fed9 code=0x7ffc0000
[   90.988461][ T6564] netlink: 'syz.1.919': attribute type 1 has an invalid length.
[   91.015140][ T6568] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[   91.025264][ T6566] loop4: detected capacity change from 0 to 512
[   91.055644][ T6566] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   91.068308][ T6566] ext4 filesystem being mounted at /176/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   91.072630][ T6573] loop3: detected capacity change from 0 to 256
[   91.087051][ T6573] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   91.131765][ T6579] netlink: 'syz.1.924': attribute type 10 has an invalid length.
[   91.140595][ T6573] xt_CT: You must specify a L4 protocol and not use inversions on it
[   91.146697][ T6579] batman_adv: batadv0: Adding interface: team0
[   91.161180][ T6579] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[   91.201847][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   91.216726][ T6585] siw: device registration error -23
[   91.234028][ T6583] loop1: detected capacity change from 0 to 4096
[   91.246918][ T6583] EXT4-fs: Ignoring removed nomblk_io_submit option
[   91.273822][ T6583] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   91.359073][ T3298] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   91.624663][ T6618] loop4: detected capacity change from 0 to 512
[   91.638813][ T6618] EXT4-fs: test_dummy_encryption option not supported
[   91.728800][ T6633] loop6: detected capacity change from 0 to 7
[   91.735196][ T6633] Buffer I/O error on dev loop6, logical block 0, async page read
[   91.743582][ T6633] Buffer I/O error on dev loop6, logical block 0, async page read
[   91.751439][ T6633]  loop6: unable to read partition table
[   91.758082][ T6633] loop_reread_partitions: partition scan of loop6 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨�â·û
[   91.758082][ T6633] 
) failed (rc=-5)
[   91.766319][ T6619] sit0 speed is unknown, defaulting to 1000
[   91.842980][ T6640] FAULT_INJECTION: forcing a failure.
[   91.842980][ T6640] name failslab, interval 1, probability 0, space 0, times 0
[   91.855693][ T6640] CPU: 0 UID: 0 PID: 6640 Comm: syz.4.948 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[   91.866315][ T6640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   91.876400][ T6640] Call Trace:
[   91.877042][ T6619] chnl_net:caif_netlink_parms(): no params data found
[   91.879676][ T6640]  <TASK>
[   91.889429][ T6640]  dump_stack_lvl+0xf2/0x150
[   91.894075][ T6640]  dump_stack+0x15/0x1a
[   91.898268][ T6640]  should_fail_ex+0x223/0x230
[   91.903040][ T6640]  ? __se_sys_mount+0xf7/0x2d0
[   91.907850][ T6640]  should_failslab+0x8f/0xb0
[   91.912616][ T6640]  __kmalloc_cache_noprof+0x4e/0x320
[   91.917984][ T6640]  ? memdup_user+0x9f/0xc0
[   91.922421][ T6640]  __se_sys_mount+0xf7/0x2d0
[   91.927050][ T6640]  ? fput+0x1c4/0x200
[   91.931058][ T6640]  ? ksys_write+0x176/0x1b0
[   91.935573][ T6640]  __x64_sys_mount+0x67/0x80
[   91.940241][ T6640]  x64_sys_call+0x2c84/0x2dc0
[   91.944924][ T6640]  do_syscall_64+0xc9/0x1c0
[   91.949453][ T6640]  ? clear_bhb_loop+0x55/0xb0
[   91.954316][ T6640]  ? clear_bhb_loop+0x55/0xb0
[   91.959051][ T6640]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.964962][ T6640] RIP: 0033:0x7f1f5967fed9
[   91.969448][ T6640] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.989194][ T6640] RSP: 002b:00007f1f57cf7058 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   91.997630][ T6640] RAX: ffffffffffffffda RBX: 00007f1f59845fa0 RCX: 00007f1f5967fed9
[   92.005617][ T6640] RDX: 00000000200004c0 RSI: 0000000020000000 RDI: 0000000000000000
[   92.013610][ T6640] RBP: 00007f1f57cf70a0 R08: 0000000020000b00 R09: 0000000000000000
[   92.021629][ T6640] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001
[   92.029622][ T6640] R13: 0000000000000000 R14: 00007f1f59845fa0 R15: 00007fff953ccf48
[   92.037696][ T6640]  </TASK>
[   92.081680][ T6619] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.088863][ T6651] loop6: detected capacity change from 0 to 7
[   92.088892][ T6619] bridge0: port 1(bridge_slave_0) entered disabled state
[   92.095087][ T6651] Buffer I/O error on dev loop6, logical block 0, async page read
[   92.104302][ T6649] loop3: detected capacity change from 0 to 128
[   92.109980][ T6651] Buffer I/O error on dev loop6, logical block 0, async page read
[   92.124171][ T6651]  loop6: unable to read partition table
[   92.130160][ T6651] loop_reread_partitions: partition scan of loop6 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨�â·û
[   92.130160][ T6651] 
) failed (rc=-5)
[   92.132035][ T6649] FAT-fs (loop3): error, invalid access to FAT (entry 0x0ffffff6)
[   92.154463][ T6619] bridge_slave_0: entered allmulticast mode
[   92.161135][ T6619] bridge_slave_0: entered promiscuous mode
[   92.174695][ T6619] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.181881][ T6619] bridge0: port 2(bridge_slave_1) entered disabled state
[   92.201360][ T6619] bridge_slave_1: entered allmulticast mode
[   92.208103][ T6619] bridge_slave_1: entered promiscuous mode
[   92.227428][ T6619] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   92.238097][ T6619] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   92.259663][ T6619] team0: Port device team_slave_0 added
[   92.268266][ T6619] team0: Port device team_slave_1 added
[   92.284881][ T6619] batman_adv: batadv0: Adding interface: batadv_slave_0
[   92.292022][ T6619] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.318051][ T6619] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   92.358400][ T6619] batman_adv: batadv0: Adding interface: batadv_slave_1
[   92.365465][ T6619] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.391526][ T6619] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   92.415544][ T6663] netlink: 'syz.2.954': attribute type 10 has an invalid length.
[   92.433908][ T6660] loop6: detected capacity change from 0 to 7
[   92.440182][ T6660] Buffer I/O error on dev loop6, logical block 0, async page read
[   92.448205][ T6660] Buffer I/O error on dev loop6, logical block 0, async page read
[   92.456311][ T6660]  loop6: unable to read partition table
[   92.465141][ T6619] hsr_slave_0: entered promiscuous mode
[   92.471700][ T6619] hsr_slave_1: entered promiscuous mode
[   92.477816][ T6619] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   92.486010][ T6660] loop_reread_partitions: partition scan of loop6 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨�â·û
[   92.486010][ T6660] 
) failed (rc=-5)
[   92.499410][ T6619] Cannot create hsr debugfs directory
[   92.574753][ T6619] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   92.748701][ T6619] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   92.797738][ T6670] loop6: detected capacity change from 0 to 7
[   92.804051][ T6670] Buffer I/O error on dev loop6, logical block 0, async page read
[   92.812098][ T6670] Buffer I/O error on dev loop6, logical block 0, async page read
[   92.819954][ T6670]  loop6: unable to read partition table
[   92.825693][ T6670] loop_reread_partitions: partition scan of loop6 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨�â·û
[   92.825693][ T6670] 
) failed (rc=-5)
[   93.049612][ T6619] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   93.155289][ T6685] loop3: detected capacity change from 0 to 128
[   93.163508][ T6685] FAT-fs (loop3): error, invalid access to FAT (entry 0x0ffffff6)
[   93.201669][ T6619] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   93.262676][ T6619] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   93.263624][ T6689] netlink: 'syz.3.965': attribute type 1 has an invalid length.
[   93.278888][ T6619] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   93.288675][ T6619] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   93.297754][ T6619] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   93.320614][ T6687] bridge0: port 3(bond0) entered blocking state
[   93.327125][ T6687] bridge0: port 3(bond0) entered disabled state
[   93.335034][ T6687] bond0: entered allmulticast mode
[   93.340211][ T6687] bond_slave_0: entered allmulticast mode
[   93.346031][ T6687] bond_slave_1: entered allmulticast mode
[   93.355202][ T6687] bond0: entered promiscuous mode
[   93.360279][ T6687] bond_slave_0: entered promiscuous mode
[   93.366246][ T6687] bond_slave_1: entered promiscuous mode
[   93.380756][ T6687] bridge0: port 3(bond0) entered blocking state
[   93.387131][ T6687] bridge0: port 3(bond0) entered forwarding state
[   93.440059][ T6619] 8021q: adding VLAN 0 to HW filter on device bond0
[   93.474124][ T6687] loop2: detected capacity change from 0 to 1024
[   93.489053][ T6619] 8021q: adding VLAN 0 to HW filter on device team0
[   93.489234][ T6699] loop6: detected capacity change from 0 to 7
[   93.509698][ T4713] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.516893][ T4713] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.533353][ T4713] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.540594][ T4713] bridge0: port 2(bridge_slave_1) entered forwarding state
[   93.548799][ T6699] Buffer I/O error on dev loop6, logical block 0, async page read
[   93.556996][ T6699] Buffer I/O error on dev loop6, logical block 0, async page read
[   93.565034][ T6699]  loop6: unable to read partition table
[   93.576096][ T6687] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   93.576280][ T6699] loop_reread_partitions: partition scan of loop6 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨�â·û
[   93.576280][ T6699] 
) failed (rc=-5)
[   93.597630][ T6687] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   93.600158][ T6690] sit0 speed is unknown, defaulting to 1000
[   93.644301][ T6687] EXT4-fs (loop2): orphan cleanup on readonly fs
[   93.675360][ T6687] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5837: Corrupt filesystem
[   93.715129][ T6619] 8021q: adding VLAN 0 to HW filter on device batadv0
[   93.729291][ T6687] EXT4-fs (loop2): Remounting filesystem read-only
[   93.739078][ T6687] EXT4-fs (loop2): 1 orphan inode deleted
[   93.745572][ T6687] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   93.759043][ T6687] SELinux: (dev loop2, type ext4) getxattr errno 5
[   93.767347][ T6687] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.852910][ T6619] veth0_vlan: entered promiscuous mode
[   93.863818][ T6619] veth1_vlan: entered promiscuous mode
[   93.887306][ T6619] veth0_macvtap: entered promiscuous mode
[   93.903677][ T6619] veth1_macvtap: entered promiscuous mode
[   93.928663][ T6722] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[   93.930977][ T6619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   93.948748][ T6619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   93.958714][ T6619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   93.969178][ T6619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   93.979061][ T6619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   93.989621][ T6619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   93.999580][ T6619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   94.010047][ T6619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   94.019944][ T6619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   94.030451][ T6619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   94.041295][ T6619] batman_adv: batadv0: Interface activated: batadv_slave_0
[   94.054618][ T6619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   94.065146][ T6619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   94.075046][ T6619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   94.085596][ T6619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   94.095459][ T6619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   94.095979][ T6729] netlink: 'syz.2.978': attribute type 1 has an invalid length.
[   94.105946][ T6619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   94.105963][ T6619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   94.134031][ T6619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   94.144032][ T6619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   94.154517][ T6619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   94.165415][ T6619] batman_adv: batadv0: Interface activated: batadv_slave_1
[   94.175422][ T6619] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   94.184225][ T6619] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   94.193012][ T6619] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   94.201774][ T6619] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   94.205705][ T6731] loop2: detected capacity change from 0 to 128
[   94.227053][ T6731] vfat: Unknown parameter '0x0000000000000004184467440737095516150xffffffffffffffff0xffffffffffffffffÿÿÿÿ'
[   94.251525][ T6734] loop3: detected capacity change from 0 to 1764
[   94.264536][ T6734] ISOFS: unable to read i-node block
[   94.269896][ T6734] isofs_fill_super: get root inode failed
[   94.308212][ T6738] FAULT_INJECTION: forcing a failure.
[   94.308212][ T6738] name failslab, interval 1, probability 0, space 0, times 0
[   94.320918][ T6738] CPU: 1 UID: 0 PID: 6738 Comm: syz.4.981 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[   94.331572][ T6738] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   94.341695][ T6738] Call Trace:
[   94.345002][ T6738]  <TASK>
[   94.347954][ T6738]  dump_stack_lvl+0xf2/0x150
[   94.352653][ T6738]  dump_stack+0x15/0x1a
[   94.356838][ T6738]  should_fail_ex+0x223/0x230
[   94.361547][ T6738]  should_failslab+0x8f/0xb0
[   94.366173][ T6738]  kmem_cache_alloc_lru_noprof+0x57/0x320
[   94.371912][ T6738]  ? hugetlbfs_alloc_inode+0xbc/0x100
[   94.377334][ T6738]  hugetlbfs_alloc_inode+0xbc/0x100
[   94.382551][ T6738]  ? __pfx_hugetlbfs_alloc_inode+0x10/0x10
[   94.388426][ T6738]  alloc_inode+0x3c/0x160
[   94.392765][ T6738]  new_inode+0x1e/0x100
[   94.396943][ T6738]  hugetlbfs_get_inode+0x7d/0x380
[   94.401986][ T6738]  hugetlb_file_setup+0x188/0x3c0
[   94.407055][ T6738]  ksys_mmap_pgoff+0x172/0x330
[   94.411848][ T6738]  x64_sys_call+0x1940/0x2dc0
[   94.416540][ T6738]  do_syscall_64+0xc9/0x1c0
[   94.421069][ T6738]  ? clear_bhb_loop+0x55/0xb0
[   94.425788][ T6738]  ? clear_bhb_loop+0x55/0xb0
[   94.430484][ T6738]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.436418][ T6738] RIP: 0033:0x7f1f5967fed9
[   94.440847][ T6738] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.460471][ T6738] RSP: 002b:00007f1f57cf7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[   94.468900][ T6738] RAX: ffffffffffffffda RBX: 00007f1f59845fa0 RCX: 00007f1f5967fed9
[   94.476884][ T6738] RDX: 0000000000000000 RSI: 0000000001400000 RDI: 0000000020000000
[   94.484898][ T6738] RBP: 00007f1f57cf70a0 R08: ffffffffffffffff R09: 0000000000000000
[   94.492899][ T6738] R10: 00000000000c3072 R11: 0000000000000246 R12: 0000000000000001
[   94.500890][ T6738] R13: 0000000000000000 R14: 00007f1f59845fa0 R15: 00007fff953ccf48
[   94.508887][ T6738]  </TASK>
[   94.517114][ T6744] loop2: detected capacity change from 0 to 512
[   94.528271][ T6744] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   94.595697][ T6749] loop4: detected capacity change from 0 to 512
[   94.602457][ T6749] journal_path: Lookup failure for './file1'
[   94.608376][ T6744] EXT4-fs (loop2): 1 truncate cleaned up
[   94.608461][ T6749] EXT4-fs: error: could not find journal device path
[   94.652938][ T6744] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   94.715043][ T6764] loop1: detected capacity change from 0 to 512
[   94.750193][ T6764] batman_adv: batadv0: Adding interface: dummy0
[   94.756675][ T6764] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   94.791442][ T3300] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   94.798658][ T6764] batman_adv: batadv0: Interface activated: dummy0
[   94.829119][ T6764] netlink: 24 bytes leftover after parsing attributes in process `syz.1.941'.
[   94.881429][ T6779] loop4: detected capacity change from 0 to 2048
[   94.910419][ T6783] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6783 comm=syz.0.994
[   94.922972][ T6783] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=6783 comm=syz.0.994
[   94.958188][ T6779] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   94.971781][ T6789] loop1: detected capacity change from 0 to 2048
[   95.003310][ T6789] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   95.024195][ T6789] netlink: 12 bytes leftover after parsing attributes in process `syz.1.995'.
[   95.064049][ T6800] loop2: detected capacity change from 0 to 1024
[   95.083553][ T6800] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   95.099740][ T6802] loop0: detected capacity change from 0 to 128
[   95.116898][ T6800] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   95.137336][ T6800] EXT4-fs (loop2): orphan cleanup on readonly fs
[   95.150811][ T6800] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5837: Corrupt filesystem
[   95.160885][ T6800] EXT4-fs (loop2): Remounting filesystem read-only
[   95.167743][ T6800] EXT4-fs (loop2): 1 orphan inode deleted
[   95.196485][ T6800] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   95.208579][ T6800] SELinux: (dev loop2, type ext4) getxattr errno 5
[   95.215573][ T6800] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.232203][ T6805] bio_check_eod: 26 callbacks suppressed
[   95.232220][ T6805] syz.0.1000: attempt to access beyond end of device
[   95.232220][ T6805] loop0: rw=2049, sector=196, nr_sectors = 1 limit=128
[   95.253549][ T6805] sg_write: data in/out 231/42 bytes for SCSI command 0x0-- guessing data in;
[   95.253549][ T6805]    program syz.0.1000 not setting count and/or reply_len properly
[   95.270989][ T6619] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.303811][ T6807] pim6reg1: entered promiscuous mode
[   95.309191][ T6807] pim6reg1: entered allmulticast mode
[   95.344257][ T6805] syz.0.1000: attempt to access beyond end of device
[   95.344257][ T6805] loop0: rw=2049, sector=196, nr_sectors = 8 limit=128
[   95.360552][ T6805] syz.0.1000: attempt to access beyond end of device
[   95.360552][ T6805] loop0: rw=2049, sector=212, nr_sectors = 8 limit=128
[   95.376135][ T6805] syz.0.1000: attempt to access beyond end of device
[   95.376135][ T6805] loop0: rw=2049, sector=228, nr_sectors = 16 limit=128
[   95.392456][ T6805] syz.0.1000: attempt to access beyond end of device
[   95.392456][ T6805] loop0: rw=2049, sector=260, nr_sectors = 8 limit=128
[   95.407776][ T6805] syz.0.1000: attempt to access beyond end of device
[   95.407776][ T6805] loop0: rw=2049, sector=276, nr_sectors = 89 limit=128
[   95.457991][ T6810] FAULT_INJECTION: forcing a failure.
[   95.457991][ T6810] name failslab, interval 1, probability 0, space 0, times 0
[   95.470697][ T6810] CPU: 1 UID: 0 PID: 6810 Comm: syz.2.1003 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[   95.481413][ T6810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   95.491491][ T6810] Call Trace:
[   95.494788][ T6810]  <TASK>
[   95.497801][ T6810]  dump_stack_lvl+0xf2/0x150
[   95.502502][ T6810]  dump_stack+0x15/0x1a
[   95.506749][ T6810]  should_fail_ex+0x223/0x230
[   95.511462][ T6810]  should_failslab+0x8f/0xb0
[   95.516256][ T6810]  kmem_cache_alloc_lru_noprof+0x57/0x320
[   95.522089][ T6810]  ? hugetlbfs_alloc_inode+0xbc/0x100
[   95.527544][ T6810]  hugetlbfs_alloc_inode+0xbc/0x100
[   95.532777][ T6810]  ? __pfx_hugetlbfs_alloc_inode+0x10/0x10
[   95.538677][ T6810]  alloc_inode+0x3c/0x160
[   95.543049][ T6810]  new_inode+0x1e/0x100
[   95.547388][ T6810]  hugetlbfs_get_inode+0x7d/0x380
[   95.552496][ T6810]  hugetlb_file_setup+0x188/0x3c0
[   95.557585][ T6810]  ksys_mmap_pgoff+0x172/0x330
[   95.562403][ T6810]  x64_sys_call+0x1940/0x2dc0
[   95.567101][ T6810]  do_syscall_64+0xc9/0x1c0
[   95.571634][ T6810]  ? clear_bhb_loop+0x55/0xb0
[   95.576494][ T6810]  ? clear_bhb_loop+0x55/0xb0
[   95.581281][ T6810]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.587214][ T6810] RIP: 0033:0x7f14dce7fed9
[   95.591655][ T6810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.611301][ T6810] RSP: 002b:00007f14db4f7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[   95.619745][ T6810] RAX: ffffffffffffffda RBX: 00007f14dd045fa0 RCX: 00007f14dce7fed9
[   95.627754][ T6810] RDX: 0000000000000000 RSI: 0000000001400000 RDI: 0000000020000000
[   95.635755][ T6810] RBP: 00007f14db4f70a0 R08: ffffffffffffffff R09: 0000000000000000
[   95.643747][ T6810] R10: 00000000000c3072 R11: 0000000000000246 R12: 0000000000000001
[   95.651749][ T6810] R13: 0000000000000000 R14: 00007f14dd045fa0 R15: 00007ffe1c6ea598
[   95.659754][ T6810]  </TASK>
[   95.916797][ T6815] loop3: detected capacity change from 0 to 512
[   95.931167][   T29] kauditd_printk_skb: 295 callbacks suppressed
[   95.931184][   T29] audit: type=1326 audit(1733650875.253:5215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6814 comm="syz.3.1006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40e244fed9 code=0x7ffc0000
[   95.968441][ T6815] batman_adv: batadv0: Adding interface: dummy0
[   95.977503][ T6815] batman_adv: batadv0: Interface activated: dummy0
[   95.986603][   T29] audit: type=1326 audit(1733650875.293:5216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6814 comm="syz.3.1006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f40e244fed9 code=0x7ffc0000
[   96.010071][   T29] audit: type=1326 audit(1733650875.293:5217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6814 comm="syz.3.1006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40e244fed9 code=0x7ffc0000
[   96.033586][   T29] audit: type=1326 audit(1733650875.293:5218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6814 comm="syz.3.1006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f40e244fed9 code=0x7ffc0000
[   96.057048][   T29] audit: type=1326 audit(1733650875.293:5219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6814 comm="syz.3.1006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40e244fed9 code=0x7ffc0000
[   96.070686][ T6779] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   96.080632][   T29] audit: type=1326 audit(1733650875.293:5220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6814 comm="syz.3.1006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=4 compat=0 ip=0x7f40e244fed9 code=0x7ffc0000
[   96.096708][ T6779] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 4 with error 28
[   96.118630][   T29] audit: type=1326 audit(1733650875.293:5221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6814 comm="syz.3.1006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40e244fed9 code=0x7ffc0000
[   96.130770][ T6779] EXT4-fs (loop4): This should not happen!! Data will be lost
[   96.130770][ T6779] 
[   96.130787][ T6779] EXT4-fs (loop4): Total free blocks count 0
[   96.154175][   T29] audit: type=1326 audit(1733650875.293:5222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6814 comm="syz.3.1006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f40e244fed9 code=0x7ffc0000
[   96.154211][   T29] audit: type=1326 audit(1733650875.293:5223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6814 comm="syz.3.1006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40e244fed9 code=0x7ffc0000
[   96.163873][ T6779] EXT4-fs (loop4): Free/Dirty block details
[   96.169843][   T29] audit: type=1326 audit(1733650875.293:5224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6814 comm="syz.3.1006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f40e244fed9 code=0x7ffc0000
[   96.198893][ T6816] loop2: detected capacity change from 0 to 512
[   96.216700][ T6779] EXT4-fs (loop4): free_blocks=2415919104
[   96.216724][ T6779] EXT4-fs (loop4): dirty_blocks=32528
[   96.216738][ T6779] EXT4-fs (loop4): Block reservation details
[   96.216751][ T6779] EXT4-fs (loop4): i_reserved_data_blocks=2033
[   96.262991][ T6815] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1006'.
[   96.288331][ T6816] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   96.305720][ T6816] EXT4-fs (loop2): 1 truncate cleaned up
[   96.312041][ T6816] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   96.312122][   T36] kworker/u8:2: attempt to access beyond end of device
[   96.312122][   T36] loop0: rw=1, sector=204, nr_sectors = 8 limit=128
[   96.338628][   T36] kworker/u8:2: attempt to access beyond end of device
[   96.338628][   T36] loop0: rw=1, sector=220, nr_sectors = 8 limit=128
[   96.351001][   T50] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 14 with max blocks 22 with error 28
[   96.357413][   T36] kworker/u8:2: attempt to access beyond end of device
[   96.357413][   T36] loop0: rw=1, sector=244, nr_sectors = 16 limit=128
[   96.392443][   T36] kworker/u8:2: attempt to access beyond end of device
[   96.392443][   T36] loop0: rw=1, sector=268, nr_sectors = 8 limit=128
[   96.424569][ T6816] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1005'.
[   96.483194][ T6826] vlan2: entered promiscuous mode
[   96.488319][ T6826] vlan2: entered allmulticast mode
[   96.505308][ T6828] loop3: detected capacity change from 0 to 128
[   96.515429][ T3300] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.519258][ T6828] FAT-fs (loop3): error, invalid access to FAT (entry 0x0ffffff6)
[   96.579873][ T6836] netlink: 'syz.2.1013': attribute type 153 has an invalid length.
[   96.709150][ T6849] 9pnet_fd: Insufficient options for proto=fd
[   96.738512][ T6850] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[   96.766194][ T6848] rdma_rxe: rxe_newlink: failed to add bond_slave_1
[   96.769226][ T6852] loop2: detected capacity change from 0 to 512
[   96.779713][ T6852] journal_path: Lookup failure for './file1'
[   96.785829][ T6852] EXT4-fs: error: could not find journal device path
[   96.789339][ T6855] loop3: detected capacity change from 0 to 512
[   96.824343][ T6855] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1021'.
[   96.887753][ T6861] syz.1.1025[6861] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   96.887909][ T6861] syz.1.1025[6861] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   96.892021][ T6862] loop2: detected capacity change from 0 to 128
[   96.939488][ T6865] syz.3.1024[6865] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   96.939562][ T6865] syz.3.1024[6865] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   96.951618][ T6861] syz.1.1025[6861] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   96.975660][ T6868] loop2: detected capacity change from 0 to 512
[   97.005516][ T6865] syz.3.1024[6865] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   97.036719][ T6868] journal_path: Lookup failure for './file1'
[   97.054301][ T6868] EXT4-fs: error: could not find journal device path
[   97.107065][ T6879] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[   97.181036][ T6887] loop4: detected capacity change from 0 to 512
[   97.181344][ T6889] loop2: detected capacity change from 0 to 512
[   97.188664][ T6891] loop3: detected capacity change from 0 to 128
[   97.198331][ T6889] EXT4-fs: Ignoring removed bh option
[   97.209634][ T6887] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1035'.
[   97.226989][ T6889] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities
[   97.285246][ T6894] capability: warning: `syz.1.1038' uses 32-bit capabilities (legacy support in use)
[   97.289237][ T6898] syz.3.1040[6898] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   97.295000][ T6898] syz.3.1040[6898] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   97.314829][ T6900] loop4: detected capacity change from 0 to 512
[   97.333717][ T6902] FAULT_INJECTION: forcing a failure.
[   97.333717][ T6902] name failslab, interval 1, probability 0, space 0, times 0
[   97.341732][ T6898] syz.3.1040[6898] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   97.346456][ T6902] CPU: 0 UID: 0 PID: 6902 Comm: syz.1.1042 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[   97.368437][ T6902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   97.378661][ T6902] Call Trace:
[   97.381950][ T6902]  <TASK>
[   97.384915][ T6902]  dump_stack_lvl+0xf2/0x150
[   97.389593][ T6902]  dump_stack+0x15/0x1a
[   97.393937][ T6902]  should_fail_ex+0x223/0x230
[   97.398637][ T6902]  should_failslab+0x8f/0xb0
[   97.403337][ T6902]  __kmalloc_node_noprof+0xad/0x410
[   97.408645][ T6902]  ? __vmalloc_node_range_noprof+0x3dc/0xe80
[   97.414711][ T6902]  __vmalloc_node_range_noprof+0x3dc/0xe80
[   97.420633][ T6902]  ? mntput_no_expire+0x70/0x3c0
[   97.425613][ T6902]  ? selinux_capable+0x1f2/0x260
[   97.430571][ T6902]  ? bpf_prog_alloc_no_stats+0x49/0x380
[   97.436201][ T6902]  __vmalloc_noprof+0x5e/0x70
[   97.441044][ T6902]  ? bpf_prog_alloc_no_stats+0x49/0x380
[   97.446620][ T6902]  bpf_prog_alloc_no_stats+0x49/0x380
[   97.452077][ T6902]  ? bpf_prog_alloc+0x28/0x150
[   97.456884][ T6902]  bpf_prog_alloc+0x3a/0x150
[   97.461647][ T6902]  bpf_prog_load+0x4d1/0x1070
[   97.466406][ T6902]  ? __rcu_read_unlock+0x4e/0x70
[   97.471423][ T6902]  __sys_bpf+0x463/0x7a0
[   97.475687][ T6902]  __x64_sys_bpf+0x43/0x50
[   97.480171][ T6902]  x64_sys_call+0x2914/0x2dc0
[   97.484998][ T6902]  do_syscall_64+0xc9/0x1c0
[   97.489581][ T6902]  ? clear_bhb_loop+0x55/0xb0
[   97.494313][ T6902]  ? clear_bhb_loop+0x55/0xb0
[   97.499038][ T6902]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.504986][ T6902] RIP: 0033:0x7f15bcadfed9
[   97.509425][ T6902] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.529055][ T6902] RSP: 002b:00007f15bb157058 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   97.537588][ T6902] RAX: ffffffffffffffda RBX: 00007f15bcca5fa0 RCX: 00007f15bcadfed9
[   97.545573][ T6902] RDX: 0000000000000094 RSI: 00000000200005c0 RDI: 0000000000000005
[   97.554028][ T6902] RBP: 00007f15bb1570a0 R08: 0000000000000000 R09: 0000000000000000
[   97.562020][ T6902] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   97.570004][ T6902] R13: 0000000000000000 R14: 00007f15bcca5fa0 R15: 00007ffcb7cbb268
[   97.578107][ T6902]  </TASK>
[   97.581326][ T6902] syz.1.1042: vmalloc error: size 4096, failed to allocated page array size 8, mode:0x500dc2(GFP_HIGHUSER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0
[   97.598887][ T6902] CPU: 0 UID: 0 PID: 6902 Comm: syz.1.1042 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[   97.609629][ T6902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   97.619722][ T6902] Call Trace:
[   97.623029][ T6902]  <TASK>
[   97.626012][ T6902]  dump_stack_lvl+0xf2/0x150
[   97.626455][ T6900] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   97.630640][ T6902]  dump_stack+0x15/0x1a
[   97.630685][ T6902]  warn_alloc+0x145/0x1b0
[   97.649012][ T6902]  __vmalloc_node_range_noprof+0x473/0xe80
[   97.654877][ T6902]  ? selinux_capable+0x1f2/0x260
[   97.659919][ T6902]  ? bpf_prog_alloc_no_stats+0x49/0x380
[   97.665628][ T6902]  __vmalloc_noprof+0x5e/0x70
[   97.670337][ T6902]  ? bpf_prog_alloc_no_stats+0x49/0x380
[   97.675905][ T6902]  bpf_prog_alloc_no_stats+0x49/0x380
[   97.681297][ T6902]  ? bpf_prog_alloc+0x28/0x150
[   97.686078][ T6902]  bpf_prog_alloc+0x3a/0x150
[   97.690690][ T6902]  bpf_prog_load+0x4d1/0x1070
[   97.695399][ T6902]  ? __rcu_read_unlock+0x4e/0x70
[   97.700457][ T6902]  __sys_bpf+0x463/0x7a0
[   97.704744][ T6902]  __x64_sys_bpf+0x43/0x50
[   97.709185][ T6902]  x64_sys_call+0x2914/0x2dc0
[   97.713877][ T6902]  do_syscall_64+0xc9/0x1c0
[   97.718395][ T6902]  ? clear_bhb_loop+0x55/0xb0
[   97.723090][ T6902]  ? clear_bhb_loop+0x55/0xb0
[   97.727811][ T6902]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.733747][ T6902] RIP: 0033:0x7f15bcadfed9
[   97.738322][ T6902] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.757960][ T6902] RSP: 002b:00007f15bb157058 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   97.766392][ T6902] RAX: ffffffffffffffda RBX: 00007f15bcca5fa0 RCX: 00007f15bcadfed9
[   97.774470][ T6902] RDX: 0000000000000094 RSI: 00000000200005c0 RDI: 0000000000000005
[   97.782471][ T6902] RBP: 00007f15bb1570a0 R08: 0000000000000000 R09: 0000000000000000
[   97.790454][ T6902] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   97.798438][ T6902] R13: 0000000000000000 R14: 00007f15bcca5fa0 R15: 00007ffcb7cbb268
[   97.806471][ T6902]  </TASK>
[   97.809944][ T6902] Mem-Info:
[   97.813294][ T6902] active_anon:4226 inactive_anon:1 isolated_anon:0
[   97.813294][ T6902]  active_file:6811 inactive_file:14766 isolated_file:0
[   97.813294][ T6902]  unevictable:0 dirty:504 writeback:0
[   97.813294][ T6902]  slab_reclaimable:3020 slab_unreclaimable:18185
[   97.813294][ T6902]  mapped:28842 shmem:327 pagetables:850
[   97.813294][ T6902]  sec_pagetables:0 bounce:0
[   97.813294][ T6902]  kernel_misc_reclaimable:0
[   97.813294][ T6902]  free:1888622 free_pcp:1820 free_cma:0
[   97.858238][ T6902] Node 0 active_anon:17136kB inactive_anon:4kB active_file:27244kB inactive_file:59064kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:115484kB dirty:2016kB writeback:0kB shmem:1308kB writeback_tmp:0kB kernel_stack:2992kB pagetables:3516kB sec_pagetables:0kB all_unreclaimable? no
[   97.866501][ T6900] EXT4-fs (loop4): 1 truncate cleaned up
[   97.886160][ T6902] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   97.892374][ T6900] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   97.918649][ T6902] lowmem_reserve[]: 0 2866 7844 0
[   97.936492][ T6902] Node 0 DMA32 free:2950380kB boost:0kB min:4136kB low:7068kB high:10000kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2953912kB mlocked:0kB bounce:0kB free_pcp:3532kB local_pcp:3532kB free_cma:0kB
[   97.965435][ T6902] lowmem_reserve[]: 0 0 4978 0
[   97.970325][ T6902] Node 0 Normal free:4588620kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB active_anon:17136kB inactive_anon:4kB active_file:27244kB inactive_file:59064kB unevictable:0kB writepending:2088kB present:5242880kB managed:5098208kB mlocked:0kB bounce:0kB free_pcp:3512kB local_pcp:1816kB free_cma:0kB
[   97.983152][ T6906] pim6reg1: entered promiscuous mode
[   98.000666][ T6902] lowmem_reserve[]: 0 0 0
[   98.005978][ T6906] pim6reg1: entered allmulticast mode
[   98.006024][ T6902]  0
[   98.018327][ T6902] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   98.022586][ T6900] EXT4-fs error (device loop4): ext4_clear_blocks:876: inode #14: comm syz.4.1041: attempt to clear invalid blocks 1886221359 len 1
[   98.031105][ T6902] Node 0 DMA32: 3*4kB (M) 4*8kB (M) 4*16kB (M) 6*32kB (M) 3*64kB (M) 2*128kB (M) 2*256kB (M) 2*512kB (M) 3*1024kB (M) 2*2048kB (M) 718*4096kB (M) = 2950380kB
[   98.061105][ T6902] Node 0 Normal: 1027*4kB (ME) 738*8kB (UME) 574*16kB (UME) 409*32kB (UME) 449*64kB (UME) 99*128kB (UME) 50*256kB (UME) 41*512kB (UME) 18*1024kB (UM) 17*2048kB (UM) 1081*4096kB (UME) = 4588508kB
[   98.080831][ T6902] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[   98.090226][ T6902] 21908 total pagecache pages
[   98.095042][ T6902] 2 pages in swap cache
[   98.099239][ T6902] Free swap  = 124388kB
[   98.103524][ T6902] Total swap = 124996kB
[   98.107762][ T6902] 2097051 pages RAM
[   98.111565][ T6902] 0 pages HighMem/MovableOnly
[   98.116310][ T6902] 80181 pages reserved
[   98.123433][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.230237][ T6924] loop3: detected capacity change from 0 to 512
[   98.245623][ T6924] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1051'.
[   98.362947][ T6934] sit0 speed is unknown, defaulting to 1000
[   98.378157][ T6932] loop0: detected capacity change from 0 to 1024
[   98.387940][ T6932] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   98.409842][ T6932] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   98.418023][ T6932] EXT4-fs (loop0): orphan cleanup on readonly fs
[   98.426104][ T6932] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5837: Corrupt filesystem
[   98.435790][ T6932] EXT4-fs (loop0): Remounting filesystem read-only
[   98.442932][ T6932] EXT4-fs (loop0): 1 orphan inode deleted
[   98.449256][ T6932] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   98.462787][ T6932] SELinux: (dev loop0, type ext4) getxattr errno 5
[   98.469799][ T6932] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.569233][ T6949] pim6reg1: entered promiscuous mode
[   98.574768][ T6949] pim6reg1: entered allmulticast mode
[   98.585248][ T6951] syz.4.1061[6951] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   98.641472][ T6955] netlink: 'syz.4.1063': attribute type 1 has an invalid length.
[   98.744489][ T6964] vhci_hcd: invalid port number 15
[   98.749695][ T6964] vhci_hcd: invalid port number 15
[   98.757862][ T6965] FAULT_INJECTION: forcing a failure.
[   98.757862][ T6965] name failslab, interval 1, probability 0, space 0, times 0
[   98.770706][ T6965] CPU: 0 UID: 0 PID: 6965 Comm: syz.0.1067 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[   98.781420][ T6965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   98.791507][ T6965] Call Trace:
[   98.794803][ T6965]  <TASK>
[   98.797754][ T6965]  dump_stack_lvl+0xf2/0x150
[   98.802381][ T6965]  dump_stack+0x15/0x1a
[   98.806568][ T6965]  should_fail_ex+0x223/0x230
[   98.811294][ T6965]  should_failslab+0x8f/0xb0
[   98.815920][ T6965]  kmem_cache_alloc_lru_noprof+0x57/0x320
[   98.821667][ T6965]  ? hugetlbfs_alloc_inode+0xbc/0x100
[   98.827183][ T6965]  hugetlbfs_alloc_inode+0xbc/0x100
[   98.832397][ T6965]  ? __pfx_hugetlbfs_alloc_inode+0x10/0x10
[   98.838247][ T6965]  alloc_inode+0x3c/0x160
[   98.842590][ T6965]  new_inode+0x1e/0x100
[   98.846827][ T6965]  hugetlbfs_get_inode+0x7d/0x380
[   98.851975][ T6965]  hugetlb_file_setup+0x188/0x3c0
[   98.857090][ T6965]  ksys_mmap_pgoff+0x172/0x330
[   98.861882][ T6965]  x64_sys_call+0x1940/0x2dc0
[   98.866657][ T6965]  do_syscall_64+0xc9/0x1c0
[   98.871230][ T6965]  ? clear_bhb_loop+0x55/0xb0
[   98.876079][ T6965]  ? clear_bhb_loop+0x55/0xb0
[   98.880800][ T6965]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.886786][ T6965] RIP: 0033:0x7f18cb59fed9
[   98.891249][ T6965] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   98.910876][ T6965] RSP: 002b:00007f18c9c17058 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[   98.919308][ T6965] RAX: ffffffffffffffda RBX: 00007f18cb765fa0 RCX: 00007f18cb59fed9
[   98.927297][ T6965] RDX: 0000000000000000 RSI: 0000000001400000 RDI: 0000000020000000
[   98.935293][ T6965] RBP: 00007f18c9c170a0 R08: ffffffffffffffff R09: 0000000000000000
[   98.943282][ T6965] R10: 00000000000c3072 R11: 0000000000000246 R12: 0000000000000001
[   98.951373][ T6965] R13: 0000000000000000 R14: 00007f18cb765fa0 R15: 00007ffeb89c07f8
[   98.959376][ T6965]  </TASK>
[   98.986905][ T6964] Invalid ELF header type: 3 != 1
[   99.028657][ T6964] loop4: detected capacity change from 0 to 1024
[   99.085858][ T6977] netlink: 'syz.1.1074': attribute type 1 has an invalid length.
[   99.097040][ T6964] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   99.116271][ T6982] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1073'.
[   99.179759][ T6988] loop3: detected capacity change from 0 to 512
[   99.199276][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.233389][ T6991] loop1: detected capacity change from 0 to 512
[   99.241552][ T6990] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1073'.
[   99.250708][ T6990] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1073'.
[   99.296944][ T6991] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1079'.
[   99.314082][ T6988] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   99.326759][ T6988] ext4 filesystem being mounted at /236/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   99.368496][ T7006] pim6reg1: entered promiscuous mode
[   99.373946][ T7006] pim6reg1: entered allmulticast mode
[   99.409897][ T7013] netlink: 'syz.1.1085': attribute type 1 has an invalid length.
[   99.428514][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.494927][ T7027] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[   99.547843][ T7025] loop0: detected capacity change from 0 to 1024
[   99.556536][ T7025] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   99.577720][ T7025] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   99.585923][ T7038] loop2: detected capacity change from 0 to 512
[   99.586081][ T7025] EXT4-fs (loop0): orphan cleanup on readonly fs
[   99.599735][ T7025] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5837: Corrupt filesystem
[   99.625460][ T7025] EXT4-fs (loop0): Remounting filesystem read-only
[   99.626604][ T7038] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1095'.
[   99.634391][ T7041] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=32784 sclass=netlink_route_socket pid=7041 comm=syz.3.1096
[   99.642437][ T7025] EXT4-fs (loop0): 1 orphan inode deleted
[   99.660222][ T7025] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   99.672375][ T7025] SELinux: (dev loop0, type ext4) getxattr errno 5
[   99.679911][ T7025] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.718819][ T7044] loop2: detected capacity change from 0 to 512
[   99.743377][ T7044] ext4 filesystem being mounted at /213/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   99.763757][ T7050] loop0: detected capacity change from 0 to 128
[   99.770955][ T7050] FAT-fs (loop0): error, invalid access to FAT (entry 0x0ffffff6)
[   99.843336][ T7054] FAULT_INJECTION: forcing a failure.
[   99.843336][ T7054] name failslab, interval 1, probability 0, space 0, times 0
[   99.856053][ T7054] CPU: 1 UID: 0 PID: 7054 Comm: syz.2.1100 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[   99.866773][ T7054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   99.876935][ T7054] Call Trace:
[   99.880224][ T7054]  <TASK>
[   99.883171][ T7054]  dump_stack_lvl+0xf2/0x150
[   99.887794][ T7054]  dump_stack+0x15/0x1a
[   99.891976][ T7054]  should_fail_ex+0x223/0x230
[   99.896694][ T7054]  should_failslab+0x8f/0xb0
[   99.901323][ T7054]  kmem_cache_alloc_lru_noprof+0x57/0x320
[   99.907062][ T7054]  ? hugetlbfs_alloc_inode+0xbc/0x100
[   99.912480][ T7054]  hugetlbfs_alloc_inode+0xbc/0x100
[   99.917697][ T7054]  ? __pfx_hugetlbfs_alloc_inode+0x10/0x10
[   99.923525][ T7054]  alloc_inode+0x3c/0x160
[   99.927921][ T7054]  new_inode+0x1e/0x100
[   99.932237][ T7054]  hugetlbfs_get_inode+0x7d/0x380
[   99.937366][ T7054]  hugetlb_file_setup+0x188/0x3c0
[   99.942464][ T7054]  ksys_mmap_pgoff+0x172/0x330
[   99.947269][ T7054]  x64_sys_call+0x1940/0x2dc0
[   99.951958][ T7054]  do_syscall_64+0xc9/0x1c0
[   99.956471][ T7054]  ? clear_bhb_loop+0x55/0xb0
[   99.961281][ T7054]  ? clear_bhb_loop+0x55/0xb0
[   99.965972][ T7054]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.971907][ T7054] RIP: 0033:0x7f14dce7fed9
[   99.976358][ T7054] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   99.996212][ T7054] RSP: 002b:00007f14db4f7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  100.004643][ T7054] RAX: ffffffffffffffda RBX: 00007f14dd045fa0 RCX: 00007f14dce7fed9
[  100.012655][ T7054] RDX: 0000000000000000 RSI: 0000000001400000 RDI: 0000000020000000
[  100.020744][ T7054] RBP: 00007f14db4f70a0 R08: ffffffffffffffff R09: 0000000000000000
[  100.028724][ T7054] R10: 00000000000c3072 R11: 0000000000000246 R12: 0000000000000001
[  100.037026][ T7054] R13: 0000000000000000 R14: 00007f14dd045fa0 R15: 00007ffe1c6ea598
[  100.045046][ T7054]  </TASK>
[  100.063654][ T7053] pim6reg1: entered promiscuous mode
[  100.069123][ T7053] pim6reg1: entered allmulticast mode
[  100.163017][ T7061] loop0: detected capacity change from 0 to 128
[  100.260239][ T7065] bond0: option ad_select: unable to set because the bond device is up
[  100.300802][ T7066] bio_check_eod: 1 callbacks suppressed
[  100.300819][ T7066] syz.0.1104: attempt to access beyond end of device
[  100.300819][ T7066] loop0: rw=2049, sector=500, nr_sectors = 1 limit=128
[  100.336582][ T7070] loop1: detected capacity change from 0 to 512
[  100.432862][ T7079] loop1: detected capacity change from 0 to 512
[  100.434526][ T7066] syz.0.1104: attempt to access beyond end of device
[  100.434526][ T7066] loop0: rw=2049, sector=500, nr_sectors = 8 limit=128
[  100.455442][ T7066] syz.0.1104: attempt to access beyond end of device
[  100.455442][ T7066] loop0: rw=2049, sector=636, nr_sectors = 32 limit=128
[  100.469752][ T7066] syz.0.1104: attempt to access beyond end of device
[  100.469752][ T7066] loop0: rw=2049, sector=676, nr_sectors = 8 limit=128
[  100.483449][ T7066] syz.0.1104: attempt to access beyond end of device
[  100.483449][ T7066] loop0: rw=2049, sector=692, nr_sectors = 8 limit=128
[  100.497826][ T7079] EXT4-fs mount: 2 callbacks suppressed
[  100.497841][ T7079] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.497899][ T7066] syz.0.1104: attempt to access beyond end of device
[  100.497899][ T7066] loop0: rw=2049, sector=708, nr_sectors = 8 limit=128
[  100.516074][ T7079] ext4 filesystem being mounted at /23/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  100.529697][ T7066] syz.0.1104: attempt to access beyond end of device
[  100.529697][ T7066] loop0: rw=2049, sector=724, nr_sectors = 8 limit=128
[  100.553429][ T7066] syz.0.1104: attempt to access beyond end of device
[  100.553429][ T7066] loop0: rw=2049, sector=740, nr_sectors = 8 limit=128
[  100.566965][ T7066] syz.0.1104: attempt to access beyond end of device
[  100.566965][ T7066] loop0: rw=2049, sector=756, nr_sectors = 8 limit=128
[  100.580726][ T7066] syz.0.1104: attempt to access beyond end of device
[  100.580726][ T7066] loop0: rw=2049, sector=772, nr_sectors = 8 limit=128
[  100.596464][ T7084] loop4: detected capacity change from 0 to 512
[  100.606584][ T7084] EXT4-fs: Ignoring removed bh option
[  100.622576][ T7084] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  100.651428][ T7084] EXT4-fs (loop4): failed to open journal device unknown-block(0,8) -6
[  100.680012][ T6619] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.734751][ T7095] pimreg: entered allmulticast mode
[  100.740765][ T7095] pimreg: left allmulticast mode
[  100.867167][    C0] vxcan1: j1939_tp_rxtimer: 0xffff888113360400: rx timeout, send abort
[  100.875730][    C0] vxcan1: j1939_xtp_rx_abort_one: 0xffff888113360400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  100.910441][ T7101] loop3: detected capacity change from 0 to 128
[  100.995821][ T7102] sg_write: data in/out 231/42 bytes for SCSI command 0x0-- guessing data in;
[  100.995821][ T7102]    program syz.3.1118 not setting count and/or reply_len properly
[  101.002757][   T29] kauditd_printk_skb: 489 callbacks suppressed
[  101.002779][   T29] audit: type=1400 audit(1733650880.323:5706): avc:  denied  { ioctl } for  pid=7100 comm="syz.3.1118" path="/dev/sg0" dev="devtmpfs" ino=135 ioctlcmd=0x2285 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  101.051309][   T29] audit: type=1400 audit(1733650880.373:5707): avc:  denied  { unmount } for  pid=3302 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  101.081396][ T7104] loop2: detected capacity change from 0 to 512
[  101.090648][   T29] audit: type=1326 audit(1733650880.423:5708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7103 comm="syz.2.1120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14dce7fed9 code=0x7ffc0000
[  101.128469][   T29] audit: type=1326 audit(1733650880.443:5709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7103 comm="syz.2.1120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f14dce7fed9 code=0x7ffc0000
[  101.152077][   T29] audit: type=1326 audit(1733650880.443:5710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7103 comm="syz.2.1120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14dce7fed9 code=0x7ffc0000
[  101.175576][   T29] audit: type=1326 audit(1733650880.443:5711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7103 comm="syz.2.1120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f14dce7fed9 code=0x7ffc0000
[  101.199082][   T29] audit: type=1326 audit(1733650880.443:5712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7103 comm="syz.2.1120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14dce7fed9 code=0x7ffc0000
[  101.222666][   T29] audit: type=1326 audit(1733650880.443:5713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7103 comm="syz.2.1120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14dce7fed9 code=0x7ffc0000
[  101.246327][   T29] audit: type=1326 audit(1733650880.443:5714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7103 comm="syz.2.1120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=4 compat=0 ip=0x7f14dce7fed9 code=0x7ffc0000
[  101.269609][   T29] audit: type=1326 audit(1733650880.443:5715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7103 comm="syz.2.1120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14dce7fed9 code=0x7ffc0000
[  101.313697][ T7107] rdma_rxe: rxe_newlink: failed to add bond_slave_1
[  101.355724][ T7113] loop2: detected capacity change from 0 to 512
[  101.364445][ T7116] pim6reg1: entered promiscuous mode
[  101.369822][ T7116] pim6reg1: entered allmulticast mode
[  101.392203][ T7113] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.406472][ T7113] ext4 filesystem being mounted at /218/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  101.413480][ T7120] loop3: detected capacity change from 0 to 512
[  101.424804][ T7120] EXT4-fs: Ignoring removed i_version option
[  101.431697][ T7120] journal_path: Lookup failure for './file1'
[  101.437784][ T7120] EXT4-fs: error: could not find journal device path
[  101.448717][ T7120] __nla_validate_parse: 5 callbacks suppressed
[  101.448732][ T7120] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1124'.
[  101.448769][ T3300] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.515598][ T7125] rdma_op ffff88811adf1d80 conn xmit_rdma 0000000000000000
[  101.654674][ T7144] loop1: detected capacity change from 0 to 512
[  101.670017][ T7144] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1134'.
[  101.752784][ T7155] pim6reg1: entered promiscuous mode
[  101.758231][ T7155] pim6reg1: entered allmulticast mode
[  101.781376][ T7160] netlink: 'syz.2.1141': attribute type 1 has an invalid length.
[  101.806886][ T7162] netlink: 'syz.2.1142': attribute type 1 has an invalid length.
[  101.900106][ T7165] loop2: detected capacity change from 0 to 1024
[  101.913910][ T7165] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  101.925239][ T7165] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  101.933562][ T7165] EXT4-fs (loop2): orphan cleanup on readonly fs
[  101.940711][ T7165] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5837: Corrupt filesystem
[  101.950717][ T7165] EXT4-fs (loop2): Remounting filesystem read-only
[  101.957647][ T7165] EXT4-fs (loop2): 1 orphan inode deleted
[  101.964071][ T7165] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  101.976872][ T7165] SELinux: (dev loop2, type ext4) getxattr errno 5
[  101.983894][ T7165] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.044087][ T7179] ebtables: ebtables: counters copy to user failed while replacing table
[  102.094143][ T7189] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  102.131046][ T7191] loop1: detected capacity change from 0 to 1024
[  102.138196][ T7191] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  102.146483][ T7191] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  102.157534][ T7191] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (59422!=20869)
[  102.167307][ T7191] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  102.178146][ T7191] journal_load_superblock: Cannot read journal superblock
[  102.185486][ T7191] EXT4-fs (loop1): Could not load journal inode
[  102.241743][ T7195] rdma_rxe: rxe_newlink: failed to add bond_slave_1
[  102.282407][ T7198] rdma_rxe: rxe_newlink: failed to add bond_slave_1
[  102.318436][ T7201] pim6reg1: entered promiscuous mode
[  102.323839][ T7201] pim6reg1: entered allmulticast mode
[  102.427418][ T7207] loop1: detected capacity change from 0 to 512
[  102.443673][ T7207] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.457072][ T7207] ext4 filesystem being mounted at /41/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  102.511431][ T7213] netlink: 'syz.3.1159': attribute type 1 has an invalid length.
[  102.548690][ T6619] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.645592][ T7217] loop3: detected capacity change from 0 to 1024
[  102.673387][ T7228] pim6reg1: entered promiscuous mode
[  102.678776][ T7228] pim6reg1: entered allmulticast mode
[  102.687423][ T7217] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  102.715181][ T7217] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  102.750003][ T7217] EXT4-fs (loop3): orphan cleanup on readonly fs
[  102.766080][ T7217] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5837: Corrupt filesystem
[  102.778214][ T7217] EXT4-fs (loop3): Remounting filesystem read-only
[  102.802050][ T7217] EXT4-fs (loop3): 1 orphan inode deleted
[  102.846097][ T7217] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  102.860361][ T7217] SELinux: (dev loop3, type ext4) getxattr errno 5
[  102.867660][ T7217] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.915611][ T7235] rdma_rxe: rxe_newlink: failed to add sit0
[  102.925525][ T7240] netlink: 'syz.2.1170': attribute type 1 has an invalid length.
[  102.980781][ T7246] loop2: detected capacity change from 0 to 128
[  102.988170][ T7246] FAT-fs (loop2): error, invalid access to FAT (entry 0x0ffffff6)
[  103.049098][ T7248] FAULT_INJECTION: forcing a failure.
[  103.049098][ T7248] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  103.062452][ T7248] CPU: 1 UID: 0 PID: 7248 Comm: syz.1.1174 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[  103.073190][ T7248] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  103.083389][ T7248] Call Trace:
[  103.086687][ T7248]  <TASK>
[  103.089640][ T7248]  dump_stack_lvl+0xf2/0x150
[  103.094274][ T7248]  dump_stack+0x15/0x1a
[  103.098546][ T7248]  should_fail_ex+0x223/0x230
[  103.103320][ T7248]  should_fail_alloc_page+0xfd/0x110
[  103.108666][ T7248]  __alloc_pages_noprof+0x109/0x340
[  103.113963][ T7248]  alloc_pages_mpol_noprof+0xb1/0x1e0
[  103.119365][ T7248]  vma_alloc_folio_noprof+0x1a0/0x2f0
[  103.124823][ T7248]  handle_mm_fault+0xdd7/0x2ac0
[  103.129763][ T7248]  exc_page_fault+0x296/0x650
[  103.134470][ T7248]  asm_exc_page_fault+0x26/0x30
[  103.139471][ T7248] RIP: 0010:rep_movs_alternative+0x33/0x70
[  103.145392][ T7248] Code: 40 83 f9 08 73 21 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb
[  103.165054][ T7248] RSP: 0018:ffffc900055efdb0 EFLAGS: 00050216
[  103.171133][ T7248] RAX: 0000000000000065 RBX: 0000000020002560 RCX: 0000000000000020
[  103.179115][ T7248] RDX: 0000000000000000 RSI: ffff88812c478b80 RDI: 0000000020002540
[  103.187097][ T7248] RBP: 0000000020002540 R08: 0000000080000000 R09: 0000000000000000
[  103.195076][ T7248] R10: 000188812c478b80 R11: 000188812c478b9f R12: 0000000000000020
[  103.203057][ T7248] R13: 00007ffffffff000 R14: 0000000020002540 R15: ffff88812c478b80
[  103.211073][ T7248]  _copy_to_user+0x7c/0xa0
[  103.215576][ T7248]  lsm_fill_user_ctx+0x118/0x190
[  103.220588][ T7248]  selinux_getselfattr+0x8a/0xe0
[  103.225620][ T7248]  security_getselfattr+0x258/0x590
[  103.230859][ T7248]  __x64_sys_lsm_get_self_attr+0x53/0x60
[  103.236650][ T7248]  x64_sys_call+0x2644/0x2dc0
[  103.241350][ T7248]  do_syscall_64+0xc9/0x1c0
[  103.245866][ T7248]  ? clear_bhb_loop+0x55/0xb0
[  103.250555][ T7248]  ? clear_bhb_loop+0x55/0xb0
[  103.255251][ T7248]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.261223][ T7248] RIP: 0033:0x7f15bcadfed9
[  103.265647][ T7248] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  103.285325][ T7248] RSP: 002b:00007f15bb157058 EFLAGS: 00000246 ORIG_RAX: 00000000000001cb
[  103.293759][ T7248] RAX: ffffffffffffffda RBX: 00007f15bcca5fa0 RCX: 00007f15bcadfed9
[  103.301737][ T7248] RDX: 0000000020000300 RSI: 0000000020002540 RDI: 0000000000000067
[  103.309715][ T7248] RBP: 00007f15bb1570a0 R08: 0000000000000000 R09: 0000000000000000
[  103.317767][ T7248] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  103.325754][ T7248] R13: 0000000000000000 R14: 00007f15bcca5fa0 R15: 00007ffcb7cbb268
[  103.333761][ T7248]  </TASK>
[  103.355976][ T7252] loop2: detected capacity change from 0 to 256
[  103.364708][ T7252] FAT-fs (loop2): bogus number of FAT sectors
[  103.370821][ T7252] FAT-fs (loop2): Can't find a valid FAT filesystem
[  103.468694][ T7263] loop1: detected capacity change from 0 to 128
[  103.548965][ T7269] x_tables: duplicate underflow at hook 3
[  103.572389][ T7269] loop1: detected capacity change from 0 to 512
[  103.601730][ T7269] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.1181: Invalid inode bitmap blk 4 in block_group 0
[  103.620991][ T7264] sit0 speed is unknown, defaulting to 1000
[  103.627634][ T7269] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.715810][ T7274] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.1181: Invalid inode bitmap blk 4 in block_group 0
[  103.756447][ T7274] EXT4-fs error (device loop1) in ext4_free_inode:361: Corrupt filesystem
[  103.773489][ T7276] FAULT_INJECTION: forcing a failure.
[  103.773489][ T7276] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  103.786782][ T7276] CPU: 1 UID: 0 PID: 7276 Comm: syz.0.1183 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[  103.797498][ T7276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  103.807588][ T7276] Call Trace:
[  103.810891][ T7276]  <TASK>
[  103.813837][ T7276]  dump_stack_lvl+0xf2/0x150
[  103.818477][ T7276]  dump_stack+0x15/0x1a
[  103.822682][ T7276]  should_fail_ex+0x223/0x230
[  103.827520][ T7276]  should_fail+0xb/0x10
[  103.831712][ T7276]  should_fail_usercopy+0x1a/0x20
[  103.836776][ T7276]  _copy_to_user+0x20/0xa0
[  103.841376][ T7276]  simple_read_from_buffer+0xa0/0x110
[  103.846878][ T7276]  proc_fail_nth_read+0xf9/0x140
[  103.851978][ T7276]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  103.857624][ T7276]  vfs_read+0x1a2/0x700
[  103.861809][ T7276]  ? __rcu_read_unlock+0x4e/0x70
[  103.866912][ T7276]  ? __fget_files+0x17c/0x1c0
[  103.871661][ T7276]  ksys_read+0xe8/0x1b0
[  103.876000][ T7276]  __x64_sys_read+0x42/0x50
[  103.880552][ T7276]  x64_sys_call+0x2874/0x2dc0
[  103.885261][ T7276]  do_syscall_64+0xc9/0x1c0
[  103.889869][ T7276]  ? clear_bhb_loop+0x55/0xb0
[  103.894581][ T7276]  ? clear_bhb_loop+0x55/0xb0
[  103.899284][ T7276]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.905252][ T7276] RIP: 0033:0x7f18cb59e8ec
[  103.909697][ T7276] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  103.929428][ T7276] RSP: 002b:00007f18c9c17050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  103.937867][ T7276] RAX: ffffffffffffffda RBX: 00007f18cb765fa0 RCX: 00007f18cb59e8ec
[  103.945915][ T7276] RDX: 000000000000000f RSI: 00007f18c9c170b0 RDI: 0000000000000006
[  103.953912][ T7276] RBP: 00007f18c9c170a0 R08: 0000000000000000 R09: 0000000000000000
[  103.961986][ T7276] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  103.969979][ T7276] R13: 0000000000000000 R14: 00007f18cb765fa0 R15: 00007ffeb89c07f8
[  103.977989][ T7276]  </TASK>
[  103.999377][ T7285] netlink: 'syz.0.1185': attribute type 1 has an invalid length.
[  104.015831][ T7280] rdma_rxe: rxe_newlink: failed to add bond_slave_1
[  104.063764][ T6619] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.068970][ T7290] loop0: detected capacity change from 0 to 128
[  104.092001][ T7290] FAT-fs (loop0): error, invalid access to FAT (entry 0x0ffffff6)
[  104.121583][ T7290] bpf_get_probe_write_proto: 11 callbacks suppressed
[  104.128390][ T7290] syz.0.1186[7290] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  104.135991][ T7290] syz.0.1186[7290] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  104.155577][ T7290] syz.0.1186[7290] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  104.191383][ T7298] loop3: detected capacity change from 0 to 512
[  104.247472][ T7298] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1192'.
[  104.274727][ T7308] rdma_op ffff888118d7f180 conn xmit_rdma 0000000000000000
[  104.315301][ T7310] loop0: detected capacity change from 0 to 128
[  104.367395][ T7310] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  104.415985][ T7310] ext4 filesystem being mounted at /220/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  104.465127][ T7317] netlink: 'syz.2.1197': attribute type 1 has an invalid length.
[  104.608248][ T3302] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  104.756822][ T7324] loop0: detected capacity change from 0 to 128
[  104.823785][ T7329] sg_write: data in/out 231/42 bytes for SCSI command 0x0-- guessing data in;
[  104.823785][ T7329]    program syz.0.1201 not setting count and/or reply_len properly
[  104.868110][ T7328] loop3: detected capacity change from 0 to 1024
[  104.887631][ T7328] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  104.923541][ T7328] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  104.975017][ T7328] EXT4-fs (loop3): orphan cleanup on readonly fs
[  105.015329][ T7328] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5837: Corrupt filesystem
[  105.059158][ T7328] EXT4-fs (loop3): Remounting filesystem read-only
[  105.090558][ T7328] EXT4-fs (loop3): 1 orphan inode deleted
[  105.137258][ T7328] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  105.154382][ T7337] loop1: detected capacity change from 0 to 512
[  105.159899][ T7328] SELinux: (dev loop3, type ext4) getxattr errno 5
[  105.174820][ T7328] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.210408][ T7337] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1205'.
[  105.287593][ T7346] loop1: detected capacity change from 0 to 128
[  105.359336][ T7350] bio_check_eod: 71 callbacks suppressed
[  105.359353][ T7350] syz.1.1208: attempt to access beyond end of device
[  105.359353][ T7350] loop1: rw=2049, sector=252, nr_sectors = 1 limit=128
[  105.399032][ T7350] sg_write: data in/out 231/42 bytes for SCSI command 0x0-- guessing data in;
[  105.399032][ T7350]    program syz.1.1208 not setting count and/or reply_len properly
[  105.429684][ T7352] loop3: detected capacity change from 0 to 512
[  105.486574][ T7352] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.548720][ T7352] ext4 filesystem being mounted at /258/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  105.587001][ T7350] syz.1.1208: attempt to access beyond end of device
[  105.587001][ T7350] loop1: rw=2049, sector=252, nr_sectors = 8 limit=128
[  105.603611][ T7352] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.630728][ T7350] syz.1.1208: attempt to access beyond end of device
[  105.630728][ T7350] loop1: rw=2049, sector=268, nr_sectors = 8 limit=128
[  105.644532][ T7350] syz.1.1208: attempt to access beyond end of device
[  105.644532][ T7350] loop1: rw=2049, sector=284, nr_sectors = 8 limit=128
[  105.658597][ T7350] syz.1.1208: attempt to access beyond end of device
[  105.658597][ T7350] loop1: rw=2049, sector=300, nr_sectors = 8 limit=128
[  105.667052][ T7352] loop3: detected capacity change from 0 to 512
[  105.673450][ T7350] syz.1.1208: attempt to access beyond end of device
[  105.673450][ T7350] loop1: rw=2049, sector=332, nr_sectors = 8 limit=128
[  105.692131][ T7352] EXT4-fs: inline encryption not supported
[  105.692619][ T7350] syz.1.1208: attempt to access beyond end of device
[  105.692619][ T7350] loop1: rw=2049, sector=364, nr_sectors = 8 limit=128
[  105.711861][ T7350] syz.1.1208: attempt to access beyond end of device
[  105.711861][ T7350] loop1: rw=2049, sector=380, nr_sectors = 8 limit=128
[  105.726052][ T7350] syz.1.1208: attempt to access beyond end of device
[  105.726052][ T7350] loop1: rw=2049, sector=404, nr_sectors = 8 limit=128
[  105.739843][ T7350] syz.1.1208: attempt to access beyond end of device
[  105.739843][ T7350] loop1: rw=2049, sector=420, nr_sectors = 16 limit=128
[  105.740496][ T7352] EXT4-fs warning (device loop3): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  105.764999][ T7352] EXT4-fs warning (device loop3): dx_probe:881: Enable large directory feature to access it
[  105.775193][ T7352] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.1210: Corrupt directory, running e2fsck is recommended
[  105.789339][ T7352] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117
[  105.798213][ T7352] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.1210: corrupted in-inode xattr: e_name out of bounds
[  105.812521][ T7352] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.1210: couldn't read orphan inode 15 (err -117)
[  105.825163][ T7352] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.839789][ T7352] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.891074][ T7361] loop3: detected capacity change from 0 to 2048
[  105.925375][ T7361] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.950559][ T7365] loop1: detected capacity change from 0 to 512
[  105.951450][ T7361] veth0_to_team: entered promiscuous mode
[  105.979199][ T7361] macsec0: entered allmulticast mode
[  105.984625][ T7361] veth0_to_team: entered allmulticast mode
[  105.993990][ T7361] veth0_to_team: left allmulticast mode
[  105.999619][ T7361] veth0_to_team: left promiscuous mode
[  106.006990][ T7368] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  106.024850][   T29] kauditd_printk_skb: 567 callbacks suppressed
[  106.024868][   T29] audit: type=1326 audit(1733650885.353:6269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7366 comm="syz.4.1214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f5967fed9 code=0x7ffc0000
[  106.031852][ T7367] random: crng reseeded on system resumption
[  106.054579][   T29] audit: type=1326 audit(1733650885.353:6270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7366 comm="syz.4.1214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f5967fed9 code=0x7ffc0000
[  106.084043][   T29] audit: type=1326 audit(1733650885.353:6271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7366 comm="syz.4.1214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1f5967fed9 code=0x7ffc0000
[  106.084201][ T7368] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  106.107613][   T29] audit: type=1326 audit(1733650885.353:6272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7366 comm="syz.4.1214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f5967fed9 code=0x7ffc0000
[  106.119719][ T7368] EXT4-fs (loop3): This should not happen!! Data will be lost
[  106.119719][ T7368] 
[  106.119740][ T7368] EXT4-fs (loop3): Total free blocks count 0
[  106.143198][   T29] audit: type=1326 audit(1733650885.353:6273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7366 comm="syz.4.1214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1f5967fed9 code=0x7ffc0000
[  106.152816][ T7368] EXT4-fs (loop3): Free/Dirty block details
[  106.158797][   T29] audit: type=1400 audit(1733650885.353:6274): avc:  denied  { write } for  pid=7366 comm="syz.4.1214" name="snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  106.182183][ T7368] EXT4-fs (loop3): free_blocks=2415919104
[  106.188060][   T29] audit: type=1400 audit(1733650885.353:6275): avc:  denied  { open } for  pid=7366 comm="syz.4.1214" path="/dev/snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  106.240442][ T7368] EXT4-fs (loop3): dirty_blocks=16
[  106.245572][ T7368] EXT4-fs (loop3): Block reservation details
[  106.251554][ T7368] EXT4-fs (loop3): i_reserved_data_blocks=1
[  106.256465][   T29] audit: type=1326 audit(1733650885.583:6276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7366 comm="syz.4.1214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f5967fed9 code=0x7ffc0000
[  106.281046][   T29] audit: type=1326 audit(1733650885.583:6277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7366 comm="syz.4.1214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f5967fed9 code=0x7ffc0000
[  106.292341][ T7365] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1213'.
[  106.304614][   T29] audit: type=1326 audit(1733650885.583:6278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7364 comm="syz.1.1213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15bcadfed9 code=0x7ffc0000
[  106.409494][ T7375] rdma_rxe: rxe_newlink: failed to add bond_slave_1
[  106.419605][ T7378] netlink: 'syz.0.1217': attribute type 1 has an invalid length.
[  106.428982][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.500562][ T7385] loop0: detected capacity change from 0 to 1024
[  106.511963][ T7385] SELinux: security_context_str_to_sid () failed with errno=-22
[  106.544395][ T7393] syz.1.1223[7393] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  106.544575][ T7393] syz.1.1223[7393] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  106.557766][ T7393] syz.1.1223[7393] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  106.581159][ T7394] loop3: detected capacity change from 0 to 1024
[  106.600354][ T7394] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  106.611625][ T7394] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  106.619771][ T7394] EXT4-fs (loop3): orphan cleanup on readonly fs
[  106.627024][ T7394] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5837: Corrupt filesystem
[  106.627665][ T7398] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=19 sclass=netlink_audit_socket pid=7398 comm=syz.1.1223
[  106.636932][ T7394] EXT4-fs (loop3): Remounting filesystem read-only
[  106.655912][ T7394] EXT4-fs (loop3): 1 orphan inode deleted
[  106.666239][ T7394] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  106.678957][ T7394] SELinux: (dev loop3, type ext4) getxattr errno 5
[  106.686059][ T7394] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.721510][ T7401] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  106.750735][ T7403] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1226'.
[  106.788863][ T7405] sg_write: data in/out 231/14 bytes for SCSI command 0x0-- guessing data in;
[  106.788863][ T7405]    program syz.1.1227 not setting count and/or reply_len properly
[  106.996941][ T7411] loop1: detected capacity change from 0 to 2048
[  107.042130][ T7411]  loop1: p1 < > p4
[  107.047085][ T7411] loop1: p4 size 8388608 extends beyond EOD, truncated
[  107.111557][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  107.323297][ T7414] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2560 sclass=netlink_route_socket pid=7414 comm=syz.4.1230
[  107.336041][ T7414] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2563 sclass=netlink_route_socket pid=7414 comm=syz.4.1230
[  107.348709][ T7414] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2565 sclass=netlink_route_socket pid=7414 comm=syz.4.1230
[  107.367997][ T7414] IPv6: NLM_F_CREATE should be specified when creating new route
[  107.379129][ T7416] loop0: detected capacity change from 0 to 512
[  107.409255][ T7418] syz1: rxe_newlink: already configured on bond_slave_1
[  107.413991][ T7416] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  107.440048][ T7416] ext4 filesystem being mounted at /227/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  107.496159][ T7429] loop4: detected capacity change from 0 to 128
[  107.510947][ T7433] loop3: detected capacity change from 0 to 512
[  107.524951][ T7433] journal_path: Lookup failure for './file1'
[  107.531095][ T7433] EXT4-fs: error: could not find journal device path
[  107.539956][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.605053][ T7441] loop3: detected capacity change from 0 to 512
[  107.613703][ T7441] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  107.622366][ T7444] netlink: 'syz.0.1242': attribute type 1 has an invalid length.
[  107.639317][ T7441] EXT4-fs (loop3): 1 truncate cleaned up
[  107.652277][ T7441] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  107.654428][ T3373] kernel write not supported for file /snd/seq (pid: 3373 comm: kworker/1:3)
[  107.673718][ T7441] FAULT_INJECTION: forcing a failure.
[  107.673718][ T7441] name failslab, interval 1, probability 0, space 0, times 0
[  107.686482][ T7441] CPU: 0 UID: 0 PID: 7441 Comm: syz.3.1241 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[  107.697193][ T7441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  107.707319][ T7441] Call Trace:
[  107.710613][ T7441]  <TASK>
[  107.713551][ T7441]  dump_stack_lvl+0xf2/0x150
[  107.718243][ T7441]  dump_stack+0x15/0x1a
[  107.722435][ T7441]  should_fail_ex+0x223/0x230
[  107.727201][ T7441]  should_failslab+0x8f/0xb0
[  107.731821][ T7441]  kmem_cache_alloc_lru_noprof+0x57/0x320
[  107.737554][ T7441]  ? __d_alloc+0x3d/0x340
[  107.741958][ T7441]  __d_alloc+0x3d/0x340
[  107.746196][ T7441]  d_alloc_parallel+0x54/0xc60
[  107.750977][ T7441]  ? selinux_inode_permission+0x341/0x410
[  107.756718][ T7441]  ? lockref_get_not_dead+0x118/0x1b0
[  107.762110][ T7441]  ? down_read+0x171/0x4b0
[  107.766547][ T7441]  __lookup_slow+0x8d/0x250
[  107.771065][ T7441]  lookup_slow+0x3c/0x60
[  107.775390][ T7441]  walk_component+0x1f5/0x230
[  107.780078][ T7441]  ? path_lookupat+0xfd/0x2b0
[  107.784827][ T7441]  path_lookupat+0x10a/0x2b0
[  107.789433][ T7441]  filename_lookup+0x150/0x340
[  107.794275][ T7441]  user_path_at+0x3c/0x120
[  107.798725][ T7441]  __x64_sys_chmod+0x68/0x110
[  107.803426][ T7441]  x64_sys_call+0x1487/0x2dc0
[  107.808191][ T7441]  do_syscall_64+0xc9/0x1c0
[  107.812790][ T7441]  ? clear_bhb_loop+0x55/0xb0
[  107.817479][ T7441]  ? clear_bhb_loop+0x55/0xb0
[  107.822166][ T7441]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.828091][ T7441] RIP: 0033:0x7f40e244fed9
[  107.832513][ T7441] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  107.852136][ T7441] RSP: 002b:00007f40e0ac7058 EFLAGS: 00000246 ORIG_RAX: 000000000000005a
[  107.860643][ T7441] RAX: ffffffffffffffda RBX: 00007f40e2615fa0 RCX: 00007f40e244fed9
[  107.868684][ T7441] RDX: 0000000000000000 RSI: 0000000000000022 RDI: 0000000020000300
[  107.876666][ T7441] RBP: 00007f40e0ac70a0 R08: 0000000000000000 R09: 0000000000000000
[  107.884645][ T7441] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  107.892719][ T7441] R13: 0000000000000000 R14: 00007f40e2615fa0 R15: 00007ffeb17efdc8
[  107.900709][ T7441]  </TASK>
[  107.919696][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.929676][ T7447] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1243'.
[  107.958359][ T7450] netlink: 'syz.3.1244': attribute type 10 has an invalid length.
[  107.969467][ T7450] team0: Device hsr_slave_0 failed to register rx_handler
[  107.971508][ T7452] rdma_rxe: rxe_newlink: failed to add bond_slave_1
[  108.044935][ T7461] netlink: 108 bytes leftover after parsing attributes in process `syz.0.1243'.
[  108.054311][ T7461] netlink: 108 bytes leftover after parsing attributes in process `syz.0.1243'.
[  108.063478][ T7461] netlink: 84 bytes leftover after parsing attributes in process `syz.0.1243'.
[  108.116189][ T7465] xt_addrtype: ipv6 does not support BROADCAST matching
[  108.208173][ T7475] loop1: detected capacity change from 0 to 128
[  108.271329][ T7476] sg_write: data in/out 231/42 bytes for SCSI command 0x0-- guessing data in;
[  108.271329][ T7476]    program syz.1.1253 not setting count and/or reply_len properly
[  108.442597][ T7488] rdma_rxe: rxe_newlink: failed to add bond_slave_1
[  108.494715][ T7493] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  108.530493][ T7495] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  108.594897][ T7500] FAULT_INJECTION: forcing a failure.
[  108.594897][ T7500] name failslab, interval 1, probability 0, space 0, times 0
[  108.607724][ T7500] CPU: 0 UID: 0 PID: 7500 Comm: syz.2.1262 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[  108.618453][ T7500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  108.628518][ T7500] Call Trace:
[  108.631840][ T7500]  <TASK>
[  108.634775][ T7500]  dump_stack_lvl+0xf2/0x150
[  108.639397][ T7500]  dump_stack+0x15/0x1a
[  108.643651][ T7500]  should_fail_ex+0x223/0x230
[  108.648387][ T7500]  ? do_inotify_init+0x94/0x270
[  108.653276][ T7500]  should_failslab+0x8f/0xb0
[  108.657886][ T7500]  __kmalloc_cache_noprof+0x4e/0x320
[  108.663225][ T7500]  ? __mutex_init+0x4c/0x60
[  108.667799][ T7500]  do_inotify_init+0x94/0x270
[  108.672543][ T7500]  __do_sys_inotify_init+0x10/0x20
[  108.677735][ T7500]  x64_sys_call+0x2c2a/0x2dc0
[  108.682426][ T7500]  do_syscall_64+0xc9/0x1c0
[  108.686940][ T7500]  ? clear_bhb_loop+0x55/0xb0
[  108.691624][ T7500]  ? clear_bhb_loop+0x55/0xb0
[  108.696372][ T7500]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.702523][ T7500] RIP: 0033:0x7f14dce7fed9
[  108.706953][ T7500] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  108.726647][ T7500] RSP: 002b:00007f14db4f7058 EFLAGS: 00000246 ORIG_RAX: 00000000000000fd
[  108.735073][ T7500] RAX: ffffffffffffffda RBX: 00007f14dd045fa0 RCX: 00007f14dce7fed9
[  108.743096][ T7500] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  108.751076][ T7500] RBP: 00007f14db4f70a0 R08: 0000000000000000 R09: 0000000000000000
[  108.759056][ T7500] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  108.767081][ T7500] R13: 0000000000000000 R14: 00007f14dd045fa0 R15: 00007ffe1c6ea598
[  108.775133][ T7500]  </TASK>
[  108.787762][ T7502] loop1: detected capacity change from 0 to 2048
[  108.832902][ T7509] netlink: 'syz.0.1266': attribute type 4 has an invalid length.
[  108.860946][ T7502] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  108.905701][ T7502] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  108.943329][ T7502] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  108.955611][ T7502] EXT4-fs (loop1): This should not happen!! Data will be lost
[  108.955611][ T7502] 
[  108.965395][ T7502] EXT4-fs (loop1): Total free blocks count 0
[  108.971692][ T7502] EXT4-fs (loop1): Free/Dirty block details
[  108.978757][ T7502] EXT4-fs (loop1): free_blocks=2415919104
[  108.984569][ T7502] EXT4-fs (loop1): dirty_blocks=16
[  108.989818][ T7502] EXT4-fs (loop1): Block reservation details
[  108.993404][ T7525] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  108.995846][ T7502] EXT4-fs (loop1): i_reserved_data_blocks=1
[  109.025671][ T7523] rdma_rxe: rxe_newlink: failed to add bond_slave_1
[  109.076101][ T6619] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.178765][ T7550] netlink: 'syz.0.1282': attribute type 1 has an invalid length.
[  109.182399][ T7543] netlink: 3757 bytes leftover after parsing attributes in process `syz.3.1280'.
[  109.203098][ T7543] netlink: 3757 bytes leftover after parsing attributes in process `syz.3.1280'.
[  109.249979][ T7554] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  109.279711][ T7558] rdma_rxe: rxe_newlink: failed to add bond_slave_1
[  109.311458][ T7566] netlink: 'syz.3.1289': attribute type 10 has an invalid length.
[  109.321430][ T7566] team0: Device hsr_slave_0 failed to register rx_handler
[  109.336131][ T7568] netlink: 'syz.1.1290': attribute type 2 has an invalid length.
[  109.398635][ T7577] loop0: detected capacity change from 0 to 512
[  109.406606][ T7577] journal_path: Lookup failure for './file1'
[  109.412688][ T7577] EXT4-fs: error: could not find journal device path
[  109.429580][ T7580] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1289'.
[  109.461544][ T7584] syz.0.1295[7584] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  109.461816][ T7584] syz.0.1295[7584] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  109.473881][ T7584] syz.0.1295[7584] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  109.555208][ T7593] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1299'.
[  109.628776][ T7596] netlink: 'syz.0.1300': attribute type 4 has an invalid length.
[  109.638304][ T7598] netlink: 'syz.1.1301': attribute type 10 has an invalid length.
[  109.649055][ T7598] team0: Device hsr_slave_0 failed to register rx_handler
[  109.683155][ T7602] ==================================================================
[  109.691314][ T7602] BUG: KCSAN: data-race in mas_wr_store_entry / mtree_range_walk
[  109.699081][ T7602] 
[  109.701416][ T7602] write to 0xffff888128827560 of 8 bytes by task 7599 on cpu 0:
[  109.709063][ T7602]  mas_wr_store_entry+0x1490/0x2d10
[  109.714310][ T7602]  mas_store_prealloc+0x6bf/0x960
[  109.719360][ T7602]  commit_merge+0x441/0x740
[  109.723886][ T7602]  vma_expand+0x211/0x360
[  109.728241][ T7602]  vma_merge_new_range+0x2da/0x340
[  109.733372][ T7602]  __mmap_region+0x67c/0x13f0
[  109.738067][ T7602]  mmap_region+0x164/0x1e0
[  109.742508][ T7602]  do_mmap+0x718/0xb60
[  109.746592][ T7602]  vm_mmap_pgoff+0x133/0x290
[  109.751205][ T7602]  ksys_mmap_pgoff+0xd0/0x330
[  109.755900][ T7602]  x64_sys_call+0x1940/0x2dc0
[  109.760585][ T7602]  do_syscall_64+0xc9/0x1c0
[  109.765095][ T7602]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.771009][ T7602] 
[  109.773332][ T7602] read to 0xffff888128827560 of 8 bytes by task 7602 on cpu 1:
[  109.780886][ T7602]  mtree_range_walk+0x1b4/0x460
[  109.785764][ T7602]  mas_walk+0x16e/0x320
[  109.789938][ T7602]  lock_vma_under_rcu+0x95/0x260
[  109.794891][ T7602]  exc_page_fault+0x150/0x650
[  109.799594][ T7602]  asm_exc_page_fault+0x26/0x30
[  109.804640][ T7602] 
[  109.806964][ T7602] value changed: 0x00007f15bb0f4fff -> 0x00007f15bb0d3fff
[  109.814071][ T7602] 
[  109.816395][ T7602] Reported by Kernel Concurrency Sanitizer on:
[  109.822545][ T7602] CPU: 1 UID: 0 PID: 7602 Comm: syz.1.1302 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[  109.833227][ T7602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  109.843294][ T7602] ==================================================================