last executing test programs:

1.637148857s ago: executing program 4 (id=1691):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2, 0x0, 0x100}, 0x18)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x22102, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x2}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd24, 0x25dfdbff, {0x0, 0x0, 0x0, r6, {0x4, 0xa}, {}, {0xf, 0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x18, 0x2, [@TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x2}, @TCA_BPF_OPS={{0x6}, {0x4}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)

1.511566919s ago: executing program 4 (id=1698):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x1f00, 0xe, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="c0020000100063d10000000000000000fe8000000000000000000000000000bbfe8000000000000000000000000000aa0000000000000000000000003a000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc01000000000000000000000000000000000000330000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000b000000000000000000000000000000ffffffffffffffff000000000000000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001600000000020000000000000000000000bf010100636d61632861657329"], 0x2c0}, 0x1, 0x0, 0x0, 0x40000}, 0x4004)

1.43189823s ago: executing program 4 (id=1701):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000280)={0x1, 0x66c, 0x0, 'queue1\x00'})
poll(&(0x7f0000000100)=[{r0}], 0x1, 0x9d)
write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32={[0x2600]}}], 0xffc8) (fail_nth: 3)

1.226675213s ago: executing program 4 (id=1705):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a32000000002c0003800800014000000000180003801400010076657468315f00005f626f6e64000000080002400000000064000000160a0101000b000000000000010000000900020073797a32000000000900010073797a3000000000300003802c0003801400010067656e657665300000000000000000001400010076657468315f746f5f626f6e6400000008000740"], 0x104}}, 0x0) (async)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a32000000002c0003800800014000000000180003801400010076657468315f00005f626f6e64000000080002400000000064000000160a0101000b000000000000010000000900020073797a32000000000900010073797a3000000000300003802c0003801400010067656e657665300000000000000000001400010076657468315f746f5f626f6e6400000008000740"], 0x104}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r2}, 0x10)
syz_mount_image$vfat(&(0x7f0000000280), &(0x7f0000000500)='./file2\x00', 0x300001a, &(0x7f0000000a40)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c666d61736b3d30313737373737373737373737373737373737373737332c73686f72746e616d653d6c6f7765722c636865636b3d7374726963742c2c756e695f786c6174653d302c726f6469722c726f6469722c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c6e6f6e756d7461696c3d302c756e695f786c6174653d312c756e695f786c6174653d312c6572726f72733d636f6e74696e75652c74696d655f6f66667365743d3078303030303030303030303030303465302c757466383d302c0077b5b28056fc4549d277ed7fab6b0be29df17f888ccab55cccc917ad315c8ea56f5a89c104f92d058b92f5881e69e06002f5914c03fef3eb09121733eaf5ded73df976fbd4cfcb8b70b0bf44da1b46bc3935431d5e60a641f9e4ebbf71c77fc9a810ce726b8c6d6295a5f2e2b069b95ba8ecce52ded99b82923228c37d5e1ec11cdbcabb8a89cbf2cf2771d69e3cf0e6760094145e542e426bceaab9b2cf261046247bce0565db3ac5888b74efd48bc9f455e60f49496ca8137aba85fe39756814fda1f0624b33a2025792a477ccfff09befb1d0cf1599d272628028b9786e1fbfb3d637c2561421488c9de8d3739a94bf13ac582f6b67de0cad933631794271b2259fe5d73a74ad7da615c31505c7c0c168052d38e5b64c4bb7d0599e5dcf0000000000000000000000000000002790cf17418aa278cfc0c9d1c81c63e58b877706a4b7eed8a5aff253298db2939adc0efdab4745ab0e09ef8beaaf04e5374c2e7e4672e47fe5a25502919954242f8d779d84091f20646210edf871d3f20ad66fcf4b816323b8abb307381d4ada887dcc71e35f364baa1b93fd5ee36c02aa4628511442992ced893ab946472440b53fc08cc41403e167b1f2605e04d5f0c16ed49969b59d650d88642b10c7893fe9b664421a40f4822ffcc284dfe9aea76e4a04293c970f2dae776decf07b085e16511b0bd365b0f86c7fcd8df00a87f4dbbf8e623667e3b65e4c487055a2e5cd64402a4de537bf113fc7370099e4faebe6ea9d4f155f8f5f4c5f9b205ce1bbc8c0002a19457e05a210d9e9820bc7f318ebfdfcbe2f83150503b2076b7591149e6f426564f017ebe1f8253e880de2f63aff6ea337c137b607ffb0291b1223f578ec8b5a9568984ae47e157363144ea5ae13358e354cf1c896ddf139d580411f7676b8302974b5c65aec8de25c8f41a1459baeeb26d0ad35d101ec17dcca961fbae721d31bd58956c1d97c26e2926fe3ac0ce3f7ec46265a2df602d66bf5d34cd7f4097d6875640c0cc409408cbf931447c0ec0f15f5f4c359530d99275d78e68cc061f73375ffea29733d768484", @ANYRES16], 0xd, 0x2b8, &(0x7f0000000f80)="$eJzs3U9rI2UYAPBn8q9RDwniRREc0IOnsvXqpVFWEHtSIqgHDe4uSBIWdiFgBeOe9hN49Hv4Ebx48RsIXgVv7aEyMpmZJmmnoZSYQvf3Oz1933neeTJPSU558s2b0/GDx0k8O/kzut0kGodxGKdJ9KMRlZ+iFQDA3XGaZfFPdpPMVmP71QAAu1B8/hduuxYAYDc+++LLTwZHR/c/TdNuvN57PhsmETF9PhsW+4NH8V1M4mHci16cRWTnivijj4/uRyvN9eOd6Xw2zDOnX/9enj/4O2KRfxC96NfnH6SFlfz5bNiOlyONwaN2VWovXqvPf68mP4adePftlfr3oxd/fBuPYxIPIs9d5v94kKYfZj+f/PBVfps8P2nEcG9x3VLW3GVfAAAAAAAAAAAAAAAAAAAAAAC42/bTNCnG9yzm9+RL5fyd5tlifz+t9Nfn8xT5SXVQMR8oi3JEzzyLX6r5OvfSNM3KC5f5rXij5YcFAAAAAAAAAAAAAAAAAAAAIPf0++PxaDJ5+GQrQTUNoPpa/03POVxZeSuOx6Pm1QfurW69VP5Rf/LqtIG81o1lRKsVxUonLmy1I2JLT2wR5FVvqwXLYG/Z3M+jCKrGbPVer35QHHo8HqXlVvWQx6MkOtUDr0/vVj39dXWrc6GDyfmB1y0sW/xLnGXrPe2el7qe1dnS0+i8Urv1b5Zl1zvn/b+KHpUryWLExvXu3i6D2heYB93Lff/t6gOvfMto3vjNBgAAAAAAAAAAAAAAAAAA2Gj5pd+azWcbUxv/W1EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsGPL3/+vgm5ErK9cCuZl8qZryqATT57e8ksEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgBfBfAAAA//+AwkNX") (async)
syz_mount_image$vfat(&(0x7f0000000280), &(0x7f0000000500)='./file2\x00', 0x300001a, &(0x7f0000000a40)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c666d61736b3d30313737373737373737373737373737373737373737332c73686f72746e616d653d6c6f7765722c636865636b3d7374726963742c2c756e695f786c6174653d302c726f6469722c726f6469722c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c6e6f6e756d7461696c3d302c756e695f786c6174653d312c756e695f786c6174653d312c6572726f72733d636f6e74696e75652c74696d655f6f66667365743d3078303030303030303030303030303465302c757466383d302c0077b5b28056fc4549d277ed7fab6b0be29df17f888ccab55cccc917ad315c8ea56f5a89c104f92d058b92f5881e69e06002f5914c03fef3eb09121733eaf5ded73df976fbd4cfcb8b70b0bf44da1b46bc3935431d5e60a641f9e4ebbf71c77fc9a810ce726b8c6d6295a5f2e2b069b95ba8ecce52ded99b82923228c37d5e1ec11cdbcabb8a89cbf2cf2771d69e3cf0e6760094145e542e426bceaab9b2cf261046247bce0565db3ac5888b74efd48bc9f455e60f49496ca8137aba85fe39756814fda1f0624b33a2025792a477ccfff09befb1d0cf1599d272628028b9786e1fbfb3d637c2561421488c9de8d3739a94bf13ac582f6b67de0cad933631794271b2259fe5d73a74ad7da615c31505c7c0c168052d38e5b64c4bb7d0599e5dcf0000000000000000000000000000002790cf17418aa278cfc0c9d1c81c63e58b877706a4b7eed8a5aff253298db2939adc0efdab4745ab0e09ef8beaaf04e5374c2e7e4672e47fe5a25502919954242f8d779d84091f20646210edf871d3f20ad66fcf4b816323b8abb307381d4ada887dcc71e35f364baa1b93fd5ee36c02aa4628511442992ced893ab946472440b53fc08cc41403e167b1f2605e04d5f0c16ed49969b59d650d88642b10c7893fe9b664421a40f4822ffcc284dfe9aea76e4a04293c970f2dae776decf07b085e16511b0bd365b0f86c7fcd8df00a87f4dbbf8e623667e3b65e4c487055a2e5cd64402a4de537bf113fc7370099e4faebe6ea9d4f155f8f5f4c5f9b205ce1bbc8c0002a19457e05a210d9e9820bc7f318ebfdfcbe2f83150503b2076b7591149e6f426564f017ebe1f8253e880de2f63aff6ea337c137b607ffb0291b1223f578ec8b5a9568984ae47e157363144ea5ae13358e354cf1c896ddf139d580411f7676b8302974b5c65aec8de25c8f41a1459baeeb26d0ad35d101ec17dcca961fbae721d31bd58956c1d97c26e2926fe3ac0ce3f7ec46265a2df602d66bf5d34cd7f4097d6875640c0cc409408cbf931447c0ec0f15f5f4c359530d99275d78e68cc061f73375ffea29733d768484", @ANYRES16], 0xd, 0x2b8, &(0x7f0000000f80)="$eJzs3U9rI2UYAPBn8q9RDwniRREc0IOnsvXqpVFWEHtSIqgHDe4uSBIWdiFgBeOe9hN49Hv4Ebx48RsIXgVv7aEyMpmZJmmnoZSYQvf3Oz1933neeTJPSU558s2b0/GDx0k8O/kzut0kGodxGKdJ9KMRlZ+iFQDA3XGaZfFPdpPMVmP71QAAu1B8/hduuxYAYDc+++LLTwZHR/c/TdNuvN57PhsmETF9PhsW+4NH8V1M4mHci16cRWTnivijj4/uRyvN9eOd6Xw2zDOnX/9enj/4O2KRfxC96NfnH6SFlfz5bNiOlyONwaN2VWovXqvPf68mP4adePftlfr3oxd/fBuPYxIPIs9d5v94kKYfZj+f/PBVfps8P2nEcG9x3VLW3GVfAAAAAAAAAAAAAAAAAAAAAAC42/bTNCnG9yzm9+RL5fyd5tlifz+t9Nfn8xT5SXVQMR8oi3JEzzyLX6r5OvfSNM3KC5f5rXij5YcFAAAAAAAAAAAAAAAAAAAAIPf0++PxaDJ5+GQrQTUNoPpa/03POVxZeSuOx6Pm1QfurW69VP5Rf/LqtIG81o1lRKsVxUonLmy1I2JLT2wR5FVvqwXLYG/Z3M+jCKrGbPVer35QHHo8HqXlVvWQx6MkOtUDr0/vVj39dXWrc6GDyfmB1y0sW/xLnGXrPe2el7qe1dnS0+i8Urv1b5Zl1zvn/b+KHpUryWLExvXu3i6D2heYB93Lff/t6gOvfMto3vjNBgAAAAAAAAAAAAAAAAAA2Gj5pd+azWcbUxv/W1EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsGPL3/+vgm5ErK9cCuZl8qZryqATT57e8ksEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgBfBfAAAA//+AwkNX")
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
creat(0x0, 0x100) (async)
creat(0x0, 0x100)
symlink(&(0x7f0000000280)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f00000004c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') (async)
symlink(&(0x7f0000000280)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f00000004c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) (async)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000600)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffd59}, {{0x18, 0x1, 0x1, 0x0, r6}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x2d)
fsetxattr$security_evm(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) (async)
fsetxattr$security_evm(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3)
socket$inet6(0xa, 0x1, 0x0) (async)
r8 = socket$inet6(0xa, 0x1, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000003c0)={0x28, 0x0, 0x100, 0x70bd26, 0x25dfdbfb, {}, [@TIPC_NLA_MEDIA={0x14, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}]}, 0x28}}, 0x4804)
sendmsg$ETHTOOL_MSG_STRSET_GET(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000b80)={0x30, r10, 0x1, 0xce, 0x25dfdbfb, {}, [@ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}, @ETHTOOL_A_STRSET_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r8, 0x29, 0x23, &(0x7f0000000040)={{{@in=@rand_addr=0x64010100, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x4e23, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x1, 0x0, 0x0, 0x5, 0xfffffffffffffffa}, {}, 0x0, 0x0, 0x1}, {{@in=@empty, 0x0, 0x3c}, 0xa, @in6=@ipv4={'\x00', '\xff\xff', @local}, 0x3507, 0x4}}, 0xe8)

1.061630965s ago: executing program 4 (id=1706):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$getregs(0xc, r0, 0xffffffffffffdcaf, &(0x7f0000000040)=""/45)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x50)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = dup(r2)
ioctl$TCSETSF(r3, 0x5404, &(0x7f0000000040)={0x1856, 0x6d, 0x400, 0xfff, 0xb, "0e80706e6c06a79874342a0e0d13343972d01f"})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000400)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r6}, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r4)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000c80)={'ip6gre0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001240)=@newqdisc={0x45c, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x4000000, {0x0, 0x0, 0x0, r9, {0x0, 0x1}, {0xffff, 0xffff}, {0xc}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_RTAB={0x404, 0x2, [0x1, 0x0, 0x1fc, 0x0, 0xfffffc80, 0x0, 0x6, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8, 0x0, 0x20, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, 0x3f, 0x0, 0x0, 0x2, 0xffffffff, 0x2, 0xc00, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x1000, 0xfffffffc, 0x0, 0x0, 0x3ff, 0x9, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x272, 0xb, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xfffffffe, 0x0, 0x80007, 0x4, 0x0, 0x0, 0x0, 0x2, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xfffffffc, 0x3, 0x0, 0x0, 0x0, 0xb97, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3, 0x5e, 0xfffffffc, 0x8, 0x0, 0x0, 0x400000, 0x3, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x80003, 0x0, 0xffffffff, 0x1, 0x0, 0x9, 0x0, 0x0, 0x5, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x40000002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0xffffffff, 0xffff, 0x0, 0x0, 0xb3c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x2, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0xd79, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4, 0x7, 0x100, 0x0, 0x8, 0xfffffffd, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x6, 0x8, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd]}, @TCA_TBF_PARMS={0x28, 0x1, {{0x1, 0x0, 0x0, 0x4, 0x0, 0x6}, {0xff, 0x2, 0x0, 0x0, 0x0, 0x40000000}, 0x0, 0x7f}}]}}]}, 0x45c}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r7, @ANYBLOB='ya\x00\x00\x00\x00\x00\x00\x00\x00~'], 0x1c}, 0x1, 0x0, 0x0, 0x20000800}, 0x4000054)
r10 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000000, 0x110, r3, 0x8000000)
syz_io_uring_setup(0x6d0c, &(0x7f0000000340)={0x0, 0x0, 0x10100}, &(0x7f00000000c0), &(0x7f0000000140)=<r11=>0x0)
syz_io_uring_setup(0x1866, &(0x7f00000003c0), &(0x7f0000000040)=<r12=>0x0, &(0x7f0000000100))
syz_io_uring_submit(r12, r11, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54})
r13 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
syz_io_uring_submit(r10, r11, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x47, 0x0, 0x35, 0x0, &(0x7f00000005c0)="cb7cbd3a010b755db91c0ff397b5e629d0af1eeb63bcef94417b5687a85f4ac31465c2b6cb9ff7b14122f81d1747f5e02dfd90eb996f735a30291f3336080cc586faec4dfab0ea35d0d3935fab838045217fa81861b45a8d5f10b0d86d1edbc5d3ca06f8b085ceecfb05f70d2313ecb2982f8b1b8be7a0fc25e14226db8c9f9e3a57d62ad08717ba647de75101f17272b245e554b2a22a7b94dc3cba2298f25d0cc78a60522d4c722ff4b223b4e95baccc3c1ec8130ed412b7e4473ec61ca1db161acdb8a2823ac6f82e0c6fc7cbff762040054fdf75cc4ddd0eaeb4d3285806ce30fcbdaf5ed7c92c00", 0x8, 0x0, 0x1, {0x1, r13}})
write$UHID_INPUT(r3, &(0x7f0000001040)={0xd, {"a2e3ad21ed6b0af99cfbf4c007f70eb4d04fe7ff7fc6e5539b0872fc8b546a1b4d09940f08900c878f0e1ac6e7049b4cb4956c409b3c2a0867f3988f7ef319520100ffe8d178708c523c921b1b0f5a0a169b50d336cd3b78130daa61d8f809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae193973735b36d5b1b63e91c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca5b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b4124351601611c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1388dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44060bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb77ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e05130935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b3110b932a4d02da711b757fe43c06d21e35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc238a081ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed714887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee658e4cb5e930ed624806c43a006dc9336d07c2b8081c128ad2706f48261f7897084c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264d2700c838fa2c7b34252600c9654e502dcea39cb6bc3eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa70826ad01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1010}}, 0x1b7)
r14 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r14}, 0x10)
r15 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
syz_usb_disconnect(r15)

995.771516ms ago: executing program 0 (id=1709):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2, 0x0, 0x100}, 0x18)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x22102, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x2}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd24, 0x25dfdbff, {0x0, 0x0, 0x0, r6, {0x4, 0xa}, {}, {0xf, 0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x18, 0x2, [@TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x2}, @TCA_BPF_OPS={{0x6}, {0x4}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)

924.168327ms ago: executing program 0 (id=1711):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{0x1}, &(0x7f0000000040), &(0x7f0000000080)}, 0x20)
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000340)='./file1\x00', 0x1210010, &(0x7f0000000040)={[{@grpquota}]}, 0x41, 0xbac, &(0x7f00000017c0)="$eJzs3M1rXOUaAPDnnEy+c5v0crn3tggGpCqK07QpFbpqXYsKunDZmExKyPTDJIIJXaR1ry5EXBSkf4Lg3m5cCS7qQutfUMQiRTdtFyNnPtKxk5nGdGaOSX8/eHPe97wn8zxPTmfOe2BOA3hqTWc/0ohDEXE2iZis708jYqjaG4nYrB13/+7l+awlUam8/VsSSUTcu3t5vvFaSX07Xh+MRMTN15L490etcVfXN5bnyuXSSn18dO38paOr6xuvLJ2fO1c6V7pwYvbVE7MnZ2e7WOvtS+998cwPbzx/9frHM29+fuC7JE7HRH2uuY5umY7prb9Js0JEzHU7WE4G6vU015kUckwIAICO0qY13H9jMgbi4eJtMr79MdfkAAAAgK6oDERUAAAAgH0ucf8PAAAA+1zjewD37l6eb7R8v5HQX3fORMRUrf7G8821mUJsVrcjMRgRY78n0fxYa1L7tSc2nUX6+vtS1qJHzyF3snklIv6/3flPqvVPVZ/ibq0/jYiZLsSffmS8l+o/3YX4edcPwNPpxpnahaz1+pdurX9im+tfYZtr127kff1rrP/ut6z/HtY/0Gb999YOYxx+8NLNdnPN6793P/l5IYufbZ+oqL/hzpWIw4Xt6k+26k/a1H92hzHG529fazeX1Z/V22j9rr9yPeJIdTXXWn9D0un/Jzq6uFQuzdR+bvP66yc7x28+/1nL4jfuBfohO/9jsbvzf2mHMab+9+uhdnOPrz/9ZSh5p9obqu/5cG5tbeVYxFDyeuv+451zaRzTeI2s/hef6/z+367+7DNhs/53yP71XKlvs/HVR2KOHzn+1e7r762s/oVdnv9Pdxjjy2+uvd9uLu/6AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgb0oiYiCQtbvXTtFiMGI+I/8RYWr64uvby4sUPLixkcxFTMZguLpVLMxExWRsn2fhYtf9wfPyR8WxEHIyIzyZHq+Pi/MXyQt7FAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsGU8IiYiSYsRkUbEH5NpWizmnRUAAADQdVN5JwAAAAD0nPt/AAAA2P9a7v8LfxmN9DMXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9qWDz964lUTE5qnRassM1ecGc80M6LV0Z4eN9ToPoP8G8k4AyE2hqV+pVCo5pgL0mXt8IHnM/EjbmeGu5wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAP9cLh27cSiJi89RotWWG6nODuWYG9FqadwJAbgY6TSaP3QHsYYW8EwBy4x4fqK3sH1RqWudH2v7m8BNHBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDvmKi2JC1GRFrtp2mxGPGviJiKwWRxqVyaiYgDEfHT5OBwNj6Wd9IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB03er6xvJcuVxa0dHR6WJnNPoWa7T+Zm5zzHD7qQ6dnD+YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADIxer6xvJcuVxaWc07EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACBvq+sby3Plcmmlh528awQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID9/BgAA///GyAmy") (async)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x2c, 0x9, 0x6, 0x201, 0x0, 0x0, {0x7, 0x0, 0xffff}, [@IPSET_ATTR_DATA={0x4}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080) (async)
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000480)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa8, 0xa8, 0x7, [@struct={0x0, 0x0, 0x0, 0x4, 0x0, 0xffff}, @enum={0xf, 0x9, 0x0, 0x6, 0x4, [{0xd, 0x6}, {0x4, 0x80}, {0x6, 0x1ff}, {0xd, 0x3}, {0xc, 0x4}, {0x3, 0x1a}, {0xf, 0x401}, {0x4}, {0x3, 0x40}]}, @union={0x1, 0x5, 0x0, 0x5, 0x1, 0x809, [{0xc, 0x2, 0x7}, {0x7, 0x2, 0x1}, {0x9, 0x4, 0x8}, {0x8, 0x3, 0x2}, {0x8, 0x1, 0x8}]}]}, {0x0, [0x61, 0x2e, 0x2e, 0x0, 0x2e]}}, &(0x7f0000000640)=""/231, 0xc7, 0xe7, 0x1, 0xfffffffb, 0x0, @void, @value}, 0x28)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000780)={{}, &(0x7f00000005c0), 0x0}, 0x20) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000940)={0x18, 0x0, &(0x7f00000001c0), 0x0, 0x40, 0xb7, &(0x7f0000000340)=""/183, 0x41100, 0x4, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f00000002c0)={0x4, 0x8}, 0x8, 0x10, &(0x7f0000000400)={0x5, 0xb, 0x3, 0xdea1}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000007c0), 0x0, 0x10, 0x10, @void, @value}, 0x94)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
getsockopt$inet6_int(r0, 0x29, 0xb, &(0x7f0000000140), &(0x7f0000000180)=0x4)
ioctl$SIOCSIFMTU(r3, 0x8922, &(0x7f0000000440)={'syz_tun\x00', 0x101}) (async)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a181000b00000000010000000000000e000a000f000000028002002d1f", 0x2e}], 0x1}, 0x0)
close(r0)

898.880088ms ago: executing program 1 (id=1712):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x1f00, 0xe, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="c0020000100063d10000000000000000fe8000000000000000000000000000bbfe8000000000000000000000000000aa0000000000000000000000003a000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc01000000000000000000000000000000000000330000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000b000000000000000000000000000000ffffffffffffffff000000000000000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001600000000020000000000000000000000bf010100636d61632861657329"], 0x2c0}, 0x1, 0x0, 0x0, 0x40000}, 0x4004)

898.371188ms ago: executing program 1 (id=1713):
r0 = syz_open_dev$usbfs(&(0x7f0000000000), 0x81, 0x80042)
syz_emit_ethernet(0x56, &(0x7f0000000180)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x38}, @void, {@canfd={0xd, {{0x1, 0x1, 0x1, 0x1}, 0x34, 0x3, 0x0, 0x0, "4295c7aa9736a5424d0cefd86399f189aebd2b28d82f3acc7e7e55466e0652fd70a17b951ba69f2aa9d6b2d7c57907629d70ed565758bf5dadbb7366677855cf"}}}}, &(0x7f0000000140)={0x1, 0x3, [0xb57, 0xe4, 0xe06, 0xe]})
socket$inet6(0xa, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000d00000000080000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00', r1}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb011218"], &(0x7f0000001f00)=""/4096, 0x4e, 0x1000, 0x1, 0x0, 0x0, @void, @value}, 0x28)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000010b80)=@newtaction={0x60, 0x30, 0xb, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PROB={0xc, 0x3, {0x2, 0x1c3, 0x4}}, @TCA_GACT_PROB={0xc, 0x3, {0x2, 0x1459, 0x20000000}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x4004044}, 0x0)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000080)=@usbdevfs_driver={0xd8, 0xb, &(0x7f0000000200)="c58dbeda72951a7693e32752da4ddcf6c11d21ea9d6a9cb2a97b0f107569acd9d928df69a4cf868f47238ce593b4d1f678ed7375e79708b573e92bd925465724527443113b94710c579bd983eebdf51e28fef8fe9105f8055dc6e224a022bd209a95b8e7f8efdd4a2502730d44488302ffda08f9a0cea66cd5d5e07b9681029ecaa057b1b44b098cb7dc783c21caa41e87d0b54d72c9def1c41e0329ed4253425b542605744671ba10c3bffeab38977b93cbf6f2b8f17db0fb7ed6b190e27eac3985de2cb8e13df8fef00b94485300fde5e013f047d131ca3f3dbea66c02db1b133651ef6ad697c47686011d13a0faca6237a2fb8b23fc3f2ab3c5005ea7b9a35997d58851807183a2388a9b53fece9a37f91b813e50d600000000"})

851.507728ms ago: executing program 1 (id=1715):
r0 = perf_event_open$cgroup(&(0x7f0000000080)={0x4, 0x80, 0x2, 0x0, 0xfe, 0x1, 0x0, 0xcaf, 0x40, 0x8, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x2, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x7, 0x1, @perf_config_ext={0x3, 0xfffffffffffffffb}, 0x11010, 0x7, 0x2c, 0x9, 0xff, 0xfffffff4, 0xe, 0x0, 0x3a503509, 0x0, 0x9}, 0xffffffffffffffff, 0xd, 0xffffffffffffffff, 0x4)
perf_event_open(&(0x7f0000000140)={0x3, 0x80, 0x3c, 0x1, 0x0, 0x0, 0x0, 0x8, 0xdd18b, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x2, @perf_config_ext={0x1, 0x100000003}, 0x3323, 0x4, 0x3, 0x0, 0x9, 0x800001, 0xfff7, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r0, 0x0)
r1 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r1, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'vlan0\x00'})
sendmsg$rds(r1, &(0x7f0000000300)={&(0x7f0000000040)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x8004}, 0x0)

834.399139ms ago: executing program 1 (id=1716):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
syz_clone(0x2c9a4080, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
pwrite64(r1, 0x0, 0x0, 0x1)
r2 = memfd_create(&(0x7f00000001c0)='\x00\xc76\xbe\x91\x8d\x182)!\x9a%\xd9\x19\x17\xb0\xed|\xb3\xc2\x017h\xe9kL\xa2\xd28\xd6\x06\a\x0e\xfc\xfe\x12\x8f&\x13\xae%@T\xa3\xb0>\\\xec\xa9\xf9Q@6A\x10\x8cn|\x00\x00\x00\x00\x00\x00\x00\x00\xeb0\xdd\xe8\x87\x05=\xfb\x8b$\xdcQ\xee\xc5\x1f\x8bQ\xf7fo\"i\xa1hk\x1d\xf5z\xc1\x7f\xa4\\]\xc4\xbe3\xf9\xa8\t?:\xd8\xda\x84\xeepI[\x1c\x00\x00\x00\x00\xf9v\x00\x00\x00\x00\x00T\xb6\xbe\x0f~\xc0\x92\xe9O{\xa8\x81(\x01\x14\xfc\x83\xf9\xfb\x05\x94Tr@Lq]\xf9\x15zj\x87\xc4\x8e\xe8/\xb9-&R\x8e\xb2\xb3bBx\x1e1\x18\x8f2\xf7]#\xed,\xc7\x03\x00\x00\x00\xa3\xee\xcb\xaf\xb3\xe3\'}\x18\xe8O\xa8#K\xb6\xe4R$\xaa\x00U\x92\xd2\x99\xb8<X\xfa\xdd\x8a6\xa1\x82\xf7r\xd8z\x85\x8do\xa5\xed\xd4\xbc8\xfb\x16\x8e\x8b-W\xd4\xc9\xbc\x94CR[Du8U^\xf2tl8\xfe\xd0\x94\xfe\xf5\x1c+\x00U\te\xfa6\xca\xb9\xb4Q\xd9\xee\r6\x861h{\xc7z\'F\xc7\x91\x06x\xe1`\xf1:\xbd+\xd5\f\xb2\xce\xa4\x06\x90\x90\x9b\x1d\xcaa\xf7\x8f\x9e\x80\x93\xafT\xdfl\xec\xc6\x8e\x96', 0x5)
fsetxattr$security_selinux(r2, &(0x7f0000000480), &(0x7f0000000680)='system_u:object_r:hwdata_t:s0\x00', 0x1e, 0x3)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000001cc0)={0x15c, 0x28, 0x1, 0x4, 0x25dfdbfc, "", [@nested={0x14a, 0xf2, 0x0, 0x1, [@typed={0x8, 0x18, 0x0, 0x0, @fd=r3}, @typed={0x14, 0x2001, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x2d}}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82", @generic="3007a701fcddd817dafd771dac9cdc6a376312269f2d7531179bcd05fbbea5ff1649ffeb16c219dd0fdba4544ec0c2e61ced1487dcc1d8972066a2a9e3d4aae75998ea4cd249eba5cea792981a72"]}]}, 0x15c}], 0x1, 0x0, 0x0, 0x1}, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='mm_page_free\x00', r4, 0x0, 0xfffffffff7fffffc}, 0xc)
rt_sigtimedwait(&(0x7f0000000000)={[0x7]}, &(0x7f00000002c0), &(0x7f0000000380), 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xb7, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000380), 0x1, r5}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x8, 0xd, &(0x7f0000000500)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x40, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x8, 0xd, &(0x7f0000000500)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x40, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r6, 0x0, 0x2}, 0x18) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r6, 0x0, 0x2}, 0x18)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0) (async)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
r7 = openat$full(0xffffffffffffff9c, &(0x7f00000003c0), 0x10d240, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r7, 0x6, 0x13, &(0x7f0000000400), 0x4)
futex(0x0, 0x3, 0x0, &(0x7f0000fd7ff0), 0x0, 0xfffffffd) (async)
futex(0x0, 0x3, 0x0, &(0x7f0000fd7ff0), 0x0, 0xfffffffd)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0) (async)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r7)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r8, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000006c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r9, @ANYBLOB='ya\x00\x00\x00\x00\x00\x00\x00\x00~\x00', @ANYRES32=0x0, @ANYBLOB="eceb2950b9e61b0edad00be07bbca19e613b48379d2f60218aadf62b1141c1f6535ea7e7eea9ada9c4c7dc7afc977d96c6c26026242ab806cfc4995ba0ddb27119e07b3b82e8182f3d3e83374e027a915028ffb634b2becaa23ee6ef1cb91f0bb2bd49628f6390a754dbaf650e6141efd48b664941ea610b"], 0x1c}}, 0x4000054) (async)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r8, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000006c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r9, @ANYBLOB='ya\x00\x00\x00\x00\x00\x00\x00\x00~\x00', @ANYRES32=0x0, @ANYBLOB="eceb2950b9e61b0edad00be07bbca19e613b48379d2f60218aadf62b1141c1f6535ea7e7eea9ada9c4c7dc7afc977d96c6c26026242ab806cfc4995ba0ddb27119e07b3b82e8182f3d3e83374e027a915028ffb634b2becaa23ee6ef1cb91f0bb2bd49628f6390a754dbaf650e6141efd48b664941ea610b"], 0x1c}}, 0x4000054)

829.003698ms ago: executing program 0 (id=1717):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x8000d8, &(0x7f0000000180), 0x1, 0x5b2, &(0x7f0000001140)="$eJzs3U1oXNUeAPD/nck0/chr+uA9eO/RRXkKFUonST+0umq3YqHQheCmhsk0hEwyITPRJmSR7ovYhah0U3e6cKm4cCFuBDdu3SiuhWKDQtNFHZmvtE1m0kntZNLM7wc3ueecm/n/z70594t7mQD61rHqj1TEfyPiUhIx/EjbQDQaj9WXW1tdzt1fXc4lUalc/i2JJCLurS7nmssnjd+HImIlIv4TEd9mIk6kNsctLS5NjxcK+flGeaQ8MzdSWlw6OTUzPpmfzM+efuXVs+fOnB07NdY++cz2+nrj55vv3fjh9ds3P/v86Erug/EkzsdQo+3RfjxL9XWSifMb6s90I1gPJb1OgKeSbozz6lD6dwxHujHqW6kM72hqQJdVBiMq25GsbGtxYDdLtjf+gT2jeR5Qvf5tTo+dIKS7e/5x50L9AqQad60x1VsG6vcmYn/t2uTg78ljVybV680j3U2NPrByPSJGBwY2//8njf+/pzf6LBKkq765UN9Qm7d/an3/Ey32P0PNe6d/U3P/t7Zp//cwfrrN/u9ShzEevPXLx23jX4/4X8v4yXr8pEX8VES83WH8W29+da5dW+WTiOPROn5TsvX94ZGrU4X8aP1nyxhfHz/62lb9P9gmfv2e7f7aYabV+p/rsP9ffvfF/1e2iP/SC1tv/1br/0BEvN9h/H/e+/SNdm13rid3q2cB293+1brbHcZ/+fyxn9o0HejwIwAAAAAAAAAAgBZStWfZklR2fT6Vymbr7/D+Kw6mCsVS+cTV4sLsRP2ZtyORSTWftBqul5NqeazxPG6zfGpD+XTzOeL0gVo5mysWJnrcdwAAAAAAAAAAAAAAAAAAANgtDm14//+PdO39/41fVw3sVe2/8hvY64x/6F+Pj/8kYrBnqQA7zPEf+lbF+If+ZfxD/9p6/D+oVCo7lgqwwxz/oX91Nv73dT0PYOdt5/hfGO5iIsCOc/4PAAAAAAAAAAAAAAAAAAAAAAAAAABdcenixepUub+6nKuWJwYWF6aL75ycyJemszMLuWyuOD+XnSwWJwv5bK4486TPKxSLc6Mxu3BtpJwvlUdKi0tXZooLs+UrUzPjk/kr+cyO9AoAAAAAAAAAAAAAAAAAAACeL0O1KUllIyJVm0+lstmIf0TEkcgkV6cK+dGIOBwRP6Yzg9XyWK+TBgAAAAAAAAAAAAAAAAAAgD2mtLg0PV4o5Of7ZGZgU8337ReOiJVnm0b1E5+48GBj2zRrMo3yblmHz9vM4a2XSUfPM9yNMz3cKQEAAAAAAAAAAAAAAAAAQJ96+NJvp3/xZ3cTAgAAAAAAAAAAAAAAAAAAgL6U+jWJiOp0fPjFoY2t+5K1dO13RLx76/KH18bL5fmxav3d9fryR436U73IH+hUkkRUx2lzHAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPlRaXpscLhfx8F2d63UcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAp/FXAAAA///uotYk")
r1 = open(&(0x7f0000000000)='./file1\x00', 0x145142, 0x0)
sendfile(r1, r1, 0x0, 0x800000009)

765.320779ms ago: executing program 3 (id=1718):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r0}, 0x18)
r1 = socket(0x10, 0x803, 0x0)
sendto(r1, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r3 = getpid()
r4 = socket$key(0xf, 0x3, 0x2)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
sendmsg$key(r4, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000440)=ANY=[@ANYBLOB="020300030c00000000070000000000000200090008000000e90000000000000003000600000000000200000000000000000000000000000002000100000000004700000d00000000030005000000000002"], 0x60}, 0x1, 0x7}, 0x0)
r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
lsetxattr$security_capability(&(0x7f0000000340)='./file0\x00', &(0x7f0000000480), &(0x7f0000000580)=@v2={0x2000000, [{0xdc}, {0x80000000, 0x101}]}, 0x14, 0x3)
sendmsg$DEVLINK_CMD_RELOAD(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010026bd700000000001250000010e0001006e657464657673696d0000000f0002006e65746465762ae805cfd0", @ANYRES32=r3, @ANYBLOB], 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x0)
perf_event_open(&(0x7f0000000680)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x401, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x1, @perf_config_ext={0xf60, 0x100000001}, 0x1100, 0x5dd8, 0x3a65, 0x5, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x2000000005}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)=ANY=[@ANYBLOB="14000000100001000000001e000000000000000a68000000060a0b040000000000000000020000003c00048014000180090001006c6173740000000004000280240001800a0001807265646972000000140002800800034000000028080001400000001d0900010073797a30000000000900020073797a32"], 0x90}}, 0x4000)

765.086199ms ago: executing program 0 (id=1719):
syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000000240)='./file0\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYRES16=0x0], 0x1, 0x1f8, &(0x7f0000000600)="$eJzs2rtqHFccBvAzihTd0CWEJEhNDkmKpBkilSGFRJAgZCEh0QZsg9EIrexl17tiZ4td42JrV34E18alO4PRC+gdXLgTBtmVKo+x19bFyOALuoB+v2Y++Bg4hwOHf3F2fr9zo7aRpxtZOwwkSRhYCL2wl4TpMBDe6oVffvrt2e3/Ll3+a7FUWvo3xuXFlbn5GOPk94+u3Lr/w1Z7/P8Hkw+Hw/b01Z3d+Sfb327P7LxYuV7NYzWPjWY7ZnGt2Wxna/VKXK/mtTTGf+qVLK/EaiOvtI70G/Xm5mY3Zo31ibHNViXPY9boxlqlG9vN2G51Y3YtqzZimqZxYizwOcr39ooi7BZDq6EoitG7YXwrTDwOUyH5KiZfLyTfrCbf9ZKZ3aKYOuulciKc/8V26FIfCeFpr1PulPvffr/8Z2np1/ja9MFfzzud8hf7/Vy/j0f74TD2pp8/th8JP//Y7191f/xdeqefDesnv30AgAsnjfuOne/S9H19Px2aDw/Nb1+GTnkwzA6e2jb4RHn3Zi2r1ystQbjAYSiEcA6WcY7CWd9MnIaDQz/rlQAAAAAAAAAAAPAxTuTx4GgIoeVlGQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GFeBgAA//9DH3N+")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10)

759.671879ms ago: executing program 0 (id=1720):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000100)={0xa, 0xffff, 0x0, @rand_addr, 0x7}, 0x1c)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f00000012c0)={@in6={{0xa, 0x4e24, 0x0, @dev={0xfe, 0x80, '\x00', 0x43}}}, 0x0, 0x0, 0x3, 0x0, "0c9e089c1b4a04000bde79f0613be7fa187eb46c2d996aff287154e786455261c425a7519cc275d04e6205abd307a0c4fa3838bb399ad5bd2ff21907c7988d1300000000000000000000000400"}, 0xd8)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r3, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r4, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r6, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r7, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100080c10000000000000000000", 0x58}], 0x1)
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000180))
syz_genetlink_get_family_id$nl80211(0x0, r7)

708.05339ms ago: executing program 1 (id=1721):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vxcan1\x00', <r1=>0x0})
r2 = syz_io_uring_setup(0x1104, &(0x7f0000000300)={0x0, 0x0, 0x80, 0x0, 0x21e}, &(0x7f00000003c0)=<r3=>0x0, &(0x7f0000000040))
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000017000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kmem_cache_free\x00', r6}, 0x18)
kexec_load(0xf5, 0x1, &(0x7f0000000b80)=[{0x0, 0x0, 0x0, 0x1000}], 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000001c0)=ANY=[@ANYBLOB="380000005600010000000000000000000700c6c9", @ANYRES32=r7, @ANYBLOB="20000180"], 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='sched_switch\x00', r8}, 0x10)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0, 0x2}, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r9 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r9, 0x0)
ioctl$FIDEDUPERANGE(r9, 0xc0189436, &(0x7f0000000100)={0x437, 0xfffffffffffff846})
getsockopt$bt_l2cap_L2CAP_LM(r9, 0x6, 0x3, &(0x7f0000000280), &(0x7f00000002c0)=0x4)
io_uring_enter(r2, 0x47fa, 0x0, 0x0, 0x0, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f0000000200)=[{0x0}, {&(0x7f0000000400)=""/4096, 0x1000}], 0x2)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$can_bcm(r0, &(0x7f00000000c0)={0x1d, r1}, 0x10)
sendmsg$can_bcm(r0, &(0x7f0000003f40)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000002080)=ANY=[@ANYBLOB="01000000290b0000ffffffff00000000", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0xea60, @ANYBLOB="000000000100000000000000270200005c91440132bb112240fcbcc3fa9d0431575f8614d3538ce09c50eecd6ac579e8e83b944b666113f3afed71231e6653a13532f1"], 0x80}}, 0x0)

690.14948ms ago: executing program 0 (id=1722):
connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback, 0x26}, 0x1c)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000040), 0x81, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000580)=ANY=[@ANYBLOB="180800006c00000018110000d962706a5ed4055333a1d8c1a1e655fe944f416410af8ce77d9a8aafad5b0774a0c07acca1845b31d15a6f0ebd630447d18fdef678993aa4575a471ecd5df1ec5df2914a7622ad76cf16eb1fb079897ecfbf98dd657790d8e5c3e0f090783e64f4488afa3b6c6b7957f250de4c67bb4bbf2f5a0e2cac67a3d403363053c6873a997b157b8685538892c04273a290a86e7ed6201419a8a4e859ff41722c1e6fecb644f44d8956aa0fc0b31a91a4a82621acfd78f6e77fd5ba153708511907d04128c88771683d06e9312d", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$inet6(0xa, 0x1, 0x8010000000000084)
sendmsg$inet6(r2, &(0x7f0000000380)={&(0x7f0000000180)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c, &(0x7f0000000340)=[{&(0x7f0000000480)='y', 0x1}], 0x1}, 0x0)
shutdown(r2, 0x1)
listen(r2, 0xffffffff)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000001100)=[{0x6, 0x0, 0x0, 0x1}]})
pipe2$9p(&(0x7f0000000240)={<r3=>0xffffffffffffffff}, 0x0)
dup(r3)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r4, 0x84, 0x1, &(0x7f0000000040)={0x0, 0x8, 0x2, 0x0, 0xf, 0x6}, &(0x7f0000001080)=0x14)

619.774251ms ago: executing program 3 (id=1723):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000140)={0x0, 0x2, &(0x7f0000000100)=[{&(0x7f0000000180)="5c00000013006bcd9e3fe3dc4e48aa31086b8703410000004000000000000000040014000d000a00100000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0) (fail_nth: 11)

228.169467ms ago: executing program 3 (id=1724):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x1f00, 0xe, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="c0020000100063d10000000000000000fe8000000000000000000000000000bbfe8000000000000000000000000000aa0000000000000000000000003a000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc01000000000000000000000000000000000000330000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000b000000000000000000000000000000ffffffffffffffff000000000000000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001600000000020000000000000000000000bf010100636d61632861657329"], 0x2c0}, 0x1, 0x0, 0x0, 0x40000}, 0x4004)

218.134277ms ago: executing program 2 (id=1725):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1, 0x0, 0x100}, 0x18)
r2 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000080)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$restrict_keyring(0x1d, r2, 0x0, 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r2, &(0x7f0000000040)='asymmetric\x00', &(0x7f0000000000)=@chain)

209.707367ms ago: executing program 3 (id=1726):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$tipc(r0, &(0x7f00000003c0)={&(0x7f0000000180), 0x10, &(0x7f0000000380)=[{&(0x7f0000000480)="c3e972bd85a6d84136d6dd55048d3593a74f338ce6772ab9a6f64041c2f6fbbecdc08ebcd3192b6a53662dae7c8e9c665e80a5d0925f728dcac30c29793992e588952653d414cb8ccdabc38767fee819ec5af0c5ee936880fe8549b4ed347779cab4ffd4e0b62c53a1c01db28f2b3f91c34211c9353bc1dece61511917c2245fd66cb8dffeacb4d46d627c97b498bf1ff6b313bfbc9765457c831771d5eec7997ec242e4505f01c1bb3e069b2e630f42a2be86598a61", 0x64}, {&(0x7f0000000300)='V', 0x1}, {&(0x7f0000001600)="3eed50d0125719a810f88e3f47186fe4dae74182dfd109a2587c4797410c9b8e39bd3d9aa144d5908647c30c8db69b5c17084c9b1bfbb8680737c4f88abcdbc7d294d72ab1b344270915df9ddf5635644c351c22b29d948ac4106bce7107570beed63077cfbc98ef71699eae65d37724d995b553e7a3ade619b522313ab382caf879feb48942878e605ee3ee2872794e3abe22a3f025068b628a5d92468092a5cc649bbbd978b5772e537939432a502122235ced312dafd108c9ffeb0b38cc16da9418ca01d485a6afb5827da4df6e1121ec307de14bb32b6a977608e4576a998182dd93d592ff43e55bfdbbce23ecd501e43b3e93ef8d9d01711dff54c301e299d3801a3cffe6c9883fbd0e47124dc02569f62d48b878fcb58ce99fcffcd2a5166eff3ad93cf1d137274993d86a3b3730d63ded759f6ca88fa449e5575b15321e5a58a1f888eed7466db4976ce35f6d2efb5ad05d99a66482dc607cb5acb24d326803bd337519cc98103f59c63b5962cd72e4497d1b00817d6e09de70270a09b493c2226617b1c9ef9d506be00d6e07f14633a966f04ecca90fb8d2b963ad6f3817935bd6534fa3da1c5dc468789cbf1192f3c0bff3777f1edd2ada5d35f88f12f29e952c44445ce623509d66811c80a9e0f13ad85aba37d86ff0da4dda601d9e8acb264233bc939fb056316612cff687d5c44157be05bcc88b333ff2a40041d98f1acfe6e2231a84e09bd7a54a0442cf87ce3ee8fd8da39da1862862ae40fc3cb3055c8b70e62f243850707341f51426bb3e71c7a4fffefab060db786000618b05eb087a424a2f30f6a232ff44b605f70ceec0a8f70e37907f6e0bbba21e9d5b7ecb6d287742b75c101ba79525918c3473eae38f3c177249dfa8816661c9921f0b0c858d53ab87c8407b97950c842111002edd1d1e80b801b495da28bcd5409bc971e55dab1857e188ac9728efc8f9a4543945f86ade13b445eacecbbf848a96410ac37c57e3e9e8bc8b8fadd559d225c7468639da2b5d1208558b51e94c14faa7947a7c60e81a96bb5d194cc7289adbc02ebb4b49be1f1efc429db2f9b79b5a22919dba0c35341042c5776942c52365367c4bfc95b42be383cca7107161ded7e851d0126da33d581f1e2b08d0c061e86d31e7a83f9b51c79b4034c7deda7697034e1404c6e8e459f76c2efe64350146c7437ef808e04ca14df5f6f500264fd977272bbf8fc096774e8eb61d0963430751ac1425a073f84346b0eba368cba7fa34adc420800d4f99927280eba199f9695cf88124fafc3a2b1226d2f2ab3ea27c69a127650cf5c725b54c02bd8729033cf699ce7f030f9a3442056244da3cfb61a8126dba11377624f39eb009242152fd7b8b88de7dd86057f29bfcb7b7df0e65e7e9ac9eeaa41afa62743698bff03d5b2d51fb6bca2d92294e8e177cfa3661b26f1c040e9bed983b7bc0aa154eb9c92e4ee25091318c53113a1c23ac62d2d71504cba99041f29a4f332133292cf20abec9222a2acca57cac48fa6c0668ee5eecb494741a64d33b011dcca74696d4614c5b45a5d20983b1708d365ed3ffa60f9161972a611c22642c3c259b41f943f6d7a8b60f284d325e38fe76f0645e069ff70cae38850ccf973193b6232c987df26239a574691f7f07fffa6deae1eb0324fe546573c36f2a2c31cd442517a9b036ae6a2a491e7343864693c107a5dc2585820863c146c1ba6caa4fea9b87d567716f4c8ca1a9d2848055cd750512d3b7415d090019dc8a04a1a1d28931093cd8f00e94c407ca1fa2a5ce903d9df26e008c07cd13afa783220e1bd5e6b60645f3dbb6ecb4156fedafa2dd25498c6a99d94f0b38125ea7741b75109dcac9f80635f79f5c8a0483bb9f05a3a5bf721c7541edb252449f8b13e63c370a6146332f03ca1f1b6fe0bed984f13744bb7fa0fe322e83ddf9ffb2083e94f33604a0a199220c450dad94bf154805e7f9e4350ca2d81adf2978c87dcc8a8a7d56297ec124bfef0d28f35777205e973272c87e01070f14f5b14daa3b5104d9ff6b296c4f16ed49eb42d35e7ba3bccb7a26c33a263df88aadd596e9d9de0abbd4d449df11081f2cd62e1d8962b9b9feb25a3b8e03537d61a61c11ac22b7211d12c84e60a6abcc219e558b2513d8c530b3c7a57cdc47de545aafbb2a13c0e6c75b1b92fa241c713c83a09c92b2b61d565120372a9143415583c9596f27a663d4967cd653b08cebd6cb96c1f0dc80d57267ac9a8281d7149bde880828ee27d69a6818db58320db29d1b044eaf6ab8a5108bc522de406990b5393b1f7e7bab71bf6cf8eed1cd59c7607d662e8b313f5c4fce0f59b1027371381011b63dd5b2b09739082c0d62ffad96e30153a395234937d377c32fe7af82aca3a19d0ebc4a5c5fb5ff190f14d5695c703b571fb4bf03756635cafc6cf6267eab836c347a9d07e8089fc105346934cf3364e5be370b3c42b94bc5ae3d17a817398566a2953251eb91697d67278145df9a4b917bcca1bf211780b22f4caacfcb7604c84f943d05f6fdf8edbd258d7d8dbf84f9d99e57472c5b1c2337d749a1f345e662e2536d23c7a63bbbbf00f8b5b0a2106a0342ab27b9a10b82e82668cd49e0cbb09d7be0217645f1dda3be59c8232fa290d34791cda52aa5b5cec6339ab96a2eb3f5328cc7c0e6717c2824344547a2ed518f6b2b4e4fe5b684596aa6a9d3988fc5d5ff4cb46cec99d951b8386b10949a163af974b7543df97b4882a4ed60e927a1deb67c5f814235bef65fea79a2c712815be7403c93a3707fb90d4604ec3a6a3b0928f253f6ab6bd56c958e026c8c58172c4ac2a3efe2ecd5cea70c8313f9ac2d638bc296ba99e2ca86d2fd06b5402cdcddc3f3c9845d5ae77f6f36963b91e8f6cdccd17abe8d40ed02463af4bb0e496344f350097f1cc13313fa1e172b63556ed2b8a8121c01a5fb343ff7767821626fc49b0d6bd522e1c9bf137d5a5bccb4bc8dbb64c83a82ef6c2894f3896c9f6bf0c3764011d53eeb6db9ea9dae22d3ebcca4942d5828c0bca0d9ea37701d5a06c066ac4fe318e11e9c0d6c658ac810fb5d7836cfffe4ccbb0934e5567d74695980a156d4bf1c18861c5a29ccd349999dc20562d00e1f6c1851ae563541086438d60b975c8ceb466414ff60efa0b2dee790fd0659ffa98b92414c13d5a6825368f56c4984412205041cd8e006c7127d4395ecdffb5addf80ef938ce54a367154c4fc286d5f969325c12b13655a9a956dd3b98281f537e837669fc55d8930676e807aa8cd046e0f4583d59f86cb99f3f7a7ddde1fb39111fdec7677d2fee4b8f4814a5def5ebcc67c653384ce80eaffd880405f7edf8fd3ea049f040595df4a75e2f892e7a85e0ba351fb8d263bfff7168bb85017b360fcd2ba89346682a6ea7ccc46afbdb5ab444e3f477238b2ab503bde914d3cf1789539cde9c0621152cd97bff9f235d88a1ef4ea4309db3a05d401af7fb82784b050ef529dab4f1f003eb29710a962f7538c521e617e2f0efac36182d09985e1d725cc38c3833a53742a02f76fb2854a9e45f0febacf3bda83f11183ef5b9fef02ebcdf56d4104b175bad937d8f61964f97d673577cdcbbb48d8eb62b063ee6563b9ff053719baff871bcd83822d865b2f7ef023076425ac5cd71b1f2309de0c6f14cc9c4d3e8fad945f756a7c8a084ea1bfdf5ac6e740043e7f7bdaca06774b084ae314c2636529d4fdcd965c7f8c07156572620b827d694efdc9d2bfc5aa9391220a83765f2c71fcd48d4acaed60afb53d1013fa3b15e948ec4159f7d130ef85b594018346e99034c18738285223ea53a6b1d5cf11a607de2e19608ba03ec970a915b773824261f3fc931dd6d3b934d89f07baf14776314c3eeb8cd0537ef5736f565fbd14e520d4ab2f77ed9597b76ff91f8d1f99ebd6e473efda7accb273975a06944d1037032129992b994ca791a09b4d83980a1e494b0f97098df5f6fb6bbb02722adb11dc319c565c2c363cbd19d9fb3efb4613b62d6584cd53f7bd80e3e89304f444ce9dd1835661e3bb4de02ccf568a2a5daaf0d56898d4286c3fb62e22af62d7ac318685834467f337561dde2e0c1e2827cdffcf42c17728ee64b3ff4ccc0227590badd0bd7e448b8cca0892d6a5e0130d2ac665f47c6b28daa101c1b319869bdd39fa924d6d9ba7d72feda5f21ac78641c7d4801d41c7879721b3be4dab40d9c4a78552440101f373489cc5240b0144a9ce32691a784b6dfe971a21bb5980ff67da2d1bb90b223c9e192a39c1aeadd1f5c790811079c0b51a97105c99b6f95d71bb3ea47c33d9dcb0a53c929c44499e184a3cd722c908d3b0d157e28ffdeb2ed7192e780d96a7a2f0fd5a87bdc973e049da0caf931f26f5a21813e2e602ceb2259997e0205ce48fd9424bd6d4d75dd4301f429ee30745cd839a40dbeab4c3db2f0f10bbaea071ca41d1392385681730a3678a5f60f604dbe19cb9d7dd234337e327451b8cc65394af399432ef7fc3765d055874ebdca14e5999292d6f72f31e92bacf25db5ef8f5212952c1910de06ddbe1687a0e1837922f2228289916ed3aeb7b9cc24da3ae47139e371930afa6d3573df6732c26c0c7ae06d9cedfa77160711bcb06e6553338deae4c5731cf53cc154113096d02f3036d7d9edfcdc331e4bb860c5208489212e904eab70e7f860b0379895cbdecbf7a0b7a25e5b853c7dbe08a4e296a30afec8cf5a9f6ea4aef32a508655d539a770b21e660c9ee1d7688c56abeb7cf1afccc8d59780cf26312589e0c8e1bc00ad7b1325cd9a5dd69246e0b33407c381ea09265154aec297e4ccdf9785a1042a83e77c13d4ce4360782f2428f9916b5cd123b089eb683d30c1e895b9944aa905a1a5b52301d8cc5e4741834ead6ebdb5dc05c9c49c5e883e99d40b9838037beaf876534d747856103e59caf6266fbbe760b6ef83d004634b74f14f8eb4aef93c4cc9cbbd78d83d532c70feef51ea3f170b25d81a6a9b074bfca7e9b3771bf83517e0dd9d0600f70b86b20f61fe36076f8bada334b2390fa954973bc901619a3cfd039349cb328625f495ab288dbdd6dbfd022c2a83f59e0b998619a12e35891b5ae9e83a71765507b4a571cd2241e5885c705244c1022688bef7c5065fbcf219fc01753adb611b3fbc09403dcb10a4f99d788667eff75fa27074ca8481a633530e26163ccf7dada049d23e717e067b6fa5b2f652bc50abda9e7ccdc5f2f3c35ecc2c4431c819c9691be4422e379750774e9f39dae06f26423c8a4278789c9f3111b43f6dd25b0ad47c4cc5fda3f3ed82079c9366e0adced883488f429c1d7e1b351fd0bb204dd7977ef224c4df6d7a5f7697bc6500a7d03a8a914154779fa7092bf1be6bad4092367ce5d295a5d5d0e7c469f372ca2011d612637025e89f178ae9ada0c5b73bcb7d7c034ff595263cd4216e3c76ba5f3d81932a088a90bf8043e877e299c670ef1622a098d5519d9adc4ee7d4cd00e5934a4375fa83fdb81214b892482b31bdde59a70aaf25cb7f417c3a2a91c4e54b48149f6c41d9d396ee6ff13e3028c64a7c9b1f2e7c6e67184a3d52d6f570db3d225c947423c4c6533f22df57d15c5e5a3183422bd378b06fe4732a9401dcb19840fb8fa5c50a0ff497fef362c507753e46b8881d3e767f3b1d893a3805941c94f2efa05ce34b9ea81d716984af6834230d4707a87089d40779503ee6a9bb245d7d997f14acb80e89731c042bbbbe3dcd05177b0ee0eec23455830ef5b65aca357f2b0b887e0b9821c0", 0x1000}, {&(0x7f0000000340)="b768eb20304f2fdc5a9694a4867840d93170ca1a86406f", 0xfffffec0}], 0x4, 0x0, 0x0, 0x8010}, 0x0)
dup2(r1, r0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x21, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000004b00)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000003600)=[{&(0x7f00000012c0)="23a0be3ec0d9edaccda531874ecf98434f3d10665f6e0346136984c1", 0x1c}, {&(0x7f0000001300)="11ca5641cbf9577fa297e890dc4746449416908fa7066d54ca4ed8fb87a71d621ef53449e793c55ba58eab20a5044fd1ec07cc77e4e3bf3b8da2812b8943441c0c565de0c5dbc8c8", 0x48}, {&(0x7f0000001380)="190be02b544a87c33aa4aaaaabfccb6154043a8b5a2ea95211900186170c7a4f2651d264466253c5f9851a58793efcaf45a2c0f7546bf143b9bff46892f86a3e98e625eabbd1043b1e15036c9cf221d620f792d835bcad5a583cdd666c527279ce68530f3e71f6c170d033e0eec71d019b7058f398e887abb014e1930ffe52fe9b32fb847022f7298ba564e6fabd049f56aefe1e966ab30d411e62a5394c8bc6146b171d44ce5dc32018a6b0e15828d2e6853b3b2fec4d21c718e79ee351a06755a9", 0xc2}, {&(0x7f0000002600)="10470710797af31b3d0e1e5d6a8a110e205161c15b63824b139de0005a20e847b94c122dc2e7ceb6cbb49a3cd7566f32646afcf8d0cb3d9bfa22e3f3a3b148e4accb61dbd45b1f206df5ef5ecee238f9ad262d5b27bb5f6f2713e32ab61fcdcd949020bd434e6d341036403f2a0b5cc7e9e844d55c10298560ce5d8e3c0e37bef92616615a210f7f7ca721b98c72f7aab70e88c58d58325a1ff932b22d00258d180f70e8ba83721d8ed0020f0bc7dd6e32405f7868e06723b9873060e832da96acd114c36f07649a874991352a6ca8f0924acc4cd614e536c4560f619189b067160a802b90652e801b008c76cda51deb8dba72d7e375fa898c82e53b9ea45afef85aa3c903d6565f0c3b435b3d721de214f9ec539ab6d809c3732701ccf70b329ffab7d433f8e539b415d8691f7ec0a685792600d9908c003e1984328027937f98c3d8ff3ee434c25dec1341fb03f95aaf030d2cd52cdbc2b85586cba51526cd0f3eb6d46195102abe000e6ad1d381ecc3c9d9075009aa12c3bc56e5447add48ceb55f29b91c4cb628e1fae7d1812a43145607db3d23e90bb73ec12d99b7c642327b492d7038032e26804d36edb95b54366a2101e9419b7f98ddf654e2700d40c2f83ae492c15aa62069cdd321df874588ef8ad3b8d79a5d05c6e1785a14277af5ce69e15043b0d8579a7606f469bf6d157163bc09f7d281f295cff4cadce38fe24e2a420bc363c2a68e1d5594923d4285a40bb7aa96e655b10ad67656c2e340da3e8592b780b1950e63c9d600eb8d76e5ac3cd537d93132c57a2a43803dc28e04489a3ea68a71e52811000a6ebc5680cdb98af1e6ddc88562c442bc5c61060aa1b61486a6c84719d0d6b3f155b723471e70001138e4e023c89f00698aba1a3b38d5f69bee1fc076c75df92e3cb3ac41b2cbad30f4f7b746d80bd49e981a65d70f7631db375c445601a69d8f0fd1b174695fd670e8d0a82b420aab0356ba86f0e4572865505676acb5d81d215f3e37f62807ce97f5bc47bb747df70ae1589d806c9e51e5f5c8561605277f6dea51bfdf887d93f63a829ecfd18a4da3071af7d77d86591d407b156052f5a5dbbba74a16d041c6932373e71c4ad7ef06886e29e9139a687abf0f306e9e423f01e2ffb2758ba78b5ba69db675eb1dc55b60b052a48065d8cc3b66594d3351f1f7e99e294f49761f7db3a114fe680e4c9faec8bb4fdb70838dc73d3cd5c1a61f7f2f7a441a048e0aae3c7fd10b8df8d77fe861e9c241d54533091e1e9439a00820e84a609fb55ed6d02c7b1ffe904b907955d03345058bcaec1528b91532eb4dd0a1917514db1ca20607131efcac877242a5359ec0b21f343806f9fb672b51747dd6d8a649b9bd5f796efb6939680cbd619c3c8706ac883087b341726f9c6f64c98b0c9cb2d7737a8e08ded30d55c6541925b194f25ad1aa042f3db1c5501fc03b5d626f2e429e87435fdbfaad3e4949874bc8e70d0e0a2659557e19088617ab10e50fb4b1d99e6d2052596c363480ba99150979a744f489db9f56750e106224b9c4201d6815e322e1c30de74ce20345bbd3cd2d0b9e74b92b411763bb8c8664e031eb0b41f3e6282d23ae92eddf981c764112ba1e598920c12fed15e06e56cfd76a76d7ce6f7dab7c0d3b50e40f63e489", 0x49c}], 0x4}}], 0x5, 0x200040d1)

195.156248ms ago: executing program 2 (id=1727):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000380)={0x2, 0x4e22, @empty}, 0x10)
listen(r0, 0x5)
syz_emit_ethernet(0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff0800450000280000000000069078000000000000000000004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5010000600000000"], 0x0)

160.000828ms ago: executing program 2 (id=1728):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r0, &(0x7f0000001e80)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x8c4}, 0x20000080)

159.436308ms ago: executing program 2 (id=1729):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWRULE={0x274, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x23c, 0x4, 0x0, 0x1, [{0x238, 0x1, 0x0, 0x1, @match={{0xa}, @val={0x228, 0x2, 0x0, 0x1, [@NFTA_MATCH_REV={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_MATCH_INFO={0x214, 0x3, "d67a8527f76ec1d39e537c4c3060c6a405106c72848aa8bcb429b3a20d532452032d5f166334739d1719a5778bd4f724ee4ca57f2527aeeb0c75755d68fc6fa55f4825682ee95e581039823e5963beedcf65b8b005623d90772b8b6ebd2498b0aff725a3eabb6c99cb2edfe10b9c33be8a971e08401bc0807e75a2ff376b7934473bc1f02bb512b77414daf260c9c7d4e1f0758b56ec5823892af310e6252fcfb1d9dbaddefdaa26f43f12f831fd221926d6536eeff641db46920ae0e48f3ff5de599714ba6510ce479d4116a519792281736f39c9fc0e10ef557392c43389271cebcf36543fcf6f83bf74b93ee4eb5e8c82e35bb4784cc1ed0ad291b16e8368487589f7590bf5896f340a36555a1cf69736da230a809176dbdfba3d47efb9a6932e5503d277532b7d4e6f7c7373a298e5843a9f74d5fd07fbc6ad22bc644ba9b3c94ec3c8f0b9321b16e5826b1f058f781760a5d4b6a8880202b41689139c37cd51f65a92d883f8901add03b650c9ec182fb565a4d657ebba9d6a5eb426b22d5933b72362e6ec327fb679aa8034b8b3b6680ad138be47652a3e77981187d2921cebfc1639aa280e3d38dba9b1af49ceded79c78a2d656b3a3e946e17e6257def6679f70f11aa01a2d906aecf4dbc7d1a332a8932ed719ce7eecb5450f494f944b3f6b637502ddba609c6e45dcfad1db7c7dda3e2c755ddcf27132985442e9b8df16f96c82e72e3e2491856d07756b9f"}, @NFTA_MATCH_NAME={0x8, 0x1, 'bpf\x00'}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_USERDATA={0x9, 0x7, 0x1, 0x0, "030780fd4c"}]}], {0x14}}, 0x29c}}, 0x4048010)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x81e00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
getrandom(0x0, 0x0, 0x0)
syz_create_resource$binfmt(0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xf, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x20000001}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r4}, 0x10)
r5 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r5, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
listen(r5, 0x0)
r6 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r6, &(0x7f0000002300)={&(0x7f0000000040)=@id={0x1e, 0x3, 0x3, {0x4e20, 0x3}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x44}, 0x4)
sendmsg$tipc(r6, &(0x7f00000002c0)={&(0x7f0000000080)=@nameseq={0x1e, 0x2, 0x0, {0x41}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x480c0}, 0x0)
accept4(r5, 0x0, 0x0, 0x400000000000000)
openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r7, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
syz_emit_ethernet(0xbe, &(0x7f00000001c0)={@link_local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty=0x18, @multicast1}, {0x0, 0x4e22, 0x9c, 0x0, @wg=@initiation={0x1, 0x4, "231a13bfc8f6ec21f7f8504768f76bdea360764eba696331f83b42bab8334dc5", "6c889f5bf54e3c3eded25dc9773c32cd9ec3709d0c17da07f98be2f339d8ba0d39b5a5003753a01f902e5c787b8b42bf", "7eb4561eaee554f9ffa51318b54b55f2182d61845a66feea84432571", {"0b84b0d4e26a8d831789e4e88d8287a8", "aab50f0eb8feed0c3d99e9a4ec20db64"}}}}}}}, 0x0)
r8 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r8, 0x84, 0x74, &(0x7f0000000200)={0x0, 0x0, 0x20}, &(0x7f0000002380)=0x18)
socket$packet(0x11, 0x2, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$packet(0x11, 0x3, 0x300)
socket$packet(0x11, 0xa, 0x300)

124.952889ms ago: executing program 2 (id=1730):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r1}, 0x18)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x8000d8, &(0x7f0000000180), 0x1, 0x5b2, &(0x7f0000001140)="$eJzs3U1oXNUeAPD/nck0/chr+uA9eO/RRXkKFUonST+0umq3YqHQheCmhsk0hEwyITPRJmSR7ovYhah0U3e6cKm4cCFuBDdu3SiuhWKDQtNFHZmvtE1m0kntZNLM7wc3ueecm/n/z70594t7mQD61rHqj1TEfyPiUhIx/EjbQDQaj9WXW1tdzt1fXc4lUalc/i2JJCLurS7nmssnjd+HImIlIv4TEd9mIk6kNsctLS5NjxcK+flGeaQ8MzdSWlw6OTUzPpmfzM+efuXVs+fOnB07NdY++cz2+nrj55vv3fjh9ds3P/v86Erug/EkzsdQo+3RfjxL9XWSifMb6s90I1gPJb1OgKeSbozz6lD6dwxHujHqW6kM72hqQJdVBiMq25GsbGtxYDdLtjf+gT2jeR5Qvf5tTo+dIKS7e/5x50L9AqQad60x1VsG6vcmYn/t2uTg78ljVybV680j3U2NPrByPSJGBwY2//8njf+/pzf6LBKkq765UN9Qm7d/an3/Ey32P0PNe6d/U3P/t7Zp//cwfrrN/u9ShzEevPXLx23jX4/4X8v4yXr8pEX8VES83WH8W29+da5dW+WTiOPROn5TsvX94ZGrU4X8aP1nyxhfHz/62lb9P9gmfv2e7f7aYabV+p/rsP9ffvfF/1e2iP/SC1tv/1br/0BEvN9h/H/e+/SNdm13rid3q2cB293+1brbHcZ/+fyxn9o0HejwIwAAAAAAAAAAgBZStWfZklR2fT6Vymbr7/D+Kw6mCsVS+cTV4sLsRP2ZtyORSTWftBqul5NqeazxPG6zfGpD+XTzOeL0gVo5mysWJnrcdwAAAAAAAAAAAAAAAAAAANgtDm14//+PdO39/41fVw3sVe2/8hvY64x/6F+Pj/8kYrBnqQA7zPEf+lbF+If+ZfxD/9p6/D+oVCo7lgqwwxz/oX91Nv73dT0PYOdt5/hfGO5iIsCOc/4PAAAAAAAAAAAAAAAAAAAAAAAAAABdcenixepUub+6nKuWJwYWF6aL75ycyJemszMLuWyuOD+XnSwWJwv5bK4486TPKxSLc6Mxu3BtpJwvlUdKi0tXZooLs+UrUzPjk/kr+cyO9AoAAAAAAAAAAAAAAAAAAACeL0O1KUllIyJVm0+lstmIf0TEkcgkV6cK+dGIOBwRP6Yzg9XyWK+TBgAAAAAAAAAAAAAAAAAAgD2mtLg0PV4o5Of7ZGZgU8337ReOiJVnm0b1E5+48GBj2zRrMo3yblmHz9vM4a2XSUfPM9yNMz3cKQEAAAAAAAAAAAAAAAAAQJ96+NJvp3/xZ3cTAgAAAAAAAAAAAAAAAAAAgL6U+jWJiOp0fPjFoY2t+5K1dO13RLx76/KH18bL5fmxav3d9fryR436U73IH+hUkkRUx2lzHAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPlRaXpscLhfx8F2d63UcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAp/FXAAAA///uotYk")
r2 = open(&(0x7f0000000000)='./file1\x00', 0x145142, 0x0)
sendfile(r2, r2, 0x0, 0x800000009)

99.037859ms ago: executing program 3 (id=1731):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x4004110)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x3)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000000080000000c000000ffbfffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r2}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000810018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='hrtimer_start\x00', r3}, 0x3d)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r4, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r4, &(0x7f0000000240)=':', 0x1, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x398, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000180)='yeah\x00', 0x5)
shutdown(r4, 0x1)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='hrtimer_start\x00', r5}, 0x3d)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000680)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r6}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101804bc9555e1affd5020000000900010001797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a300000000009000300737975320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x480d5}, 0x0)
r7 = socket(0x400000000010, 0x3, 0x0)
dup2(r7, r0)

42.62063ms ago: executing program 3 (id=1732):
syz_open_dev$loop(&(0x7f0000000040), 0x5, 0x4201)
socket$packet(0x11, 0x3, 0x300)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x18)
ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)

41.64414ms ago: executing program 4 (id=1733):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r0}, 0x18)
r1 = socket(0x10, 0x803, 0x0)
sendto(r1, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r3 = getpid()
r4 = socket$key(0xf, 0x3, 0x2)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
sendmsg$key(r4, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000440)=ANY=[@ANYBLOB="020300030c00000000070000000000000200090008000000e90000000000000003000600000000000200000000000000000000000000000002000100000000004700000d00000000030005000000000002"], 0x60}, 0x1, 0x7}, 0x0)
r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
lsetxattr$security_capability(&(0x7f0000000340)='./file0\x00', &(0x7f0000000480), &(0x7f0000000580)=@v2={0x2000000, [{0xdc}, {0x80000000, 0x101}]}, 0x14, 0x3)
sendmsg$DEVLINK_CMD_RELOAD(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010026bd700000000001250000010e0001006e657464657673696d0000000f0002006e65746465762ae805cfd0", @ANYRES32=r3, @ANYBLOB], 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x0)
perf_event_open(&(0x7f0000000680)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x401, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x1, @perf_config_ext={0xf60, 0x100000001}, 0x1100, 0x5dd8, 0x3a65, 0x5, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x2000000005}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)=ANY=[@ANYBLOB="14000000100001000000001e000000000000000a68000000060a0b040000000000000000020000003c00048014000180090001006c6173740000000004000280240001800a0001807265646972000000140002800800034000000028080001400000001d0900010073797a30000000000900020073797a32"], 0x90}}, 0x4000)

31.57203ms ago: executing program 1 (id=1734):
r0 = perf_event_open(&(0x7f0000000740)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, @perf_config_ext, 0x10000, 0x0, 0x2, 0x0, 0x88}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async, rerun: 64)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) (rerun: 64)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20) (async, rerun: 32)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (rerun: 32)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
socket$netlink(0x10, 0x3, 0x10) (async)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r3}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20) (async)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x0, &(0x7f0000000580), 0xfe, 0x507, &(0x7f0000001780)="$eJzs3c9vI1cdAPDvOL+cNG3S0gMgoEspLGi1TuJto6oHWE4IoUqIHkHahsQbRbHjKHZKE/aQ/g9IVOIER/4Azj1x54LgxqUckChEoM1KHIxmPMk6WXtjSGJH8ecjjea9N46/78Wa9+Kvd/0CGFm3IuIgIiYj4v2ImMvbk/yI++0jfdzjw0erR4ePVpNotd77R5JdT9ui42dSL+TPWYyIH30v4qfJs3Ebe/ubK9VqZaddnV5o1rYXGnv7dzdqK+uV9cpWuby8tLz49r23ypc21tdqk3npy5/+4eBbP0+7NZu3dI7jMrWHPnESJzUeET+4imBDMJaPZ3LYHeH/UoiIVyLi9ez+n4ux7NUEAG6yVmsuWnOddQDgpitkObCkUMpzAbNRKJRK7RzeqzFTqNYbzTsP67tba+1c2XxMFB5uVCuLea5wPiaStL6UlZ/Wy2fq9yLi5Yj4xdR0Vi+t1qtrw/zDBwBG2Atn1v9/T7XXfwDghisOuwMAwMBZ/wFg9Fj/AWD0WP8BYPQ8Xf/vD7UfAMDgeP8PAKPH+g8AI+WH776bHq2j/Puv1z7Y292sf3B3rdLYLNV2V0ur9Z3t0nq9vp59Z0/tvOer1uvbS2/G7ofz395uNBcae/sPavXdreaD7Hu9H1QmBjIqAOB5Xn7tkz8nEXHwznR2RMdeDtZquNkKw+4AMDRjw+4AMDR2+4LRdYH3+NIDcEN02aL3lGJETJ9tbLVaravrEnDFbn9B/h9GVUf+378ChhEj/w+jS/4fRlerlfS753/0+0AA4HqT4wd6fP7/Sn7+bf7hwE/Wzj7i46vsFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFxvx/v/lvK9wGejUCiVIl6MiPmYSB5uVCuLEfFSRPxpamIqrS8Nuc8AwEUV/pbk+3/dnntj9uzVyeTJVHaOiJ/96r1ffrjSbO78MW3/50l78+O8vTyM/gMA5zlep7Nzxxv5x4ePVo+PQfbn79+NiGI7/tHhZBydxB+P8excjImImPlXktfbko7cxUUcfBQRn+82/iRmsxxIe+fTs/HT2C8ONH7hVPxCdq19Tn8Xn7uEvsCo+SSdf+53u/8KcSs7d7//i9kMdXH5/Jc+1epRNgc+jX88/431mP9u9Rvjzd9/v12afvbaRxFfHI84jn3UMf8cx096xH+jz/h/+dJXXu91rfXriNvRPX5nrIVmbXuhsbd/d6O2sl5Zr2yVy8tLy4tv33urvJDlqBd6rwafvXPnpazQ5SHp+Gd6xC+eM/6v9zn+3/zn/R9/tce1NP43v9YtfiFefU78dE38Rp/xV2Z+V+x1LY2/1mP8573+d/qM/+lf95/ZNhwAGJ7G3v7mSrVa2Rlk4fgPiYEGVeivMJW/ONelP6cK17ZjmyvV7wwq1mT8Tz/Vap1u+Wy8r99hrxnjMrJuwHVwctNHxJNhdwYAAAAAAAAAAAAAAOjqSv+jUtIuDHuMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3Fz/DQAA//+sasqI") (async)
write$binfmt_script(0xffffffffffffffff, &(0x7f00000004c0), 0x208e24b)
r7 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[], 0x48)
sendmsg$nl_route_sched(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d}, 0x24}, 0x1, 0x0, 0x0, 0x8080}, 0x0) (async, rerun: 32)
r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50) (rerun: 32)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r8}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, 0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0) (async)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0) (async, rerun: 64)
sendmsg$NL80211_CMD_VENDOR(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="dfbf00000000000000006700000008000300", @ANYRES32=r5, @ANYBLOB="0800c300741300000800c4"], 0x30}, 0x1, 0x0, 0x0, 0x240408c3}, 0x0) (rerun: 64)

0s ago: executing program 2 (id=1735):
r0 = syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x400, &(0x7f0000000000), 0x1, 0x4bb, &(0x7f0000000580)="$eJzs3cuLXFUaAPCvqtLP9EweMwxJBiaBDGQepKsfDOmemcUMDMzMIjBMwI1CbLsrbUx1V9NVHdNNFh3dZeFCFAVx4d6/wI1ZGQVxrXtxIRGNLagglNxbVUm/KpaxUyV9fz+o9Dn33NR3Thff4da59/YNILNOJf/kIkYi4oOIONSobt3hVOPHxt3rs8krF/X6hc9z6X5JvbVr6/8djIj1iBiMiP//O+Kp3M641dW1KzPlcmm5WS/WFpaK1dW1s5cXZuZL86XF8alz09NTY5MT03s21psvPHPz/Fv/7X/z6+fv3H7xnbeTbo002zaPYy81ht4XRzZtOxARf38UwXqg0BzPUK87wkNJPr9fRcTpNP8PRSH9NIEsqNfr9e/qA+2a1+vAvpVPj4Fz+dGIaJTz/6qPNo7hfx3D+XKlWvvzpcrK4lzjWPlw9OUvXS6XxprfFQ5HXy6pj6fl+/WJbfXJiPQY+KXCUFofna2U57o71QHbHNyW/18V8vnRpBJ/6nXXgG7wlR+yS/5Ddsl/yC75D9kl/yG75D9kl/yH7JL/kF3yH7JL/kN2yX/IpP+dP5+86q373+eurq5cqVw9O5fMCQsrs6OzleWl0flKZT69Z2fhh96vXKksjf8lVq4Va6VqrVhdXbu4UFlZrF1M7+u/WOrryqiAThw5eeujXESs/3UofSX6m21yFfa3ej0Xvb4HGeiNQq8nIKBnLP1BdvmOD+zyJ3q3GGzXsLT3fQG6I9/rDgA9c+a483+QVdb/Ibus/0N2OcYHrP9D9lj/h+wa2fn8r/T5P7/Y9OyusYj4ZUR8WOgbaD3rC9gP8p/mmsf/Zw79fmR7a3/um/QUQX9EPPvahVeuzdRqy+PJ9i/uba+92tw+0Yv+A51q5WkrjwGA7Nq4e3229epm3M/+2bgIYWf8A821ycH0HOXwRm7LtQq5Pbp2Yf1GRBzbLX6u+bzzxpmP4Y3CjvhHmz9zjbdI+3sgfW56d+If3xT/d5vin/jJvxXIhlvJ/DO2W/7l05yOe/m3df4Z2aNrJ9rPf/l781+hzfx3ssMYT7/+3Cdt49+IOLFr/Fa8wTTW9vhJ3850GP/OE4/9pl1b/Y3G++wWvyUpFWsLS8Xq6trZ9O/IzZcWx6fOTU9PjU1OTBfTNepia6V6p78de//2g8Y/3CZ+u/H/o9mnP3Y4/m9/+97jpx4Q/w+nd//8j7aJnxj6EU/o/3Li4yfbtSXx59qMP78z/rvD0WqNmOwwfvXl/wx0uCsA0AXV1bUrM+VyaVlBQeEhCgM/j27seaHXMxPwqN1P+l73BAAAAAAAAAAAAOhUNy4n7vUYAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD2g+8DAAD//3bC1tg=")
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000100)={{}, {0x1, 0x4}}, 0x24, 0x0)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', 0x0, 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={0x1, <r1=>0xffffffffffffffff}, 0x4)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000240)={'syz_tun\x00', <r3=>0x0})
bind$packet(r2, &(0x7f0000000300)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @remote}, 0x14)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000300)={{0x1, 0x1, 0x18, <r4=>r0}, './file0\x00'})
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000380)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000340)={r6, 0x20, &(0x7f0000000100)={0x0, 0x0, <r7=>0x0, 0x0}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x5, 0xf, &(0x7f00000001c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8}, {}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, 0x0, 0x40, 0x0, 0x0, 0x41100, 0x3, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, r7, r5, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_INPUT(r8, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef41605b990d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a2790cbf3e1c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b5f5b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a", 0x1000}}, 0x1006)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x2000001, 0x10012, r8, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x5, 0x13, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x8a50}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}}, @func, @cb_func={0x18, 0x8, 0x4, 0x0, 0x6}]}, &(0x7f00000000c0)='GPL\x00', 0x2f, 0xe8, &(0x7f0000000200)=""/232, 0x0, 0x8, '\x00', r3, @fallback=0x33, r4, 0x8, &(0x7f0000000340)={0x2, 0x4}, 0x8, 0x10, &(0x7f0000000380)={0x5, 0xc, 0xfffff801, 0xfffffffd}, 0x10, r7, 0xffffffffffffffff, 0x1, &(0x7f00000003c0)=[0x1, r8], &(0x7f0000000400)=[{0x4, 0x1, 0x10, 0x1}], 0x10, 0x7e, @void, @value}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)

kernel console output (not intermixed with test programs):

de_prepare+0x27/0x60
[  120.371655][ T7256]  ? clear_bhb_loop+0x40/0x90
[  120.371680][ T7256]  ? clear_bhb_loop+0x40/0x90
[  120.371711][ T7256]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.371764][ T7256] RIP: 0033:0x7fced6fde929
[  120.371783][ T7256] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  120.371867][ T7256] RSP: 002b:00007fced5647038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  120.371886][ T7256] RAX: ffffffffffffffda RBX: 00007fced7205fa0 RCX: 00007fced6fde929
[  120.371898][ T7256] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  120.371910][ T7256] RBP: 00007fced5647090 R08: 0000000000000000 R09: 0000000000000000
[  120.371921][ T7256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  120.371933][ T7256] R13: 0000000000000000 R14: 00007fced7205fa0 R15: 00007ffc24d07818
[  120.372003][ T7256]  </TASK>
[  120.757774][ T7254] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  120.789784][ T7263] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1273'.
[  120.874894][ T7261] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  120.885447][ T7261] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  120.900195][ T7261] loop4: detected capacity change from 0 to 512
[  120.909018][ T7261] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  120.923908][ T7261] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e842e12c, mo2=0002]
[  120.943158][ T7261] System zones: 1-12
[  120.952986][ T7261] EXT4-fs (loop4): orphan cleanup on readonly fs
[  120.962824][ T7261] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1272: bg 0: block 361: padding at end of block bitmap is not set
[  120.979223][ T7261] EXT4-fs (loop4): Remounting filesystem read-only
[  120.986950][ T7261] EXT4-fs (loop4): 1 truncate cleaned up
[  120.994216][ T7261] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[  121.078207][ T7276] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1272'.
[  121.094209][ T7273] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  121.117740][ T7273] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1277'.
[  121.279600][ T7284] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1280'.
[  121.528473][ T7294] loop2: detected capacity change from 0 to 512
[  121.539354][ T7294] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.1285: bg 0: block 5: invalid block bitmap
[  121.553398][ T7294] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  121.563902][ T7294] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.1285: invalid indirect mapped block 3 (level 2)
[  121.579304][ T7294] EXT4-fs (loop2): 2 truncates cleaned up
[  121.586385][ T7294] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  121.617540][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.645163][ T7298] loop2: detected capacity change from 0 to 1024
[  121.664672][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  121.675866][ T7298] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  121.689514][ T7298] ext4 filesystem being mounted at /282/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  121.701376][ T7304] netem: change failed
[  121.713099][ T7306] loop4: detected capacity change from 0 to 1764
[  121.735075][ T7311] loop1: detected capacity change from 0 to 512
[  121.742134][ T7311] ext2: Unknown parameter 'fowner>00000000000000000000'
[  121.766063][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.777737][ T7314] xt_hashlimit: size too large, truncated to 1048576
[  121.857287][ T7321] syz2: rxe_newlink: already configured on veth0_to_bond
[  121.908487][ T7325] loop1: detected capacity change from 0 to 512
[  121.916343][ T7325] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  121.969717][ T7325] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  121.990740][ T7335] FAULT_INJECTION: forcing a failure.
[  121.990740][ T7335] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  122.005697][ T7335] CPU: 1 UID: 0 PID: 7335 Comm: syz.4.1299 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(voluntary) 
[  122.005733][ T7335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  122.005794][ T7335] Call Trace:
[  122.005800][ T7335]  <TASK>
[  122.005809][ T7335]  __dump_stack+0x1d/0x30
[  122.005831][ T7335]  dump_stack_lvl+0xe8/0x140
[  122.005855][ T7335]  dump_stack+0x15/0x1b
[  122.005875][ T7335]  should_fail_ex+0x265/0x280
[  122.005895][ T7335]  should_fail+0xb/0x20
[  122.006003][ T7335]  should_fail_usercopy+0x1a/0x20
[  122.006038][ T7335]  _copy_from_user+0x1c/0xb0
[  122.006070][ T7335]  ___sys_sendmsg+0xc1/0x1d0
[  122.006187][ T7335]  __x64_sys_sendmsg+0xd4/0x160
[  122.006227][ T7335]  x64_sys_call+0x2999/0x2fb0
[  122.006255][ T7335]  do_syscall_64+0xd2/0x200
[  122.006294][ T7335]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  122.006334][ T7335]  ? clear_bhb_loop+0x40/0x90
[  122.006360][ T7335]  ? clear_bhb_loop+0x40/0x90
[  122.006388][ T7335]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.006413][ T7335] RIP: 0033:0x7fced6fde929
[  122.006428][ T7335] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  122.006575][ T7335] RSP: 002b:00007fced5647038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  122.006666][ T7335] RAX: ffffffffffffffda RBX: 00007fced7205fa0 RCX: 00007fced6fde929
[  122.006682][ T7335] RDX: 0000000000000000 RSI: 0000200000000380 RDI: 0000000000000006
[  122.006697][ T7335] RBP: 00007fced5647090 R08: 0000000000000000 R09: 0000000000000000
[  122.006713][ T7335] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  122.006728][ T7335] R13: 0000000000000000 R14: 00007fced7205fa0 R15: 00007ffc24d07818
[  122.006757][ T7335]  </TASK>
[  122.207983][ T7331] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  122.217612][ T7331] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  122.246155][ T7331] loop2: detected capacity change from 0 to 512
[  122.254158][ T7331] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  122.264442][ T7325] ext4 filesystem being mounted at /264/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  122.280299][ T7331] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e842e12c, mo2=0002]
[  122.291402][ T7337] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  122.293402][ T7331] System zones: 1-12
[  122.300891][ T7337] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  122.305007][ T7331] EXT4-fs (loop2): orphan cleanup on readonly fs
[  122.320795][ T7331] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1298: bg 0: block 361: padding at end of block bitmap is not set
[  122.337178][ T7331] EXT4-fs (loop2): Remounting filesystem read-only
[  122.344571][ T7331] EXT4-fs (loop2): 1 truncate cleaned up
[  122.350880][ T7331] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[  122.378897][ T7343] loop4: detected capacity change from 0 to 512
[  122.386892][ T7337] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  122.407435][ T7337] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  122.420160][ T7349] __nla_validate_parse: 2 callbacks suppressed
[  122.420184][ T7349] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1298'.
[  122.420492][ T7343] ext2: Unknown parameter 'fowner>00000000000000000000'
[  122.467860][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  122.473991][ T7351] loop4: detected capacity change from 0 to 1024
[  122.487770][ T7353] FAULT_INJECTION: forcing a failure.
[  122.487770][ T7353] name failslab, interval 1, probability 0, space 0, times 0
[  122.494719][ T7351] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  122.501141][ T7353] CPU: 0 UID: 0 PID: 7353 Comm: syz.0.1305 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(voluntary) 
[  122.501183][ T7353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  122.501200][ T7353] Call Trace:
[  122.501210][ T7353]  <TASK>
[  122.501222][ T7353]  __dump_stack+0x1d/0x30
[  122.501337][ T7353]  dump_stack_lvl+0xe8/0x140
[  122.501498][ T7353]  dump_stack+0x15/0x1b
[  122.501523][ T7353]  should_fail_ex+0x265/0x280
[  122.501566][ T7353]  should_failslab+0x8c/0xb0
[  122.501646][ T7353]  __kmalloc_noprof+0xa5/0x3e0
[  122.501688][ T7353]  ? genl_family_rcv_msg_attrs_parse+0x75/0x190
[  122.501728][ T7353]  genl_family_rcv_msg_attrs_parse+0x75/0x190
[  122.501777][ T7353]  ? selinux_capable+0x1f9/0x270
[  122.501802][ T7353]  genl_family_rcv_msg_doit+0x48/0x1b0
[  122.501832][ T7353]  ? security_capable+0x83/0x90
[  122.501915][ T7353]  ? ns_capable+0x7d/0xb0
[  122.501948][ T7353]  genl_rcv_msg+0x422/0x460
[  122.501990][ T7353]  ? __pfx_netlbl_mgmt_add+0x10/0x10
[  122.502030][ T7353]  netlink_rcv_skb+0x123/0x220
[  122.502074][ T7353]  ? __pfx_genl_rcv_msg+0x10/0x10
[  122.502127][ T7353]  genl_rcv+0x28/0x40
[  122.502158][ T7353]  netlink_unicast+0x59e/0x670
[  122.502200][ T7353]  netlink_sendmsg+0x58b/0x6b0
[  122.502375][ T7353]  ? __pfx_netlink_sendmsg+0x10/0x10
[  122.502423][ T7353]  __sock_sendmsg+0x145/0x180
[  122.502519][ T7353]  ____sys_sendmsg+0x31e/0x4e0
[  122.502588][ T7353]  ___sys_sendmsg+0x17b/0x1d0
[  122.502761][ T7353]  __x64_sys_sendmsg+0xd4/0x160
[  122.502871][ T7353]  x64_sys_call+0x2999/0x2fb0
[  122.502919][ T7353]  do_syscall_64+0xd2/0x200
[  122.502982][ T7353]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  122.503056][ T7353]  ? clear_bhb_loop+0x40/0x90
[  122.503087][ T7353]  ? clear_bhb_loop+0x40/0x90
[  122.503165][ T7353]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.503198][ T7353] RIP: 0033:0x7f65c856e929
[  122.503223][ T7353] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  122.503249][ T7353] RSP: 002b:00007f65c6bd7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  122.503278][ T7353] RAX: ffffffffffffffda RBX: 00007f65c8795fa0 RCX: 00007f65c856e929
[  122.503359][ T7353] RDX: 0000000000000000 RSI: 0000200000000d80 RDI: 0000000000000004
[  122.503377][ T7353] RBP: 00007f65c6bd7090 R08: 0000000000000000 R09: 0000000000000000
[  122.503395][ T7353] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  122.503413][ T7353] R13: 0000000000000000 R14: 00007f65c8795fa0 R15: 00007fff2f4de4d8
[  122.503483][ T7353]  </TASK>
[  122.795619][ T7364] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  122.800041][ T7351] ext4 filesystem being mounted at /242/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  122.811134][ T7364] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1308'.
[  122.857844][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  122.959036][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  123.023481][ T7372] loop2: detected capacity change from 0 to 512
[  123.036251][ T7377] loop4: detected capacity change from 0 to 512
[  123.046027][ T7372] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.1311: bg 0: block 5: invalid block bitmap
[  123.054754][ T7373] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7373 comm=syz.1.1312
[  123.061249][ T7377] ext2: Unknown parameter 'fowner>00000000000000000000'
[  123.084687][ T7372] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  123.112551][ T7372] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.1311: invalid indirect mapped block 3 (level 2)
[  123.134820][ T7379] loop3: detected capacity change from 0 to 8192
[  123.156045][ T7372] EXT4-fs (loop2): 2 truncates cleaned up
[  123.162653][ T7372] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  123.201472][ T7382] netem: change failed
[  123.207572][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  123.227987][ T7390] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1318'.
[  123.252076][ T7392] netlink: 8 bytes leftover after parsing attributes in process `+}[@'.
[  123.306316][ T7399] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1322'.
[  123.319163][ T7400] FAULT_INJECTION: forcing a failure.
[  123.319163][ T7400] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  123.333391][ T7400] CPU: 0 UID: 0 PID: 7400 Comm: syz.1.1323 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(voluntary) 
[  123.333419][ T7400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  123.333500][ T7400] Call Trace:
[  123.333508][ T7400]  <TASK>
[  123.333518][ T7400]  __dump_stack+0x1d/0x30
[  123.333544][ T7400]  dump_stack_lvl+0xe8/0x140
[  123.333584][ T7400]  dump_stack+0x15/0x1b
[  123.333665][ T7400]  should_fail_ex+0x265/0x280
[  123.333692][ T7400]  should_fail+0xb/0x20
[  123.333713][ T7400]  should_fail_usercopy+0x1a/0x20
[  123.333799][ T7400]  _copy_to_user+0x20/0xa0
[  123.333831][ T7400]  copy_siginfo_to_user+0x22/0xb0
[  123.333859][ T7400]  x64_setup_rt_frame+0x2b5/0x580
[  123.333888][ T7400]  arch_do_signal_or_restart+0x27c/0x480
[  123.333991][ T7400]  irqentry_exit_to_user_mode+0x5e/0xa0
[  123.334025][ T7400]  irqentry_exit+0x12/0x50
[  123.334053][ T7400]  asm_exc_page_fault+0x26/0x30
[  123.334078][ T7400] RIP: 0033:_end+0x763d8000/0x0
[  123.334143][ T7400] Code: Unable to access opcode bytes at 0xffffffffff5fffd6.
[  123.334154][ T7400] RSP: 002b:00007ff805e76a78 EFLAGS: 00010246
[  123.334173][ T7400] RAX: ffffffffffffffda RBX: 00007ff807a35fa0 RCX: 00007ff80780e929
[  123.334189][ T7400] RDX: 00007ff805e76a80 RSI: 00007ff805e76bb0 RDI: 0000000000000019
[  123.334204][ T7400] RBP: 00007ff805e77090 R08: 0000000000000000 R09: 0000000000000000
[  123.334220][ T7400] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002
[  123.334235][ T7400] R13: 0000000000000000 R14: 00007ff807a35fa0 R15: 00007ffcecc3e408
[  123.334264][ T7400]  </TASK>
[  123.335680][ T7402] FAULT_INJECTION: forcing a failure.
[  123.335680][ T7402] name failslab, interval 1, probability 0, space 0, times 0
[  123.525564][ T7402] CPU: 1 UID: 0 PID: 7402 Comm: syz.4.1324 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(voluntary) 
[  123.525596][ T7402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  123.525611][ T7402] Call Trace:
[  123.525620][ T7402]  <TASK>
[  123.525630][ T7402]  __dump_stack+0x1d/0x30
[  123.525657][ T7402]  dump_stack_lvl+0xe8/0x140
[  123.525686][ T7402]  dump_stack+0x15/0x1b
[  123.525708][ T7402]  should_fail_ex+0x265/0x280
[  123.525732][ T7402]  should_failslab+0x8c/0xb0
[  123.525774][ T7402]  kmem_cache_alloc_noprof+0x50/0x310
[  123.525856][ T7402]  ? security_file_alloc+0x32/0x100
[  123.525887][ T7402]  security_file_alloc+0x32/0x100
[  123.525909][ T7402]  init_file+0x5c/0x1d0
[  123.525986][ T7402]  alloc_empty_file+0x8b/0x200
[  123.526025][ T7402]  alloc_file_pseudo+0xc6/0x160
[  123.526056][ T7402]  __shmem_file_setup+0x1de/0x210
[  123.526098][ T7402]  shmem_file_setup+0x3b/0x50
[  123.526195][ T7402]  __se_sys_memfd_create+0x2c3/0x590
[  123.526262][ T7402]  __x64_sys_memfd_create+0x31/0x40
[  123.526295][ T7402]  x64_sys_call+0x122f/0x2fb0
[  123.526320][ T7402]  do_syscall_64+0xd2/0x200
[  123.526371][ T7402]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  123.526398][ T7402]  ? clear_bhb_loop+0x40/0x90
[  123.526424][ T7402]  ? clear_bhb_loop+0x40/0x90
[  123.526460][ T7402]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.526537][ T7402] RIP: 0033:0x7fced6fde929
[  123.526557][ T7402] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  123.526579][ T7402] RSP: 002b:00007fced5646d68 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  123.526601][ T7402] RAX: ffffffffffffffda RBX: 00000000000005c3 RCX: 00007fced6fde929
[  123.526612][ T7402] RDX: 00007fced5646dec RSI: 0000000000000000 RDI: 00007fced70614cc
[  123.526624][ T7402] RBP: 00002000000005c0 R08: 00007fced5646b07 R09: 0000000000000000
[  123.526653][ T7402] R10: 000000000000000a R11: 0000000000000202 R12: 0000000000000001
[  123.526667][ T7402] R13: 00007fced5646dec R14: 00007fced5646df0 R15: 00007ffc24d07818
[  123.526691][ T7402]  </TASK>
[  123.840327][ T7407] vlan2: entered allmulticast mode
[  123.880550][ T7408] loop2: detected capacity change from 0 to 1024
[  123.889312][ T7410] 9pnet_fd: Insufficient options for proto=fd
[  123.896120][ T7410] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=37 sclass=netlink_tcpdiag_socket pid=7410 comm=syz.4.1326
[  123.910388][ T7408] EXT4-fs: Ignoring removed nobh option
[  123.971241][ T7412] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7412 comm=syz.0.1327
[  124.014727][ T7408] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  124.334671][   T29] kauditd_printk_skb: 578 callbacks suppressed
[  124.334702][   T29] audit: type=1326 audit(1749122761.828:4832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7417 comm="syz.3.1330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0621e358e7 code=0x7ffc0000
[  124.421517][   T29] audit: type=1326 audit(1749122761.858:4833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7417 comm="syz.3.1330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0621ddab19 code=0x7ffc0000
[  124.447257][   T29] audit: type=1326 audit(1749122761.858:4834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7417 comm="syz.3.1330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0621e358e7 code=0x7ffc0000
[  124.474563][   T29] audit: type=1326 audit(1749122761.858:4835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7417 comm="syz.3.1330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0621ddab19 code=0x7ffc0000
[  124.502065][   T29] audit: type=1326 audit(1749122761.858:4836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7417 comm="syz.3.1330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0621e358e7 code=0x7ffc0000
[  124.528707][   T29] audit: type=1326 audit(1749122761.858:4837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7417 comm="syz.3.1330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0621ddab19 code=0x7ffc0000
[  124.555001][   T29] audit: type=1326 audit(1749122761.858:4838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7417 comm="syz.3.1330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0621e358e7 code=0x7ffc0000
[  124.581905][   T29] audit: type=1326 audit(1749122761.858:4839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7417 comm="syz.3.1330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0621ddab19 code=0x7ffc0000
[  124.608721][   T29] audit: type=1326 audit(1749122761.858:4840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7417 comm="syz.3.1330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0621e358e7 code=0x7ffc0000
[  124.637108][   T29] audit: type=1326 audit(1749122761.858:4841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7417 comm="syz.3.1330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0621ddab19 code=0x7ffc0000
[  124.783851][ T7427] FAULT_INJECTION: forcing a failure.
[  124.783851][ T7427] name failslab, interval 1, probability 0, space 0, times 0
[  124.798132][ T7427] CPU: 1 UID: 0 PID: 7427 Comm: syz.0.1332 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(voluntary) 
[  124.798161][ T7427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  124.798226][ T7427] Call Trace:
[  124.798233][ T7427]  <TASK>
[  124.798241][ T7427]  __dump_stack+0x1d/0x30
[  124.798261][ T7427]  dump_stack_lvl+0xe8/0x140
[  124.798279][ T7427]  dump_stack+0x15/0x1b
[  124.798306][ T7427]  should_fail_ex+0x265/0x280
[  124.798331][ T7427]  should_failslab+0x8c/0xb0
[  124.798368][ T7427]  kmem_cache_alloc_noprof+0x50/0x310
[  124.798416][ T7427]  ? skb_clone+0x151/0x1f0
[  124.798454][ T7427]  skb_clone+0x151/0x1f0
[  124.798559][ T7427]  __netlink_deliver_tap+0x2c9/0x500
[  124.798601][ T7427]  netlink_unicast+0x64c/0x670
[  124.798636][ T7427]  netlink_sendmsg+0x58b/0x6b0
[  124.798749][ T7427]  ? __pfx_netlink_sendmsg+0x10/0x10
[  124.798840][ T7427]  __sock_sendmsg+0x145/0x180
[  124.798917][ T7427]  ____sys_sendmsg+0x31e/0x4e0
[  124.798954][ T7427]  ___sys_sendmsg+0x17b/0x1d0
[  124.799004][ T7427]  __x64_sys_sendmsg+0xd4/0x160
[  124.799103][ T7427]  x64_sys_call+0x2999/0x2fb0
[  124.799130][ T7427]  do_syscall_64+0xd2/0x200
[  124.799166][ T7427]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  124.799208][ T7427]  ? clear_bhb_loop+0x40/0x90
[  124.799228][ T7427]  ? clear_bhb_loop+0x40/0x90
[  124.799257][ T7427]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.799284][ T7427] RIP: 0033:0x7f65c856e929
[  124.799302][ T7427] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  124.799324][ T7427] RSP: 002b:00007f65c6bb6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  124.799441][ T7427] RAX: ffffffffffffffda RBX: 00007f65c8796080 RCX: 00007f65c856e929
[  124.799457][ T7427] RDX: 0000000000000000 RSI: 00002000000004c0 RDI: 0000000000000004
[  124.799473][ T7427] RBP: 00007f65c6bb6090 R08: 0000000000000000 R09: 0000000000000000
[  124.799548][ T7427] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  124.799563][ T7427] R13: 0000000000000001 R14: 00007f65c8796080 R15: 00007fff2f4de4d8
[  124.799586][ T7427]  </TASK>
[  125.254057][ T7433] FAULT_INJECTION: forcing a failure.
[  125.254057][ T7433] name failslab, interval 1, probability 0, space 0, times 0
[  125.267097][ T7433] CPU: 0 UID: 0 PID: 7433 Comm: syz.4.1335 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(voluntary) 
[  125.267168][ T7433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  125.267183][ T7433] Call Trace:
[  125.267192][ T7433]  <TASK>
[  125.267202][ T7433]  __dump_stack+0x1d/0x30
[  125.267225][ T7433]  dump_stack_lvl+0xe8/0x140
[  125.267244][ T7433]  dump_stack+0x15/0x1b
[  125.267321][ T7433]  should_fail_ex+0x265/0x280
[  125.267347][ T7433]  should_failslab+0x8c/0xb0
[  125.267428][ T7433]  kmem_cache_alloc_node_noprof+0x57/0x320
[  125.267464][ T7433]  ? __alloc_skb+0x101/0x320
[  125.267491][ T7433]  __alloc_skb+0x101/0x320
[  125.267513][ T7433]  ? audit_log_start+0x365/0x6c0
[  125.267552][ T7433]  audit_log_start+0x380/0x6c0
[  125.267597][ T7433]  audit_seccomp+0x48/0x100
[  125.267631][ T7433]  ? __seccomp_filter+0x68c/0x10d0
[  125.267716][ T7433]  __seccomp_filter+0x69d/0x10d0
[  125.267758][ T7433]  __secure_computing+0x82/0x150
[  125.267787][ T7433]  syscall_trace_enter+0xcf/0x1e0
[  125.267819][ T7433]  do_syscall_64+0xac/0x200
[  125.267849][ T7433]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  125.267927][ T7433]  ? clear_bhb_loop+0x40/0x90
[  125.267966][ T7433]  ? clear_bhb_loop+0x40/0x90
[  125.267987][ T7433]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.268008][ T7433] RIP: 0033:0x7fced6fdd33c
[  125.268055][ T7433] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  125.268077][ T7433] RSP: 002b:00007fced5647030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  125.268097][ T7433] RAX: ffffffffffffffda RBX: 00007fced7205fa0 RCX: 00007fced6fdd33c
[  125.268109][ T7433] RDX: 000000000000000f RSI: 00007fced56470a0 RDI: 0000000000000005
[  125.268121][ T7433] RBP: 00007fced5647090 R08: 0000000000000000 R09: 0000000000000000
[  125.268132][ T7433] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  125.268222][ T7433] R13: 0000000000000000 R14: 00007fced7205fa0 R15: 00007ffc24d07818
[  125.268250][ T7433]  </TASK>
[  125.498560][ T7434] netlink: 'syz.3.1334': attribute type 1 has an invalid length.
[  125.507085][ T7434] netlink: 199824 bytes leftover after parsing attributes in process `syz.3.1334'.
[  125.571824][ T7438] FAULT_INJECTION: forcing a failure.
[  125.571824][ T7438] name failslab, interval 1, probability 0, space 0, times 0
[  125.585768][ T7438] CPU: 0 UID: 0 PID: 7438 Comm: syz.4.1338 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(voluntary) 
[  125.585846][ T7438] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  125.585862][ T7438] Call Trace:
[  125.585871][ T7438]  <TASK>
[  125.585880][ T7438]  __dump_stack+0x1d/0x30
[  125.585905][ T7438]  dump_stack_lvl+0xe8/0x140
[  125.585923][ T7438]  dump_stack+0x15/0x1b
[  125.585980][ T7438]  should_fail_ex+0x265/0x280
[  125.586007][ T7438]  should_failslab+0x8c/0xb0
[  125.586038][ T7438]  kmem_cache_alloc_node_noprof+0x57/0x320
[  125.586111][ T7438]  ? dup_task_struct+0x70/0x6a0
[  125.586146][ T7438]  dup_task_struct+0x70/0x6a0
[  125.586196][ T7438]  copy_process+0x399/0x1fe0
[  125.586233][ T7438]  ? __account_obj_stock+0x211/0x350
[  125.586331][ T7438]  ? __pfx_io_wq_worker+0x10/0x10
[  125.586375][ T7438]  create_io_thread+0x93/0xc0
[  125.586410][ T7438]  ? __pfx_io_wq_worker+0x10/0x10
[  125.586450][ T7438]  create_io_worker+0xe0/0x370
[  125.586541][ T7438]  io_wq_enqueue+0x2c1/0x3a0
[  125.586576][ T7438]  ? __pfx_io_wq_work_match_item+0x10/0x10
[  125.586652][ T7438]  io_queue_iowq+0x201/0x2e0
[  125.586747][ T7438]  io_queue_sqe_fallback+0x73/0xc0
[  125.586778][ T7438]  io_submit_sqes+0xbad/0xfd0
[  125.586872][ T7438]  __se_sys_io_uring_enter+0x1c1/0x1b70
[  125.586910][ T7438]  ? 0xffffffff81000000
[  125.586922][ T7438]  ? __rcu_read_unlock+0x4f/0x70
[  125.586944][ T7438]  ? get_pid_task+0x96/0xd0
[  125.587005][ T7438]  ? proc_fail_nth_write+0x12d/0x160
[  125.587028][ T7438]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  125.587106][ T7438]  ? vfs_write+0x75e/0x8e0
[  125.587130][ T7438]  ? __rcu_read_unlock+0x4f/0x70
[  125.587151][ T7438]  ? __fget_files+0x184/0x1c0
[  125.587175][ T7438]  ? fput+0x8f/0xc0
[  125.587212][ T7438]  __x64_sys_io_uring_enter+0x78/0x90
[  125.587351][ T7438]  x64_sys_call+0x28c8/0x2fb0
[  125.587386][ T7438]  do_syscall_64+0xd2/0x200
[  125.587434][ T7438]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  125.587460][ T7438]  ? clear_bhb_loop+0x40/0x90
[  125.587524][ T7438]  ? clear_bhb_loop+0x40/0x90
[  125.587555][ T7438]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.587579][ T7438] RIP: 0033:0x7fced6fde929
[  125.587595][ T7438] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  125.587620][ T7438] RSP: 002b:00007fced5647038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  125.587719][ T7438] RAX: ffffffffffffffda RBX: 00007fced7205fa0 RCX: 00007fced6fde929
[  125.587742][ T7438] RDX: 0000000000000000 RSI: 00000000000047bc RDI: 0000000000000003
[  125.587759][ T7438] RBP: 00007fced5647090 R08: 0000000000000000 R09: 0000000000000000
[  125.587775][ T7438] R10: 0000000000000021 R11: 0000000000000246 R12: 0000000000000001
[  125.587791][ T7438] R13: 0000000000000000 R14: 00007fced7205fa0 R15: 00007ffc24d07818
[  125.587892][ T7438]  </TASK>
[  125.932230][ T7440] tmpfs: Unknown parameter 'contextù'
[  125.999696][ T7449] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1339'.
[  126.054764][ T7454] loop1: detected capacity change from 0 to 512
[  126.085998][ T7454] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.1342: bg 0: block 5: invalid block bitmap
[  126.124065][ T7454] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  126.175314][ T7454] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.1342: invalid indirect mapped block 3 (level 2)
[  126.203549][ T7460] lo speed is unknown, defaulting to 1000
[  126.215901][ T7457] syzkaller1: entered promiscuous mode
[  126.222065][ T7457] syzkaller1: entered allmulticast mode
[  126.233110][ T7454] EXT4-fs (loop1): 2 truncates cleaned up
[  126.250456][ T7454] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  126.309763][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.386630][ T7463] netem: change failed
[  126.424549][ T7465] loop4: detected capacity change from 0 to 512
[  126.431179][ T7465] ext2: Unknown parameter 'fowner>00000000000000000000'
[  126.619453][ T7476] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1351'.
[  126.806087][ T7482] lo speed is unknown, defaulting to 1000
[  127.047477][ T7490] can: request_module (can-proto-4) failed.
[  127.098478][ T7504] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  127.147523][ T7504] FAULT_INJECTION: forcing a failure.
[  127.147523][ T7504] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  127.165153][ T7504] CPU: 0 UID: 0 PID: 7504 Comm: syz.4.1361 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(voluntary) 
[  127.165183][ T7504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  127.165196][ T7504] Call Trace:
[  127.165223][ T7504]  <TASK>
[  127.165233][ T7504]  __dump_stack+0x1d/0x30
[  127.165260][ T7504]  dump_stack_lvl+0xe8/0x140
[  127.165285][ T7504]  dump_stack+0x15/0x1b
[  127.165306][ T7504]  should_fail_ex+0x265/0x280
[  127.165373][ T7504]  should_fail_alloc_page+0xf2/0x100
[  127.165480][ T7504]  __alloc_frozen_pages_noprof+0xff/0x360
[  127.165524][ T7504]  alloc_pages_mpol+0xb3/0x250
[  127.165617][ T7504]  alloc_pages_noprof+0x90/0x130
[  127.165672][ T7504]  pte_alloc_one+0x2d/0x120
[  127.165771][ T7504]  __pte_alloc+0x32/0x2b0
[  127.165854][ T7504]  handle_mm_fault+0x1c16/0x2be0
[  127.165883][ T7504]  ? __rcu_read_lock+0x37/0x50
[  127.165971][ T7504]  __get_user_pages+0x1036/0x1fb0
[  127.166003][ T7504]  __gup_longterm_locked+0x9c9/0x1010
[  127.166034][ T7504]  ? freeze_slab+0x5c/0x80
[  127.166137][ T7504]  ? should_fail_ex+0xdb/0x280
[  127.166293][ T7504]  pin_user_pages_remote+0x7e/0xb0
[  127.166320][ T7504]  process_vm_rw+0x484/0x950
[  127.166398][ T7504]  __x64_sys_process_vm_readv+0x78/0x90
[  127.166477][ T7504]  x64_sys_call+0x2978/0x2fb0
[  127.166502][ T7504]  do_syscall_64+0xd2/0x200
[  127.166539][ T7504]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  127.166639][ T7504]  ? clear_bhb_loop+0x40/0x90
[  127.166662][ T7504]  ? clear_bhb_loop+0x40/0x90
[  127.166746][ T7504]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.166772][ T7504] RIP: 0033:0x7fced6fde929
[  127.166790][ T7504] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  127.166846][ T7504] RSP: 002b:00007fced5605038 EFLAGS: 00000246 ORIG_RAX: 0000000000000136
[  127.166869][ T7504] RAX: ffffffffffffffda RBX: 00007fced7206160 RCX: 00007fced6fde929
[  127.166970][ T7504] RDX: 0000000000000002 RSI: 0000200000008400 RDI: 0000000000000298
[  127.167022][ T7504] RBP: 00007fced5605090 R08: 0000000000000286 R09: 0000000000000000
[  127.167037][ T7504] R10: 0000200000008640 R11: 0000000000000246 R12: 0000000000000001
[  127.167053][ T7504] R13: 0000000000000000 R14: 00007fced7206160 R15: 00007ffc24d07818
[  127.167156][ T7504]  </TASK>
[  127.620781][ T7510] netlink: 'syz.4.1365': attribute type 4 has an invalid length.
[  127.652347][ T7513] FAULT_INJECTION: forcing a failure.
[  127.652347][ T7513] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  127.673591][ T7513] CPU: 0 UID: 0 PID: 7513 Comm: syz.3.1363 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(voluntary) 
[  127.673627][ T7513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  127.673718][ T7513] Call Trace:
[  127.673726][ T7513]  <TASK>
[  127.673736][ T7513]  __dump_stack+0x1d/0x30
[  127.673762][ T7513]  dump_stack_lvl+0xe8/0x140
[  127.673827][ T7513]  dump_stack+0x15/0x1b
[  127.673847][ T7513]  should_fail_ex+0x265/0x280
[  127.673872][ T7513]  should_fail+0xb/0x20
[  127.673921][ T7513]  should_fail_usercopy+0x1a/0x20
[  127.674015][ T7513]  _copy_to_user+0x20/0xa0
[  127.674042][ T7513]  simple_read_from_buffer+0xb5/0x130
[  127.674083][ T7513]  proc_fail_nth_read+0x100/0x140
[  127.674191][ T7513]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  127.674220][ T7513]  vfs_read+0x19d/0x6f0
[  127.674243][ T7513]  ? __rcu_read_unlock+0x4f/0x70
[  127.674280][ T7513]  ? __fget_files+0x184/0x1c0
[  127.674307][ T7513]  ksys_read+0xda/0x1a0
[  127.674405][ T7513]  __x64_sys_read+0x40/0x50
[  127.674427][ T7513]  x64_sys_call+0x2d77/0x2fb0
[  127.674514][ T7513]  do_syscall_64+0xd2/0x200
[  127.674550][ T7513]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  127.674585][ T7513]  ? clear_bhb_loop+0x40/0x90
[  127.674634][ T7513]  ? clear_bhb_loop+0x40/0x90
[  127.674663][ T7513]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.674805][ T7513] RIP: 0033:0x7f0621e3d33c
[  127.674901][ T7513] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  127.674918][ T7513] RSP: 002b:00007f06204a7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  127.674936][ T7513] RAX: ffffffffffffffda RBX: 00007f0622065fa0 RCX: 00007f0621e3d33c
[  127.674948][ T7513] RDX: 000000000000000f RSI: 00007f06204a70a0 RDI: 0000000000000004
[  127.675023][ T7513] RBP: 00007f06204a7090 R08: 0000000000000000 R09: 0000000000000000
[  127.675034][ T7513] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  127.675048][ T7513] R13: 0000000000000000 R14: 00007f0622065fa0 R15: 00007ffc399a0d08
[  127.675067][ T7513]  </TASK>
[  128.000213][ T7518] loop4: detected capacity change from 0 to 256
[  128.066589][ T7524] loop3: detected capacity change from 0 to 164
[  128.124945][ T7524] 9pnet: Could not find request transport: t
[  128.147730][ T7516] netlink: 8 bytes leftover after parsing attributes in process `+}[@'.
[  128.579835][ T7539] loop1: detected capacity change from 0 to 1024
[  128.626759][ T7539] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  128.682327][ T7539] ext4 filesystem being mounted at /280/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  128.819023][ T7549] loop3: detected capacity change from 0 to 512
[  128.864781][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.896426][ T7549] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.1378: bg 0: block 5: invalid block bitmap
[  128.915626][ T7549] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  128.927984][ T7549] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.1378: invalid indirect mapped block 3 (level 2)
[  128.975505][ T7549] EXT4-fs (loop3): 2 truncates cleaned up
[  128.984510][ T7549] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.044023][ T7554] netlink: 'syz.4.1380': attribute type 4 has an invalid length.
[  129.064989][ T3325] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.184759][ T7560] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  129.203441][ T7559] FAULT_INJECTION: forcing a failure.
[  129.203441][ T7559] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  129.221052][ T7559] CPU: 0 UID: 0 PID: 7559 Comm: syz.0.1383 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(voluntary) 
[  129.221158][ T7559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  129.221171][ T7559] Call Trace:
[  129.221180][ T7559]  <TASK>
[  129.221190][ T7559]  __dump_stack+0x1d/0x30
[  129.221217][ T7559]  dump_stack_lvl+0xe8/0x140
[  129.221243][ T7559]  dump_stack+0x15/0x1b
[  129.221259][ T7559]  should_fail_ex+0x265/0x280
[  129.221279][ T7559]  should_fail+0xb/0x20
[  129.221359][ T7559]  should_fail_usercopy+0x1a/0x20
[  129.221380][ T7559]  strncpy_from_user+0x25/0x230
[  129.221407][ T7559]  ? kmem_cache_alloc_noprof+0x186/0x310
[  129.221477][ T7559]  ? getname_flags+0x80/0x3b0
[  129.221505][ T7559]  getname_flags+0xae/0x3b0
[  129.221572][ T7559]  __x64_sys_link+0x40/0x70
[  129.221599][ T7559]  x64_sys_call+0x2af9/0x2fb0
[  129.221623][ T7559]  do_syscall_64+0xd2/0x200
[  129.221666][ T7559]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  129.221703][ T7559]  ? clear_bhb_loop+0x40/0x90
[  129.221723][ T7559]  ? clear_bhb_loop+0x40/0x90
[  129.221744][ T7559]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.221768][ T7559] RIP: 0033:0x7f65c856e929
[  129.221784][ T7559] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  129.221806][ T7559] RSP: 002b:00007f65c6bd7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000056
[  129.221830][ T7559] RAX: ffffffffffffffda RBX: 00007f65c8795fa0 RCX: 00007f65c856e929
[  129.221846][ T7559] RDX: 0000000000000000 RSI: 0000200000000700 RDI: 0000200000000440
[  129.221863][ T7559] RBP: 00007f65c6bd7090 R08: 0000000000000000 R09: 0000000000000000
[  129.221924][ T7559] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  129.221936][ T7559] R13: 0000000000000000 R14: 00007f65c8795fa0 R15: 00007fff2f4de4d8
[  129.221961][ T7559]  </TASK>
[  129.273579][ T7560] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1381'.
[  129.295704][ T7567] loop4: detected capacity change from 0 to 512
[  129.476772][   T29] kauditd_printk_skb: 2593 callbacks suppressed
[  129.476826][   T29] audit: type=1326 audit(1749122766.968:7433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7566 comm="syz.4.1386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fced6fdd58a code=0x7ffc0000
[  129.515795][   T29] audit: type=1326 audit(1749122767.008:7434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7566 comm="syz.4.1386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fced6fdd58a code=0x7ffc0000
[  129.542635][   T29] audit: type=1326 audit(1749122767.008:7435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7566 comm="syz.4.1386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fced6fdd197 code=0x7ffc0000
[  129.580675][   T29] audit: type=1326 audit(1749122767.008:7436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7566 comm="syz.4.1386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7fced6fe00ca code=0x7ffc0000
[  129.618750][ T7567] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.1386: bg 0: block 5: invalid block bitmap
[  129.640504][ T7567] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  129.659531][ T7573] loop1: detected capacity change from 0 to 1024
[  129.668052][ T7567] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.1386: invalid indirect mapped block 3 (level 2)
[  129.684453][ T7567] EXT4-fs (loop4): 2 truncates cleaned up
[  129.710322][ T7567] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.742067][ T7573] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  129.763421][ T7573] ext4 filesystem being mounted at /284/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  129.820392][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.832802][   T29] audit: type=1326 audit(1749122767.268:7437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7566 comm="syz.4.1386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fced6fdd290 code=0x7ffc0000
[  129.862468][   T29] audit: type=1326 audit(1749122767.268:7438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7566 comm="syz.4.1386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7fced6fdd677 code=0x7ffc0000
[  129.891164][   T29] audit: type=1326 audit(1749122767.268:7439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7566 comm="syz.4.1386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fced6fdd290 code=0x7ffc0000
[  129.920912][   T29] audit: type=1326 audit(1749122767.268:7440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7566 comm="syz.4.1386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fced6fde929 code=0x7ffc0000
[  129.952577][   T29] audit: type=1326 audit(1749122767.268:7441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7566 comm="syz.4.1386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fced6fde929 code=0x7ffc0000
[  129.980496][   T29] audit: type=1326 audit(1749122767.278:7442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7566 comm="syz.4.1386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=86 compat=0 ip=0x7fced6fde929 code=0x7ffc0000
[  130.011364][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.032620][ T7584] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7584 comm=syz.0.1393
[  130.047958][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.152139][ T7592] netlink: 'syz.1.1396': attribute type 4 has an invalid length.
[  130.238654][ T7603] loop3: detected capacity change from 0 to 512
[  130.249301][ T7603] ext2: Unknown parameter 'fowner>00000000000000000000'
[  130.269838][ T7599] loop1: detected capacity change from 0 to 512
[  130.334165][ T7599] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  130.375364][ T7599] EXT4-fs (loop1): mount failed
[  130.414190][ T7619] loop3: detected capacity change from 0 to 256
[  130.421724][ T7619] vfat: Unknown parameter 'ÿ'
[  130.432475][ T7627] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7627 comm=syz.4.1410
[  130.485885][ T7632] netlink: 'syz.2.1411': attribute type 4 has an invalid length.
[  130.524125][ T7637] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1399'.
[  130.524266][ T3394] lo speed is unknown, defaulting to 1000
[  130.541559][ T3394] syz0: Port: 1 Link DOWN
[  130.622724][ T7647] vlan2: entered promiscuous mode
[  130.628673][ T7647] bridge0: entered promiscuous mode
[  130.635340][ T7647] vlan2: entered allmulticast mode
[  130.640985][ T7647] bridge0: entered allmulticast mode
[  130.691536][ T7651] (unnamed net_device) (uninitialized): option tlb_dynamic_lb: invalid value (5)
[  130.726213][ T7657] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7657 comm=syz.3.1423
[  130.750783][ T7659] loop4: detected capacity change from 0 to 512
[  130.761017][ T7659] EXT4-fs error (device loop4): ext4_get_branch:178: inode #11: block 4294967295: comm syz.4.1424: invalid block
[  130.774787][ T7659] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.1424: invalid indirect mapped block 4294967295 (level 1)
[  130.791309][ T7659] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.1424: invalid indirect mapped block 4294967295 (level 1)
[  130.807813][ T7659] EXT4-fs (loop4): 2 truncates cleaned up
[  130.843661][ T7671] loop4: detected capacity change from 0 to 512
[  130.851608][ T7671] ext2: Unknown parameter 'fowner>00000000000000000000'
[  130.896059][ T7677] loop3: detected capacity change from 0 to 512
[  130.905901][ T7679] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8218 sclass=netlink_route_socket pid=7679 comm=syz.4.1430
[  130.907648][ T7677] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.1429: bg 0: block 5: invalid block bitmap
[  130.932917][ T7677] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  130.942768][ T7677] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.1429: invalid indirect mapped block 3 (level 2)
[  130.957600][ T7677] EXT4-fs (loop3): 2 truncates cleaned up
[  131.054671][ T7688] FAULT_INJECTION: forcing a failure.
[  131.054671][ T7688] name failslab, interval 1, probability 0, space 0, times 0
[  131.069243][ T7688] CPU: 1 UID: 0 PID: 7688 Comm: syz.4.1434 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(voluntary) 
[  131.069285][ T7688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  131.069301][ T7688] Call Trace:
[  131.069309][ T7688]  <TASK>
[  131.069319][ T7688]  __dump_stack+0x1d/0x30
[  131.069343][ T7688]  dump_stack_lvl+0xe8/0x140
[  131.069364][ T7688]  dump_stack+0x15/0x1b
[  131.069422][ T7688]  should_fail_ex+0x265/0x280
[  131.069444][ T7688]  ? audit_log_d_path+0x8d/0x150
[  131.069476][ T7688]  should_failslab+0x8c/0xb0
[  131.069573][ T7688]  __kmalloc_cache_noprof+0x4c/0x320
[  131.069608][ T7688]  audit_log_d_path+0x8d/0x150
[  131.069645][ T7688]  audit_log_d_path_exe+0x42/0x70
[  131.069750][ T7688]  audit_log_task+0x1e9/0x250
[  131.069789][ T7688]  audit_seccomp+0x61/0x100
[  131.069822][ T7688]  ? __seccomp_filter+0x68c/0x10d0
[  131.069902][ T7688]  __seccomp_filter+0x69d/0x10d0
[  131.070041][ T7688]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  131.070101][ T7688]  ? vfs_write+0x75e/0x8e0
[  131.070179][ T7688]  ? __rcu_read_unlock+0x4f/0x70
[  131.070210][ T7688]  ? __fget_files+0x184/0x1c0
[  131.070245][ T7688]  __secure_computing+0x82/0x150
[  131.070275][ T7688]  syscall_trace_enter+0xcf/0x1e0
[  131.070313][ T7688]  do_syscall_64+0xac/0x200
[  131.070403][ T7688]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  131.070487][ T7688]  ? clear_bhb_loop+0x40/0x90
[  131.070529][ T7688]  ? clear_bhb_loop+0x40/0x90
[  131.070558][ T7688]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.070591][ T7688] RIP: 0033:0x7fced6fde929
[  131.070626][ T7688] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  131.070644][ T7688] RSP: 002b:00007fced5647038 EFLAGS: 00000246 ORIG_RAX: 0000000000000129
[  131.070669][ T7688] RAX: ffffffffffffffda RBX: 00007fced7205fa0 RCX: 00007fced6fde929
[  131.070747][ T7688] RDX: 0000000000000009 RSI: 0000000000000000 RDI: 0000000000000000
[  131.070762][ T7688] RBP: 00007fced5647090 R08: 0000000000000000 R09: 0000000000000000
[  131.070778][ T7688] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  131.070794][ T7688] R13: 0000000000000000 R14: 00007fced7205fa0 R15: 00007ffc24d07818
[  131.070820][ T7688]  </TASK>
[  131.361590][ T7696] loop4: detected capacity change from 0 to 512
[  131.369028][ T7696] ext2: Unknown parameter 'fowner>00000000000000000000'
[  131.408394][ T7701] loop4: detected capacity change from 0 to 164
[  131.425236][ T7703] FAULT_INJECTION: forcing a failure.
[  131.425236][ T7703] name failslab, interval 1, probability 0, space 0, times 0
[  131.432916][ T7701] Unable to read rock-ridge attributes
[  131.439366][ T7703] CPU: 0 UID: 0 PID: 7703 Comm: syz.2.1441 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(voluntary) 
[  131.439455][ T7703] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  131.439471][ T7703] Call Trace:
[  131.439482][ T7703]  <TASK>
[  131.439492][ T7703]  __dump_stack+0x1d/0x30
[  131.439586][ T7703]  dump_stack_lvl+0xe8/0x140
[  131.439612][ T7703]  dump_stack+0x15/0x1b
[  131.439634][ T7703]  should_fail_ex+0x265/0x280
[  131.439661][ T7703]  should_failslab+0x8c/0xb0
[  131.439741][ T7703]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  131.439788][ T7703]  ? shmem_alloc_inode+0x34/0x50
[  131.439831][ T7703]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  131.439859][ T7703]  shmem_alloc_inode+0x34/0x50
[  131.439884][ T7703]  alloc_inode+0x3d/0x170
[  131.439912][ T7703]  new_inode+0x1d/0xe0
[  131.439987][ T7703]  shmem_get_inode+0x244/0x750
[  131.440016][ T7703]  __shmem_file_setup+0x113/0x210
[  131.440059][ T7703]  shmem_file_setup+0x3b/0x50
[  131.440125][ T7703]  __se_sys_memfd_create+0x2c3/0x590
[  131.440154][ T7703]  __x64_sys_memfd_create+0x31/0x40
[  131.440193][ T7703]  x64_sys_call+0x122f/0x2fb0
[  131.440222][ T7703]  do_syscall_64+0xd2/0x200
[  131.440265][ T7703]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  131.440300][ T7703]  ? clear_bhb_loop+0x40/0x90
[  131.440329][ T7703]  ? clear_bhb_loop+0x40/0x90
[  131.440358][ T7703]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.440440][ T7703] RIP: 0033:0x7f01f5a4e929
[  131.440461][ T7703] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  131.440485][ T7703] RSP: 002b:00007f01f40b6e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  131.440509][ T7703] RAX: ffffffffffffffda RBX: 00000000000004e1 RCX: 00007f01f5a4e929
[  131.440544][ T7703] RDX: 00007f01f40b6ef0 RSI: 0000000000000000 RDI: 00007f01f5ad14cc
[  131.440560][ T7703] RBP: 0000200000000740 R08: 00007f01f40b6bb7 R09: 00007f01f40b6e40
[  131.440577][ T7703] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000080
[  131.440592][ T7703] R13: 00007f01f40b6ef0 R14: 00007f01f40b6eb0 R15: 0000200000000000
[  131.440618][ T7703]  </TASK>
[  131.830930][ T7719] loop3: detected capacity change from 0 to 512
[  131.880277][ T7719] ext2: Unknown parameter 'fowner>00000000000000000000'
[  131.893251][ T7701] iso9660: Corrupted directory entry in block 4 of inode 1792
[  132.066692][ T7729] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1451'.
[  132.260740][ T7730] loop2: detected capacity change from 0 to 512
[  132.284101][ T7737] loop3: detected capacity change from 0 to 512
[  132.343544][ T7730] EXT4-fs: Ignoring removed i_version option
[  132.350842][ T7730] EXT4-fs: Ignoring removed mblk_io_submit option
[  132.380165][ T7737] EXT4-fs error (device loop3): ext4_orphan_get:1393: inode #15: comm syz.3.1454: casefold flag without casefold feature
[  132.394559][ T7737] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.1454: couldn't read orphan inode 15 (err -117)
[  132.418847][ T7715] lo speed is unknown, defaulting to 1000
[  132.437852][ T7730] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  132.453374][ T7743] loop4: detected capacity change from 0 to 512
[  132.471362][ T7743] EXT4-fs: Ignoring removed mblk_io_submit option
[  132.487833][ T7730] EXT4-fs (loop2): can't mount with data_err=abort, fs mounted w/o journal
[  132.500740][ T7743] ext4: Bad value for 'sb'
[  132.552060][ T7743] SELinux: syz.4.1455 (7743) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  132.628328][ T7743] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1455'.
[  132.672421][ T7743] bridge0: port 1(bridge_slave_0) entered disabled state
[  132.692100][ T7730] loop2: detected capacity change from 0 to 1024
[  132.730722][ T7730] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities
[  133.044761][ T7755] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1459'.
[  133.342014][ T7767] netlink: 8 bytes leftover after parsing attributes in process `+}[@'.
[  133.505321][ T7769] netlink: 'syz.2.1466': attribute type 4 has an invalid length.
[  133.883705][ T7779] ipvlan3: entered promiscuous mode
[  133.931008][ T7785] FAULT_INJECTION: forcing a failure.
[  133.931008][ T7785] name failslab, interval 1, probability 0, space 0, times 0
[  133.945854][ T7785] CPU: 1 UID: 0 PID: 7785 Comm: syz.2.1469 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(voluntary) 
[  133.945888][ T7785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  133.945902][ T7785] Call Trace:
[  133.945909][ T7785]  <TASK>
[  133.945917][ T7785]  __dump_stack+0x1d/0x30
[  133.945943][ T7785]  dump_stack_lvl+0xe8/0x140
[  133.946045][ T7785]  dump_stack+0x15/0x1b
[  133.946066][ T7785]  should_fail_ex+0x265/0x280
[  133.946089][ T7785]  should_failslab+0x8c/0xb0
[  133.946181][ T7785]  kmem_cache_alloc_noprof+0x50/0x310
[  133.946211][ T7785]  ? security_file_alloc+0x32/0x100
[  133.946267][ T7785]  security_file_alloc+0x32/0x100
[  133.946296][ T7785]  init_file+0x5c/0x1d0
[  133.946387][ T7785]  alloc_empty_file+0x8b/0x200
[  133.946414][ T7785]  alloc_file_pseudo+0xc6/0x160
[  133.946520][ T7785]  __shmem_file_setup+0x1de/0x210
[  133.946558][ T7785]  shmem_file_setup+0x3b/0x50
[  133.946594][ T7785]  __se_sys_memfd_create+0x2c3/0x590
[  133.946627][ T7785]  __x64_sys_memfd_create+0x31/0x40
[  133.946646][ T7785]  x64_sys_call+0x122f/0x2fb0
[  133.946668][ T7785]  do_syscall_64+0xd2/0x200
[  133.946705][ T7785]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  133.946731][ T7785]  ? clear_bhb_loop+0x40/0x90
[  133.946751][ T7785]  ? clear_bhb_loop+0x40/0x90
[  133.946772][ T7785]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  133.946822][ T7785] RIP: 0033:0x7f01f5a4e929
[  133.946842][ T7785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  133.946865][ T7785] RSP: 002b:00007f01f4074e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  133.946889][ T7785] RAX: ffffffffffffffda RBX: 0000000000000485 RCX: 00007f01f5a4e929
[  133.946964][ T7785] RDX: 00007f01f4074ef0 RSI: 0000000000000000 RDI: 00007f01f5ad14cc
[  133.946981][ T7785] RBP: 0000200000001500 R08: 00007f01f4074bb7 R09: 00007f01f4074e40
[  133.947016][ T7785] R10: 000000000000000a R11: 0000000000000202 R12: 00002000000001c0
[  133.947029][ T7785] R13: 00007f01f4074ef0 R14: 00007f01f4074eb0 R15: 0000200000000500
[  133.947122][ T7785]  </TASK>
[  134.191834][ T7779] bridge0: port 3(ipvlan3) entered blocking state
[  134.199203][ T7779] bridge0: port 3(ipvlan3) entered disabled state
[  134.242472][ T7787] 9pnet: Could not find request transport: 00000000000000000000004
[  134.264240][ T7779] ipvlan3: entered allmulticast mode
[  134.285931][ T7782] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1472'.
[  134.307892][ T7779] ipvlan3: left allmulticast mode
[  134.529357][ T7797] netlink: 'syz.1.1477': attribute type 4 has an invalid length.
[  134.596054][ T7799] FAULT_INJECTION: forcing a failure.
[  134.596054][ T7799] name failslab, interval 1, probability 0, space 0, times 0
[  134.610013][ T7799] CPU: 1 UID: 0 PID: 7799 Comm: syz.1.1478 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(voluntary) 
[  134.610047][ T7799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  134.610060][ T7799] Call Trace:
[  134.610065][ T7799]  <TASK>
[  134.610073][ T7799]  __dump_stack+0x1d/0x30
[  134.610203][ T7799]  dump_stack_lvl+0xe8/0x140
[  134.610228][ T7799]  dump_stack+0x15/0x1b
[  134.610272][ T7799]  should_fail_ex+0x265/0x280
[  134.610297][ T7799]  ? nf_tables_newtable+0x375/0xea0
[  134.610326][ T7799]  should_failslab+0x8c/0xb0
[  134.610350][ T7799]  __kmalloc_cache_noprof+0x4c/0x320
[  134.610396][ T7799]  nf_tables_newtable+0x375/0xea0
[  134.610430][ T7799]  nfnetlink_rcv+0xb99/0x1690
[  134.610481][ T7799]  netlink_unicast+0x59e/0x670
[  134.610679][ T7799]  netlink_sendmsg+0x58b/0x6b0
[  134.610713][ T7799]  ? __pfx_netlink_sendmsg+0x10/0x10
[  134.610743][ T7799]  __sock_sendmsg+0x145/0x180
[  134.610841][ T7799]  ____sys_sendmsg+0x31e/0x4e0
[  134.610900][ T7799]  ___sys_sendmsg+0x17b/0x1d0
[  134.610952][ T7799]  __x64_sys_sendmsg+0xd4/0x160
[  134.611034][ T7799]  x64_sys_call+0x2999/0x2fb0
[  134.611063][ T7799]  do_syscall_64+0xd2/0x200
[  134.611236][ T7799]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  134.611275][ T7799]  ? clear_bhb_loop+0x40/0x90
[  134.611300][ T7799]  ? clear_bhb_loop+0x40/0x90
[  134.611329][ T7799]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.611352][ T7799] RIP: 0033:0x7ff80780e929
[  134.611437][ T7799] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  134.611459][ T7799] RSP: 002b:00007ff805e77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  134.611481][ T7799] RAX: ffffffffffffffda RBX: 00007ff807a35fa0 RCX: 00007ff80780e929
[  134.611519][ T7799] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000003
[  134.611533][ T7799] RBP: 00007ff805e77090 R08: 0000000000000000 R09: 0000000000000000
[  134.611548][ T7799] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  134.611564][ T7799] R13: 0000000000000000 R14: 00007ff807a35fa0 R15: 00007ffcecc3e408
[  134.611651][ T7799]  </TASK>
[  134.845602][ T7795] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  134.854829][ T7795] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  134.868040][ T7795] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1476'.
[  134.883870][ T7795] bridge0: port 2(bridge_slave_1) entered disabled state
[  134.919716][ T7795] bridge_slave_1 (unregistering): left allmulticast mode
[  134.927532][ T7795] bridge_slave_1 (unregistering): left promiscuous mode
[  134.935032][ T7795] bridge0: port 2(bridge_slave_1) entered disabled state
[  135.123296][   T29] kauditd_printk_skb: 368 callbacks suppressed
[  135.123314][   T29] audit: type=1326 audit(2000000004.080:7810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7808 comm="syz.3.1482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0621e3e929 code=0x7ffc0000
[  135.184205][ T7804] loop1: detected capacity change from 0 to 4096
[  135.199704][ T7809] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1482'.
[  135.211760][ T7804] EXT4-fs mount: 6 callbacks suppressed
[  135.211782][ T7804] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  135.231044][   T29] audit: type=1326 audit(2000000004.120:7811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7808 comm="syz.3.1482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0621e3e929 code=0x7ffc0000
[  135.255797][   T29] audit: type=1326 audit(2000000004.120:7812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7808 comm="syz.3.1482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0621e3e929 code=0x7ffc0000
[  135.280539][   T29] audit: type=1326 audit(2000000004.120:7813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7808 comm="syz.3.1482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0621e3e929 code=0x7ffc0000
[  135.306255][   T29] audit: type=1326 audit(2000000004.120:7814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7808 comm="syz.3.1482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0621e3e929 code=0x7ffc0000
[  135.331893][   T29] audit: type=1326 audit(2000000004.120:7815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7808 comm="syz.3.1482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0621e3e929 code=0x7ffc0000
[  135.358242][   T29] audit: type=1326 audit(2000000004.120:7816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7808 comm="syz.3.1482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0621e3e929 code=0x7ffc0000
[  135.383661][   T29] audit: type=1326 audit(2000000004.120:7817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7808 comm="syz.3.1482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0621e3e929 code=0x7ffc0000
[  135.409805][   T29] audit: type=1326 audit(2000000004.120:7818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7808 comm="syz.3.1482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0621e3e929 code=0x7ffc0000
[  135.435412][   T29] audit: type=1326 audit(2000000004.120:7819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7808 comm="syz.3.1482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7f0621e3e929 code=0x7ffc0000
[  135.609999][ T7816] loop4: detected capacity change from 0 to 1024
[  135.626339][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.644926][ T7816] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  135.687678][ T7816] ext4 filesystem being mounted at /290/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  135.732110][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.791036][ T7832] netem: change failed
[  135.798010][ T7830] lo speed is unknown, defaulting to 1000
[  135.829730][ T7836] netlink: 'syz.2.1492': attribute type 4 has an invalid length.
[  135.843871][ T7837] ip6tnl1: entered promiscuous mode
[  135.849398][ T7837] ip6tnl1: entered allmulticast mode
[  136.124909][ T7856] netlink: 4696 bytes leftover after parsing attributes in process `syz.3.1498'.
[  136.135477][ T7856] netlink: 4696 bytes leftover after parsing attributes in process `syz.3.1498'.
[  136.159721][ T7856] lo speed is unknown, defaulting to 1000
[  136.199825][ T7861] usb usb8: usbfs: process 7861 (syz.3.1498) did not claim interface 0 before use
[  136.434609][ T7871] loop3: detected capacity change from 0 to 1024
[  136.465760][ T7871] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  136.480438][ T7871] ext4 filesystem being mounted at /301/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  136.511557][ T3325] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.552903][ T7879] loop1: detected capacity change from 0 to 2048
[  136.561577][ T7881] netlink: 'syz.3.1504': attribute type 4 has an invalid length.
[  136.613035][ T7879] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  136.626918][ T7879] ext4 filesystem being mounted at /299/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  136.666907][ T7889] 8021q: VLANs not supported on gre0
[  136.685731][ T7891] loop3: detected capacity change from 0 to 512
[  136.686174][ T7889] lo speed is unknown, defaulting to 1000
[  136.694957][ T7891] EXT4-fs: Ignoring removed oldalloc option
[  136.705657][ T7891] EXT4-fs: inline encryption not supported
[  136.712324][ T7891] EXT4-fs: Ignoring removed mblk_io_submit option
[  136.756479][ T7894] vlan2: entered allmulticast mode
[  136.762418][ T7894] macvtap0: entered allmulticast mode
[  136.768834][ T7894] veth0_macvtap: entered allmulticast mode
[  136.786471][ T7891] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  136.820021][ T7891] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1509: bg 0: block 64: padding at end of block bitmap is not set
[  136.847138][ T7891] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.1509: Failed to acquire dquot type 0
[  136.870002][ T7891] EXT4-fs (loop3): 1 truncate cleaned up
[  136.881116][ T7891] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  137.056903][ T7918] loop4: detected capacity change from 0 to 1024
[  137.096040][ T7918] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  137.118953][ T7918] EXT4-fs: Ignoring sb option on remount
[  137.126016][ T7918] EXT4-fs: Ignoring removed orlov option
[  137.132719][ T7918] EXT4-fs: Ignoring removed nomblk_io_submit option
[  137.141424][ T7918] EXT4-fs: Remounting fs w/o journal so ignoring data_err option
[  137.151317][ T7918] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000.
[  137.174508][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.250862][ T7922] FAULT_INJECTION: forcing a failure.
[  137.250862][ T7922] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  137.265085][ T7922] CPU: 0 UID: 0 PID: 7922 Comm: syz.4.1515 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(voluntary) 
[  137.265221][ T7922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  137.265233][ T7922] Call Trace:
[  137.265240][ T7922]  <TASK>
[  137.265248][ T7922]  __dump_stack+0x1d/0x30
[  137.265271][ T7922]  dump_stack_lvl+0xe8/0x140
[  137.265291][ T7922]  dump_stack+0x15/0x1b
[  137.265307][ T7922]  should_fail_ex+0x265/0x280
[  137.265327][ T7922]  should_fail+0xb/0x20
[  137.265419][ T7922]  should_fail_usercopy+0x1a/0x20
[  137.265440][ T7922]  _copy_from_user+0x1c/0xb0
[  137.265465][ T7922]  memdup_user+0x5e/0xd0
[  137.265499][ T7922]  autofs_dev_ioctl+0x167/0x6a0
[  137.265540][ T7922]  ? __pfx_autofs_dev_ioctl+0x10/0x10
[  137.265579][ T7922]  __se_sys_ioctl+0xcb/0x140
[  137.265682][ T7922]  __x64_sys_ioctl+0x43/0x50
[  137.265714][ T7922]  x64_sys_call+0x19a8/0x2fb0
[  137.265736][ T7922]  do_syscall_64+0xd2/0x200
[  137.265766][ T7922]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  137.265844][ T7922]  ? clear_bhb_loop+0x40/0x90
[  137.265865][ T7922]  ? clear_bhb_loop+0x40/0x90
[  137.265888][ T7922]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.265958][ T7922] RIP: 0033:0x7fced6fde929
[  137.265974][ T7922] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  137.265992][ T7922] RSP: 002b:00007fced5647038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  137.266011][ T7922] RAX: ffffffffffffffda RBX: 00007fced7205fa0 RCX: 00007fced6fde929
[  137.266024][ T7922] RDX: 0000200000000200 RSI: 00000000c018937e RDI: 0000000000000003
[  137.266036][ T7922] RBP: 00007fced5647090 R08: 0000000000000000 R09: 0000000000000000
[  137.266127][ T7922] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  137.266140][ T7922] R13: 0000000000000000 R14: 00007fced7205fa0 R15: 00007ffc24d07818
[  137.266159][ T7922]  </TASK>
[  137.492977][ T7924] xt_CT: You must specify a L4 protocol and not use inversions on it
[  137.529078][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.552020][ T7933] netlink: 'syz.1.1518': attribute type 4 has an invalid length.
[  137.567262][ T7932] loop4: detected capacity change from 0 to 512
[  137.586309][ T7932] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  137.586585][ T3325] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.628253][ T7941] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1521'.
[  137.638533][ T7943] FAULT_INJECTION: forcing a failure.
[  137.638533][ T7943] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  137.653683][ T7943] CPU: 0 UID: 0 PID: 7943 Comm: syz.2.1522 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(voluntary) 
[  137.653717][ T7943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  137.653732][ T7943] Call Trace:
[  137.653738][ T7943]  <TASK>
[  137.653747][ T7943]  __dump_stack+0x1d/0x30
[  137.653814][ T7943]  dump_stack_lvl+0xe8/0x140
[  137.653839][ T7943]  dump_stack+0x15/0x1b
[  137.653858][ T7943]  should_fail_ex+0x265/0x280
[  137.653882][ T7943]  should_fail+0xb/0x20
[  137.653901][ T7943]  should_fail_usercopy+0x1a/0x20
[  137.653971][ T7932] EXT4-fs (loop4): mount failed
[  137.653993][ T7943]  _copy_to_user+0x20/0xa0
[  137.654095][ T7943]  simple_read_from_buffer+0xb5/0x130
[  137.654143][ T7943]  proc_fail_nth_read+0x100/0x140
[  137.654184][ T7943]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  137.654225][ T7943]  vfs_read+0x19d/0x6f0
[  137.654249][ T7943]  ? __rcu_read_unlock+0x4f/0x70
[  137.654279][ T7943]  ? __rcu_read_unlock+0x4f/0x70
[  137.654307][ T7943]  ? __fget_files+0x184/0x1c0
[  137.654392][ T7943]  ksys_read+0xda/0x1a0
[  137.654419][ T7943]  __x64_sys_read+0x40/0x50
[  137.654453][ T7943]  x64_sys_call+0x2d77/0x2fb0
[  137.654482][ T7943]  do_syscall_64+0xd2/0x200
[  137.654510][ T7943]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  137.654600][ T7943]  ? clear_bhb_loop+0x40/0x90
[  137.654629][ T7943]  ? clear_bhb_loop+0x40/0x90
[  137.654658][ T7943]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.654778][ T7943] RIP: 0033:0x7f01f5a4d33c
[  137.654798][ T7943] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  137.654822][ T7943] RSP: 002b:00007f01f40b7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  137.654846][ T7943] RAX: ffffffffffffffda RBX: 00007f01f5c75fa0 RCX: 00007f01f5a4d33c
[  137.654942][ T7943] RDX: 000000000000000f RSI: 00007f01f40b70a0 RDI: 0000000000000007
[  137.655012][ T7943] RBP: 00007f01f40b7090 R08: 0000000000000000 R09: 0000000000000000
[  137.655040][ T7943] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  137.655056][ T7943] R13: 0000000000000000 R14: 00007f01f5c75fa0 R15: 00007ffd59a4e458
[  137.655081][ T7943]  </TASK>
[  137.740424][ T7948] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1524'.
[  137.821401][ T7953] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1525'.
[  137.969386][ T7963] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1519'.
[  138.001539][ T7966] FAULT_INJECTION: forcing a failure.
[  138.001539][ T7966] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  138.015410][ T7966] CPU: 0 UID: 0 PID: 7966 Comm: syz.3.1529 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(voluntary) 
[  138.015454][ T7966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  138.015514][ T7966] Call Trace:
[  138.015522][ T7966]  <TASK>
[  138.015531][ T7966]  __dump_stack+0x1d/0x30
[  138.015559][ T7966]  dump_stack_lvl+0xe8/0x140
[  138.015648][ T7966]  dump_stack+0x15/0x1b
[  138.015667][ T7966]  should_fail_ex+0x265/0x280
[  138.015744][ T7966]  should_fail+0xb/0x20
[  138.015767][ T7966]  should_fail_usercopy+0x1a/0x20
[  138.015861][ T7966]  _copy_from_iter+0xcf/0xe40
[  138.015888][ T7966]  ? __build_skb_around+0x1a0/0x200
[  138.015918][ T7966]  ? __alloc_skb+0x223/0x320
[  138.016034][ T7966]  netlink_sendmsg+0x471/0x6b0
[  138.016077][ T7966]  ? __pfx_netlink_sendmsg+0x10/0x10
[  138.016117][ T7966]  __sock_sendmsg+0x145/0x180
[  138.016137][ T7966]  ____sys_sendmsg+0x31e/0x4e0
[  138.016349][ T7966]  ___sys_sendmsg+0x17b/0x1d0
[  138.016410][ T7966]  __x64_sys_sendmsg+0xd4/0x160
[  138.016483][ T7966]  x64_sys_call+0x2999/0x2fb0
[  138.016513][ T7966]  do_syscall_64+0xd2/0x200
[  138.016544][ T7966]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  138.016650][ T7966]  ? clear_bhb_loop+0x40/0x90
[  138.016678][ T7966]  ? clear_bhb_loop+0x40/0x90
[  138.016706][ T7966]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.016733][ T7966] RIP: 0033:0x7f0621e3e929
[  138.016775][ T7966] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  138.016800][ T7966] RSP: 002b:00007f06204a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  138.016826][ T7966] RAX: ffffffffffffffda RBX: 00007f0622065fa0 RCX: 00007f0621e3e929
[  138.016843][ T7966] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000004
[  138.016856][ T7966] RBP: 00007f06204a7090 R08: 0000000000000000 R09: 0000000000000000
[  138.016924][ T7966] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  138.016940][ T7966] R13: 0000000000000000 R14: 00007f0622065fa0 R15: 00007ffc399a0d08
[  138.016972][ T7966]  </TASK>
[  138.266917][ T7972] netlink: 'syz.3.1531': attribute type 4 has an invalid length.
[  138.320842][ T7970] loop2: detected capacity change from 0 to 4096
[  138.338519][ T7978] FAULT_INJECTION: forcing a failure.
[  138.338519][ T7978] name failslab, interval 1, probability 0, space 0, times 0
[  138.352388][ T7978] CPU: 1 UID: 0 PID: 7978 Comm: syz.3.1534 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(voluntary) 
[  138.352418][ T7978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  138.352433][ T7978] Call Trace:
[  138.352441][ T7978]  <TASK>
[  138.352450][ T7978]  __dump_stack+0x1d/0x30
[  138.352534][ T7978]  dump_stack_lvl+0xe8/0x140
[  138.352557][ T7978]  dump_stack+0x15/0x1b
[  138.352578][ T7978]  should_fail_ex+0x265/0x280
[  138.352603][ T7978]  ? do_inotify_init+0x93/0x270
[  138.352630][ T7978]  should_failslab+0x8c/0xb0
[  138.352689][ T7978]  __kmalloc_cache_noprof+0x4c/0x320
[  138.352827][ T7978]  do_inotify_init+0x93/0x270
[  138.352856][ T7978]  __ia32_sys_inotify_init+0x10/0x20
[  138.352884][ T7978]  x64_sys_call+0xe16/0x2fb0
[  138.352916][ T7978]  do_syscall_64+0xd2/0x200
[  138.352955][ T7978]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  138.353071][ T7978]  ? clear_bhb_loop+0x40/0x90
[  138.353101][ T7978]  ? clear_bhb_loop+0x40/0x90
[  138.353174][ T7978]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.353204][ T7978] RIP: 0033:0x7f0621e3e929
[  138.353223][ T7978] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  138.353245][ T7978] RSP: 002b:00007f06204a7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fd
[  138.353267][ T7978] RAX: ffffffffffffffda RBX: 00007f0622065fa0 RCX: 00007f0621e3e929
[  138.353360][ T7978] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  138.353377][ T7978] RBP: 00007f06204a7090 R08: 0000000000000000 R09: 0000000000000000
[  138.353393][ T7978] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  138.353407][ T7978] R13: 0000000000000000 R14: 00007f0622065fa0 R15: 00007ffc399a0d08
[  138.353433][ T7978]  </TASK>
[  138.581921][ T7970] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  138.620907][ T7984] loop4: detected capacity change from 0 to 512
[  138.633062][ T7984] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.1535: bg 0: block 5: invalid block bitmap
[  138.649413][ T7984] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  138.673445][ T7984] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.1535: invalid indirect mapped block 3 (level 2)
[  138.674159][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.703166][ T7984] EXT4-fs (loop4): 2 truncates cleaned up
[  138.726419][ T7984] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  138.794401][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.939824][ T8012] FAULT_INJECTION: forcing a failure.
[  138.939824][ T8012] name failslab, interval 1, probability 0, space 0, times 0
[  138.953380][ T8012] CPU: 1 UID: 0 PID: 8012 Comm: syz.3.1546 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(voluntary) 
[  138.953418][ T8012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  138.953463][ T8012] Call Trace:
[  138.953471][ T8012]  <TASK>
[  138.953480][ T8012]  __dump_stack+0x1d/0x30
[  138.953506][ T8012]  dump_stack_lvl+0xe8/0x140
[  138.953531][ T8012]  dump_stack+0x15/0x1b
[  138.953551][ T8012]  should_fail_ex+0x265/0x280
[  138.953577][ T8012]  should_failslab+0x8c/0xb0
[  138.953660][ T8012]  kmem_cache_alloc_node_noprof+0x57/0x320
[  138.953699][ T8012]  ? __alloc_skb+0x101/0x320
[  138.953772][ T8012]  __alloc_skb+0x101/0x320
[  138.953806][ T8012]  netlink_alloc_large_skb+0xba/0xf0
[  138.953915][ T8012]  netlink_sendmsg+0x3cf/0x6b0
[  138.953952][ T8012]  ? __pfx_netlink_sendmsg+0x10/0x10
[  138.954045][ T8012]  __sock_sendmsg+0x145/0x180
[  138.954105][ T8012]  ____sys_sendmsg+0x31e/0x4e0
[  138.954162][ T8012]  ___sys_sendmsg+0x17b/0x1d0
[  138.954219][ T8012]  __x64_sys_sendmsg+0xd4/0x160
[  138.954270][ T8012]  x64_sys_call+0x2999/0x2fb0
[  138.954296][ T8012]  do_syscall_64+0xd2/0x200
[  138.954375][ T8012]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  138.954460][ T8012]  ? clear_bhb_loop+0x40/0x90
[  138.954488][ T8012]  ? clear_bhb_loop+0x40/0x90
[  138.954513][ T8012]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.954563][ T8012] RIP: 0033:0x7f0621e3e929
[  138.954585][ T8012] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  138.954621][ T8012] RSP: 002b:00007f06204a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  138.954647][ T8012] RAX: ffffffffffffffda RBX: 00007f0622065fa0 RCX: 00007f0621e3e929
[  138.954663][ T8012] RDX: 0000000000000800 RSI: 0000200000000200 RDI: 0000000000000005
[  138.954731][ T8012] RBP: 00007f06204a7090 R08: 0000000000000000 R09: 0000000000000000
[  138.954747][ T8012] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  138.954759][ T8012] R13: 0000000000000000 R14: 00007f0622065fa0 R15: 00007ffc399a0d08
[  138.954785][ T8012]  </TASK>
[  139.251359][ T8018] __nla_validate_parse: 1 callbacks suppressed
[  139.251379][ T8018] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1548'.
[  139.359073][ T8024] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  139.394174][ T8028] loop4: detected capacity change from 0 to 256
[  139.407505][ T8028] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000001)
[  139.416702][ T8028] FAT-fs (loop4): Filesystem has been set read-only
[  139.556036][ T3386] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  139.564210][ T3386] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  139.572047][ T3386] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  139.580555][ T3386] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  139.588347][ T3386] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  139.596272][ T3386] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  139.604825][ T3386] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  139.612436][ T3386] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  139.619956][ T3386] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  139.627553][ T3386] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  139.635905][ T3386] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  139.644825][ T3386] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  139.652466][ T3386] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  139.660685][ T3386] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  139.668650][ T3386] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  139.676937][ T3386] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  139.685123][ T3386] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  139.694083][ T3386] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  139.701590][ T3386] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  139.709916][ T3386] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  139.717456][ T3386] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  139.725032][ T3386] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  139.732638][ T3386] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  139.740278][ T3386] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  139.748241][ T3386] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  139.755888][ T3386] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  139.763590][ T3386] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  139.771202][ T3386] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  139.779189][ T3386] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  139.788471][ T3386] hid-generic 0000:0000:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  139.822103][ T8034] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=8034 comm=syz.4.1554
[  139.841457][ T8036] netem: change failed
[  139.926001][ T8040] loop4: detected capacity change from 0 to 512
[  139.975242][ T8040] ext2: Unknown parameter 'fowner>00000000000000000000'
[  140.032611][ T8050] loop4: detected capacity change from 0 to 256
[  140.043404][ T8050] openvswitch: netlink: Message has 6 unknown bytes.
[  140.051636][ T8054] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1563'.
[  140.096908][ T8059] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1565'.
[  140.137062][   T29] kauditd_printk_skb: 413 callbacks suppressed
[  140.137080][   T29] audit: type=1326 audit(2000000009.090:8230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8058 comm="syz.4.1565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fced6fe0847 code=0x7ffc0000
[  140.170286][   T29] audit: type=1326 audit(2000000009.090:8231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8064 comm="syz.0.1568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65c856e929 code=0x7ffc0000
[  140.177694][ T8059] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1565'.
[  140.196332][   T29] audit: type=1326 audit(2000000009.090:8232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8064 comm="syz.0.1568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f65c856e929 code=0x7ffc0000
[  140.206339][ T8059] IPVS: Error joining to the multicast group
[  140.229773][   T29] audit: type=1326 audit(2000000009.090:8233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8064 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65c856e929 code=0x7ffc0000
[  140.261379][   T29] audit: type=1326 audit(2000000009.090:8234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8064 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f65c856e929 code=0x7ffc0000
[  140.287437][   T29] audit: type=1326 audit(2000000009.090:8235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8064 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65c856e929 code=0x7ffc0000
[  140.294810][ T8067] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1567'.
[  140.312424][   T29] audit: type=1326 audit(2000000009.090:8236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8064 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f65c856e929 code=0x7ffc0000
[  140.312466][   T29] audit: type=1326 audit(2000000009.090:8237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8064 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65c856e929 code=0x7ffc0000
[  140.374553][   T29] audit: type=1326 audit(2000000009.090:8238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8064 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7f65c856e929 code=0x7ffc0000
[  140.398793][   T29] audit: type=1326 audit(2000000009.090:8239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8064 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65c856e929 code=0x7ffc0000
[  140.507887][ T8079] FAULT_INJECTION: forcing a failure.
[  140.507887][ T8079] name failslab, interval 1, probability 0, space 0, times 0
[  140.521736][ T8079] CPU: 0 UID: 0 PID: 8079 Comm: syz.0.1572 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(voluntary) 
[  140.521788][ T8079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  140.521804][ T8079] Call Trace:
[  140.521814][ T8079]  <TASK>
[  140.521823][ T8079]  __dump_stack+0x1d/0x30
[  140.521850][ T8079]  dump_stack_lvl+0xe8/0x140
[  140.521943][ T8079]  dump_stack+0x15/0x1b
[  140.521960][ T8079]  should_fail_ex+0x265/0x280
[  140.521988][ T8079]  should_failslab+0x8c/0xb0
[  140.522012][ T8079]  __kvmalloc_node_noprof+0x123/0x4e0
[  140.522069][ T8079]  ? xt_alloc_table_info+0x3b/0x80
[  140.522105][ T8079]  ? should_fail_ex+0xdb/0x280
[  140.522216][ T8079]  xt_alloc_table_info+0x3b/0x80
[  140.522245][ T8079]  do_ip6t_set_ctl+0x5a5/0x840
[  140.522291][ T8079]  ? kstrtoull+0x111/0x140
[  140.522330][ T8079]  ? __rcu_read_unlock+0x4f/0x70
[  140.522360][ T8079]  nf_setsockopt+0x196/0x1b0
[  140.522423][ T8079]  ipv6_setsockopt+0x11a/0x130
[  140.522524][ T8079]  rawv6_setsockopt+0x1d2/0x420
[  140.522551][ T8079]  sock_common_setsockopt+0x66/0x80
[  140.522588][ T8079]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  140.522610][ T8079]  __sys_setsockopt+0x184/0x200
[  140.522638][ T8079]  __x64_sys_setsockopt+0x64/0x80
[  140.522714][ T8079]  x64_sys_call+0x2bd5/0x2fb0
[  140.522811][ T8079]  do_syscall_64+0xd2/0x200
[  140.522846][ T8079]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  140.522880][ T8079]  ? clear_bhb_loop+0x40/0x90
[  140.522927][ T8079]  ? clear_bhb_loop+0x40/0x90
[  140.522949][ T8079]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  140.522968][ T8079] RIP: 0033:0x7f65c856e929
[  140.522989][ T8079] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  140.523012][ T8079] RSP: 002b:00007f65c6bd7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  140.523037][ T8079] RAX: ffffffffffffffda RBX: 00007f65c8795fa0 RCX: 00007f65c856e929
[  140.523083][ T8079] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[  140.523095][ T8079] RBP: 00007f65c6bd7090 R08: 0000000000000520 R09: 0000000000000000
[  140.523106][ T8079] R10: 0000200000000600 R11: 0000000000000246 R12: 0000000000000001
[  140.523120][ T8079] R13: 0000000000000000 R14: 00007f65c8795fa0 R15: 00007fff2f4de4d8
[  140.523144][ T8079]  </TASK>
[  140.784532][ T8067] x_tables: ip6_tables: tcpmss match: only valid for protocol 6
[  140.965377][ T8090] lo speed is unknown, defaulting to 1000
[  141.046849][ T8092] xt_CT: You must specify a L4 protocol and not use inversions on it
[  141.122448][ T8097] 8021q: adding VLAN 0 to HW filter on device bond1
[  141.132004][ T8097] bridge0: port 2(bond1) entered blocking state
[  141.139123][ T8097] bridge0: port 2(bond1) entered disabled state
[  141.153362][ T8097] bond1: entered allmulticast mode
[  141.191686][ T8102] loop3: detected capacity change from 0 to 512
[  141.200746][ T8097] bond1: entered promiscuous mode
[  141.207015][ T8097] bridge0: port 2(bond1) entered blocking state
[  141.214508][ T8097] bridge0: port 2(bond1) entered forwarding state
[  141.223137][ T5821] bridge0: port 2(bond1) entered disabled state
[  141.229100][ T8102] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.1580: bg 0: block 5: invalid block bitmap
[  141.250836][ T8102] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  141.305107][ T8102] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.1580: invalid indirect mapped block 3 (level 2)
[  141.327755][ T8102] EXT4-fs (loop3): 2 truncates cleaned up
[  141.346081][ T8102] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  141.367957][ T8111] loop4: detected capacity change from 0 to 1024
[  141.396600][ T3325] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.419680][ T8115] FAULT_INJECTION: forcing a failure.
[  141.419680][ T8115] name failslab, interval 1, probability 0, space 0, times 0
[  141.436208][ T8115] CPU: 0 UID: 0 PID: 8115 Comm: syz.0.1586 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(voluntary) 
[  141.436310][ T8115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  141.436324][ T8115] Call Trace:
[  141.436331][ T8115]  <TASK>
[  141.436338][ T8115]  __dump_stack+0x1d/0x30
[  141.436414][ T8115]  dump_stack_lvl+0xe8/0x140
[  141.436435][ T8115]  dump_stack+0x15/0x1b
[  141.436461][ T8115]  should_fail_ex+0x265/0x280
[  141.436485][ T8115]  should_failslab+0x8c/0xb0
[  141.436509][ T8115]  __kmalloc_noprof+0xa5/0x3e0
[  141.436540][ T8115]  ? io_cache_alloc_new+0x2a/0xb0
[  141.436575][ T8115]  io_cache_alloc_new+0x2a/0xb0
[  141.436599][ T8115]  __io_prep_rw+0xcf/0x660
[  141.436635][ T8115]  ? __io_alloc_req_refill+0x12e/0x1d0
[  141.436693][ T8115]  io_prep_read+0x20/0xa0
[  141.436727][ T8115]  io_submit_sqes+0x5e5/0xfd0
[  141.436840][ T8115]  __se_sys_io_uring_enter+0x1c1/0x1b70
[  141.436893][ T8115]  ? 0xffffffff81000000
[  141.436905][ T8115]  ? __rcu_read_unlock+0x4f/0x70
[  141.436940][ T8115]  ? get_pid_task+0x96/0xd0
[  141.437038][ T8115]  ? proc_fail_nth_write+0x12d/0x160
[  141.437067][ T8115]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  141.437096][ T8115]  ? vfs_write+0x75e/0x8e0
[  141.437201][ T8115]  ? __rcu_read_unlock+0x4f/0x70
[  141.437228][ T8115]  ? __fget_files+0x184/0x1c0
[  141.437258][ T8115]  ? fput+0x8f/0xc0
[  141.437403][ T8115]  __x64_sys_io_uring_enter+0x78/0x90
[  141.437502][ T8115]  x64_sys_call+0x28c8/0x2fb0
[  141.437526][ T8115]  do_syscall_64+0xd2/0x200
[  141.437638][ T8115]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  141.437670][ T8115]  ? clear_bhb_loop+0x40/0x90
[  141.437691][ T8115]  ? clear_bhb_loop+0x40/0x90
[  141.437712][ T8115]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.437760][ T8115] RIP: 0033:0x7f65c856e929
[  141.437779][ T8115] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  141.437803][ T8115] RSP: 002b:00007f65c6bd7038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  141.437826][ T8115] RAX: ffffffffffffffda RBX: 00007f65c8795fa0 RCX: 00007f65c856e929
[  141.437843][ T8115] RDX: 0000000000000000 RSI: 000000000000184c RDI: 0000000000000004
[  141.437854][ T8115] RBP: 00007f65c6bd7090 R08: 0000000000000000 R09: 0000000000000000
[  141.437866][ T8115] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  141.437920][ T8115] R13: 0000000000000000 R14: 00007f65c8795fa0 R15: 00007fff2f4de4d8
[  141.437943][ T8115]  </TASK>
[  141.473831][ T8111] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  141.504758][ T8121] FAULT_INJECTION: forcing a failure.
[  141.504758][ T8121] name failslab, interval 1, probability 0, space 0, times 0
[  141.512483][ T8111] ext4 filesystem being mounted at /313/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  141.515546][ T8121] CPU: 0 UID: 0 PID: 8121 Comm: syz.3.1585 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(voluntary) 
[  141.515647][ T8121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  141.515665][ T8121] Call Trace:
[  141.515674][ T8121]  <TASK>
[  141.515685][ T8121]  __dump_stack+0x1d/0x30
[  141.515712][ T8121]  dump_stack_lvl+0xe8/0x140
[  141.515739][ T8121]  dump_stack+0x15/0x1b
[  141.515821][ T8121]  should_fail_ex+0x265/0x280
[  141.515858][ T8121]  should_failslab+0x8c/0xb0
[  141.515899][ T8121]  __kmalloc_noprof+0xa5/0x3e0
[  141.515934][ T8121]  ? rds_message_alloc+0x45/0x120
[  141.516049][ T8121]  rds_message_alloc+0x45/0x120
[  141.516125][ T8121]  rds_sendmsg+0x860/0x14a0
[  141.516158][ T8121]  ? __pfx_rds_sendmsg+0x10/0x10
[  141.516195][ T8121]  __sock_sendmsg+0x145/0x180
[  141.516257][ T8121]  ____sys_sendmsg+0x31e/0x4e0
[  141.516300][ T8121]  ___sys_sendmsg+0x17b/0x1d0
[  141.516356][ T8121]  __x64_sys_sendmsg+0xd4/0x160
[  141.516449][ T8121]  x64_sys_call+0x2999/0x2fb0
[  141.516523][ T8121]  do_syscall_64+0xd2/0x200
[  141.516561][ T8121]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  141.516596][ T8121]  ? clear_bhb_loop+0x40/0x90
[  141.516652][ T8121]  ? clear_bhb_loop+0x40/0x90
[  141.516681][ T8121]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.516719][ T8121] RIP: 0033:0x7f0621e3e929
[  141.516740][ T8121] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  141.516764][ T8121] RSP: 002b:00007f06204a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  141.516789][ T8121] RAX: ffffffffffffffda RBX: 00007f0622065fa0 RCX: 00007f0621e3e929
[  141.516806][ T8121] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000004
[  141.516885][ T8121] RBP: 00007f06204a7090 R08: 0000000000000000 R09: 0000000000000000
[  141.516901][ T8121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  141.516917][ T8121] R13: 0000000000000000 R14: 00007f0622065fa0 R15: 00007ffc399a0d08
[  141.516940][ T8121]  </TASK>
[  142.089286][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.653684][ T8145] loop2: detected capacity change from 0 to 2048
[  142.663293][ T8147] loop3: detected capacity change from 0 to 512
[  142.705540][ T8145] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  142.747307][ T8147] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.1596: bg 0: block 5: invalid block bitmap
[  142.789627][ T8147] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  142.823866][ T8156] loop4: detected capacity change from 0 to 512
[  142.835911][ T8147] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.1596: invalid indirect mapped block 3 (level 2)
[  142.854340][ T8145] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.875438][ T8147] EXT4-fs (loop3): 2 truncates cleaned up
[  142.883608][ T8147] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  142.895694][ T8156] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.1599: bg 0: block 5: invalid block bitmap
[  142.918107][ T8156] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  142.930507][ T8156] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.1599: invalid indirect mapped block 3 (level 2)
[  142.951454][ T8156] EXT4-fs (loop4): 2 truncates cleaned up
[  142.959660][ T8156] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  142.989040][ T3325] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.024177][ T8174] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1607'.
[  143.034746][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.138747][ T8188] netem: change failed
[  143.301594][ T8202] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1617'.
[  143.312848][ T8202] FAULT_INJECTION: forcing a failure.
[  143.312848][ T8202] name failslab, interval 1, probability 0, space 0, times 0
[  143.326780][ T8202] CPU: 1 UID: 0 PID: 8202 Comm: syz.2.1617 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(voluntary) 
[  143.326817][ T8202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  143.326833][ T8202] Call Trace:
[  143.326841][ T8202]  <TASK>
[  143.326849][ T8202]  __dump_stack+0x1d/0x30
[  143.326877][ T8202]  dump_stack_lvl+0xe8/0x140
[  143.326902][ T8202]  dump_stack+0x15/0x1b
[  143.326999][ T8202]  should_fail_ex+0x265/0x280
[  143.327026][ T8202]  should_failslab+0x8c/0xb0
[  143.327081][ T8202]  kmem_cache_alloc_node_noprof+0x57/0x320
[  143.327127][ T8202]  ? __alloc_skb+0x101/0x320
[  143.327161][ T8202]  __alloc_skb+0x101/0x320
[  143.327249][ T8202]  netlink_ack+0xfd/0x500
[  143.327279][ T8202]  ? __pfx_ethnl_act_cable_test_tdr+0x10/0x10
[  143.327373][ T8202]  netlink_rcv_skb+0x192/0x220
[  143.327409][ T8202]  ? __pfx_genl_rcv_msg+0x10/0x10
[  143.327508][ T8202]  genl_rcv+0x28/0x40
[  143.327531][ T8202]  netlink_unicast+0x59e/0x670
[  143.327567][ T8202]  netlink_sendmsg+0x58b/0x6b0
[  143.327658][ T8202]  ? __pfx_netlink_sendmsg+0x10/0x10
[  143.327697][ T8202]  __sock_sendmsg+0x145/0x180
[  143.327787][ T8202]  ____sys_sendmsg+0x31e/0x4e0
[  143.327905][ T8202]  ___sys_sendmsg+0x17b/0x1d0
[  143.327971][ T8202]  __x64_sys_sendmsg+0xd4/0x160
[  143.328021][ T8202]  x64_sys_call+0x2999/0x2fb0
[  143.328050][ T8202]  do_syscall_64+0xd2/0x200
[  143.328087][ T8202]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  143.328175][ T8202]  ? clear_bhb_loop+0x40/0x90
[  143.328202][ T8202]  ? clear_bhb_loop+0x40/0x90
[  143.328231][ T8202]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  143.328257][ T8202] RIP: 0033:0x7f01f5a4e929
[  143.328329][ T8202] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  143.328391][ T8202] RSP: 002b:00007f01f40b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  143.328414][ T8202] RAX: ffffffffffffffda RBX: 00007f01f5c75fa0 RCX: 00007f01f5a4e929
[  143.328431][ T8202] RDX: 0000000000000000 RSI: 0000200000001540 RDI: 0000000000000004
[  143.328466][ T8202] RBP: 00007f01f40b7090 R08: 0000000000000000 R09: 0000000000000000
[  143.328482][ T8202] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  143.328498][ T8202] R13: 0000000000000000 R14: 00007f01f5c75fa0 R15: 00007ffd59a4e458
[  143.328523][ T8202]  </TASK>
[  143.641386][ T8207] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1619'.
[  144.084591][ T8219] FAULT_INJECTION: forcing a failure.
[  144.084591][ T8219] name failslab, interval 1, probability 0, space 0, times 0
[  144.098268][ T8219] CPU: 1 UID: 0 PID: 8219 Comm: syz.3.1623 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(voluntary) 
[  144.098376][ T8219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  144.098397][ T8219] Call Trace:
[  144.098404][ T8219]  <TASK>
[  144.098414][ T8219]  __dump_stack+0x1d/0x30
[  144.098458][ T8219]  dump_stack_lvl+0xe8/0x140
[  144.098480][ T8219]  dump_stack+0x15/0x1b
[  144.098496][ T8219]  should_fail_ex+0x265/0x280
[  144.098515][ T8219]  ? audit_log_d_path+0x8d/0x150
[  144.098623][ T8219]  should_failslab+0x8c/0xb0
[  144.098654][ T8219]  __kmalloc_cache_noprof+0x4c/0x320
[  144.098685][ T8219]  audit_log_d_path+0x8d/0x150
[  144.098716][ T8219]  audit_log_d_path_exe+0x42/0x70
[  144.098760][ T8219]  audit_log_task+0x1e9/0x250
[  144.098801][ T8219]  audit_seccomp+0x61/0x100
[  144.098828][ T8219]  ? __seccomp_filter+0x68c/0x10d0
[  144.098876][ T8219]  __seccomp_filter+0x69d/0x10d0
[  144.098905][ T8219]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  144.098935][ T8219]  ? vfs_write+0x75e/0x8e0
[  144.098969][ T8219]  __secure_computing+0x82/0x150
[  144.099007][ T8219]  syscall_trace_enter+0xcf/0x1e0
[  144.099078][ T8219]  do_syscall_64+0xac/0x200
[  144.099132][ T8219]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  144.099237][ T8219]  ? clear_bhb_loop+0x40/0x90
[  144.099265][ T8219]  ? clear_bhb_loop+0x40/0x90
[  144.099293][ T8219]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  144.099371][ T8219] RIP: 0033:0x7f0621e3e929
[  144.099391][ T8219] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  144.099412][ T8219] RSP: 002b:00007f06204a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000010c
[  144.099431][ T8219] RAX: ffffffffffffffda RBX: 00007f0622065fa0 RCX: 00007f0621e3e929
[  144.099460][ T8219] RDX: 00000000fffffebb RSI: 0000200000000000 RDI: ffffffffffffff9c
[  144.099472][ T8219] RBP: 00007f06204a7090 R08: 0000000000000000 R09: 0000000000000000
[  144.099487][ T8219] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  144.099498][ T8219] R13: 0000000000000000 R14: 00007f0622065fa0 R15: 00007ffc399a0d08
[  144.099519][ T8219]  </TASK>
[  144.370512][ T8221] netem: change failed
[  144.396901][ T8223] loop3: detected capacity change from 0 to 1024
[  144.467021][ T8217] loop2: detected capacity change from 0 to 512
[  144.476718][ T8217] EXT4-fs (loop2): orphan cleanup on readonly fs
[  144.484578][ T8223] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  144.515550][ T8223] ext4 filesystem being mounted at /332/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  144.528910][ T8217] EXT4-fs error (device loop2): ext4_orphan_get:1419: comm syz.2.1621: bad orphan inode 13
[  144.547869][ T8217] ext4_test_bit(bit=12, block=18) = 1
[  144.553674][ T8217] is_bad_inode(inode)=0
[  144.557957][ T8217] NEXT_ORPHAN(inode)=2130706432
[  144.563397][ T8217] max_ino=32
[  144.566845][ T8217] i_nlink=1
[  144.598498][ T3325] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.608278][ T8217] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  144.631342][ T8217] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  144.643137][ T8217] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  144.669287][ T8237] FAULT_INJECTION: forcing a failure.
[  144.669287][ T8237] name failslab, interval 1, probability 0, space 0, times 0
[  144.684413][ T8237] CPU: 1 UID: 0 PID: 8237 Comm: syz.3.1630 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(voluntary) 
[  144.684449][ T8237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  144.684465][ T8237] Call Trace:
[  144.684474][ T8237]  <TASK>
[  144.684484][ T8237]  __dump_stack+0x1d/0x30
[  144.684571][ T8237]  dump_stack_lvl+0xe8/0x140
[  144.684595][ T8237]  dump_stack+0x15/0x1b
[  144.684622][ T8237]  should_fail_ex+0x265/0x280
[  144.684648][ T8237]  should_failslab+0x8c/0xb0
[  144.684672][ T8237]  kmem_cache_alloc_noprof+0x50/0x310
[  144.684758][ T8237]  ? skb_clone+0x151/0x1f0
[  144.684791][ T8237]  skb_clone+0x151/0x1f0
[  144.684882][ T8237]  dev_queue_xmit_nit+0x146/0x680
[  144.684970][ T8237]  ? ___slab_alloc+0x275/0x900
[  144.685006][ T8237]  dev_hard_start_xmit+0xd3/0x3e0
[  144.685040][ T8237]  ? validate_xmit_skb+0x746/0x910
[  144.685117][ T8237]  __dev_queue_xmit+0x10b9/0x1fb0
[  144.685144][ T8237]  ? __dev_queue_xmit+0x182/0x1fb0
[  144.685181][ T8237]  ? __rcu_read_unlock+0x4f/0x70
[  144.685242][ T8237]  __netlink_deliver_tap+0x3c3/0x500
[  144.685286][ T8237]  netlink_unicast+0x64c/0x670
[  144.685337][ T8237]  netlink_sendmsg+0x58b/0x6b0
[  144.685372][ T8237]  ? __pfx_netlink_sendmsg+0x10/0x10
[  144.685435][ T8237]  __sock_sendmsg+0x145/0x180
[  144.685522][ T8237]  ____sys_sendmsg+0x31e/0x4e0
[  144.685596][ T8237]  ___sys_sendmsg+0x17b/0x1d0
[  144.685754][ T8237]  __x64_sys_sendmsg+0xd4/0x160
[  144.685797][ T8237]  x64_sys_call+0x2999/0x2fb0
[  144.685817][ T8237]  do_syscall_64+0xd2/0x200
[  144.685846][ T8237]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  144.685874][ T8237]  ? clear_bhb_loop+0x40/0x90
[  144.685902][ T8237]  ? clear_bhb_loop+0x40/0x90
[  144.685925][ T8237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  144.685953][ T8237] RIP: 0033:0x7f0621e3e929
[  144.685968][ T8237] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  144.685986][ T8237] RSP: 002b:00007f06204a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  144.686009][ T8237] RAX: ffffffffffffffda RBX: 00007f0622065fa0 RCX: 00007f0621e3e929
[  144.686025][ T8237] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000005
[  144.686116][ T8237] RBP: 00007f06204a7090 R08: 0000000000000000 R09: 0000000000000000
[  144.686128][ T8237] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  144.686142][ T8237] R13: 0000000000000000 R14: 00007f0622065fa0 R15: 00007ffc399a0d08
[  144.686164][ T8237]  </TASK>
[  144.692485][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.973806][ T8237] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1630'.
[  144.987019][ T8237] vlan2: entered allmulticast mode
[  144.992726][ T8237] macvtap0: entered allmulticast mode
[  144.998440][ T8237] veth0_macvtap: entered allmulticast mode
[  145.150313][ T8254] loop2: detected capacity change from 0 to 512
[  145.168915][   T29] kauditd_printk_skb: 518 callbacks suppressed
[  145.168934][   T29] audit: type=1400 audit(2000000014.120:8758): avc:  denied  { module_request } for  pid=8255 comm="syz.3.1636" kmod="ip6t_" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  145.204334][ T8254] Quota error (device loop2): v2_read_file_info: Free block number 1 out of range (1, 6).
[  145.216006][ T8254] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  145.232344][ T8254] EXT4-fs (loop2): mount failed
[  145.240387][   T29] audit: type=1400 audit(2000000014.190:8759): avc:  denied  { watch watch_reads } for  pid=8253 comm="syz.2.1637" path="/338/file0" dev="tmpfs" ino=1792 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  145.320133][ T8265] loop1: detected capacity change from 0 to 512
[  145.333787][   T29] audit: type=1400 audit(2000000014.290:8760): avc:  denied  { create } for  pid=8266 comm="syz.3.1640" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  145.343273][ T8269] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1637'.
[  145.363470][ T8265] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  145.400414][ T8265] EXT4-fs error (device loop1): ext4_get_branch:178: inode #11: block 4294967295: comm syz.1.1639: invalid block
[  145.420755][ T8265] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.1639: invalid indirect mapped block 4294967295 (level 1)
[  145.438953][ T8265] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.1639: invalid indirect mapped block 4294967295 (level 1)
[  145.457009][ T8265] EXT4-fs (loop1): 2 truncates cleaned up
[  145.464510][ T8265] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  145.508259][ T8265] EXT4-fs error (device loop1): ext4_inlinedir_to_tree:1340: inode #12: block 7: comm syz.1.1639: path /321/file0/file0: bad entry in directory: rec_len % 4 != 0 - offset=259, inode=4278190093, rec_len=255, size=60 fake=0
[  145.538555][   T29] audit: type=1400 audit(2000000014.500:8761): avc:  denied  { connect } for  pid=8266 comm="syz.3.1640" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  145.565438][ T8273] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.1639: bg 0: block 5: invalid block bitmap
[  145.583380][   T29] audit: type=1400 audit(2000000014.520:8762): avc:  denied  { write open } for  pid=8264 comm="syz.1.1639" path="/321/file0/bus" dev="loop1" ino=17 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  145.589814][ T8278] netlink: 'syz.0.1642': attribute type 4 has an invalid length.
[  145.612650][   T29] audit: type=1400 audit(2000000014.540:8763): avc:  denied  { name_bind } for  pid=8266 comm="syz.3.1640" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[  145.652754][ T8274] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  145.656116][ T8278] netlink: 'syz.0.1642': attribute type 4 has an invalid length.
[  145.661589][ T8274] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1641'.
[  145.678915][   T29] audit: type=1400 audit(2000000014.630:8764): avc:  denied  { create } for  pid=8277 comm="syz.0.1642" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  145.724810][   T29] audit: type=1400 audit(2000000014.670:8765): avc:  denied  { read } for  pid=8272 comm="syz.4.1641" name="event0" dev="devtmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  145.752655][   T29] audit: type=1400 audit(2000000014.670:8766): avc:  denied  { open } for  pid=8272 comm="syz.4.1641" path="/dev/input/event0" dev="devtmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  145.833058][ T8283] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=8283 comm=syz.3.1643
[  145.873701][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.105617][ T8300] loop1: detected capacity change from 0 to 512
[  146.115075][ T8302] netem: change failed
[  146.184079][ T8300] EXT4-fs (loop1): 1 orphan inode deleted
[  146.187726][ T8306] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=8306 comm=syz.2.1651
[  146.203520][ T8300] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  146.207241][ T5821] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:55: Failed to release dquot type 1
[  146.246252][ T8300] ext4 filesystem being mounted at /323/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  146.270143][ T8310] loop2: detected capacity change from 0 to 128
[  146.281680][ T8312] FAULT_INJECTION: forcing a failure.
[  146.281680][ T8312] name failslab, interval 1, probability 0, space 0, times 0
[  146.296024][ T8312] CPU: 0 UID: 0 PID: 8312 Comm: syz.0.1654 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(voluntary) 
[  146.296298][ T8312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  146.296311][ T8312] Call Trace:
[  146.296318][ T8312]  <TASK>
[  146.296327][ T8312]  __dump_stack+0x1d/0x30
[  146.296382][ T8312]  dump_stack_lvl+0xe8/0x140
[  146.296451][ T8312]  dump_stack+0x15/0x1b
[  146.296466][ T8312]  should_fail_ex+0x265/0x280
[  146.296484][ T8312]  should_failslab+0x8c/0xb0
[  146.296533][ T8312]  __kmalloc_noprof+0xa5/0x3e0
[  146.296558][ T8312]  ? tcf_idr_create+0x41/0x4a0
[  146.296611][ T8312]  tcf_idr_create+0x41/0x4a0
[  146.296992][ T8312]  tcf_idr_create_from_flags+0x60/0x80
[  146.297018][ T8312]  tcf_pedit_init+0x27b/0x970
[  146.297048][ T8312]  ? should_fail_ex+0xdb/0x280
[  146.297515][ T8312]  tcf_action_init_1+0x36a/0x4a0
[  146.297619][ T8312]  tcf_action_init+0x267/0x6d0
[  146.297636][ T8312]  ? mark_reg_read+0x59/0x340
[  146.297683][ T8312]  tc_ctl_action+0x291/0x830
[  146.297771][ T8312]  ? __pfx_tc_ctl_action+0x10/0x10
[  146.297791][ T8312]  rtnetlink_rcv_msg+0x657/0x6d0
[  146.297844][ T8312]  netlink_rcv_skb+0x123/0x220
[  146.297877][ T8312]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  146.297913][ T8312]  rtnetlink_rcv+0x1c/0x30
[  146.297941][ T8312]  netlink_unicast+0x59e/0x670
[  146.298012][ T8312]  netlink_sendmsg+0x58b/0x6b0
[  146.298109][ T8312]  ? __pfx_netlink_sendmsg+0x10/0x10
[  146.298137][ T8312]  __sock_sendmsg+0x145/0x180
[  146.298156][ T8312]  ____sys_sendmsg+0x31e/0x4e0
[  146.298185][ T8312]  ___sys_sendmsg+0x17b/0x1d0
[  146.298297][ T8312]  __x64_sys_sendmsg+0xd4/0x160
[  146.298326][ T8312]  x64_sys_call+0x2999/0x2fb0
[  146.298346][ T8312]  do_syscall_64+0xd2/0x200
[  146.298372][ T8312]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  146.298433][ T8312]  ? clear_bhb_loop+0x40/0x90
[  146.298522][ T8312]  ? clear_bhb_loop+0x40/0x90
[  146.298541][ T8312]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.298560][ T8312] RIP: 0033:0x7f65c856e929
[  146.298575][ T8312] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  146.298591][ T8312] RSP: 002b:00007f65c6bd7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  146.298619][ T8312] RAX: ffffffffffffffda RBX: 00007f65c8795fa0 RCX: 00007f65c856e929
[  146.298630][ T8312] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000008
[  146.298642][ T8312] RBP: 00007f65c6bd7090 R08: 0000000000000000 R09: 0000000000000000
[  146.298654][ T8312] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  146.298666][ T8312] R13: 0000000000000000 R14: 00007f65c8795fa0 R15: 00007fff2f4de4d8
[  146.298683][ T8312]  </TASK>
[  146.621201][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.655521][ T8319] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1657'.
[  146.666371][ T8319] FAULT_INJECTION: forcing a failure.
[  146.666371][ T8319] name failslab, interval 1, probability 0, space 0, times 0
[  146.681206][ T8319] CPU: 1 UID: 0 PID: 8319 Comm: syz.0.1657 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(voluntary) 
[  146.681316][ T8319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  146.681333][ T8319] Call Trace:
[  146.681341][ T8319]  <TASK>
[  146.681351][ T8319]  __dump_stack+0x1d/0x30
[  146.681406][ T8319]  dump_stack_lvl+0xe8/0x140
[  146.681484][ T8319]  dump_stack+0x15/0x1b
[  146.681506][ T8319]  should_fail_ex+0x265/0x280
[  146.681589][ T8319]  should_failslab+0x8c/0xb0
[  146.681623][ T8319]  kmem_cache_alloc_noprof+0x50/0x310
[  146.681657][ T8319]  ? skb_clone+0x151/0x1f0
[  146.681719][ T8319]  skb_clone+0x151/0x1f0
[  146.681890][ T8319]  __netlink_deliver_tap+0x2c9/0x500
[  146.681933][ T8319]  netlink_unicast+0x64c/0x670
[  146.681966][ T8319]  netlink_sendmsg+0x58b/0x6b0
[  146.682004][ T8319]  ? __pfx_netlink_sendmsg+0x10/0x10
[  146.682042][ T8319]  __sock_sendmsg+0x145/0x180
[  146.682068][ T8319]  ____sys_sendmsg+0x31e/0x4e0
[  146.682180][ T8319]  ___sys_sendmsg+0x17b/0x1d0
[  146.682226][ T8319]  __x64_sys_sendmsg+0xd4/0x160
[  146.682305][ T8319]  x64_sys_call+0x2999/0x2fb0
[  146.682325][ T8319]  do_syscall_64+0xd2/0x200
[  146.682425][ T8319]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  146.682451][ T8319]  ? clear_bhb_loop+0x40/0x90
[  146.682471][ T8319]  ? clear_bhb_loop+0x40/0x90
[  146.682492][ T8319]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.682560][ T8319] RIP: 0033:0x7f65c856e929
[  146.682574][ T8319] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  146.682591][ T8319] RSP: 002b:00007f65c6bd7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  146.682608][ T8319] RAX: ffffffffffffffda RBX: 00007f65c8795fa0 RCX: 00007f65c856e929
[  146.682625][ T8319] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[  146.682637][ T8319] RBP: 00007f65c6bd7090 R08: 0000000000000000 R09: 0000000000000000
[  146.682647][ T8319] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  146.682659][ T8319] R13: 0000000000000000 R14: 00007f65c8795fa0 R15: 00007fff2f4de4d8
[  146.682676][ T8319]  </TASK>
[  146.916496][ T8319] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1657'.
[  147.248555][ T8332] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1660'.
[  147.258653][ T8332] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1660'.
[  147.274507][ T8333] policy can only be matched on NF_INET_PRE_ROUTING
[  147.274527][ T8333] unable to load match
[  147.474351][ T8342] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1665'.
[  147.580577][ T8348] netlink: 'syz.2.1668': attribute type 13 has an invalid length.
[  147.828582][ T8359] loop2: detected capacity change from 0 to 512
[  147.854818][ T8359] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  147.868395][ T8359] ext4 filesystem being mounted at /351/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  147.913975][ T8363] loop4: detected capacity change from 0 to 512
[  147.924928][ T8363] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.1673: bg 0: block 5: invalid block bitmap
[  147.939420][ T8363] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  147.949395][ T8363] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.1673: invalid indirect mapped block 3 (level 2)
[  147.964067][ T8363] EXT4-fs (loop4): 2 truncates cleaned up
[  147.970551][ T8363] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  148.003404][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.060320][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.068260][ T8371] tipc: Started in network mode
[  148.074450][ T8371] tipc: Node identity 4e4fa0710ee4, cluster identity 4711
[  148.082075][ T8371] tipc: Enabled bearer <eth:syzkaller0>, priority 10
[  148.104358][ T8380] netlink: 256 bytes leftover after parsing attributes in process `syz.2.1678'.
[  148.141524][ T8386] loop2: detected capacity change from 0 to 512
[  148.148622][ T8386] ext2: Unknown parameter 'fowner>00000000000000000000'
[  148.157549][ T8370] tipc: Disabling bearer <eth:syzkaller0>
[  148.318311][ T8403] SELinux:  Context system_u:object_r:dhcpc_exec_t:s0 is not valid (left unmapped).
[  148.508776][ T8423] syzkaller0: entered promiscuous mode
[  148.515122][ T8423] syzkaller0: entered allmulticast mode
[  148.529170][ T8427] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1698'.
[  148.561914][ T8431] xt_hashlimit: size too large, truncated to 1048576
[  148.569503][ T8431] xt_hashlimit: Unknown mode mask 80FF, kernel too old?
[  148.657213][ T8441] loop3: detected capacity change from 0 to 1024
[  148.662682][ T8442] FAULT_INJECTION: forcing a failure.
[  148.662682][ T8442] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  148.675350][ T8441] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  148.680269][ T8442] CPU: 0 UID: 0 PID: 8442 Comm: syz.4.1701 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(voluntary) 
[  148.680309][ T8442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  148.680324][ T8442] Call Trace:
[  148.680553][ T8442]  <TASK>
[  148.680597][ T8442]  __dump_stack+0x1d/0x30
[  148.680625][ T8442]  dump_stack_lvl+0xe8/0x140
[  148.680653][ T8442]  dump_stack+0x15/0x1b
[  148.680712][ T8442]  should_fail_ex+0x265/0x280
[  148.680816][ T8442]  should_fail+0xb/0x20
[  148.680838][ T8442]  should_fail_usercopy+0x1a/0x20
[  148.680867][ T8442]  _copy_from_user+0x1c/0xb0
[  148.680899][ T8442]  snd_seq_event_dup+0x306/0x460
[  148.680986][ T8442]  snd_seq_client_enqueue_event+0x1dc/0x2a0
[  148.681055][ T8442]  snd_seq_write+0x41a/0x530
[  148.681098][ T8442]  ? __pfx_snd_seq_write+0x10/0x10
[  148.681126][ T8442]  vfs_write+0x269/0x8e0
[  148.681567][ T8442]  ? __rcu_read_unlock+0x4f/0x70
[  148.681804][ T8442]  ? __fget_files+0x184/0x1c0
[  148.681841][ T8442]  ksys_write+0xda/0x1a0
[  148.681873][ T8442]  __x64_sys_write+0x40/0x50
[  148.681902][ T8442]  x64_sys_call+0x2cdd/0x2fb0
[  148.681969][ T8442]  do_syscall_64+0xd2/0x200
[  148.682008][ T8442]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  148.682042][ T8442]  ? clear_bhb_loop+0x40/0x90
[  148.682071][ T8442]  ? clear_bhb_loop+0x40/0x90
[  148.682111][ T8442]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.682139][ T8442] RIP: 0033:0x7fced6fde929
[  148.682161][ T8442] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  148.682184][ T8442] RSP: 002b:00007fced5626038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  148.682241][ T8442] RAX: ffffffffffffffda RBX: 00007fced7206080 RCX: 00007fced6fde929
[  148.682254][ T8442] RDX: 000000000000ffc8 RSI: 0000200000000000 RDI: 0000000000000003
[  148.682267][ T8442] RBP: 00007fced5626090 R08: 0000000000000000 R09: 0000000000000000
[  148.682283][ T8442] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  148.682299][ T8442] R13: 0000000000000001 R14: 00007fced7206080 R15: 00007ffc24d07818
[  148.682326][ T8442]  </TASK>
[  148.931546][ T8441] ext4 filesystem being mounted at /345/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  148.959230][ T3325] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.979830][ T8451] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  149.123373][ T8466] netlink: 'syz.0.1711': attribute type 10 has an invalid length.
[  149.143027][ T8466] syz_tun: entered promiscuous mode
[  149.158731][ T8466] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  149.224955][ T8475] SELinux:  Context system_u:object_r:hwdata_t:s0 is not valid (left unmapped).
[  149.361993][ T8490] netlink: 'syz.3.1723': attribute type 10 has an invalid length.
[  149.370832][ T8490] FAULT_INJECTION: forcing a failure.
[  149.370832][ T8490] name failslab, interval 1, probability 0, space 0, times 0
[  149.384785][ T8490] CPU: 0 UID: 0 PID: 8490 Comm: syz.3.1723 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(voluntary) 
[  149.384846][ T8490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  149.384861][ T8490] Call Trace:
[  149.384867][ T8490]  <TASK>
[  149.384876][ T8490]  __dump_stack+0x1d/0x30
[  149.384903][ T8490]  dump_stack_lvl+0xe8/0x140
[  149.384922][ T8490]  dump_stack+0x15/0x1b
[  149.384983][ T8490]  should_fail_ex+0x265/0x280
[  149.385009][ T8490]  ? nf_nat_masq_schedule+0x149/0x330
[  149.385111][ T8490]  should_failslab+0x8c/0xb0
[  149.385143][ T8490]  __kmalloc_cache_noprof+0x4c/0x320
[  149.385182][ T8490]  ? nf_nat_masq_schedule+0x2d1/0x330
[  149.385212][ T8490]  nf_nat_masq_schedule+0x149/0x330
[  149.385402][ T8490]  ? __pfx_device_cmp+0x10/0x10
[  149.385431][ T8490]  ? __pfx_masq_device_event+0x10/0x10
[  149.385471][ T8490]  masq_device_event+0x72/0x90
[  149.385552][ T8490]  raw_notifier_call_chain+0x6c/0x1b0
[  149.385592][ T8490]  ? call_netdevice_notifiers_info+0x9c/0x100
[  149.385618][ T8490]  call_netdevice_notifiers_info+0xae/0x100
[  149.385641][ T8490]  __dev_notify_flags+0xff/0x1a0
[  149.385735][ T8490]  netif_change_flags+0xac/0xd0
[  149.385799][ T8490]  do_setlink+0x9d2/0x2810
[  149.385829][ T8490]  ? save_fpregs_to_fpstate+0x100/0x160
[  149.385871][ T8490]  ? _raw_spin_unlock+0x26/0x50
[  149.385897][ T8490]  ? finish_task_switch+0xad/0x2b0
[  149.385934][ T8490]  ? __schedule+0x6a8/0xb30
[  149.385990][ T8490]  rtnl_setlink+0x311/0x420
[  149.386045][ T8490]  ? security_capable+0x83/0x90
[  149.386111][ T8490]  ? ns_capable+0x7d/0xb0
[  149.386131][ T8490]  ? __pfx_rtnl_setlink+0x10/0x10
[  149.386225][ T8490]  rtnetlink_rcv_msg+0x5fe/0x6d0
[  149.386271][ T8490]  netlink_rcv_skb+0x123/0x220
[  149.386302][ T8490]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  149.386367][ T8490]  rtnetlink_rcv+0x1c/0x30
[  149.386406][ T8490]  netlink_unicast+0x59e/0x670
[  149.386444][ T8490]  netlink_sendmsg+0x58b/0x6b0
[  149.386555][ T8490]  ? __pfx_netlink_sendmsg+0x10/0x10
[  149.386596][ T8490]  __sock_sendmsg+0x145/0x180
[  149.386701][ T8490]  ____sys_sendmsg+0x31e/0x4e0
[  149.386743][ T8490]  ___sys_sendmsg+0x17b/0x1d0
[  149.386801][ T8490]  __x64_sys_sendmsg+0xd4/0x160
[  149.386852][ T8490]  x64_sys_call+0x2999/0x2fb0
[  149.386879][ T8490]  do_syscall_64+0xd2/0x200
[  149.386916][ T8490]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  149.387005][ T8490]  ? clear_bhb_loop+0x40/0x90
[  149.387104][ T8490]  ? clear_bhb_loop+0x40/0x90
[  149.387132][ T8490]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.387229][ T8490] RIP: 0033:0x7f0621e3e929
[  149.387248][ T8490] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  149.387270][ T8490] RSP: 002b:00007f06204a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  149.387294][ T8490] RAX: ffffffffffffffda RBX: 00007f0622065fa0 RCX: 00007f0621e3e929
[  149.387309][ T8490] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000003
[  149.387323][ T8490] RBP: 00007f06204a7090 R08: 0000000000000000 R09: 0000000000000000
[  149.387337][ T8490] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  149.387388][ T8490] R13: 0000000000000000 R14: 00007f0622065fa0 R15: 00007ffc399a0d08
[  149.387414][ T8490]  </TASK>
[  149.758013][ T8490] team0: Port device geneve1 added
[  149.909334][ T8508] loop2: detected capacity change from 0 to 1024
[  149.948428][ T8508] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  149.961922][ T8508] ext4 filesystem being mounted at /364/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  150.023875][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.035347][ T8521] ==================================================================
[  150.043967][ T8521] BUG: KCSAN: data-race in mas_state_walk / mas_wmb_replace
[  150.052732][ T8521] 
[  150.055084][ T8521] write to 0xffff88810408b900 of 8 bytes by task 8518 on cpu 1:
[  150.065096][ T8521]  mas_wmb_replace+0x20d/0x14a0
[  150.070358][ T8521]  mas_wr_store_entry+0x1773/0x2b50
[  150.076139][ T8521]  mas_store_prealloc+0x74d/0x9e0
[  150.081313][ T8521]  vma_iter_store_new+0x1c5/0x200
[  150.086840][ T8521]  vma_complete+0x125/0x570
[  150.092142][ T8521]  __split_vma+0x594/0x610
[  150.096969][ T8521]  vma_modify+0x3e9/0xc60
[  150.101515][ T8521]  vma_modify_flags+0x101/0x130
[  150.106434][ T8521]  mprotect_fixup+0x2cc/0x570
[  150.112112][ T8521]  do_mprotect_pkey+0x6d6/0x980
[  150.117124][ T8521]  __x64_sys_mprotect+0x48/0x60
[  150.122293][ T8521]  x64_sys_call+0x2794/0x2fb0
[  150.127994][ T8521]  do_syscall_64+0xd2/0x200
[  150.133525][ T8521]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.140254][ T8521] 
[  150.142768][ T8521] read to 0xffff88810408b900 of 8 bytes by task 8521 on cpu 0:
[  150.150696][ T8521]  mas_state_walk+0x485/0x650
[  150.155601][ T8521]  mas_walk+0x30/0x120
[  150.159792][ T8521]  lock_vma_under_rcu+0xa2/0x2f0
[  150.165320][ T8521]  do_user_addr_fault+0x233/0x1090
[  150.171516][ T8521]  exc_page_fault+0x62/0xa0
[  150.176157][ T8521]  asm_exc_page_fault+0x26/0x30
[  150.181140][ T8521] 
[  150.183642][ T8521] value changed: 0xffff88810aff1181 -> 0xffff88810408b900
[  150.190948][ T8521] 
[  150.193302][ T8521] Reported by Kernel Concurrency Sanitizer on:
[  150.199855][ T8521] CPU: 0 UID: 0 PID: 8521 Comm: syz.1.1734 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(voluntary) 
[  150.213495][ T8521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  150.224480][ T8521] ==================================================================
[  150.284553][ T8524] loop2: detected capacity change from 0 to 512
[  150.304532][ T8524] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  150.319506][ T8524] ext4 filesystem being mounted at /365/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  150.334605][   T29] kauditd_printk_skb: 268 callbacks suppressed
[  150.334621][   T29] audit: type=1400 audit(2000000019.290:9032): avc:  denied  { setattr } for  pid=8523 comm="syz.2.1735" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  150.366223][   T29] audit: type=1400 audit(2000000019.290:9033): avc:  denied  { bind } for  pid=8523 comm="syz.2.1735" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  150.386950][   T29] audit: type=1400 audit(2000000019.320:9034): avc:  denied  { read append } for  pid=8523 comm="syz.2.1735" path="/365/file0/cpu.stat" dev="loop2" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  150.411367][   T29] audit: type=1400 audit(2000000019.320:9035): avc:  denied  { map } for  pid=8523 comm="syz.2.1735" path="/365/file0/cpu.stat" dev="loop2" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  150.437547][   T29] audit: type=1400 audit(2000000019.390:9036): avc:  denied  { write } for  pid=8514 comm="syz.3.1732" name="001" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  150.463411][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  152.293019][ T1003] usb usb6-port1: attempt power cycle
[  154.113315][ T1003] usb usb6-port1: unable to enumerate USB device
[  154.121347][ T8528] hub 6-0:1.0: USB hub found
[  154.126433][ T8528] hub 6-0:1.0: 8 ports detected
[  155.963145][ T1003] usb usb6-port1: attempt power cycle
[  157.793017][ T1003] usb usb6-port1: unable to enumerate USB device