last executing test programs:

4.17802036s ago: executing program 4 (id=369):
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
socket$kcm(0x10, 0x2, 0x0)
r4 = socket$phonet(0x23, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000001c0)={'ip6gretap0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_COALESCE_GET(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000700)={0x54, r1, 0x103, 0x70bd26, 0x25dfdbfd, {}, [@HEADER={0x4}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bridge\x00'}]}, @HEADER={0x4}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'xfrm0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x800)

4.16223426s ago: executing program 4 (id=370):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000fd04000000ff000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000bc0)={0x18, 0x14, &(0x7f00000007c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x5}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}}, @btf_id={0x18, 0xe, 0x3, 0x0, 0x2}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @map_idx={0x18, 0x1, 0x5, 0x0, 0xf}, @jmp={0x5, 0x1, 0x9, 0x3, 0xa, 0x30, 0xffffffffffffffff}, @map_fd={0x18, 0x1, 0x1, 0x0, r0}, @exit, @btf_id={0x18, 0x690d685cdcbe9015, 0x3, 0x0, 0x4}, @ldst={0x1, 0x3, 0x6, 0x3, 0x9, 0x8, 0xfffffffffffffff0}]}, &(0x7f0000000180)='GPL\x00', 0x81, 0x8d, &(0x7f0000000880)=""/141, 0x41000, 0x40, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000001c0)={0x7, 0x4}, 0x8, 0x10, &(0x7f0000000280)={0x2, 0x2, 0xaa65, 0xffffb53a}, 0x10, 0x0, 0x0, 0x1, &(0x7f00000002c0)=[r0, r0, r0], &(0x7f0000000400)=[{0x4, 0x4, 0x2, 0x6}], 0x10, 0xffffff01, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1, 0x0, 0x3430}, 0x18)
r2 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r2, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @loopback}}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000100)="a6", 0xfffffcf4}, {0x0}], 0x2, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={0x0}, 0x18)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
r5 = syz_io_uring_setup(0x7b58, &(0x7f0000000c40)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=<r6=>0x0, &(0x7f0000000100)=<r7=>0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002080)={&(0x7f0000000140)='kfree\x00', r8}, 0x18)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002ac0)=@newtaction={0x88c, 0x30, 0xffff, 0x0, 0x0, {}, [{0x878, 0x1, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x0, 0x0, 0x0, 0xacd1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0xcfe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x40, 0x0, 0x2, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x0, 0x0, 0x8, 0x10000, 0x0, 0x0, 0x0, 0x6, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x3, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x800, 0x20000000, 0x0, 0xcc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0xe53c0000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x5, 0x0, 0x0, 0x0, {0x3, 0x0, 0x0, 0x0, 0x0, 0x5}, {0x4, 0x2, 0x0, 0x0, 0x0, 0xff}}}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa, {0x3}}}}]}]}, 0x88c}}, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
syz_io_uring_submit(r6, r7, &(0x7f0000000380)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r10, 0x0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1000000000000000190100001000000010"], 0x20}, 0x0, 0xe3d08660d3cd4684})
io_uring_enter(r5, 0x92, 0x0, 0x0, 0x0, 0x0)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r11}, 0x10)
r12 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r12, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @empty, 0xd}, 0x1c)
r13 = socket$nl_generic(0x10, 0x3, 0x10)
r14 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_REMOVE(r13, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000740)=ANY=[@ANYBLOB="14000000", @ANYRES16=r14, @ANYBLOB="0100000000000000000004"], 0x14}, 0x1, 0xfcffffff00000000}, 0x0)

3.596511982s ago: executing program 3 (id=379):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="1801000000001f00000000000000ea1f850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000400)='kmem_cache_free\x00', r0}, 0x18)
r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="c50669f5009d00000000000000ee002895"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0x7, 0x0, &(0x7f0000000000)="259a53f271a76d", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x141341)
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000180)=ANY=[], 0xfe37, 0x0)
setxattr$security_ima(&(0x7f0000000100)='./file1\x00', &(0x7f0000000140), 0x0, 0x700, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/tcp\x00')
r4 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCXONC(r4, 0x540a, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0xfe, 0x0, 0x7fff0006}]})
getrusage(0x0, &(0x7f00000006c0))
preadv(r3, &(0x7f0000000b00)=[{&(0x7f00000014c0)=""/237, 0xed}], 0x1, 0x0, 0x0)
write$selinux_attr(r1, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)
socket$rds(0x15, 0x5, 0x0)
move_pages(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

3.552799153s ago: executing program 3 (id=380):
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
r4 = socket$phonet(0x23, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000001c0)={'ip6gretap0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_COALESCE_GET(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000700)={0x54, r1, 0x103, 0x70bd26, 0x25dfdbfd, {}, [@HEADER={0x4}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bridge\x00'}]}, @HEADER={0x4}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'xfrm0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x800)

3.522427613s ago: executing program 3 (id=382):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x101a02, 0x0)
copy_file_range(r0, &(0x7f0000000000)=0xfffffffffffffff8, r0, 0x0, 0x7, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socket$kcm(0x21, 0x2, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
r2 = socket$inet6_icmp(0xa, 0x2, 0x3a)
sendmmsg$inet6(r2, 0x0, 0x0, 0x9001)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b707000008000000850000006900000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0xffff}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, @masq={{0x9}, @val={0x4}}}, {0x10, 0x1, 0x0, 0x1, @lookup={{0xb}, @void}}]}]}], {0x14}}, 0xc4}}, 0x10)

3.328291874s ago: executing program 0 (id=385):
r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x1, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback=0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={0x0, 0xfc}}, 0x0)
write$UHID_CREATE2(r0, 0x0, 0x1b)
io_uring_register$IORING_UNREGISTER_PBUF_RING(r0, 0x17, &(0x7f0000000a00)={&(0x7f0000001000)={[{&(0x7f0000000980)="bb918e9f861b6a2248b806c00d2bc25595a6e25006bb270985a765cd38682010a201aac31796995d0b41fc1abd4a68ef4402a5", 0x33, 0x2}]}, 0x1}, 0x1)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, 0x0})
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff0000", @ANYRES32=r2, @ANYBLOB="0000000000000000b704000008000000850000009500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sys_enter\x00', r3}, 0x10)
nanosleep(0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x0, 0x22, &(0x7f0000000680)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6f0, 0x0, 0x0, 0x0, 0x7}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}, @exit, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f0000000340)='GPL\x00', 0x3, 0xff, &(0x7f00000007c0)=""/255, 0x100, 0x8, '\x00', 0x0, @fallback=0x4, r0, 0x8, &(0x7f00000004c0)={0x4, 0x4}, 0x8, 0x10, 0x0, 0x0, 0xffffffffffffffff, r0, 0x0, &(0x7f0000000500)=[r0, r0, r0], 0x0, 0x10, 0x4, @void, @value}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000540)={r4, 0xe0, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x6, 0x44, &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000300)=[0x0, 0x0], <r5=>0x0, 0x6e, &(0x7f0000000440)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000380), &(0x7f00000003c0), 0x8, 0x70, 0x8, 0x8, &(0x7f0000000400)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r6 = mq_open(&(0x7f000084dff0)='!selynuxselinux\x00', 0x6e93ebbbcc0884f2, 0x184, &(0x7f0000000000)={0x2000000000002000, 0x1, 0x3})
mq_timedsend(r6, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r6, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000", @ANYRES32=0x0, @ANYBLOB, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/27], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xf, &(0x7f0000000b80)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESHEX, @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mq_timedreceive(r6, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)

3.234169734s ago: executing program 4 (id=386):
pipe(&(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000000)=ANY=[@ANYRES16=r4, @ANYBLOB="170900000000000000000100000005000700000000000800090000000000060002000000000008000a000000000008001800ac1414aa08001900ffffffff14001b00fe"], 0x58}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0)

3.188689554s ago: executing program 0 (id=387):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) (fail_nth: 6)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1600000000000000040000000100000000000000", @ANYRES32=0x0], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
capset(0x0, 0x0)
ioctl$PIO_UNIMAP(r5, 0x5608, 0x0)

2.595285157s ago: executing program 3 (id=389):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x10, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b0000000000000000000000008000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x7, &(0x7f0000000f80)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000001c0)='kfree\x00', r1}, 0x10)
r2 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000000000000b703000000000000850000002d00000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r3}, 0x10)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049c1)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r4, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
readv(r2, &(0x7f0000000580)=[{&(0x7f0000000100)=""/67, 0x43}], 0x1)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x4810, &(0x7f0000000140)={[{@journal_dev={'journal_dev', 0x3d, 0x8}}, {@data_err_ignore}, {@noinit_itable}, {@sysvgroups}, {@errors_remount}]}, 0x0, 0x4ec, &(0x7f0000000c40)="$eJzs3ElvHMUeAPB/j5fEL8mzX957QBbIQEBYIOLYWQ8cCAIpFyQkEApHYztRiJOg2EhJZBGzKEgcQPkEAW5IfAJOcEGAOIC4EsERIUXIBxw4oEE10zOMPTPe4iWxfz9pnKru6q6q7q64lmkHsGEV048sYmtE/BgR3ZXozATFyj+3piaG/piaGMqiVHrht6ycbnpq4sNq0upxW/JIbyGi8E4Wu5rkO3bp8pnB0dGRC5Xo2zfGC/mes4OnRk6NnBs4evTgga4jhwcOLUs9U5mmd75xfveO4y9fe27oxLVXvv40lbeU75+emhiaeUTPInNoa9hSjOLMa1nnkUWe/U63rS6ctaefhbUrDAuWntp0uzrK7b872sqxiu549q1aImDdKZVKpU0NW2sNfrJUL8sqBwDrRKZJwwa0ve43/vRUGqlODDWOg9e3m8eiPAJK9b6Vfyp72ssj2GJPZWzUsUL5/y8iTkz+eT19ouk8BADA8vr8WETp5987Ur+j+qnsKcQ9den+na8N9UTEfyIi9R3/m/df/h9RTntvRNxXd0zqUW6eJ//irHhj/+f7rjyQuqxLrmcrqf/3ZL62NbP/V1u/6GnLY9vK9e/ITp4eHdmfX5Pe6NiU4v2Np65Nq33xzA8ftMq/WNf/S5+Uf7UvmJfj1/ZZE3TDg+ODt1vvqptvli/slcb6Z9GeVUMROyJi5xLOn67Z6cc+2d1qf63+bXH9RKpnQ/3fb33y9iUUaJbSRxGPVu7/ZMyqf9KZh/rGz77WN3bp8hOn69cn+48cHjjUtzlGR/b3VZ+KRt98d/X5PNgwjJj//q+sdP//1fT5r61c9mT167Vji8/j6o13W45plvr8d2YvlsOd+baLg+PjF/ojOrPJxu0D/xx7cbBrRvpU/969zdv/9oi/qovbuyIiPcT3R8QDEbEnL/uDEfFQROydo/5fPf3wq62GkHfC/R9e1P1vFXjq24jmu9rOfPlZQ8bvFRdY/3T/D5ZDvfmW4cHx+X6txFwlrQ/c9gUEAACAu8CeiNgaWWFfPse5NQqFffsittRmUMbGHz95/vVzw5V3BHqio1Cd6equmw/tz+eGUzwdNVAXT/sPlOeNS6VSqSvF0/h9dNvaVh02vC0t2n/yi+/9w/q3qHW0Vm+0AXelpa+jL/8XMoDVtQzfowHuUto/bFwLbv8r9RYcsGaatf8rEbfWoCjAKmvW/l9ag3IAq8/4HzYu7R82Lu0fNqQFvSS/hMD247O31OWVta9Mpq0DhZj7rwD0RFS3VL/gOPcJfypELE8J25a1pl0z7mmhaZrNsRx5RWHeNO2L+EMMqxso3BnFqAQ2RcQ8T2/tYbtSDVxe6YKVG8HHa/u/EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwO37OwAA//8GPdEz")
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000340)=ANY=[], &(0x7f0000000300)='syzkaller\x00', 0xfffffffc, 0x0, 0x0, 0x0, 0x30, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='signal_generate\x00', r6}, 0x10)
perf_event_open(&(0x7f0000000340)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x82, 0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x63db, 0x6, 0x1, 0x0, 0x0, 0x0, 0x80}, 0x0, 0x6, 0xffffffffffffffff, 0xa)
r7 = fcntl$dupfd(r2, 0x406, r2)
write$sndseq(r7, &(0x7f00000003c0)=[{0x0, 0x9f, 0x0, 0x0, @time={0x6, 0x5}, {0x6, 0x4}, {}, @raw32={[0x2, 0x80000000, 0x8]}}], 0x1c)
openat$thread_pidfd(0xffffffffffffff9c, &(0x7f00000001c0), 0x125040, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB="62b877ace456ddf281727634f396e451ca2a4901cb6296aeb69cb1ebcf2ef2b381165dec55a506f3e83150fd6ecc00b222e0bf4c0de97a2baee8"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r8, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xffffffffffffffd5)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x7fffffffffffffff, 0x4)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
keyctl$restrict_keyring(0x1d, 0xfffffffffffffffb, 0x0, 0x0)

2.199815699s ago: executing program 4 (id=394):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, 0x0, 0x2, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000850000002300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000d00)='kfree\x00', r2}, 0x10)
r3 = openat$cgroup_freezer_state(r1, &(0x7f0000002b00), 0x2, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x4b, 0x1, 0x0, 0x0, 0x0)
close(r3)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000280)={'batadv0\x00', <r4=>0x0})
r5 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000040)={0x802, 0x0, 0x0, 0x7fffffff}, 0x10)
sendmsg$nl_generic(r5, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
r6 = accept$inet(r5, &(0x7f0000000000)={0x2, 0x0, @broadcast}, &(0x7f0000000080)=0x10)
getsockopt$inet_IP_IPSEC_POLICY(r6, 0x0, 0x10, &(0x7f00000003c0)={{{@in=@multicast1, @in=@private}}, {{@in6=@local}, 0x0, @in=@multicast1}}, &(0x7f0000000100)=0xe8)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=@getchain={0x24, 0x11, 0x1, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0x2}, {0xe}}}, 0x24}, 0x1, 0x0, 0x0, 0x20004001}, 0x0)

2.11051508s ago: executing program 1 (id=395):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[], 0xfc}}, 0x0)
write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x1b)
io_uring_register$IORING_UNREGISTER_PBUF_RING(0xffffffffffffffff, 0x17, &(0x7f0000000a00)={&(0x7f0000001000)={[{&(0x7f0000000980)="bb918e9f861b6a2248b806c00d2bc25595a6e25006bb270985a765cd38682010a201aac31796995d0b41fc1abd4a68ef4402a5f21169", 0x36, 0x2}]}, 0x1}, 0x1)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000008000000850000009500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x10, 0x0, &(0x7f0000000dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sys_enter\x00', r2}, 0x10)
nanosleep(0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x0, 0x22, &(0x7f0000000680)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6f0, 0x0, 0x0, 0x0, 0x7}, [@ringbuf_query, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}}, @exit, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}}]}, &(0x7f0000000340)='GPL\x00', 0x3, 0xff, &(0x7f00000007c0)=""/255, 0x100, 0x8, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x8, &(0x7f00000004c0)={0x4, 0x4}, 0x8, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, &(0x7f0000000500)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0x4, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r3 = mq_open(&(0x7f000084dff0)='!selynuxselinux\x00', 0x6e93ebbbcc0884f2, 0x184, &(0x7f0000000000)={0x2000000000002000, 0x1, 0x3})
creat(&(0x7f00000002c0)='./file0\x00', 0xd0)
mq_timedsend(r3, 0x0, 0x0, 0x0, 0x0)

2.076741749s ago: executing program 2 (id=396):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000002c0)=0x14)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x7, &(0x7f0000000f80)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000001c0)='kfree\x00', r4}, 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000400)='kmem_cache_free\x00', r6}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r7, 0x2000000, 0xb, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r8 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x141a82, 0x0)
write$cgroup_int(r8, &(0x7f0000000040)=0x900, 0x12)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'wlan0\x00', <r10=>0x0})
sendmsg$NL80211_CMD_ASSOCIATE(r8, &(0x7f0000000600)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000540)={0xb4, r9, 0x0, 0x70bd2c, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r10}, @val={0xc, 0x99, {0x8094, 0x75}}}}, [@NL80211_ATTR_FILS_KEK={0x2a, 0xf2, "f1791deca262aadb2fbd421e43c180fc7f31dc065d3aeebf1b0263cf2bf735a093ad2dfbd186"}, @NL80211_ATTR_VHT_CAPABILITY={0x10, 0x9d, {0x20000000, {0x1ff, 0x2, 0xfff1, 0x8}}}, @NL80211_ATTR_FILS_KEK={0x3b, 0xf2, "9fa2588970caa22117207bed98816db155f07eb1d6102dce45dfbbc8030ccb749b5b67d2bf7375d882c5c688aad01637359d9e4f5634a4"}, @NL80211_ATTR_VHT_CAPABILITY={0x10, 0x9d, {0x10, {0x1ff, 0x17, 0x2, 0x200}}}, @NL80211_ATTR_DISABLE_HT={0x4}]}, 0xb4}, 0x1, 0x0, 0x0, 0x1}, 0x800)
socket$kcm(0x10, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x200c840, &(0x7f0000000240)={[{@discard}, {@noload}]}, 0x64, 0x537, &(0x7f0000000f80)="$eJzs3c9vI1cdAPDvOHZIdrN1Chygh1JoUXYFaycNbSMObREITpWAcl9C4kRRnDhKnHYTVTQRfwAXBEic4MIFif8AVeLCsUIqgjOIIhCCLRw4wA4ae5zNZu04G5w4JJ+PNDvvza/ve/bOjzfzMg7gynomIl6NiPtpmt6KiHI+vZAPsdcesuU+uPfWQjYkkaav/y2JJJ/W2VaSj6/nq41FxNe/EvGt5NG4Wzu7q/P1em0zz1ebaxvVrZ3d2ytr88u15dr67OzMi3Mvzb0wNz2Qet6IiJe/9Kfvf/enX375F5998w93/nLz21mxvpjPP1yPx1Q8bma76qXWZ3F4hc2IV04Z78IptmqYGz/ZOvtnWB4AAHrLrvE/HBGfiohbUY6R4y9nAQAAgP9D6SsT8e8kIu1utNvEsei5PAAAAHABFSJiIpJCJe8LMBGFQqXS7sP70biWvh3R/MxSY3t9MZsXMRmlwtJKvTad9xWejFKS5Wda6Qf559v5/fcjWvnZiHgyIr5XHm/lKwuN+uKwb34AAADAFXH9SPv/n+V2+x8AAAC4ZCaHXQAAAADgzGn/AwAAwOWn/Q8AAACX2ldfey0b0s7vXy++sbO92njj9mJta7Wytr1QWWhsblSWG43l1jv71vptr95obHwu1rfvVpu1rWZ1a2f3zlpje715Z+Whn8AGAAAAztGTn3jnd0lE7H1+vDVkRnssO3KuJQPOWvEgleTjLnv/759oj98/p0IB56LfOf035XMqCHDuisMuADA0pcdZ2N8JwKWU9Jnfs/POu/n4k4MtDwAAMHhTH+/9/L9w7Jp7x88GLjw7MVxdnef/TxzJA5df6/l/rw6/R7lYgEul5IwPV17f5/+9OgC8e9IIafp4JQIAAAZtojUkhUp+e28iCoVKJeJGq7t/KVlaqdem8+cDvy2XPpTlZ1prJn3bDAAAAAAAAAAAAAAAAAAAAAAAAABAW5omkQIAAACXWkThz8kv2+/ynyo/N3H0/sBo8q9y5D8R+uaPXv/B3flmc3Mmm/73g+nNH+bTnx/GHQwAAADgqE47vdOOBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBB+uDeWwudoTMtLZ993L9+ISImu8UvxlhrPBaliLj2jySKh9ZLImJkAPH39iPiY93iJ1mxDkJ2iz9+9vFjMv8UusW/PoD4cJW9kx1/Xs32v9GIOLz/FeKZ1rj7/leMeCh/Wq3jX3aA63L87Rz/Rnrs/zeObGuyR4yn3vt5tWf8/Yinit2PP534SY/4z56wjt/8xu5ur3npjyOmup5/kodiVZtrG9Wtnd3bK2vzy7Xl2vrs7MyLcy/NvTA3XV1aqdfyfx/ZfqlP2bL6X+sRf7JP/Z87Yf3/897dex/pUZws/s1nu8T/1U/yJR6NX8jPfZ/O09n8qU56r50+7Omf/frp4+q/2KP+/b7/myes/62vfeePEXH/0FcKAAzR1s7u6ny9Xts8NpFdtvRb5qImslb6BSiGxOkSJ/0veqrE2wPdYJqmafxve0oSQ//AO4lhH5kAAIBBe3DRP+ySAAAAAAAAAAAAAAAAAAAAwNV1Hq8TOxpz7yCVDOIV2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/HfAAAA///xwNLS")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r11 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r12 = socket$pppl2tp(0x18, 0x1, 0x1)
r13 = fcntl$dupfd(r11, 0x406, r12)
recvfrom$rxrpc(r13, &(0x7f00000002c0)=""/151, 0x97, 0x40002000, &(0x7f0000000080)=@in4={0x21, 0x3, 0x2, 0x10, {0x2, 0x4e23, @rand_addr=0x64010101}}, 0x24)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})

2.05607976s ago: executing program 1 (id=397):
r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x1, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback=0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c000380080001400000000008"], 0xfc}}, 0x0)
write$UHID_CREATE2(r0, 0x0, 0x1b)
io_uring_register$IORING_UNREGISTER_PBUF_RING(r0, 0x17, &(0x7f0000000a00)={&(0x7f0000001000)={[{&(0x7f0000000980)="bb918e9f861b6a2248b806c00d2bc25595a6e25006bb270985a765cd38682010a201aac31796995d0b41fc1abd4a68ef4402a5", 0x33, 0x2}]}, 0x1}, 0x1)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b704000008000000850000009500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sys_enter\x00', r3}, 0x10)
nanosleep(0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x0, 0x22, &(0x7f0000000680)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6f0, 0x0, 0x0, 0x0, 0x7}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}, @exit, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f0000000340)='GPL\x00', 0x3, 0xff, &(0x7f00000007c0)=""/255, 0x100, 0x8, '\x00', 0x0, @fallback=0x4, r0, 0x8, &(0x7f00000004c0)={0x4, 0x4}, 0x8, 0x10, 0x0, 0x0, 0xffffffffffffffff, r0, 0x0, &(0x7f0000000500)=[r0, r0, r0], 0x0, 0x10, 0x4, @void, @value}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000540)={r4, 0xe0, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x6, 0x44, &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000300)=[0x0, 0x0], <r5=>0x0, 0x6e, &(0x7f0000000440)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000380), &(0x7f00000003c0), 0x8, 0x70, 0x8, 0x8, &(0x7f0000000400)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
mq_open(&(0x7f000084dff0)='!selynuxselinux\x00', 0x6e93ebbbcc0884f2, 0x184, &(0x7f0000000000)={0x2000000000002000, 0x1, 0x3})

1.9973192s ago: executing program 1 (id=398):
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$phonet(0x23, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'ip6gretap0\x00', <r4=>0x0})
sendmsg$ETHTOOL_MSG_COALESCE_GET(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000700)={0x54, r1, 0x103, 0x70bd26, 0x25dfdbfd, {}, [@HEADER={0x4}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bridge\x00'}]}, @HEADER={0x4}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'xfrm0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x800)

1.96456053s ago: executing program 1 (id=399):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x101a02, 0x0)
copy_file_range(r0, &(0x7f0000000000)=0xfffffffffffffff8, r0, 0x0, 0x7, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socket$kcm(0x21, 0x2, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
r2 = socket$inet6_icmp(0xa, 0x2, 0x3a)
sendmmsg$inet6(r2, 0x0, 0x0, 0x9001)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b707000008000000850000006900000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0xffff}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, @masq={{0x9}, @val={0x4}}}, {0x10, 0x1, 0x0, 0x1, @lookup={{0xb}, @void}}]}]}], {0x14}}, 0xc4}}, 0x10)

1.832339141s ago: executing program 4 (id=400):
mbind(&(0x7f0000ff6000/0xa000)=nil, 0xa000, 0x4002, &(0x7f0000000000)=0x2, 0x3, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000c40)={0x0, &(0x7f0000000c00)})
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f00000000c0)={{0x1, 0x1, 0x18}, './file0\x00'})
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'syzkaller0\x00'})
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000100)=0x1, 0x4)
connect$inet(r0, &(0x7f00000006c0)={0x2, 0x9, @empty}, 0x10)
syz_usb_connect(0x4, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="b59f6e09c52e83b1e16e0212408539d1bf42a51d"], 0x0)
syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x8080)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_UNIMAP(r1, 0x80087601, &(0x7f0000000040)={0x0, 0x0})

1.571733022s ago: executing program 0 (id=401):
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xb)

1.518739512s ago: executing program 0 (id=402):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210090, &(0x7f0000000340)={[{@jqfmt_vfsv1}, {}, {@barrier_val}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@stripe={'stripe', 0x3d, 0x5}}, {@dioread_lock}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=")
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=f'])

1.419458583s ago: executing program 3 (id=403):
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x3, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'wpan3\x00', <r6=>0x0})
sendmsg$IEEE802154_LLSEC_DEL_DEV(r4, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x40, r5, 0x20, 0x70bd2d, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r6}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan4\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan3\x00'}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0302}}]}, 0x40}}, 0x8882)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil)
newfstatat(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', &(0x7f0000000100), 0x0)
unshare(0x64000600)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)

1.224047714s ago: executing program 2 (id=404):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x80}, 0x18)
r2 = add_key$keyring(&(0x7f0000000480), &(0x7f0000000340)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r2, 0x0, &(0x7f00000000c0)=@chain)

1.175301714s ago: executing program 2 (id=405):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001640)={&(0x7f0000000300)={0x2, 0x0, @multicast2=0xe0000001}, 0x10, 0x0, 0x0, 0x0, 0x38}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x6f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00', r0}, 0x10)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000002c0)={r4}, 0x69)

1.172722924s ago: executing program 2 (id=406):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001640)={&(0x7f0000000300)={0x2, 0x0, @multicast2=0xe0000001}, 0x10, 0x0, 0x0, 0x0, 0x38}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x6f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r0}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000002c0)={r4}, 0x69)

1.163380914s ago: executing program 0 (id=407):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @local}]}, &(0x7f0000000100)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000180)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x989, 0x0, 0x10}, 0x9c)
r1 = socket(0x10, 0x3, 0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a40)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="45f7000000000000000032000000040006"], 0x1c}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r3=>0xffffffffffffffff})
recvmsg$unix(r3, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r4=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="8fedcb7910009875f37538e486dd6317ce8102031100fe08000e40000200875a65969ff57b00ff020000000000000000000000000001"], 0xfdef)
pidfd_send_signal(r4, 0x5, &(0x7f0000000500)={0x2d, 0xf, 0x3}, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x28, r5, 0x300, 0x70bd25, 0x25dfdbfe, {{}, {@val={0x8}, @val={0xc, 0x99, {0x3, 0x6f}}}}, [""]}, 0x28}, 0x1, 0x0, 0x0, 0x4040040}, 0x4040)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'lo\x00', <r7=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r7, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x4, 0x2, 0x0, 0x0, 0x7, 0x8}, {0x12, 0x3, 0x0, 0x401, 0x8001, 0x400}, 0xa5, 0x4, 0x10000000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}}, 0x44080)
sendmmsg$inet6(r0, &(0x7f0000003f00)=[{{0x0, 0xf, &(0x7f0000000300)=[{&(0x7f0000000140)="a2", 0x1a058}], 0x1}}], 0x1, 0x0)

1.116133694s ago: executing program 2 (id=408):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
poll(0x0, 0x6400, 0x2)

902.859895ms ago: executing program 1 (id=409):
r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x1, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback=0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={0x0, 0xfc}}, 0x0)
write$UHID_CREATE2(r0, 0x0, 0x1b)
io_uring_register$IORING_UNREGISTER_PBUF_RING(r0, 0x17, &(0x7f0000000a00)={&(0x7f0000001000)={[{&(0x7f0000000980)="bb918e9f861b6a2248b806c00d2bc25595a6e25006bb270985a765cd38682010a201aac31796995d0b41fc1abd4a68ef4402a5", 0x33, 0x2}]}, 0x1}, 0x1)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, 0x0})
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa4000000", @ANYRES32=r2, @ANYBLOB="0000000000000000b704000008000000850000009500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sys_enter\x00', r3}, 0x10)
nanosleep(0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x0, 0x22, &(0x7f0000000680)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6f0, 0x0, 0x0, 0x0, 0x7}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}, @exit, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f0000000340)='GPL\x00', 0x3, 0xff, &(0x7f00000007c0)=""/255, 0x100, 0x8, '\x00', 0x0, @fallback=0x4, r0, 0x8, &(0x7f00000004c0)={0x4, 0x4}, 0x8, 0x10, 0x0, 0x0, 0xffffffffffffffff, r0, 0x0, &(0x7f0000000500)=[r0, r0, r0], 0x0, 0x10, 0x4, @void, @value}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000540)={r4, 0xe0, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x6, 0x44, &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000300)=[0x0, 0x0], <r5=>0x0, 0x6e, &(0x7f0000000440)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000380), &(0x7f00000003c0), 0x8, 0x70, 0x8, 0x8, &(0x7f0000000400)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r6 = mq_open(&(0x7f000084dff0)='!selynuxselinux\x00', 0x6e93ebbbcc0884f2, 0x184, &(0x7f0000000000)={0x2000000000002000, 0x1, 0x3})
mq_timedsend(r6, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r6, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000", @ANYRES32=0x0, @ANYBLOB, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/27], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xf, &(0x7f0000000b80)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESHEX, @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mq_timedreceive(r6, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)

800.540296ms ago: executing program 2 (id=410):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x10, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b0000000000000000000000008000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x7, &(0x7f0000000f80)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000001c0)='kfree\x00', r1}, 0x10)
r2 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000000000000b703000000000000850000002d00000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r3}, 0x10)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049c1)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r4, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
readv(r2, &(0x7f0000000580)=[{&(0x7f0000000100)=""/67, 0x43}], 0x1)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x4810, &(0x7f0000000140)={[{@journal_dev={'journal_dev', 0x3d, 0x8}}, {@data_err_ignore}, {@noinit_itable}, {@sysvgroups}, {@errors_remount}]}, 0x0, 0x4ec, &(0x7f0000000c40)="$eJzs3ElvHMUeAPB/j5fEL8mzX957QBbIQEBYIOLYWQ8cCAIpFyQkEApHYztRiJOg2EhJZBGzKEgcQPkEAW5IfAJOcEGAOIC4EsERIUXIBxw4oEE10zOMPTPe4iWxfz9pnKru6q6q7q64lmkHsGEV048sYmtE/BgR3ZXozATFyj+3piaG/piaGMqiVHrht6ycbnpq4sNq0upxW/JIbyGi8E4Wu5rkO3bp8pnB0dGRC5Xo2zfGC/mes4OnRk6NnBs4evTgga4jhwcOLUs9U5mmd75xfveO4y9fe27oxLVXvv40lbeU75+emhiaeUTPInNoa9hSjOLMa1nnkUWe/U63rS6ctaefhbUrDAuWntp0uzrK7b872sqxiu549q1aImDdKZVKpU0NW2sNfrJUL8sqBwDrRKZJwwa0ve43/vRUGqlODDWOg9e3m8eiPAJK9b6Vfyp72ssj2GJPZWzUsUL5/y8iTkz+eT19ouk8BADA8vr8WETp5987Ur+j+qnsKcQ9den+na8N9UTEfyIi9R3/m/df/h9RTntvRNxXd0zqUW6eJ//irHhj/+f7rjyQuqxLrmcrqf/3ZL62NbP/V1u/6GnLY9vK9e/ITp4eHdmfX5Pe6NiU4v2Np65Nq33xzA8ftMq/WNf/S5+Uf7UvmJfj1/ZZE3TDg+ODt1vvqptvli/slcb6Z9GeVUMROyJi5xLOn67Z6cc+2d1qf63+bXH9RKpnQ/3fb33y9iUUaJbSRxGPVu7/ZMyqf9KZh/rGz77WN3bp8hOn69cn+48cHjjUtzlGR/b3VZ+KRt98d/X5PNgwjJj//q+sdP//1fT5r61c9mT167Vji8/j6o13W45plvr8d2YvlsOd+baLg+PjF/ojOrPJxu0D/xx7cbBrRvpU/969zdv/9oi/qovbuyIiPcT3R8QDEbEnL/uDEfFQROydo/5fPf3wq62GkHfC/R9e1P1vFXjq24jmu9rOfPlZQ8bvFRdY/3T/D5ZDvfmW4cHx+X6txFwlrQ/c9gUEAACAu8CeiNgaWWFfPse5NQqFffsittRmUMbGHz95/vVzw5V3BHqio1Cd6equmw/tz+eGUzwdNVAXT/sPlOeNS6VSqSvF0/h9dNvaVh02vC0t2n/yi+/9w/q3qHW0Vm+0AXelpa+jL/8XMoDVtQzfowHuUto/bFwLbv8r9RYcsGaatf8rEbfWoCjAKmvW/l9ag3IAq8/4HzYu7R82Lu0fNqQFvSS/hMD247O31OWVta9Mpq0DhZj7rwD0RFS3VL/gOPcJfypELE8J25a1pl0z7mmhaZrNsRx5RWHeNO2L+EMMqxso3BnFqAQ2RcQ8T2/tYbtSDVxe6YKVG8HHa/u/EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwO37OwAA//8GPdEz")
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000340)=ANY=[], &(0x7f0000000300)='syzkaller\x00', 0xfffffffc, 0x0, 0x0, 0x0, 0x30, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='signal_generate\x00', r6}, 0x10)
perf_event_open(&(0x7f0000000340)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x82, 0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x63db, 0x6, 0x1, 0x0, 0x0, 0x0, 0x80}, 0x0, 0x6, 0xffffffffffffffff, 0xa)
r7 = fcntl$dupfd(r2, 0x406, r2)
write$sndseq(r7, &(0x7f00000003c0)=[{0x20, 0x0, 0xd, 0x0, @time={0x7, 0xfffffff7}, {0x0, 0xe}, {}, @control={0x4, 0x0, 0xa}}], 0x1c)
openat$thread_pidfd(0xffffffffffffff9c, &(0x7f00000001c0), 0x125040, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB="62b877ace456ddf281727634f396e451ca2a4901cb6296aeb69cb1ebcf2ef2b381165dec55a506f3e83150fd6ecc00b222e0bf4c0de97a2baee8"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r8, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xffffffffffffffd5)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x7fffffffffffffff, 0x4)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
keyctl$restrict_keyring(0x1d, 0xfffffffffffffffb, 0x0, 0x0)

797.662496ms ago: executing program 4 (id=411):
pipe(&(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
r3 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000000)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="170900000000000000000100000005000700000000000800090000000000060002000000000008000a000000000008001800ac1414aa08001900ffffffff14"], 0x58}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0)

716.951286ms ago: executing program 1 (id=412):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000c91aa12e000000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000100"/28], 0x50)
r1 = syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x2000759, &(0x7f0000000ac0)={[{@sb={'sb', 0x3d, 0x5}}, {@resgid}, {@discard}, {@errors_remount}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0xff}, 0x0}, {@journal_checksum}, {@norecovery}, {@jqfmt_vfsv1}, {@nombcache}, {@grpjquota}, {@resuid}, {@resuid}, {@errors_continue}, {@commit={'commit', 0x3d, 0x7fffffff}}, {@nobarrier}, {@data_writeback}, {@noblock_validity}], [], 0x2c}, 0x6, 0x51b, &(0x7f0000001300)="$eJzs3E1vFOcdAPD/rtc2LlC79I23lm1pVatVMTavhx4AtRKXSpVaVfS4tQ2iGKiwK4FlFVNVIPXQik/QNrdI+QQ5JZcoiXJIlGtQrlEkFPkCySGaaHZnNrveXXtt1l4Z/37SLs/MPjPz/Gfmwc/Lzgawa5XTt0LEvoj4KCJGa4vNGcq1f56vLE1/vrI0XYgk+f1nhWq+ZytL03nWfLu92cJ4MaL4z0IcaT3s8Py9xRuVubnZO9mKiYVilrpZuTZ7bfbW1Pnzp0+NnDs7daYncaZlenb477ePHrr8p8e/nb7y+M/vvJaWN8k+b4yjZqz6PtT1EQZa1pSj3HwuG/y0+6LvCPsb0oVS+l7sX2HoWnrXppdrsFr/R2OgulQzGr/5R18LB2ypJEmS4Za19b9ly0mjQqG2QZI8SICXQCH6XQKgP/I/9M9W0p7q0nRrP/jl9vRiVHtAadzPs1ftk1K1B1seq/WNBrfo+N+JiCvLX/w3fUXbcQgAgN5642LEo0u1dkf+qn1SjO815PtmNjc0FhHfiogDEfHtrP3y3Yhq3u9HxMGGbfZ3MQtQXrXc2v75YCRLNDZXeyZt//0qm9tqbv/VSz42kC3tr8Y/WLh6fW72ZHZOxmNwOF2ebN11fVjtzV9/+J9Oxy83tP/SV3r8vC2YlePT0qoBupnKQuVF4849fVA9sfdb4y9EqZCnIg5FxOFN7D89Z9d//urRTp83xZ/G2RL/vzvvvLSJAq2S/D/iZ7XrvxzV+POxz1rwQ1lqYuHmXyfm7y3+8nrj/OTkubNTZyb2xNzsyYn8rmj17vsPf5clW7oRzdc/SRquf141tnQiLb3+32h7/9dnLsfSVH2+dn7jx3j45FHHPs1m7/+hwh+q6Xx+9m5lYeHOZMRQYbl1/dTX296tjDTlT+MfP96+/h+I+PJ/2XZHIiK9iX8QET+MiGNZ2X8UET+OiONrxP/2pZ/8pVMXcv34t1Ya/8yGrv+9xZHIEvU1aeLCexHNa/LEwI23Xm858L/KLfEPRqfrf7qaGs/WzFQW9qwXV5sCtk288AkEAACAHeBYROyLQvFENtC0L4rFEyci9tZHUOYXfnH19t9uzdSeERiLwWI+0jXaMB46mY0Np8vpVlMNy+nnp6rjxkmSJCPpctp/nzvY39Bh19vbof6nPml9pAV42WxoHq3TE23AjrS6/j/pesvefyED2F49+B4NsEOp/7B7dV3/t+opOKBv2tX/+xHP+1AUYJu1q/9/bFlzYVvKAmyvdvXf3D/sDpsf//NlANjpjP/DrtTVQ/KbSBy4vEaeQqm7/ZS6fox/vUQx1v4VgLGo/6ZB3qZZe4cfFyN6c8YGenrmR5quabFtnj3Ri2NFcd08pQ38EMP2JoqVubn8AZe+l2c4Ita5e+s32/08sbjVBauem1f69z8TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAb3wVAAD//8B9zog=")
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000140)={0x0, 0x0, <r3=>0x0}, &(0x7f0000000040)=0x40)
r4 = getpgrp(0xffffffffffffffff)
stat(&(0x7f0000000680)='./file0\x00', &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
r6 = socket(0xa, 0x2, 0x0)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000340)={0x0, 0x0, <r7=>0x0}, &(0x7f0000000380)=0xc)
setresgid(0x0, 0xffffffffffffffff, r7)
r8 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x22c01)
ioctl$SCSI_IOCTL_SEND_COMMAND(r8, 0x1, &(0x7f0000000000)=ANY=[])
r9 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000900)='tasks\x00', 0x2, 0x0)
r10 = accept4$tipc(0xffffffffffffffff, &(0x7f0000000940)=@name, &(0x7f0000000980)=0x10, 0x80800)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000001840)="46c3a522ed2b999bb1ef9b1049cebc5bff820d7a3f49358d15f0abdec6ab65a93824264fb03ba91bd43921e26571663c54be5824331b1383b9232ca211919dcadd7279107463e92c32ed0d517c83c742a98d1707ec42eb96380a15e1d35250c9bee7a44ab52ac4a77be90e945371f9830814fd9c184b54d7b3af0b44d039ae6e433f55819bb90cfb9915b9b6e05fa406e1706cc8acd8b9a7111d98cae8de0b597607ccd049174e98d0051b169028dbfe01195d40aeee9f275596d0e8138023da75d973aea2afa7f2ffa04316cbdc6cf57dcf3e925b64c12fffc1083130824873d8800affb2a6406ae24b285eb6b2cb5e766495acfa6aec27354cd46c260cb980576644bc89144e020065fcf9d49b7aeb5747d25189e9dc13a1980462da462ed283aee80fc9cf755fc1a2c3d776f1440d24e0f91fe13bc1e63c960755c5a8de85c022a1be04e513f54a89c84eab71b3798c5eabee82b1839dfabd672d51ae6b26c9a2b13f88b4dcf73f5793b28149e0445762ceac529acafcf9150e5a6a7997e6803f9b7909e6069b0987e4123e9208ff76327ad1be22a986d17dcfeee7c7e30ea9c42ac23e4c5c120b2e957cf07ac0a8576ce8b48da97b0ae8c9532b9f192b6b91d63fb5ccb5750ec2d1e5ebcefb499e4433a89fb33e509c20baa29e922388839fecab967bda47aa0fa71629d61562de86472b64388bb28d0f7fce0346c3725f577287d1963f43ba60364109839ecf65ffc290a6f911fdf0ba2fc7cb703da27f4895387006fb99e6838ea90f77e42979ab553421dcd0b3b4a634f8b5972eb4030cf4d6d187fb93c3687b2dbb697b97c4a5a2677b5829a9c6025f50e1fb271ffa3d318199191b4c348d96cdb1fc0e096ba9d71df189bd42f2e8eb365a5ee6f219697db27fe7fbb69e361af773cbd1b5eba4d864cf951c6ac0bf352af5a3db5de672f042ef34a74fdc73dfce4b71af0a8d9cc1cc17052ae2951c200f69ce41437e8ffcb79edf5151f6f4f65da79c999c337f8f725701208d28bdcd15b5257d698dde99b44458c039e9b1d97082fe362a6af40bb5576e358158c8a872ff07e16fd9e65217757c872382932b965e2c21c27478b4b335c035669950301f548aa778453e73713355a003fc90fd4693a7dd331f4e862893d5c72b99a88cbfda92bf5802f9b554e6c71d3a96ffce92ae67638c2b67a1a0d13b7323c80f3de754c723fbee2ae95ef08fa62caa2cff59257c7513774210830b82f62feecc91f9a8f72ae08d1a92e7e7c1fe1d0495acc2ac4ba2f416f9629d93bba9e1f2343e70bc1caa56760e459768b4a911b44a8784d6675755e9451edec4a0b8454a99db0c20f9ddd6d32f4d0054cce22122ecb0d391b2af869be05ea90939a94e4a0b0250c820337f1c731b087b3e08bc96b0a1df54472e7de0bf586a726601460b6681c8584ae245d42f1fcef4a4cb478d865e246379c789c646ce07a41ef7920b4be7563577578d544ab86a7feb3644296b361ced4fd445bd78e6122571a63c23b7329cd8b73060d20cf91ca36e1d723a41beb595f0f49ede4925198d7179ab4a15cdd2d972dac2e49dee7337107f2d83ff51476bf29688fbb1bb9057018c96e6daf3caca621ff55b0d7a8089061cdcb37c76a1708d20a38be24eb3c3b774b2c4388d615ada00a5000bd034248f4f6c496e62f9da37b36efb1875c1ef925e7014149b6880fe8751921bc6b7f7e0edecd2e0678d082e03487fab4d3f89120ed50a0d230a3178a5c8ef1892de9004ef48846503751c99d61f24f5d7ea9e97a9c97bccdb97832fa414efd001489f1ab6ddbaea35cd3908546fe195fb36d31e866063ae96c7f3a4bd4619c3fd6de6f670ee8602a98ef3cf148b0de3bd106ca0785f02f681eb416bb96123572c2b6ae6aa90edfd27b59b0fe19b55ddc1518bd9ef753be2b3bdbd775fcd8430619a961595fc3f76ac2cfefb354e3b985124336d77197eb41ea5d1126bdcc76e22eee5f7058927e4208772a7953e43e1350e555131b6843f3c503330e5239d4037347ae1f20bb293cb3cc9bd662b0da2aca17097b3177c8756b6c0fd33a199e576665096be089c136dc0e5f511ff94a29ed23aed10dbb963da1084330e916211923400882f136ab7d0cf56d36cbbc252b626993ae5e27dc3d6c092c6ef4c2d6a8c3f9e47a95d130351b1ffda848e590eaec5e9575f007796f656c717de289f2f965002b640a84d13812779a22a5826786c06a79045bafa885371af274e30ff28ec384e755c0f0fa4d6d5336fe89a207cc19f916c2cb5f76ec580ff7d54b6ca74abb6f657207dfc9907163785002613523706b98da7a14826cce1a356898999f303d00f69b1a084b4d00cf5a5582854ae8048608c3329415a80f93ea308674b3dfed97c72c46cf743f5d24028cec36cc25ac4a6f48c3d208065a5afa37f4ac9fc15e3b2efc53617cdcec1a957852e535475ce68dd2da4e290de382204ea6c0c0f2328d857cac3582f054b9da5d79973b1c556ec753bf44bf8182aa956796dc79286dab5e8a62f51e0bcb0f84534eb64a32b7cd1fcb8bd72ae6bd1af862b17a920c6a6a6d64431e1df23ff84ca5f5ed3ed6e2063118b4ab6701db2a01e6b1a71b856fd0b96d9c920fdfe700a85467326d6128bd0f83ed7dceb3b5905d883d86a21c561ba484ae6a02c3cff8854ed364bc6aa7fd47cb8842c9360fabbf4cb1ae911c01efc297c2da4f1b5c0b1b7e1966d56036f7188c8b39706a01177af067c7f81d9eb2e0b1c2127680f1b081f3f5d450d8f8ab36ce8ff4eaa01b249a0f552f4cd5df0da3cf0cbb3ccac63a0e4f1bbe31a204850290943eb3573a0d314334d9c76435bc66d675488021751dfb8432e4d411d797a0a0d4f029480387b83c875daaae64037de80ee871734e2e81082860f7334f672680022b6a7967cad2be7ced0db097c12900554d1e06e51c7c085c0ba48f30094b6b2fd95bcefa733925cc27065216fa99224f501864073860cda2e6c27def037f179568cf6bd9036fad174ddb216b1d3795552da2d9d3a338a67dde619e7aeb91949c17d96820316677d8d65e217ad3514250598adbbd99de64df192561767af41e476b6f76264e8ffe8e0be5a8e52e4cd98d8576edbd481604927f941206b585bc11390ede90f995cd60ad2f1c385e1d3eae59855c138384ac609a52cd3167d81dd38f280ae50ba296e8aaee7eb30b202ca8ef8bc4268462b3d87fb1dbea3e7fa97a8af09fc55f5e8208e6b4c1b9aec3e760593f767c16149473537346f8c34c41ba16eecbce385685a4c832456e6e6379f17f085683fd333593a2245aa71593f34e7e4af189156b22d91cfdd71cb585f790b2d9a078d4d0b2ccf7335bb0de5e48770ee1ab1e9caff79a1c1f30294d9dd21ca3749a6b5d56be53617082ee8ae8b36c70046fe4cc15fa111feacbf8d85fd4b2ba0a09607ce76c5517ad4037abec15fdc76b5605bf80900beaae95423fe890b0474b4676de92e730eb7d1e55e4a23a574c393c7e1ac0538b348bea2dab3a2426140cced7264879321d07c70980199581679f94f7d2d0364b01a654bd040f9af822aa74060079bc0dbe0b2565cb97bb5619498ceba174da7bc09d409edae041cbf11be2504753446659cfbd6ce07d53ec5b094aab061579c3b0295244ac9248fcf6e1a505cc876233e66a36da710f07b8b4d63253c540680f6b066a070dfc194bdeafb01f84999e07bd3ed56ebd666ae7ca0aed382101580077a5a75f3ec65d20e8722fc9af94d868814f5ea74fdda00d871cdc554e1bd39b51220844178b3df07a76f98c50d461f5c59f1ad534337fbe0e79047ca9a2a3835b79c44ac0de3b76162b629e668d2376de689da8b1477e098fa32449e67bba350c1ce82b8d8a07580a261cdfb6b14e31ecc2f6d5bf4fc64bff8c3d004d9e115f904e82aa6ac279ff0c335d2ed637af5f70732cdfb122470657a8c0c2860f07c7f356f053b2a51530dd0706c4f1a6074a1fe293f62486f17acadfbcebf614b3e18565f80b8a2f1bbd61a71cde2fa28604168d6aca2cba75d824f1d6a0a863601d12552d41faadb7e734790cb6b67918e7b146f0a886a776a43c7e651f6e069284cc7ee87432a4c6b4273076f34cc584ab83beae7a9b7080741fa43068202549909ad6bdcd1ab9df2f05dda0d99883bf75cfbbc92de81ad9ac4b7c001ee773ad8ef39cbbd05b2bd42297bee1e94d5c6f9ac6b73aa29919453a57c14a0f4e6e273f860e81db369354217e1a1e81a0a4df1bb58f0b730430f6875c7a0ad8e5b0c25e1ca8bbcf2593f28055f8eca9e7a9f338fcd0762e9680c0316a62491caf664399fe15b55cb841e28e419e1faf557d3fe33501bce505ecfc617a0975119545214bc5fa004f3048ad058799a6d3247f46d0f94c7f78252fa0734cf6aeffae55fd87ba7b3a7ec9c7b2987298f7d72a64611e2847cae8e9a5f3d130c154ae3b80f4e97501e5cb88c86367b02eceac72b26cfc5479ebd8f1868121bd71eb7d18b68944d4d6034b0ce47d7765b4ba0cef9259200ad1a13ecc127283f548316629f0932a8c29b2d719f166b84c0b9b84a8858b5abdc90b6946b6139e2d74e712faa56ce7407e166978f64a2dac879ae99416c6b88ee4a5d1b8d690db4e5a7f6c9d7430304dcdd3130e3231610e55f66bbd57b687ed378df002a54200f96a75964c8b3d5ea2c12b36fcc1f6e66ccd00af99d2dd11f29bbe66a4364b623165e8061b0fa23c002d2d3a6f1d35068786e93bc2d3771e1ebccfcf9f0694ac81b499e46145ced72f7bf6ea4a9f1eacb6aa2575275db56e0ae75afb9110ce0a31436b8dd6222c547518ab7d8dfee6d0d83786565442cb04cc18f81a528a433e476d0ac4c126a3e2624c8575f80d33f2c8da400b2f9ecaafc23f90300572cc92693c6552705faf7b852823abdc73f9a70d01fef7ef32e854717cc2498e80a5a326b12af98b4b1a47d9a64d3e1e0d7a3ade947823e87f40e0a5eee8b1d9f97a59d1ecefbb0eedb7618f4ca1b09b87f5a6b8ef2407f05cf9ffec16ebcb3de7ee8ced0e64ddef6ad6aa24a917d92be6d7d9bfeb43c2f2bc260405dd63b45031fc4ea7b6cc4f1dc11263208466e509f867c98c5ff788aafa2b67cb0b90317b55949170826fdeec952193c6da8bf5538186ea957e6e819e647ebbb795aa8d7b0ad0790effb6d4db7ae7a383b044133d73af1fa850f2b0fb1615516631fda16a8a6050da4d592b9b758e910edc6828530f9fcad7ee403f341807ad3ee1c4aa95a88070f977c9fe611d26752b0cae69f7b80b4f3b61139fb6d16dc7b340110d51d0452a6851a03a78e41c5d5667385b01f1f855c1f55d9dbbe8476ec1c57f3eb49f3f27acba1180ea61b425c6a929e5965770d01e8bf9df4d680db233307b7dd30e1bfaeeea454e0883777629aeedf5bc94903a8878831d636ac5947330025e9f3f74f55ea70e3e685f9366721c36dcba9a6fa8d642906065e4799147c6562fcb9ad3a613fbbc850ceb2a69259e2e9e73bcc692f766fe2d26932d1edb44ca9e9aa59280451b14bb0ccbb3117cd2dca74f61f13d461faf50a7b88cda3f3226e84988e5d08580570dc0ad42257e936c6cbe9f80e7e7b3792c0f12839d4ddeabf72ef7ac217f71d2a174f2ef272925dc0f49a455472b1efcf14c168b216c75f84f7ac5c24c9296eef9c1d335e2e05ebdaf0c38a11d61fea7f47d43f8e8765e718ad545303fc2dcba2ec45fdaa9bb473b774bf881f801fcc5311fa511865566e92f5862e9ea0c83de6a2efcd392ea6", 0x1000}], 0x1, &(0x7f0000000a00)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=r3, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32=r2, @ANYRES32=r0, @ANYRES32=r2, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=r4, @ANYRES32=r5, @ANYRES32=r7, @ANYBLOB="00e100002800000000000000010000000120b100", @ANYRES32=r8, @ANYRES32=r2, @ANYRES32=r1, @ANYRES32=r1, @ANYRES32=r0, @ANYRES32=r9, @ANYBLOB="18000000000000000100000001000000", @ANYRES32=r10, @ANYRES32=r0], 0xc0, 0x4008000}, 0x8000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x2d)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x67, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, @perf_bp={0x0}, 0x141, 0xf2d5, 0x0, 0x9, 0x3, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, 0x0, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x3a, &(0x7f0000000300)=ANY=[@ANYBLOB="bbbb39d9daa9963682dbe80200000000002c00080000001190784ca25e6ee000090000000000000090780400000000"], 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r11 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r11, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x34, 0x0, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'bond0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}]}, 0x34}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000060000000500000000100000", @ANYRES32, @ANYBLOB, @ANYRES32=0x0], 0x48)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="9feb010018000000000000003c0000003c00000002000000000000000100000d0000000000000000030000000000000000000001ff00000040000000000000000000000300000000020000"], 0x0, 0x56, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="190000000400000008000000080000000000"], 0x48)

300.841618ms ago: executing program 0 (id=413):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000010a850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000005e002200850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000400)='kmem_cache_free\x00', r3}, 0x10)
r5 = socket(0x10, 0x3, 0x0)
connect$netlink(r5, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(r5, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000001540)=@newtaction={0x18, 0x32, 0x829, 0x0, 0x0, {}, [{0x4}]}, 0x18}}, 0x0)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
r7 = socket$nl_route(0x10, 0x3, 0x0)
unshare(0x68040200)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=@newlink={0x48, 0x10, 0x581, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GENEVE_REMOTE6={0x14, 0x7, @loopback={0xfec0ffff00000000}}]}}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001940)=@newtaction={0xe98, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0xe84, 0x1, [@m_pedit={0xe80, 0x1, 0x0, 0x0, {{0xa}, {0xe54, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe50, 0x2, {{{}, 0x97, 0x0, [{}, {0x0, 0x0, 0xfffffffc}]}, [{0x3, 0x0, 0x5}, {}, {}, {}, {0x0, 0x0, 0x2}, {0x448eade7}, {0x0, 0x0, 0x80000000}, {0x0, 0x0, 0xfffffffc}, {0x20000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {}, {}, {0x2}, {}, {0xfffffffc}, {0x0, 0xe}, {}, {}, {0x0, 0x4, 0x0, 0x0, 0x4}, {}, {}, {0x0, 0x0, 0x0, 0xfffffffc}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {0x0, 0x0, 0x0, 0xb2d}, {}, {0x0, 0x0, 0x0, 0x0, 0x40000000}, {}, {}, {}, {}, {0xfffffffe}, {}, {}, {}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0x4000000}, {}, {0x0, 0x0, 0x0, 0x0, 0x444cd0f4}, {0x5}, {}, {}, {0x0, 0x0, 0x2}, {0x0, 0x10}, {0x0, 0x0, 0x0, 0xfffeffff}, {}, {0x2, 0x0, 0x0, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x0, 0xffffffff}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x20000000}, {}, {}, {}, {}, {0x1, 0x0, 0x0, 0x3}, {}, {0x9}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffb}, {0x0, 0x0, 0x0, 0x0, 0x6}, {}, {}, {0x0, 0x0, 0x0, 0xff, 0xfffffffc}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x5}, {}, {0x0, 0x0, 0x0, 0x0, 0xe10}, {0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xb}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {0x0, 0x1}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {0x1}, {}, {0x4}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {}, {0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe98}}, 0x0)
recvmmsg(r0, &(0x7f00000036c0), 0x40000d1, 0x0, 0x0)
r9 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r9, 0x84, 0x70, 0x0, &(0x7f0000000480))
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r10 = socket$inet6(0xa, 0x800000000000002, 0x0)
poll(&(0x7f0000000440)=[{r2, 0x100}, {r3, 0x21}, {r4, 0x5400}, {r1, 0x3182}, {r10, 0x1}], 0x5, 0x7536146b)
r11 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r11}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000)=0x2000000, 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000)=0x1, 0x0)
setsockopt$inet6_udp_int(r10, 0x11, 0x67, &(0x7f0000000180)=0x7f, 0x4)
connect$inet6(r10, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast2, 0x2}, 0x1c)

0s ago: executing program 3 (id=414):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000fd04000000ff000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000bc0)={0x18, 0x14, &(0x7f00000007c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x5}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}}, @btf_id={0x18, 0xe, 0x3, 0x0, 0x2}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @map_idx={0x18, 0x1, 0x5, 0x0, 0xf}, @jmp={0x5, 0x1, 0x9, 0x3, 0xa, 0x30, 0xffffffffffffffff}, @map_fd={0x18, 0x1, 0x1, 0x0, r0}, @exit, @btf_id={0x18, 0x690d685cdcbe9015, 0x3, 0x0, 0x4}, @ldst={0x1, 0x3, 0x6, 0x3, 0x9, 0x8, 0xfffffffffffffff0}]}, &(0x7f0000000180)='GPL\x00', 0x81, 0x8d, &(0x7f0000000880)=""/141, 0x41000, 0x40, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000001c0)={0x7, 0x4}, 0x8, 0x10, &(0x7f0000000280)={0x2, 0x2, 0xaa65, 0xffffb53a}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000002c0)=[r0, r0, r0, r0], 0x0, 0x10, 0xffffff01, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1, 0x0, 0x3430}, 0x18)
r2 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r2, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @loopback}}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000100)="a6", 0xfffffcf4}, {0x0}], 0x2, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={0x0}, 0x18)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
r5 = syz_io_uring_setup(0x7b58, &(0x7f0000000c40)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=<r6=>0x0, &(0x7f0000000100)=<r7=>0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002080)={&(0x7f0000000140)='kfree\x00', r8}, 0x18)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002ac0)=@newtaction={0x88c, 0x30, 0xffff, 0x0, 0x0, {}, [{0x878, 0x1, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x0, 0x0, 0x0, 0xacd1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0xcfe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x40, 0x0, 0x2, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x0, 0x0, 0x8, 0x10000, 0x0, 0x0, 0x0, 0x6, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x3, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x800, 0x20000000, 0x0, 0xcc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0xe53c0000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x5, 0x0, 0x0, 0x0, {0x3, 0x0, 0x0, 0x0, 0x0, 0x5}, {0x4, 0x2, 0x0, 0x0, 0x0, 0xff}}}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa, {0x3}}}}]}]}, 0x88c}}, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
syz_io_uring_submit(r6, r7, &(0x7f0000000380)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r10, 0x0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1000000000000000190100001000000010"], 0x20}, 0x0, 0xe3d08660d3cd4684})
io_uring_enter(r5, 0x92, 0x0, 0x0, 0x0, 0x0)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r11}, 0x10)
r12 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r12, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @empty, 0xd}, 0x1c)
r13 = socket$nl_generic(0x10, 0x3, 0x10)
r14 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_REMOVE(r13, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000740)=ANY=[@ANYBLOB="14000000", @ANYRES16=r14, @ANYBLOB="0100000000000000000004"], 0x14}, 0x1, 0xfcffffff00000000}, 0x0)

kernel console output (not intermixed with test programs):

[   20.140526][   T29] audit: type=1400 audit(1734130411.052:81): avc:  denied  { read } for  pid=2980 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
Warning: Permanently added '10.128.0.136' (ED25519) to the list of known hosts.
[   25.365051][   T29] audit: type=1400 audit(1734130416.272:82): avc:  denied  { mounton } for  pid=3287 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1925 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   25.366067][ T3287] cgroup: Unknown subsys name 'net'
[   25.388023][   T29] audit: type=1400 audit(1734130416.272:83): avc:  denied  { mount } for  pid=3287 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   25.415373][   T29] audit: type=1400 audit(1734130416.302:84): avc:  denied  { unmount } for  pid=3287 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   25.588159][ T3287] cgroup: Unknown subsys name 'cpuset'
[   25.594171][ T3287] cgroup: Unknown subsys name 'rlimit'
[   25.702463][   T29] audit: type=1400 audit(1734130416.612:85): avc:  denied  { setattr } for  pid=3287 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   25.725744][   T29] audit: type=1400 audit(1734130416.612:86): avc:  denied  { create } for  pid=3287 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   25.746225][   T29] audit: type=1400 audit(1734130416.612:87): avc:  denied  { write } for  pid=3287 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   25.758691][ T3289] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[   25.766642][   T29] audit: type=1400 audit(1734130416.612:88): avc:  denied  { read } for  pid=3287 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   25.795422][   T29] audit: type=1400 audit(1734130416.622:89): avc:  denied  { mounton } for  pid=3287 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   25.820237][   T29] audit: type=1400 audit(1734130416.622:90): avc:  denied  { mount } for  pid=3287 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
Setting up swapspace version 1, size = 127995904 bytes
[   25.843516][   T29] audit: type=1400 audit(1734130416.682:91): avc:  denied  { relabelto } for  pid=3289 comm="mkswap" name="swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   25.855403][ T3287] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   26.995395][ T3296] chnl_net:caif_netlink_parms(): no params data found
[   27.045609][ T3297] chnl_net:caif_netlink_parms(): no params data found
[   27.100047][ T3305] chnl_net:caif_netlink_parms(): no params data found
[   27.130099][ T3296] bridge0: port 1(bridge_slave_0) entered blocking state
[   27.137248][ T3296] bridge0: port 1(bridge_slave_0) entered disabled state
[   27.144406][ T3296] bridge_slave_0: entered allmulticast mode
[   27.151311][ T3296] bridge_slave_0: entered promiscuous mode
[   27.159333][ T3299] chnl_net:caif_netlink_parms(): no params data found
[   27.173709][ T3296] bridge0: port 2(bridge_slave_1) entered blocking state
[   27.180869][ T3296] bridge0: port 2(bridge_slave_1) entered disabled state
[   27.188066][ T3296] bridge_slave_1: entered allmulticast mode
[   27.194335][ T3296] bridge_slave_1: entered promiscuous mode
[   27.223866][ T3296] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   27.236131][ T3296] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   27.259240][ T3297] bridge0: port 1(bridge_slave_0) entered blocking state
[   27.266298][ T3297] bridge0: port 1(bridge_slave_0) entered disabled state
[   27.273524][ T3297] bridge_slave_0: entered allmulticast mode
[   27.280039][ T3297] bridge_slave_0: entered promiscuous mode
[   27.286317][ T3302] chnl_net:caif_netlink_parms(): no params data found
[   27.311645][ T3297] bridge0: port 2(bridge_slave_1) entered blocking state
[   27.318754][ T3297] bridge0: port 2(bridge_slave_1) entered disabled state
[   27.325875][ T3297] bridge_slave_1: entered allmulticast mode
[   27.332248][ T3297] bridge_slave_1: entered promiscuous mode
[   27.347116][ T3305] bridge0: port 1(bridge_slave_0) entered blocking state
[   27.354230][ T3305] bridge0: port 1(bridge_slave_0) entered disabled state
[   27.361410][ T3305] bridge_slave_0: entered allmulticast mode
[   27.367863][ T3305] bridge_slave_0: entered promiscuous mode
[   27.387294][ T3296] team0: Port device team_slave_0 added
[   27.393134][ T3305] bridge0: port 2(bridge_slave_1) entered blocking state
[   27.400201][ T3305] bridge0: port 2(bridge_slave_1) entered disabled state
[   27.407430][ T3305] bridge_slave_1: entered allmulticast mode
[   27.413663][ T3305] bridge_slave_1: entered promiscuous mode
[   27.426509][ T3297] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   27.436270][ T3296] team0: Port device team_slave_1 added
[   27.454318][ T3297] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   27.485566][ T3296] batman_adv: batadv0: Adding interface: batadv_slave_0
[   27.492547][ T3296] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   27.518436][ T3296] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   27.529466][ T3296] batman_adv: batadv0: Adding interface: batadv_slave_1
[   27.536493][ T3296] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   27.562564][ T3296] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   27.573325][ T3299] bridge0: port 1(bridge_slave_0) entered blocking state
[   27.580414][ T3299] bridge0: port 1(bridge_slave_0) entered disabled state
[   27.587646][ T3299] bridge_slave_0: entered allmulticast mode
[   27.593905][ T3299] bridge_slave_0: entered promiscuous mode
[   27.601518][ T3305] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   27.610655][ T3299] bridge0: port 2(bridge_slave_1) entered blocking state
[   27.617704][ T3299] bridge0: port 2(bridge_slave_1) entered disabled state
[   27.624947][ T3299] bridge_slave_1: entered allmulticast mode
[   27.631371][ T3299] bridge_slave_1: entered promiscuous mode
[   27.649008][ T3305] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   27.674066][ T3302] bridge0: port 1(bridge_slave_0) entered blocking state
[   27.681144][ T3302] bridge0: port 1(bridge_slave_0) entered disabled state
[   27.688288][ T3302] bridge_slave_0: entered allmulticast mode
[   27.694613][ T3302] bridge_slave_0: entered promiscuous mode
[   27.701815][ T3297] team0: Port device team_slave_0 added
[   27.708118][ T3297] team0: Port device team_slave_1 added
[   27.719956][ T3299] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   27.729095][ T3302] bridge0: port 2(bridge_slave_1) entered blocking state
[   27.736158][ T3302] bridge0: port 2(bridge_slave_1) entered disabled state
[   27.743409][ T3302] bridge_slave_1: entered allmulticast mode
[   27.749802][ T3302] bridge_slave_1: entered promiscuous mode
[   27.765354][ T3305] team0: Port device team_slave_0 added
[   27.771769][ T3305] team0: Port device team_slave_1 added
[   27.778091][ T3299] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   27.795003][ T3297] batman_adv: batadv0: Adding interface: batadv_slave_0
[   27.802001][ T3297] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   27.828025][ T3297] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   27.854441][ T3297] batman_adv: batadv0: Adding interface: batadv_slave_1
[   27.861464][ T3297] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   27.887380][ T3297] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   27.907270][ T3299] team0: Port device team_slave_0 added
[   27.914738][ T3302] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   27.925564][ T3296] hsr_slave_0: entered promiscuous mode
[   27.931577][ T3296] hsr_slave_1: entered promiscuous mode
[   27.945135][ T3305] batman_adv: batadv0: Adding interface: batadv_slave_0
[   27.952291][ T3305] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   27.978261][ T3305] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   27.989321][ T3305] batman_adv: batadv0: Adding interface: batadv_slave_1
[   27.996246][ T3305] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   28.022162][ T3305] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   28.033554][ T3299] team0: Port device team_slave_1 added
[   28.044410][ T3302] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   28.080621][ T3302] team0: Port device team_slave_0 added
[   28.086424][ T3299] batman_adv: batadv0: Adding interface: batadv_slave_0
[   28.093399][ T3299] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   28.119280][ T3299] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   28.138676][ T3302] team0: Port device team_slave_1 added
[   28.144558][ T3299] batman_adv: batadv0: Adding interface: batadv_slave_1
[   28.151577][ T3299] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   28.177644][ T3299] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   28.209781][ T3297] hsr_slave_0: entered promiscuous mode
[   28.216039][ T3297] hsr_slave_1: entered promiscuous mode
[   28.221908][ T3297] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   28.229482][ T3297] Cannot create hsr debugfs directory
[   28.242401][ T3305] hsr_slave_0: entered promiscuous mode
[   28.248516][ T3305] hsr_slave_1: entered promiscuous mode
[   28.254269][ T3305] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   28.261833][ T3305] Cannot create hsr debugfs directory
[   28.274203][ T3302] batman_adv: batadv0: Adding interface: batadv_slave_0
[   28.281423][ T3302] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   28.307425][ T3302] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   28.318559][ T3302] batman_adv: batadv0: Adding interface: batadv_slave_1
[   28.325502][ T3302] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   28.351436][ T3302] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   28.397510][ T3299] hsr_slave_0: entered promiscuous mode
[   28.403446][ T3299] hsr_slave_1: entered promiscuous mode
[   28.409463][ T3299] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   28.417006][ T3299] Cannot create hsr debugfs directory
[   28.429441][ T3302] hsr_slave_0: entered promiscuous mode
[   28.435394][ T3302] hsr_slave_1: entered promiscuous mode
[   28.441368][ T3302] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   28.448963][ T3302] Cannot create hsr debugfs directory
[   28.576517][ T3296] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   28.596231][ T3296] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   28.616992][ T3296] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   28.627984][ T3297] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   28.636513][ T3297] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   28.644776][ T3296] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   28.658291][ T3297] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   28.666831][ T3297] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   28.691433][ T3305] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   28.699963][ T3305] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   28.708823][ T3305] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   28.724128][ T3299] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   28.732299][ T3305] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   28.753907][ T3299] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   28.762451][ T3299] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   28.771256][ T3299] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   28.782005][ T3302] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   28.799027][ T3302] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   28.807987][ T3302] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   28.816391][ T3302] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   28.868599][ T3296] 8021q: adding VLAN 0 to HW filter on device bond0
[   28.880825][ T3297] 8021q: adding VLAN 0 to HW filter on device bond0
[   28.893176][ T3296] 8021q: adding VLAN 0 to HW filter on device team0
[   28.909117][   T50] bridge0: port 1(bridge_slave_0) entered blocking state
[   28.916251][   T50] bridge0: port 1(bridge_slave_0) entered forwarding state
[   28.924443][   T50] bridge0: port 2(bridge_slave_1) entered blocking state
[   28.931493][   T50] bridge0: port 2(bridge_slave_1) entered forwarding state
[   28.951039][ T3297] 8021q: adding VLAN 0 to HW filter on device team0
[   28.968627][   T50] bridge0: port 1(bridge_slave_0) entered blocking state
[   28.975707][   T50] bridge0: port 1(bridge_slave_0) entered forwarding state
[   28.984374][   T50] bridge0: port 2(bridge_slave_1) entered blocking state
[   28.991437][   T50] bridge0: port 2(bridge_slave_1) entered forwarding state
[   29.020256][ T3296] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   29.030709][ T3296] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   29.045953][ T3302] 8021q: adding VLAN 0 to HW filter on device bond0
[   29.077098][ T3299] 8021q: adding VLAN 0 to HW filter on device bond0
[   29.092596][ T3299] 8021q: adding VLAN 0 to HW filter on device team0
[   29.112584][   T50] bridge0: port 1(bridge_slave_0) entered blocking state
[   29.119748][   T50] bridge0: port 1(bridge_slave_0) entered forwarding state
[   29.128206][   T50] bridge0: port 2(bridge_slave_1) entered blocking state
[   29.135325][   T50] bridge0: port 2(bridge_slave_1) entered forwarding state
[   29.151357][ T3296] 8021q: adding VLAN 0 to HW filter on device batadv0
[   29.159622][ T3302] 8021q: adding VLAN 0 to HW filter on device team0
[   29.178214][ T3305] 8021q: adding VLAN 0 to HW filter on device bond0
[   29.189394][ T3299] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   29.206587][ T3324] bridge0: port 1(bridge_slave_0) entered blocking state
[   29.213751][ T3324] bridge0: port 1(bridge_slave_0) entered forwarding state
[   29.232691][   T40] bridge0: port 2(bridge_slave_1) entered blocking state
[   29.239904][   T40] bridge0: port 2(bridge_slave_1) entered forwarding state
[   29.253591][ T3297] 8021q: adding VLAN 0 to HW filter on device batadv0
[   29.265001][ T3305] 8021q: adding VLAN 0 to HW filter on device team0
[   29.302387][ T3302] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   29.312845][ T3302] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   29.342675][   T28] bridge0: port 1(bridge_slave_0) entered blocking state
[   29.349872][   T28] bridge0: port 1(bridge_slave_0) entered forwarding state
[   29.359114][   T28] bridge0: port 2(bridge_slave_1) entered blocking state
[   29.366189][   T28] bridge0: port 2(bridge_slave_1) entered forwarding state
[   29.403895][ T3305] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   29.419987][ T3299] 8021q: adding VLAN 0 to HW filter on device batadv0
[   29.449015][ T3296] veth0_vlan: entered promiscuous mode
[   29.477858][ T3296] veth1_vlan: entered promiscuous mode
[   29.509675][ T3302] 8021q: adding VLAN 0 to HW filter on device batadv0
[   29.520549][ T3305] 8021q: adding VLAN 0 to HW filter on device batadv0
[   29.529641][ T3296] veth0_macvtap: entered promiscuous mode
[   29.544235][ T3297] veth0_vlan: entered promiscuous mode
[   29.556936][ T3296] veth1_macvtap: entered promiscuous mode
[   29.565478][ T3297] veth1_vlan: entered promiscuous mode
[   29.589714][ T3299] veth0_vlan: entered promiscuous mode
[   29.596569][ T3296] batman_adv: batadv0: Interface activated: batadv_slave_0
[   29.610198][ T3297] veth0_macvtap: entered promiscuous mode
[   29.621262][ T3299] veth1_vlan: entered promiscuous mode
[   29.628544][ T3297] veth1_macvtap: entered promiscuous mode
[   29.637009][ T3296] batman_adv: batadv0: Interface activated: batadv_slave_1
[   29.648560][ T3296] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   29.657294][ T3296] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   29.666069][ T3296] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   29.674813][ T3296] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   29.698384][ T3297] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   29.708970][ T3297] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   29.721485][ T3297] batman_adv: batadv0: Interface activated: batadv_slave_0
[   29.733462][ T3297] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   29.744017][ T3297] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   29.755177][ T3297] batman_adv: batadv0: Interface activated: batadv_slave_1
[   29.763259][ T3299] veth0_macvtap: entered promiscuous mode
[   29.777567][ T3297] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   29.786310][ T3297] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   29.795083][ T3297] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   29.803874][ T3297] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   29.814480][ T3299] veth1_macvtap: entered promiscuous mode
[   29.830743][ T3299] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   29.841289][ T3299] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   29.842173][ T3296] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   29.851194][ T3299] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   29.851209][ T3299] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   29.886860][ T3299] batman_adv: batadv0: Interface activated: batadv_slave_0
[   29.894714][ T3305] veth0_vlan: entered promiscuous mode
[   29.912992][ T3302] veth0_vlan: entered promiscuous mode
[   29.920862][ T3302] veth1_vlan: entered promiscuous mode
[   29.926928][ T3299] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   29.937431][ T3299] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   29.942009][ T3437] loop0: detected capacity change from 0 to 1024
[   29.947393][ T3299] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   29.947409][ T3299] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   29.949051][ T3299] batman_adv: batadv0: Interface activated: batadv_slave_1
[   29.960136][ T3437] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   29.968955][ T3299] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   29.999686][ T3299] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   30.008409][ T3299] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   30.017113][ T3299] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   30.027193][ T3437] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   30.042669][ T3305] veth1_vlan: entered promiscuous mode
[   30.059704][ T3437] syz.0.1[3437] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   30.059852][ T3437] syz.0.1[3437] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   30.062412][ T3302] veth0_macvtap: entered promiscuous mode
[   30.072067][ T3437] syz.0.1[3437] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   30.083135][ T3302] veth1_macvtap: entered promiscuous mode
[   30.107884][ T3302] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   30.117156][ T3437] 9pnet: Could not find request transport: f
[   30.118322][ T3302] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.118333][ T3302] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   30.118346][ T3302] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.118355][ T3302] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   30.165077][ T3302] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.175375][ T3302] batman_adv: batadv0: Interface activated: batadv_slave_0
[   30.198946][ T3302] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   30.209552][ T3302] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.219391][ T3302] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   30.229841][ T3302] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.239717][ T3302] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   30.250141][ T3302] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.262582][ T3302] batman_adv: batadv0: Interface activated: batadv_slave_1
[   30.271554][ T3296] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   30.294347][ T3302] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   30.303254][ T3302] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   30.312019][ T3302] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   30.320755][ T3302] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   30.331588][ T3305] veth0_macvtap: entered promiscuous mode
[   30.333140][ T3446] loop4: detected capacity change from 0 to 1024
[   30.354226][ T3446] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   30.365650][ T3305] veth1_macvtap: entered promiscuous mode
[   30.375218][ T3305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   30.385708][ T3305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.395608][ T3305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   30.406111][ T3305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.415962][ T3305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   30.426460][ T3305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.436291][ T3305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   30.446711][ T3305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.458165][ T3305] batman_adv: batadv0: Interface activated: batadv_slave_0
[   30.471059][   T29] kauditd_printk_skb: 38 callbacks suppressed
[   30.471072][   T29] audit: type=1400 audit(1734130421.382:130): avc:  denied  { create } for  pid=3450 comm="syz.0.8" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   30.471927][ T3305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   30.477219][   T29] audit: type=1400 audit(1734130421.382:131): avc:  denied  { write } for  pid=3450 comm="syz.0.8" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   30.528109][ T3305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.537941][ T3305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   30.548380][ T3305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.558342][ T3305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   30.568773][ T3305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.578583][ T3305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   30.589035][ T3305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.599207][ T3446] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   30.612039][   T29] audit: type=1400 audit(1734130421.512:132): avc:  denied  { read write } for  pid=3455 comm="syz.1.2" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   30.624508][ T3305] batman_adv: batadv0: Interface activated: batadv_slave_1
[   30.635696][   T29] audit: type=1400 audit(1734130421.512:133): avc:  denied  { open } for  pid=3455 comm="syz.1.2" path="/dev/sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   30.635720][   T29] audit: type=1400 audit(1734130421.512:134): avc:  denied  { create } for  pid=3456 comm="syz.0.9" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   30.645132][ T3446] syz.4.7[3446] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   30.666583][   T29] audit: type=1400 audit(1734130421.512:135): avc:  denied  { mounton } for  pid=3455 comm="syz.1.2" path="/0/file0" dev="tmpfs" ino=17 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   30.666610][   T29] audit: type=1400 audit(1734130421.512:136): avc:  denied  { ioctl } for  pid=3456 comm="syz.0.9" path="socket:[5167]" dev="sockfs" ino=5167 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   30.666631][   T29] audit: type=1400 audit(1734130421.512:137): avc:  denied  { connect } for  pid=3456 comm="syz.0.9" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   30.700977][ T3460] loop1: detected capacity change from 0 to 512
[   30.721219][ T3446] syz.4.7[3446] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   30.746134][ T3305] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   30.777567][ T3446] syz.4.7[3446] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   30.780360][ T3305] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   30.809083][ T3305] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   30.817837][ T3305] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   30.827981][ T3460] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2842e028, mo2=0002]
[   30.836364][ T3297] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   30.848651][ T3460] System zones: 1-12
[   30.860205][ T3460] EXT4-fs error (device loop1): ext4_get_branch:178: inode #11: block 33261: comm syz.1.2: invalid block
[   30.872200][ T3460] EXT4-fs (loop1): Remounting filesystem read-only
[   30.888856][   T29] audit: type=1400 audit(1734130421.802:138): avc:  denied  { write } for  pid=3463 comm="syz.4.10" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   30.891392][ T3460] EXT4-fs (loop1): 1 truncate cleaned up
[   30.915280][ T3460] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   30.927522][ T3460] SELinux: (dev loop1, type ext4) getxattr errno 5
[   30.934360][ T3460] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   31.012214][   T29] audit: type=1400 audit(1734130421.922:139): avc:  denied  { create } for  pid=3467 comm="syz.0.11" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   31.055410][ T3472] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3'.
[   31.101842][ T3476] loop4: detected capacity change from 0 to 512
[   31.119720][ T3476] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2842e028, mo2=0002]
[   31.127934][ T3476] System zones: 1-12
[   31.134360][ T3476] EXT4-fs error (device loop4): ext4_get_branch:178: inode #11: block 33261: comm syz.4.12: invalid block
[   31.169264][ T3476] EXT4-fs (loop4): Remounting filesystem read-only
[   31.176766][ T3476] EXT4-fs (loop4): 1 truncate cleaned up
[   31.182952][ T3476] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   31.191825][ T3481] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[   31.202400][ T3476] SELinux: (dev loop4, type ext4) getxattr errno 5
[   31.210367][ T3476] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   31.262364][ T3488] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[   31.290308][ T3492] loop2: detected capacity change from 0 to 512
[   31.304414][ T3492] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2842e028, mo2=0002]
[   31.312473][ T3492] System zones: 1-12
[   31.316634][ T3492] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.16: invalid indirect mapped block 8 (level 2)
[   31.330486][ T3492] EXT4-fs (loop2): Remounting filesystem read-only
[   31.337278][ T3492] EXT4-fs (loop2): 1 truncate cleaned up
[   31.343739][ T3492] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   31.356331][ T3492] SELinux: (dev loop2, type ext4) getxattr errno 5
[   31.365449][ T3492] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   31.425402][ T3499] netlink: 348 bytes leftover after parsing attributes in process `syz.4.19'.
[   31.443388][ T3501] netlink: 32 bytes leftover after parsing attributes in process `syz.3.20'.
[   31.454046][ T3499] syz.4.19: attempt to access beyond end of device
[   31.454046][ T3499] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   31.550824][ T3506] xt_NFQUEUE: number of total queues is 0
[   31.568748][ T3509] loop2: detected capacity change from 0 to 512
[   31.586893][ T3509] ext4: Unknown parameter 'subj_type'
[   31.624149][ T3511] netlink: 12 bytes leftover after parsing attributes in process `syz.3.24'.
[   31.633102][ T3511] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   31.640627][ T3511] batman_adv: batadv0: Removing interface: batadv_slave_0
[   31.667921][ T3511] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   31.675440][ T3511] batman_adv: batadv0: Removing interface: batadv_slave_1
[   31.692509][ T3513] loop2: detected capacity change from 0 to 256
[   31.700323][ T3513] =======================================================
[   31.700323][ T3513] WARNING: The mand mount option has been deprecated and
[   31.700323][ T3513]          and is ignored by this kernel. Remove the mand
[   31.700323][ T3513]          option from the mount to silence this warning.
[   31.700323][ T3513] =======================================================
[   31.742289][ T3513] FAT-fs (loop2): Directory bread(block 64) failed
[   31.749750][ T3513] FAT-fs (loop2): Directory bread(block 65) failed
[   31.756296][ T3513] FAT-fs (loop2): Directory bread(block 66) failed
[   31.771434][ T3513] FAT-fs (loop2): Directory bread(block 67) failed
[   31.778283][ T3513] FAT-fs (loop2): Directory bread(block 68) failed
[   31.784842][ T3513] FAT-fs (loop2): Directory bread(block 69) failed
[   31.792134][ T3513] FAT-fs (loop2): Directory bread(block 70) failed
[   31.798871][ T3513] FAT-fs (loop2): Directory bread(block 71) failed
[   31.805405][ T3513] FAT-fs (loop2): Directory bread(block 72) failed
[   31.812244][ T3513] FAT-fs (loop2): Directory bread(block 73) failed
[   31.833449][ T3513] process 'syz.2.25' launched './file0' with NULL argv: empty string added
[   31.843461][ T3513] syz.2.25: attempt to access beyond end of device
[   31.843461][ T3513] loop2: rw=524288, sector=1736, nr_sectors = 32 limit=256
[   31.872342][ T3513] syz.2.25: attempt to access beyond end of device
[   31.872342][ T3513] loop2: rw=0, sector=1736, nr_sectors = 8 limit=256
[   31.941016][ T3517] loop2: detected capacity change from 0 to 1024
[   31.951186][ T3517] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   31.971156][ T3517] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   31.997586][ T3517] syz.2.28[3517] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   31.997692][ T3517] syz.2.28[3517] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   32.020349][ T3517] syz.2.28[3517] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   32.025147][ T3525] loop4: detected capacity change from 0 to 1024
[   32.051103][ T3525] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   32.064544][ T3529] loop0: detected capacity change from 0 to 256
[   32.076985][ T3529] FAT-fs (loop0): Directory bread(block 64) failed
[   32.079003][ T3517] 9pnet_fd: Insufficient options for proto=fd
[   32.084612][ T3529] FAT-fs (loop0): Directory bread(block 65) failed
[   32.097053][ T3529] FAT-fs (loop0): Directory bread(block 66) failed
[   32.103688][ T3529] FAT-fs (loop0): Directory bread(block 67) failed
[   32.110578][ T3529] FAT-fs (loop0): Directory bread(block 68) failed
[   32.116805][ T3532] loop1: detected capacity change from 0 to 512
[   32.117671][ T3529] FAT-fs (loop0): Directory bread(block 69) failed
[   32.131554][ T3529] FAT-fs (loop0): Directory bread(block 70) failed
[   32.132915][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   32.138229][ T3529] FAT-fs (loop0): Directory bread(block 71) failed
[   32.148794][ T3525] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   32.154116][ T3529] FAT-fs (loop0): Directory bread(block 72) failed
[   32.172575][ T3529] FAT-fs (loop0): Directory bread(block 73) failed
[   32.183005][ T3525] syz.4.30[3525] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   32.183971][ T3532] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2842e028, mo2=0002]
[   32.224107][ T3535] netlink: 24 bytes leftover after parsing attributes in process `syz.2.33'.
[   32.227392][ T3532] System zones: 1-12
[   32.247947][ T3532] EXT4-fs error (device loop1): ext4_get_branch:178: inode #11: block 33261: comm syz.1.32: invalid block
[   32.273538][ T3532] EXT4-fs (loop1): Remounting filesystem read-only
[   32.273573][ T3525] 9pnet_fd: Insufficient options for proto=fd
[   32.294393][ T3529] syz.0.31: attempt to access beyond end of device
[   32.294393][ T3529] loop0: rw=524288, sector=1736, nr_sectors = 32 limit=256
[   32.308479][ T3532] EXT4-fs (loop1): 1 truncate cleaned up
[   32.314639][ T3532] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   32.327244][ T3532] SELinux: (dev loop1, type ext4) getxattr errno 5
[   32.332555][ T3529] syz.0.31: attempt to access beyond end of device
[   32.332555][ T3529] loop0: rw=0, sector=1736, nr_sectors = 8 limit=256
[   32.334288][ T3532] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   32.365974][ T3297] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   32.469083][ T3544] Driver unsupported XDP return value 0 on prog  (id 25) dev N/A, expect packet loss!
[   32.483503][    C0] hrtimer: interrupt took 35799 ns
[   32.536372][ T3550] loop4: detected capacity change from 0 to 2048
[   32.564537][ T3551] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   32.582760][ T3550] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   32.583970][ T3551] loop0: detected capacity change from 0 to 128
[   32.603890][ T3550] netlink: 12 bytes leftover after parsing attributes in process `syz.4.38'.
[   32.613191][ T3551] EXT4-fs: Ignoring removed nobh option
[   32.623796][ T3558] netlink: 12 bytes leftover after parsing attributes in process `syz.3.41'.
[   32.641382][ T3558] bridge_slave_1: left allmulticast mode
[   32.647129][ T3558] bridge_slave_1: left promiscuous mode
[   32.652954][ T3558] bridge0: port 2(bridge_slave_1) entered disabled state
[   32.669638][ T3551] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   32.690003][ T3551] ext4 filesystem being mounted at /8/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   32.696040][ T3562] loop2: detected capacity change from 0 to 2048
[   32.718796][ T3558] bridge_slave_0: left allmulticast mode
[   32.724508][ T3558] bridge_slave_0: left promiscuous mode
[   32.730268][ T3558] bridge0: port 1(bridge_slave_0) entered disabled state
[   32.741165][ T3562] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   32.764047][ T3297] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   32.765316][ T3562] netlink: 12 bytes leftover after parsing attributes in process `syz.2.42'.
[   32.818450][ T3571] loop4: detected capacity change from 0 to 1024
[   32.831009][ T3571] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   32.840914][ T3563] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[   32.851975][ T3571] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   32.868740][ T3571] 9pnet_fd: Insufficient options for proto=fd
[   32.886595][ T3297] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   32.896210][ T3562] syz.2.42 (3562) used greatest stack depth: 10248 bytes left
[   32.910612][ T3575] netlink: 24 bytes leftover after parsing attributes in process `syz.4.44'.
[   32.921829][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   32.983436][ T3581] loop2: detected capacity change from 0 to 512
[   32.990593][ T3581] EXT4-fs (loop2): VFS: Can't find ext4 filesystem
[   33.001164][ T3581] program syz.2.47 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   33.017631][ T3582] loop4: detected capacity change from 0 to 512
[   33.034942][ T3582] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2842e028, mo2=0002]
[   33.043073][ T3582] System zones: 1-12
[   33.047270][ T3582] EXT4-fs error (device loop4): ext4_get_branch:178: inode #11: block 33261: comm syz.4.46: invalid block
[   33.059584][ T3582] EXT4-fs (loop4): Remounting filesystem read-only
[   33.066296][ T3582] EXT4-fs (loop4): 1 truncate cleaned up
[   33.072465][ T3582] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   33.084569][ T3582] SELinux: (dev loop4, type ext4) getxattr errno 5
[   33.091652][ T3582] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   33.281978][ T3591] netlink: 'syz.4.50': attribute type 10 has an invalid length.
[   33.292724][ T3591] team0: Device hsr_slave_0 failed to register rx_handler
[   33.297872][ T3296] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   33.325074][ T3594] loop0: detected capacity change from 0 to 1024
[   33.332528][ T3594] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   33.348645][ T3594] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   33.370917][ T3296] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   33.432558][ T3601] loop1: detected capacity change from 0 to 2048
[   33.458841][ T3601] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   33.477619][ T3601] netlink: 12 bytes leftover after parsing attributes in process `syz.1.53'.
[   33.484276][ T3606] loop3: detected capacity change from 0 to 1024
[   33.496800][ T3606] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   33.512671][ T3606] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   33.528875][ T3606] 9pnet_fd: Insufficient options for proto=fd
[   33.544380][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   33.565364][ T3299] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   33.572558][ T3610] loop3: detected capacity change from 0 to 512
[   33.609611][ T3610] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   33.622365][ T3610] ext4 filesystem being mounted at /11/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   33.738544][ T3610] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[   33.764140][ T3621] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[   33.792435][ T3623] loop2: detected capacity change from 0 to 512
[   33.799238][ T3623] EXT4-fs (loop2): VFS: Can't find ext4 filesystem
[   33.809596][ T3623] program syz.2.59 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   33.835883][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   33.855977][ T3625] loop3: detected capacity change from 0 to 512
[   33.862830][ T3625] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   33.875976][ T3625] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   33.886863][ T3625] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2863: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   33.900102][ T3625] EXT4-fs (loop3): 1 truncate cleaned up
[   33.906005][ T3625] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   33.928710][ T3625] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   33.965558][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.013217][ T3630] syz.3.62: attempt to access beyond end of device
[   34.013217][ T3630] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   34.029569][ T3623] Zero length message leads to an empty skb
[   34.063530][ T3632] FAULT_INJECTION: forcing a failure.
[   34.063530][ T3632] name failslab, interval 1, probability 0, space 0, times 0
[   34.076242][ T3632] CPU: 1 UID: 0 PID: 3632 Comm: syz.4.63 Not tainted 6.13.0-rc2-syzkaller-00192-g243f750a2df0 #0
[   34.086745][ T3632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   34.096873][ T3632] Call Trace:
[   34.100202][ T3632]  <TASK>
[   34.103201][ T3632]  dump_stack_lvl+0xf2/0x150
[   34.107884][ T3632]  dump_stack+0x15/0x1a
[   34.112046][ T3632]  should_fail_ex+0x223/0x230
[   34.117007][ T3632]  should_failslab+0x8f/0xb0
[   34.121895][ T3632]  kmem_cache_alloc_node_noprof+0x59/0x320
[   34.127729][ T3632]  ? __alloc_skb+0x10b/0x310
[   34.132313][ T3632]  __alloc_skb+0x10b/0x310
[   34.136795][ T3632]  netlink_alloc_large_skb+0xad/0xe0
[   34.142076][ T3632]  netlink_sendmsg+0x3b4/0x6e0
[   34.146828][ T3632]  ? __pfx_netlink_sendmsg+0x10/0x10
[   34.152114][ T3632]  __sock_sendmsg+0x140/0x180
[   34.156797][ T3632]  ____sys_sendmsg+0x312/0x410
[   34.161564][ T3632]  __sys_sendmsg+0x19d/0x230
[   34.166198][ T3632]  __x64_sys_sendmsg+0x46/0x50
[   34.170957][ T3632]  x64_sys_call+0x2734/0x2dc0
[   34.175661][ T3632]  do_syscall_64+0xc9/0x1c0
[   34.180207][ T3632]  ? clear_bhb_loop+0x55/0xb0
[   34.184913][ T3632]  ? clear_bhb_loop+0x55/0xb0
[   34.189691][ T3632]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   34.195591][ T3632] RIP: 0033:0x7efcc5835d19
[   34.200037][ T3632] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   34.219714][ T3632] RSP: 002b:00007efcc3ea1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   34.228156][ T3632] RAX: ffffffffffffffda RBX: 00007efcc5a25fa0 RCX: 00007efcc5835d19
[   34.236130][ T3632] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000005
[   34.244086][ T3632] RBP: 00007efcc3ea1090 R08: 0000000000000000 R09: 0000000000000000
[   34.252064][ T3632] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   34.260032][ T3632] R13: 0000000000000000 R14: 00007efcc5a25fa0 R15: 00007fff44999d98
[   34.267992][ T3632]  </TASK>
[   34.328442][ T3641] loop4: detected capacity change from 0 to 1024
[   34.335445][ T3641] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   34.348647][ T3641] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   34.370107][ T3641] 9pnet: Could not find request transport: f
[   34.384553][ T3297] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.423256][ T3648] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[   34.534754][ T3658] loop4: detected capacity change from 0 to 512
[   34.542312][ T3658] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2842e028, mo2=0002]
[   34.550446][ T3658] System zones: 1-12
[   34.554743][ T3658] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.70: invalid indirect mapped block 8 (level 2)
[   34.568254][ T3658] EXT4-fs (loop4): Remounting filesystem read-only
[   34.575114][ T3658] EXT4-fs (loop4): 1 truncate cleaned up
[   34.583487][ T3658] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   34.595707][ T3658] SELinux: (dev loop4, type ext4) getxattr errno 5
[   34.603182][ T3658] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.708768][ T3668] block device autoloading is deprecated and will be removed.
[   34.716602][ T3668] syz.2.74: attempt to access beyond end of device
[   34.716602][ T3668] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   34.734025][ T3671] loop4: detected capacity change from 0 to 512
[   34.742839][ T3671] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2842e028, mo2=0002]
[   34.750941][ T3671] System zones: 1-12
[   34.754998][ T3671] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.73: invalid indirect mapped block 8 (level 2)
[   34.768424][ T3671] EXT4-fs (loop4): Remounting filesystem read-only
[   34.775086][ T3671] EXT4-fs (loop4): 1 truncate cleaned up
[   34.781215][ T3671] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   34.793374][ T3671] SELinux: (dev loop4, type ext4) getxattr errno 5
[   34.800935][ T3671] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.895369][ T3683] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   34.902813][ T3683] batman_adv: batadv0: Removing interface: batadv_slave_0
[   34.910425][ T3683] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   34.917898][ T3683] batman_adv: batadv0: Removing interface: batadv_slave_1
[   35.069807][ T3690] loop2: detected capacity change from 0 to 512
[   35.076614][ T3690] EXT4-fs (loop2): VFS: Can't find ext4 filesystem
[   35.141004][ T3694] loop3: detected capacity change from 0 to 512
[   35.151268][ T3694] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
[   35.156622][ T3696] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   35.165302][ T3696] batman_adv: batadv0: Removing interface: batadv_slave_0
[   35.172328][ T3697] loop2: detected capacity change from 0 to 512
[   35.183632][ T3696] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   35.184289][ T3694] program syz.3.85 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   35.191369][ T3696] batman_adv: batadv0: Removing interface: batadv_slave_1
[   35.212154][ T3697] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2842e028, mo2=0002]
[   35.220508][ T3697] System zones: 1-12
[   35.224936][ T3697] EXT4-fs error (device loop2): ext4_get_branch:178: inode #11: block 33261: comm syz.2.84: invalid block
[   35.236401][ T3697] EXT4-fs (loop2): Remounting filesystem read-only
[   35.243013][ T3697] EXT4-fs (loop2): 1 truncate cleaned up
[   35.248937][ T3697] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   35.260964][ T3697] SELinux: (dev loop2, type ext4) getxattr errno 5
[   35.267959][ T3697] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.406059][ T3711] loop0: detected capacity change from 0 to 2048
[   35.414805][ T3713] bpf_get_probe_write_proto: 14 callbacks suppressed
[   35.414818][ T3713] syz.2.92[3713] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   35.421800][ T3713] syz.2.92[3713] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   35.433446][ T3711] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   35.433734][ T3713] syz.2.92[3713] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   35.486672][   T29] kauditd_printk_skb: 840 callbacks suppressed
[   35.486686][   T29] audit: type=1326 audit(1734130426.392:980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3710 comm="syz.0.91" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f3469085da7 code=0x7ffc0000
[   35.540941][   T29] audit: type=1326 audit(1734130426.402:981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3710 comm="syz.0.91" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3469084680 code=0x7ffc0000
[   35.564200][   T29] audit: type=1326 audit(1734130426.402:982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3710 comm="syz.0.91" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f346908497a code=0x7ffc0000
[   35.574989][ T3296] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.587401][   T29] audit: type=1326 audit(1734130426.412:983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3710 comm="syz.0.91" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3469085d19 code=0x7ffc0000
[   35.619750][   T29] audit: type=1326 audit(1734130426.412:984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3710 comm="syz.0.91" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3469085d19 code=0x7ffc0000
[   35.626120][ T3720] program syz.1.95 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   35.643201][   T29] audit: type=1326 audit(1734130426.412:985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3710 comm="syz.0.91" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f3469085d19 code=0x7ffc0000
[   35.674985][   T29] audit: type=1326 audit(1734130426.412:986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3710 comm="syz.0.91" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3469085d19 code=0x7ffc0000
[   35.698720][   T29] audit: type=1326 audit(1734130426.412:987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3710 comm="syz.0.91" exe="/root/syz-executor" sig=0 arch=c000003e syscall=77 compat=0 ip=0x7f3469085d19 code=0x7ffc0000
[   35.721901][   T29] audit: type=1326 audit(1734130426.412:988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3710 comm="syz.0.91" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3469085d19 code=0x7ffc0000
[   35.745177][   T29] audit: type=1326 audit(1734130426.412:989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3710 comm="syz.0.91" exe="/root/syz-executor" sig=0 arch=c000003e syscall=40 compat=0 ip=0x7f3469085d19 code=0x7ffc0000
[   35.751547][ T3726] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   35.775923][ T3726] batman_adv: batadv0: Removing interface: batadv_slave_0
[   35.783639][ T3726] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   35.791136][ T3726] batman_adv: batadv0: Removing interface: batadv_slave_1
[   35.826740][ T3732] loop4: detected capacity change from 0 to 512
[   35.838343][ T3732] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2842e028, mo2=0002]
[   35.844195][ T3735] loop0: detected capacity change from 0 to 512
[   35.848981][ T3732] System zones: 1-12
[   35.854317][ T3735] EXT4-fs (loop0): VFS: Can't find ext4 filesystem
[   35.863056][ T3732] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.96: invalid indirect mapped block 8 (level 2)
[   35.877298][ T3732] EXT4-fs (loop4): Remounting filesystem read-only
[   35.883947][ T3732] EXT4-fs (loop4): 1 truncate cleaned up
[   35.884586][ T3735] program syz.0.100 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   35.891834][ T3732] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   35.911008][ T3732] SELinux: (dev loop4, type ext4) getxattr errno 5
[   35.918711][ T3732] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.052355][ T3751] syz.3.108: attempt to access beyond end of device
[   36.052355][ T3751] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   36.070139][ T3750] loop0: detected capacity change from 0 to 1024
[   36.083705][ T3750] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   36.116768][ T3750] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   36.117406][ T3756] FAULT_INJECTION: forcing a failure.
[   36.117406][ T3756] name failslab, interval 1, probability 0, space 0, times 0
[   36.138622][ T3750] 9pnet_fd: Insufficient options for proto=fd
[   36.141483][ T3756] CPU: 1 UID: 0 PID: 3756 Comm: syz.4.109 Not tainted 6.13.0-rc2-syzkaller-00192-g243f750a2df0 #0
[   36.148552][ T3758] __nla_validate_parse: 12 callbacks suppressed
[   36.148564][ T3758] netlink: 24 bytes leftover after parsing attributes in process `syz.3.110'.
[   36.158098][ T3756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   36.158112][ T3756] Call Trace:
[   36.158118][ T3756]  <TASK>
[   36.158125][ T3756]  dump_stack_lvl+0xf2/0x150
[   36.194149][ T3756]  dump_stack+0x15/0x1a
[   36.198300][ T3756]  should_fail_ex+0x223/0x230
[   36.203012][ T3756]  should_failslab+0x8f/0xb0
[   36.207592][ T3756]  __kmalloc_node_noprof+0xad/0x410
[   36.212922][ T3756]  ? vmemdup_user+0x42/0x1b0
[   36.217557][ T3756]  vmemdup_user+0x42/0x1b0
[   36.222056][ T3756]  map_lookup_elem+0x1f5/0x560
[   36.226857][ T3756]  __sys_bpf+0x398/0x7a0
[   36.231198][ T3756]  __x64_sys_bpf+0x43/0x50
[   36.235607][ T3756]  x64_sys_call+0x2914/0x2dc0
[   36.240277][ T3756]  do_syscall_64+0xc9/0x1c0
[   36.244766][ T3756]  ? clear_bhb_loop+0x55/0xb0
[   36.249437][ T3756]  ? clear_bhb_loop+0x55/0xb0
[   36.254114][ T3756]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   36.260106][ T3756] RIP: 0033:0x7efcc5835d19
[   36.264551][ T3756] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   36.284258][ T3756] RSP: 002b:00007efcc3ea1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   36.292685][ T3756] RAX: ffffffffffffffda RBX: 00007efcc5a25fa0 RCX: 00007efcc5835d19
[   36.300640][ T3756] RDX: 0000000000000020 RSI: 0000000020000200 RDI: 0000000000000001
[   36.308594][ T3756] RBP: 00007efcc3ea1090 R08: 0000000000000000 R09: 0000000000000000
[   36.316560][ T3756] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   36.324511][ T3756] R13: 0000000000000000 R14: 00007efcc5a25fa0 R15: 00007fff44999d98
[   36.332567][ T3756]  </TASK>
[   36.347770][ T3296] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.394379][ T3762] netlink: 12 bytes leftover after parsing attributes in process `syz.3.112'.
[   36.514347][ T3779] loop4: detected capacity change from 0 to 1024
[   36.521845][ T3780] netlink: 348 bytes leftover after parsing attributes in process `syz.3.118'.
[   36.527758][ T3779] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   36.531801][ T3780] syz.3.118: attempt to access beyond end of device
[   36.531801][ T3780] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   36.660241][ T3779] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   36.784830][ T3786] netlink: 348 bytes leftover after parsing attributes in process `syz.0.120'.
[   36.795849][ T3786] syz.0.120: attempt to access beyond end of device
[   36.795849][ T3786] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   36.815964][ T3297] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.908096][ T3790] loop4: detected capacity change from 0 to 1024
[   36.915474][ T3790] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   36.938432][ T3790] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   36.965500][ T3790] 9pnet_fd: Insufficient options for proto=fd
[   36.983902][ T3297] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.994432][ T3796] netlink: 24 bytes leftover after parsing attributes in process `syz.0.123'.
[   37.071419][ T3801] netlink: 12 bytes leftover after parsing attributes in process `syz.1.126'.
[   37.089737][ T3805] loop0: detected capacity change from 0 to 512
[   37.124087][ T3805] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2842e028, mo2=0002]
[   37.139020][ T3805] System zones: 1-12
[   37.143326][ T3805] EXT4-fs error (device loop0): ext4_get_branch:178: inode #11: block 33261: comm syz.0.125: invalid block
[   37.149096][ T3813] program syz.1.129 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   37.155195][ T3805] EXT4-fs (loop0): Remounting filesystem read-only
[   37.170895][ T3805] EXT4-fs (loop0): 1 truncate cleaned up
[   37.177230][ T3805] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   37.189529][ T3805] SELinux: (dev loop0, type ext4) getxattr errno 5
[   37.196352][ T3805] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.249421][ T3817] netlink: 132 bytes leftover after parsing attributes in process `syz.3.131'.
[   37.323158][ T3824] netlink: 348 bytes leftover after parsing attributes in process `syz.0.134'.
[   37.341746][ T3827] netlink: 24 bytes leftover after parsing attributes in process `syz.2.135'.
[   37.353853][ T3824] block device autoloading is deprecated and will be removed.
[   37.364563][ T3824] syz.0.134: attempt to access beyond end of device
[   37.364563][ T3824] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   37.409267][ T3833] loop2: detected capacity change from 0 to 512
[   37.417500][ T3833] EXT4-fs (loop2): VFS: Can't find ext4 filesystem
[   37.465662][ T3833] program syz.2.138 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   37.505791][ T3839] syz.0.140[3839] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   37.505900][ T3839] syz.0.140[3839] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   37.517795][ T3839] syz.0.140[3839] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   37.527802][ T3841] program syz.1.141 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   37.635495][ T3846] loop0: detected capacity change from 0 to 512
[   37.643195][ T3846] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2842e028, mo2=0002]
[   37.651238][ T3846] System zones: 1-12
[   37.655517][ T3846] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.143: invalid indirect mapped block 8 (level 2)
[   37.669182][ T3846] EXT4-fs (loop0): Remounting filesystem read-only
[   37.675751][ T3846] EXT4-fs (loop0): 1 truncate cleaned up
[   37.682044][ T3846] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   37.694287][ T3846] SELinux: (dev loop0, type ext4) getxattr errno 5
[   37.701173][ T3846] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.818736][ T3851] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[   38.034385][ T3860] loop4: detected capacity change from 0 to 2048
[   38.049422][ T3860] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   38.075376][ T3297] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.099287][ T3865] netlink: 348 bytes leftover after parsing attributes in process `syz.4.149'.
[   38.109117][ T3865] syz.4.149: attempt to access beyond end of device
[   38.109117][ T3865] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   38.210209][ T3871] netlink: 'syz.2.152': attribute type 27 has an invalid length.
[   38.231974][ T3872] loop4: detected capacity change from 0 to 512
[   38.249327][ T3872] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2842e028, mo2=0002]
[   38.257547][ T3872] System zones: 1-12
[   38.262041][ T3872] EXT4-fs error (device loop4): ext4_get_branch:178: inode #11: block 33261: comm syz.4.151: invalid block
[   38.274061][ T3877] netlink: 'syz.2.152': attribute type 27 has an invalid length.
[   38.291464][ T3872] EXT4-fs (loop4): Remounting filesystem read-only
[   38.296096][ T3879] netlink: 'syz.3.154': attribute type 27 has an invalid length.
[   38.298074][ T3872] EXT4-fs (loop4): 1 truncate cleaned up
[   38.312434][ T3872] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   38.324580][ T3872] SELinux: (dev loop4, type ext4) getxattr errno 5
[   38.331515][ T3872] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.372860][ T3883] netlink: 'syz.3.154': attribute type 27 has an invalid length.
[   38.381785][ T3882] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[   38.669085][ T3889] netlink: 'syz.0.157': attribute type 10 has an invalid length.
[   38.681005][ T3889] team0: Device hsr_slave_0 failed to register rx_handler
[   39.077599][ T3893] loop2: detected capacity change from 0 to 2048
[   39.089395][ T3893] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   39.114121][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.152593][ T3897] loop2: detected capacity change from 0 to 2048
[   39.164981][ T3899] loop3: detected capacity change from 0 to 2048
[   39.175694][ T3897] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   39.177960][ T3903] netlink: 'syz.1.162': attribute type 29 has an invalid length.
[   39.199656][ T3903] netlink: 'syz.1.162': attribute type 29 has an invalid length.
[   39.208045][ T3903] unsupported nla_type 40
[   39.213134][ T3899] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   39.296102][ T3910] netlink: 'syz.1.163': attribute type 10 has an invalid length.
[   39.306974][ T3910] team0: Device hsr_slave_0 failed to register rx_handler
[   39.346531][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.351081][ T3916] FAULT_INJECTION: forcing a failure.
[   39.351081][ T3916] name failslab, interval 1, probability 0, space 0, times 0
[   39.368240][ T3916] CPU: 0 UID: 0 PID: 3916 Comm: syz.4.166 Not tainted 6.13.0-rc2-syzkaller-00192-g243f750a2df0 #0
[   39.378868][ T3916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   39.388914][ T3916] Call Trace:
[   39.392222][ T3916]  <TASK>
[   39.395135][ T3916]  dump_stack_lvl+0xf2/0x150
[   39.399768][ T3916]  dump_stack+0x15/0x1a
[   39.403924][ T3916]  should_fail_ex+0x223/0x230
[   39.408600][ T3916]  should_failslab+0x8f/0xb0
[   39.413252][ T3916]  kmem_cache_alloc_node_noprof+0x59/0x320
[   39.419044][ T3916]  ? __alloc_skb+0x10b/0x310
[   39.423626][ T3916]  __alloc_skb+0x10b/0x310
[   39.428028][ T3916]  netlink_alloc_large_skb+0xad/0xe0
[   39.433299][ T3916]  netlink_sendmsg+0x3b4/0x6e0
[   39.438089][ T3916]  ? __pfx_netlink_sendmsg+0x10/0x10
[   39.443358][ T3916]  __sock_sendmsg+0x140/0x180
[   39.448039][ T3916]  ____sys_sendmsg+0x312/0x410
[   39.452909][ T3916]  __sys_sendmsg+0x19d/0x230
[   39.457491][ T3916]  __x64_sys_sendmsg+0x46/0x50
[   39.462236][ T3916]  x64_sys_call+0x2734/0x2dc0
[   39.466892][ T3916]  do_syscall_64+0xc9/0x1c0
[   39.471390][ T3916]  ? clear_bhb_loop+0x55/0xb0
[   39.476098][ T3916]  ? clear_bhb_loop+0x55/0xb0
[   39.480756][ T3916]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   39.486764][ T3916] RIP: 0033:0x7efcc5835d19
[   39.491163][ T3916] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   39.510768][ T3916] RSP: 002b:00007efcc3ea1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   39.519178][ T3916] RAX: ffffffffffffffda RBX: 00007efcc5a25fa0 RCX: 00007efcc5835d19
[   39.527141][ T3916] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003
[   39.535094][ T3916] RBP: 00007efcc3ea1090 R08: 0000000000000000 R09: 0000000000000000
[   39.543052][ T3916] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   39.551004][ T3916] R13: 0000000000000000 R14: 00007efcc5a25fa0 R15: 00007fff44999d98
[   39.558972][ T3916]  </TASK>
[   39.565540][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.588435][ T3918] loop2: detected capacity change from 0 to 1024
[   39.597557][ T3918] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   39.625446][ T3920] syz.4.169: attempt to access beyond end of device
[   39.625446][ T3920] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   39.642058][ T3918] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   39.658974][ T3918] 9pnet_fd: Insufficient options for proto=fd
[   39.688028][ T3928] loop0: detected capacity change from 0 to 2048
[   39.698116][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.706715][ T3928] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   39.757212][ T3937] loop3: detected capacity change from 0 to 512
[   39.777142][ T3296] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.779163][ T3937] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2842e028, mo2=0002]
[   39.794240][ T3937] System zones: 1-12
[   39.807600][ T3937] EXT4-fs error (device loop3): ext4_get_branch:178: inode #11: block 33261: comm syz.3.173: invalid block
[   39.836127][ T3937] EXT4-fs (loop3): Remounting filesystem read-only
[   39.842843][ T3937] EXT4-fs (loop3): 1 truncate cleaned up
[   39.849206][ T3937] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   39.861365][ T3937] SELinux: (dev loop3, type ext4) getxattr errno 5
[   39.870075][ T3937] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.920366][ T3949] loop0: detected capacity change from 0 to 2048
[   39.967342][ T3949] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   40.066414][ T3296] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.092018][ T3961] loop0: detected capacity change from 0 to 1024
[   40.101238][ T3962] netlink: 'syz.3.182': attribute type 10 has an invalid length.
[   40.110516][ T3961] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   40.123246][ T3962] team0: Device hsr_slave_0 failed to register rx_handler
[   40.130643][ T3965] netlink: 'syz.1.184': attribute type 27 has an invalid length.
[   40.156612][ T3961] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   40.170281][ T3961] 9pnet_fd: Insufficient options for proto=fd
[   40.184035][ T3296] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.192874][ T3969] netlink: 'syz.1.184': attribute type 27 has an invalid length.
[   40.234093][ T3975] loop2: detected capacity change from 0 to 1024
[   40.241662][ T3975] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   40.278655][ T3975] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   40.302216][ T3975] 9pnet: Could not find request transport: f
[   40.319358][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.409195][ T3992] loop0: detected capacity change from 0 to 2048
[   40.419453][ T3992] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   40.494054][ T3296] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.568434][ T3998] netlink: 'syz.0.195': attribute type 10 has an invalid length.
[   40.576618][ T3998] team0: Device hsr_slave_0 failed to register rx_handler
[   40.601600][   T29] kauditd_printk_skb: 735 callbacks suppressed
[   40.601615][   T29] audit: type=1326 audit(1734130433.510:1723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3999 comm="syz.4.196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcc5835d19 code=0x7ffc0000
[   40.631551][ T4000] loop4: detected capacity change from 0 to 2048
[   40.631581][   T29] audit: type=1326 audit(1734130433.510:1724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3999 comm="syz.4.196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7efcc5835d19 code=0x7ffc0000
[   40.661881][   T29] audit: type=1326 audit(1734130433.510:1725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3999 comm="syz.4.196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7efcc5835d53 code=0x7ffc0000
[   40.669319][ T4000] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   40.685134][   T29] audit: type=1326 audit(1734130433.510:1726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3999 comm="syz.4.196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7efcc58347cf code=0x7ffc0000
[   40.720544][   T29] audit: type=1326 audit(1734130433.520:1727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3999 comm="syz.4.196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7efcc5835da7 code=0x7ffc0000
[   40.743866][   T29] audit: type=1326 audit(1734130433.540:1728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3999 comm="syz.4.196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7efcc5834680 code=0x7ffc0000
[   40.767175][   T29] audit: type=1326 audit(1734130433.540:1729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3999 comm="syz.4.196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7efcc583591b code=0x7ffc0000
[   40.790659][   T29] audit: type=1326 audit(1734130433.550:1730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3999 comm="syz.4.196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7efcc583497a code=0x7ffc0000
[   40.814079][   T29] audit: type=1326 audit(1734130433.550:1731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3999 comm="syz.4.196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7efcc583497a code=0x7ffc0000
[   40.837416][   T29] audit: type=1326 audit(1734130433.550:1732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3999 comm="syz.4.196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7efcc5834587 code=0x7ffc0000
[   40.873668][ T3297] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.886550][ T4004] syz.3.198: attempt to access beyond end of device
[   40.886550][ T4004] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   40.963251][ T4008] loop3: detected capacity change from 0 to 2048
[   40.982427][ T4008] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   41.017789][ T4016] block device autoloading is deprecated and will be removed.
[   41.026194][ T4016] syz.1.201: attempt to access beyond end of device
[   41.026194][ T4016] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   41.046059][ T4019] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[   41.124826][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.236190][ T4045] __nla_validate_parse: 19 callbacks suppressed
[   41.236206][ T4045] netlink: 12 bytes leftover after parsing attributes in process `syz.3.205'.
[   41.275205][ T4060] syz.3.208[4060] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   41.275307][ T4060] syz.3.208[4060] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   41.304471][ T4061] loop2: detected capacity change from 0 to 2048
[   41.338679][ T4061] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   41.367981][ T4061] netlink: 12 bytes leftover after parsing attributes in process `syz.2.207'.
[   41.386973][ T4066] netlink: 348 bytes leftover after parsing attributes in process `syz.3.209'.
[   41.397607][ T4066] syz.3.209: attempt to access beyond end of device
[   41.397607][ T4066] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   41.433519][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.490234][ T4076] loop3: detected capacity change from 0 to 2048
[   41.508466][ T4076] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   41.524991][ T4076] netlink: 8 bytes leftover after parsing attributes in process `syz.3.213'.
[   41.534020][ T4076] netlink: 12 bytes leftover after parsing attributes in process `syz.3.213'.
[   41.535640][ T4074] netlink: 36 bytes leftover after parsing attributes in process `syz.2.212'.
[   41.544717][ T4076] netlink: 12 bytes leftover after parsing attributes in process `syz.3.213'.
[   41.551832][ T4074] netlink: 36 bytes leftover after parsing attributes in process `syz.2.212'.
[   41.569757][ T4074] netlink: 36 bytes leftover after parsing attributes in process `syz.2.212'.
[   41.587187][ T4074] netlink: 36 bytes leftover after parsing attributes in process `syz.2.212'.
[   41.597337][ T4079] loop2: detected capacity change from 0 to 128
[   41.663713][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.864763][ T4110] IPv6: Can't replace route, no match found
[   42.677800][ T4128] FAULT_INJECTION: forcing a failure.
[   42.677800][ T4128] name failslab, interval 1, probability 0, space 0, times 0
[   42.690749][ T4128] CPU: 1 UID: 0 PID: 4128 Comm: syz.3.232 Not tainted 6.13.0-rc2-syzkaller-00192-g243f750a2df0 #0
[   42.701343][ T4128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   42.711442][ T4128] Call Trace:
[   42.714982][ T4128]  <TASK>
[   42.717904][ T4128]  dump_stack_lvl+0xf2/0x150
[   42.722547][ T4128]  dump_stack+0x15/0x1a
[   42.726707][ T4128]  should_fail_ex+0x223/0x230
[   42.731417][ T4128]  should_failslab+0x8f/0xb0
[   42.736113][ T4128]  kmem_cache_alloc_node_noprof+0x59/0x320
[   42.741915][ T4128]  ? __alloc_skb+0x10b/0x310
[   42.746499][ T4128]  ? tcp_chrono_stop+0x194/0x200
[   42.751523][ T4128]  __alloc_skb+0x10b/0x310
[   42.755937][ T4128]  tcp_stream_alloc_skb+0x2f/0x1e0
[   42.761048][ T4128]  tcp_connect+0xcdf/0x2290
[   42.765552][ T4128]  ? dst_release+0xde/0x140
[   42.770172][ T4128]  tcp_v4_connect+0xa09/0xad0
[   42.775254][ T4128]  mptcp_connect+0x459/0x760
[   42.779921][ T4128]  __inet_stream_connect+0x162/0x790
[   42.785212][ T4128]  ? _raw_spin_unlock_bh+0x36/0x40
[   42.790379][ T4128]  ? release_sock+0x117/0x150
[   42.795097][ T4128]  ? _raw_spin_unlock_bh+0x36/0x40
[   42.800347][ T4128]  ? lock_sock_nested+0x10f/0x140
[   42.805414][ T4128]  ? selinux_netlbl_socket_connect+0x113/0x130
[   42.811567][ T4128]  inet_stream_connect+0x48/0x70
[   42.816520][ T4128]  ? __pfx_inet_stream_connect+0x10/0x10
[   42.822160][ T4128]  __sys_connect+0x18f/0x1b0
[   42.826813][ T4128]  __x64_sys_connect+0x41/0x50
[   42.831581][ T4128]  x64_sys_call+0x22a7/0x2dc0
[   42.836342][ T4128]  do_syscall_64+0xc9/0x1c0
[   42.840934][ T4128]  ? clear_bhb_loop+0x55/0xb0
[   42.845608][ T4128]  ? clear_bhb_loop+0x55/0xb0
[   42.850282][ T4128]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   42.856260][ T4128] RIP: 0033:0x7f2673335d19
[   42.860667][ T4128] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   42.880378][ T4128] RSP: 002b:00007f26719a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[   42.888826][ T4128] RAX: ffffffffffffffda RBX: 00007f2673525fa0 RCX: 00007f2673335d19
[   42.896846][ T4128] RDX: 0000000000000010 RSI: 0000000020000000 RDI: 0000000000000003
[   42.904843][ T4128] RBP: 00007f26719a7090 R08: 0000000000000000 R09: 0000000000000000
[   42.912821][ T4128] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   42.920788][ T4128] R13: 0000000000000000 R14: 00007f2673525fa0 R15: 00007ffd3ec8f9d8
[   42.928753][ T4128]  </TASK>
[   42.979439][ T4133] loop4: detected capacity change from 0 to 512
[   42.993694][ T4133] EXT4-fs (loop4): VFS: Can't find ext4 filesystem
[   43.011861][ T4133] program syz.4.234 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   43.021812][ T4137] loop2: detected capacity change from 0 to 512
[   43.039688][ T4137] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2842e028, mo2=0002]
[   43.047942][ T4137] System zones: 1-12
[   43.052296][ T4137] EXT4-fs error (device loop2): ext4_get_branch:178: inode #11: block 33261: comm syz.2.231: invalid block
[   43.064543][ T4137] EXT4-fs (loop2): Remounting filesystem read-only
[   43.071324][ T4137] EXT4-fs (loop2): 1 truncate cleaned up
[   43.073327][ T4140] loop3: detected capacity change from 0 to 2048
[   43.077743][ T4137] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   43.095717][ T4137] SELinux: (dev loop2, type ext4) getxattr errno 5
[   43.102583][ T4137] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.124343][ T4140] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   43.207066][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.242075][ T4148] loop0: detected capacity change from 0 to 512
[   43.251693][ T4150] loop3: detected capacity change from 0 to 2048
[   43.262341][ T4148] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2842e028, mo2=0002]
[   43.272752][ T4148] System zones: 1-12
[   43.277025][ T4148] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.237: invalid indirect mapped block 8 (level 2)
[   43.291111][ T4148] EXT4-fs (loop0): Remounting filesystem read-only
[   43.297757][ T4148] EXT4-fs (loop0): 1 truncate cleaned up
[   43.307182][ T4148] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   43.314691][ T4153] loop2: detected capacity change from 0 to 2048
[   43.321872][ T4150] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   43.326203][ T4148] SELinux: (dev loop0, type ext4) getxattr errno 5
[   43.344557][ T4148] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.376034][ T4153] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   43.401636][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.433551][ T4161] loop2: detected capacity change from 0 to 512
[   43.451279][ T4161] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[   43.482569][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.542879][ T4161] EXT4-fs error (device loop2): ext4_acquire_dquot:6938: comm syz.2.242: Failed to acquire dquot type 0
[   43.547616][ T4168] loop3: detected capacity change from 0 to 2048
[   43.560662][ T4161] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1145: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   43.564128][ T4170] loop0: detected capacity change from 0 to 128
[   43.582924][ T4161] EXT4-fs (loop2): 1 truncate cleaned up
[   43.588873][ T4161] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.602421][ T4168] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   43.626500][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.648039][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.814022][ T4189] loop0: detected capacity change from 0 to 512
[   43.831501][ T4189] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2842e028, mo2=0002]
[   43.856803][ T4189] System zones: 1-12
[   43.891000][ T4189] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.250: invalid indirect mapped block 8 (level 2)
[   43.910450][ T4191] loop4: detected capacity change from 0 to 2048
[   43.919838][ T4194] loop3: detected capacity change from 0 to 2048
[   43.938365][ T4189] EXT4-fs (loop0): Remounting filesystem read-only
[   43.945086][ T4189] EXT4-fs (loop0): 1 truncate cleaned up
[   43.945799][ T4191] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   43.951008][ T4189] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   44.013808][ T4189] SELinux: (dev loop0, type ext4) getxattr errno 5
[   44.070898][ T4204] loop4: detected capacity change from 0 to 2048
[   44.167322][ T4217] loop3: detected capacity change from 0 to 512
[   44.187783][ T4217] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
[   44.204704][ T4217] program syz.3.262 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   44.260292][ T4222] vlan2: entered allmulticast mode
[   44.282439][ T4231] syz.1.266: attempt to access beyond end of device
[   44.282439][ T4231] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   44.302251][ T4232] loop2: detected capacity change from 0 to 512
[   44.311098][ T4232] EXT4-fs: Ignoring removed oldalloc option
[   44.317049][ T4232] EXT4-fs: Ignoring removed i_version option
[   44.331969][ T4232] EXT4-fs error (device loop2): ext4_expand_extra_isize_ea:2813: inode #11: comm syz.2.256: corrupted xattr block 95: invalid header
[   44.346463][ T4232] EXT4-fs (loop2): Remounting filesystem read-only
[   44.353108][ T4232] EXT4-fs warning (device loop2): ext4_evict_inode:259: couldn't mark inode dirty (err -5)
[   44.363786][ T4232] EXT4-fs (loop2): 1 orphan inode deleted
[   44.389384][ T4232] SELinux: (dev loop2, type ext4) getxattr errno 5
[   44.400571][ T4235] loop4: detected capacity change from 0 to 1024
[   44.438230][ T4235] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   44.492812][ T4242] loop4: detected capacity change from 0 to 1024
[   44.501318][ T4242] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   44.558550][ T4242] 9pnet: Could not find request transport: f
[   44.653592][ T4259] syz.1.276[4259] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   44.653675][ T4259] syz.1.276[4259] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   44.691623][ T4259] syz.1.276[4259] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   44.710351][ T4263] loop2: detected capacity change from 0 to 8192
[   44.730150][ T4264] validate_nla: 2 callbacks suppressed
[   44.730161][ T4264] netlink: 'syz.0.275': attribute type 10 has an invalid length.
[   44.743793][ T4264] team0: Device hsr_slave_0 failed to register rx_handler
[   44.767841][ T4263]  loop2: p1 p2 p3 p4
[   44.771949][ T4263] loop2: p1 start 17760256 is beyond EOD, truncated
[   44.778681][ T4263] loop2: p2 size 64053 extends beyond EOD, truncated
[   44.785700][ T4263] loop2: p3 start 458496 is beyond EOD, truncated
[   44.792271][ T4263] loop2: p4 size 50331648 extends beyond EOD, truncated
[   44.832939][ T4271] FAULT_INJECTION: forcing a failure.
[   44.832939][ T4271] name failslab, interval 1, probability 0, space 0, times 0
[   44.845724][ T4271] CPU: 1 UID: 0 PID: 4271 Comm: syz.2.280 Not tainted 6.13.0-rc2-syzkaller-00192-g243f750a2df0 #0
[   44.856373][ T4271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   44.866415][ T4271] Call Trace:
[   44.869679][ T4271]  <TASK>
[   44.872607][ T4271]  dump_stack_lvl+0xf2/0x150
[   44.877076][ T4272] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[   44.877248][ T4271]  dump_stack+0x15/0x1a
[   44.888655][ T4271]  should_fail_ex+0x223/0x230
[   44.893362][ T4271]  should_failslab+0x8f/0xb0
[   44.898011][ T4271]  kmem_cache_alloc_lru_noprof+0x57/0x320
[   44.903717][ T4271]  ? shmem_alloc_inode+0x34/0x50
[   44.908748][ T4271]  shmem_alloc_inode+0x34/0x50
[   44.913512][ T4271]  ? __pfx_shmem_alloc_inode+0x10/0x10
[   44.919043][ T4271]  alloc_inode+0x3c/0x160
[   44.923389][ T4271]  new_inode+0x1e/0x100
[   44.927545][ T4271]  shmem_get_inode+0x24e/0x730
[   44.932293][ T4271]  __shmem_file_setup+0x127/0x1f0
[   44.937299][ T4271]  shmem_file_setup+0x3b/0x50
[   44.942041][ T4271]  __se_sys_memfd_create+0x31d/0x5c0
[   44.947318][ T4271]  __x64_sys_memfd_create+0x31/0x40
[   44.952570][ T4271]  x64_sys_call+0x2d4c/0x2dc0
[   44.957239][ T4271]  do_syscall_64+0xc9/0x1c0
[   44.961726][ T4271]  ? clear_bhb_loop+0x55/0xb0
[   44.966474][ T4271]  ? clear_bhb_loop+0x55/0xb0
[   44.971149][ T4271]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   44.977027][ T4271] RIP: 0033:0x7f06afca5d19
[   44.981432][ T4271] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   45.001083][ T4271] RSP: 002b:00007f06ae310e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   45.009875][ T4271] RAX: ffffffffffffffda RBX: 000000000000048f RCX: 00007f06afca5d19
[   45.017911][ T4271] RDX: 00007f06ae310ef0 RSI: 0000000000000000 RDI: 00007f06afd22381
[   45.025874][ T4271] RBP: 0000000020000940 R08: 00007f06ae310bb7 R09: 00007f06ae310e40
[   45.033831][ T4271] R10: 000000000000000a R11: 0000000000000202 R12: 0000000020000000
[   45.041790][ T4271] R13: 00007f06ae310ef0 R14: 00007f06ae310eb0 R15: 0000000020000240
[   45.049833][ T4271]  </TASK>
[   45.164520][ T4289] loop2: detected capacity change from 0 to 512
[   45.173423][ T4289] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2842e028, mo2=0002]
[   45.181812][ T4289] System zones: 1-12
[   45.186139][ T4289] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.285: invalid indirect mapped block 8 (level 2)
[   45.199632][ T4289] EXT4-fs (loop2): Remounting filesystem read-only
[   45.206395][ T4289] EXT4-fs (loop2): 1 truncate cleaned up
[   45.213268][ T4289] SELinux: (dev loop2, type ext4) getxattr errno 5
[   45.244918][ T4292] syz.3.289: attempt to access beyond end of device
[   45.244918][ T4292] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   45.261807][ T4292] loop3: detected capacity change from 0 to 512
[   45.281138][ T4292] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002]
[   45.289746][ T4292] System zones: 0-2, 18-18, 34-34
[   45.295530][ T4292] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.289: bg 0: block 248: padding at end of block bitmap is not set
[   45.310313][ T4292] EXT4-fs error (device loop3): ext4_acquire_dquot:6938: comm syz.3.289: Failed to acquire dquot type 1
[   45.322342][ T4292] EXT4-fs (loop3): 1 truncate cleaned up
[   45.328958][ T4292] ext4 filesystem being mounted at /58/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   45.344099][ T4292] syz.3.289 (4292) used greatest stack depth: 9296 bytes left
[   45.393578][ T4310] syz.3.290: attempt to access beyond end of device
[   45.393578][ T4310] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   45.411723][ T4310] loop3: detected capacity change from 0 to 512
[   45.428552][ T4310] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002]
[   45.436661][ T4310] System zones: 0-2, 18-18, 34-34
[   45.442639][ T4310] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.290: bg 0: block 248: padding at end of block bitmap is not set
[   45.465981][ T4310] EXT4-fs error (device loop3): ext4_acquire_dquot:6938: comm syz.3.290: Failed to acquire dquot type 1
[   45.508101][ T4330] loop0: detected capacity change from 0 to 512
[   45.519509][ T4330] EXT4-fs (loop0): VFS: Can't find ext4 filesystem
[   45.526108][ T4310] EXT4-fs (loop3): 1 truncate cleaned up
[   45.532314][ T4310] ext4 filesystem being mounted at /59/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   45.559994][ T4330] program syz.0.291 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   45.657293][ T4357] syz.4.299: attempt to access beyond end of device
[   45.657293][ T4357] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   45.687286][ T4360] syz.1.300: attempt to access beyond end of device
[   45.687286][ T4360] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   45.706281][   T29] kauditd_printk_skb: 1033 callbacks suppressed
[   45.706294][   T29] audit: type=1326 audit(1734130438.610:2760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4358 comm="syz.1.300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f031cc25d19 code=0x7ffc0000
[   45.796964][   T29] audit: type=1326 audit(1734130438.700:2761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4377 comm="syz.4.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcc5835d19 code=0x7ffc0000
[   45.832777][   T29] audit: type=1400 audit(1734130438.700:2763): avc:  denied  { name_connect } for  pid=4381 comm="syz.1.304" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[   45.853060][   T29] audit: type=1400 audit(1734130438.700:2764): avc:  denied  { shutdown } for  pid=4381 comm="syz.1.304" laddr=fe80::10 lport=42068 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   45.853142][   T29] audit: type=1326 audit(1734130438.700:2762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4377 comm="syz.4.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcc5835d19 code=0x7ffc0000
[   45.898678][   T29] audit: type=1326 audit(1734130438.730:2765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4377 comm="syz.4.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efcc5835d19 code=0x7ffc0000
[   45.898702][   T29] audit: type=1326 audit(1734130438.730:2766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4377 comm="syz.4.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcc5835d19 code=0x7ffc0000
[   45.898768][   T29] audit: type=1326 audit(1734130438.730:2767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4377 comm="syz.4.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efcc5835d19 code=0x7ffc0000
[   45.898788][   T29] audit: type=1326 audit(1734130438.730:2768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4377 comm="syz.4.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcc5835d19 code=0x7ffc0000
[   45.898834][   T29] audit: type=1326 audit(1734130438.730:2769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4377 comm="syz.4.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcc5835d19 code=0x7ffc0000
[   46.022461][ T4387] netlink: 'syz.3.302': attribute type 10 has an invalid length.
[   46.040653][ T4387] team0: Device hsr_slave_0 failed to register rx_handler
[   46.111607][ T4401] syz.2.311: attempt to access beyond end of device
[   46.111607][ T4401] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   46.132448][ T4401] loop2: detected capacity change from 0 to 512
[   46.148339][ T4401] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002]
[   46.156453][ T4401] System zones: 0-2, 18-18, 34-34
[   46.162591][ T4401] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.311: bg 0: block 248: padding at end of block bitmap is not set
[   46.177802][ T4401] EXT4-fs error (device loop2): ext4_acquire_dquot:6938: comm syz.2.311: Failed to acquire dquot type 1
[   46.180789][ T4414] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[   46.206508][ T4401] EXT4-fs (loop2): 1 truncate cleaned up
[   46.214601][ T4401] ext4 filesystem being mounted at /71/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   46.232787][ T4419] syz.4.313: attempt to access beyond end of device
[   46.232787][ T4419] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   46.324117][ T4437] __nla_validate_parse: 30 callbacks suppressed
[   46.324130][ T4437] netlink: 24 bytes leftover after parsing attributes in process `syz.4.316'.
[   46.425105][ T4454] netlink: 24 bytes leftover after parsing attributes in process `syz.4.320'.
[   46.504588][ T4466] loop4: detected capacity change from 0 to 1024
[   46.511909][ T4466] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   46.530324][ T4467] loop0: detected capacity change from 0 to 512
[   46.544076][ T4471] loop2: detected capacity change from 0 to 512
[   46.549989][ T4467] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2842e028, mo2=0002]
[   46.558561][ T4467] System zones: 1-12
[   46.563861][ T4467] EXT4-fs error (device loop0): ext4_get_branch:178: inode #11: block 33261: comm syz.0.323: invalid block
[   46.564085][ T4471] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2842e028, mo2=0002]
[   46.578752][ T4467] EXT4-fs (loop0): Remounting filesystem read-only
[   46.589981][ T4467] EXT4-fs (loop0): 1 truncate cleaned up
[   46.595976][ T4467] SELinux: (dev loop0, type ext4) getxattr errno 5
[   46.601815][ T4471] System zones: 1-12
[   46.606854][ T4471] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.324: invalid indirect mapped block 8 (level 2)
[   46.621540][ T4471] EXT4-fs (loop2): Remounting filesystem read-only
[   46.628301][ T4471] EXT4-fs (loop2): 1 truncate cleaned up
[   46.645983][ T4471] SELinux: (dev loop2, type ext4) getxattr errno 5
[   46.654852][ T4474] loop4: detected capacity change from 0 to 2048
[   46.747676][ T4484] loop3: detected capacity change from 0 to 1024
[   46.758361][ T4482] netlink: 132 bytes leftover after parsing attributes in process `syz.4.330'.
[   46.760861][ T4484] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   46.804104][ T4488] netlink: 24 bytes leftover after parsing attributes in process `syz.4.333'.
[   46.828883][ T4484] 9pnet_fd: Insufficient options for proto=fd
[   46.870941][ T4495] loop4: detected capacity change from 0 to 1024
[   46.887066][ T4495] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   46.899120][ T4497] loop3: detected capacity change from 0 to 2048
[   46.947750][ T4495] 9pnet: Could not find request transport: f
[   46.987439][ T4509] netlink: 348 bytes leftover after parsing attributes in process `syz.4.339'.
[   46.998663][ T4509] syz.4.339: attempt to access beyond end of device
[   46.998663][ T4509] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   47.017784][ T4511] loop3: detected capacity change from 0 to 1024
[   47.033183][ T4511] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   47.071479][ T4511] 9pnet: Could not find request transport: f
[   47.096922][ T4520] netlink: 132 bytes leftover after parsing attributes in process `syz.1.343'.
[   47.117289][ T4518] loop2: detected capacity change from 0 to 2048
[   47.139373][ T4518] netlink: 12 bytes leftover after parsing attributes in process `syz.2.341'.
[   47.228276][ T4522] netlink: 40 bytes leftover after parsing attributes in process `syz.3.344'.
[   47.254871][ T4535] syz.2.347[4535] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   47.254910][ T4535] syz.2.347[4535] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   47.266468][ T4535] syz.2.347[4535] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   47.651963][ T4540] loop0: detected capacity change from 0 to 1024
[   47.670383][ T4540] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   47.696682][ T4540] 9pnet: Could not find request transport: f
[   47.728158][ T4545] loop0: detected capacity change from 0 to 2048
[   47.763445][ T4549] netlink: 24 bytes leftover after parsing attributes in process `syz.0.351'.
[   47.816576][ T4553] loop0: detected capacity change from 0 to 512
[   47.828904][ T4553] ext4 filesystem being mounted at /64/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   47.939117][ T4561] netlink: 132 bytes leftover after parsing attributes in process `syz.4.355'.
[   48.070756][ T4578] loop3: detected capacity change from 0 to 512
[   48.093537][ T4578] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2842e028, mo2=0002]
[   48.116695][ T4578] System zones: 1-12
[   48.125126][ T4578] EXT4-fs error (device loop3): ext4_get_branch:178: inode #11: block 33261: comm syz.3.361: invalid block
[   48.161902][ T4578] EXT4-fs (loop3): Remounting filesystem read-only
[   48.168618][ T4578] EXT4-fs (loop3): 1 truncate cleaned up
[   48.174726][ T4578] SELinux: (dev loop3, type ext4) getxattr errno 5
[   48.764443][ T4614] syz.2.375[4614] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   48.764481][ T4614] syz.2.375[4614] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   48.776089][ T4614] syz.2.375[4614] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   48.958455][ T4628] loop0: detected capacity change from 0 to 2048
[   49.509371][ T4647] FAULT_INJECTION: forcing a failure.
[   49.509371][ T4647] name failslab, interval 1, probability 0, space 0, times 0
[   49.522082][ T4647] CPU: 1 UID: 0 PID: 4647 Comm: syz.0.387 Not tainted 6.13.0-rc2-syzkaller-00192-g243f750a2df0 #0
[   49.532700][ T4647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   49.542818][ T4647] Call Trace:
[   49.546110][ T4647]  <TASK>
[   49.549038][ T4647]  dump_stack_lvl+0xf2/0x150
[   49.553709][ T4647]  dump_stack+0x15/0x1a
[   49.557959][ T4647]  should_fail_ex+0x223/0x230
[   49.562664][ T4647]  should_failslab+0x8f/0xb0
[   49.567315][ T4647]  __kmalloc_node_track_caller_noprof+0xa8/0x410
[   49.573649][ T4647]  ? kstrdup_const+0x3e/0x50
[   49.578318][ T4647]  kstrdup+0x38/0x80
[   49.582237][ T4647]  kstrdup_const+0x3e/0x50
[   49.586678][ T4647]  __kernfs_new_node+0x41/0x380
[   49.591537][ T4647]  kernfs_create_dir_ns+0xc8/0x1b0
[   49.596717][ T4647]  cgroup_mkdir+0x24c/0xc60
[   49.601225][ T4647]  ? __pfx_cgroup_mkdir+0x10/0x10
[   49.606380][ T4647]  kernfs_iop_mkdir+0x12f/0x1f0
[   49.611244][ T4647]  vfs_mkdir+0x1f4/0x320
[   49.615571][ T4647]  do_mkdirat+0x12f/0x2b0
[   49.619912][ T4647]  __x64_sys_mkdirat+0x4e/0x60
[   49.624708][ T4647]  x64_sys_call+0x1b6f/0x2dc0
[   49.629406][ T4647]  do_syscall_64+0xc9/0x1c0
[   49.633965][ T4647]  ? clear_bhb_loop+0x55/0xb0
[   49.638637][ T4647]  ? clear_bhb_loop+0x55/0xb0
[   49.643342][ T4647]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   49.649251][ T4647] RIP: 0033:0x7f3469085d19
[   49.653670][ T4647] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   49.673309][ T4647] RSP: 002b:00007f34676af038 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[   49.682196][ T4647] RAX: ffffffffffffffda RBX: 00007f3469276160 RCX: 00007f3469085d19
[   49.690164][ T4647] RDX: 00000000000001ff RSI: 0000000020000000 RDI: ffffffffffffff9c
[   49.698242][ T4647] RBP: 00007f34676af090 R08: 0000000000000000 R09: 0000000000000000
[   49.706232][ T4647] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   49.714198][ T4647] R13: 0000000000000001 R14: 00007f3469276160 R15: 00007ffe7d8f78f8
[   49.722167][ T4647]  </TASK>
[   49.966957][ T4655] loop3: detected capacity change from 0 to 512
[   49.992192][ T4656] syzkaller0: entered allmulticast mode
[   50.001375][ T4655] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2842e028, mo2=0002]
[   50.015346][ T4659] loop2: detected capacity change from 0 to 512
[   50.025386][ T4655] System zones: 1-12
[   50.036865][ T4659] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2842e028, mo2=0002]
[   50.075416][ T4661] syzkaller0 (unregistering): left allmulticast mode
[   50.083182][ T4655] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.389: invalid indirect mapped block 8 (level 2)
[   50.096885][ T4659] System zones: 1-12
[   50.101912][ T4659] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.390: invalid indirect mapped block 8 (level 2)
[   50.117275][ T4655] EXT4-fs (loop3): Remounting filesystem read-only
[   50.124460][ T4659] EXT4-fs (loop2): Remounting filesystem read-only
[   50.131290][ T4655] EXT4-fs (loop3): 1 truncate cleaned up
[   50.137009][ T4659] EXT4-fs (loop2): 1 truncate cleaned up
[   50.143357][ T4655] SELinux: (dev loop3, type ext4) getxattr errno 5
[   50.150853][ T4659] SELinux: (dev loop2, type ext4) getxattr errno 5
[   50.311245][ T4670] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   50.318764][ T4670] batman_adv: batadv0: Removing interface: batadv_slave_0
[   50.345677][ T4670] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   50.353258][ T4670] batman_adv: batadv0: Removing interface: batadv_slave_1
[   50.467991][ T4674] syz.2.396: attempt to access beyond end of device
[   50.467991][ T4674] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   50.529453][ T4674] loop2: detected capacity change from 0 to 512
[   50.899183][ T4674] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002]
[   50.965688][ T4674] System zones: 0-2, 18-18, 34-34
[   51.028644][ T4674] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.396: bg 0: block 248: padding at end of block bitmap is not set
[   51.063705][ T4700] loop0: detected capacity change from 0 to 1024
[   51.098563][ T4674] __quota_error: 825 callbacks suppressed
[   51.098632][ T4674] Quota error (device loop2): write_blk: dquota write failed
[   51.108994][ T4700] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   51.111915][ T4674] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[   51.132760][ T4674] EXT4-fs error (device loop2): ext4_acquire_dquot:6938: comm syz.2.396: Failed to acquire dquot type 1
[   51.149766][ T4674] EXT4-fs (loop2): 1 truncate cleaned up
[   51.155884][ T4674] ext4 filesystem being mounted at /89/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   51.207444][   T29] audit: type=1326 audit(1734130444.100:3593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4673 comm="syz.2.396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06afca5d19 code=0x7ffc0000
[   51.230883][   T29] audit: type=1326 audit(1734130444.100:3594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4673 comm="syz.2.396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06afca5d19 code=0x7ffc0000
[   51.301107][ T4700] 9pnet: Could not find request transport: f
[   51.581393][ T4736] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[   51.640612][   T29] audit: type=1400 audit(1734130444.520:3595): avc:  granted  { setsecparam } for  pid=4738 comm="syz.1.409" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[   51.773586][ T4748] program syz.1.412 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   51.796662][ T4749] loop2: detected capacity change from 0 to 512
[   51.814356][ T4749] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2842e028, mo2=0002]
[   51.822355][ T4749] System zones: 1-12
[   51.826669][ T4749] EXT4-fs error (device loop2): ext4_get_branch:178: inode #11: block 33261: comm syz.2.410: invalid block
[   51.838274][ T4749] EXT4-fs (loop2): Remounting filesystem read-only
[   51.844935][ T4749] EXT4-fs (loop2): 1 truncate cleaned up
[   51.850957][ T4749] SELinux: (dev loop2, type ext4) getxattr errno 5
[   52.187660][   T29] audit: type=1400 audit(1734130445.100:3596): avc:  denied  { bind } for  pid=4752 comm="syz.0.413" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   52.228175][   T29] audit: type=1400 audit(1734130445.140:3597): avc:  denied  { read } for  pid=4752 comm="syz.0.413" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   52.486909][ T4757] ==================================================================
[   52.495010][ T4757] BUG: KCSAN: data-race in rxrpc_input_call_event / rxrpc_send_data
[   52.503000][ T4757] 
[   52.505307][ T4757] write to 0xffff8881196faf74 of 4 bytes by task 4758 on cpu 0:
[   52.512911][ T4757]  rxrpc_input_call_event+0x8ef/0x12e0
[   52.518358][ T4757]  rxrpc_io_thread+0x30e/0x1fb0
[   52.523206][ T4757]  kthread+0x1d1/0x210
[   52.527255][ T4757]  ret_from_fork+0x4b/0x60
[   52.531650][ T4757]  ret_from_fork_asm+0x1a/0x30
[   52.536393][ T4757] 
[   52.538697][ T4757] read to 0xffff8881196faf74 of 4 bytes by task 4757 on cpu 1:
[   52.546220][ T4757]  rxrpc_send_data+0x889/0x1820
[   52.551063][ T4757]  rxrpc_do_sendmsg+0xb92/0xc30
[   52.555911][ T4757]  rxrpc_sendmsg+0x417/0x520
[   52.560485][ T4757]  __sock_sendmsg+0x140/0x180
[   52.565155][ T4757]  ____sys_sendmsg+0x312/0x410
[   52.569919][ T4757]  __sys_sendmsg+0x19d/0x230
[   52.574491][ T4757]  __x64_sys_sendmsg+0x46/0x50
[   52.579238][ T4757]  x64_sys_call+0x2734/0x2dc0
[   52.583917][ T4757]  do_syscall_64+0xc9/0x1c0
[   52.588400][ T4757]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.594319][ T4757] 
[   52.596622][ T4757] value changed: 0x00000001 -> 0x00000004
[   52.602317][ T4757] 
[   52.604621][ T4757] Reported by Kernel Concurrency Sanitizer on:
[   52.610746][ T4757] CPU: 1 UID: 0 PID: 4757 Comm: syz.3.414 Not tainted 6.13.0-rc2-syzkaller-00192-g243f750a2df0 #0
[   52.621313][ T4757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   52.631348][ T4757] ==================================================================