last executing test programs:

1m8.774463094s ago: executing program 0 (id=2272):
mlockall(0x2)
r0 = shmget$private(0x0, 0x400000, 0x8, &(0x7f000000e000/0x400000)=nil)
r1 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x50)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x1000001, 0x12, r1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x18, 0xf, &(0x7f00000000c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x2}, {{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000140)='GPL\x00', 0x5, 0x1003, &(0x7f0000001e40)=""/4099, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94)
shmctl$SHM_LOCK(r0, 0xb)
shmat(r0, &(0x7f0000ffd000/0x1000)=nil, 0x7000)
r2 = semget$private(0x0, 0x3, 0x308)
semctl$IPC_STAT(r2, 0x0, 0x2, &(0x7f0000000000)=""/144)
shmctl$SHM_UNLOCK(r0, 0xc)

1m8.523601149s ago: executing program 0 (id=2276):
r0 = socket(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0b0000000c000000040000004f0c000001000000", @ANYRES32=0x1, @ANYBLOB='\x00'/10, @ANYRES32=0x0, @ANYBLOB='\x00'/11], 0x48) (async)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0b0000000c000000040000004f0c000001000000", @ANYRES32=0x1, @ANYBLOB='\x00'/10, @ANYRES32=0x0, @ANYBLOB='\x00'/11], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000100), 0x6c7, r1}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180), &(0x7f0000000440), 0x23, r1}, 0x38)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="840100001900010000000000fbdbdf251d0109004d0012"], 0x184}, 0x1, 0x0, 0x0, 0x5}, 0x0) (async)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="840100001900010000000000fbdbdf251d0109004d0012"], 0x184}, 0x1, 0x0, 0x0, 0x5}, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000000)={r0, 0x1549, 0x0, 0x101}) (async)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000000)={r0, 0x1549, 0x0, 0x101})
getsockopt$PNPIPE_IFINDEX(r0, 0x113, 0x2, &(0x7f0000000140), &(0x7f0000000180)=0x4)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f00000001c0)={0x0, @local, @broadcast}, &(0x7f0000000200)=0xc)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000100)={0x0, @private, @multicast1}, &(0x7f0000001700)=0xc)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000840), 0x81, r2}, 0x38) (async)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000840), 0x81, r2}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000000d80)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000580)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x2a, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94) (async)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000d80)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000580)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x2a, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
r4 = socket$igmp6(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC(r4, 0x29, 0x22, &(0x7f0000000000)={{0xa, 0x0, 0x101, @loopback, 0xa3c}, {0xa, 0xfffe, 0xfffffffd, @dev, 0x4}, 0x1000, {[0x9, 0x0, 0xfffffffe, 0xfffffef9, 0x0, 0x1, 0x2]}}, 0x5c)
bpf$MAP_CREATE(0x0, &(0x7f0000000ac0)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x50)
r5 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDSKBENT(r5, 0x4b47, &(0x7f0000000580)={0x8, 0x8, 0xde0})
syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000240)='./file2/file0\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="6e6f646f74732c646d61736b3d30303030303030303030303030303030303030303030492c757365667265052c6e6f646f74732c507965969581562c6769643d0e0300000000000000e9e6f057315d143d0400a6f946afa31bdb9b287b1b69e7f589365ae17fee32a00ba24e6d3d639a7ae7158fac07658d22afc7af17efde8d23148a8b6401267f12fea09a7ee5cb8d97c7953a45fb1fe2f1dc653c835453a84215caf7e300240c4052501d37215614b7ba0900", @ANYRESOCT=r5, @ANYBLOB], 0x1, 0x212, &(0x7f0000000840)="$eJzs3D1re1UcB/Bf8k9toyidBF086KLLVbu4OChSQQwoasSH6ZamGhIT6M2QFIfMTr4OEVwEN/EN9DW4uBWhdOrklZonW1pbrUm1/89nyY/f956bc3LgEm4ejl79+ovOXpHt5YOobVSi+lqM47QSm1GNmXG88N1HJ1+9//Enb7/eaGy/tzbtp/TEMz9++uW3z/40eOzD7886lYg43vrl8MnDp45+++DzdpHaRer1BylPO/3+IK9FxG676GQpvdtt5UUrtXtFa3+e73Rbaa/bXzx1tIoi5b1R6rRGadBPg/1Ryj/L272UZVnaCG6l+c1pWcZxWZbl+jjKsvy7J6gsZ16syi33n/+5+UU9nV1Nfx0Pm8Pm5HGSv/lWY/ul9IfNxaiT4bD5YJ6/PMnT+XwtHp3mW5fmj8Tzz03ys+yNdxoX8nrsLn/5AAAAAABwL2Vp7tL7+1l2VT6p/vT5wIX797V4urboPFj+UgAAAIArFKODTt7dXdufFN3WnRXrcb7zyg/TKV43/MWfrz9mScXj0yKqEf/kPPWIuPqYatz5pqymmH2PfNqZ/b7gZsNr/9Y06v+RV2NWbMRlUT0OOuur2RQAAOB+Wbzpv/GQ6lInBAAAAAAAAAAAAAAAAAAAAA+hVfyZ2V2vEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgr/weAAD//zttVF4=")
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x8, 0x6, 0xe, 0x0, 0x8, 0x20b8, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_config_ext={0x8, 0x56c8}, 0x2, 0x7fffffff, 0x2, 0x5, 0x2, 0x40002, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x4)
connect$unix(0xffffffffffffffff, &(0x7f0000000080)=@abs={0xa}, 0x6e) (async)
connect$unix(0xffffffffffffffff, &(0x7f0000000080)=@abs={0xa}, 0x6e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r6, <r8=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f00000005c0)=r7}, 0x20)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_open_dev$tty1(0xc, 0x4, 0x1) (async)
r9 = syz_open_dev$tty1(0xc, 0x4, 0x1)
dup(r9) (async)
dup(r9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, &(0x7f00000006c0)=ANY=[@ANYRES32=r7, @ANYBLOB="1bc720c629a1b2dac46cb17288c746215b7ef0de01b18c40fa8ef28f8f6b659874c4c994b5b5c0dcfd47542b98c125b4ef86d2f983f1de4f1017b11ef58591727bdddb4af66de03507cd1ae18fb018e118", @ANYBLOB="a1b430073332c63ec25e2e61a89ea51074d95fd67de8c576b4318f755079a99891293654b714a76be0f8629ac501746cf4fc4340", @ANYBLOB="c7e9147450707e6849cac5860fb3f7790abaa8339ee654390f7112dc71db6fdddb70df51a92b2dae4c452f6af44c3d4abccbabf5", @ANYRESOCT=r8], &(0x7f00000014c0)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)

1m8.436108351s ago: executing program 0 (id=2279):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x65, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='9p_client_res\x00', r2, 0x0, 0xfffffffffffffffb}, 0x18)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='9p_client_res\x00', r3}, 0x10)
pipe2$9p(&(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX=r5])

1m8.410138701s ago: executing program 0 (id=2281):
setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000380)=ANY=[@ANYRESHEX=0x0], 0x3)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_clone(0x44104400, &(0x7f0000000ec0)="46277ea225f8136772616f1cb249ca1d54113c35f4bdb5cf4bb6babb2171ced1688a66d5f537b7d18d3e8ac202bb6d92f0a5b7970e782c84c3fa06cfcdca7f2a015954dfe4f8eabe4b0a761867d98cf7fd33508fe5c6ada58f9e87434ef41422c49f7bc126f35510152a9ba004857f91cd99f5ba1e50ae0c8a16bc35727eb50bc76be1354546f386ff6ab4d2298791a3241d29873b20731035ee6d16dc58721aedf6b76ba6ee0b3b1a61ebba1a490dfa19b063b2fa8e3814ad6d0facae613e76ee7c81a6aeac3223f7377aab6f7f7567cf3335817ed2d88f8936fcff1911aecb485a1fae6156eaa3d3869c71cc2b3b8dca4c47218c1d2a580121841b0f930f3a780ad3eaacc238b5f1670479720e774eb6cc1f9c33ba5aac790653371fdfac3c9c07b9eb4ed7520711f337a4ffcfc2bbb05a7189f5530b57b5970f6c2594c66cb556140b6374fdb76cfa53b65144318453c3948b357fe9ce75b0e70e0feb0439e87e7e788a9fc34c2c3f6f5c4f842b8c3d74dffc8c2aeb8a13f41ba10921d77cc0cb2a4a9ab227f681dc43581d204fe8e8a8cd4f90761cf5093f913cf69b0fe4b95011835dfbf344d1196976b3db0d950ac063ee6870a0c09d3d8e4b979a7f69f94d9b9c6a5bebba3dd33f29ae9074bee4a7fde526d0102a7a3a7747d63ee3c2fa277a5e0a47a65f0e673cb7b356874a23f0b24b4eb1883681520dfb8001ddfae8e61e05cc49d94d6132d70b1c78983a2f68fb86d199bf6dbbc8df7928aaebf11319b3e2f1a351f05684492b7360cbb973b8063a57a2902e6c4e4f9251e724e975f3b0fc0dc73620c269a44415ff8d15eaf318080e7d9bc5d001248c9ed5da78acd166b98348e65c30e4cc9a58da09594a24b472363f6f0e02e7fb90ce1d569416a44ad43343fb78c89eb61d5d76b3c822786238c3c736eaf087ac11229d4b50423d88b1477a3567ff7f57f91583930d1809e0f6490ba083e3595db76ac8fed135858189e1bd80b5ea39de93d1162c4d03ee07b9ec196875d0f908b2a7649c3b2ac5dc432c1a560f942f0ca1cf68e207df23aeb57e7d58dc4d7c7e181025707541da5c59395aeca3976d0d27458efbf7ab4c991993045e87ba71de866c5bee87b7b10eaa3303bdb7a535744ef89e12bb24499a32b4c933da275383633c222b131392666791424663b509c01cbd8d74ee35bc143d1a382037414784b4d8243a0620bedec4ca47338d2cd47b979b15239044cb6e9973ddf56063831cec790516a5610310024a884780023a8cfa5f90d806ee872e3f283f9bb110d80adbb224e3681e3683c6acc07fa3e5433efd5554229e14d6c8be313149aa17e78e66e419bc7b8b96816a950d58cdc252b6ac3c96543c4615820db4cc4894a906dae7b4a993ec182d38a26c140fe952135126d3f74d84e4f8156cb9480f604e266b033dde4d9b58f0a60cb071c229f5b6f231f41dbb7a35a4c8c4c9d91a8ae126b9a4c2c5f8f44446e903747fbe9b5afa9a8d17e11ad22eb596357b432e38f11c7d4b8ddb600ce29ea7a4795b284142640a37b9c36d4f04c5ddb4181a78c8b6c205411d9b885dd554c2e086f38581691852a12c715f696e1b45af5e89b5ee560c4da442860637aaf8ae5f3dc4ce4be4acae904c45be895d673e68a5dbb7b3ce51ccdde283794efa9f843c075e5f5e1ab41d1fdb4039ce5b363e924448854fa50ad0dcd230ccce707b904c07188d798fe481e640ed72079f3f09b7aa041b5bb4bde284ca922a6ae090e9b651b04510326023385e6771b5647b65fc6aa3ff0071fe2474c31e488fc16ca95ce7eeaf0edfa51f8086d0eb65a438e7f01751f4a583526e5df9f3eff100b72eaa814a8f05c3bfba8abbee12fbe24cffd51ddcf48f9562ad42f1b31d44980af8c24fd252c368fdbe4cb36fe3403091532522d23776bec07d1a5d2938ae29601f170e05bd1035c3ea4acf189233aa6e6d56e5e47a40f2489fbffc1bf8161a7dc678b31c405a24ca5a454254412a80452a6329709ff69e6810eab27858d11cc3cecfaaec3f6cbd8f6e8a6b5772af0b0edc9e742796a0a59f68f64415465a8c39fb09d977d5b22421a16bf1f6c0119ade140329fc79f0fcabd0fbec5692d30aaf425440f1841d9540b84214a39918f10ecf12f5ec6156e93d3cd55c42d08fece84212bce946e544b0fb7ac9e6bd5c66892bdb8e3098c7f56d0c039a434c77fb26a27cfd701eb6f739ffabf44d2f350682c5e277c9de390b9ea76e344edb2a281bef6bea2dc646a3e68881393e37013cad77b10b5f32a1e9d301fb2b000a3b30d79e0396e4fb2d2db1f2723818a46e53f224e8f1288f9e36ee68ad10c70dd6799372e2d5a47fd53b8cd6b7a016ed27ccb1b341bce1553176a115e821a36124c827eaa4bf52b2e25aa99fc9ae1fc75d97fa77e6e922b4f52fc2d08c26f3b54703cdef6291faa800b9f8409567a47fb476d2e95a928e662bbe71c5e3f2f72d6b09493e51c8f8475e9daa3c1c40aae0ef3b4818e82ff7a5536f621e9bc58ef193b8764bd770544a7c0a065c171596102bc62b7a875a4239ebef148cceaa96b52dd7f6d532f41ba927ab77544df00d4aecb605dd4c8119cbd274dabdca3d1eb710c5f0381692bcda11992ed606d6a50340a68e17590eea2d3745c75b4c9f81cef96ee60a5ea0bb6d1147085488cc1765ae7418c7b6558b8a7f809b0feb65270aa425819da632802d535ef079239c22c2ef2378698fbeca331437e9cec86abd5b8631c47403130fa4bd2f35eec85705e391b61c4c0c76f7c871a2d8c3fdf3e7cef1bdb61286eca632eab91a0d9fa5b9265fb67123d4470c3a9b4959b83cb05fbb9a323c4a9c77d3e98af619b708373422adb034ac67c267eee6c6ad95ee95997cfdb30918c2d46e6462e2deed89f2383dfda29414bffe07f5f01b73fca12d5cf09d65c23454ff30f55d0c90807ec46ba84f0cecfaff2e6d0ca5d37b7240a383e1559bf9591e3e063761132d1dd16dd737a91f95022e03f313c34ed5043348a635f028e9a1d34355cf71e7414224335dde348299c2988e3982627f530ceecb198e60d51794c526734282b880460339955c1027eb63147011b939f1065fad71774deb0a12e454bc8511d6fbc06a0806a2bf9734a9767f6246b08e91303119c8614114695420e3f17224f522944afc15975521e4e29f03af7c4569d821c81d66b2909ff32853f978c6e176281f1058539e87874ce57d067ecd055f2c0b01d9ac9959ead59bd86cba7549498f6676430e5cf614f72bf001e488649424b36a147da78041ca91f7a6b9a707aee95b096346ad10666f4f1dc7e3655cb3cfd2737376f2d7b1994b3ec2f876cba9501098b2eb84731c9db3e18916e35aa7c431c8e3605f6bef206a6c73834d6f1ecaabed1ac958d2fc1ba370fc167c41be86740fedbbe88ab62b58cbb6b438612ed9d4a0fcfb15054565b26416dff246b75c754a8421f1a522016001f5d14b225367c80c355375b7f37a216bf33eeabd569e570d0a89d59b2e7e3f07163bd057f796e5b8fd302e10b52d300b756f7cf1a4913180b023203c7ba28188d284ddcfa45a5244643f29a1b3185db812c3acdb195ff7e77a16ae25b94bc0e99115238b34951ad458de902a0f0722a84e6382e6ec225363692bdc4db3cb09b1dca817721dae31520fcda30736b2ee663eb2f4425107a198b9c3014743a3baec959bccf053cd86dbaba798a087e645b3012ae75c9257e6fe2d4b68812625b676b5f77a453d85b1bbbb1b9e5c0d8334296b7a783e8a91c64c1a76baf638bf50f7702c0bd94d4e07f2d458633897a22558fa23c0de34aa4c154480dd6aa13ebfd1a21d165359e47a47b75c589bc5b8048f04e8e40f70286cfc54db8965dfdd1bf5ae490d5ca497e07c4167670a1ec840d79650bd32d74ba2d38316bf8fe5cdc1f631e8b1fea924d834b945803064660595f9e43e16c1aab900b6db8c15acc5fdb17597d582d7dac9ffee1cd6465962c2404bd7c6b11c65c6339dba1fa59364270699c1877808816c4f790181fe31966a0d6158ee804b3f764eb9c15d43fb5f05e7df05946a6b7017faeb584a89932920c06a62a02c1c5ecf60874400837523beb26d767431ecf8ce2a0d8a417d795116b75a3e5c0f69f0efc638629bdf279f7adbe312822727e69b2a93c786216587dc18dad689bfa820c27a69c72f15d1e2e1e85071ef6a2e4543fe01c9f3f908552048e78577bd188bad5da717c747bb2f257712525802d91b1586c5adad8681824d170c2b8acbe319a7cd3729f21d357693f68cceb1ec0cabec9fcf991b04f59831d8d5242e685a1e6f5c56abeba332c468fb674406917e8ab7ee542b93808fce31f0ef60542c212ee8d489c4b704c4986ad87b1b2fbe48021ec464cbcad5d2c46f9c7515b22c0a3a011c73993efca0b31e3d913e2892da9e83db8ee363115b581818ab8be1aec962589210997d03d55412b2d68eeed4c13633283e176f108a98cb0d15f05d60533f5c3755ead7f5488303f36072b179bd9b42ff93dc6ad2921506b88dd755d32ec87e55ed940fcac4207371b3a6c6dc8d2ffb6e210167b7fb1795e21238cd81c115437049694b1a1fbecbd54062cbb442ca4668784573d5cbef5990f28a90e3949f6830fc80a4e645d27abd441705d81aea0c7c269a6289c05bce8e1a4cace69658c03120ac03bc43b469d3f5ec78874dd56627b8af46b05b36536de44b5377baea860ccadd91735dabc4e03afdbdf9c401aa293bf0ced6cc05700128394e060aebd6a1da235ab0a294bba18427135b51e26fbb62f3caa263a6481821cf55ea3d939e3ab71bf80fd7580a8eaf810eb888936147aee7e0d76697945e8a9c400a3a876ad1e25ebc0375b19e65ce9c6965e1bf8fd539d6e8098bb390654b4ef2fcb834eafcc0f11f653198fde5be2242c04446c26aad381ea3f3e5e0ded454d2e33b5c8f83b22284dddabac902598669ba798f3f51fa8be7c46c357626149c7134a532907fcb14259b7445ca3ca374b2b7c92fc9fbf783a10a6d21eb5493cdd7aef8dd64754356b0346ba1431fff09b7db2bd957c1fb14a60b1163fd51596da99012fa320e3e80f601e081ae66bf3c4d2c93cf704cba776313f5abc2d00bc4c9a0126bcfe2532d0e044c60fcfccfda255bb2f68ba53bf6285048d36c90c5b28f6e7ac03fc5664d96fc67cca1af5d2861d374f582f2654a9b88de0849faee04ad30e77067ea0b66eca470d0700f7ab95b880c584bce9cad348ec7e54d147b81c973a0e3dc026f77d389bcaaf021a374e1cc9a3c1078df24037bbe4ab0a9719fd00b229dd8d3032b3cf3f70597b76cc228931a6e84ce9a21330f76a6c7dff3b6e7bcfad6c7943bd2812f477029d698c5162fd0e831235c35e6b7b07bfe5814f848e0804884b790064d652ae0939efb5aaa64ddf44b8676ab0eab4c01845657cd8a78f06f4aa12b462ec6cadd383db42422ec5a5963aa53b255c2f13912a0f15020e2ccfbff6ccc5e5ea8e6706907e8109ce48a1fe8f57cb5b7cf5f1bef16497cc0bcb47328ab523eb36b04b2a7627c3d3add43e1e7f874acfef233bb3986fbb09f1bbdfb014cd0f7bdf933a2e883f7abfe7232929aa3dbda3db8aae0d19948c9c06574e2fa26f2f75dd6228287d13b8fdd1a550f9f3ff6391a363005c212f1f85e1f603976c793d833dad4c8d8602b8058589f84e587bbe402a28a8b642154accd621b843f672d5724a9c0140b967b5c1cc97c89ac006b24dc0de2d8d575248ac1cf64bae4f2157c9b1850", 0x1000, &(0x7f00000000c0), &(0x7f0000000100), &(0x7f00000001c0)="b98d2743b232f0aeaa404b0bbe68f2cd3de5c16d77fea9fb89e9651503dddcc087040830c0452c120a9afc40034cda2659c71fead92ebf794dca07bc76b515a308ea1196f7f7ef6e68cbcad1c5fdd5bfbf95c1ef942b")
r0 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x21c91c, &(0x7f0000000900)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x2000000}}, {@noblock_validity}, {@mblk_io_submit}, {@jqfmt_vfsold}, {@nodelalloc}, {@nomblk_io_submit}, {@usrjquota}, {@minixdf}, {@resgid, 0x32}]}, 0x1e, 0x4ea, &(0x7f00000009c0)="$eJzs3VFrW9cdAPD/la3MSZzZYXvIAsvCkmGHLZIdL4nZQ7bB2J4C27L3zLNlYyxbxpKT2ITNYR9gMMY22NOe9jLoByiUfIRSCLTvpS0tpU3ah0LbqOhKShxHip1GllLr94MjnXt0r/7nXKGje+49XAXQt05HxJmIeFitVs9FxEijPNNIsVVPtfUe3L89W0tJVKvXPkoiknpZbbXxbe95tLHZUET8/jcRf0qejlve2FyaKRYLa43lfGV5NV/e2Dy/uDyzUFgorExNTV6avjx9cXqiI+0cjogrv3rvn3/736+vvPaTm29f/2D8z0mjPOJxOzqt3vRsui+aBiNibT+C9chg2kIAAL4Jmsf5P4yIczESA+nRHAAAAHCQVH8+HF8kEVUAAADgwMqkc2CTTK4xD2A4Mplcrj6H97txJFMslSs/ni+tr8zV58qORjYzv1gsTDTmCo9GNqktT6b5x8sXdixPRcTxiPjHyOF0OTdbKs71+uQHAAAA9ImjO8b/n47Ux//bfN6zygEAAACdM9rrCgAAAAD7zvgfAAAADj7jfwAAADjQfnv1ai1Vm/9/PXdjY32pdOP8XKG8lFten83NltZWcwul0kJ6z77l3d6vWCqt/jRW1m/lK4VyJV/e2Ly+XFpfqVxffOIvsAEAAIAuOv6Du28lEbH1s8NpqjnU60oBXTH4PCu/u3/1ALpvoNcVAHrmuX7/gQMl2+sKAD2X7PJ628k7r3e+LgAAwP4Y+17r6/8Du54b2Mp0qYrAPnH+D/qX6//Qv1z/h/6VjYEwkIf+ttstQIfajRX2fP2/Wn3uSgEAAB01nKYkk4tIzwMMRyaTy0UcS8cE2WR+sViYiIhvR8SbI9lv1ZYn0y2TXecMAwAAAAAAAAAAAAAAAAAAAAAAAAB11WoSVQAAAOBAi8i8n6R3848YGzk7vPP8wKHks5H0OSJu/ufav27NVCprk7Xyjx+VV/7dKL/QizMYAAAAwE7NcXpzHA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnfTg/u3ZZupm3A9/GRGjreIPxlD6PBTZiDjySRKD27ZLImKgA/G37kTEiVbxk1q1YrRRi1bxD/c4/tEOxId+drfW//yi1fcvE6fT59bfv0tpD/Xi2vd/mUf930CL+LWyY3uMcfLeK/m28e9EnBxs3f804ydt+p8ze4z/xz9sbrZ7rfrfiLGWvz/JE7HyleXVfHlj8/zi8sxCYaGwMjU1eWn68vTF6Yn8/GKx0HhsGePv33/14bPaf6RN/NFd2n92j+3/8t6t+9+pZ7OPNk8exx8/0/rzP9Emfqbx+f+oka+9PtbMb9Xz2536/xunntX+uTbt3+3zH99j+8/97q/v7HFVAKALyhubSzPFYmGtrzMvtDdqh0UvRStezkxtv379zYf2tYZ/2V6SdObrUDsyfzn2/ItletotAQAA++DpMTAAAAAAAAAAAAAAAAAAAADQbd24nVh2R8yt9LETd88HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOicrwIAAP///B/QPg==")
prctl$PR_SET_THP_DISABLE(0x41, 0x3)
prctl$PR_SET_THP_DISABLE(0x41, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
alarm(0x8)
alarm(0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="1900"], 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000013000000850000008600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000000000000e7ff0000000000950000000000000061e6ec8e0e29861745cfbcad598c1b783ead99b7d3fa78e905575c0b7533c41618f759620058d35c4b62dccfc52aff17b65d2ca2a146e2c22a2b1b615854463c1220"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r3}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
rename(0x0, 0x0)
open_tree(r0, &(0x7f00000002c0)='./file0\x00', 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000a00)=ANY=[@ANYBLOB="180100000700002c0000000000000004850000002a00000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4, 0x0, 0x2}, 0x18)
r5 = socket$igmp6(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC(r5, 0x29, 0x22, &(0x7f0000000000)={{0xa, 0x0, 0x101, @loopback, 0xa3c}, {0xa, 0xfffe, 0xfffffffd, @dev, 0x4}, 0x1000, {[0x9, 0x0, 0xfffffffe, 0xfffffef9, 0x0, 0x1, 0x2]}}, 0x5c)
mkdir(&(0x7f0000000000)='./file0\x00', 0xfffffffffffffffe)
prctl$PR_SET_NAME(0xf, &(0x7f0000000280)='+}[@\x00')
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0)
r7 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC(r7, 0x0, 0x5, &(0x7f0000000240)={@broadcast, @empty, 0xfffb, "66c5aff8a7eb3af1f6cec2e7420000008c84aea31700", 0x96bd, 0x1000000, 0x7e, 0x6b}, 0x3c)

1m7.572566017s ago: executing program 0 (id=2296):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000a00)='fib_table_lookup\x00', r0}, 0x18)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10)

1m6.615981856s ago: executing program 0 (id=2315):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x4, 0x28}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$tipc(0x1e, 0x2, 0x0)
socket$kcm(0xa, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_sctp(0xa, 0x1, 0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
truncate(&(0x7f00000000c0)='./file0\x00', 0xdee6)
r0 = socket$netlink(0x10, 0x3, 0x0)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="540000001000010400000000000000ffff000000", @ANYRES32=0x0, @ANYBLOB="0380000000000000240012800c0001006d6163766c616e00140002800800010008000000060002000100000008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x54}, 0x1, 0x0, 0x0, 0x40814}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="7c0000001000030528bd7000ffffffff00cf0000", @ANYRES32=0x0, @ANYBLOB="8b80000000000000540012800b00010065727370616e00004400028008000100", @ANYRES32, @ANYBLOB="060011004e20001a040012000800050026020000080015df71fb0400080014000576000004001200080004"], 0x7c}}, 0x4)
r3 = socket$key(0xf, 0x3, 0x2)
recvmmsg(r3, &(0x7f0000002580)=[{{0x0, 0x0, 0x0}, 0x2}], 0x1, 0x22160, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x0, 0x4004090)

1m6.611425756s ago: executing program 32 (id=2315):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x4, 0x28}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$tipc(0x1e, 0x2, 0x0)
socket$kcm(0xa, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_sctp(0xa, 0x1, 0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
truncate(&(0x7f00000000c0)='./file0\x00', 0xdee6)
r0 = socket$netlink(0x10, 0x3, 0x0)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="540000001000010400000000000000ffff000000", @ANYRES32=0x0, @ANYBLOB="0380000000000000240012800c0001006d6163766c616e00140002800800010008000000060002000100000008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x54}, 0x1, 0x0, 0x0, 0x40814}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="7c0000001000030528bd7000ffffffff00cf0000", @ANYRES32=0x0, @ANYBLOB="8b80000000000000540012800b00010065727370616e00004400028008000100", @ANYRES32, @ANYBLOB="060011004e20001a040012000800050026020000080015df71fb0400080014000576000004001200080004"], 0x7c}}, 0x4)
r3 = socket$key(0xf, 0x3, 0x2)
recvmmsg(r3, &(0x7f0000002580)=[{{0x0, 0x0, 0x0}, 0x2}], 0x1, 0x22160, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x0, 0x4004090)

3.421130414s ago: executing program 2 (id=3447):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000002c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0xfffffff9, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x2}, 0x50)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020025797a31000000000900010073797a3000000000080005400000001c"], 0xe8}}, 0x0)

3.390077554s ago: executing program 2 (id=3449):
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0x2}, 0x18)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000700)=ANY=[@ANYRES16], 0x7c}, 0x1, 0x0, 0x0, 0x40001}, 0x4044854)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480), 0x4)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
close(0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001d00)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$TIPC_NL_KEY_SET(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0100000000000000000003000000400001802c0004001400010002000000ac14140f00000000000000001400020002000000ffffff53a2513743897e44000d0001007564703aa3"], 0x54}}, 0x0)

3.344607235s ago: executing program 2 (id=3451):
socket$netlink(0x10, 0x3, 0x12)
socket$packet(0x11, 0x3, 0x300)
syz_emit_ethernet(0x66, &(0x7f0000000140)={@link_local, @local, @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x0, 0x0, 0x58, 0x0, 0x0, 0x0, 0x2f, 0x0, @dev, @dev={0xac, 0x14, 0x14, 0xff}}}}}}, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d00000085000000230000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000580)={{{@in=@loopback, @in=@multicast2, 0x4e24, 0x9, 0x4e22, 0x48b, 0x2, 0x0, 0x0, 0x87, 0x0, 0xffffffffffffffff}, {0x6, 0xa, 0x4, 0xfffffffffffffff9, 0x6, 0x7, 0xfffffffffffffffc, 0x4}, {0xfffffffffffffffd, 0x100000001, 0x999, 0x4}, 0x56a5, 0x6e6bb6, 0x1, 0x0, 0x3, 0x1}, {{@in6=@ipv4={'\x00', '\xff\xff', @empty}, 0x4d4, 0x32}, 0x2, @in=@multicast1, 0x3500, 0x5, 0x2, 0x3, 0x10001, 0x1, 0x8be2}}, 0xe8)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'veth0_to_team\x00'})
socket$netlink(0x10, 0x3, 0x0)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="9feb010018000000000000000c000000"], 0x0, 0x26}, 0x28)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000095000000000000004fcd2467f73a0909ada99ef59a24e4b51c57c9c511101fe18f14771b92f0809d6a48d7f1fff92e7a56d629c64429b17b971a283a32cd1ebcd0c65a73f5a0cef0ad5ad6487bba49c31b262167bffa124a8d422bc4"], &(0x7f0000000080)='GPL\x00', 0x5, 0xa8, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, r3, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x10}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={r4, 0xc0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0}}, 0x10)
r5 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r6}, 0x10)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESOCT=r1, @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000340)='kfree\x00', r7}, 0x18)
r8 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffa}]})
r10 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETSF2(r10, 0x402c542d, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a80000000060a010400000000000000000a0000010900010073797a310000000054000480500001800b00010074617267657400004000028008000240000000012c0003007339f2f10455afb9fdd672bad09dfb78c7699c74e891a0c70000000000000000000000000000000008000100544545000900020073797a320000000014000000110001"], 0xa8}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)
close_range(r8, 0xffffffffffffffff, 0x0)
ioctl$KDSKBENT(r5, 0x4b47, &(0x7f0000000580)={0x8, 0x8, 0xde0})

2.793722066s ago: executing program 4 (id=3462):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000180)={[{@dioread_nolock}, {@data_err_abort}, {@inlinecrypt}, {@noauto_da_alloc}, {@data_err_ignore}, {@discard}, {@data_err_ignore}, {@nobarrier}, {@noblock_validity}, {@sb={'sb', 0x3d, 0x1}}, {@bh}, {@errors_remount}]}, 0x11, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
wait4(0x0, 0x0, 0x20000000, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0xfffffffffffffd2d)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB='\x00\x00'], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x3, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a31000000001400078005001500070000000800124000000000050005000a00000005000400000000000d000300686173683a6e6574"], 0x5c}}, 0x0)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x44}, 0x1, 0x0, 0x0, 0x10040047}, 0x240008c4)

2.513441791s ago: executing program 4 (id=3466):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='mm_page_free\x00', r1}, 0x18)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
newfstatat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = openat$selinux_policy(0xffffff9c, &(0x7f0000000300), 0x0, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x9, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x9}]}], {0x14}}, 0x64}}, 0x0)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(&(0x7f0000000080), r5)
sendmsg$NFC_CMD_SE_IO(r5, 0x0, 0x4c814)
ioctl$sock_SIOCDELRT(r2, 0x890c, &(0x7f0000000180)={0x0, @hci={0x1f, 0x1, 0x3}, @nfc={0x27, 0x0, 0xffffffffffffffff, 0x7}, @phonet={0x23, 0x0, 0x8, 0x3}, 0x4, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000040)='ip6tnl0\x00', 0x3, 0x7c49, 0xd4})
socket$kcm(0x10, 0x2, 0x0)
clock_gettime(0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r3, 0x360b0000)

1.965132082s ago: executing program 4 (id=3479):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x0, 0x0})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r3}, 0x10)
syz_io_uring_setup(0x115, &(0x7f0000000340)={0x0, 0xf3e5, 0x2, 0x3, 0x400}, 0x0, 0x0)
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
connect$pppl2tp(r5, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r6, 0x2, 0x0, 0x4, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x32)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_DELETE(r7, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)={0x1c, r8, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}]}, 0x1c}}, 0x40)
socket$inet(0x2, 0x80000, 0xfffffff7)
ioctl$F2FS_IOC_SEC_TRIM_FILE(r4, 0x4018f514, &(0x7f0000000000)={0x8, 0x9, 0x2})
close_range(r0, 0xffffffffffffffff, 0x0)

1.724898476s ago: executing program 5 (id=3486):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r0, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0x1000000000000}, 0x18)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fcntl$notify(r2, 0x402, 0x21)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fcntl$notify(r3, 0x402, 0x21)
r4 = open(&(0x7f0000000040)='.\x00', 0x20000, 0x0)
getdents64(r4, &(0x7f0000000fc0)=""/224, 0xe0) (fail_nth: 5)
bpf$BPF_LINK_UPDATE(0x1d, 0x0, 0x0)

1.443710742s ago: executing program 5 (id=3488):
pipe2(&(0x7f0000000200)={<r0=>0xffffffffffffffff}, 0x84800)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000100)={0x200000, 0x200003, 0x200, 0x0, 0x7})
r3 = socket$netlink(0x10, 0x3, 0x4)
writev(r3, &(0x7f0000000300)=[{&(0x7f0000000000)="580000001400192340834b80040d8c560a11820f00ff5bab4e210000000058000b4824ca945f6400940f6a0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000200090c100000008a0b224e0000", 0x58}], 0x1)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex(&(0x7f00000002c0)=0x2, 0xb, 0x2, &(0x7f0000000300)={0x77359400}, &(0x7f00000004c0)=0x1, 0x2)
r4 = getuid()
getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000500)={{{@in6=@mcast1, @in=@local}}, {{@in6=@remote}, 0x0, @in=@multicast2}}, &(0x7f0000000380)=0xe8)
setreuid(r4, r4)
r5 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r5, &(0x7f0000000340), 0x0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x1f, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
capget(0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r6}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000000)='./bus\x00', 0x88e, &(0x7f0000000080)={[{@errors_remount}, {@mblk_io_submit}, {@nobh}, {@nouser_xattr}, {@barrier}, {@mblk_io_submit}, {@nogrpid}]}, 0x3, 0x457, &(0x7f0000000c80)="$eJzs3M9rHFUcAPDvbJL+roml/ugPNVrF4I+kSWvtwYui4EFB0EM9xiQttdtGmgi2FI0i9SgF78Wj4F/gSS+ingSvepdCkV5ai4eV2Z3Z7s80GzcdzH4+sO17M7O89915b+e9eZkNYGCNp/8kEbsi4veIGK1lmw8Yr/1368alub9vXJpLolJ5+6+ketzNG5fm8kPz9+3MM8MRpc+TONCh3KULF8/MlssL57P81PLZD6aWLlx8/vTZ2VMLpxbOzRw/fvTI9IvHZl7oS5xpXDf3f7x4cN/r7155c+7Elfd+/jbJ42+Jo0/GV9v5VKXS5+KKtbshnQwXWBF6MlTrpjFS7f+jMRR3Tt5ovPZZoZUDNlSlUqk82H33SgXYxJIougZAMfILfTr/zV/tw4BSw4Ch70OQQl1/uTYBSuO+lb1qe4brUY+0zG/7aXxblli5fTU25j4EAECT79Pxz3Odxn+laLwvdF+2hjIWEfdHxJ6IOBYReyPigYjqsQ9FxMM9lt+6SNI+/ildW1dga5SO/17K1raax3/1Me/YUJbbXY1/JDl5urxwOPtMJmJka5qfXqWMH1797ctu+9L4T6zcvpq/0vJPZGPBrB7Xhrc2v2d+dnn2v8Tc6PqnEfuHO8Wf1FcCkojYFxH711nG6We+Odht393j76z6kfRhnanydcTTtfO/Ei3x55LV1yentkV54fBU3ira/fLr5be6lb/e+PslPf87Orb/evxjSeN67VLvZVz+44uuc5r1tv8tyTtN2z6aXV4+Px2xJXmj2jjGGrfPtBw3c+f4NP6JQ537/56480kciIi0ET8SEY9GxGNZ3R+PiCci4tAq8f/0ypPvN22Y2NVD/BsrjX++p/Of5IkLWyJL1Ld0Tgyd+fG7pkLHoof40/N/tJqayLas5ftvLfVaX2sGAACA/59SROyKpDRZT5dKk5O1v+HfGztK5cWl5WdPLn54br72jMBYjJTyO12jDfdDp7NpfZ6fackfye4bfzW0vZqfnFsszxcdPAy4nV36f+rPoaJrB2w4z2vB4NL/YXC19/+thdQDuPdc/2Fwdej/29s3/dPyyCCwGXS6/n9SQD2Ae6+l/1v2gwFi/g+DS/+HwaX/w0Ba2h53f0heQqItEaV7Vta+7Odjiol02xp/5mKTJYr+ZgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiPfwMAAP//TL/oyw==")
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0)
write$binfmt_script(r7, &(0x7f0000000040), 0x208e24b)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000024c0)={0x6, 0x11, &(0x7f0000002240)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x3}, {{0x18, 0x1, 0x1, 0x0, r7}}, {}, [@map_val={0x18, 0x8, 0x2, 0x0, r7, 0x0, 0x0, 0x0, 0xc4f}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, 0x0, 0x2, 0xa0, &(0x7f0000002300)=""/160, 0x40f00, 0x60, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f00000023c0)={0x7, 0x4}, 0x8, 0x10, &(0x7f0000002400)={0x2, 0x9, 0x3, 0x10001}, 0x10, 0x0, 0x0, 0x0, 0x0, &(0x7f0000002480)}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r7, 0x0)
r8 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$PPPIOCSNPMODE(r8, 0x4008744b, &(0x7f00000001c0)={0xc223})
r9 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0)
ioctl$LOOP_SET_BLOCK_SIZE(r9, 0x4c09, 0x8000)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
write$rfkill(r1, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x1}, 0x8) (fail_nth: 4)

1.262645715s ago: executing program 1 (id=3490):
openat$sysfs(0xffffff9c, &(0x7f00000037c0)='/sys/kernel/notes', 0x88102, 0x10d)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x4040080)
eventfd(0x0)

1.187638337s ago: executing program 1 (id=3491):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x65, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='9p_client_res\x00', r2, 0x0, 0xfffffffffffffffb}, 0x18)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='9p_client_res\x00', r3}, 0x10)
pipe2$9p(&(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB='trans=fd', @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX=r5])

1.185840117s ago: executing program 2 (id=3492):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='9p_client_res\x00', r1, 0x0, 0xfffffffffffffffb}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='9p_client_res\x00', r2}, 0x10)
pipe2$9p(&(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB='trans=fd', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])

934.783912ms ago: executing program 4 (id=3493):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x51, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, 0x0, &(0x7f0000000340)='syzkaller\x00'}, 0x94)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)={0x4c, 0x2, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x12, 0x3, 'hash:net,port\x00'}]}, 0x4c}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x54, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x84}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e22}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)

903.655832ms ago: executing program 5 (id=3494):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000000080021850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0xd)
r2 = io_uring_setup(0x4d3f, &(0x7f0000000240)={0x0, 0xca6a, 0x40, 0x1, 0x6})
io_uring_register$IORING_REGISTER_RESTRICTIONS(r2, 0xb, &(0x7f0000000480), 0x66)

902.920702ms ago: executing program 1 (id=3495):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x18)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000000700000095"], &(0x7f0000000000)='syzkaller\x00', 0xef0, 0x0, 0x0, 0x40f00}, 0x94)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000015c0)=ANY=[@ANYRES32=r3, @ANYRES32=r4, @ANYBLOB="05"], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r3}, &(0x7f00000006c0), &(0x7f0000000700)=r2}, 0x20)
sendmsg$inet(r1, &(0x7f0000000980)={0x0, 0x0, 0x0}, 0x3)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x64}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r5, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000640)={0x1c, 0x3, 0x6, 0x401, 0x0, 0x0, {0x7, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x10)

886.326972ms ago: executing program 4 (id=3496):
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000002c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0xfffffff9, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x2}, 0x50)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020025797a31000000000900010073797a3000000000080005400000001c"], 0xe8}}, 0x0)

838.986643ms ago: executing program 5 (id=3497):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x7, 0x4, 0x8, 0xd9}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000010bc0)='kfree\x00', r1}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f0800034000000004640000000e0a01020000000000000000010000000900020073797a32000000000900010073"], 0xf0}, 0x1, 0x0, 0x0, 0x80}, 0x0)

838.296253ms ago: executing program 2 (id=3498):
socket$key(0xf, 0x3, 0x2)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000160000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000640)='kfree\x00', r1}, 0x18)
r2 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0x2401)
ioctl$USBDEVFS_CONTROL(r2, 0xc0185500, &(0x7f0000000080)={0x80, 0x8, 0xd, 0x8, 0x2, 0x9, &(0x7f0000000440)="0392"})
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xf, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000100000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000800008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000084000000b70000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r4}, 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b703000000030000850000001b000000b7000000f7ba000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x18)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r7 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_DAEMON(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="0100000000000000000009000000440003800800010002000000140002007663616e300000000000000000000000080003"], 0x58}}, 0x0)
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff})
pipe(&(0x7f0000000200)={<r12=>0xffffffffffffffff, <r13=>0xffffffffffffffff})
splice(r11, 0x0, r13, 0x0, 0x8000f28, 0x0)
splice(r12, 0x0, r11, 0x0, 0x7f, 0xe)
write(r10, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x1000002, 0x4012831, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000734000/0x4000)=nil, 0x4000, 0x0, 0xbc32038f2d035af6, 0xffffffffffffffff, 0x2882c000)
r14 = socket$xdp(0x2c, 0x3, 0x0)
sendmsg$unix(r11, &(0x7f00000007c0)={&(0x7f0000000000)=@abs={0x1, 0x0, 0x4e24}, 0x6e, &(0x7f0000000740)=[{&(0x7f0000000300)="4251bd38cb84ac37805af0a3e31d9d4c065ef1de9b238780ef9ff4759db1f381a92de49401b4a43b6ce961ee79c8e7949d8bf340699e554e822912d8af85791cd05aa7d04b1312e8c9055d370e1bfc4840a67f7efd3d2b7ba37420f48b6f", 0x5e}, {&(0x7f00000001c0)="02a6af7e763731396b798db192cff9e0c9a7828b5512a7d4105064dfd7e3a1e273a494663077ce80", 0x28}, {&(0x7f00000015c0)="8dc373903eeb585312cf37414f2adf053769b0c432deb5a0cb1a0490eafc5d90726bd3a4cfadd008a0840dee1e60c5ae38063c22ab168110b536fbaa50d01958aaef8cd6b4d25b5799fce2cc605859af57ca4377432f6ebbf43a9c5328bab5c189ddfdc87876a4bc6d700fc4cc7a140f3342644f3f3790e09f1c2a44c1254b0cd37e0603e7017fe074dd9e17b12f0ab0bb647edd8f8d9564d37f691dcf752fb01dfc9146bd9f2460faf97e7c7b764aaf70f63fa0b5bc8e27b2bc72cf37d9f38ea142eb53bf9f369ecab052cfcddf7a7ced49702d457eac49887448b4f6065c4965f574e04fd896d3654597424371cff97490de04638b700bd5943da01e3a04214b3e8ad4c755bfea91a5f083b25a80456e4c634498dd0796921365b2917e5fb32096fbf0a7aa6279f0b75a8cac7330810b087df6b400c7904ffcbe307b6080316e84d85c9fdc0ca0cda4808387e2d708ff45c05de0d119b376367eed248b1dec6f5ea65535553865ba58aeec13c6fc143bb2ebbb10a5d29b13287533a3e7353bf0b2574572994881fde50486369b7dc8465e0eb9d1028a096b3672f08e186e97db7e5fb06f8eef263cf090f19897172cc63ebf3dc5022ee077abeaa517fa8dfe07c8c053ef6357f26e42aadf213bcff60314a12da57dd8012276e8d22abe825d9a8b95778b365d476d10f43754eb7bf9fa58761d0d346c97870981042ca56049c25b247c9057cbd9a92ae2c0ca3012b4a7c55a5b2e6f260afea38eb98910928e616a94a4eb175c04d3be8e0826b173eb226d2524f24d5ae1f028e894f72601e114da025dc05c8252e661a39341ccc55f085125bad0437073d145720041f7e065cb72d6fe4939242c83ae77ce17039155562023d834ebf5037fbfe998e871566e7f0f56bb68e1ad731f2017939469966d412dd5035cf3aafeb8f98f54574ff327b8d234c38c2d5924064e03d249e7c8c5611ff6a2e0dd4ae360d844b8ab4d58a10ac30738b469be9b508670b6202b09c1416b17008a7f44f60e99876c046d47a3740a18882f255d4ddfc18e9902356e3ec219682505219b30c7d62dc3ad839c98f68b9f33bc329466910585fc7a7654d13f01fcda381f7f7d961cfa1a99bdbfb3f692181afa650df1bb50735b98038d80d8d298da239761e4791c72850e82fad8e0974d75fc8921bf26876a2b06c71f7572f2df66e9306758e72302c2cd45ed119e9225ed10902e0119c1c8255bc13d4eb12fb66edc50d0b73fe860084d77b6b2ec5110cb839764e6bada4b950c19f26177fc050bbb2f72fd70de5093f4149a04f2198a74df699378a3387c17362f58f26d782f1595a5e0cf5a843b285e67d3382408742cf71842043c0ec5577fa7629453f67f17de8705d1c4c5ba149e5667fa7399b1899ad30142db131fbd0782358e0183c4e98bba2fc98351b11cb271cd49bd21cad8b4f447d72157c7c55bc5b062d6b5c96436ea120c127bab9cf608755b990054eb3e9011edc040fb1c5569b4c3c798c0be97d3673068a3239e1a1b61270c6e4a241180dfcef46d54c670897cf53156b45ba96921a9c8a88c96d16610e2d1966f70bdb5091182c9e3ccf3dff995d7f9ee545d379b2ca5a77b5135ee509eb946d4a1863955a475cef086b9c063d91f12760319dd78540ea36e43bc0efb073c795ac5673e82585f1471925fba73a25517d45bb850dc65be1539be0e169423654377794fb9d1647ed252522bf0bc2a5847e1a917ed1cc2c325a7adc8d616e1a3a9b1e7f88cfb24f2db594e7d34c3a828489c0d7c44d2b93b6b67760dfba9ee6036475016e5df35178724fb037a362f69b4c4aab5fed7a8b066107313b466ba26deed7dcef58663938232ccc800c9b6c7b000de6b8386208748acff899d0c29cde021f0e3f52046f1f63d25d3885a234075934f45acb0a6a52131024a0c227280d08a708d3ed0b2af4da4060c253750e3cd71a78f3c33a02d7de37d8ab393f027ef14e8b96b28567c18031455c26e28715120f739e71dcec0e853ff09b49944706d87728c3a9d9fdc79cf740adc836dfa1ce044f6ce96697c61d63fd74dcc12357b05e5ebe752f527863b957f4b6545531bb254c91f71114cdeda9fcae2a2a97b681364417bd4d69c0fbbb4c7bb378edea9b56d176a896b03436f4e631838b6c2b2bd7c7610bd75f2b8829ea566ed1766904cdcf6f7b539ba52af8362d7b35b37dde0bcc3f80313b775bd8f1b7548bab0a5f5cb04d3c74b284e96d0222ffb3c4f78399ab26cc56233a606b481be2b0dac91c9acaa13bea398a312f096a0d218450a4d48448d83d1fe6de78cc7fb6ff9284935c15ba04be22e5aea9b0e8181d15038b9af37a12af4e0299a39e63e765b88e8aeabbb219b91faa0b61d30b6e97a96bc75317718b6123c15afc48986a9cb9b25c830dbade36647680fa0da1bbe5504698c9df900e01933602eca1fd1e2a30c23d0621c8613f79da2d87083cfea1f8b27bd398d1ec3e7df3d6494602ebcc2bbf26b2c42b9d0e2790a5377c2c2c37408386f1cab99c3e97f75d5cf09d7ba8ece970d75cc53757b8b2c7690b43a89535bde099b96c75b330b0da5db731f010ba31887f7aadfbac7395f2386653157ec64628cee5700f7ba27829d1405e6d82384ec86b6df842600cd9b1d13af2bad8b43f3e1e0928948d62bbc9e166acdd03bcc0ab502471c3534370ee0fa402eb595d715c703b7e103de656127b29cd838498151172532bec2b13c8d2823d7f267433ba9d892a1db678d8737c58aa68ada2aef2a0cbbdd28bf5b336d17fad1abf92a9b2695566fab6092b3eb6f1cc6126ca22375111cda2ca00d9717ddb87db2c10a93200c8acd45dd9010a0b72e33f1f75c71ac1ff720abed84cf333c6e49f9722d2f4264f766e059ac5b497e5d54462fbd90e87c65eb41033f4b56b4ad1dd5e9f00ad37df95c1e489c02c6c1f5dc1a7fdd6e0d33d2bb07d9a711e6ad70be16c87d74b67dc8737eb656d7f413ea429dc0359619cfa458e16bfbfd96d0002c3e9c9bd64168fdc69df918b85039c3799d43131c90d0d7d747c30328da3f00ed1e290719adc779fa4b30eda9f59dfb6f89e8663acde1ccd67e2d2c2cfc3249e1971488c2bbecc991f820f5584241aae2020014d4055682a55f7fff309a275c2b78a320353c72504861fabdc81bfadff540a52174d0e7f1f6ba8e8fed9e877e9e47e3bcdadc2549be042081363150c3f6f40e49f241ccc8ab69d6d730c7bde7e51d6c8d18e7dd9610d6bd299a7ff8c5f5f3c50d52f87340a54a46a0146be95979139b33271d867665cb5b369f7921d37eff78f613da3699807016e63fda3744c5c6390b042c46c0f17fefb9e5767b0d9e7bd8836fdfe2c082436130612a6bd6ac0612c86d05357b3d1ccbeb70d365d9d7e7cd6a32e4b735503c1884442ee1eefd03f09ef2252b669f337ace10ceb6b31fef29cc20a1a57158b512694ccc7c032dc6764cc9c7bb39ccce3854aeca113730babb98744871cb4db8f8ee907556f0d68f8e4408b6e5e80cee35aabccfb0922afbb4702aea3fba6d7e9632cba8153b0daad57d373bd39ed3f998f4f014502356d690650ef101580780b55d0e5f5428b65e374af3cbd46da313f65e0ef6516472bf475bb724a2bbbfcf32f197b179c971ee1d6033e84ee2ec05ddfa8c8487af6ce5b5bea9383960a205d8f24d7d319e86400a0c16206403df5d002686f6086a36bc22abb72324676bdf03bfed21e4c40710a807c5d4d749a0dbf0bd79df88c01ddcc4a2b0ea6a20bc405b1642248082afc1d7d73eafdd145399d81a4b0624bd087de15fac25f8e66e79db8bb5bd3e74cae86c9d839e6919ef0f0ce95d5fb7bfa0edfc0c65986b141a38c936ea7eca3d76cd5591dadd45386847d0b13fca38d08d19a3aad4d88dbc2fcff15e85fcd09eb05303ce1df16439059d6b3f2869a485c5f511104a1807aa1d0025c5f1225e32bb6a5e5221faba935028750da05009362ab6720c4f4a4d79cd231327f836537ddc15df7d982a75eb1db98cfb0c91906e09161091311bd9459d7a95ca98130225f750a28f9bce82f765c3870f239e4028939489fd4ee2e8106cb63431ee44dded87a24a3a9295ba343e29089d3ee5e7dab7cc1efbff39147d93e67c0428633901d3b810ebc03661d0ec1777fb8f63f7ff8228b7ebb174495e846a7f18f5824ae9834289e68cf3e6ea665d32c00130cbddefa36bdc7d655eec5c513f6d14c93663c5b2b56a129b13a930e52339094f58a224433888759112967481cc15e020b836d47eb895d0ff3f2defa99e012c3bb0f08dd920236fc362bcef1707b70ca46cd14c3b42dbd80651d4785654d48f025a8eec7603d39b92c5084b49170683f741e0c6b9fa7ac234325a6703cecff6a8c97d7891850a68d7e4e26ab3ec58a422cc9e19df9447cd05baad3e366f85dfe93758fc88b6b0819d2689781b21966e78c7f787cade7dc822508c236314432740a84fadcffe025f34517a04711a9f4fb7ae59c8d42d51e44e1b018270e00889af12a6e78877b924fa9603d6c50ac579c1027e3f8d34ce0b167729bb8590060efeec81a6a5ed410ab05a52c9691c1fe2e6f4d2ee98aa31b054aeffc74d0eb94d9c895340895566547dbcd0ea8cfc665e8ad20763fc1a763853a6662f4d9c171c04ddc1b4b5dd64bbc8e6ada6ca3553be6baf7ad8f977a3c2d9dc52ccfb016417c3640dbe4848a873441a6c0c428c3e535a3fd05c4207ddb0e1cb2e501cfa56d0bcc8cff96964ce5350f16229586153cbc64679d17b5fa3fbcc11ea80d5f314c148a791942bf0de60d5afd7ad64fb60a83e1bf2c25bdad7aa3c3177b2ed28c1e678aff1adf9d72dc7169b1db0368a0c7a7abd85658d4c972cd4206f34916c2631e026b870d8665f6cbe93b97c173b781c8bd50af689181388a6f2fcc75dd42d64baea9512c98a82b0f327e4dff0b67f4aecec7323f0e080d6c4e5997bd2075b04c9c0ac9f0c93aa6ac5d142e54352361c869e5c0b5075169cb54da8e861888cc95689542f1be7ccea82b12bd0ae65919966ee60043d9c6957a2b24c0bd98b37848a489f1d44d6f40921c539a30c68162e4d272ac074b25a4487ed4a52307c968eabfc641494ca7d6fc37740b01c32db7688f39c4db1ff34cd927ee10cc85a8e8f7cb7d353f29fce665e890001878d00b92e19f4cdd606c9e4b2a9282d02398b6202cc0868c62e766a70457dc0c9f3acb8275875aba7749a62fa7003207e0680b543f83516eb97b46e11b78a2220e91048fd7e3f97041f3364276bd2efeb9d1b6153e3d192ac3a99b1af306a17e8f343a52bb1715ff14653a401804a47f334debff33c994322f340b5283fe90a95715713b3228980cc5e77f886c654b3c64cdbe62f2c85e5830a991033b9236df226014dcbd4c9e164e9f3e362ab6db060b4749086e79406f27ea619b2f57bb628f96d1e785c3637c8758649b8208d86b1c5b6b2b8a068b316da07d70058d8d74e97da2060b360602e0a02d11529a68d4c344edf534aa7522a15bafcb44024ac421c19fa3ff68fcdcb9661a742b155fc03eca5c31d3bd83c157e7a0dff1eb66aba408ce6a2d3294a70a4df57359f959abb1fc46880f752de0f75c7eb535d9a5c82d2d247fcbdcab1768e928080fb38601634ab58f08f126a88e2800814fe1837eb4b45597d46a62d6d83e4d6e226e25740aadabc541d5e6b371e0e69401e3081d200ae587d79a1268fb91f15d597737b76bca337396b9362e62bcb358c3f426cef3f6866bb39230efd9792", 0x1000}, {&(0x7f00000004c0)="818142208bbb3860e7926ce69ae70a478a5d67e0ff607cfa0b84e772556aff4c704dbe83fd37df24fb43cb73df4c1b", 0x2f}, {&(0x7f0000000500)="d8e8e23d5114acb8282c76bd25a940395fda6031aab5e37b48fbf5848340f955f3deceb5cdb44ee5ee936d5dae004bfe3779a0a343de14d3a3bf9f826d7c5561651a1bf3eb47fc4cef6fc201fb4971e7e650cf38e307e7bd14ee13a2ce754fb2cc96954c5c1d4403dd43435a69346963b610614effd010bd5045f4f10981fdbfee16eed972e45ce97151c732b23d2c1b7076ae482685ae6c5ce3ed551b5fe6ab4bec620214c9c805dfd18109da443fae8753b5f251b2908cbd442731cc60ba93648705a1b6790397821a90f2a15e2e2e0a", 0xd1}, {&(0x7f0000000680)="498dcccf48974841706c466a7585c6b66ca9c0d8d9bf8b9b67558f7e9245a0f29d153d2d7727277eaae85606bf1596b15968a5c8a1426c66126faecd1db3ce1169d6f930c3c23caa774917336060282c05739747653bde5830f0f15a0a676e549d61bb406495ad20522ab773f7a49819ff7915dd482a0857a3fa0207271bccd39353fb1226f747c35ad321c07ec17130ec436816c717bf29cc75039ce71b75e99603706f19983ff79a8ee0ac7fd00aa0458e9ddb53b2ed37a35f7d01", 0xbc}], 0x6, 0x0, 0x0, 0x5}, 0x8040)
setsockopt$XDP_UMEM_REG(r14, 0x11b, 0x4, &(0x7f00000000c0)={0x0, 0x201000, 0x1000}, 0x20)
inotify_init1(0x80000)
sendmsg$nl_xfrm(r9, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000200)=ANY=[@ANYBLOB="04010000100007000000000000000000ff020000000000000000000000000001e00000020000000000000000000000004e200000000000000000000002000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="ff010000000000000000000000000001000000002b000000fc00000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000001000000000feffffffffff"], 0x104}}, 0x0)

812.434544ms ago: executing program 1 (id=3499):
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0x2}, 0x18)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000700)=ANY=[@ANYRES16], 0x7c}, 0x1, 0x0, 0x0, 0x40001}, 0x4044854)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480), 0x4)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
close(0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001d00)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$TIPC_NL_KEY_SET(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0100000000000000000003000000400001802c0004001400010002000000ac14140f00000000000000001400020002000000ffffff53a2513743897e44000d0001007564703aa3"], 0x54}}, 0x0)

791.635314ms ago: executing program 4 (id=3500):
bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f00000000c0)={0x1d, r2, 0x0, {0x0, 0x5e08d54045f0c934, 0x4}, 0x2}, 0x18)
connect$can_j1939(r1, &(0x7f0000000140)={0x1d, r2}, 0x18)
sendmmsg(r1, &(0x7f000000a200)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000002c0)="220733d69b211bb4a3f85730728e28424ba4cda255348a19dfc31da6b47d7904126212e0e8502fb4f3dadbbdfa5c952f12a9036dae3d2b0fc75a7bee726dc4c93d91e404a7c235d50738b60402190afaa9e06aff5bdd9087ac06c98060dd3ce9d5871751f599848cefda4e3893ed17b43fadafd1e859e9376358372d4f3cb3a0bf0fe13d15f63fee7e5753f3b19ae14a1226f1d0e748b0b0fc15af257611a13d40cc6aa716bd2733d9395d32fafe82dccc3b211e02659298134932c7c7d1033958c52744bb6adcf202f058a68249", 0xce}, {&(0x7f0000000400)="73fd5418cdbef924ba442463287fbdde2ab7da9d2b26d6b741a60e2aba6555bff157db432a06da33ed74145ddfec5146fe85c31fd70ec45ce1d1fe8dbf85f5e9eed99d6adec3a8a271e9fa501ef5898da20a50c603fbb5af49e0c36b53c91e33ccd527e2ba5edab0f61b9833642fcc839ced7b2ae3c5ab3c565aa52b38f42b865e07775777066808b3a7c4e70e4c05717bc6da503324a9ab9e13b738908b5e9f5b080b464098931a725cfbf8403017399050e250f8cb8b99bd8e5b138dcd386b324e381a36f63aac6099b8aa3979408d4f9db909a8d353a3dc533e2b558cd5921dbf0b33760bb481ffd108e820e871b6e19a87f8141e990d94de13dd8faee04b4e732b122fc85beb7f0163f169e9744ce609ea57fdaafd954cd8562ab91b47176ed0548096ca08ad7264c40f882894a2dbfa9bbc37bdc253a477eb4ae52faa1e6632bfc950b0209bb048349ea50d3527fbbc31a706ffe7c566551ca79d4b0e1359275f044cfbf90cd8497ed033fa064e58f0c11a1a8d18cf53866d4d7b232fb54ed86ea9654440deabd4e8ca66061633ba34a298732ba9605fe31a530f5198aa3e1d1c0fda4c036dc845c835b1959dc0b13cf15c75f58c6ef62f56588d7043c03cfeff1f7b0792e514ac00c9d7570ac95037f6fa4f0cfd7263649bd2b5342320f74ef89799307f596d5db41c683f615da96eb5a5b802fa8ecf3764f6ffd5271e66b382e0e14b81f145c22d4f90306ef02c8c8921521e46b23f72b2fdd2b4fc9a3eb6f03207ada71244714e67cbf65c138215e612a8c9a4420aa45fc39164f5cfc4f9fc014fcfd10b856c3ebd4e1e877046aaee29a642b211f356cb7ed483eda92450d5ff66ff23a20a8bb845265a2939cb34c48a2b22b33bb3e774383588b9f7a53333eb20f4c1054368e34d3acc692d3b12f746b729a122b0aa62a74f5bf0040d589f815c1bce1b4a5934384998df3ab48fe41f0b90fb4d4d8cb01bfecfc86a96d91facba50a5828a8f62bb8759f3dfaeb728e3e42744e83fbad739bd03de69d1c78f6d01b714b11a284caa1ebba69fe7d29e2cbc43db1e6d249545a7c6debd66b5b5f53d4c1d6cebcb2fa427160eb86e48047aab6ce43f7fa0d5bb1dc99ba03e65a7bf178ccba74cf71dec7712414b38f7bf98065a518366839ca4f4a1887ad28d495c1d5c4aa413128d80ab031bd7694cf1101fe9dd65e99849ce6b2e69d6e371bd1df1022e32125747356748d0d3b30fa7d2aa6394707a60b572606d7297091fb45a5534cf269f77f6fc61c92b94f141f06ba8e347667c2fb2c87de5eacf60fadc48f7d7c5516be44807b48583ecc13e00a58143e134706700d28357ac38611494311b049dd497cc5ce315051e215a57f33939d320f808f8dcdedeb60f42b71d618e272506f0bc28843d3fd337989d74600299ab187395347c5bfbb665e5bc03e27978c0b0a464355a47da458690f957122beac9bb139b4223bd156ad74bb76e6880823e52f9eb806aad122892ebd8355ff6cb15ff2e0ce7cad2219a333999318f59c986b4bee11b9f05e355fe32e98732015f17eb19db77088c55d321828bec2dd25ba0da232717e8dafed91f96636d930f3c38b46da4c5541ae963e30e89a341af805176d9e1c9c88068bd81f4acf0325d24fa76dacbff3b88615699f08ded43403b7aeecdd2bbec00e60555317a4e24828ba9e8b9a737621d8ba12fa83c963d67a5a5e5ebbf29ac272cad91786c269fc053ce3f50bb0c05926ccefcc4548d42142efbd86460ec4516aa48e34b54af6319b8c948b69a1fd0d49930d844f13cf5bd1e67c662cdca6dc5f4daf11a75a123ed0a740dfe3014515917a2b01d691803cd7c8f4c46a2fefeab1608498503df514da7c62692b3c2b927b0f09164b367a260aee0c619575891e98ec8391a0b385d4b9ca4a421e2766047cbc11264e89f7d704e7c83d7e50b1c2fa3648c90cb8f66d93f40df5ac3fdd206a3997a5efb0a2cab9c07e00165c2b1cb2c2baf1b06493c4809d1d5dd5c7e6dbc22f1385482f54d4fb96e9e8aec587fe68b7d2d033c7efe622918e0d8661c89582f50db39a3376c1684b9dcfb10ef6cca665c75e2b7e468e7cb3a15604b759b0d949f459b982181f5f423f5dfc8b209665c9763ed0545f9ebf77661559312b4c2fc9518434530f75bf17d1ab39be227845a1d1c9982f2e27601009c36c9ce9cf11da012532e09d23ef2a749a5ca8df867", 0xfd43}, {0x0, 0xe}], 0x3, &(0x7f0000002480)}}, {{0x0, 0x0, 0x0}}], 0x2, 0x60000800)

769.113875ms ago: executing program 5 (id=3501):
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000000100))
r0 = socket(0x11, 0x2, 0x100001)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000000)={0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x20)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"})
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000005c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508011132153c528f7bca92980a3223c5b9cdddedb0a14adddf9a6e70a26b5c0ee0879c349814bee9d96d8bd23db4e801d49201ae84090455682794098afa42b34196b1d849020eeeb1ef48d003d71524683d7cdfa841bca708414fb8ff49742420d1ab7fa678aa4806d5247616e8bc0b02887f8efe9310ccf9bec1c9b7f6671c9d59ac6b09b4436cafdd1887c8e884c930d21ace088ccc99a94d4b33da2fc1b1310bb607a9ad65844655de1ac9fd36d12e07a821fb950368a970c58fb4f3f403fdaf68902874"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000380)='sched_switch\x00', r1}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={r2, 0x34}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x7cb641, 0x0)
close(r5)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0xfffffffd, {0x0, 0x0, 0x0, r6, {0x1, 0xd}, {0x7}, {0x10, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x40085}, 0x40000)
recvmmsg(r7, &(0x7f0000001480)=[{{0x0, 0x0, &(0x7f0000000bc0)=[{&(0x7f0000000040)=""/55, 0x37}, {&(0x7f0000000540)=""/189, 0xbd}, {&(0x7f0000001ac0)=""/4096, 0x1000}, {&(0x7f0000000940)=""/74, 0x4a}], 0x4}, 0x5d}], 0x1b00, 0x10022, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000005c0)={'gre0\x00', <r8=>0x0})
bind$packet(r0, &(0x7f0000000180)={0x11, 0x0, r8, 0x1, 0x0, 0x6, @dev}, 0x14)
sendmsg$netlink(r0, &(0x7f0000002ac0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4800}, 0x1)
r9 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r9, 0x0, 0x0)
setsockopt$bt_BT_DEFER_SETUP(r9, 0x112, 0x7, 0x0, 0x0)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000080)=0x14)
r11 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00')
read$eventfd(r11, &(0x7f0000000080), 0x8)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1b00000000000000000000000600000000000000", @ANYRES32, @ANYBLOB="0800000000000000000000d73b05d1de460e5900", @ANYRES32=r10, @ANYRES32=r11, @ANYBLOB="00000000000000000400"/28], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYRESHEX=r0], 0x48)

743.452415ms ago: executing program 1 (id=3502):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000580)=@newtaction={0xd8, 0x30, 0xffff, 0x0, 0x0, {}, [{0xc4, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c}]]}, {0x4}, {0xc}, {0xc}}}, @m_gact={0x54, 0x2, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x0, 0x0, 0x0, 0xc49}}, @TCA_GACT_PROB={0xc, 0x3, {0xfa665a81a6d02b4d}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xd8}}, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$TCXONC(r1, 0x540a, 0x0)
ioctl$TCXONC(r1, 0x540a, 0x2)
pread64(r1, &(0x7f0000000000)=""/66, 0x42, 0x2)

659.840807ms ago: executing program 1 (id=3503):
socket$netlink(0x10, 0x3, 0x12)
socket$packet(0x11, 0x3, 0x300)
syz_emit_ethernet(0x66, &(0x7f0000000140)={@link_local, @local, @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x0, 0x0, 0x58, 0x0, 0x0, 0x0, 0x2f, 0x0, @dev, @dev={0xac, 0x14, 0x14, 0xff}}}}}}, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d0000008500000023000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000580)={{{@in=@loopback, @in=@multicast2, 0x4e24, 0x9, 0x4e22, 0x48b, 0x2, 0x0, 0x0, 0x87, 0x0, 0xffffffffffffffff}, {0x6, 0xa, 0x4, 0xfffffffffffffff9, 0x6, 0x7, 0xfffffffffffffffc, 0x4}, {0xfffffffffffffffd, 0x100000001, 0x999, 0x4}, 0x56a5, 0x6e6bb6, 0x1, 0x0, 0x3, 0x1}, {{@in6=@ipv4={'\x00', '\xff\xff', @empty}, 0x4d4, 0x32}, 0x2, @in=@multicast1, 0x3500, 0x5, 0x2, 0x3, 0x10001, 0x1, 0x8be2}}, 0xe8)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'veth0_to_team\x00'})
socket$netlink(0x10, 0x3, 0x0)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="9feb010018000000000000000c000000"], 0x0, 0x26}, 0x28)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000095000000000000004fcd2467f73a0909ada99ef59a24e4b51c57c9c511101fe18f14771b92f0809d6a48d7f1fff92e7a56d629c64429b17b971a283a32cd1ebcd0c65a73f5a0cef0ad5ad6487bba49c31b262167bffa124a8d422bc4"], &(0x7f0000000080)='GPL\x00', 0x5, 0xa8, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, r3, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x10}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={r4, 0xc0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0}}, 0x10)
r5 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r6}, 0x10)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESOCT=r1, @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000340)='kfree\x00', r7}, 0x18)
r8 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffa}]})
r10 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETSF2(r10, 0x402c542d, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a80000000060a010400000000000000000a0000010900010073797a310000000054000480500001800b00010074617267657400004000028008000240000000012c0003007339f2f10455afb9fdd672bad09dfb78c7699c74e891a0c70000000000000000000000000000000008000100544545000900020073797a320000000014000000110001"], 0xa8}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)
close_range(r8, 0xffffffffffffffff, 0x0)
ioctl$KDSKBENT(r5, 0x4b47, &(0x7f0000000580)={0x8, 0x8, 0xde0})

610.740798ms ago: executing program 5 (id=3504):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x0, 0x0})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r3}, 0x10)
syz_io_uring_setup(0x115, &(0x7f0000000340)={0x0, 0xf3e5, 0x2, 0x3, 0x400}, 0x0, 0x0)
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
connect$pppl2tp(r5, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r6, 0x2, 0x0, 0x4, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x32)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_DELETE(r7, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)={0x1c, r8, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}]}, 0x1c}}, 0x40)
socket$inet(0x2, 0x80000, 0xfffffff7)
ioctl$F2FS_IOC_SEC_TRIM_FILE(r4, 0x4018f514, &(0x7f0000000000)={0x8, 0x9, 0x2})
close_range(r0, 0xffffffffffffffff, 0x0)

526.75087ms ago: executing program 3 (id=3505):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x65, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='9p_client_res\x00', r2, 0x0, 0xfffffffffffffffb}, 0x18)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='9p_client_res\x00', r3}, 0x10)
pipe2$9p(&(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB='trans=fd', @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX=r5])

454.725981ms ago: executing program 3 (id=3506):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x51, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, 0x0, &(0x7f0000000340)='syzkaller\x00'}, 0x94)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)={0x4c, 0x2, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x12, 0x3, 'hash:net,port\x00'}]}, 0x4c}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x54, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x84}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e22}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)

414.654372ms ago: executing program 3 (id=3507):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000000080021850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0xd)
r2 = io_uring_setup(0x4d3f, &(0x7f0000000240)={0x0, 0xca6a, 0x40, 0x1, 0x6})
io_uring_register$IORING_REGISTER_RESTRICTIONS(r2, 0xb, &(0x7f0000000480), 0x66)

336.082663ms ago: executing program 3 (id=3508):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='9p_client_res\x00', r1, 0x0, 0xfffffffffffffffb}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='9p_client_res\x00', r2}, 0x10)
pipe2$9p(&(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB='trans=fd', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])

284.094014ms ago: executing program 3 (id=3509):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x18)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000000700000095"], &(0x7f0000000000)='syzkaller\x00', 0xef0, 0x0, 0x0, 0x40f00}, 0x94)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000015c0)=ANY=[@ANYRES32=r3, @ANYRES32=r4, @ANYBLOB="05"], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r3}, &(0x7f00000006c0), &(0x7f0000000700)=r2}, 0x20)
sendmsg$inet(r1, &(0x7f0000000980)={0x0, 0x0, 0x0}, 0x3)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x64}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r5, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000640)={0x1c, 0x3, 0x6, 0x401, 0x0, 0x0, {0x7, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x10)

242.195175ms ago: executing program 3 (id=3510):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffd1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r1}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'bond0\x00', <r3=>0x0})
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000240)=@newqdisc={0x34, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r3, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x4}}]}, 0x34}}, 0x0) (fail_nth: 11)

0s ago: executing program 2 (id=3511):
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000002c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0xfffffff9, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x2}, 0x50)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020025797a31000000000900010073797a3000000000080005400000001c"], 0xe8}}, 0x0)

kernel console output (not intermixed with test programs):

ge from 0 to 1024
[  175.333372][T10962] loop3: detected capacity change from 0 to 164
[  175.340330][T10962] iso9660: Unknown parameter 'Ó)charset'
[  175.347397][T10958] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  175.360654][T10958] ext4 filesystem being mounted at /32/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  175.389782][T10966] af_packet: tpacket_rcv: packet too big, clamped from 64993 to 3952. macoff=96
[  175.434307][T10451] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  175.445987][T10970] loop3: detected capacity change from 0 to 128
[  176.370438][T10998] loop5: detected capacity change from 0 to 512
[  176.384299][T10998] EXT4-fs: Ignoring removed mblk_io_submit option
[  176.403834][T10998] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  176.427532][T10998] EXT4-fs (loop5): 1 truncate cleaned up
[  176.437425][T10998] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  176.482313][   T29] kauditd_printk_skb: 313 callbacks suppressed
[  176.482330][   T29] audit: type=1400 audit(2000000062.354:11056): avc:  denied  { write } for  pid=10997 comm="syz.5.2920" name="bus" dev="loop5" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  176.564021][   T29] audit: type=1400 audit(2000000062.434:11057): avc:  denied  { mounton } for  pid=11006 comm="syz.2.2924" path=2F33342FE91F7189591E9233614B dev="tmpfs" ino=203 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=sock_file permissive=1
[  176.564064][T11007] cgroup: Invalid name
[  176.723986][T11018] 9pnet_fd: Insufficient options for proto=fd
[  176.744796][   T29] audit: type=1326 audit(2000000062.614:11058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11020 comm="syz.2.2929" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdba110ec29 code=0x0
[  176.804335][T11023] loop1: detected capacity change from 0 to 1024
[  176.842875][T11023] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  176.887603][T11023] ext4 filesystem being mounted at /40/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  177.008406][T10451] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  177.217270][   T29] audit: type=1326 audit(2000000063.085:11059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11035 comm="syz.1.2933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44d77dec29 code=0x7ffc0000
[  177.240975][   T29] audit: type=1326 audit(2000000063.085:11060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11035 comm="syz.1.2933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44d77dec29 code=0x7ffc0000
[  177.288187][T11043] FAULT_INJECTION: forcing a failure.
[  177.288187][T11043] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  177.301431][T11043] CPU: 0 UID: 0 PID: 11043 Comm: syz.4.2936 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  177.301458][T11043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  177.301472][T11043] Call Trace:
[  177.301479][T11043]  <TASK>
[  177.301487][T11043]  __dump_stack+0x1d/0x30
[  177.301579][T11043]  dump_stack_lvl+0xe8/0x140
[  177.301599][T11043]  dump_stack+0x15/0x1b
[  177.301614][T11043]  should_fail_ex+0x265/0x280
[  177.301636][T11043]  should_fail+0xb/0x20
[  177.301656][T11043]  should_fail_usercopy+0x1a/0x20
[  177.301711][T11043]  _copy_from_user+0x1c/0xb0
[  177.301740][T11043]  __sys_sendto+0x19e/0x330
[  177.301804][T11043]  __x64_sys_sendto+0x76/0x90
[  177.301824][T11043]  x64_sys_call+0x2d05/0x2ff0
[  177.301904][T11043]  do_syscall_64+0xd2/0x200
[  177.302010][T11043]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  177.302035][T11043]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  177.302118][T11043]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  177.302137][T11043] RIP: 0033:0x7f549c10ec29
[  177.302198][T11043] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  177.302215][T11043] RSP: 002b:00007f549ab77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  177.302234][T11043] RAX: ffffffffffffffda RBX: 00007f549c355fa0 RCX: 00007f549c10ec29
[  177.302246][T11043] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007
[  177.302257][T11043] RBP: 00007f549ab77090 R08: 0000200000000000 R09: 0000000000000010
[  177.302268][T11043] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  177.302317][T11043] R13: 00007f549c356038 R14: 00007f549c355fa0 R15: 00007ffdfb9924f8
[  177.302333][T11043]  </TASK>
[  177.533157][ T9280] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  177.615365][T11058] 9pnet_fd: Insufficient options for proto=fd
[  177.643802][T11060] loop5: detected capacity change from 0 to 1024
[  177.678073][T11060] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  177.711147][T11060] ext4 filesystem being mounted at /143/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  177.747785][   T29] audit: type=1326 audit(2000000063.625:11061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11072 comm="syz.1.2946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44d77dec29 code=0x7ffc0000
[  177.769267][T11074] tipc: Enabling of bearer <udp:£ > rejected, already enabled
[  177.771524][   T29] audit: type=1326 audit(2000000063.625:11062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11072 comm="syz.1.2946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f44d77dec29 code=0x7ffc0000
[  177.802483][   T29] audit: type=1326 audit(2000000063.625:11063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11072 comm="syz.1.2946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44d77dec29 code=0x7ffc0000
[  177.826243][   T29] audit: type=1326 audit(2000000063.625:11064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11072 comm="syz.1.2946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44d77dec29 code=0x7ffc0000
[  177.850787][   T29] audit: type=1326 audit(2000000063.635:11065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11071 comm="syz.3.2947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01a089ec29 code=0x7ffc0000
[  177.897004][T11080] __nla_validate_parse: 11 callbacks suppressed
[  177.897023][T11080] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2948'.
[  177.915215][ T9280] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  177.940887][T11084] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2959'.
[  178.508716][T11101] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2953'.
[  178.517718][T11101] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2953'.
[  178.539771][T11103] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket pid=11103 comm=syz.2.2954
[  178.553930][T11103] netlink: 'syz.2.2954': attribute type 9 has an invalid length.
[  178.854628][T11111] vhci_hcd: invalid port number 96
[  178.855025][T11118] loop3: detected capacity change from 0 to 1024
[  178.859827][T11111] vhci_hcd: default hub control req: 0300 vfffa i0060 l0
[  178.879729][T11120] tipc: Enabling of bearer <udp:£ > rejected, already enabled
[  178.889051][T11118] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  178.903694][T11118] ext4 filesystem being mounted at /26/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  178.933037][T11126] serio: Serial port ptm0
[  178.935001][T11130] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2966'.
[  178.946427][T11130] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2966'.
[  178.983693][T10562] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  179.821774][T11162] geneve0: entered allmulticast mode
[  179.834056][T11162] loop5: detected capacity change from 0 to 128
[  179.840527][T11162] msdos: Unknown parameter 'ˆ'
[  179.862508][T11165] FAULT_INJECTION: forcing a failure.
[  179.862508][T11165] name failslab, interval 1, probability 0, space 0, times 0
[  179.875360][T11165] CPU: 0 UID: 0 PID: 11165 Comm: syz.5.2975 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  179.875381][T11165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  179.875388][T11165] Call Trace:
[  179.875393][T11165]  <TASK>
[  179.875398][T11165]  __dump_stack+0x1d/0x30
[  179.875415][T11165]  dump_stack_lvl+0xe8/0x140
[  179.875487][T11165]  dump_stack+0x15/0x1b
[  179.875505][T11165]  should_fail_ex+0x265/0x280
[  179.875557][T11165]  ? sfq_init+0x963/0x1290
[  179.875570][T11165]  should_failslab+0x8c/0xb0
[  179.875586][T11165]  __kmalloc_cache_noprof+0x4c/0x320
[  179.875606][T11165]  sfq_init+0x963/0x1290
[  179.875618][T11165]  ? netlink_sendmsg+0x579/0x6b0
[  179.875697][T11165]  ? ____sys_sendmsg+0x31e/0x4e0
[  179.875833][T11165]  ? __x64_sys_sendmsg+0xd4/0x160
[  179.875859][T11165]  ? x64_sys_call+0x191e/0x2ff0
[  179.875874][T11165]  ? __pfx_sfq_dequeue+0x10/0x10
[  179.875887][T11165]  ? qdisc_alloc+0x3c3/0x440
[  179.875905][T11165]  ? __pfx_sfq_init+0x10/0x10
[  179.875917][T11165]  qdisc_create+0x591/0x9e0
[  179.875944][T11165]  tc_modify_qdisc+0xf2e/0x1420
[  179.875969][T11165]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  179.875989][T11165]  rtnetlink_rcv_msg+0x657/0x6d0
[  179.876034][T11165]  netlink_rcv_skb+0x123/0x220
[  179.876049][T11165]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  179.876072][T11165]  rtnetlink_rcv+0x1c/0x30
[  179.876138][T11165]  netlink_unicast+0x5bd/0x690
[  179.876154][T11165]  netlink_sendmsg+0x58b/0x6b0
[  179.876171][T11165]  ? __pfx_netlink_sendmsg+0x10/0x10
[  179.876187][T11165]  __sock_sendmsg+0x142/0x180
[  179.876237][T11165]  ____sys_sendmsg+0x31e/0x4e0
[  179.876256][T11165]  ___sys_sendmsg+0x17b/0x1d0
[  179.876369][T11165]  __x64_sys_sendmsg+0xd4/0x160
[  179.876445][T11165]  x64_sys_call+0x191e/0x2ff0
[  179.876458][T11165]  do_syscall_64+0xd2/0x200
[  179.876478][T11165]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  179.876494][T11165]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  179.876535][T11165]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.876549][T11165] RIP: 0033:0x7fbd8e44ec29
[  179.876633][T11165] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  179.876653][T11165] RSP: 002b:00007fbd8ceaf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  179.876667][T11165] RAX: ffffffffffffffda RBX: 00007fbd8e695fa0 RCX: 00007fbd8e44ec29
[  179.876676][T11165] RDX: 0000000000000000 RSI: 0000200000000380 RDI: 0000000000000004
[  179.876684][T11165] RBP: 00007fbd8ceaf090 R08: 0000000000000000 R09: 0000000000000000
[  179.876743][T11165] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  179.876751][T11165] R13: 00007fbd8e696038 R14: 00007fbd8e695fa0 R15: 00007ffca2897558
[  179.876764][T11165]  </TASK>
[  180.150666][    C0] vcan0: j1939_tp_rxtimer: 0xffff88811a264200: rx timeout, send abort
[  180.158907][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88811a264200: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  180.199670][T11167] tipc: New replicast peer: 255.255.255.83
[  180.206007][T11167] tipc: Enabled bearer <udp:£ >, priority 10
[  180.243367][T11171] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2978'.
[  180.252309][T11171] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2978'.
[  180.413073][T11206] tipc: Enabling of bearer <udp:£ > rejected, already enabled
[  180.470522][T11213] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2995'.
[  180.479606][T11213] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2995'.
[  180.563178][T11219] loop3: detected capacity change from 0 to 8192
[  180.643282][T11229] netlink: 'syz.3.2998': attribute type 9 has an invalid length.
[  180.651152][T11229] netlink: 'syz.3.2998': attribute type 6 has an invalid length.
[  180.756093][T11243] tipc: Enabling of bearer <udp:£ > rejected, already enabled
[  180.865837][T11262] FAULT_INJECTION: forcing a failure.
[  180.865837][T11262] name failslab, interval 1, probability 0, space 0, times 0
[  180.878558][T11262] CPU: 1 UID: 0 PID: 11262 Comm: syz.3.3009 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  180.878591][T11262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  180.878671][T11262] Call Trace:
[  180.878693][T11262]  <TASK>
[  180.878700][T11262]  __dump_stack+0x1d/0x30
[  180.878716][T11262]  dump_stack_lvl+0xe8/0x140
[  180.878752][T11262]  dump_stack+0x15/0x1b
[  180.878763][T11262]  should_fail_ex+0x265/0x280
[  180.878779][T11262]  ? audit_log_d_path+0x8d/0x150
[  180.878880][T11262]  should_failslab+0x8c/0xb0
[  180.878897][T11262]  __kmalloc_cache_noprof+0x4c/0x320
[  180.879005][T11262]  audit_log_d_path+0x8d/0x150
[  180.879062][T11262]  audit_log_d_path_exe+0x42/0x70
[  180.879082][T11262]  audit_log_task+0x1e9/0x250
[  180.879099][T11262]  ? cred_has_capability+0x210/0x280
[  180.879115][T11262]  audit_seccomp+0x61/0x100
[  180.879158][T11262]  ? __seccomp_filter+0x68c/0x10d0
[  180.879173][T11262]  __seccomp_filter+0x69d/0x10d0
[  180.879187][T11262]  ? __rcu_read_unlock+0x4f/0x70
[  180.879202][T11262]  ? mntput_no_expire+0x6f/0x460
[  180.879314][T11262]  __secure_computing+0x82/0x150
[  180.879357][T11262]  syscall_trace_enter+0xcf/0x1e0
[  180.879373][T11262]  do_syscall_64+0xac/0x200
[  180.879398][T11262]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  180.879413][T11262]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  180.879500][T11262]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  180.879514][T11262] RIP: 0033:0x7f01a089d63c
[  180.879525][T11262] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  180.879538][T11262] RSP: 002b:00007f019f2ff030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  180.879631][T11262] RAX: ffffffffffffffda RBX: 00007f01a0ae5fa0 RCX: 00007f01a089d63c
[  180.879645][T11262] RDX: 000000000000000f RSI: 00007f019f2ff0a0 RDI: 0000000000000005
[  180.879660][T11262] RBP: 00007f019f2ff090 R08: 0000000000000000 R09: 0000000000000000
[  180.879672][T11262] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  180.879681][T11262] R13: 00007f01a0ae6038 R14: 00007f01a0ae5fa0 R15: 00007ffdbc64baa8
[  180.879742][T11262]  </TASK>
[  181.125707][T11267] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11267 comm=syz.3.3011
[  181.163094][T11272] hub 8-0:1.0: USB hub found
[  181.167997][T11272] hub 8-0:1.0: 8 ports detected
[  181.205071][T11277] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11277 comm=syz.2.3015
[  181.221704][T11275] tipc: Enabling of bearer <udp:£ > rejected, already enabled
[  181.286369][T11292] loop3: detected capacity change from 0 to 512
[  181.302052][T11279] loop5: detected capacity change from 0 to 8192
[  181.310690][T11292] EXT4-fs error (device loop3): ext4_get_branch:178: inode #11: block 4294967295: comm syz.3.3022: invalid block
[  181.316621][T11279] FAULT_INJECTION: forcing a failure.
[  181.316621][T11279] name failslab, interval 1, probability 0, space 0, times 0
[  181.323089][T11292] EXT4-fs (loop3): Remounting filesystem read-only
[  181.335540][T11279] CPU: 1 UID: 0 PID: 11279 Comm: syz.5.3017 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  181.335570][T11279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  181.335583][T11279] Call Trace:
[  181.335591][T11279]  <TASK>
[  181.335599][T11279]  __dump_stack+0x1d/0x30
[  181.335628][T11279]  dump_stack_lvl+0xe8/0x140
[  181.335648][T11279]  dump_stack+0x15/0x1b
[  181.335665][T11279]  should_fail_ex+0x265/0x280
[  181.335697][T11279]  should_failslab+0x8c/0xb0
[  181.335722][T11279]  kmem_cache_alloc_noprof+0x50/0x310
[  181.335769][T11279]  ? fat_parse_long+0x5d/0x430
[  181.335961][T11279]  fat_parse_long+0x5d/0x430
[  181.336091][T11279]  ? fat_ioctl_filldir+0x2d4/0x400
[  181.336131][T11279]  __fat_readdir+0x477/0xd80
[  181.336168][T11279]  ? do_vfs_ioctl+0x770/0xe10
[  181.336211][T11279]  fat_dir_ioctl+0x14b/0x1d0
[  181.336238][T11279]  ? __pfx_fat_ioctl_filldir+0x10/0x10
[  181.336291][T11279]  ? __pfx_fat_dir_ioctl+0x10/0x10
[  181.336369][T11279]  __se_sys_ioctl+0xce/0x140
[  181.336404][T11279]  __x64_sys_ioctl+0x43/0x50
[  181.336420][T11279]  x64_sys_call+0x1816/0x2ff0
[  181.336440][T11279]  do_syscall_64+0xd2/0x200
[  181.336557][T11279]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  181.336582][T11279]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  181.336611][T11279]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  181.336633][T11279] RIP: 0033:0x7fbd8e44ec29
[  181.336674][T11279] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  181.336699][T11279] RSP: 002b:00007fbd8ceaf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  181.336720][T11279] RAX: ffffffffffffffda RBX: 00007fbd8e695fa0 RCX: 00007fbd8e44ec29
[  181.336734][T11279] RDX: 0000200000000f40 RSI: 0000000082307201 RDI: 0000000000000005
[  181.336747][T11279] RBP: 00007fbd8ceaf090 R08: 0000000000000000 R09: 0000000000000000
[  181.336759][T11279] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  181.336794][T11279] R13: 00007fbd8e696038 R14: 00007fbd8e695fa0 R15: 00007ffca2897558
[  181.336814][T11279]  </TASK>
[  181.549989][T11292] EXT4-fs (loop3): 2 truncates cleaned up
[  181.556115][T11292] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  181.562007][T11301] FAULT_INJECTION: forcing a failure.
[  181.562007][T11301] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  181.581854][T11301] CPU: 1 UID: 0 PID: 11301 Comm: syz.2.3024 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  181.581974][T11301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  181.581988][T11301] Call Trace:
[  181.581995][T11301]  <TASK>
[  181.582003][T11301]  __dump_stack+0x1d/0x30
[  181.582025][T11301]  dump_stack_lvl+0xe8/0x140
[  181.582048][T11301]  dump_stack+0x15/0x1b
[  181.582066][T11301]  should_fail_ex+0x265/0x280
[  181.582135][T11301]  should_fail+0xb/0x20
[  181.582213][T11301]  should_fail_usercopy+0x1a/0x20
[  181.582284][T11301]  _copy_from_iter+0xd2/0xe80
[  181.582319][T11301]  ? _copy_from_iter+0x170/0xe80
[  181.582355][T11301]  copy_page_from_iter+0x178/0x2a0
[  181.582404][T11301]  skb_copy_datagram_from_iter+0x232/0x490
[  181.582434][T11301]  packet_sendmsg+0x25bf/0x31f0
[  181.582464][T11301]  ? avc_has_perm+0xf7/0x180
[  181.582522][T11301]  ? selinux_socket_sendmsg+0x175/0x1b0
[  181.582554][T11301]  ? __pfx_packet_sendmsg+0x10/0x10
[  181.582574][T11301]  __sock_sendmsg+0x142/0x180
[  181.582603][T11301]  __sys_sendto+0x268/0x330
[  181.582705][T11301]  __x64_sys_sendto+0x76/0x90
[  181.582733][T11301]  x64_sys_call+0x2d05/0x2ff0
[  181.582754][T11301]  do_syscall_64+0xd2/0x200
[  181.582849][T11301]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  181.582943][T11301]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  181.582980][T11301]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  181.583004][T11301] RIP: 0033:0x7fdba110ec29
[  181.583072][T11301] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  181.583090][T11301] RSP: 002b:00007fdb9fb77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  181.583165][T11301] RAX: ffffffffffffffda RBX: 00007fdba1355fa0 RCX: 00007fdba110ec29
[  181.583181][T11301] RDX: 0000000000010608 RSI: 0000200000000180 RDI: 0000000000000004
[  181.583194][T11301] RBP: 00007fdb9fb77090 R08: 0000200000000140 R09: 0000000000000014
[  181.583207][T11301] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  181.583218][T11301] R13: 00007fdba1356038 R14: 00007fdba1355fa0 R15: 00007ffcc4a6ded8
[  181.583236][T11301]  </TASK>
[  181.792479][    C1] vcan0: j1939_tp_rxtimer: 0xffff88811a3d1c00: rx timeout, send abort
[  181.800756][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88811a3d1c00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  181.816832][T10562] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  181.832812][   T29] kauditd_printk_skb: 270 callbacks suppressed
[  181.832861][   T29] audit: type=1326 audit(2000000067.709:11336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11302 comm="syz.1.3026" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f44d77dec29 code=0x0
[  181.876575][T11305] loop3: detected capacity change from 0 to 1024
[  181.884040][T11307] netlink: 'syz.2.3028': attribute type 4 has an invalid length.
[  181.898843][T11307] .`: renamed from bond0 (while UP)
[  181.906511][T11305] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  181.919373][T11305] ext4 filesystem being mounted at /47/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  181.949829][   T29] audit: type=1326 audit(2000000067.829:11337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11315 comm="syz.2.3030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fdba1105be7 code=0x7ffc0000
[  181.973437][   T29] audit: type=1326 audit(2000000067.829:11338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11315 comm="syz.2.3030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdba10aae09 code=0x7ffc0000
[  181.997162][   T29] audit: type=1326 audit(2000000067.829:11339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11315 comm="syz.2.3030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fdba1105be7 code=0x7ffc0000
[  182.020841][   T29] audit: type=1326 audit(2000000067.829:11340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11315 comm="syz.2.3030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdba10aae09 code=0x7ffc0000
[  182.044674][   T29] audit: type=1326 audit(2000000067.829:11341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11315 comm="syz.2.3030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdba110ec29 code=0x7ffc0000
[  182.058360][T11316] tipc: Enabling of bearer <udp:£ > rejected, already enabled
[  182.068279][   T29] audit: type=1326 audit(2000000067.829:11342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11315 comm="syz.2.3030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdba110ec29 code=0x7ffc0000
[  182.120378][   T29] audit: type=1326 audit(2000000067.929:11343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11315 comm="syz.2.3030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdba110ec29 code=0x7ffc0000
[  182.144025][   T29] audit: type=1326 audit(2000000067.929:11344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11315 comm="syz.2.3030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdba110ec29 code=0x7ffc0000
[  182.167794][   T29] audit: type=1326 audit(2000000067.929:11345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11315 comm="syz.2.3030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdba110ec29 code=0x7ffc0000
[  182.203614][T10562] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  182.255303][T11332] FAULT_INJECTION: forcing a failure.
[  182.255303][T11332] name failslab, interval 1, probability 0, space 0, times 0
[  182.268063][T11332] CPU: 0 UID: 0 PID: 11332 Comm: syz.3.3035 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  182.268124][T11332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  182.268135][T11332] Call Trace:
[  182.268142][T11332]  <TASK>
[  182.268150][T11332]  __dump_stack+0x1d/0x30
[  182.268173][T11332]  dump_stack_lvl+0xe8/0x140
[  182.268246][T11332]  dump_stack+0x15/0x1b
[  182.268266][T11332]  should_fail_ex+0x265/0x280
[  182.268295][T11332]  should_failslab+0x8c/0xb0
[  182.268324][T11332]  kmem_cache_alloc_node_noprof+0x57/0x320
[  182.268355][T11332]  ? __alloc_skb+0x101/0x320
[  182.268409][T11332]  __alloc_skb+0x101/0x320
[  182.268433][T11332]  ? audit_log_start+0x365/0x6c0
[  182.268462][T11332]  audit_log_start+0x380/0x6c0
[  182.268488][T11332]  ? lock_mm_and_find_vma+0x112/0x400
[  182.268545][T11332]  audit_seccomp+0x48/0x100
[  182.268570][T11332]  ? __seccomp_filter+0x68c/0x10d0
[  182.268677][T11332]  __seccomp_filter+0x69d/0x10d0
[  182.268769][T11332]  ? kernelmode_fixup_or_oops+0x59/0xb0
[  182.268812][T11332]  __secure_computing+0x82/0x150
[  182.268835][T11332]  syscall_trace_enter+0xcf/0x1e0
[  182.268860][T11332]  do_syscall_64+0xac/0x200
[  182.268916][T11332]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  182.269005][T11332]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  182.269039][T11332]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  182.269064][T11332] RIP: 0033:0x7f01a089d63c
[  182.269193][T11332] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  182.269294][T11332] RSP: 002b:00007f019f2ff030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  182.269317][T11332] RAX: ffffffffffffffda RBX: 00007f01a0ae5fa0 RCX: 00007f01a089d63c
[  182.269331][T11332] RDX: 000000000000000f RSI: 00007f019f2ff0a0 RDI: 0000000000000005
[  182.269366][T11332] RBP: 00007f019f2ff090 R08: 0000000000000000 R09: 0000000000000000
[  182.269379][T11332] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  182.269391][T11332] R13: 00007f01a0ae6038 R14: 00007f01a0ae5fa0 R15: 00007ffdbc64baa8
[  182.269408][T11332]  </TASK>
[  182.589535][T11348] tipc: Enabling of bearer <udp:£ > rejected, already enabled
[  182.615782][T11350] loop3: detected capacity change from 0 to 1024
[  182.634355][T11350] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  182.646955][T11350] ext4 filesystem being mounted at /54/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  182.678898][T10562] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  182.693584][T11357] netlink: 'syz.1.3044': attribute type 6 has an invalid length.
[  182.728697][T11364] FAULT_INJECTION: forcing a failure.
[  182.728697][T11364] name failslab, interval 1, probability 0, space 0, times 0
[  182.741496][T11364] CPU: 1 UID: 0 PID: 11364 Comm: syz.3.3047 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  182.741526][T11364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  182.741621][T11364] Call Trace:
[  182.741628][T11364]  <TASK>
[  182.741636][T11364]  __dump_stack+0x1d/0x30
[  182.741661][T11364]  dump_stack_lvl+0xe8/0x140
[  182.741683][T11364]  dump_stack+0x15/0x1b
[  182.741701][T11364]  should_fail_ex+0x265/0x280
[  182.741728][T11364]  ? sfq_init+0x963/0x1290
[  182.741749][T11364]  should_failslab+0x8c/0xb0
[  182.741848][T11364]  __kmalloc_cache_noprof+0x4c/0x320
[  182.741883][T11364]  sfq_init+0x963/0x1290
[  182.741903][T11364]  ? netlink_sendmsg+0x579/0x6b0
[  182.741927][T11364]  ? ____sys_sendmsg+0x31e/0x4e0
[  182.741962][T11364]  ? __x64_sys_sendmsg+0xd4/0x160
[  182.742032][T11364]  ? x64_sys_call+0x191e/0x2ff0
[  182.742058][T11364]  ? __pfx_sfq_dequeue+0x10/0x10
[  182.742207][T11364]  ? qdisc_alloc+0x3c3/0x440
[  182.742227][T11364]  ? __pfx_sfq_init+0x10/0x10
[  182.742247][T11364]  qdisc_create+0x591/0x9e0
[  182.742353][T11364]  tc_modify_qdisc+0xf2e/0x1420
[  182.742444][T11364]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  182.742476][T11364]  rtnetlink_rcv_msg+0x657/0x6d0
[  182.742542][T11364]  netlink_rcv_skb+0x123/0x220
[  182.742562][T11364]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  182.742647][T11364]  rtnetlink_rcv+0x1c/0x30
[  182.742674][T11364]  netlink_unicast+0x5bd/0x690
[  182.742696][T11364]  netlink_sendmsg+0x58b/0x6b0
[  182.742784][T11364]  ? __pfx_netlink_sendmsg+0x10/0x10
[  182.742812][T11364]  __sock_sendmsg+0x142/0x180
[  182.742852][T11364]  ____sys_sendmsg+0x31e/0x4e0
[  182.742950][T11364]  ___sys_sendmsg+0x17b/0x1d0
[  182.743010][T11364]  __x64_sys_sendmsg+0xd4/0x160
[  182.743041][T11364]  x64_sys_call+0x191e/0x2ff0
[  182.743060][T11364]  do_syscall_64+0xd2/0x200
[  182.743145][T11364]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  182.743201][T11364]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  182.743232][T11364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  182.743253][T11364] RIP: 0033:0x7f01a089ec29
[  182.743334][T11364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  182.743354][T11364] RSP: 002b:00007f019f2ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  182.743375][T11364] RAX: ffffffffffffffda RBX: 00007f01a0ae5fa0 RCX: 00007f01a089ec29
[  182.743387][T11364] RDX: 0000000000000000 RSI: 0000200000000380 RDI: 0000000000000004
[  182.743477][T11364] RBP: 00007f019f2ff090 R08: 0000000000000000 R09: 0000000000000000
[  182.743488][T11364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  182.743500][T11364] R13: 00007f01a0ae6038 R14: 00007f01a0ae5fa0 R15: 00007ffdbc64baa8
[  182.743517][T11364]  </TASK>
[  183.034360][T11368] loop5: detected capacity change from 0 to 1024
[  183.053556][T11368] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  183.191765][T11384] tipc: Enabling of bearer <udp:£ > rejected, already enabled
[  183.266077][ T9280] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.286254][T11391] loop5: detected capacity change from 0 to 1024
[  183.313792][T11391] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  183.326330][T11391] ext4 filesystem being mounted at /158/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  183.356984][ T9280] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  183.388618][T11396] loop5: detected capacity change from 0 to 512
[  183.405883][T11396] EXT4-fs (loop5): orphan cleanup on readonly fs
[  183.420852][T11396] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #11: block 1728053262: comm syz.5.3057: lblock 0 mapped to illegal pblock 1728053262 (length 1)
[  183.436764][T11396] EXT4-fs warning (device loop5): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  183.450193][T11396] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #15: comm syz.5.3057: corrupted inode contents
[  183.463012][T11396] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #15: comm syz.5.3057: mark_inode_dirty error
[  183.474720][T11396] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #15: comm syz.5.3057: corrupted inode contents
[  183.487767][T11396] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2991: inode #15: comm syz.5.3057: mark_inode_dirty error
[  183.500506][T11396] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2994: inode #15: comm syz.5.3057: mark inode dirty (error -117)
[  183.514003][T11396] EXT4-fs warning (device loop5): ext4_evict_inode:274: xattr delete (err -117)
[  183.524869][T11396] EXT4-fs (loop5): 1 orphan inode deleted
[  183.531206][T11396] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  183.551572][ T9280] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.568328][T11405] __nla_validate_parse: 15 callbacks suppressed
[  183.568344][T11405] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3059'.
[  183.597023][T11407] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3060'.
[  183.606041][T11407] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3060'.
[  183.627730][T11409] FAULT_INJECTION: forcing a failure.
[  183.627730][T11409] name failslab, interval 1, probability 0, space 0, times 0
[  183.640491][T11409] CPU: 0 UID: 0 PID: 11409 Comm: syz.5.3061 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  183.640519][T11409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  183.640682][T11409] Call Trace:
[  183.640689][T11409]  <TASK>
[  183.640697][T11409]  __dump_stack+0x1d/0x30
[  183.640719][T11409]  dump_stack_lvl+0xe8/0x140
[  183.640740][T11409]  dump_stack+0x15/0x1b
[  183.640758][T11409]  should_fail_ex+0x265/0x280
[  183.640796][T11409]  should_failslab+0x8c/0xb0
[  183.640856][T11409]  kmem_cache_alloc_node_noprof+0x57/0x320
[  183.640887][T11409]  ? __alloc_skb+0x101/0x320
[  183.640908][T11409]  __alloc_skb+0x101/0x320
[  183.640926][T11409]  ? audit_log_start+0x365/0x6c0
[  183.641032][T11409]  audit_log_start+0x380/0x6c0
[  183.641114][T11409]  audit_seccomp+0x48/0x100
[  183.641161][T11409]  ? __seccomp_filter+0x68c/0x10d0
[  183.641195][T11409]  __seccomp_filter+0x69d/0x10d0
[  183.641211][T11409]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  183.641229][T11409]  ? should_fail_ex+0xdb/0x280
[  183.641323][T11409]  ? mpol_new_nodemask+0x3f/0x60
[  183.641336][T11409]  ? mpol_set_nodemask+0x1ae/0x1e0
[  183.641350][T11409]  __secure_computing+0x82/0x150
[  183.641364][T11409]  syscall_trace_enter+0xcf/0x1e0
[  183.641381][T11409]  do_syscall_64+0xac/0x200
[  183.641463][T11409]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  183.641480][T11409]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  183.641575][T11409]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.641589][T11409] RIP: 0033:0x7fbd8e44d63c
[  183.641600][T11409] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  183.641613][T11409] RSP: 002b:00007fbd8ceaf030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  183.641627][T11409] RAX: ffffffffffffffda RBX: 00007fbd8e695fa0 RCX: 00007fbd8e44d63c
[  183.641637][T11409] RDX: 000000000000000f RSI: 00007fbd8ceaf0a0 RDI: 0000000000000003
[  183.641646][T11409] RBP: 00007fbd8ceaf090 R08: 0000000000000000 R09: 0000000000000000
[  183.641654][T11409] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  183.641662][T11409] R13: 00007fbd8e696038 R14: 00007fbd8e695fa0 R15: 00007ffca2897558
[  183.641681][T11409]  </TASK>
[  183.857757][    C0] vcan0: j1939_tp_rxtimer: 0xffff8881001bf200: rx timeout, send abort
[  183.866363][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff8881001bf200: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  183.904185][T11412] loop1: detected capacity change from 0 to 128
[  183.926039][T11415] random: crng reseeded on system resumption
[  184.001004][T11418] tipc: Enabling of bearer <udp:£ > rejected, already enabled
[  184.116462][T11427] loop5: detected capacity change from 0 to 1024
[  184.134578][T11427] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  184.146962][T11427] ext4 filesystem being mounted at /166/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  184.210889][ T9280] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  184.271641][T11441] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3071'.
[  184.295161][T11443] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3072'.
[  184.304358][T11443] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3072'.
[  184.425884][T11451] smc: net device bond0 applied user defined pnetid SYZ0
[  184.433406][T11451] smc: net device bond0 erased user defined pnetid SYZ0
[  184.460005][T11453] tipc: Enabling of bearer <udp:£ > rejected, already enabled
[  184.755382][T11461] loop1: detected capacity change from 0 to 512
[  184.777594][T11461] EXT4-fs error (device loop1): ext4_orphan_get:1418: comm syz.1.3079: bad orphan inode 11862016
[  184.789070][T11461] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  184.802043][T11461] ext4 filesystem being mounted at /61/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  184.836237][T11473] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3083'.
[  184.869246][T11475] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3084'.
[  184.878198][T11475] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3084'.
[  184.888357][T10451] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  184.912705][T11477] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3085'.
[  185.061408][T11487] tipc: Enabling of bearer <udp:£ > rejected, already enabled
[  185.112646][T11497] loop1: detected capacity change from 0 to 1024
[  185.126892][T11497] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  185.139344][T11497] ext4 filesystem being mounted at /65/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  185.188982][T10451] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  185.226990][T11507] bridge_slave_1: left allmulticast mode
[  185.232745][T11507] bridge_slave_1: left promiscuous mode
[  185.238405][T11507] bridge0: port 2(bridge_slave_1) entered disabled state
[  185.246496][T11507] bridge_slave_0: left allmulticast mode
[  185.252219][T11507] bridge_slave_0: left promiscuous mode
[  185.257997][T11507] bridge0: port 1(bridge_slave_0) entered disabled state
[  185.576428][    C1] vcan0: j1939_tp_rxtimer: 0xffff88811894a400: rx timeout, send abort
[  185.584864][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88811894a400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  185.666713][T11526] tipc: Enabling of bearer <udp:£ > rejected, already enabled
[  185.723761][T11528] loop5: detected capacity change from 0 to 1024
[  185.752754][T11528] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  185.773932][T11528] ext4 filesystem being mounted at /173/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  185.849629][ T9280] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  185.876573][T11532] FAULT_INJECTION: forcing a failure.
[  185.876573][T11532] name failslab, interval 1, probability 0, space 0, times 0
[  185.889268][T11532] CPU: 0 UID: 0 PID: 11532 Comm: +}[@ Not tainted syzkaller #0 PREEMPT(voluntary) 
[  185.889298][T11532] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  185.889352][T11532] Call Trace:
[  185.889360][T11532]  <TASK>
[  185.889368][T11532]  __dump_stack+0x1d/0x30
[  185.889392][T11532]  dump_stack_lvl+0xe8/0x140
[  185.889414][T11532]  dump_stack+0x15/0x1b
[  185.889433][T11532]  should_fail_ex+0x265/0x280
[  185.889459][T11532]  should_failslab+0x8c/0xb0
[  185.889642][T11532]  __kvmalloc_node_noprof+0x123/0x4e0
[  185.889671][T11532]  ? rhashtable_init_noprof+0x316/0x4f0
[  185.889699][T11532]  rhashtable_init_noprof+0x316/0x4f0
[  185.889733][T11532]  nft_rhash_init+0x9a/0x1f0
[  185.889832][T11532]  ? __pfx_nft_rhash_key+0x10/0x10
[  185.889851][T11532]  ? __pfx_nft_rhash_obj+0x10/0x10
[  185.889871][T11532]  ? __pfx_nft_rhash_cmp+0x10/0x10
[  185.889897][T11532]  nf_tables_newset+0x124f/0x14e0
[  185.889940][T11532]  nfnetlink_rcv+0xb96/0x1690
[  185.889977][T11532]  netlink_unicast+0x5bd/0x690
[  185.890003][T11532]  netlink_sendmsg+0x58b/0x6b0
[  185.890077][T11532]  ? __pfx_netlink_sendmsg+0x10/0x10
[  185.890122][T11532]  __sock_sendmsg+0x142/0x180
[  185.890152][T11532]  ____sys_sendmsg+0x31e/0x4e0
[  185.890180][T11532]  ___sys_sendmsg+0x17b/0x1d0
[  185.890237][T11532]  __x64_sys_sendmsg+0xd4/0x160
[  185.890271][T11532]  x64_sys_call+0x191e/0x2ff0
[  185.890337][T11532]  do_syscall_64+0xd2/0x200
[  185.890371][T11532]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  185.890479][T11532]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  185.890499][T11532] RIP: 0033:0x7fdba110ec29
[  185.890514][T11532] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  185.890580][T11532] RSP: 002b:00007fdb9fb77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  185.890600][T11532] RAX: ffffffffffffffda RBX: 00007fdba1355fa0 RCX: 00007fdba110ec29
[  185.890614][T11532] RDX: 0000000020050800 RSI: 00002000000000c0 RDI: 0000000000000005
[  185.890633][T11532] RBP: 00007fdb9fb77090 R08: 0000000000000000 R09: 0000000000000000
[  185.890647][T11532] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  185.890660][T11532] R13: 00007fdba1356038 R14: 00007fdba1355fa0 R15: 00007ffcc4a6ded8
[  185.890679][T11532]  </TASK>
[  185.946868][T11535] random: crng reseeded on system resumption
[  186.271252][T11553] netlink: 'syz.2.3110': attribute type 3 has an invalid length.
[  186.389838][T11560] tipc: Enabling of bearer <udp:£ > rejected, already enabled
[  186.488488][T11564] loop3: detected capacity change from 0 to 1024
[  186.522992][T11564] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  186.550178][T11564] ext4 filesystem being mounted at /70/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  186.614088][T10562] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  186.656843][T11569] loop3: detected capacity change from 0 to 512
[  186.671324][T11569] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  186.762959][T11574] geneve2: entered promiscuous mode
[  186.768203][T11574] geneve2: entered allmulticast mode
[  186.900118][T11585] FAULT_INJECTION: forcing a failure.
[  186.900118][T11585] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  186.913299][T11585] CPU: 0 UID: 0 PID: 11585 Comm: syz.2.3122 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  186.913330][T11585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  186.913344][T11585] Call Trace:
[  186.913351][T11585]  <TASK>
[  186.913358][T11585]  __dump_stack+0x1d/0x30
[  186.913392][T11585]  dump_stack_lvl+0xe8/0x140
[  186.913471][T11585]  dump_stack+0x15/0x1b
[  186.913489][T11585]  should_fail_ex+0x265/0x280
[  186.913513][T11585]  should_fail+0xb/0x20
[  186.913532][T11585]  should_fail_usercopy+0x1a/0x20
[  186.913583][T11585]  _copy_from_user+0x1c/0xb0
[  186.913618][T11585]  ipv6_set_opt_hdr+0x286/0x600
[  186.913669][T11585]  do_ipv6_setsockopt+0x10b9/0x2160
[  186.913693][T11585]  ? kstrtoull+0x111/0x140
[  186.913717][T11585]  ? avc_has_perm_noaudit+0x1b1/0x200
[  186.913789][T11585]  ? selinux_netlbl_socket_setsockopt+0x1f9/0x2d0
[  186.913910][T11585]  ipv6_setsockopt+0x59/0x130
[  186.913932][T11585]  udpv6_setsockopt+0x99/0xb0
[  186.913956][T11585]  sock_common_setsockopt+0x69/0x80
[  186.914005][T11585]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  186.914044][T11585]  __sys_setsockopt+0x181/0x200
[  186.914073][T11585]  __x64_sys_setsockopt+0x64/0x80
[  186.914159][T11585]  x64_sys_call+0x20ec/0x2ff0
[  186.914183][T11585]  do_syscall_64+0xd2/0x200
[  186.914260][T11585]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  186.914285][T11585]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  186.914392][T11585]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.914417][T11585] RIP: 0033:0x7fdba110ec29
[  186.914434][T11585] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  186.914454][T11585] RSP: 002b:00007fdb9fb77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  186.914476][T11585] RAX: ffffffffffffffda RBX: 00007fdba1355fa0 RCX: 00007fdba110ec29
[  186.914490][T11585] RDX: 0000000000000039 RSI: 0000000000000029 RDI: 0000000000000006
[  186.914502][T11585] RBP: 00007fdb9fb77090 R08: 0000000000000018 R09: 0000000000000000
[  186.914552][T11585] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001
[  186.914564][T11585] R13: 00007fdba1356038 R14: 00007fdba1355fa0 R15: 00007ffcc4a6ded8
[  186.914583][T11585]  </TASK>
[  187.165008][   T29] kauditd_printk_skb: 763 callbacks suppressed
[  187.165025][   T29] audit: type=1326 audit(2000000073.042:12103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11590 comm="syz.5.3125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd8e44ec29 code=0x7ffc0000
[  187.199616][T11591] tipc: Enabling of bearer <udp:£ > rejected, already enabled
[  187.220300][   T29] audit: type=1326 audit(2000000073.082:12104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11590 comm="syz.5.3125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbd8e44ec29 code=0x7ffc0000
[  187.244001][   T29] audit: type=1326 audit(2000000073.082:12105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11590 comm="syz.5.3125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd8e44ec29 code=0x7ffc0000
[  187.267633][   T29] audit: type=1326 audit(2000000073.082:12106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11590 comm="syz.5.3125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd8e44ec29 code=0x7ffc0000
[  187.291365][   T29] audit: type=1326 audit(2000000073.082:12107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11590 comm="syz.5.3125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbd8e450b47 code=0x7ffc0000
[  187.296201][T11595] 9pnet_rdma: rdma_create_trans (11595): problem binding to privport: 13
[  187.315002][   T29] audit: type=1326 audit(2000000073.082:12108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11590 comm="syz.5.3125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7fbd8e450abc code=0x7ffc0000
[  187.315035][   T29] audit: type=1326 audit(2000000073.082:12109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11590 comm="syz.5.3125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fbd8e4509f4 code=0x7ffc0000
[  187.370513][   T29] audit: type=1326 audit(2000000073.082:12110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11590 comm="syz.5.3125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fbd8e4509f4 code=0x7ffc0000
[  187.393563][T11598] loop5: detected capacity change from 0 to 1024
[  187.394128][   T29] audit: type=1326 audit(2000000073.082:12111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11590 comm="syz.5.3125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fbd8e44d88a code=0x7ffc0000
[  187.423940][   T29] audit: type=1326 audit(2000000073.082:12112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11590 comm="syz.5.3125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd8e44ec29 code=0x7ffc0000
[  187.472690][T11598] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  187.485934][T11598] ext4 filesystem being mounted at /177/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  187.520403][ T9280] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  187.566902][T11604] FAULT_INJECTION: forcing a failure.
[  187.566902][T11604] name failslab, interval 1, probability 0, space 0, times 0
[  187.579609][T11604] CPU: 1 UID: 0 PID: 11604 Comm: syz.5.3128 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  187.579712][T11604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  187.579724][T11604] Call Trace:
[  187.579732][T11604]  <TASK>
[  187.579740][T11604]  __dump_stack+0x1d/0x30
[  187.579792][T11604]  dump_stack_lvl+0xe8/0x140
[  187.579810][T11604]  dump_stack+0x15/0x1b
[  187.579898][T11604]  should_fail_ex+0x265/0x280
[  187.579923][T11604]  should_failslab+0x8c/0xb0
[  187.579949][T11604]  __kmalloc_cache_node_noprof+0x54/0x320
[  187.579978][T11604]  ? __get_vm_area_node+0x106/0x1d0
[  187.580071][T11604]  __get_vm_area_node+0x106/0x1d0
[  187.580103][T11604]  __vmalloc_node_range_noprof+0x273/0xe00
[  187.580199][T11604]  ? bpf_check+0xe0/0xd9e0
[  187.580221][T11604]  ? mod_memcg_lruvec_state+0x1fc/0x2c0
[  187.580249][T11604]  ? __lruvec_stat_mod_folio+0xd6/0x120
[  187.580279][T11604]  ? __kmalloc_large_node_noprof+0x16/0xa0
[  187.580367][T11604]  ? bpf_check+0xe0/0xd9e0
[  187.580389][T11604]  vzalloc_noprof+0x82/0xc0
[  187.580422][T11604]  ? bpf_check+0xe0/0xd9e0
[  187.580474][T11604]  bpf_check+0xe0/0xd9e0
[  187.580494][T11604]  ? __rcu_read_unlock+0x4f/0x70
[  187.580534][T11604]  ? __memcg_kmem_charge_page+0xd1/0x170
[  187.580568][T11604]  ? __rcu_read_unlock+0x4f/0x70
[  187.580590][T11604]  ? __perf_event_task_sched_in+0xa5b/0xac0
[  187.580654][T11604]  ? xfd_validate_state+0x45/0xf0
[  187.580692][T11604]  ? save_fpregs_to_fpstate+0x100/0x160
[  187.580816][T11604]  ? __vmap_pages_range_noflush+0xbc4/0xcf0
[  187.580855][T11604]  ? try_charge_memcg+0x200/0x9e0
[  187.580938][T11604]  ? pcpu_block_update+0x232/0x3b0
[  187.580964][T11604]  ? pcpu_block_refresh_hint+0x157/0x170
[  187.580989][T11604]  ? pcpu_block_update_hint_alloc+0x63d/0x660
[  187.581012][T11604]  ? css_rstat_updated+0xb7/0x240
[  187.581104][T11604]  ? __rcu_read_unlock+0x4f/0x70
[  187.581129][T11604]  ? pcpu_memcg_post_alloc_hook+0xf1/0x150
[  187.581148][T11604]  ? should_fail_ex+0xdb/0x280
[  187.581258][T11604]  ? selinux_bpf_prog_load+0x36/0xf0
[  187.581349][T11604]  ? should_failslab+0x8c/0xb0
[  187.581378][T11604]  ? __kmalloc_cache_noprof+0x189/0x320
[  187.581408][T11604]  ? selinux_bpf_prog_load+0xbf/0xf0
[  187.581471][T11604]  ? security_bpf_prog_load+0x2c/0xa0
[  187.581496][T11604]  bpf_prog_load+0xedd/0x1070
[  187.581537][T11604]  ? security_bpf+0x2b/0x90
[  187.581555][T11604]  __sys_bpf+0x462/0x7b0
[  187.581640][T11604]  __x64_sys_bpf+0x41/0x50
[  187.581717][T11604]  x64_sys_call+0x2aea/0x2ff0
[  187.581743][T11604]  do_syscall_64+0xd2/0x200
[  187.581776][T11604]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  187.581852][T11604]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  187.581919][T11604]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.581946][T11604] RIP: 0033:0x7fbd8e44ec29
[  187.581961][T11604] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  187.582034][T11604] RSP: 002b:00007fbd8ceaf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  187.582104][T11604] RAX: ffffffffffffffda RBX: 00007fbd8e695fa0 RCX: 00007fbd8e44ec29
[  187.582117][T11604] RDX: 0000000000000094 RSI: 0000200000000440 RDI: 0000000000000005
[  187.582129][T11604] RBP: 00007fbd8ceaf090 R08: 0000000000000000 R09: 0000000000000000
[  187.582141][T11604] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  187.582208][T11604] R13: 00007fbd8e696038 R14: 00007fbd8e695fa0 R15: 00007ffca2897558
[  187.582228][T11604]  </TASK>
[  187.582244][T11604] syz.5.3128: vmalloc error: size 1672, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null)
[  187.612995][    C1] vcan0: j1939_tp_rxtimer: 0xffff888119e9e600: rx timeout, send abort
[  187.621875][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888119e9e600: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  187.955184][T11604] ,cpuset=/,mems_allowed=0
[  187.959683][T11604] CPU: 1 UID: 0 PID: 11604 Comm: syz.5.3128 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  187.959775][T11604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  187.959789][T11604] Call Trace:
[  187.959798][T11604]  <TASK>
[  187.959807][T11604]  __dump_stack+0x1d/0x30
[  187.959833][T11604]  dump_stack_lvl+0xe8/0x140
[  187.959856][T11604]  dump_stack+0x15/0x1b
[  187.959872][T11604]  warn_alloc+0x12b/0x1a0
[  187.959974][T11604]  __vmalloc_node_range_noprof+0x297/0xe00
[  187.960008][T11604]  ? mod_memcg_lruvec_state+0x1fc/0x2c0
[  187.960047][T11604]  ? __lruvec_stat_mod_folio+0xd6/0x120
[  187.960102][T11604]  ? __kmalloc_large_node_noprof+0x16/0xa0
[  187.960198][T11604]  ? bpf_check+0xe0/0xd9e0
[  187.960225][T11604]  vzalloc_noprof+0x82/0xc0
[  187.960256][T11604]  ? bpf_check+0xe0/0xd9e0
[  187.960280][T11604]  bpf_check+0xe0/0xd9e0
[  187.960302][T11604]  ? __rcu_read_unlock+0x4f/0x70
[  187.960323][T11604]  ? __memcg_kmem_charge_page+0xd1/0x170
[  187.960351][T11604]  ? __rcu_read_unlock+0x4f/0x70
[  187.960399][T11604]  ? __perf_event_task_sched_in+0xa5b/0xac0
[  187.960423][T11604]  ? xfd_validate_state+0x45/0xf0
[  187.960462][T11604]  ? save_fpregs_to_fpstate+0x100/0x160
[  187.960506][T11604]  ? __vmap_pages_range_noflush+0xbc4/0xcf0
[  187.960568][T11604]  ? try_charge_memcg+0x200/0x9e0
[  187.960594][T11604]  ? pcpu_block_update+0x232/0x3b0
[  187.960616][T11604]  ? pcpu_block_refresh_hint+0x157/0x170
[  187.960685][T11604]  ? pcpu_block_update_hint_alloc+0x63d/0x660
[  187.960714][T11604]  ? css_rstat_updated+0xb7/0x240
[  187.960744][T11604]  ? __rcu_read_unlock+0x4f/0x70
[  187.960814][T11604]  ? pcpu_memcg_post_alloc_hook+0xf1/0x150
[  187.960833][T11604]  ? should_fail_ex+0xdb/0x280
[  187.960910][T11604]  ? selinux_bpf_prog_load+0x36/0xf0
[  187.960931][T11604]  ? should_failslab+0x8c/0xb0
[  187.960957][T11604]  ? __kmalloc_cache_noprof+0x189/0x320
[  187.961024][T11604]  ? selinux_bpf_prog_load+0xbf/0xf0
[  187.961051][T11604]  ? security_bpf_prog_load+0x2c/0xa0
[  187.961099][T11604]  bpf_prog_load+0xedd/0x1070
[  187.961139][T11604]  ? security_bpf+0x2b/0x90
[  187.961210][T11604]  __sys_bpf+0x462/0x7b0
[  187.961253][T11604]  __x64_sys_bpf+0x41/0x50
[  187.961281][T11604]  x64_sys_call+0x2aea/0x2ff0
[  187.961305][T11604]  do_syscall_64+0xd2/0x200
[  187.961333][T11604]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  187.961431][T11604]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  187.961531][T11604]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.961603][T11604] RIP: 0033:0x7fbd8e44ec29
[  187.961621][T11604] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  187.961640][T11604] RSP: 002b:00007fbd8ceaf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  187.961662][T11604] RAX: ffffffffffffffda RBX: 00007fbd8e695fa0 RCX: 00007fbd8e44ec29
[  187.961676][T11604] RDX: 0000000000000094 RSI: 0000200000000440 RDI: 0000000000000005
[  187.961690][T11604] RBP: 00007fbd8ceaf090 R08: 0000000000000000 R09: 0000000000000000
[  187.961703][T11604] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  187.961746][T11604] R13: 00007fbd8e696038 R14: 00007fbd8e695fa0 R15: 00007ffca2897558
[  187.961766][T11604]  </TASK>
[  187.961773][T11604] Mem-Info:
[  188.276348][T11604] active_anon:6925 inactive_anon:18 isolated_anon:0
[  188.276348][T11604]  active_file:11976 inactive_file:14587 isolated_file:0
[  188.276348][T11604]  unevictable:0 dirty:397 writeback:0
[  188.276348][T11604]  slab_reclaimable:3427 slab_unreclaimable:68232
[  188.276348][T11604]  mapped:32325 shmem:3086 pagetables:1468
[  188.276348][T11604]  sec_pagetables:0 bounce:0
[  188.276348][T11604]  kernel_misc_reclaimable:0
[  188.276348][T11604]  free:1733066 free_pcp:30471 free_cma:0
[  188.321581][T11604] Node 0 active_anon:27700kB inactive_anon:72kB active_file:47904kB inactive_file:58348kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:129300kB dirty:1588kB writeback:0kB shmem:12344kB kernel_stack:4896kB pagetables:5872kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  188.350746][T11604] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  188.379561][T11604] lowmem_reserve[]: 0 2883 7862 7862
[  188.384953][T11604] Node 0 DMA32 free:2949288kB boost:0kB min:4132kB low:7064kB high:9996kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2952820kB mlocked:0kB bounce:0kB free_pcp:3532kB local_pcp:0kB free_cma:0kB
[  188.415025][T11604] lowmem_reserve[]: 0 0 4978 4978
[  188.420114][T11604] Node 0 Normal free:3967616kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB free_highatomic:0KB active_anon:27700kB inactive_anon:72kB active_file:47904kB inactive_file:58348kB unevictable:0kB writepending:1588kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:118328kB local_pcp:84904kB free_cma:0kB
[  188.452432][T11604] lowmem_reserve[]: 0 0 0 0
[  188.457020][T11604] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  188.470075][T11604] Node 0 DMA32: 4*4kB (M) 3*8kB (M) 4*16kB (M) 2*32kB (M) 4*64kB (M) 4*128kB (M) 3*256kB (M) 3*512kB (M) 3*1024kB (M) 3*2048kB (M) 717*4096kB (M) = 2949288kB
[  188.486249][T11604] Node 0 Normal: 565*4kB (UE) 62*8kB (UE) 47*16kB (UME) 214*32kB (UME) 236*64kB (UM) 158*128kB (UME) 88*256kB (UME) 20*512kB (UME) 72*1024kB (UME) 55*2048kB (UM) 904*4096kB (UM) = 3967604kB
[  188.505197][T11604] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  188.514552][T11604] 29692 total pagecache pages
[  188.519311][T11604] 21 pages in swap cache
[  188.523563][T11604] Free swap  = 124912kB
[  188.527723][T11604] Total swap = 124996kB
[  188.531921][T11604] 2097051 pages RAM
[  188.535771][T11604] 0 pages HighMem/MovableOnly
[  188.540555][T11604] 80446 pages reserved
[  188.635022][T11630] tipc: Enabling of bearer <udp:£ > rejected, already enabled
[  188.695620][T11636] __nla_validate_parse: 14 callbacks suppressed
[  188.695637][T11636] netlink: 156 bytes leftover after parsing attributes in process `syz.5.3141'.
[  188.714666][T11636] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  188.732248][T11636] syzkaller0: entered promiscuous mode
[  188.737921][T11636] syzkaller0: entered allmulticast mode
[  188.765537][T11636] tipc: Resetting bearer <eth:syzkaller0>
[  188.774032][T11635] tipc: Resetting bearer <eth:syzkaller0>
[  188.816400][T11635] tipc: Disabling bearer <eth:syzkaller0>
[  188.844110][T11639] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3142'.
[  188.844287][T11647] FAULT_INJECTION: forcing a failure.
[  188.844287][T11647] name failslab, interval 1, probability 0, space 0, times 0
[  188.853097][T11639] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3142'.
[  188.865800][T11647] CPU: 0 UID: 0 PID: 11647 Comm: syz.1.3144 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  188.865855][T11647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  188.865874][T11647] Call Trace:
[  188.865880][T11647]  <TASK>
[  188.865888][T11647]  __dump_stack+0x1d/0x30
[  188.865911][T11647]  dump_stack_lvl+0xe8/0x140
[  188.865931][T11647]  dump_stack+0x15/0x1b
[  188.865995][T11647]  should_fail_ex+0x265/0x280
[  188.866018][T11647]  should_failslab+0x8c/0xb0
[  188.866081][T11647]  kmem_cache_alloc_node_noprof+0x57/0x320
[  188.866152][T11647]  ? __alloc_skb+0x101/0x320
[  188.866173][T11647]  ? __rtnl_unlock+0x95/0xb0
[  188.866196][T11647]  __alloc_skb+0x101/0x320
[  188.866218][T11647]  netlink_ack+0xfd/0x500
[  188.866262][T11647]  netlink_rcv_skb+0x192/0x220
[  188.866324][T11647]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  188.866359][T11647]  rtnetlink_rcv+0x1c/0x30
[  188.866465][T11647]  netlink_unicast+0x5bd/0x690
[  188.866489][T11647]  netlink_sendmsg+0x58b/0x6b0
[  188.866568][T11647]  ? __pfx_netlink_sendmsg+0x10/0x10
[  188.866594][T11647]  __sock_sendmsg+0x142/0x180
[  188.866699][T11647]  ____sys_sendmsg+0x345/0x4e0
[  188.866727][T11647]  ___sys_sendmsg+0x17b/0x1d0
[  188.866898][T11647]  __sys_sendmmsg+0x178/0x300
[  188.866934][T11647]  __x64_sys_sendmmsg+0x57/0x70
[  188.866960][T11647]  x64_sys_call+0x1c4a/0x2ff0
[  188.866981][T11647]  do_syscall_64+0xd2/0x200
[  188.867120][T11647]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  188.867144][T11647]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  188.867196][T11647]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.867218][T11647] RIP: 0033:0x7f44d77dec29
[  188.867235][T11647] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  188.867253][T11647] RSP: 002b:00007f44d623f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  188.867274][T11647] RAX: ffffffffffffffda RBX: 00007f44d7a25fa0 RCX: 00007f44d77dec29
[  188.867288][T11647] RDX: 04000000000001f2 RSI: 0000200000000000 RDI: 0000000000000005
[  188.867378][T11647] RBP: 00007f44d623f090 R08: 0000000000000000 R09: 0000000000000000
[  188.867391][T11647] R10: 000000000000fff0 R11: 0000000000000246 R12: 0000000000000002
[  188.867439][T11647] R13: 00007f44d7a26038 R14: 00007f44d7a25fa0 R15: 00007ffe1a6ef118
[  188.867458][T11647]  </TASK>
[  189.104222][T11639] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3142'.
[  189.120044][T11639] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3142'.
[  189.129017][T11639] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3142'.
[  189.137952][T11639] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3142'.
[  189.160213][T11639] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3142'.
[  189.169253][T11639] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3142'.
[  189.178128][T11639] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3142'.
[  189.205841][T11657] netlink: 'syz.4.3146': attribute type 4 has an invalid length.
[  189.390726][T11676] tipc: Enabling of bearer <udp:£ > rejected, already enabled
[  189.393330][ T3417] hid_parser_main: 213 callbacks suppressed
[  189.393348][ T3417] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  189.411633][ T3417] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  189.419396][ T3417] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  189.426933][ T3417] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  189.434384][ T3417] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  189.442058][ T3417] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  189.449489][ T3417] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  189.457064][ T3417] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  189.464520][ T3417] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  189.472088][ T3417] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  189.480475][ T3417] hid-generic 0000:0000:0000.0010: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  189.554161][T11692] netlink: 'syz.3.3161': attribute type 15 has an invalid length.
[  189.590590][T11698] loop1: detected capacity change from 0 to 1024
[  189.600864][T11698] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  189.613179][T11698] ext4 filesystem being mounted at /81/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  189.639913][T10451] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  189.703305][T11705] tipc: Enabling of bearer <udp:£ > rejected, already enabled
[  189.933330][    C0] vcan0: j1939_tp_rxtimer: 0xffff88811894a800: rx timeout, send abort
[  189.941654][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88811894a800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  190.004160][T11716] team0 (unregistering): Port device team_slave_0 removed
[  190.013381][T11716] team0 (unregistering): Port device team_slave_1 removed
[  190.056082][T11717] loop5: detected capacity change from 0 to 512
[  190.063647][T11717] msdos: Unknown parameter 'ÿÿÿÿ'
[  190.187756][T11723] SELinux: failed to load policy
[  190.247285][T11738] SELinux:  Context system_u:object_r:var_lib_t:s0 is not valid (left unmapped).
[  190.278397][T11740] tipc: Enabling of bearer <udp:£ > rejected, already enabled
[  190.792301][T11764] loop1: detected capacity change from 0 to 1024
[  190.853102][T11764] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  190.865525][T11764] ext4 filesystem being mounted at /88/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  190.938919][T10451] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  191.000947][T11772] tipc: Enabling of bearer <udp:£ > rejected, already enabled
[  191.248075][ T1103] hid-generic 0000:0000:0000.0011: hidraw0: <UNKNOWN> HID v0.03 Device [syz1] on syz1
[  191.409700][T11801] loop1: detected capacity change from 0 to 128
[  191.445760][T11804] loop1: detected capacity change from 0 to 1024
[  191.462650][T11804] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  191.475924][T11804] ext4 filesystem being mounted at /95/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  191.525211][T11808] tipc: Enabling of bearer <udp:£ > rejected, already enabled
[  191.535953][T10451] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  191.556457][    C0] vcan0: j1939_tp_rxtimer: 0xffff888119e9e400: rx timeout, send abort
[  191.564722][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888119e9e400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  191.675278][T11820] netlink: 'syz.5.3204': attribute type 13 has an invalid length.
[  191.728799][T11820] bridge0: port 2(bridge_slave_1) entered disabled state
[  191.735988][T11820] bridge0: port 1(bridge_slave_0) entered disabled state
[  191.745858][T11821] loop3: detected capacity change from 0 to 2048
[  191.760810][T11821] EXT4-fs (loop3): Can't support bigalloc feature without extents feature
[  191.760810][T11821] 
[  191.774540][T11822] ./file0: Can't lookup blockdev
[  191.803364][T11820] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  191.814509][T11820] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  191.863336][ T7847] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  191.881435][ T7847] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  191.893098][ T7847] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  191.902129][ T7847] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  192.022196][T11825] netlink: 'syz.2.3207': attribute type 10 has an invalid length.
[  192.037210][T11825] 8021q: adding VLAN 0 to HW filter on device batadv0
[  192.046030][T11825] .`: (slave batadv0): Enslaving as an active interface with an up link
[  192.176756][   T29] kauditd_printk_skb: 624 callbacks suppressed
[  192.176772][   T29] audit: type=1326 audit(2000000078.054:12737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11817 comm="syz.3.3206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f01a0895be7 code=0x7ffc0000
[  192.206662][   T29] audit: type=1326 audit(2000000078.054:12738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11817 comm="syz.3.3206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f01a083ae09 code=0x7ffc0000
[  192.230268][   T29] audit: type=1326 audit(2000000078.054:12739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11817 comm="syz.3.3206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01a089ec29 code=0x7ffc0000
[  192.253856][   T29] audit: type=1326 audit(2000000078.064:12740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11817 comm="syz.3.3206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f01a0895be7 code=0x7ffc0000
[  192.277450][   T29] audit: type=1326 audit(2000000078.064:12741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11817 comm="syz.3.3206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f01a083ae09 code=0x7ffc0000
[  192.301015][   T29] audit: type=1326 audit(2000000078.064:12742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11817 comm="syz.3.3206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01a089ec29 code=0x7ffc0000
[  192.324604][   T29] audit: type=1326 audit(2000000078.074:12743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11817 comm="syz.3.3206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f01a0895be7 code=0x7ffc0000
[  192.348092][   T29] audit: type=1326 audit(2000000078.074:12744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11817 comm="syz.3.3206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f01a083ae09 code=0x7ffc0000
[  192.371660][   T29] audit: type=1326 audit(2000000078.074:12745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11817 comm="syz.3.3206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01a089ec29 code=0x7ffc0000
[  192.395460][   T29] audit: type=1326 audit(2000000078.084:12746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11817 comm="syz.3.3206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f01a0895be7 code=0x7ffc0000
[  192.491815][T11840] loop1: detected capacity change from 0 to 1024
[  192.510611][T11840] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  192.524929][T11840] ext4 filesystem being mounted at /99/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  192.527210][T11842] tipc: Enabling of bearer <udp:£ > rejected, already enabled
[  192.578585][T10451] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  192.709023][T11870] SELinux:  Context @ is not valid (left unmapped).
[  192.821276][T11875] loop1: detected capacity change from 0 to 2048
[  192.838766][T11875] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  192.868062][T11881] netlink: 'syz.2.3225': attribute type 10 has an invalid length.
[  192.876112][T11882] netlink: 'syz.2.3225': attribute type 10 has an invalid length.
[  192.887598][T11881] team0: Port device dummy0 added
[  192.894152][T11882] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  192.906304][T11882] team0: Failed to send options change via netlink (err -105)
[  192.914405][T11882] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  192.923375][T11882] team0: Port device dummy0 removed
[  192.931356][T11882] .`: (slave dummy0): Enslaving as an active interface with an up link
[  193.084182][T10451] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.139381][T11886] tipc: Enabling of bearer <udp:£ > rejected, already enabled
[  193.162964][T11888] loop1: detected capacity change from 0 to 1024
[  193.178848][T11888] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  193.191130][T11888] ext4 filesystem being mounted at /107/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  193.218636][T10451] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  193.514662][T11902] tipc: Bearer <udp:syz2>: already 2 bearers with priority 10
[  193.522340][T11902] tipc: Bearer <udp:syz2>: trying with adjusted priority
[  193.529840][T11902] tipc: Enabled bearer <udp:syz2>, priority 9
[  193.546918][T11906] FAULT_INJECTION: forcing a failure.
[  193.546918][T11906] name failslab, interval 1, probability 0, space 0, times 0
[  193.559749][T11906] CPU: 1 UID: 0 PID: 11906 Comm: syz.5.3235 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  193.559779][T11906] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  193.559792][T11906] Call Trace:
[  193.559798][T11906]  <TASK>
[  193.559822][T11906]  __dump_stack+0x1d/0x30
[  193.559883][T11906]  dump_stack_lvl+0xe8/0x140
[  193.559904][T11906]  dump_stack+0x15/0x1b
[  193.559923][T11906]  should_fail_ex+0x265/0x280
[  193.559948][T11906]  ? nci_hci_allocate+0x33/0x180
[  193.560014][T11906]  should_failslab+0x8c/0xb0
[  193.560038][T11906]  __kmalloc_cache_noprof+0x4c/0x320
[  193.560137][T11906]  nci_hci_allocate+0x33/0x180
[  193.560159][T11906]  nci_allocate_device+0x156/0x200
[  193.560178][T11906]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  193.560283][T11906]  virtual_ncidev_open+0x55/0x140
[  193.560310][T11906]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  193.560405][T11906]  misc_open+0x1d6/0x200
[  193.560429][T11906]  chrdev_open+0x2e8/0x3a0
[  193.560455][T11906]  do_dentry_open+0x649/0xa20
[  193.560521][T11906]  ? __pfx_chrdev_open+0x10/0x10
[  193.560546][T11906]  vfs_open+0x37/0x1e0
[  193.560654][T11906]  path_openat+0x1c5e/0x2170
[  193.560801][T11906]  do_filp_open+0x109/0x230
[  193.560831][T11906]  do_sys_openat2+0xa6/0x110
[  193.560909][T11906]  __x64_sys_openat+0xf2/0x120
[  193.560939][T11906]  x64_sys_call+0x2e9c/0x2ff0
[  193.560958][T11906]  do_syscall_64+0xd2/0x200
[  193.560987][T11906]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  193.561014][T11906]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  193.561119][T11906]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  193.561143][T11906] RIP: 0033:0x7fbd8e44ec29
[  193.561162][T11906] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  193.561182][T11906] RSP: 002b:00007fbd8ceaf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  193.561205][T11906] RAX: ffffffffffffffda RBX: 00007fbd8e695fa0 RCX: 00007fbd8e44ec29
[  193.561219][T11906] RDX: 0000000000000002 RSI: 0000200000000540 RDI: ffffffffffffff9c
[  193.561264][T11906] RBP: 00007fbd8ceaf090 R08: 0000000000000000 R09: 0000000000000000
[  193.561277][T11906] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  193.561387][T11906] R13: 00007fbd8e696038 R14: 00007fbd8e695fa0 R15: 00007ffca2897558
[  193.561405][T11906]  </TASK>
[  193.877071][T11915] loop3: detected capacity change from 0 to 512
[  193.885492][T11915] EXT4-fs (loop3): orphan cleanup on readonly fs
[  193.892005][T11915] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -13
[  193.904138][T11915] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  193.919231][T11915] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #13: comm syz.3.3236: attempt to clear invalid blocks 2 len 1
[  193.932997][T11915] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.3236: invalid indirect mapped block 1819239214 (level 0)
[  193.948074][T11915] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.3236: invalid indirect mapped block 1819239214 (level 1)
[  193.963012][T11915] EXT4-fs (loop3): 1 truncate cleaned up
[  193.969491][T11915] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  194.033018][ T8061] netdevsim netdevsim4 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  194.043269][ T8061] netdevsim netdevsim4 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  194.052690][ T8061] netdevsim netdevsim4 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  194.061319][ T8061] netdevsim netdevsim4 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  194.358050][T11912] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  194.380231][T10562] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.404740][T11927] loop5: detected capacity change from 0 to 1024
[  194.418521][T11927] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  194.420577][T11935] __nla_validate_parse: 30 callbacks suppressed
[  194.420634][T11935] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3243'.
[  194.433337][T11927] ext4 filesystem being mounted at /197/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  194.440834][T11935] bond_slave_0: entered promiscuous mode
[  194.461980][T11935] bond_slave_1: entered promiscuous mode
[  194.469444][T11935] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  194.479281][ T9280] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  194.484395][    C1] vcan0: j1939_tp_rxtimer: 0xffff88811a2ce200: rx timeout, send abort
[  194.496841][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88811a2ce200: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  194.496908][T11935] bond_slave_0: left promiscuous mode
[  194.516633][T11935] bond_slave_1: left promiscuous mode
[  194.564713][T11942] loop1: detected capacity change from 0 to 4096
[  194.586984][T11942] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  194.624786][T11950] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3247'.
[  194.641456][T10451] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.724429][T11959] tipc: Enabling of bearer <udp:£ > rejected, already enabled
[  194.725086][T11961] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3252'.
[  194.811277][T11965] SELinux:  Context system_u:object_r:iptables_unit_file_t:s0 is not valid (left unmapped).
[  194.841487][T11967] loop1: detected capacity change from 0 to 1024
[  194.860324][T11967] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  194.872492][T11967] ext4 filesystem being mounted at /114/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  194.903129][T11975] loop3: detected capacity change from 0 to 512
[  194.910596][T10451] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  194.917629][T11975] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.3257: iget: bad extended attribute block 1
[  194.932298][T11975] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.3257: couldn't read orphan inode 15 (err -117)
[  194.946207][T11975] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  195.008725][T11978] loop1: detected capacity change from 0 to 512
[  195.011756][T11975] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=11975 comm=
[  195.029274][T11978] EXT4-fs (loop1): VFS: Can't find ext4 filesystem
[  195.046688][T10562] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.063875][T11981] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3259'.
[  195.086157][T11978] syz.1.3258 (11978) used obsolete PPPIOCDETACH ioctl
[  195.106383][T11985] loop3: detected capacity change from 0 to 256
[  195.246979][T11992] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3262'.
[  195.271071][T11995] tipc: Enabling of bearer <udp:£ > rejected, already enabled
[  195.336326][T12005] tipc: Enabling of bearer <eth:syzkaller0> rejected, max 3 bearers permitted
[  195.345621][T12005] syzkaller0: entered promiscuous mode
[  195.351185][T12005] syzkaller0: entered allmulticast mode
[  195.358812][T12005] FAULT_INJECTION: forcing a failure.
[  195.358812][T12005] name failslab, interval 1, probability 0, space 0, times 0
[  195.371465][T12005] CPU: 1 UID: 0 PID: 12005 Comm: syz.4.3265 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  195.371549][T12005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  195.371561][T12005] Call Trace:
[  195.371568][T12005]  <TASK>
[  195.371576][T12005]  __dump_stack+0x1d/0x30
[  195.371598][T12005]  dump_stack_lvl+0xe8/0x140
[  195.371616][T12005]  dump_stack+0x15/0x1b
[  195.371631][T12005]  should_fail_ex+0x265/0x280
[  195.371682][T12005]  ? nsim_fib_event_nb+0x1a0/0xcb0
[  195.371708][T12005]  should_failslab+0x8c/0xb0
[  195.371736][T12005]  __kmalloc_cache_noprof+0x4c/0x320
[  195.371773][T12005]  nsim_fib_event_nb+0x1a0/0xcb0
[  195.371803][T12005]  ? __pfx_nsim_fib_event_nb+0x10/0x10
[  195.371831][T12005]  atomic_notifier_call_chain+0x73/0x1c0
[  195.371871][T12005]  call_fib_notifiers+0x65/0xa0
[  195.371933][T12005]  call_fib6_notifiers+0x30/0x40
[  195.371961][T12005]  fib6_del+0x749/0x8b0
[  195.371981][T12005]  ? fib6_del+0x2b1/0x8b0
[  195.372004][T12005]  fib6_clean_node+0x167/0x280
[  195.372072][T12005]  fib6_walk_continue+0x39c/0x440
[  195.372094][T12005]  fib6_walk+0xc5/0x180
[  195.372190][T12005]  ? __pfx_fib6_ifdown+0x10/0x10
[  195.372272][T12005]  fib6_clean_all+0xca/0x140
[  195.372351][T12005]  ? __pfx_fib6_clean_node+0x10/0x10
[  195.372371][T12005]  ? __pfx_fib6_ifdown+0x10/0x10
[  195.372397][T12005]  rt6_disable_ip+0xa6/0x580
[  195.372479][T12005]  ? netlink_broadcast_filtered+0xbf4/0xc60
[  195.372503][T12005]  addrconf_ifdown+0xa6/0xf30
[  195.372549][T12005]  ? __pfx_tun_device_event+0x10/0x10
[  195.372567][T12005]  ? tun_device_event+0x1ef/0x980
[  195.372620][T12005]  ? __pfx_cbs_dev_notifier+0x10/0x10
[  195.372651][T12005]  ? tls_dev_event+0x3d7/0x910
[  195.372676][T12005]  addrconf_notify+0x222/0x930
[  195.372698][T12005]  ? __pfx_addrconf_notify+0x10/0x10
[  195.372787][T12005]  raw_notifier_call_chain+0x6f/0x1b0
[  195.372810][T12005]  ? call_netdevice_notifiers_info+0x9c/0x100
[  195.372845][T12005]  call_netdevice_notifiers_info+0xae/0x100
[  195.372879][T12005]  netif_set_mtu_ext+0x356/0x470
[  195.372953][T12005]  netif_set_mtu+0x4a/0xf0
[  195.372980][T12005]  dev_set_mtu+0xc1/0x170
[  195.373063][T12005]  dev_ifsioc+0x474/0xaa0
[  195.373088][T12005]  ? __rcu_read_unlock+0x4f/0x70
[  195.373110][T12005]  dev_ioctl+0x70a/0x960
[  195.373152][T12005]  sock_do_ioctl+0x197/0x220
[  195.373185][T12005]  sock_ioctl+0x41b/0x610
[  195.373284][T12005]  ? __pfx_sock_ioctl+0x10/0x10
[  195.373366][T12005]  __se_sys_ioctl+0xce/0x140
[  195.373441][T12005]  __x64_sys_ioctl+0x43/0x50
[  195.373460][T12005]  x64_sys_call+0x1816/0x2ff0
[  195.373552][T12005]  do_syscall_64+0xd2/0x200
[  195.373584][T12005]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  195.373605][T12005]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  195.373666][T12005]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  195.373690][T12005] RIP: 0033:0x7f549c10ec29
[  195.373708][T12005] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  195.373729][T12005] RSP: 002b:00007f549ab77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  195.373829][T12005] RAX: ffffffffffffffda RBX: 00007f549c355fa0 RCX: 00007f549c10ec29
[  195.373844][T12005] RDX: 0000200000002280 RSI: 0000000000008922 RDI: 0000000000000005
[  195.373856][T12005] RBP: 00007f549ab77090 R08: 0000000000000000 R09: 0000000000000000
[  195.373868][T12005] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  195.373879][T12005] R13: 00007f549c356038 R14: 00007f549c355fa0 R15: 00007ffdfb9924f8
[  195.373981][T12005]  </TASK>
[  195.730186][T12007] loop5: detected capacity change from 0 to 512
[  195.738199][T12007] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  195.758843][T12007] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002]
[  195.767268][T12007] System zones: 0-2, 18-18, 34-34
[  195.773428][T12007] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  195.786761][T12007] ext4 filesystem being mounted at /199/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  195.804733][T12007] netlink: 'syz.5.3266': attribute type 13 has an invalid length.
[  195.812684][T12007] netlink: 'syz.5.3266': attribute type 17 has an invalid length.
[  195.849428][T12007] 8021q: adding VLAN 0 to HW filter on device bond0
[  195.859523][T12007] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  195.898638][ T9280] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.918003][T12014] loop5: detected capacity change from 0 to 1024
[  195.938890][T12014] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  195.952091][T12014] ext4 filesystem being mounted at /200/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  195.984620][ T9280] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  195.988853][T12018] loop3: detected capacity change from 0 to 4096
[  196.003194][T12018] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  196.018770][T12021] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3270'.
[  196.020792][T12018] FAULT_INJECTION: forcing a failure.
[  196.020792][T12018] name failslab, interval 1, probability 0, space 0, times 0
[  196.040422][T12018] CPU: 0 UID: 0 PID: 12018 Comm: syz.3.3269 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  196.040470][T12018] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  196.040483][T12018] Call Trace:
[  196.040491][T12018]  <TASK>
[  196.040499][T12018]  __dump_stack+0x1d/0x30
[  196.040533][T12018]  dump_stack_lvl+0xe8/0x140
[  196.040550][T12018]  dump_stack+0x15/0x1b
[  196.040565][T12018]  should_fail_ex+0x265/0x280
[  196.040620][T12018]  should_failslab+0x8c/0xb0
[  196.040643][T12018]  kmem_cache_alloc_noprof+0x50/0x310
[  196.040681][T12018]  ? __es_insert_extent+0x508/0xee0
[  196.040734][T12018]  ? bpf_probe_read_compat_str+0x126/0x130
[  196.040765][T12018]  __es_insert_extent+0x508/0xee0
[  196.040852][T12018]  __es_remove_extent+0x6a1/0xda0
[  196.040884][T12018]  ext4_es_insert_extent+0x3b4/0x1c10
[  196.041025][T12018]  ext4_map_blocks+0x8cd/0xd00
[  196.041055][T12018]  ext4_convert_unwritten_extents+0x16f/0x2b0
[  196.041117][T12018]  ext4_dio_write_end_io+0x120/0x410
[  196.041145][T12018]  ? __pfx_ext4_dio_write_end_io+0x10/0x10
[  196.041239][T12018]  iomap_dio_complete+0x99/0x4d0
[  196.041261][T12018]  iomap_dio_rw+0x7f/0x90
[  196.041360][T12018]  ext4_file_write_iter+0xad9/0xf00
[  196.041388][T12018]  ? ext4_file_write_iter+0x641/0xf00
[  196.041432][T12018]  do_iter_readv_writev+0x499/0x540
[  196.041457][T12018]  vfs_writev+0x2df/0x8b0
[  196.041490][T12018]  __se_sys_pwritev2+0xfc/0x1c0
[  196.041514][T12018]  __x64_sys_pwritev2+0x67/0x80
[  196.041598][T12018]  x64_sys_call+0x2c55/0x2ff0
[  196.041643][T12018]  do_syscall_64+0xd2/0x200
[  196.041671][T12018]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  196.041692][T12018]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  196.041718][T12018]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.041810][T12018] RIP: 0033:0x7f01a089ec29
[  196.041824][T12018] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  196.041839][T12018] RSP: 002b:00007f019f2ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  196.041928][T12018] RAX: ffffffffffffffda RBX: 00007f01a0ae5fa0 RCX: 00007f01a089ec29
[  196.041939][T12018] RDX: 0000000000000001 RSI: 0000200000000240 RDI: 0000000000000005
[  196.041950][T12018] RBP: 00007f019f2ff090 R08: 0000000000000000 R09: 0000000000000003
[  196.041961][T12018] R10: 0000000000007000 R11: 0000000000000246 R12: 0000000000000002
[  196.041972][T12018] R13: 00007f01a0ae6038 R14: 00007f01a0ae5fa0 R15: 00007ffdbc64baa8
[  196.041989][T12018]  </TASK>
[  196.311308][T10562] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.331260][T12023] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3271'.
[  196.399918][T12030] loop5: detected capacity change from 0 to 764
[  196.428603][T12035] tipc: Enabling of bearer <udp:£ > rejected, already enabled
[  196.758713][T12043] SELinux: failure in selinux_parse_skb(), unable to parse packet
[  196.907365][T12057] netlink: 'syz.4.3282': attribute type 10 has an invalid length.
[  196.915227][T12057] ipvlan0: entered allmulticast mode
[  196.920596][T12057] veth0_vlan: entered allmulticast mode
[  196.942437][T12059] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3283'.
[  197.058461][T12067] tipc: Enabling of bearer <udp:£ > rejected, already enabled
[  197.144924][    C0] vcan0: j1939_tp_rxtimer: 0xffff88811a03ce00: rx timeout, send abort
[  197.153398][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88811a03ce00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  197.218904][T12077] sd 0:0:1:0: device reset
[  197.230033][T12077] ip6gretap0: entered promiscuous mode
[  197.355549][T12077] ip6gretap0: left promiscuous mode
[  197.547155][T12083] loop5: detected capacity change from 0 to 1024
[  197.560003][T12083] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  197.572730][T12083] ext4 filesystem being mounted at /205/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  197.756691][ T9280] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  197.787054][T12091] loop3: detected capacity change from 0 to 128
[  198.016677][   T29] kauditd_printk_skb: 367 callbacks suppressed
[  198.016692][   T29] audit: type=1400 audit(2000000083.906:13114): avc:  denied  { setopt } for  pid=12078 comm="syz.2.3292" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  198.081561][T12101] netlink: 'syz.3.3298': attribute type 21 has an invalid length.
[  198.104585][T12101] netlink: 156 bytes leftover after parsing attributes in process `syz.3.3298'.
[  198.113717][T12101] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3298'.
[  198.128958][T12103] tipc: Enabling of bearer <udp:£ > rejected, already enabled
[  198.146931][   T29] audit: type=1326 audit(2000000084.016:13115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12102 comm="syz.2.3299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdba110ec29 code=0x7ffc0000
[  198.170641][   T29] audit: type=1326 audit(2000000084.016:13116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12102 comm="syz.2.3299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdba110ec29 code=0x7ffc0000
[  198.194462][   T29] audit: type=1326 audit(2000000084.016:13117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12102 comm="syz.2.3299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdba110ec29 code=0x7ffc0000
[  198.218035][   T29] audit: type=1326 audit(2000000084.016:13118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12102 comm="syz.2.3299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdba110ec29 code=0x7ffc0000
[  198.241957][   T29] audit: type=1326 audit(2000000084.016:13119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12102 comm="syz.2.3299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdba110ec29 code=0x7ffc0000
[  198.265588][   T29] audit: type=1326 audit(2000000084.016:13120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12102 comm="syz.2.3299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdba1110b47 code=0x7ffc0000
[  198.289348][   T29] audit: type=1326 audit(2000000084.016:13121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12102 comm="syz.2.3299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7fdba1110abc code=0x7ffc0000
[  198.289431][   T29] audit: type=1326 audit(2000000084.016:13122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12102 comm="syz.2.3299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fdba11109f4 code=0x7ffc0000
[  198.289457][   T29] audit: type=1326 audit(2000000084.016:13123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12102 comm="syz.2.3299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fdba11109f4 code=0x7ffc0000
[  198.694214][T12128] loop1: detected capacity change from 0 to 1024
[  198.727902][T12128] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  198.772525][T12128] ext4 filesystem being mounted at /119/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  198.848212][T10451] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  198.881067][T12137] 9pnet_fd: Insufficient options for proto=fd
[  198.913317][T12140] 9pnet_fd: Insufficient options for proto=fd
[  198.959702][T12142] loop1: detected capacity change from 0 to 2048
[  199.286139][T12158] veth1: entered promiscuous mode
[  199.336873][T12168] tipc: Enabling of bearer <udp:£ > rejected, already enabled
[  199.349947][T12173] 9pnet_fd: Insufficient options for proto=fd
[  199.366418][T12171] 9pnet_fd: Insufficient options for proto=fd
[  199.472499][T12189] loop5: detected capacity change from 0 to 1024
[  199.487366][T12189] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  199.523146][T12196] __nla_validate_parse: 4 callbacks suppressed
[  199.523240][T12196] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3331'.
[  199.552367][T12196] IPVS: Unknown mcast interface: vcan0
[  199.570171][ T9280] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.607589][T12199] loop5: detected capacity change from 0 to 512
[  199.614373][T12199] EXT4-fs: Ignoring removed i_version option
[  199.620496][T12199] EXT4-fs: Ignoring removed nobh option
[  199.631698][T12199] EXT4-fs: quotafile must be on filesystem root
[  199.674820][T12204] loop5: detected capacity change from 0 to 1024
[  199.704583][T12204] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  199.745817][T12204] ext4 filesystem being mounted at /214/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  199.824459][ T9280] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  200.000052][T12196] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3331'.
[  200.118625][T12212] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3335'.
[  200.148153][T12214] 9pnet_fd: Insufficient options for proto=fd
[  200.180057][T12216] tipc: New replicast peer: 255.255.255.83
[  200.186202][T12216] tipc: Enabled bearer <udp:£>, priority 10
[  200.220703][T12218] 9pnet_fd: Insufficient options for proto=fd
[  200.323621][T12231] loop1: detected capacity change from 0 to 1024
[  200.330923][T12233] loop3: detected capacity change from 0 to 512
[  200.339346][T12231] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  200.351999][T12231] ext4 filesystem being mounted at /125/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  200.353939][T12235] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3346'.
[  200.365154][T12233] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  200.384196][T12233] ext4 filesystem being mounted at /133/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  200.423951][T10451] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  200.435918][T12233] SELinux: failed to load policy
[  200.436544][T12242] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3347'.
[  200.467648][T12245] 9pnet_fd: Insufficient options for proto=fd
[  200.502441][T12247] tipc: Enabling of bearer <udp:£> rejected, already enabled
[  200.577294][T10562] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.688561][T12235] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3346'.
[  200.922849][T12254] chnl_net:caif_netlink_parms(): no params data found
[  200.983971][T12254] bridge0: port 1(bridge_slave_0) entered blocking state
[  200.991235][T12254] bridge0: port 1(bridge_slave_0) entered disabled state
[  200.998589][T12254] bridge_slave_0: entered allmulticast mode
[  201.005268][T12254] bridge_slave_0: entered promiscuous mode
[  201.013146][T12254] bridge0: port 2(bridge_slave_1) entered blocking state
[  201.020363][T12254] bridge0: port 2(bridge_slave_1) entered disabled state
[  201.028064][T12254] bridge_slave_1: entered allmulticast mode
[  201.034664][T12254] bridge_slave_1: entered promiscuous mode
[  201.061808][T12254] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  201.072823][T12254] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  201.096383][T12254] team0: Port device team_slave_0 added
[  201.105732][T12254] team0: Port device team_slave_1 added
[  201.144349][    C1] vcan0: j1939_tp_rxtimer: 0xffff88811a3d5a00: rx timeout, send abort
[  201.152637][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88811a3d5a00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  201.182345][T12254] batman_adv: batadv0: Adding interface: batadv_slave_0
[  201.189441][T12254] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  201.215403][T12254] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  201.231281][T12254] batman_adv: batadv0: Adding interface: batadv_slave_1
[  201.238372][T12254] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  201.264386][T12254] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  201.287807][T12277] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  201.296510][T12277] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  201.313733][T12277] loop5: detected capacity change from 0 to 1024
[  201.466970][T12254] hsr_slave_0: entered promiscuous mode
[  201.473345][T12254] hsr_slave_1: entered promiscuous mode
[  201.481530][T12254] debugfs: 'hsr0' already exists in 'hsr'
[  201.487344][T12254] Cannot create hsr debugfs directory
[  201.531726][T12283] loop5: detected capacity change from 0 to 512
[  201.538506][T12283] ext4: Unknown parameter 'permit_directio'
[  201.932276][T12254] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  201.953609][T12254] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  201.973887][T12254] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  201.997058][T12254] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  202.088970][T12254] 8021q: adding VLAN 0 to HW filter on device bond0
[  202.100505][T12300] 9pnet_fd: Insufficient options for proto=fd
[  202.113247][T12254] 8021q: adding VLAN 0 to HW filter on device team0
[  202.137849][ T8057] bridge0: port 1(bridge_slave_0) entered blocking state
[  202.145021][ T8057] bridge0: port 1(bridge_slave_0) entered forwarding state
[  202.164204][T12302] tipc: New replicast peer: 255.255.255.83
[  202.170201][T12302] tipc: Enabled bearer <udp:£>, priority 10
[  202.179054][ T8056] bridge0: port 2(bridge_slave_1) entered blocking state
[  202.186133][ T8056] bridge0: port 2(bridge_slave_1) entered forwarding state
[  202.210868][T12304] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3362'.
[  202.260117][T12306] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3363'.
[  202.330002][T12254] 8021q: adding VLAN 0 to HW filter on device batadv0
[  202.524091][T12254] veth0_vlan: entered promiscuous mode
[  202.532694][T12254] veth1_vlan: entered promiscuous mode
[  202.555022][T12254] veth0_macvtap: entered promiscuous mode
[  202.559127][T12306] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3363'.
[  202.562575][T12254] veth1_macvtap: entered promiscuous mode
[  202.583281][T12254] batman_adv: batadv0: Interface activated: batadv_slave_0
[  202.596110][T12254] batman_adv: batadv0: Interface activated: batadv_slave_1
[  202.606930][ T8084] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  202.622792][ T8084] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  202.636815][ T8084] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  202.650777][ T8084] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  202.681902][T12335] 9pnet_fd: Insufficient options for proto=fd
[  202.790630][T12344] 9pnet_fd: Insufficient options for proto=fd
[  202.851946][T12348] tipc: Started in network mode
[  202.857077][T12348] tipc: Node identity ac14140f, cluster identity 4711
[  202.870216][T12348] tipc: New replicast peer: 255.255.255.83
[  202.876222][T12348] tipc: Enabled bearer <udp:£>, priority 10
[  202.902365][T12350] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3373'.
[  203.447400][   T29] kauditd_printk_skb: 261 callbacks suppressed
[  203.447420][   T29] audit: type=1326 audit(2000000089.337:13385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12355 comm="syz.3.3375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f01a0895be7 code=0x7ffc0000
[  203.477220][   T29] audit: type=1326 audit(2000000089.337:13386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12355 comm="syz.3.3375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f01a083ae09 code=0x7ffc0000
[  203.546181][    C1] vcan0: j1939_tp_rxtimer: 0xffff88811a3cfc00: rx timeout, send abort
[  203.554538][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88811a3cfc00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  203.559430][   T29] audit: type=1326 audit(2000000089.337:13387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12355 comm="syz.3.3375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f01a0895be7 code=0x7ffc0000
[  203.592776][   T29] audit: type=1326 audit(2000000089.337:13388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12355 comm="syz.3.3375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f01a083ae09 code=0x7ffc0000
[  203.617042][   T29] audit: type=1326 audit(2000000089.337:13389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12355 comm="syz.3.3375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01a089ec29 code=0x7ffc0000
[  203.640748][   T29] audit: type=1326 audit(2000000089.337:13390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12355 comm="syz.3.3375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01a089ec29 code=0x7ffc0000
[  203.664672][   T29] audit: type=1326 audit(2000000089.337:13391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12355 comm="syz.3.3375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f01a089d590 code=0x7ffc0000
[  203.688261][   T29] audit: type=1326 audit(2000000089.367:13392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12355 comm="syz.3.3375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01a089ec29 code=0x7ffc0000
[  203.711889][   T29] audit: type=1326 audit(2000000089.367:13393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12355 comm="syz.3.3375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01a089ec29 code=0x7ffc0000
[  203.735606][   T29] audit: type=1326 audit(2000000089.367:13394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12355 comm="syz.3.3375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f01a089ec29 code=0x7ffc0000
[  203.792559][T12364] 9pnet_fd: Insufficient options for proto=fd
[  203.857272][ T3540] Process accounting resumed
[  203.895518][ T3417] tipc: Node number set to 2886997007
[  203.939573][T12375] 9pnet_fd: Insufficient options for proto=fd
[  204.005696][T12379] tipc: New replicast peer: 255.255.255.83
[  204.011620][T12379] tipc: Enabled bearer <udp:£>, priority 10
[  204.464521][T12392] FAULT_INJECTION: forcing a failure.
[  204.464521][T12392] name failslab, interval 1, probability 0, space 0, times 0
[  204.477275][T12392] CPU: 0 UID: 0 PID: 12392 Comm: syz.2.3389 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  204.477308][T12392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  204.477390][T12392] Call Trace:
[  204.477398][T12392]  <TASK>
[  204.477407][T12392]  __dump_stack+0x1d/0x30
[  204.477483][T12392]  dump_stack_lvl+0xe8/0x140
[  204.477501][T12392]  dump_stack+0x15/0x1b
[  204.477520][T12392]  should_fail_ex+0x265/0x280
[  204.477546][T12392]  should_failslab+0x8c/0xb0
[  204.477570][T12392]  kmem_cache_alloc_node_noprof+0x57/0x320
[  204.477683][T12392]  ? __alloc_skb+0x101/0x320
[  204.477709][T12392]  __alloc_skb+0x101/0x320
[  204.477732][T12392]  ? audit_log_start+0x365/0x6c0
[  204.477812][T12392]  audit_log_start+0x380/0x6c0
[  204.477841][T12392]  ? cred_has_capability+0x210/0x280
[  204.477865][T12392]  audit_seccomp+0x48/0x100
[  204.477903][T12392]  ? __seccomp_filter+0x68c/0x10d0
[  204.477924][T12392]  __seccomp_filter+0x69d/0x10d0
[  204.477948][T12392]  ? __rcu_read_unlock+0x4f/0x70
[  204.477973][T12392]  ? mntput_no_expire+0x6f/0x460
[  204.478023][T12392]  __secure_computing+0x82/0x150
[  204.478047][T12392]  syscall_trace_enter+0xcf/0x1e0
[  204.478145][T12392]  do_syscall_64+0xac/0x200
[  204.478238][T12392]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  204.478333][T12392]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  204.478362][T12392]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  204.478388][T12392] RIP: 0033:0x7fdba110d63c
[  204.478407][T12392] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  204.478428][T12392] RSP: 002b:00007fdb9fb77030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  204.478500][T12392] RAX: ffffffffffffffda RBX: 00007fdba1355fa0 RCX: 00007fdba110d63c
[  204.478512][T12392] RDX: 000000000000000f RSI: 00007fdb9fb770a0 RDI: 0000000000000005
[  204.478542][T12392] RBP: 00007fdb9fb77090 R08: 0000000000000000 R09: 0000000000000000
[  204.478556][T12392] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  204.478571][T12392] R13: 00007fdba1356038 R14: 00007fdba1355fa0 R15: 00007ffcc4a6ded8
[  204.478591][T12392]  </TASK>
[  204.816620][T12394] 9pnet_fd: Insufficient options for proto=fd
[  204.919297][T12403] netlink: 'syz.1.3394': attribute type 10 has an invalid length.
[  204.935690][T12404] 9pnet_fd: Insufficient options for proto=fd
[  204.946641][T12403] ipvlan0: entered allmulticast mode
[  204.951947][T12403] veth0_vlan: entered allmulticast mode
[  204.986465][T12403] team0: Device ipvlan0 failed to register rx_handler
[  205.000319][T12413] __nla_validate_parse: 3 callbacks suppressed
[  205.000335][T12413] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3399'.
[  205.014359][T12411] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3398'.
[  205.016949][T12413] IPVS: Unknown mcast interface: vcan0
[  205.029983][T12411] hsr_slave_0: left promiscuous mode
[  205.037297][T12411] hsr_slave_1: left promiscuous mode
[  205.040028][T12415] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3400'.
[  205.054256][T12408] tipc: Enabling of bearer <udp:£> rejected, already enabled
[  205.094784][T12423] 9pnet_fd: Insufficient options for proto=fd
[  205.234806][T12437] 9pnet_fd: Insufficient options for proto=fd
[  205.510800][T12413] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3399'.
[  205.639361][    C0] vcan0: j1939_tp_rxtimer: 0xffff88811a045c00: rx timeout, send abort
[  205.647680][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88811a045c00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  205.700347][T12446] netlink: 'syz.3.3411': attribute type 10 has an invalid length.
[  205.710392][T12446] ipvlan0: entered allmulticast mode
[  205.715899][T12446] veth0_vlan: entered allmulticast mode
[  205.728360][T12446] team0: Device ipvlan0 failed to register rx_handler
[  205.783991][T12449] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3412'.
[  205.848778][T12451] tipc: Enabling of bearer <udp:£> rejected, already enabled
[  205.892269][T12453] netem: change failed
[  206.024880][T12464] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3419'.
[  206.079921][T12473] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3423'.
[  206.092098][T12471] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3422'.
[  206.103401][T12475] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0
[  206.126856][T12476] tipc: Enabling of bearer <udp:£> rejected, already enabled
[  206.506075][T12471] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3422'.
[  206.749439][T12496] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3432'.
[  207.116664][T12507] tipc: Enabling of bearer <udp:£> rejected, already enabled
[  207.249855][T12510] FAULT_INJECTION: forcing a failure.
[  207.249855][T12510] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  207.263045][T12510] CPU: 0 UID: 0 PID: 12510 Comm: syz.2.3438 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  207.263145][T12510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  207.263157][T12510] Call Trace:
[  207.263164][T12510]  <TASK>
[  207.263172][T12510]  __dump_stack+0x1d/0x30
[  207.263221][T12510]  dump_stack_lvl+0xe8/0x140
[  207.263240][T12510]  dump_stack+0x15/0x1b
[  207.263255][T12510]  should_fail_ex+0x265/0x280
[  207.263278][T12510]  should_fail+0xb/0x20
[  207.263299][T12510]  should_fail_usercopy+0x1a/0x20
[  207.263326][T12510]  _copy_from_user+0x1c/0xb0
[  207.263356][T12510]  kstrtouint_from_user+0x69/0xf0
[  207.263452][T12510]  ? 0xffffffff81000000
[  207.263513][T12510]  ? selinux_file_permission+0x1e4/0x320
[  207.263574][T12510]  proc_fail_nth_write+0x50/0x160
[  207.263598][T12510]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  207.263625][T12510]  vfs_write+0x266/0x960
[  207.263657][T12510]  ? vfs_read+0x4e6/0x770
[  207.263679][T12510]  ? __rcu_read_unlock+0x4f/0x70
[  207.263703][T12510]  ? __fget_files+0x184/0x1c0
[  207.263730][T12510]  ksys_write+0xda/0x1a0
[  207.263770][T12510]  __x64_sys_write+0x40/0x50
[  207.263805][T12510]  x64_sys_call+0x27fe/0x2ff0
[  207.263971][T12510]  do_syscall_64+0xd2/0x200
[  207.264025][T12510]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  207.264093][T12510]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  207.264125][T12510]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  207.264167][T12510] RIP: 0033:0x7fdba110d6df
[  207.264181][T12510] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  207.264198][T12510] RSP: 002b:00007fdb9fb56030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  207.264216][T12510] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fdba110d6df
[  207.264228][T12510] RDX: 0000000000000001 RSI: 00007fdb9fb560a0 RDI: 0000000000000007
[  207.264239][T12510] RBP: 00007fdb9fb56090 R08: 0000000000000000 R09: 0000000000000000
[  207.264250][T12510] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  207.264286][T12510] R13: 00007fdba1356128 R14: 00007fdba1356090 R15: 00007ffcc4a6ded8
[  207.264303][T12510]  </TASK>
[  207.798078][T12513] program syz.1.3440 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  207.823594][T12517] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0
[  207.848149][T12513] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  207.969217][T12537] tipc: Enabling of bearer <udp:£> rejected, already enabled
[  208.108758][    C0] vcan0: j1939_tp_rxtimer: 0xffff88811a2c8e00: rx timeout, send abort
[  208.117142][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88811a2c8e00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  208.205531][T12553] loop1: detected capacity change from 0 to 1024
[  208.238091][T12553] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  208.249135][T12553] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  208.330979][T12553] JBD2: no valid journal superblock found
[  208.336833][T12553] EXT4-fs (loop1): Could not load journal inode
[  208.498828][   T29] kauditd_printk_skb: 436 callbacks suppressed
[  208.498846][   T29] audit: type=1326 audit(2000000094.388:13829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12565 comm="syz.5.3461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fbd8e445be7 code=0x7ffc0000
[  208.558211][   T29] audit: type=1326 audit(2000000094.418:13830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12565 comm="syz.5.3461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fbd8e3eae09 code=0x7ffc0000
[  208.582339][   T29] audit: type=1326 audit(2000000094.418:13831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12565 comm="syz.5.3461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fbd8e445be7 code=0x7ffc0000
[  208.606049][   T29] audit: type=1326 audit(2000000094.418:13832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12565 comm="syz.5.3461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fbd8e3eae09 code=0x7ffc0000
[  208.629778][   T29] audit: type=1326 audit(2000000094.418:13833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12565 comm="syz.5.3461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd8e44ec29 code=0x7ffc0000
[  208.653682][   T29] audit: type=1326 audit(2000000094.418:13834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12565 comm="syz.5.3461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd8e44ec29 code=0x7ffc0000
[  208.659305][T12572] tipc: New replicast peer: 255.255.255.83
[  208.677392][   T29] audit: type=1326 audit(2000000094.438:13835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12565 comm="syz.5.3461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbd8e44ec29 code=0x7ffc0000
[  208.677459][   T29] audit: type=1326 audit(2000000094.438:13836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12565 comm="syz.5.3461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd8e44ec29 code=0x7ffc0000
[  208.677494][   T29] audit: type=1326 audit(2000000094.438:13837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12565 comm="syz.5.3461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd8e44ec29 code=0x7ffc0000
[  208.677570][   T29] audit: type=1326 audit(2000000094.438:13838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12565 comm="syz.5.3461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbd8e450b47 code=0x7ffc0000
[  208.683421][T12572] tipc: Enabled bearer <udp:£>, priority 10
[  209.006223][T12592] IPVS: Unknown mcast interface: vcan0
[  209.199550][T12601] tipc: Enabling of bearer <udp:£> rejected, already enabled
[  209.280296][T12603] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12603 comm=syz.5.3477
[  209.293051][T12605] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12605 comm=syz.5.3477
[  209.639793][T12629] FAULT_INJECTION: forcing a failure.
[  209.639793][T12629] name failslab, interval 1, probability 0, space 0, times 0
[  209.652509][T12629] CPU: 1 UID: 0 PID: 12629 Comm: syz.5.3486 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  209.652542][T12629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  209.652577][T12629] Call Trace:
[  209.652584][T12629]  <TASK>
[  209.652592][T12629]  __dump_stack+0x1d/0x30
[  209.652613][T12629]  dump_stack_lvl+0xe8/0x140
[  209.652661][T12629]  dump_stack+0x15/0x1b
[  209.652676][T12629]  should_fail_ex+0x265/0x280
[  209.652768][T12629]  ? audit_log_d_path+0x8d/0x150
[  209.652796][T12629]  should_failslab+0x8c/0xb0
[  209.652818][T12629]  __kmalloc_cache_noprof+0x4c/0x320
[  209.652849][T12629]  audit_log_d_path+0x8d/0x150
[  209.652949][T12629]  audit_log_d_path_exe+0x42/0x70
[  209.652991][T12629]  audit_log_task+0x1e9/0x250
[  209.653088][T12629]  audit_seccomp+0x61/0x100
[  209.653114][T12629]  ? __seccomp_filter+0x68c/0x10d0
[  209.653140][T12629]  __seccomp_filter+0x69d/0x10d0
[  209.653166][T12629]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  209.653254][T12629]  ? vfs_write+0x7e8/0x960
[  209.653283][T12629]  __secure_computing+0x82/0x150
[  209.653308][T12629]  syscall_trace_enter+0xcf/0x1e0
[  209.653370][T12629]  do_syscall_64+0xac/0x200
[  209.653403][T12629]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  209.653429][T12629]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  209.653540][T12629]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.653564][T12629] RIP: 0033:0x7fbd8e44ec29
[  209.653582][T12629] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  209.653649][T12629] RSP: 002b:00007fbd8ceaf038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[  209.653671][T12629] RAX: ffffffffffffffda RBX: 00007fbd8e695fa0 RCX: 00007fbd8e44ec29
[  209.653760][T12629] RDX: 00000000000000e0 RSI: 0000200000000fc0 RDI: 0000000000000006
[  209.653776][T12629] RBP: 00007fbd8ceaf090 R08: 0000000000000000 R09: 0000000000000000
[  209.653789][T12629] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  209.653803][T12629] R13: 00007fbd8e696038 R14: 00007fbd8e695fa0 R15: 00007ffca2897558
[  209.653849][T12629]  </TASK>
[  209.673305][T12631] tipc: Enabling of bearer <udp:£> rejected, already enabled
[  209.944057][T12639] loop5: detected capacity change from 0 to 512
[  209.958392][T12639] EXT4-fs: Ignoring removed mblk_io_submit option
[  209.964957][T12639] EXT4-fs: Ignoring removed nobh option
[  209.970543][T12639] ext2: Unknown parameter 'nouser_xattr'
[  209.983170][T12636] loop3: detected capacity change from 0 to 2048
[  210.026861][T12636]  loop3: p1 < > p4
[  210.031472][T12636] loop3: p4 size 8388608 extends beyond EOD, truncated
[  210.048341][    C0] vcan0: j1939_tp_rxtimer: 0xffff88811a14e000: rx timeout, send abort
[  210.056695][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88811a14e000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  210.133490][T12634] Invalid logical block size (32768)
[  210.142828][T12634] FAULT_INJECTION: forcing a failure.
[  210.142828][T12634] name failslab, interval 1, probability 0, space 0, times 0
[  210.155604][T12634] CPU: 0 UID: 0 PID: 12634 Comm: syz.5.3488 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  210.155632][T12634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  210.155644][T12634] Call Trace:
[  210.155658][T12634]  <TASK>
[  210.155668][T12634]  __dump_stack+0x1d/0x30
[  210.155692][T12634]  dump_stack_lvl+0xe8/0x140
[  210.155714][T12634]  dump_stack+0x15/0x1b
[  210.155732][T12634]  should_fail_ex+0x265/0x280
[  210.155801][T12634]  ? rfkill_send_events+0x85/0x240
[  210.155832][T12634]  should_failslab+0x8c/0xb0
[  210.155856][T12634]  __kmalloc_cache_noprof+0x4c/0x320
[  210.155929][T12634]  rfkill_send_events+0x85/0x240
[  210.155969][T12634]  rfkill_set_block+0x26d/0x290
[  210.156004][T12634]  rfkill_fop_write+0x22e/0x440
[  210.156024][T12634]  ? __pfx_rfkill_fop_write+0x10/0x10
[  210.156043][T12634]  vfs_write+0x266/0x960
[  210.156122][T12634]  ? __rcu_read_unlock+0x4f/0x70
[  210.156193][T12634]  ? __fget_files+0x184/0x1c0
[  210.156259][T12634]  ksys_write+0xda/0x1a0
[  210.156281][T12634]  __x64_sys_write+0x40/0x50
[  210.156301][T12634]  x64_sys_call+0x27fe/0x2ff0
[  210.156368][T12634]  do_syscall_64+0xd2/0x200
[  210.156399][T12634]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  210.156460][T12634]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  210.156533][T12634]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.156557][T12634] RIP: 0033:0x7fbd8e44ec29
[  210.156574][T12634] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  210.156664][T12634] RSP: 002b:00007fbd8ceaf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  210.156707][T12634] RAX: ffffffffffffffda RBX: 00007fbd8e695fa0 RCX: 00007fbd8e44ec29
[  210.156721][T12634] RDX: 0000000000000008 RSI: 0000200000000080 RDI: 0000000000000005
[  210.156734][T12634] RBP: 00007fbd8ceaf090 R08: 0000000000000000 R09: 0000000000000000
[  210.156747][T12634] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  210.156820][T12634] R13: 00007fbd8e696038 R14: 00007fbd8e695fa0 R15: 00007ffca2897558
[  210.156841][T12634]  </TASK>
[  210.397762][T12644] 9pnet: Could not find request transport: fd0x0000000000000004
[  210.431797][T12648] 9pnet: Could not find request transport: fd0x0000000000000004
[  210.476065][T12657] __nla_validate_parse: 14 callbacks suppressed
[  210.476084][T12657] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3496'.
[  210.519091][T12660] netlink: 56 bytes leftover after parsing attributes in process `syz.5.3497'.
[  210.541372][T12661] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3498'.
[  210.562139][T12663] tipc: Enabling of bearer <udp:£> rejected, already enabled
[  210.611130][T12667] syzkaller0: entered promiscuous mode
[  210.616834][T12667] syzkaller0: entered allmulticast mode
[  210.852301][T12681] 9pnet: Could not find request transport: fd0x0000000000000004
[  211.011286][T12688] 9pnet: Could not find request transport: fd0x0000000000000004
[  211.036562][T12661] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3498'.
[  211.120998][T12694] FAULT_INJECTION: forcing a failure.
[  211.120998][T12694] name failslab, interval 1, probability 0, space 0, times 0
[  211.133724][T12694] CPU: 1 UID: 0 PID: 12694 Comm: syz.3.3510 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  211.133757][T12694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  211.133772][T12694] Call Trace:
[  211.133779][T12694]  <TASK>
[  211.133788][T12694]  __dump_stack+0x1d/0x30
[  211.133814][T12694]  dump_stack_lvl+0xe8/0x140
[  211.133915][T12694]  dump_stack+0x15/0x1b
[  211.133994][T12694]  should_fail_ex+0x265/0x280
[  211.134021][T12694]  should_failslab+0x8c/0xb0
[  211.134060][T12694]  __kmalloc_node_noprof+0xa9/0x410
[  211.134090][T12694]  ? x64_sys_call+0x191e/0x2ff0
[  211.134113][T12694]  ? qdisc_alloc+0x65/0x440
[  211.134196][T12694]  qdisc_alloc+0x65/0x440
[  211.134274][T12694]  qdisc_create_dflt+0x7f/0x2d0
[  211.134296][T12694]  taprio_init+0x286/0x5f0
[  211.134380][T12694]  ? __pfx_taprio_init+0x10/0x10
[  211.134419][T12694]  qdisc_create+0x591/0x9e0
[  211.134454][T12694]  tc_modify_qdisc+0xf2e/0x1420
[  211.134561][T12694]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  211.134660][T12694]  rtnetlink_rcv_msg+0x657/0x6d0
[  211.134697][T12694]  netlink_rcv_skb+0x123/0x220
[  211.134722][T12694]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  211.134836][T12694]  rtnetlink_rcv+0x1c/0x30
[  211.134861][T12694]  netlink_unicast+0x5bd/0x690
[  211.134884][T12694]  netlink_sendmsg+0x58b/0x6b0
[  211.134959][T12694]  ? __pfx_netlink_sendmsg+0x10/0x10
[  211.134987][T12694]  __sock_sendmsg+0x142/0x180
[  211.135021][T12694]  ____sys_sendmsg+0x31e/0x4e0
[  211.135110][T12694]  ___sys_sendmsg+0x17b/0x1d0
[  211.135145][T12694]  __x64_sys_sendmsg+0xd4/0x160
[  211.135171][T12694]  x64_sys_call+0x191e/0x2ff0
[  211.135215][T12694]  do_syscall_64+0xd2/0x200
[  211.135247][T12694]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  211.135269][T12694]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  211.135365][T12694]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  211.135389][T12694] RIP: 0033:0x7f01a089ec29
[  211.135410][T12694] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  211.135426][T12694] RSP: 002b:00007f019f2ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  211.135445][T12694] RAX: ffffffffffffffda RBX: 00007f01a0ae5fa0 RCX: 00007f01a089ec29
[  211.135457][T12694] RDX: 0000000000000000 RSI: 00002000000007c0 RDI: 0000000000000006
[  211.135468][T12694] RBP: 00007f019f2ff090 R08: 0000000000000000 R09: 0000000000000000
[  211.135478][T12694] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  211.135489][T12694] R13: 00007f01a0ae6038 R14: 00007f01a0ae5fa0 R15: 00007ffdbc64baa8
[  211.135556][T12694]  </TASK>
[  211.391331][T12696] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3511'.
[  211.433369][    C0] ==================================================================
[  211.441491][    C0] BUG: KCSAN: data-race in wq_worker_tick / wq_worker_tick
[  211.448707][    C0] 
[  211.451040][    C0] read-write to 0xffff8881012426b8 of 8 bytes by interrupt on cpu 1:
[  211.459109][    C0]  wq_worker_tick+0x60/0x230
[  211.463720][    C0]  sched_tick+0x11a/0x270
[  211.468064][    C0]  update_process_times+0x15f/0x190
[  211.473287][    C0]  tick_nohz_handler+0x249/0x2d0
[  211.478244][    C0]  __hrtimer_run_queues+0x20f/0x5a0
[  211.483465][    C0]  hrtimer_interrupt+0x21a/0x460
[  211.488418][    C0]  __sysvec_apic_timer_interrupt+0x5c/0x1d0
[  211.494354][    C0]  sysvec_apic_timer_interrupt+0x6f/0x80
[  211.500009][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  211.505996][    C0]  bpf_trace_run2+0x0/0x1c0
[  211.510579][    C0]  __traceiter_kfree+0x2e/0x50
[  211.515364][    C0]  kfree+0x27b/0x320
[  211.519278][    C0]  io_free_region+0xa3/0x160
[  211.523905][    C0]  io_ring_ctx_free+0x1ed/0x3a0
[  211.528774][    C0]  io_ring_exit_work+0x529/0x560
[  211.533731][    C0]  process_scheduled_works+0x4cb/0x9d0
[  211.539213][    C0]  worker_thread+0x582/0x770
[  211.543822][    C0]  kthread+0x489/0x510
[  211.547912][    C0]  ret_from_fork+0x11f/0x1b0
[  211.552520][    C0]  ret_from_fork_asm+0x1a/0x30
[  211.557320][    C0] 
[  211.559647][    C0] read-write to 0xffff8881012426b8 of 8 bytes by interrupt on cpu 0:
[  211.567727][    C0]  wq_worker_tick+0x60/0x230
[  211.572331][    C0]  sched_tick+0x11a/0x270
[  211.576696][    C0]  update_process_times+0x15f/0x190
[  211.581926][    C0]  tick_nohz_handler+0x249/0x2d0
[  211.586877][    C0]  __hrtimer_run_queues+0x20f/0x5a0
[  211.592099][    C0]  hrtimer_interrupt+0x21a/0x460
[  211.597051][    C0]  __sysvec_apic_timer_interrupt+0x5c/0x1d0
[  211.602981][    C0]  sysvec_apic_timer_interrupt+0x6f/0x80
[  211.608634][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  211.614640][    C0]  __tsan_memset+0x92/0x1f0
[  211.619162][    C0]  io_ring_exit_work+0x5f/0x560
[  211.624054][    C0]  process_scheduled_works+0x4cb/0x9d0
[  211.629536][    C0]  worker_thread+0x582/0x770
[  211.634151][    C0]  kthread+0x489/0x510
[  211.638233][    C0]  ret_from_fork+0x11f/0x1b0
[  211.642830][    C0]  ret_from_fork_asm+0x1a/0x30
[  211.647597][    C0] 
[  211.649919][    C0] value changed: 0x00000000000900b0 -> 0x00000000000927c0
[  211.657021][    C0] 
[  211.659346][    C0] Reported by Kernel Concurrency Sanitizer on:
[  211.665495][    C0] CPU: 0 UID: 0 PID: 7849 Comm: kworker/u8:29 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  211.675474][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  211.685533][    C0] Workqueue: iou_exit io_ring_exit_work
[  211.691087][    C0] ==================================================================
[  211.828329][    C0] vcan0: j1939_tp_rxtimer: 0xffff88811a3eb000: rx timeout, send abort
[  211.836612][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88811a3eb000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.