last executing test programs:

29.696042389s ago: executing program 3 (id=376):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'veth1_to_team\x00', 0x2})
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000140)={'geneve0\x00', 0x400})
socket(0xf, 0x804, 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_emit_ethernet(0xce, &(0x7f0000000b00)={@local, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "7428dd", 0x98, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x2, 0x0, 0x0, 0x20000, 0x1000000, [{0x1, 0xc, "23d13a9528da89ca8687857fa1c05623e430a7e05df65bb50a75504311ee5de0f521d4ef8bdff765650746569fc64eab97bd29f1573ea4d0bf29234512d00dd30ae604dd40e3c151fd4d595866b48657d2cb4ed8721f45e586a02af6449001"}, {0x5, 0x4, "ef1dc0373c7ae5822ff95684d179152a6da7097d9a664860876ec7127430d92386b1dae46b"}]}}}}}}, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'rose0\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="2000000011000100"/20, @ANYRES32=r2], 0x20}}, 0x0)
syz_clone3(&(0x7f0000000280)={0x101214240, &(0x7f0000000040), &(0x7f00000000c0), &(0x7f0000000180)=<r4=>0x0, {0x30}, &(0x7f0000000340)=""/4096, 0x1000, &(0x7f0000001340)=""/4096, &(0x7f0000000200)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0], 0xa}, 0x58)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000f6ff850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r5}, 0x10)
r6 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
r7 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r7, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$FOU_CMD_ADD(r7, &(0x7f0000002440)={&(0x7f0000002380)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000002400)={&(0x7f00000023c0)={0x28, 0x0, 0x10, 0x70bd25, 0x25dfdbff, {}, [@FOU_ATTR_LOCAL_V6={0x14, 0x7, @mcast1}]}, 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x8005)
r8 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
r9 = add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc1}, &(0x7f0000000480)={0x0, "6035ae1e0fe721441705322225930e6c1e3e2a51a92fd796bc34d7cf6e0236805b4377f7ab1a9b01c103a4c6a7ef54e6763fd7264c39ea00c508ba6062696138"}, 0x48, 0xfffffffffffffffe)
keyctl$KEYCTL_MOVE(0x4, r9, r8, 0x0, 0x0)
keyctl$KEYCTL_MOVE(0x4, r6, r6, 0x0, 0x0)
syz_open_procfs(r4, &(0x7f0000002340)='pagemap\x00')

29.666645838s ago: executing program 3 (id=377):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000d8d60b007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r5, &(0x7f0000000040)=@pppol2tp={0x18, 0x1, {0x0, r6, {0x2, 0x0, @local}, 0x2}}, 0x26) (fail_nth: 2)

28.383503397s ago: executing program 3 (id=382):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x0, 0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
sendto$inet(0xffffffffffffffff, 0x0, 0xffffffffffffff7c, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
close(0xffffffffffffffff)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='qdisc_reset\x00', r1}, 0x10)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c0001000500000003000000080005", @ANYRES32=r3, @ANYBLOB='\b\x00\n\x00', @ANYRESOCT], 0xb4}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x3, 0xd, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000000000000000000000000000851000000100000095000000000000001800000020646c2500000000002020207b1af8ff00000000bd21ffff0000000007010000f8ffffffb502020008040000b70300000000000085000000a400000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x2, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="180200001000000000000000000000001801000020696c2500000000002020207b2af8ff00000000bfa100000000000007010000f8ffffffb702000008000040b7030000000000008500000006000000870000000000000095"], &(0x7f0000000180)='GPL\x00', 0x2, 0xd2, &(0x7f0000000040)=""/210, 0x0, 0x10, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
setsockopt$inet_opts(r5, 0x0, 0x4, 0x0, 0x0)
setsockopt$SO_BINDTODEVICE_wg(r5, 0x1, 0x19, &(0x7f00000003c0)='wg1\x00', 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_clone(0x0, 0x0, 0x9000, 0x0, 0x0, 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x1a1282, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000000314010000000000000000000900020073797a2f000000000800410072786500140033007465616d5f736c6176655f30"], 0x38}}, 0x0)
connect$inet(r5, &(0x7f0000000440)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r5, &(0x7f0000007fc0), 0x800001d, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18090000002300810000000000000000850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r8 = socket$igmp6(0xa, 0x3, 0x2)
sendmsg$inet6(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000f40)=[{&(0x7f0000000040)="9ba9b2ba48906611693e8d4bca7330f048c6f829b4a69184501ee6e4a9d0c2aba09c6bbb44e47d93535738bc01f71f39b1a4d66758d55f991938ee915001def11bc58154b1c4f9048bd35bb703cb801ef380136a7a0d46012df63fbfcb42a98847d4489d6611903612f7085db78d05f6e0f9fc7232091275b42850ad865f160b11", 0x81}, {&(0x7f00000008c0)="23936dbcd5820deb5e88c276153a3c90a4474ad83e7c5c401f0c6ea41f4e6011d24278929f989434418b4323d5aeb9e14d800a5b160a5759251e0ea5f7b3827e6ed48fb389f3cace0ddfc5965651cd87f0af9eb726da0a949bff024e48623e09716a549396ba0e9d0e84cbb2e407ef6fe7dffbd36acbb1f9e8ce7a760ea74126ac66062f583c82c9062516b55ae80ed067df24803bf87d68d71dbc514e38398d4686da1b87d08ff65899c5b00a628941d007b4291b5a5a4d59ca9fefe9ad9c77e6dc237aee7af8120b23f4c8da8a1eeebf9a69373a024573e5c617e1a0737a7f7de8dea49dcba5c7e56a7b1d80893894f6cbd3561973328eaf604212225b4c8d57f13dedae1e", 0x106}, {&(0x7f0000000480)="0767c7a3c881dfccb4f9dbb8c622aac790dfc9c65324da9449a77fd8f467eda963563c252a8ffd044b77c3698ee3ce3bc5a14d38966f4b2c1e10ba2dfd4aedcaf0814a80aed249a36b74f8a40ed9001b33adfecc80e668b05ab443137eeaf5bd2d513fdfebc3468ad04cd76946f182323ee26379a10ce1d900eb0afa0bcb4977d4f9e469a08c561b3fdbe42039efc25ef519ef903a09f40ba0d79ac9e0e1b91ba9739bc2d391b5e2fe564551dba2790a47c4601aef7792d7efb889a0b697", 0xbe}, {&(0x7f0000001000)="3d5e976d1d7c59ade9cf175eb93dc1d72d75fedd656236cfa152d8b82a278c803545202cf95f98a95907248d1857680460d61f1220b000e0ada16585a91700b4f917e415e6c3b6711dd4867ac7f153b48411497daef87ef367cac9ee4566dbbcc2fe9b99d4dbac4be8f79035dc54a7f61c1ce39f86d0f61473528f7fa88f1cc1fdd0e126caa30637d40aebae091b91ea097a3fb88cbb63c4130f36be74b37bcde5345b45e31e71d4e34d2f0a8b8fc2bf407b5e8accb27201000000a92b34a00e820ae35c3e772360f6ccf8459edbf70a43abb0a2b0d0aa587e83d87ae86c40b9d63bfe70170fb913f31c0d65ab0f6b57b8bcf0c9d175ad41ffcd99afea52fc4d12c526b24a2ed5d810d5011526aabf3375d4db81ce4eecb32ba386930103a7783d3215fb9d0a161b22aa14044ef8b7be35492fb6da382202f1fdb04a27805bbf5ba1f37a78", 0x145}, {&(0x7f0000000640)="2de780f08f7dbd8080b093bac0084fd34b966e2adf0d00db28d7c4b9e46a9a32d3605b4e955864c6eef327b831c8801d47d869beaba7915dc097d6f31b72690219c20000000000000000", 0x4a}, {&(0x7f00000006c0)="9865328c00d15d7a8a91c060944aa89fcf7b7f6fa20681efc94ffa77bbc54de3fc13e41eb63c8a27efebf2b67ae8f1c7a67640def36f26f94a5989059078482ae5d10bceda9d8ccb7bbe156da2d09cea7f1c9b2d8a67341153be5afaa6da9b48ee4675aef90d532d0ef5a2f8099d66d81e22dfc55cf765182564af9525088d987b92311b2a0650cc7ce65d65e4c8af3c19a4c40d8692da", 0x37}, {&(0x7f0000000780)="60527fd6a3b11d2275d596a5613754a1c184aa46be1ce229f9d3d2f6a30ec080db9977c94cca2868b3a571ef5fa1b2ad05c42d39caeb35b9d2d3fbd43bc86b14252f2144a8a70f102bcd8a54af148b53f6fd08a34dbde6c01d9b61c8e05183a59dcb0ca65d832da5cebb570ae01d6e8aec0c3621584c586f92a78ade37c0b05a3212384c75cf2c4fb1c58fcfffe18872a9019c48dda44c0173bb3dc95d3b28d098931c6bd5a1d8e508a768fdf5cf114b0e831d748d2eed9c4329a2611753bc", 0xbf}, {&(0x7f0000000240)="d95e3fab0e45b297d9263fdc875e1832e3ed785481402971ade02456fe87484c24fc7512206a3c8859570b7c", 0x2c}, {&(0x7f00000002c0)="a56a0912d1d34e6ad1222c0c25941f2944fa00dca2e47c2e07e4288c1cc6626db20979431ec871a736e24526708208b948992fb1321a736c66a805b5e363e9f329c33ee4c1683146b625ae30152a4850a4a3b2e13018fd7c73377c0f005894aaf23e51cda50d9333342022230acd453def65ecf3bf0005814b6e6e8c483d3a1fa95030b7144d5c329dee6abcf580ab143d1274c145c1e784d28749a551dec653f978a19c9f", 0xa5}], 0x9}, 0x800)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='kfree\x00', r7}, 0x18)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f0000000440)={[{@usrquota}, {@noquota}, {@grpid}]}, 0x1, 0x4c4, &(0x7f0000000a40)="$eJzs3ctrW1caAPBPku3YjmfymGFIMjAJZCDzIJYfDLFnZjOrmVkEhgl000Lq2oqbWraMJaexCdRpd1l0UVpaKF1037+gm2bVUChdt/vSRUlpUxfaQkHlXkmJrViuKI7V+P5+cJNzH9J3jsV3OPfoXt0AMutM8k8uYiQiPoqII43V7Qecafy3ee/GbLLkol6/9GUuPS5Zbx3aet3hiNiIiMGI+P+/I57JPRy3ura+MFMul1aa68Xa4nKxurZ+/urizHxpvrQ0PnVhenpqbHJies/aeuvl525dfPe/A+98+9LdO6+8/15SrZHmvq3t2EuNpvfHsS3b+iLin48iWA8Umu0Z6nVF+FmSz+83EXE2zf8jUUg/TSAL6vV6/Yf6oU67N+rAgZVPx8C5/GhENMr5/OhoYwz/2xjOlyvV2l+vVFaX5hpj5aPRn79ytVwaa54rHI3+XLI+npYfrE+0rU9GpGPgVwtD6frobKU8t79dHdDmcFv+f1No5D+QEU75IbvkP2SX/Ifskv+QXfIfskv+Q3bJf8gu+Q/ZJf8hu+Q/ZJf8h0z638WLyVJv3f8+d21tdaFy7fxcqbowurg6OzpbWVkena9U5tN7dhZ/6v3Klcry+N9i9XqxVqrWitW19cuLldWl2uX0vv7Lpf59aRXQjWOnb3+Si4iNvw+lS2KguU+uwsFWr+ei1/cgA71R6HUHBPSMqT/ILuf4QPtP9LaPCwY7vXD5wXwh8HjJ97oCQM+cO+n7P8gq8/+QXeb/IbuM8YEdHtG3zW7z/8Djyfw/ZNtOz//61ZZnd41FxK8j4uNC/6HWs76AgyD/ea45/j935I8j7XsHct+lXxEMRMTzb156/fpMrbYynmz/6v722hvN7RNbXtjxhAHolVaetvIYAMiuzXs3ZlvLfsb94l+NixAejt/XnJscTL+jHN7MbbtWIbdH1y5s3IyIEzvFzzWfd944kRneLDyI90Ij/vFmPXKNt0jr25c+N/0Rx2/GPLkl/h+2xD+1B38XyILbSf8ztlP+5dOcjvv5t73/Gdmjayc693/5+/1foUP/d7rLGM++9eJnHePfjDi1Y/xWvME0Vnv8pG7nuox/96knftdpX/3txvvsFL8lKRVri8vF6tr6+fR35OZLS+NTF6anp8YmJ6aL6Rx1sTVT/bB/nPjwzm7tH+4Qf7f2J9v+3GX7v//9B0+e2SX+n87u/Pkf3yX+UET8pcv4X098+nSnfUn8uQ7tz+8SP9k22WX86mv/OdTloQDAPqiurS/M9EVpJS2UywoKCvtbuPnLqEZbodc9E/CoVdeSU/Mk6XtdEwAAAAAAAAAAAKBb+3E5ca/bCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwEPwYAAD//yvJ1G8=")

26.960485306s ago: executing program 3 (id=388):
signalfd(0xffffffffffffffff, &(0x7f0000000c80)={[0xfffffffffffffffe]}, 0x8)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x18, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_SET_RESERVED_SIZE(r1, 0x2275, &(0x7f0000000740)=0x1000400)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
socket$kcm(0x10, 0x3, 0x10)
socket$kcm(0xa, 0x1, 0x106)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a089, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_bp={0x0}, 0x2018, 0x0, 0x0, 0x8, 0x1000, 0x0, 0x6bd, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0xb, 0x1509, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, @perf_bp={0x0, 0xe}, 0x0, 0x4, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e5020000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
socket$kcm(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8020, 0x90000, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, @perf_config_ext={0x2, 0x6}, 0x1306, 0x6, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x55, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7f, 0x0, @perf_config_ext={0x407fff, 0xaea}, 0xb42ff518958a2011, 0x32, 0xfffffbff, 0x9, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2007}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x3e1200, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8264, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000100)}, 0x2018, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000001180), 0x802, 0x0)
socket$kcm(0x2c, 0x3, 0x0)
socket$kcm(0x23, 0x5, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='freezer.self_freezing\x00', 0x26e1, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000280)='ns/time_for_children\x00')
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYRES32, @ANYRES64=r4], 0x20)

26.572483198s ago: executing program 3 (id=391):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x5412, &(0x7f00000000c0)=0x13)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file2\x00', 0x200801f, &(0x7f00000006c0), 0x1, 0x509, &(0x7f0000001500)="$eJzs3U1vG3kZAPBnJnY3abM4CxyWldhdsYuSiq2TbOhuxGFZJASnlYDlXkLiRlGcuCRO20QVpOIDICEESFzgxAXBB0BC/QgIqRK9I0AgBC0cOBQG2R6HNLXz0jp2G/9+0r/z4pl5nqeRx/OfGXsCGFqvR8RURGRZll2MiFI+P81b7LZaY7kH928tNloSWfbh35NI8nntbb2QDy/kq41GxNe+HPHN5PG4m9s7qwvVamUjn56uryUPs2zn0srawnJlubI+Nzf7zvy785fnZ3pS50REvPfFP//wez//0nu/eevGH678derbrQJb9tfRVVY6cdxW6cXm/0VbISI2TrylZ1ehWWHL5QHnAgDA4RpHtB+NiE9FxMUoxUjzaA4AAAA4S7LPj8fDpHX9DwAAADib0ogYjyQt5/f7jkealsute3g/HufTam2z/pl9971ORDG9ulKtzOT3DkxEMWlMv5/fY9uefvvA9FxEvBQRPyiNNafLi7Xq0kDPfAAAAMDwuHCg//+vUqv/DwAAAJwxE4NOAAAAADh1B/v/IwPKAwAAADg9rv8DAADAmfaVDz5otKz9/Oul69tbq7Xrl5Yqm6vlta3F8mJt41p5uVZbbv5m39pR26vWatc+G+tbN6frlc369Ob2zpW12tZ6/crKI4/ABgAAAPropdfu3EsiYvdzY2lEZMm+14oR2SNfBSj0Pz/g9KQnWfhPp5cH0H++6gfDyyE9DK/ioBMABu6o/UDXm3d+2/tcAACA0zH5ib3r/80GDI/8+n+SPNnqv/xWT7MB+sn1fxhe5wadADAwxcOOAJ6wUwA8P9JjvNWf/vp/lp0oKQAAoOfGmy1Jy3k/YDzStFyOeLH5WIBicnWlWpmJiI9ExO9LxRca07PNNROnBwAAAAAAAAAAAAAAAAAAAAAAAADgmLIsiayLsb1lAAAAgOdZRPqXJH/+12TpzfGD5wfOJf8uRf6c0Bs/+fBHNxfq9Y3Zxvx/7M2v/zif/3a/z14AAAAAnbT76e1+PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD00oP7txbbrZ9x//aFiJjoFL8Qo83haBQj4vw/kyjsWy+JiJEexN+9HREvd4qfNNKKiTyLg/HTiBgbcPwLPYgPw+xOY//zfqf3XxqvN4ed33+FvD2t7vu/dG//N9Jl//dipw2mj8965e6vprvGvx3xSqHz/qcR/1yMNmN1iv/GMWv8xtd3drq9lv0sYrLj50/ySKzppHBtenN759LK2sJyZbmyPjc3+878u/OX52emr65UK/m/HWN8/5O//u9h9Z/vEn+iOexe/5vHrP8/d2/e/1hrtHjgpWL8NMum3uj893+5S/z2Z9+n8z93Y3qyPb7bGt/v1V/87tXXDql/qUv9o0fUP3XM+i9+9bt/POaiAEAfbG7vrC5Uq5UNI2dmpHFs9gyksW9krJ/5LMRhy7QPYvuQz3fyUKdf8r23Inq95QHulAAAgFPx/4P+QWcCAAAAAAAAAAAAAAAAAAAAw+uonwGLHvyc2MGYu4MpFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgUP8LAAD//1c4yxQ=")
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x138)
ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f00000002c0)=0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffdfc, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
ioctl$VT_DISALLOCATE(r0, 0x5608)

26.440093749s ago: executing program 3 (id=392):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x5412, &(0x7f00000000c0)=0x13)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file2\x00', 0x200801f, &(0x7f00000006c0), 0x1, 0x509, &(0x7f0000001500)="$eJzs3U1vG3kZAPBnJnY3abM4CxyWldhdsYuSiq2TbOhuxGFZJASnlYDlXkLiRlGcuCRO20QVpOIDICEESFzgxAXBB0BC/QgIqRK9I0AgBC0cOBQG2R6HNLXz0jp2G/9+0r/z4pl5nqeRx/OfGXsCGFqvR8RURGRZll2MiFI+P81b7LZaY7kH928tNloSWfbh35NI8nntbb2QDy/kq41GxNe+HPHN5PG4m9s7qwvVamUjn56uryUPs2zn0srawnJlubI+Nzf7zvy785fnZ3pS50REvPfFP//wez//0nu/eevGH678derbrQJb9tfRVVY6cdxW6cXm/0VbISI2TrylZ1ehWWHL5QHnAgDA4RpHtB+NiE9FxMUoxUjzaA4AAAA4S7LPj8fDpHX9DwAAADib0ogYjyQt5/f7jkealsute3g/HufTam2z/pl9971ORDG9ulKtzOT3DkxEMWlMv5/fY9uefvvA9FxEvBQRPyiNNafLi7Xq0kDPfAAAAMDwuHCg//+vUqv/DwAAAJwxE4NOAAAAADh1B/v/IwPKAwAAADg9rv8DAADAmfaVDz5otKz9/Oul69tbq7Xrl5Yqm6vlta3F8mJt41p5uVZbbv5m39pR26vWatc+G+tbN6frlc369Ob2zpW12tZ6/crKI4/ABgAAAPropdfu3EsiYvdzY2lEZMm+14oR2SNfBSj0Pz/g9KQnWfhPp5cH0H++6gfDyyE9DK/ioBMABu6o/UDXm3d+2/tcAACA0zH5ib3r/80GDI/8+n+SPNnqv/xWT7MB+sn1fxhe5wadADAwxcOOAJ6wUwA8P9JjvNWf/vp/lp0oKQAAoOfGmy1Jy3k/YDzStFyOeLH5WIBicnWlWpmJiI9ExO9LxRca07PNNROnBwAAAAAAAAAAAAAAAAAAAAAAAADgmLIsiayLsb1lAAAAgOdZRPqXJH/+12TpzfGD5wfOJf8uRf6c0Bs/+fBHNxfq9Y3Zxvx/7M2v/zif/3a/z14AAAAAnbT76e1+PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD00oP7txbbrZ9x//aFiJjoFL8Qo83haBQj4vw/kyjsWy+JiJEexN+9HREvd4qfNNKKiTyLg/HTiBgbcPwLPYgPw+xOY//zfqf3XxqvN4ed33+FvD2t7vu/dG//N9Jl//dipw2mj8965e6vprvGvx3xSqHz/qcR/1yMNmN1iv/GMWv8xtd3drq9lv0sYrLj50/ySKzppHBtenN759LK2sJyZbmyPjc3+878u/OX52emr65UK/m/HWN8/5O//u9h9Z/vEn+iOexe/5vHrP8/d2/e/1hrtHjgpWL8NMum3uj893+5S/z2Z9+n8z93Y3qyPb7bGt/v1V/87tXXDql/qUv9o0fUP3XM+i9+9bt/POaiAEAfbG7vrC5Uq5UNI2dmpHFs9gyksW9krJ/5LMRhy7QPYvuQz3fyUKdf8r23Inq95QHulAAAgFPx/4P+QWcCAAAAAAAAAAAAAAAAAAAAw+uonwGLHvyc2MGYu4MpFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgUP8LAAD//1c4yxQ=")
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x138)
ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f00000002c0)=0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffdfc, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
ioctl$VT_DISALLOCATE(r0, 0x5608)

22.934041052s ago: executing program 0 (id=417):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020100008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0xb, 0x3, 0xc9d7, 0xfffff800, 0x1, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYRES32=0x0], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = socket$inet(0x2, 0x80001, 0x100)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
pipe(&(0x7f0000000340)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
splice(r6, 0x0, r8, 0x0, 0x1, 0x0)
vmsplice(r8, &(0x7f0000000080)=[{&(0x7f0000000100)="83", 0x1}], 0x1, 0x6)
write(r5, 0x0, 0x0)
listen(r4, 0x3)
setsockopt$inet_opts(r4, 0x0, 0x4, 0x0, 0x0)
r9 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
r10 = socket$kcm(0x29, 0x2, 0x0)
sendmmsg$inet(r10, &(0x7f0000000780)=[{{0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f0000000580)="89", 0x1}], 0x1, &(0x7f0000000040)=ANY=[], 0xd0}}, {{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000001c0)="bc", 0x1}], 0x1}}], 0x2, 0x0)
close(r10)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$kcm(0xa, 0x1, 0x106)
write$cgroup_subtree(r7, &(0x7f00000003c0)=ANY=[@ANYRESHEX=r9, @ANYRESDEC=r3, @ANYRES8=r3], 0xfdef)
r12 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r12, 0x0, 0x48b, &(0x7f0000000200)={0x0, 'pimreg\x00', 0x4}, 0x18)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000001000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe, @void, @value}, 0x94)
r13 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r13, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r14 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000fc850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$nl_audit(0x10, 0x3, 0x9)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r14}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000400)='erofs_lookup\x00', r11, 0x0, 0x81}, 0x18)

22.710200344s ago: executing program 0 (id=421):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000005"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000001c000000090a010400000000000000000700000008000a4000090000000000000000010000000000000000000084000a"], 0x64}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@newlink={0x48, 0x10, 0x40d, 0x70bd28, 0x25ffdbfc, {0x0, 0x0, 0x0, 0x0, 0x10}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_QUERIER={0x5, 0x19, 0x84}, @IFLA_BR_MCAST_LAST_MEMBER_INTVL={0xc, 0x1e, 0x3ff}]}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x4086}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840) (fail_nth: 1)

22.448370155s ago: executing program 0 (id=423):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a1, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]})
getresuid(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000400)={<r3=>r2, 0x2, 0x7, 0x2104})
sendmsg$nl_route(r3, &(0x7f0000000580)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)=@ipv4_newroute={0x40, 0x18, 0x400, 0x70bd2c, 0x25dfdbfc, {0x2, 0x14, 0x20, 0xff, 0x0, 0x4, 0xfe, 0xd, 0x100}, [@RTA_ENCAP={0x14, 0x16, 0x0, 0x1, @LWTUNNEL_IP6_OPTS={0x10, 0x8, @LWTUNNEL_IP_OPTS_GENEVE={0xc, 0x1, 0x0, 0x1, @LWTUNNEL_IP_OPT_GENEVE_CLASS={0x6, 0x1, 0x2}}}}, @RTA_SPORT={0x6, 0x1c, 0x4e22}, @RTA_DST={0x8, 0x1, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x40}, 0x1, 0x0, 0x0, 0x880}, 0x4081)
openat2$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001040)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x18)
r6 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0), 0x200, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000000c0)='./bus\x00', 0x80e, &(0x7f0000000380)={[{@jqfmt_vfsold}, {@jqfmt_vfsv0}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@nolazytime}, {@auto_da_alloc}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}]}, 0x3, 0x45c, &(0x7f00000009c0)="$eJzs289rHFUcAPDvzCbpbxNrW+0PNVrF4I+kSasW9KCi4EFB0EM9xiQttdtGmgi2FK0i9SgF7+JR8C/wpBdRT4JXvUuhSC+tnlZmd6bZbHaTbLLppu7nA9O+N/OW974z83bfm5cJoGcNZ/8kETsj4o+IGKxlFxcYrv1368alqX9uXJpKolJ5+++kWu7mjUtTRdHiczvyzEgakX6exMEm9c5duHhmslyeOZ/nx+bPfjA2d+HiM6fPTp6aOTVzbuL48WNHx59/buLZjsSZtenmgY9nD+1//d2rb06duPreL98lRfwNcazH1oXk8HLlHq9UOlHdprGrLp30rVw+P097d21Yi1iNUkRkl6u/2v8HoxQLF28wXvusq40DNlSlUqnsaH34cgX4H0ui2y0AuqP4oc/mv8V2h4Yem8L1l2sToCzuW/lWO9IXaV6mv2F+20nDEXHi8r9fZ1t08DkEAEArP2Tjn6ebjf/S2FdX7p58bWgoIu6NiN0RcV9E7ImIvRHVsvdHxANt1t+4SLJ0/JNeW1Ngq5SN/17M17YWj/+K0V8MlfLcrmr8/cnJ0+WZI/k5GYn+LVl+fJk6fnz19y9bHasf/2VbVn8xFszbca1vy+LPTE/OT64n5nrXP4040Ncs/uT2SkASEfsj4sAa6zj95LeHWh1bOf5lrGKdaSWVbyKeqF3/y9EQfyFZfn1ybGuUZ46MFXfFUr/+duWtVvWvK/4OyK7/9qb3/+34h5L69dq59uu48ucXLec0bd//+2r3/0DyTjU7kO/+aHJ+/vx4xEDyRq3R9fsnFj5e5IvyWfwjh5v3/92xcCYORkR2Ez8YEQ9FxMN52x+JiEcj4vAy8f/8ymPvrz3+jZXFP93W9V9IDETjnuaJ0pmfvl9U6VA78WfX/1g1NZLvWc33X/PmvBSNe9Z7/gAAAOBukEbEzkjS0dvpNB0drf29/J7YnpZn5+afOjn74bnp2jsCQ9GfFk+6Buueh47n0/oiP9GQP5o/N/6qtK2aH52aLU93O3jocTta9P/MX6Vutw7YcB1YRwPuUkv7/7autAO48/z+Q+/S/6F3Nen/JgDQI5r9/n/ShXYAd15D/7fsBz3E/B96l/4PvUv/h540t23JK/GLEy8MRKz0gr9Em4md+dnfLO1ZSyLSTdEMiQ1KdPmLCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoEP+CwAA//8dy+GE")
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r6, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x4}}, './file0\x00'})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0xa, 0x4, 0x6, 0x3, 0x0, 0xffffffffffffffff, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x15, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r7}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r9}, 0x10)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000070a02b570000080000004192231f000000", @ANYRES32=r10, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x98b1b98ff5570b03, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='block_plug\x00', r11}, 0x10)

22.322821206s ago: executing program 0 (id=424):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a1, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x98b1b98ff5570b03, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='block_plug\x00', r4}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

21.388126752s ago: executing program 0 (id=434):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x5412, &(0x7f00000000c0)=0x13)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000160000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file2\x00', 0x200801f, &(0x7f00000006c0), 0x1, 0x509, &(0x7f0000001500)="$eJzs3U1vG3kZAPBnJnY3abM4CxyWldhdsYuSiq2TbOhuxGFZJASnlYDlXkLiRlGcuCRO20QVpOIDICEESFzgxAXBB0BC/QgIqRK9I0AgBC0cOBQG2R6HNLXz0jp2G/9+0r/z4pl5nqeRx/OfGXsCGFqvR8RURGRZll2MiFI+P81b7LZaY7kH928tNloSWfbh35NI8nntbb2QDy/kq41GxNe+HPHN5PG4m9s7qwvVamUjn56uryUPs2zn0srawnJlubI+Nzf7zvy785fnZ3pS50REvPfFP//wez//0nu/eevGH678derbrQJb9tfRVVY6cdxW6cXm/0VbISI2TrylZ1ehWWHL5QHnAgDA4RpHtB+NiE9FxMUoxUjzaA4AAAA4S7LPj8fDpHX9DwAAADib0ogYjyQt5/f7jkealsute3g/HufTam2z/pl9971ORDG9ulKtzOT3DkxEMWlMv5/fY9uefvvA9FxEvBQRPyiNNafLi7Xq0kDPfAAAAMDwuHCg//+vUqv/DwAAAJwxE4NOAAAAADh1B/v/IwPKAwAAADg9rv8DAADAmfaVDz5otKz9/Oul69tbq7Xrl5Yqm6vlta3F8mJt41p5uVZbbv5m39pR26vWatc+G+tbN6frlc369Ob2zpW12tZ6/crKI4/ABgAAAPropdfu3EsiYvdzY2lEZMm+14oR2SNfBSj0Pz/g9KQnWfhPp5cH0H++6gfDyyE9DK/ioBMABu6o/UDXm3d+2/tcAACA0zH5ib3r/80GDI/8+n+SPNnqv/xWT7MB+sn1fxhe5wadADAwxcOOAJ6wUwA8P9JjvNWf/vp/lp0oKQAAoOfGmy1Jy3k/YDzStFyOeLH5WIBicnWlWpmJiI9ExO9LxRca07PNNROnBwAAAAAAAAAAAAAAAAAAAAAAAADgmLIsiayLsb1lAAAAgOdZRPqXJH/+12TpzfGD5wfOJf8uRf6c0Bs/+fBHNxfq9Y3Zxvx/7M2v/zif/3a/z14AAAAAnbT76e1+PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD00oP7txbbrZ9x//aFiJjoFL8Qo83haBQj4vw/kyjsWy+JiJEexN+9HREvd4qfNNKKiTyLg/HTiBgbcPwLPYgPw+xOY//zfqf3XxqvN4ed33+FvD2t7vu/dG//N9Jl//dipw2mj8965e6vprvGvx3xSqHz/qcR/1yMNmN1iv/GMWv8xtd3drq9lv0sYrLj50/ySKzppHBtenN759LK2sJyZbmyPjc3+878u/OX52emr65UK/m/HWN8/5O//u9h9Z/vEn+iOexe/5vHrP8/d2/e/1hrtHjgpWL8NMum3uj893+5S/z2Z9+n8z93Y3qyPb7bGt/v1V/87tXXDql/qUv9o0fUP3XM+i9+9bt/POaiAEAfbG7vrC5Uq5UNI2dmpHFs9gyksW9krJ/5LMRhy7QPYvuQz3fyUKdf8r23Inq95QHulAAAgFPx/4P+QWcCAAAAAAAAAAAAAAAAAAAAw+uonwGLHvyc2MGYu4MpFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgUP8LAAD//1c4yxQ=")
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x138)
ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f00000002c0)=0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffdfc, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
ioctl$VT_DISALLOCATE(r0, 0x5608)

21.092878834s ago: executing program 0 (id=438):
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$inet_udplite(0x2, 0x2, 0x88)
gettid()
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/4\x00')
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000700)=""/2, 0x2}, {&(0x7f0000000780)=""/182}, {&(0x7f0000000840)=""/229}, {&(0x7f0000000940)=""/101}], 0x53, 0x8008, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pread64(r0, 0x0, 0x0, 0x1)
mknod(&(0x7f0000000180)='./file0\x00', 0x1ffa, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000480)='pagemap\x00')
preadv(r2, &(0x7f0000000640)=[{&(0x7f0000000b00)=""/152, 0x98}], 0x1, 0x0, 0x0)
socket(0x10, 0x5, 0x2)
acct(&(0x7f0000000140)='./file0\x00')
r3 = getpid()
timer_create(0x5, &(0x7f0000000080)={0x0, 0x3f, 0x800000000004, @tid=r3}, &(0x7f0000000040))
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', <r4=>0x0})
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000001100a7cc4a372eaf541d002007000000", @ANYRES32=r4, @ANYBLOB="00000000100000001c001a80080002802d00ff0008000200", @ANYRES16=r5, @ANYRES32=r5], 0x44}}, 0x0)

11.257667117s ago: executing program 32 (id=392):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x5412, &(0x7f00000000c0)=0x13)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file2\x00', 0x200801f, &(0x7f00000006c0), 0x1, 0x509, &(0x7f0000001500)="$eJzs3U1vG3kZAPBnJnY3abM4CxyWldhdsYuSiq2TbOhuxGFZJASnlYDlXkLiRlGcuCRO20QVpOIDICEESFzgxAXBB0BC/QgIqRK9I0AgBC0cOBQG2R6HNLXz0jp2G/9+0r/z4pl5nqeRx/OfGXsCGFqvR8RURGRZll2MiFI+P81b7LZaY7kH928tNloSWfbh35NI8nntbb2QDy/kq41GxNe+HPHN5PG4m9s7qwvVamUjn56uryUPs2zn0srawnJlubI+Nzf7zvy785fnZ3pS50REvPfFP//wez//0nu/eevGH678derbrQJb9tfRVVY6cdxW6cXm/0VbISI2TrylZ1ehWWHL5QHnAgDA4RpHtB+NiE9FxMUoxUjzaA4AAAA4S7LPj8fDpHX9DwAAADib0ogYjyQt5/f7jkealsute3g/HufTam2z/pl9971ORDG9ulKtzOT3DkxEMWlMv5/fY9uefvvA9FxEvBQRPyiNNafLi7Xq0kDPfAAAAMDwuHCg//+vUqv/DwAAAJwxE4NOAAAAADh1B/v/IwPKAwAAADg9rv8DAADAmfaVDz5otKz9/Oul69tbq7Xrl5Yqm6vlta3F8mJt41p5uVZbbv5m39pR26vWatc+G+tbN6frlc369Ob2zpW12tZ6/crKI4/ABgAAAPropdfu3EsiYvdzY2lEZMm+14oR2SNfBSj0Pz/g9KQnWfhPp5cH0H++6gfDyyE9DK/ioBMABu6o/UDXm3d+2/tcAACA0zH5ib3r/80GDI/8+n+SPNnqv/xWT7MB+sn1fxhe5wadADAwxcOOAJ6wUwA8P9JjvNWf/vp/lp0oKQAAoOfGmy1Jy3k/YDzStFyOeLH5WIBicnWlWpmJiI9ExO9LxRca07PNNROnBwAAAAAAAAAAAAAAAAAAAAAAAADgmLIsiayLsb1lAAAAgOdZRPqXJH/+12TpzfGD5wfOJf8uRf6c0Bs/+fBHNxfq9Y3Zxvx/7M2v/zif/3a/z14AAAAAnbT76e1+PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD00oP7txbbrZ9x//aFiJjoFL8Qo83haBQj4vw/kyjsWy+JiJEexN+9HREvd4qfNNKKiTyLg/HTiBgbcPwLPYgPw+xOY//zfqf3XxqvN4ed33+FvD2t7vu/dG//N9Jl//dipw2mj8965e6vprvGvx3xSqHz/qcR/1yMNmN1iv/GMWv8xtd3drq9lv0sYrLj50/ySKzppHBtenN759LK2sJyZbmyPjc3+878u/OX52emr65UK/m/HWN8/5O//u9h9Z/vEn+iOexe/5vHrP8/d2/e/1hrtHjgpWL8NMum3uj893+5S/z2Z9+n8z93Y3qyPb7bGt/v1V/87tXXDql/qUv9o0fUP3XM+i9+9bt/POaiAEAfbG7vrC5Uq5UNI2dmpHFs9gyksW9krJ/5LMRhy7QPYvuQz3fyUKdf8r23Inq95QHulAAAgFPx/4P+QWcCAAAAAAAAAAAAAAAAAAAAw+uonwGLHvyc2MGYu4MpFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgUP8LAAD//1c4yxQ=")
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x138)
ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f00000002c0)=0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffdfc, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
ioctl$VT_DISALLOCATE(r0, 0x5608)

5.923649102s ago: executing program 33 (id=438):
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$inet_udplite(0x2, 0x2, 0x88)
gettid()
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/4\x00')
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000700)=""/2, 0x2}, {&(0x7f0000000780)=""/182}, {&(0x7f0000000840)=""/229}, {&(0x7f0000000940)=""/101}], 0x53, 0x8008, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pread64(r0, 0x0, 0x0, 0x1)
mknod(&(0x7f0000000180)='./file0\x00', 0x1ffa, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000480)='pagemap\x00')
preadv(r2, &(0x7f0000000640)=[{&(0x7f0000000b00)=""/152, 0x98}], 0x1, 0x0, 0x0)
socket(0x10, 0x5, 0x2)
acct(&(0x7f0000000140)='./file0\x00')
r3 = getpid()
timer_create(0x5, &(0x7f0000000080)={0x0, 0x3f, 0x800000000004, @tid=r3}, &(0x7f0000000040))
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', <r4=>0x0})
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000001100a7cc4a372eaf541d002007000000", @ANYRES32=r4, @ANYBLOB="00000000100000001c001a80080002802d00ff0008000200", @ANYRES16=r5, @ANYRES32=r5], 0x44}}, 0x0)

5.516169274s ago: executing program 4 (id=549):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800001965ba917c62e1e6902300000000000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000f00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b7040000000000008500000057"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='br_fdb_add\x00', r2}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'bridge0\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="280000001c000100000000000000000007000000", @ANYRES32=r5, @ANYBLOB="4000aa000a0002"], 0x28}}, 0x0)

5.411773165s ago: executing program 4 (id=551):
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x18, 0x0, 0x0, 0x0, 0x8, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x800000000003}, 0x1320, 0x0, 0x20000, 0x5, 0x0, 0x1, 0xffff, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000f600ac258508a528"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r2)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[], 0xa0}, 0x1, 0x0, 0x0, 0x2005c013}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800019f000000000000000002000000000000000800010001000000040004"], 0x24}, 0x1, 0x0, 0x0, 0x4005}, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r5}, 0x10)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000002940)="2000000020008107090f9becdb4cb96b02000000000000020000000000000000", 0x20}], 0x1, 0x0, 0x0, 0x81000000}, 0x0)

5.357100545s ago: executing program 4 (id=552):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f00000012c0)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="180000000000000000"], &(0x7f0000000280)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0)={0x0, 0x3, 0x0, 0x1f00}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

5.328844915s ago: executing program 4 (id=554):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$int_in(r0, 0x5452, &(0x7f00000000c0)=0x55)
syz_emit_ethernet(0x7a, &(0x7f0000000200)=ANY=[], 0x0)

5.264038026s ago: executing program 4 (id=556):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x5412, &(0x7f00000000c0)=0x13)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file2\x00', 0x200801f, &(0x7f00000006c0), 0x1, 0x509, &(0x7f0000001500)="$eJzs3U1vG3kZAPBnJnY3abM4CxyWldhdsYuSiq2TbOhuxGFZJASnlYDlXkLiRlGcuCRO20QVpOIDICEESFzgxAXBB0BC/QgIqRK9I0AgBC0cOBQG2R6HNLXz0jp2G/9+0r/z4pl5nqeRx/OfGXsCGFqvR8RURGRZll2MiFI+P81b7LZaY7kH928tNloSWfbh35NI8nntbb2QDy/kq41GxNe+HPHN5PG4m9s7qwvVamUjn56uryUPs2zn0srawnJlubI+Nzf7zvy785fnZ3pS50REvPfFP//wez//0nu/eevGH678derbrQJb9tfRVVY6cdxW6cXm/0VbISI2TrylZ1ehWWHL5QHnAgDA4RpHtB+NiE9FxMUoxUjzaA4AAAA4S7LPj8fDpHX9DwAAADib0ogYjyQt5/f7jkealsute3g/HufTam2z/pl9971ORDG9ulKtzOT3DkxEMWlMv5/fY9uefvvA9FxEvBQRPyiNNafLi7Xq0kDPfAAAAMDwuHCg//+vUqv/DwAAAJwxE4NOAAAAADh1B/v/IwPKAwAAADg9rv8DAADAmfaVDz5otKz9/Oul69tbq7Xrl5Yqm6vlta3F8mJt41p5uVZbbv5m39pR26vWatc+G+tbN6frlc369Ob2zpW12tZ6/crKI4/ABgAAAPropdfu3EsiYvdzY2lEZMm+14oR2SNfBSj0Pz/g9KQnWfhPp5cH0H++6gfDyyE9DK/ioBMABu6o/UDXm3d+2/tcAACA0zH5ib3r/80GDI/8+n+SPNnqv/xWT7MB+sn1fxhe5wadADAwxcOOAJ6wUwA8P9JjvNWf/vp/lp0oKQAAoOfGmy1Jy3k/YDzStFyOeLH5WIBicnWlWpmJiI9ExO9LxRca07PNNROnBwAAAAAAAAAAAAAAAAAAAAAAAADgmLIsiayLsb1lAAAAgOdZRPqXJH/+12TpzfGD5wfOJf8uRf6c0Bs/+fBHNxfq9Y3Zxvx/7M2v/zif/3a/z14AAAAAnbT76e1+PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD00oP7txbbrZ9x//aFiJjoFL8Qo83haBQj4vw/kyjsWy+JiJEexN+9HREvd4qfNNKKiTyLg/HTiBgbcPwLPYgPw+xOY//zfqf3XxqvN4ed33+FvD2t7vu/dG//N9Jl//dipw2mj8965e6vprvGvx3xSqHz/qcR/1yMNmN1iv/GMWv8xtd3drq9lv0sYrLj50/ySKzppHBtenN759LK2sJyZbmyPjc3+878u/OX52emr65UK/m/HWN8/5O//u9h9Z/vEn+iOexe/5vHrP8/d2/e/1hrtHjgpWL8NMum3uj893+5S/z2Z9+n8z93Y3qyPb7bGt/v1V/87tXXDql/qUv9o0fUP3XM+i9+9bt/POaiAEAfbG7vrC5Uq5UNI2dmpHFs9gyksW9krJ/5LMRhy7QPYvuQz3fyUKdf8r23Inq95QHulAAAgFPx/4P+QWcCAAAAAAAAAAAAAAAAAAAAw+uonwGLHvyc2MGYu4MpFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgUP8LAAD//1c4yxQ=")
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x138)
ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f00000002c0)=0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffdfc, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
ioctl$VT_DISALLOCATE(r0, 0x5608)

5.059302727s ago: executing program 4 (id=559):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', 0xffffffffffffffff, 0x0, 0xab1}, 0x18)
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000980), 0xffffffffffffffff)
r1 = socket$netlink(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f0000000100)={'wg1\x00', <r2=>0x0})
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010000000000000000000d0000000c00018008000100", @ANYRES32=r2], 0x20}}, 0x0)

3.792279745s ago: executing program 1 (id=570):
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x1008002, &(0x7f0000000400), 0x0, 0x5e0, &(0x7f00000011c0)="$eJzs3c1vVFUbAPDnTj9oKe/bQt68igtpYgwkSksLGGJcwNaQBj/ixo2VFkQKNLRGiyaUBDcmxo0xJq5ciP+FEtmy0pULN64MCVHD0sQxd3pv6bR3+kU7t3J/v2TouefM5Zzb6dNz5vScOwFU1mD6Ty1if0RMJxH9yfxiWWdkhYMLz3vw50dn00cS9fprvyeRZHn585Psa192ck9E/PhDEvs6VtY7M3ft4vjU1OTV7Hh49tL08MzctcMXLo2fnzw/eXn0hdETx48dPzFyZFPXdb0g7/TNd9/v/2TszW+++isZ+faXsSROxsvZE5dex1YZjMHG9yRZWdR3YqsrK0lH9nOy9CVOOoue2dW+RrFu+euXvjpPRH90xMMXrz8+fqXUxgHbqp5E1IGKSsQ/VFQ+Dsjf2y9/H1wrZVQCtMP9UwsTACvjv3NhbjB6GnMDux8ksXRaJ4mIzc3MNdsTEXfvjN08d2fsZmzTPBxQbP5GRDxZFP9JI/4HoicGGvFfa4r/dFxwJvua5r+6yfqXTxWLf2ifhfjvWTX+o0X8v7Uk/t/eZP2DD5Pv9DbFf+9mLwkAAAAAAAAq6/apiHi+6O//tcX1P1Gw/qcvIk5uQf2Dy45X/v2/dm8LqgEK3D8V8VLh+t9avvp3oCNL/aexHqArOXdhavJIRPw3Ig5F1670eGSVOg5/uu/LVmWD2fq//JHWfzdbC5i1417nruZzJsZnxx/1uoGI+zcinipc/5ss9v9JQf+f/j6YXmcd+569daZV2drxD2yX+tcRBwv7/4d3rUhWvz/HcGM8MJyPClZ6+sPPvmtV/2bjv/AWE8CGpP3/7tXjfyBZer+emY3XcXSus96qbLPj/+7k9cYtZ7qzvA/GZ2evjkR0J6c70tym/NGNtxkeR3k85PGSxv+hZ1af/ysa//dGxPyy/zv5o3lPce7/f/f92qo9xv9QnjT+JzbU/288MXpr4PtW9a+v/z/W6OsPZTnm/2DBF3mYdjfnF4RjZ1FRu9sLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI+DWkTsiaQ2tJiu1YaGIvoi4n+xuzZ1ZWb2uXNX3rs8kZY1Pv+/ln/Sb//CcZJ//v/AkuPRZcdHI2JvRHze0ds4Hjp7ZWqi7IsHAAAAAAAAAAAAAAAAAACAHaKvxf7/1G8dZbcO2HadZTcAKE1B/P9URjuA9tP/Q3WJf6gu8Q/VJf6husQ/VJf4h+oS/1Bd4h8AAAAAAB4rew/c/jmJiPkXexuPVHdW1lVqy4DtViu7AUBp3OIHqsvSH6gu7/GBZI3ynpYnrXXmaqbPPsLJAAAAAAAAAAAAAFA5B/fb/w9VZf8/VJf9/1Bd+f7/AyW3A2g/7/GBWGMnf+H+/zXPAgAAAAAAAAAAAAC20szctYvjU1OTVyXe2BnNaGeiXq9fT38Kdkp7/uWJfCn8TmnPskS+1299Z5X3OwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGj2TwAAAP//+Ekkyg==")
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_SET(r0, &(0x7f0000000680)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x48, 0x1402, 0x8, 0x70bd2d, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_DIM={0x5}, @RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz1\x00'}, @RDMA_NLDEV_ATTR_DEV_DIM={0x5, 0x54, 0x1}, @RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz2\x00'}, @RDMA_NLDEV_ATTR_DEV_DIM={0x5}, @RDMA_NLDEV_ATTR_DEV_DIM={0x5, 0x54, 0x1}]}, 0x48}, 0x1, 0x0, 0x0, 0x8055}, 0x80)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000200)={'sit0\x00', &(0x7f0000000080)={'gretap0\x00', <r2=>0x0, 0x700, 0x40, 0x7f, 0x80000001, {{0x38, 0x4, 0x2, 0x24, 0xe0, 0x65, 0x0, 0x1, 0x4, 0x0, @multicast2, @remote, {[@timestamp_prespec={0x44, 0x2c, 0xbd, 0x3, 0x8, [{@dev={0xac, 0x14, 0x14, 0x11}, 0x7}, {@dev={0xac, 0x14, 0x14, 0x25}, 0x80000001}, {@multicast1, 0x5}, {@broadcast, 0x1}, {@empty, 0x408}]}, @ssrr={0x89, 0x27, 0xd3, [@empty, @dev={0xac, 0x14, 0x14, 0x3d}, @private=0xa010101, @local, @multicast1, @local, @broadcast, @multicast1, @multicast2]}, @ssrr={0x89, 0x13, 0xee, [@broadcast, @multicast1, @loopback, @private=0xa010100]}, @rr={0x7, 0x7, 0xd5, [@local]}, @rr={0x7, 0x1f, 0x2c, [@loopback, @dev={0xac, 0x14, 0x14, 0x3a}, @multicast1, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, @rand_addr=0x64010100]}, @timestamp={0x44, 0x10, 0x65, 0x0, 0x9, [0x3d, 0x7, 0x10001]}, @rr={0x7, 0x1b, 0xc1, [@loopback, @loopback, @private=0xa010101, @multicast2, @broadcast, @rand_addr=0x64010101]}, @generic={0x44, 0xb, "88d8e58490b4347587"}, @generic={0x82, 0x9, "63f94529e49909"}]}}}}})
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000300)={'ip6gre0\x00', &(0x7f0000000280)={'ip6tnl0\x00', <r3=>0x0, 0x29, 0x40, 0x0, 0x7df, 0x40, @local, @mcast1, 0x1, 0x8, 0x4, 0x4}})
r4 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0xf1, &(0x7f0000000240)={&(0x7f0000000500)=@newqdisc={0x38, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0xc, 0x2, [@TCA_HHF_HH_FLOWS_LIMIT={0x4}]}}]}, 0x38}}, 0x0)
r6 = socket$inet6_sctp(0xa, 0x801, 0x84)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000c80)={'lo\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000680)=@newqdisc={0x45c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0x4000000, {0x0, 0x0, 0x0, r9, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_RTAB={0x404, 0x2, [0x1, 0x3ff, 0x1ff, 0x0, 0xfffbfc80, 0x0, 0x6, 0x7, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x1, 0x0, 0x0, 0x0, 0xfffffffc, 0xfffffffc, 0x6, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3f, 0x0, 0x3, 0x0, 0xffffffff, 0x2, 0xc00, 0x0, 0xfffffffd, 0xfffffffd, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffffffff, 0x0, 0x6, 0x0, 0x100, 0x0, 0xb, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x2, 0x0, 0x0, 0x7, 0x4, 0x0, 0x401, 0x0, 0x5, 0x4, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xfffffff8, 0x0, 0x8, 0x3, 0x136d28f, 0xb97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x5e, 0xfffffffc, 0x8, 0x0, 0x0, 0x400000, 0x42, 0x0, 0xc, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffec0, 0x0, 0x0, 0x83, 0x0, 0x0, 0x1, 0x0, 0x9, 0x0, 0x20000004, 0x0, 0x0, 0x80000001, 0x2, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0xfff, 0x800000, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x40000009, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x3, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0xb3c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, 0x4, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x400, 0xe, 0x0, 0xd79, 0x0, 0x0, 0x4, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x2, 0x0, 0x1, 0x0, 0x4, 0x0, 0x5, 0xfffffffd, 0x0, 0x2, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000]}, @TCA_TBF_PARMS={0x28, 0x1, {{0x1, 0x0, 0x0, 0x0, 0x0, 0x6}, {0xfc}, 0x0, 0xf7fffffe}}]}}]}, 0x45c}}, 0x8000)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000000280)={'batadv0\x00', <r10=>0x0})
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r11, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=@getchain={0x24, 0x11, 0x1, 0x4080, 0x0, {0x0, 0x0, 0x0, r10, {0x0, 0x1}}}, 0x24}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000380)={'gre0\x00', &(0x7f0000000340)={'syztnl2\x00', <r12=>0x0, 0x700, 0x10, 0x1, 0x4, {{0x7, 0x4, 0x3, 0x28, 0x1c, 0x64, 0x0, 0x88, 0x4, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @empty, {[@ra={0x94, 0x4, 0x1}, @ra={0x94, 0x4}]}}}}})
sendmsg$nl_route(r1, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000440)=@ipv6_getnetconf={0x54, 0x52, 0x100, 0x70bd29, 0x25dfdbfb, {}, [@NETCONFA_IFINDEX={0x8}, @NETCONFA_IFINDEX={0x8, 0x1, r2}, @NETCONFA_IFINDEX={0x8, 0x1, r3}, @NETCONFA_PROXY_NEIGH={0x8, 0x5, 0x3}, @NETCONFA_IFINDEX={0x8, 0x1, r5}, @IGNORE_ROUTES_WITH_LINKDOWN={0x8, 0x6, 0x9}, @NETCONFA_IFINDEX={0x8, 0x1, r10}, @NETCONFA_IFINDEX={0x8, 0x1, r12}]}, 0x54}, 0x1, 0x0, 0x0, 0x8004}, 0x340400c1)
r13 = socket$nl_generic(0x10, 0x3, 0x10)
r14 = syz_genetlink_get_family_id$tipc(&(0x7f0000001600), 0xffffffffffffffff)
r15 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r15, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r16 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000c00)={&(0x7f0000000100)='kmem_cache_free\x00', r16}, 0x10)
sendmsg$TIPC_CMD_SHOW_PORTS(r13, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000001680)={&(0x7f0000001640)={0x1c, r14, 0x1, 0xfffffffe}, 0x1c}}, 0x0)
lsetxattr$trusted_overlay_upper(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0)
listxattr(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)

3.298100478s ago: executing program 1 (id=574):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, &(0x7f0000000040)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
mmap(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x0, 0x2172, 0xffffffffffffffff, 0x3cbd000)
sendto$inet6(r2, &(0x7f0000000300)="8b", 0x34000, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c)

3.248057389s ago: executing program 5 (id=577):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f00000012c0)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800"/13], &(0x7f0000000280)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0)={0x0, 0x3, 0x0, 0x1f00}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

3.246773069s ago: executing program 1 (id=578):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x14)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001100)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r6, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000680)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6b0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r7, 0x0, 0x81}, 0x18)
r8 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r9 = ioctl$LOOP_CTL_GET_FREE(r8, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r8, 0x4c81, r9)
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$nfc(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NFC_CMD_GET_TARGET(r10, &(0x7f0000000800)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000400)={0x14, r11, 0x100, 0x70bd26, 0x25dfdbfc, {}, ["", "", ""]}, 0x14}}, 0x1)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000240)={&(0x7f00000004c0)={0x2c4, 0x41, 0x100, 0x70bd28, 0x25dfdbfe, {0x1}, [@nested={0x19c, 0xdb, 0x0, 0x1, [@generic="c874027fe73c0ed282061ee93049b4c81d6d2dc923936de02c1129f710f3f57ff97aa6b2ceab4a879c7d7544faac98625cdc815fc9026ae56a46c02353efb5d2e111c831de37019c42fba6702913654e263376c4bc4f8c59dc834cd406c1f76e64820900480168ff9802a02d", @typed={0x8, 0xe2, 0x0, 0x0, @pid=r0}, @generic="02492f2d7e47912ed7f5f6b6ee4251d088da03ca09849ea8403bb4f37b858c07735d2a10e1e2a62613453ec55fcf34184641e47d43307ca9942ef23c0543ad3bfe8d3dbbf13a5373e06988343e3a62a46b82a8ea0ce167641fb3ed63cb441b4ecf42789ba1142c149b531a483ff883fe2a906df8a1bcc2b3c1185bb6269d0cc41f24766e7b1e269f23a021944b2c4006ab04a69c292992bdcdda81b3e137160509a5107be8b3a5f00f4b6aa2dc2c140a37e59a886b8f8b2614c44f6da5ac0e0ba5a3459a400c482bfdcb165c335378e185c134d12909e012422f2dc1199496a8", @generic="24f19c07761ba4e5260b9999d9ccd80c66da81a72eeb2ff4d0d5ca51ee54e6b597afe7e335258c707303e8", @nested={0x4, 0x113}, @generic="302db83390fd8aea14c986eaea1990c5db2b8adb81"]}, @typed={0x4, 0xa7}, @typed={0x8, 0xf7, 0x0, 0x0, @u32=0x7fffffff}, @typed={0xc, 0x122, 0x0, 0x0, @u64=0x9}, @typed={0x4, 0xef}, @generic="1c57b230a4b128ef695cd153b9878f2276bcc6cc45fc03b61fada29ebb0c59b742d7b244984ce79e5501a6472c9c59b3d37d119e4da13b0ac2436c3b0de436bb0c85bdf5fc2ff8fd46f22ec9a9aad9b2ddeaf7181d65cdc99a6d427fa3dc42db6a948b5fb33bb4ef58443aef133929c70a4c9befe2b72a157cfc3c4de8acfa6c9b9d60cdbd674523547489db1f7b54c64e8bd052359354583951fb57d33bd3eaf86e813c35c71d793af7ffb97c0e483f4f8049a7f275831d57676e609e8dace188f548e52bd3dce9098351530011a679abfb5797fdad0f39ae2977ce716e0fbc35d9bd31a4b45e6f13e990d3b342e48fe884ad83f1"]}, 0x2c4}, 0x1, 0x0, 0x0, 0x8041}, 0x1)
fcntl$setsig(r5, 0xa, 0x13)
fcntl$setlease(r5, 0x400, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000280))

3.19620352s ago: executing program 5 (id=580):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
unshare(0x8000000)
semtimedop(0x0, &(0x7f0000000280)=[{0x0, 0x0, 0x1000}], 0x1, 0x0)
unshare(0x2c000000)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sys_enter\x00', r2}, 0x10)
timerfd_gettime(0xffffffffffffffff, 0x0)
r3 = socket(0x10, 0x803, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x1, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
getsockname$packet(r3, &(0x7f0000000600)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32=r4, @ANYBLOB="f5ff0f00252155b21c0012000c000100626f6e64000000000c0002000800010001"], 0x3c}}, 0x40000)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@newlink={0x3c, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bond={{0x9}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x4000)

1.943212447s ago: executing program 1 (id=582):
r0 = socket$packet(0x11, 0x3, 0x300)
syz_clone(0x894000, &(0x7f0000000000)="7433804438ed9f3bd97fce33be4347830a45c8c16f3e14c1934601a948d02fb8abffacd7c922af4412b7157ee8696022ddc42a8b77b00bb0695a13e36a0e3bd2e882868e76f8fa48023c102466dd155c1c23166d74aaeb9795c358898336206a8d499f457e9c9af2c1287eed48ef95b504adbc8d9975718f675572ac49cf9488ddc9", 0x82, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180)="e47559e59b")
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r1}, 0x0, &(0x7f0000000040)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000005c0)='f2fs_lookup_end\x00', r2}, 0x18)
inotify_add_watch(0xffffffffffffffff, 0x0, 0x82000a18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r5 = syz_usbip_server_init(0x1)
write$usbip_server(r5, &(0x7f00000002c0)=@ret_unlink={{0x4, 0x7, 0x0, 0x0, 0x3}, {0x2}}, 0x30)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000200)='kmem_cache_free\x00', r4}, 0x10)
fsetxattr$security_capability(r3, &(0x7f0000000280), 0x0, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000300)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000580)='kmem_cache_free\x00', r7, 0x0, 0x8}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffd}]})
r8 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r8, 0x6, 0x0, 0x0, 0x0)
r9 = fsmount(r8, 0x0, 0x0)
fchdir(r9)
fgetxattr(r7, &(0x7f0000000240)=@known='security.selinux\x00', &(0x7f0000000c00)=""/4096, 0x1000)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000540)={0x7, &(0x7f0000000340)=[{0x6, 0xf5, 0xf4, 0x8001}, {0x8, 0x0, 0xe1}, {0x5, 0x1e, 0x0, 0x706}, {0x2, 0xa0, 0x81, 0xfffff467}, {0xee, 0xa8, 0x1, 0x8}, {0x5, 0x80, 0x2}, {0x401, 0x3, 0x4}]})
ioctl$int_in(r0, 0x5452, &(0x7f00000000c0)=0x55)
syz_emit_ethernet(0x7a, &(0x7f0000000200)=ANY=[], 0x0)

1.856612948s ago: executing program 5 (id=584):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000004850000000700000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0500000004000000080000000a"], 0x48)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000006"], 0x48)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000dd0000000000003b810000850000006d000000a50000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
syz_usbip_server_init(0x2)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r1, <r3=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f00000001c0)=r0}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r3}, &(0x7f0000000000), &(0x7f0000000080)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa10000000000000701"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r4}, 0x4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000b60000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r5, 0x0, 0x1}, 0x18)
get_robust_list(0x0, 0x0, 0x0)
r6 = socket(0x2b, 0x80801, 0x1)
connect$inet6(r6, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r6, 0x6, 0x21, &(0x7f0000000540)="f080fa0b67df1cd10bc89b169dac4085", 0x10)

1.602768979s ago: executing program 2 (id=587):
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000340), 0x60c100, 0x0)
syz_io_uring_setup(0x239, 0x0, &(0x7f0000000000), &(0x7f00000001c0))
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000070000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='configfs\x00', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x40, 0x2)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = creat(&(0x7f00000000c0)='./file0\x00', 0xd4)
r2 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r3 = dup2(r1, r2)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x200000a, 0x1, 0x8})
ioctl$BLKTRACESETUP(r3, 0x1276, 0x0)

1.328603841s ago: executing program 2 (id=588):
r0 = syz_open_dev$usbfs(&(0x7f0000000080), 0x77, 0x101301)
ioctl$USBDEVFS_DROP_PRIVILEGES(r0, 0x4004551e, 0x0)
ioctl$USBDEVFS_CONNECTINFO(r0, 0x8004550f, &(0x7f0000002a40)) (fail_nth: 1)

1.244922032s ago: executing program 2 (id=589):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500f70a000000000000000200000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000016c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000180)={<r3=>r2, 0x2, 0x5, 0x7})
ioctl$SNDRV_TIMER_IOCTL_STOP(r3, 0x54a1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r2}, 0x10)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
mlockall(0x7)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r4, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0x45c], 0x0, 0xffffffffff600000, 0x1, 0x1}}, 0x40)
r5 = syz_open_dev$usbfs(&(0x7f0000000080), 0x77, 0x101301)
ioctl$USBDEVFS_DROP_PRIVILEGES(r5, 0x4004551e, 0x0)
ioctl$USBDEVFS_CONNECTINFO(r5, 0x8004550f, &(0x7f0000002a40))

1.172810932s ago: executing program 1 (id=590):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)=ANY=[@ANYBLOB="440000001000090600"/20, @ANYRES32=0x0, @ANYBLOB="adffa888000000001c00128009000100626f6e64000000000c000280050001000600000008000a0079"], 0x44}}, 0x0)

1.108501743s ago: executing program 2 (id=591):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x14)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001100)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r6, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000680)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6b0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r7, 0x0, 0x81}, 0x18)
r8 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r9 = ioctl$LOOP_CTL_GET_FREE(r8, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r8, 0x4c81, r9)
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$nfc(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NFC_CMD_GET_TARGET(r10, &(0x7f0000000800)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000400)={0x14, r11, 0x100, 0x70bd26, 0x25dfdbfc, {}, ["", "", ""]}, 0x14}}, 0x1)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000240)={&(0x7f00000004c0)={0x2c4, 0x41, 0x100, 0x70bd28, 0x25dfdbfe, {0x1}, [@nested={0x19c, 0xdb, 0x0, 0x1, [@generic="c874027fe73c0ed282061ee93049b4c81d6d2dc923936de02c1129f710f3f57ff97aa6b2ceab4a879c7d7544faac98625cdc815fc9026ae56a46c02353efb5d2e111c831de37019c42fba6702913654e263376c4bc4f8c59dc834cd406c1f76e64820900480168ff9802a02d", @typed={0x8, 0xe2, 0x0, 0x0, @pid=r0}, @generic="02492f2d7e47912ed7f5f6b6ee4251d088da03ca09849ea8403bb4f37b858c07735d2a10e1e2a62613453ec55fcf34184641e47d43307ca9942ef23c0543ad3bfe8d3dbbf13a5373e06988343e3a62a46b82a8ea0ce167641fb3ed63cb441b4ecf42789ba1142c149b531a483ff883fe2a906df8a1bcc2b3c1185bb6269d0cc41f24766e7b1e269f23a021944b2c4006ab04a69c292992bdcdda81b3e137160509a5107be8b3a5f00f4b6aa2dc2c140a37e59a886b8f8b2614c44f6da5ac0e0ba5a3459a400c482bfdcb165c335378e185c134d12909e012422f2dc1199496a8", @generic="24f19c07761ba4e5260b9999d9ccd80c66da81a72eeb2ff4d0d5ca51ee54e6b597afe7e335258c707303e8", @nested={0x4, 0x113}, @generic="302db83390fd8aea14c986eaea1990c5db2b8adb81"]}, @typed={0x4, 0xa7}, @typed={0x8, 0xf7, 0x0, 0x0, @u32=0x7fffffff}, @typed={0xc, 0x122, 0x0, 0x0, @u64=0x9}, @typed={0x4, 0xef}, @generic="1c57b230a4b128ef695cd153b9878f2276bcc6cc45fc03b61fada29ebb0c59b742d7b244984ce79e5501a6472c9c59b3d37d119e4da13b0ac2436c3b0de436bb0c85bdf5fc2ff8fd46f22ec9a9aad9b2ddeaf7181d65cdc99a6d427fa3dc42db6a948b5fb33bb4ef58443aef133929c70a4c9befe2b72a157cfc3c4de8acfa6c9b9d60cdbd674523547489db1f7b54c64e8bd052359354583951fb57d33bd3eaf86e813c35c71d793af7ffb97c0e483f4f8049a7f275831d57676e609e8dace188f548e52bd3dce9098351530011a679abfb5797fdad0f39ae2977ce716e0fbc35d9bd31a4b45e6f13e990d3b342e48fe884ad83f1"]}, 0x2c4}, 0x1, 0x0, 0x0, 0x8041}, 0x1)
fcntl$setsig(r5, 0xa, 0x13)
fcntl$setlease(r5, 0x400, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000280))

776.393975ms ago: executing program 1 (id=592):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffffff0000000000100000850000007b00000095"], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)={0x2, 0x13, 0x0, 0x3, 0x2}, 0x10}}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
r3 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000001440), 0x0, 0x0)
ioctl$IMADDTIMER(r3, 0x80044940, &(0x7f0000000080)=0x14)
ioctl$IMADDTIMER(r3, 0x80044940, &(0x7f00000000c0)=0x32)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2, 0x800000000003}, 0x1100, 0x5dd8, 0x3, 0x5, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
close(r3)

736.667445ms ago: executing program 5 (id=593):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0xffd0}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @generic={0x66, 0x8}, @initr0, @exit, @alu={0x6, 0x0, 0x3, 0xa, 0x0, 0x2}, @printk={@x, {}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa}}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0xff5c, &(0x7f0000000340)=""/222, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)

465.297737ms ago: executing program 5 (id=594):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, 0x0, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$kcm(0x29, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
ioctl$INCFS_IOC_FILL_BLOCKS(r2, 0x80106720, 0x0)
brk(0x3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0)
r3 = bpf$TOKEN_CREATE(0x24, &(0x7f00000001c0), 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001cc0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995d050000000000000022624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c80e982bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042ef815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acfd0000000000000079e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a2e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6b9e3b99a725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec73a527c5d9992"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8de46dac9505a855, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @value=r3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
set_mempolicy(0x6, &(0x7f00000003c0)=0x8000000000000001, 0xe0)
remap_file_pages(&(0x7f0000ba1000/0x1000)=nil, 0x1000, 0x0, 0x4, 0x1c0000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SET_NAME(0xf, &(0x7f0000000000)='(\x00')
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000567000/0x3000)=nil, 0x3000, 0x2, &(0x7f00000002c0)=0x9, 0x2000000000008, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x3)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_service_bytes\x00', 0x26e1, 0x0)
close(r5)

372.804218ms ago: executing program 6 (id=546):
unshare(0x6020400)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xf, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='kfree\x00', r1}, 0x18)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000002580)=@newtaction={0x88c, 0x30, 0x1, 0x0, 0x0, {0x7a}, [{0x878, 0x1, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x401, 0x3, 0xe78, 0x2, 0x3, {0x10, 0x1, 0x5, 0x401, 0x4, 0x1}, {0x1, 0x2, 0x6, 0x7ff, 0x90e, 0x7}, 0x5, 0x8, 0xe8}}, @TCA_POLICE_RATE={0x404, 0x2, [0x2, 0x10000, 0x1000, 0x7fffffff, 0xf3, 0x7, 0xfffffff7, 0x2, 0x7, 0xd, 0x4, 0x7fff, 0x9, 0xf7, 0xfffffff8, 0x7, 0xa, 0x2, 0x1, 0x100, 0x7f, 0x4, 0x101, 0x6b0, 0x71, 0x1000, 0x8, 0x707, 0x2, 0x9, 0xd1ca, 0xffffff00, 0x70, 0x3e2a, 0x1, 0x6, 0x2, 0x75a7, 0x7ea, 0x6, 0x96, 0x0, 0xffff, 0x4, 0xa, 0xb, 0xb84, 0x80000002, 0x1, 0x5, 0x71d, 0xfff, 0xd69f, 0x1, 0x6, 0x1, 0x8, 0x8, 0x1ff, 0x6, 0x400000, 0x4e, 0x101, 0x2, 0x0, 0x9, 0x2, 0xc, 0x8, 0x308, 0x7fff, 0x7, 0x6, 0xfffffffb, 0x3, 0x0, 0x2, 0x1, 0x8, 0x0, 0x9, 0xfffffff9, 0x1, 0xd, 0x80000000, 0x46, 0xfdc, 0xffffff8a, 0x10, 0x2, 0x1, 0x6, 0x9, 0x0, 0x3, 0x7, 0x1c0001, 0x7, 0xfffffff7, 0x6, 0x0, 0x1, 0x6, 0xb, 0x9, 0x8, 0x1, 0x80000000, 0xf9, 0x8, 0x2, 0x92c9, 0x80000001, 0x1c000, 0x3, 0x10000, 0x9, 0x9, 0x0, 0xb, 0x28, 0x2, 0x6, 0xd77, 0x4, 0x5, 0x4, 0x9, 0x0, 0x6a7b, 0x1, 0x6, 0x5, 0x6, 0x10000, 0x1, 0x0, 0x9, 0x0, 0xfffffff7, 0x4717, 0x0, 0x7ff, 0x3, 0x0, 0x7, 0x78c, 0x3, 0x1a, 0x2, 0x4, 0x6, 0x800, 0xc13, 0x81, 0x90, 0xb64, 0x1, 0x1, 0x0, 0x7, 0xcc66, 0xffff48d1, 0x7, 0x91, 0x32, 0xb, 0x401, 0x6a3, 0x6, 0x6, 0x1d, 0x3, 0x1, 0xffffffac, 0x63c, 0x8, 0x5, 0x5, 0x3, 0x5, 0x10001, 0x2, 0x3, 0xfffffe00, 0x0, 0x9, 0x1, 0x400, 0x1ff, 0xd, 0xe64, 0x5, 0xfffffffc, 0x7ff, 0x200, 0x320, 0xb0c, 0x7, 0x5e37, 0x8a, 0x6, 0x0, 0xff, 0x0, 0x7, 0x8, 0xfffffffc, 0xdb2, 0x3, 0x0, 0xfffffffb, 0x7fffffff, 0x5, 0x2, 0x9, 0x9, 0x0, 0x6, 0x80d, 0x0, 0x1, 0x10, 0x7, 0x0, 0x40, 0x1000, 0x8, 0xb, 0x8000, 0xfffffffd, 0x9, 0x0, 0x9, 0x0, 0x73db, 0xbac5, 0x9, 0x51, 0x4, 0x200, 0x401, 0x8, 0x400, 0x3, 0x8c7, 0x1, 0x8, 0x4, 0x2, 0x8, 0x0, 0x7990, 0x9, 0x8]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x7, 0x6, 0x4, 0x2, 0x1, 0x0, 0x7, 0x4, 0x9ba, 0x9, 0x40, 0x8, 0xc2bc, 0x8, 0x4, 0x3, 0x1, 0xe5, 0x8001, 0xc, 0x4, 0x1, 0x8, 0xb, 0x3, 0x3, 0xffff, 0x5fb, 0x8001, 0x7fff, 0x97c, 0x6, 0x1, 0xd, 0xc8e4, 0x3, 0x3, 0x7, 0xd, 0x8, 0x4, 0x0, 0x9, 0x7fffffff, 0x5, 0x6, 0x2c, 0xfffffff9, 0xfffffffd, 0x8001, 0x3, 0xfffffffc, 0x6, 0x5, 0x4, 0x2, 0x9, 0x1, 0x81, 0x800, 0x6, 0xf, 0xdb9, 0x1, 0x7, 0xa42b, 0x3ff, 0x8, 0x7fff, 0x7744, 0x6, 0x1, 0x4, 0x4, 0xb21, 0x2, 0x0, 0xf, 0x200, 0x3ff, 0x4, 0x4, 0x4, 0x40000bd, 0xc43, 0x80, 0x1, 0x8697, 0x2, 0x2, 0xdd, 0x3e2, 0x400, 0x5, 0x3ff, 0x8, 0x3, 0x9725, 0xd541, 0xd52, 0x6, 0x6, 0x7, 0x683, 0x9, 0x9, 0x3, 0x5, 0x400, 0x7fffffff, 0x6, 0x2, 0x4, 0xfffffffc, 0x2, 0x7f, 0x8, 0x1, 0x80, 0x0, 0x20, 0x635fb9e6, 0x2, 0x200, 0x0, 0x3, 0xfffffffb, 0xdf, 0x875, 0x950, 0x8, 0xffffffff, 0x1, 0x6, 0x9814, 0x8, 0xc, 0x8, 0x7, 0x8, 0x9, 0x9, 0xfffff000, 0x0, 0x7, 0x3, 0x21d9, 0x7, 0x5, 0x4, 0x9, 0xfffffffa, 0x0, 0x2, 0x10000, 0x4, 0x6, 0x4, 0x6, 0xff, 0xfffffff7, 0x7, 0x40, 0xa, 0x0, 0xca62, 0x7, 0x1, 0x5, 0xffffffff, 0x4, 0x94, 0x800, 0xb, 0xe, 0x5, 0x0, 0x9, 0x7ff, 0x2, 0xbb, 0x0, 0x401, 0x8001, 0xa2, 0x10000, 0x5, 0x0, 0x0, 0x6, 0x1, 0x5, 0xffffff84, 0x5, 0x10000, 0x9, 0x8, 0x2, 0x380, 0x6, 0x7, 0xffff, 0x8, 0x200, 0x5, 0x200, 0x0, 0x8, 0xfffffff8, 0x3, 0x0, 0x4, 0x0, 0xd0db, 0x7, 0xfffffffa, 0x2, 0x400, 0x81, 0x3ff, 0x2, 0x8, 0xffffffff, 0x8, 0x5, 0xda99, 0x4, 0x2, 0x67cf, 0x3ff8, 0xea50, 0xfffffffb, 0x5, 0xa27, 0x11, 0x1, 0x3, 0x4179, 0x9b6, 0xf, 0x80, 0x0, 0x7, 0x0, 0x2, 0x4, 0x0, 0x4, 0x0, 0x1ff, 0x7, 0x5, 0xbf70, 0x2, 0x1, 0x97f]}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x88c}}, 0x4048040)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$IPVS_CMD_FLUSH(r4, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="66010000", @ANYRES16=r5, @ANYBLOB="200029bd7000fedbdf25110000003800018014000300000000000000000000000000000000000800060077727200060001000a0000000800080001000000060001000200000008000600070000002800028014000100fc02000000000000000000000000000005000d000100000008000300040000003400018014000300e0000001000000000000000000000000080009001500000006000100020000000c00070010000000080000000400018008000500080000004000028014000100ac1414bb000000000000000000000000060002004e21000006000e004e24000006000f00070000000800040008000000060002004e210000080006000000000008000500000000005800038008000500e0000002050008000200000008000100020000000600040007000000080003000000000014000200736974300000000000000000000000000800010002000000080003000000000005000800fc000000"], 0x164}, 0x1, 0x0, 0x0, 0x4000851}, 0x20008000)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = socket(0x10, 0x803, 0x0)
recvmmsg(r6, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

97.717949ms ago: executing program 6 (id=595):
readv(0xffffffffffffffff, &(0x7f00000014c0)=[{&(0x7f0000001240)=""/192, 0xc0}], 0x1)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000001200)={0x0, 0xffffff1e, 0xffffffff, 0x4, 0x16, "001bf100eeff0000a2c2000100000000002000"})
r0 = syz_open_pts(0xffffffffffffffff, 0x101)
ioctl$TCSETSW(0xffffffffffffffff, 0x5403, &(0x7f0000000040)={0x2, 0x9, 0x6, 0x81, 0x1a, "2017461f1ffeb8a6c4174615daaa6fd0c92ede"})
r1 = dup3(r0, 0xffffffffffffffff, 0x0)
write$UHID_INPUT(r1, &(0x7f00000001c0)={0xa, {"08c39ee52f329f1698b1c4865f8b540a5eee9f496a0809c3d20325867b6edda88489ab4c09fe0a7f1e8640aa8e344f412df0d69475a5d6570e21f31fac7dfb4aa7ade0e851582d5c1abdd809580cb34c9e48576b1c73ed76023256fca058ada3db47d86cc75b33cf762b67fe61f152618c49a40858f68794a4fc484ab73ccd254ba3d147f5feddaf91dacc238c0a8096f79597ca1e6da781fcf37a0141a335c6a7577d2d53c6e552a7be208381bb31d1d3e0e92ea651655217535734b286d3f19780a4c720075a36a734151f8c00e651cb3a6bbe30e3f6aee48750436da6471e965e81f38134674fcb697108fb7345010bb8fa15fba9b33355d7858327171ab9c68f6c21b2ffbff4eb061dab80bc77a4a7769e7ff73bcd98790e09415bfc5978cf5af45c3ec9ef9c1a39f766c59d59590281038dbcb765580ba2b3f141d5bbfc40910a0894cd1f22d2a8b6d4e4778debef99438b54d44b4b7568de2777431a5b2f3e8d1a45a60a468f5e33e8ef534f803dfb6798c270f52edf031ecd996bb78c4e92961c63c079676d77412ebc6074e5f235417785e7a14b14ce7626b015071c154cc2bf8f4499b93293e9997c23df4c7a1498cf12414fb31eb873728e4f613b540d22e7ca718f18da5b82ed24995e4309c3af4a2e1097465bf09728082d09e71ea365522035eb9772b8e072f8454777ee304dacd59d3eb9f933f151fa14f8c38eadbeba04810a2dea7a66824f09235c13a45f07870210d0d310ce3ae6284577bd4e65f32700f6723727926cb52e4f27776a1dab0f6668327ab5cf1893879a635261f2e0d9923ccecbf5b80f10a8275c1515f47930d614e787f14c105d3a4f8faf8e7f738cf4eae4fc39ef3db3cb87794ace87f7239b69dc4ab4e5ae57cdfbd309e847d99600ef14b51faead01e8ade57d24270bc13a1787896096eeacb8ab1c93d31d93cfb244bb09ecfecf336362a5656db7df327cbb9aeb898f8af229c7bb9452805f2b4510c5df86b6d564e01f000000167ade5205331523a6392af2bea9e6db0ba5480cbf1b202714233289c4017cb66e83c0c8b6e88bedb922162d0ceecf6c5da173bbefe6781ab7720d2be6cca378db650c69d4228141ae190922fbbaddb86c7f0fe138b704e8305b3bcc7910b2280d96d71dafdbfa876b0013fc4de586f85d9ee077b6349becbdca8bd989a51c4c76ed8a8cc691a65078e0272a62edec8236a779f0cbffeda49dcdccd4def7064e0d77ae5a8c64f3057b4a3a0d4457d33f2bc6c112378315411baa4bb126fe540d750491fc58fbb66911ef82bce5ed76872dbcd8e05dea2f3f347a653aa39ab5d75e71671bfeb924e71476134dbf91e3f287fd853cc34bf81e717edd41aa04b6fbeb43cf2074f0c8fe5350401b6cff801c147a3b58b972aa5652629a9fd8b1df2852708ce958d4e9974ec4383aa5da4e3f75fdc85981e97b75863546f67a8703673b6fe2c26f0e9eeb8c45c26f673adac55fa5d69b82ae7d032fd3b26866047e8c029b90a62794a89c11398944b398b4177b2dcc5a743c16d4a5333b1e30af678d3db8df849c1753db067a6f94bab00c0dd3c7e94a8675924c89bda98ac09e10bcdf83f5114b9b466c413477a5cdc48c857230798934bcc1f0eb3a2d2944b139e459af32e515785f46ed4e97cdcb23c7e4dc7c4f91b5b5ca5228344aeb6652fffaf31325c7429bc70a5f6beaaa98ef190dffdeccc94bd814b3edfdd48243bf34291076ab5438ee00e924a827d5b453df42d24144fe1a45bb6c84fcbb2143d0a561c1e867c1279bdf0a47061ea77a84f36c720aff785f0db10eda84c767b5f3874f9455c0f026735ded32f0403ef7dbcf97d2233d59c670114ddf89314ba74fc248bcbdbf43c24e46304e229b3cf583aa410f4dfd119152495da8737518ee2a05a8ca1f004be3c551408f2e4013e444b63bf2bb26ddeae505642dffcc989ee241c48741181b506e22fdc4530319522780c74bf786852dc66ebbb51f8ecbb1e35de09ef7afe589bb8a31c5d63477db5d5e7174694ea04cfa98057d39127a4e5eedb4897a491c6693acd0a036abf846f3b6f3006e5e5fd586f29a4a8a31abbccf732e4f1b88187a72d669c16302657e9cbbeb9322662e111edc7771526400b6123d0f8207bcaa38bee07043e36e223d418ac948d65e7acfe72cc3fdcf03a3e43ecfec8ae489ddba09126709c5c7968829e3504de8a5010c9372de09476a7b96b04d7aed2486d8f89f21f075321abe350024abe00a81f87df3dc372fc3206496776c26b6958243070bda4cace3e358da5d39a3945765c2ba4b002b06efd416af66f3343f218ed84550ea83f02f9a5c3fc677ea60987aa25f0406d6154081cfdc074814a2465accdfa102858f5a52c9eae293c56ddcaf8f6926d3dd0ccb51a30c960d6b7e473038ebd3702b5106f6bc040efdfd7169fd3f2dc42ff23de26a239e13b74278729fd7e843b38a35c55fd50181ac13a9cbbbfd8feb36afaeb1993349c0ac5a0c44ffd92919dfe272b0f8ed7df7198cd299715f021109a58dced4753d3c7ddd6e9ea01596f18b2fe7000000004ccfca57aed5b5cebdff65de480a56bd53f4c7f83ddef00d7c9686311d1fce76f320bb3222a11db30ba6ed31535d8fda61e694478ca9935d72719b8d6b9be88ae3df30b60ee251b919b4d1734b994c62accdf855488b351738331b462eccf27efdc5577d7a5548579dc90d227a42ac010f33a720dc3cf0a63454f8b07c775287495761a058ec1e28e6aaf8057241f4ef8b5de56e279355bb66630c4ddf35e7c2cfff26a4241b1df0379d2a1e9f959e46d3843f89844ead50aff44640fcbc4a1edb033afff7cc9e57c4f8d31900764233e11fa4c28e547788c1b00de4268df692ba3415a9ad90fa712f9618f5ecff57da32809380eeff040cd3b23f508614c72b303cec3bcd732708303b166193366a062b9cea536f28478c387e626744c6a611a8e7162d274efccc84eee8eb31d3310c86752777dd5b5ffe234e895c54909f19a4aabcf3c15b90c02170409e314fd90e766ec4ba93c8ec6321237a980ad3c32fb2fab69e57541ea7f5427a85c2c57d40f9ebe9de5572f46a4713fb28e0af42d0adef3e29195aa41a3ba318181512eebfadffede4e35ff7f975928edc5d4d9f2d931fb44b30e1df55e66c52e1648e9cdaf71221b57c6a6b087428ccc57ade5b1531341cba2be452b426c434c70fd8c493337d4995cbd76ea1dd545226e3eb59d5f94ffb5352f87a4a66cd7c5e88322404fd397c46e198646a9c819d0eb1f10e54d8a3ea912f1cb134ff1095aa7325287f6ea9af8c13b67d6abcbb70dbc06838ecb33e45b60f6cb832c3e72d1401770f66bd02f35a2d007815ab676099e31f5102000000c0e83d5e7107c8dc5830c9cddb9781185b94d7f2814c5058ba3ac54c268741c5728f4997a9628602c2a36090162379f3f37c47619b3e7c7397a5913b7060b51e0c7f7226ff1135444f866f89a4b74136cbd3acb7178bd63183b3fd9cd19fdeb6fcc6341910ad4605da76a9af4bfb8b75fcd666f8188902b380ae560d9aa04f8f9b0ac5c109d1824a470726e06a49d955f8f71c8a86081e75b13f62600deb941da181eaff544cd559c467d8dae432debd22e7a7b3e1ad731a5b9470f5f60423dda061ff899c07c79f3da34f38e1d8182d6ee0c36c602945509167be440382a8a8a759b20e41638fd57152029b190b5701d30a86f579e2d0cc53a2f809ca9bd3aba1eb2772a7acc35c4d983afa83a9baea35c0ed4931234719636cf8f5fe1884bde6cebbdf23bd62b1ebf0a5cb78c27295349bd7d5cf28c4ee4689497238fd3aa71a417914e6892667a56bd69dc2e5882cfb67df71494e9a9199e025892e4e7435f727636cd988cc7563d28db5133f649849c5b3973a3428de10ad39d96146b22acc50f50eee5a038876452b960686892de40efe30081ccdaa2bf64af78d5988026e529b36c62a21378ac42d220d0dd878010178e374e6dbb2b61206066d04e729ed03c6fd9a4e00547fe9304aec0925d85a0acd07fdc5d48c1a1cff656916f5d25952327792255e0d606a32517781cc3d737ec753eb95b5b5b95dabd8946907ab54cc85d05b475e2e5486c6fc070417198d3a50910e2949d20d3fa68fd327934cff5171224942b8f18d88947763a7c710d09c4b269bdf2d3e715329917fb70728a4a0530999b755ba8fc04deabf4bc4bcffc4d62d491538c65078122bf2c263ae0020af67cfc9cf19e5b929e086af281fb43d5504d728935c5cfac136eb81703d50fddb39a5a713b2914c6acd9b2d07819cf7bba495ac5734fe423e611d309b80eeafcf9053d51b0ab3c29d5ca5eb8861ffc1ebc4d53f361b8991baecb52860c15202f979e34054fcde869d018103ccd6d914a70f1840fc6aaf426beec975ddb980b19b0f4cc2ca393c0b9e6ebe5e7d1c9fc1ef7a1c91378f0b73262993fb80667ecf62bac3c47cbd002ae1b87b8dc3ec99d5c987765d778868eb55022cc3bed14b8f934a584bcc98fa0b4f6e6982ab8d8a2bb49f9074ef429dd7b8db332a96ccec6983a97be7c8634c02e7937ffc8d613b83aa375886bf40a87ec062090382f874bf2c8e5fbb58ac18a46c4d9e85af3ca21bdacb7755f49776b0eb3972ff682c84beb07d74cbe2764e378253e72128991b73d2730704a5448280e8a0fd8cc87d4cddcffbfe5525ae3d2304877a3988e33c8e12bf77793e753f25840e9af2ce56bdb999fc62623a2298b4244534f662eb398a2577c72f6cfd5174697dcee151d4f3a7293b11de3889c43744da4165aca4e4a1e926d37ae4d7471584a06f3641f2037a74a58c2397a594f29d142d59f91bb57e24e1a3f30f68c626033cc34895c1b16d62e3a375c3e09f5dbd9338cd3a500643143cd404b57019c648c3ec31d696233fe16efc3c4c84aca0830ca8b9fbf1144b98d82f41e4cf67631c74cdcf8d9c8b8556b876ff1592683ccac0b47a26cb3a2cb1b917f433bb54e0b53deae9ac4b1cd0594c1fa0e6744e7ed88fdac60901e3da989f3b0d7c12b140cc576fa1b0e8e705321d37c303691aafc9fed9c3dc419078d0925ead56455ea5f3cd57941e410c1c14c2e8972d7cca44fcaca1f64fc817f4a41b6d9fb237fed159cb09e788ae560726537f49cb64b9f60915d402e0931355c55ad792cde758548b1af54b196e414046d4af3579a6c30ceac3d68bbfd2adef309c064e759a9f0dd69d682a3880b8ff27b69abffaa45ee7e65d8f1f6e40c188f6249fdf72220b4c87243217ba0292b9e9b67ebeda4fb83406216a4d765812bafeff34cc57f7d2cd1608282079c076055b9cabffe5fa491b970291bc2672540ccc15ed877d7dbe3ef683724c715ace770905e48c2dc6a44e1fc095773676d070eac00ee3834b07590cba7093f56b678313870471c81599d34c53fc03ec6c913d8ba3f604ace8da12d2025cbb5000bc062f4db65a6feacaf3915206d1c15ce7e78c17dc2ea32cb57d6fab0a22d487c77118e75016006f812541ec8180a321287a2d57248d4ee4a19706a19d802c70e250c3b0fc400a0b5cdc06537d2f55fd5300be4eeeaab8cc481a84b6a5e17d8c47ec92fe40710d4ec3530a94ca16710ade2ec7562398106e0ddbb6c8af6412166afd99d45d29a3a967e58decd0d6fc5bebb98d639b5606efd358a43d635d50f0ccb8472197da604994e7fb700243d5f7e45700", 0x1000}}, 0xffffff5c)

97.364139ms ago: executing program 2 (id=596):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000004c0)=ANY=[], 0x48)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
close_range(r1, 0xffffffffffffffff, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
ustat(0xffffffff80000001, 0x0)
r3 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r3, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @loopback}}, 0x80, 0x0, 0x0, &(0x7f0000001a00)=ANY=[], 0x10b8}, 0x0)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
close(r4)
dup(0xffffffffffffffff)
newfstatat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', &(0x7f0000000100), 0x4000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002080)={&(0x7f0000000300)='kfree\x00', r0}, 0x10)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)
creat(&(0x7f00000000c0)='./file0\x00', 0xc9028ba210c11f88)

97.065549ms ago: executing program 5 (id=597):
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000080)=r0, 0x4)
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @empty, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "fca33f", 0x8, 0x0, 0x0, @dev, @local, {[@routing={0x0, 0x0, 0x0, 0x5}]}}}}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$netlink(r1, &(0x7f0000000000)={0x10, 0x0, 0x0, 0x80065c9}, 0xc)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x3, 0x1}, 0x8002, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r2, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000100000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c20000000800450000280000000000069078ac1414bbac1414aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5cc24600b427af9ceb000090780000"], 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000080)=r0, 0x4) (async)
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @empty, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "fca33f", 0x8, 0x0, 0x0, @dev, @local, {[@routing={0x0, 0x0, 0x0, 0x5}]}}}}}, 0x0) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
bind$netlink(r1, &(0x7f0000000000)={0x10, 0x0, 0x0, 0x80065c9}, 0xc) (async)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x3, 0x1}, 0x8002, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) (async)
socket$inet_dccp(0x2, 0x6, 0x0) (async)
connect$inet(r2, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async)
sendmsg$NFT_BATCH(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000100000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0) (async)
syz_emit_ethernet(0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c20000000800450000280000000000069078ac1414bbac1414aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5cc24600b427af9ceb000090780000"], 0x0) (async)

36.55308ms ago: executing program 6 (id=598):
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000300)='./file1\x00', 0x10, &(0x7f0000000680), 0x1, 0x254, &(0x7f00000006c0)="$eJzs3T1oJGUcBvBnZnc9c7fIqY0gfoCIaCCcnWBzNgoHchwiggonojbKRYgJdomVjYXWKqlsgtgZLSVNsFEEq6gpYiNosDBYaLGyOxvJx+qqm+zIze8HszPvzsd/Zneed7bY2Q3QWOeTXEzSSjKbpJOkOLjA3dVwfthcndm8mvR6T/xcDJar2pX99c4lWUnyUJKNssjL7WRp/ZmdX7ceu++txc69H6w/PTPVgxza3dl+fO/9y29+fOnBpS+//vFykYvpHjquk1eMeK5dJLecRrH/iaJd9x7wT1x5/aNv+rm/Nck9g/x3UqZ6895euGGjkwfe+6t13/npq9unua/Ayev1Ov1r4EoPaJwySTdFOZekmi7LubnqM/y3rbPlK/MLr82+NL947YW6eyrgpHST7Uc/PfPJuSP5/6FV5X+oVetOAqein/8nr6x915/ek3JohjuqUT//s88t3x/5h8aRf2iQFw+1SvmH5hqf/1q+ogNMges/NJf8Q3PJP1zHOn8/W/6hueQfmkv+obkO5h8AaJbembrvQAbqUnf/AwAAAAAAAAAAAAAAAAAAHLc6s3l1f5hWzc/fTXYfSdIeVb81+D/i5MbB49lfiv5ifyqq1Sby7F0TbmBCH9Z89/VN30/8Ek7kizvrrJ4sX0tW3khyod0+fv4Vw/Pvv7t5zPzO8xMW+JeKI+2Hn5pu/aN+X6u3/qWt5LN+/3NhVP9T5rbBeHT/0x3/E8tjvfrbhBsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgav4IAAD//7ANbcM=")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000f4)
ioctl$USBDEVFS_CONNECTINFO(r0, 0x40085511, &(0x7f0000000000))
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108)
getdents64(r1, &(0x7f00000000c0)=""/55, 0x37)
getdents64(r1, &(0x7f0000000f80)=""/4081, 0xff1)

15.03264ms ago: executing program 6 (id=599):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000740)='./cgroup.cpu/syz0\x00', 0x200002, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
getpid()
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
syz_open_dev$evdev(0x0, 0x2, 0x822b01)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x3, 0x2, 0x3, 0x1, 0x0, 0x16}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1e, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
write$tcp_congestion(0xffffffffffffffff, &(0x7f0000000300)='reno\x00', 0x5)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000050000000900000001000000", @ANYBLOB='\x00'/10, @ANYRES32=0x0], 0x48)
getsockname$unix(r1, &(0x7f0000000780), &(0x7f0000000800)=0x6e)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r3, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
pipe(&(0x7f0000000040))
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x40082, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)

0s ago: executing program 2 (id=600):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000540), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, 0x0, 0x200, 0x70bd2d, 0x25dfdbfb, {{}, {0x0, 0x4101}}}, 0x1c}, 0x1, 0x0, 0x0, 0x101}, 0xc10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = syz_io_uring_setup(0x3341, &(0x7f00000014c0)={0x0, 0xc782, 0x80, 0x7ffffff, 0x13c}, &(0x7f0000001680)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000040)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000280)=@IORING_OP_LINKAT={0x27, 0x4, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff, 0x1000})
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
socket$inet_tcp(0x2, 0x1, 0x0)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x2001, 0x0)
clock_adjtime(0x6, &(0x7f0000000340)={0x2, 0x0, 0x4000000000000, 0x0, 0x6, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x5})
creat(0x0, 0x8)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000900)={0x11, 0x5, &(0x7f0000000700)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000080)={0x0, r2}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYRESHEX=r0], &(0x7f0000000400)='GPL\x00', 0xfffffffe, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r6, 0x0, 0xe}, 0x18)
symlink(&(0x7f0000001780)='./file0/../file0\x00', &(0x7f00000017c0)='./file0\x00')
r7 = openat$selinux_relabel(0xffffffffffffff9c, &(0x7f0000000cc0), 0x2, 0x0)
write(r7, &(0x7f0000000d00)="165886de73cec519b5f14a6e5323c5095f25a9ef0195fe1cd99ce34a54b4975d7620970d", 0x24)
acct(&(0x7f00000001c0)='./file0\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kfree\x00', r6}, 0x18)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_WIPHY(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000800)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r9, @ANYBLOB="658300000000feffffff0100000008000300", @ANYRES32=0x0, @ANYBLOB="033f96643de26dc306645d0c2af30c38094b896c61e55d4647a2aa4a559af56d6a1cc516f2450e48ee76f950c15cab32ed4caa9651588b81f11e11411798acf3e8c95ea40c542b60231af368269e56618b1a3a4e3504c7df7ede37590b5f5f01ea5d59532f4907431858ac5aee292757a69f6b6f56fc76bfb81c6d2c88c430123e0e804130d618e5f31ee8d90f4c14b4228c54e9db59dd3d7c61d7fc5abee017c9ff4a55859b9507564746e92d80b2dfb4440e205e69f4e0f5e5afbd26225188cbf804a2b371d3e6d5"], 0x1c}}, 0x88b4)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r10}, 0x10)
socket(0xa, 0x2400000001, 0x0)

kernel console output (not intermixed with test programs):

.858800][ T4157] RIP: 0033:0x7f651135d169
[   55.858869][ T4157] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   55.858888][ T4157] RSP: 002b:00007f650f9c1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   55.858908][ T4157] RAX: ffffffffffffffda RBX: 00007f6511575fa0 RCX: 00007f651135d169
[   55.858921][ T4157] RDX: 0000000000000000 RSI: 00004000000000c0 RDI: 0000000000000006
[   55.859004][ T4157] RBP: 00007f650f9c1090 R08: 0000000000000000 R09: 0000000000000000
[   55.859017][ T4157] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   55.859028][ T4157] R13: 0000000000000000 R14: 00007f6511575fa0 R15: 00007ffe81fef778
[   55.859048][ T4157]  </TASK>
[   56.107045][ T4159] loop2: detected capacity change from 0 to 512
[   56.137725][ T4159] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   56.163345][ T4166] bond1: entered promiscuous mode
[   56.168482][ T4166] bond1: entered allmulticast mode
[   56.175089][ T4166] 8021q: adding VLAN 0 to HW filter on device bond1
[   56.188689][ T4166] bond1 (unregistering): Released all slaves
[   56.198241][ T4159] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   56.211901][ T4159] ext4 filesystem being mounted at /50/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   56.238171][ T4159] FAULT_INJECTION: forcing a failure.
[   56.238171][ T4159] name failslab, interval 1, probability 0, space 0, times 0
[   56.250969][ T4159] CPU: 1 UID: 0 PID: 4159 Comm: syz.2.245 Tainted: G        W          6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[   56.251005][ T4159] Tainted: [W]=WARN
[   56.251014][ T4159] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   56.251056][ T4159] Call Trace:
[   56.251063][ T4159]  <TASK>
[   56.251070][ T4159]  dump_stack_lvl+0xf2/0x150
[   56.251103][ T4159]  dump_stack+0x15/0x1a
[   56.251130][ T4159]  should_fail_ex+0x24a/0x260
[   56.251167][ T4159]  should_failslab+0x8f/0xb0
[   56.251208][ T4159]  kmem_cache_alloc_noprof+0x52/0x320
[   56.251235][ T4159]  ? skb_clone+0x154/0x1f0
[   56.251309][ T4159]  skb_clone+0x154/0x1f0
[   56.251336][ T4159]  ip6_finish_output2+0xa64/0xd60
[   56.251358][ T4159]  ? nf_nat_ipv6_out+0x187/0x230
[   56.251379][ T4159]  ? __rcu_read_unlock+0x34/0x70
[   56.251407][ T4159]  ip6_finish_output+0x438/0x540
[   56.251526][ T4159]  ip6_output+0xf5/0x230
[   56.251564][ T4159]  ? __pfx_ip6_finish_output+0x10/0x10
[   56.251599][ T4159]  ? __pfx_ip6_output+0x10/0x10
[   56.251642][ T4159]  ip6_local_out+0x76/0xd0
[   56.251670][ T4159]  ip6_send_skb+0x5a/0x120
[   56.251689][ T4159]  udp_v6_send_skb+0x7ad/0xc30
[   56.251734][ T4159]  udp_v6_push_pending_frames+0xd7/0x120
[   56.251770][ T4159]  udpv6_sendmsg+0x9fd/0x15b0
[   56.251869][ T4159]  ? __pfx_udplite_getfrag+0x10/0x10
[   56.251910][ T4159]  ? __pfx_udpv6_sendmsg+0x10/0x10
[   56.251965][ T4159]  inet6_sendmsg+0xaf/0xd0
[   56.251999][ T4159]  __sock_sendmsg+0x8b/0x180
[   56.252034][ T4159]  ____sys_sendmsg+0x326/0x4b0
[   56.252069][ T4159]  __sys_sendmsg+0x19d/0x230
[   56.252162][ T4159]  __x64_sys_sendmsg+0x46/0x50
[   56.252239][ T4159]  x64_sys_call+0x2734/0x2dc0
[   56.252265][ T4159]  do_syscall_64+0xc9/0x1c0
[   56.252373][ T4159]  ? clear_bhb_loop+0x55/0xb0
[   56.252405][ T4159]  ? clear_bhb_loop+0x55/0xb0
[   56.252499][ T4159]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   56.252529][ T4159] RIP: 0033:0x7f118984d169
[   56.252585][ T4159] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   56.252602][ T4159] RSP: 002b:00007f1187eb7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   56.252625][ T4159] RAX: ffffffffffffffda RBX: 00007f1189a65fa0 RCX: 00007f118984d169
[   56.252639][ T4159] RDX: 0000000000000000 RSI: 0000400000000040 RDI: 0000000000000006
[   56.252654][ T4159] RBP: 00007f1187eb7090 R08: 0000000000000000 R09: 0000000000000000
[   56.252666][ T4159] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   56.252677][ T4159] R13: 0000000000000000 R14: 00007f1189a65fa0 R15: 00007ffd8b9ba8e8
[   56.252726][ T4159]  </TASK>
[   56.527191][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.553028][ T4173] loop4: detected capacity change from 0 to 512
[   56.574093][ T4173] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   56.610036][ T4173] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   56.667589][ T4173] ext4 filesystem being mounted at /52/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   56.712538][ T4177] loop2: detected capacity change from 0 to 512
[   56.783254][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.795734][ T4177] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   56.815154][ T4177] EXT4-fs (loop2): orphan cleanup on readonly fs
[   56.848253][ T4177] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.249: Failed to acquire dquot type 1
[   56.886970][ T4177] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.249: bg 0: block 40: padding at end of block bitmap is not set
[   57.006260][ T4177] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6550: Corrupt filesystem
[   57.086869][ T4194] loop1: detected capacity change from 0 to 512
[   57.109049][ T4194] EXT4-fs error (device loop1): ext4_orphan_get:1389: inode #15: comm syz.1.256: casefold flag without casefold feature
[   57.123033][ T4194] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.256: couldn't read orphan inode 15 (err -117)
[   57.137796][ T4194] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   57.143371][ T4177] EXT4-fs (loop2): 1 truncate cleaned up
[   57.161295][ T4197] FAULT_INJECTION: forcing a failure.
[   57.161295][ T4197] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   57.174455][ T4197] CPU: 0 UID: 0 PID: 4197 Comm: syz.4.257 Tainted: G        W          6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[   57.174491][ T4197] Tainted: [W]=WARN
[   57.174499][ T4197] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   57.174514][ T4197] Call Trace:
[   57.174521][ T4197]  <TASK>
[   57.174529][ T4197]  dump_stack_lvl+0xf2/0x150
[   57.174559][ T4197]  dump_stack+0x15/0x1a
[   57.174619][ T4197]  should_fail_ex+0x24a/0x260
[   57.174735][ T4197]  should_fail+0xb/0x10
[   57.174768][ T4197]  should_fail_usercopy+0x1a/0x20
[   57.174821][ T4197]  strncpy_from_user+0x25/0x210
[   57.174851][ T4197]  ? kmem_cache_alloc_noprof+0x18e/0x320
[   57.174878][ T4197]  ? getname_flags+0x81/0x3b0
[   57.174973][ T4197]  getname_flags+0xb0/0x3b0
[   57.175015][ T4197]  getname+0x17/0x20
[   57.175054][ T4197]  __x64_sys_execve+0x40/0x70
[   57.175085][ T4197]  x64_sys_call+0x1333/0x2dc0
[   57.175192][ T4197]  do_syscall_64+0xc9/0x1c0
[   57.175231][ T4197]  ? clear_bhb_loop+0x55/0xb0
[   57.175314][ T4197]  ? clear_bhb_loop+0x55/0xb0
[   57.175445][ T4197]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   57.175473][ T4197] RIP: 0033:0x7f6db1dfd169
[   57.175488][ T4197] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   57.175538][ T4197] RSP: 002b:00007f6db0467038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[   57.175615][ T4197] RAX: ffffffffffffffda RBX: 00007f6db2015fa0 RCX: 00007f6db1dfd169
[   57.175630][ T4197] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000400000000400
[   57.175645][ T4197] RBP: 00007f6db0467090 R08: 0000000000000000 R09: 0000000000000000
[   57.175659][ T4197] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   57.175673][ T4197] R13: 0000000000000000 R14: 00007f6db2015fa0 R15: 00007ffe44992e78
[   57.175693][ T4197]  </TASK>
[   57.183994][ T4177] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   57.411735][ T4205] loop4: detected capacity change from 0 to 1024
[   57.448153][ T4205] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   57.471734][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.540408][ T4210] loop2: detected capacity change from 0 to 512
[   57.557067][ T4210] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.261: Failed to acquire dquot type 1
[   57.569763][ T4210] EXT4-fs (loop2): 1 truncate cleaned up
[   57.594821][ T4210] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   57.608679][ T4210] ext4 filesystem being mounted at /53/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   57.667876][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.805885][ T4221] 9pnet_fd: Insufficient options for proto=fd
[   57.836449][ T4221] loop2: detected capacity change from 0 to 128
[   57.982073][ T4233] netlink: 4 bytes leftover after parsing attributes in process `syz.3.268'.
[   57.992460][ T4221] syz.2.264: attempt to access beyond end of device
[   57.992460][ T4221] loop2: rw=2049, sector=145, nr_sectors = 896 limit=128
[   58.013388][ T3298] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.171097][ T4255] netlink: 16 bytes leftover after parsing attributes in process `syz.1.276'.
[   58.187521][ T4257] xt_hashlimit: max too large, truncated to 1048576
[   58.195587][ T4250] loop2: detected capacity change from 0 to 736
[   58.202361][ T4252] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[   58.208917][ T4252] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   58.216682][ T4252] vhci_hcd vhci_hcd.0: Device attached
[   58.233280][ T4257] xt_limit: Overflow, try lower: 0/0
[   58.253908][ T4258] hub 4-0:1.0: USB hub found
[   58.258869][ T4258] hub 4-0:1.0: 8 ports detected
[   58.279365][ T4257] ref_ctr_offset mismatch. inode: 0xff offset: 0x7 ref_ctr_offset(old): 0x2 ref_ctr_offset(new): 0x388000003a8
[   58.309625][ T4253] vhci_hcd: connection closed
[   58.310797][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.325243][   T28] vhci_hcd: stop threads
[   58.329553][   T28] vhci_hcd: release socket
[   58.333986][   T28] vhci_hcd: disconnect device
[   58.348016][ T4250] rock: directory entry would overflow storage
[   58.354243][ T4250] rock: sig=0x5850, size=36, remaining=14
[   58.633352][ T4278] loop3: detected capacity change from 0 to 128
[   58.678258][ T4278] syz.3.282: attempt to access beyond end of device
[   58.678258][ T4278] loop3: rw=2049, sector=145, nr_sectors = 896 limit=128
[   58.701401][ T4278] syz.3.282: attempt to access beyond end of device
[   58.701401][ T4278] loop3: rw=524288, sector=145, nr_sectors = 224 limit=128
[   58.715379][ T4278] syz.3.282: attempt to access beyond end of device
[   58.715379][ T4278] loop3: rw=0, sector=145, nr_sectors = 8 limit=128
[   58.728566][ T4278] syz.3.282: attempt to access beyond end of device
[   58.728566][ T4278] loop3: rw=0, sector=145, nr_sectors = 8 limit=128
[   58.741709][ T4278] syz.3.282: attempt to access beyond end of device
[   58.741709][ T4278] loop3: rw=0, sector=145, nr_sectors = 8 limit=128
[   58.765709][ T4278] syz.3.282: attempt to access beyond end of device
[   58.765709][ T4278] loop3: rw=0, sector=145, nr_sectors = 8 limit=128
[   58.785794][ T4278] syz.3.282: attempt to access beyond end of device
[   58.785794][ T4278] loop3: rw=0, sector=145, nr_sectors = 8 limit=128
[   58.798943][ T4278] syz.3.282: attempt to access beyond end of device
[   58.798943][ T4278] loop3: rw=0, sector=145, nr_sectors = 8 limit=128
[   58.812812][ T4278] syz.3.282: attempt to access beyond end of device
[   58.812812][ T4278] loop3: rw=0, sector=145, nr_sectors = 8 limit=128
[   58.847267][   T29] kauditd_printk_skb: 170 callbacks suppressed
[   58.847281][   T29] audit: type=1400 audit(1741337000.576:915): avc:  denied  { read } for  pid=4284 comm="syz.0.284" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   58.878711][   T29] audit: type=1400 audit(1741337000.576:916): avc:  denied  { open } for  pid=4284 comm="syz.0.284" path="/dev/loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   58.903273][   T29] audit: type=1400 audit(1741337000.606:917): avc:  denied  { ioctl } for  pid=4284 comm="syz.0.284" path="/dev/loop-control" dev="devtmpfs" ino=99 ioctlcmd=0x4c82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   58.947795][   T29] audit: type=1400 audit(1741337000.656:918): avc:  denied  { create } for  pid=4284 comm="syz.0.284" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   58.968155][   T29] audit: type=1400 audit(1741337000.656:919): avc:  denied  { write } for  pid=4284 comm="syz.0.284" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   58.988379][   T29] audit: type=1400 audit(1741337000.656:920): avc:  denied  { nlmsg_read } for  pid=4284 comm="syz.0.284" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   59.024879][ T4289] netlink: 4 bytes leftover after parsing attributes in process `syz.4.285'.
[   59.100436][ T4298] random: crng reseeded on system resumption
[   59.155470][   T29] audit: type=1400 audit(1741337000.826:921): avc:  denied  { append } for  pid=4297 comm="syz.0.289" name="snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[   59.178707][   T29] audit: type=1400 audit(1741337000.826:922): avc:  denied  { open } for  pid=4297 comm="syz.0.289" path="/dev/snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[   59.202032][   T29] audit: type=1400 audit(1741337000.836:923): avc:  denied  { lock } for  pid=4295 comm="syz.4.288" path="socket:[7561]" dev="sockfs" ino=7561 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=udp_socket permissive=1
[   59.207344][ T4300] netlink: 12 bytes leftover after parsing attributes in process `syz.4.290'.
[   59.240933][   T29] audit: type=1400 audit(1741337000.966:924): avc:  denied  { listen } for  pid=4282 comm="syz.1.283" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[   59.273454][ T4300] bridge0: port 3(batadv1) entered blocking state
[   59.280015][ T4300] bridge0: port 3(batadv1) entered disabled state
[   59.286888][ T4300] batadv1: entered allmulticast mode
[   59.292913][ T4300] batadv1: entered promiscuous mode
[   59.346834][ T3911] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[   59.359853][ T3911] hid-generic 0000:0003:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz1
[   59.443326][ T4311] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[   59.449901][ T4311] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   59.457571][ T4311] vhci_hcd vhci_hcd.0: Device attached
[   59.469848][ T4312] vhci_hcd: connection closed
[   59.470121][ T1624] vhci_hcd: stop threads
[   59.479296][ T1624] vhci_hcd: release socket
[   59.483743][ T1624] vhci_hcd: disconnect device
[   59.578660][ T4322] netlink: 4 bytes leftover after parsing attributes in process `syz.3.298'.
[   59.629765][ T4326] bond1: entered promiscuous mode
[   59.634823][ T4326] bond1: entered allmulticast mode
[   59.640331][ T4326] 8021q: adding VLAN 0 to HW filter on device bond1
[   59.650139][ T4326] bond1 (unregistering): Released all slaves
[   59.775573][   T28] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[   59.784833][   T28] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[   59.969269][ T4334] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   59.978230][ T4334] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   60.323701][ T4351] netlink: 4 bytes leftover after parsing attributes in process `syz.1.310'.
[   60.366699][ T4355] bond1: entered promiscuous mode
[   60.371774][ T4355] bond1: entered allmulticast mode
[   60.378611][ T4355] 8021q: adding VLAN 0 to HW filter on device bond1
[   60.388625][ T4355] bond1 (unregistering): Released all slaves
[   60.468306][ T4358] block device autoloading is deprecated and will be removed.
[   60.495840][ T4361] netlink: 40 bytes leftover after parsing attributes in process `syz.1.314'.
[   60.529574][ T4363] loop3: detected capacity change from 0 to 164
[   60.539642][ T4363] iso9660: Unknown parameter 'û1öApÇê.ÏoòÉš'
[   60.564707][ T4365] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[   60.571342][ T4365] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   60.579080][ T4365] vhci_hcd vhci_hcd.0: Device attached
[   60.588280][ T4368] vhci_hcd: connection closed
[   60.588489][ T1895] vhci_hcd: stop threads
[   60.597606][ T1895] vhci_hcd: release socket
[   60.602160][ T1895] vhci_hcd: disconnect device
[   60.631714][ T4367] loop3: detected capacity change from 0 to 2048
[   60.642031][ T4367] EXT4-fs: inline encryption not supported
[   60.658228][ T4367] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   60.683099][ T4367] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   60.700854][ T4367] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 13 with max blocks 1 with error 28
[   60.713175][ T4367] EXT4-fs (loop3): This should not happen!! Data will be lost
[   60.713175][ T4367] 
[   60.722956][ T4367] EXT4-fs (loop3): Total free blocks count 0
[   60.729001][ T4367] EXT4-fs (loop3): Free/Dirty block details
[   60.734973][ T4367] EXT4-fs (loop3): free_blocks=2415919104
[   60.735222][ T4370] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   60.740729][ T4367] EXT4-fs (loop3): dirty_blocks=16
[   60.740747][ T4367] EXT4-fs (loop3): Block reservation details
[   60.740759][ T4367] EXT4-fs (loop3): i_reserved_data_blocks=1
[   60.816728][ T4377] netlink: 4 bytes leftover after parsing attributes in process `syz.0.319'.
[   60.899109][ T4389] FAULT_INJECTION: forcing a failure.
[   60.899109][ T4389] name failslab, interval 1, probability 0, space 0, times 0
[   60.911941][ T4389] CPU: 0 UID: 0 PID: 4389 Comm: syz.0.323 Tainted: G        W          6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[   60.912054][ T4389] Tainted: [W]=WARN
[   60.912062][ T4389] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   60.912077][ T4389] Call Trace:
[   60.912097][ T4389]  <TASK>
[   60.912106][ T4389]  dump_stack_lvl+0xf2/0x150
[   60.912141][ T4389]  dump_stack+0x15/0x1a
[   60.912168][ T4389]  should_fail_ex+0x24a/0x260
[   60.912245][ T4389]  should_failslab+0x8f/0xb0
[   60.912347][ T4389]  kmem_cache_alloc_node_noprof+0x59/0x320
[   60.912378][ T4389]  ? __alloc_skb+0x10b/0x310
[   60.912399][ T4389]  __alloc_skb+0x10b/0x310
[   60.912423][ T4389]  netlink_alloc_large_skb+0xad/0xe0
[   60.912528][ T4389]  netlink_sendmsg+0x3b4/0x6e0
[   60.912623][ T4389]  ? __pfx_netlink_sendmsg+0x10/0x10
[   60.912656][ T4389]  __sock_sendmsg+0x140/0x180
[   60.912695][ T4389]  ____sys_sendmsg+0x326/0x4b0
[   60.912729][ T4389]  __sys_sendmmsg+0x227/0x4b0
[   60.912842][ T4389]  __x64_sys_sendmmsg+0x57/0x70
[   60.912872][ T4389]  x64_sys_call+0x29aa/0x2dc0
[   60.912905][ T4389]  do_syscall_64+0xc9/0x1c0
[   60.912958][ T4389]  ? clear_bhb_loop+0x55/0xb0
[   60.912990][ T4389]  ? clear_bhb_loop+0x55/0xb0
[   60.913098][ T4389]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.913138][ T4389] RIP: 0033:0x7f9f736ed169
[   60.913154][ T4389] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   60.913171][ T4389] RSP: 002b:00007f9f71d51038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   60.913190][ T4389] RAX: ffffffffffffffda RBX: 00007f9f73905fa0 RCX: 00007f9f736ed169
[   60.913205][ T4389] RDX: 0400000000000235 RSI: 0000400000000000 RDI: 0000000000000005
[   60.913277][ T4389] RBP: 00007f9f71d51090 R08: 0000000000000000 R09: 0000000000000000
[   60.913311][ T4389] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   60.913398][ T4389] R13: 0000000000000000 R14: 00007f9f73905fa0 R15: 00007fff08870478
[   60.913420][ T4389]  </TASK>
[   61.120227][ T4379] FAULT_INJECTION: forcing a failure.
[   61.120227][ T4379] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   61.133402][ T4379] CPU: 1 UID: 0 PID: 4379 Comm: syz.3.320 Tainted: G        W          6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[   61.133438][ T4379] Tainted: [W]=WARN
[   61.133446][ T4379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   61.133460][ T4379] Call Trace:
[   61.133469][ T4379]  <TASK>
[   61.133477][ T4379]  dump_stack_lvl+0xf2/0x150
[   61.133511][ T4379]  dump_stack+0x15/0x1a
[   61.133568][ T4379]  should_fail_ex+0x24a/0x260
[   61.133607][ T4379]  should_fail+0xb/0x10
[   61.133640][ T4379]  should_fail_usercopy+0x1a/0x20
[   61.133680][ T4379]  _copy_from_user+0x1c/0xa0
[   61.133755][ T4379]  move_addr_to_kernel+0x82/0x120
[   61.133848][ T4379]  copy_msghdr_from_user+0x271/0x2a0
[   61.133947][ T4379]  __sys_sendmsg+0x13e/0x230
[   61.134010][ T4379]  __x64_sys_sendmsg+0x46/0x50
[   61.134041][ T4379]  x64_sys_call+0x2734/0x2dc0
[   61.134102][ T4379]  do_syscall_64+0xc9/0x1c0
[   61.134141][ T4379]  ? clear_bhb_loop+0x55/0xb0
[   61.134174][ T4379]  ? clear_bhb_loop+0x55/0xb0
[   61.134208][ T4379]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   61.134241][ T4379] RIP: 0033:0x7f67068fd169
[   61.134260][ T4379] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   61.134281][ T4379] RSP: 002b:00007f6704f67038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   61.134302][ T4379] RAX: ffffffffffffffda RBX: 00007f6706b15fa0 RCX: 00007f67068fd169
[   61.134316][ T4379] RDX: 0000000000000000 RSI: 0000400000000300 RDI: 0000000000000003
[   61.134331][ T4379] RBP: 00007f6704f67090 R08: 0000000000000000 R09: 0000000000000000
[   61.134352][ T4379] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   61.134428][ T4379] R13: 0000000000000000 R14: 00007f6706b15fa0 R15: 00007ffcc1712298
[   61.134451][ T4379]  </TASK>
[   61.142808][ T4392] bond1: entered promiscuous mode
[   61.222684][ T4395] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=4395 comm=syz.3.325
[   61.224082][ T4392] bond1: entered allmulticast mode
[   61.312121][ T4397] loop3: detected capacity change from 0 to 512
[   61.313062][ T4392] 8021q: adding VLAN 0 to HW filter on device bond1
[   61.322373][ T4397] EXT4-fs: Ignoring removed i_version option
[   61.357806][ T4397] EXT4-fs: Ignoring removed mblk_io_submit option
[   61.366807][ T4392] bond1 (unregistering): Released all slaves
[   61.379526][ T4397] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   61.392516][ T4397] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2863: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   61.407514][ T4397] EXT4-fs (loop3): 1 truncate cleaned up
[   61.413973][ T4397] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   61.464009][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   61.482666][ T4406] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[   61.489313][ T4406] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   61.497110][ T4406] vhci_hcd vhci_hcd.0: Device attached
[   61.511371][ T4399] FAULT_INJECTION: forcing a failure.
[   61.511371][ T4399] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   61.524743][ T4399] CPU: 1 UID: 0 PID: 4399 Comm: syz.1.327 Tainted: G        W          6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[   61.524851][ T4399] Tainted: [W]=WARN
[   61.524860][ T4399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   61.524874][ T4399] Call Trace:
[   61.524882][ T4399]  <TASK>
[   61.524891][ T4399]  dump_stack_lvl+0xf2/0x150
[   61.524936][ T4399]  dump_stack+0x15/0x1a
[   61.525034][ T4399]  should_fail_ex+0x24a/0x260
[   61.525076][ T4399]  should_fail+0xb/0x10
[   61.525109][ T4399]  should_fail_usercopy+0x1a/0x20
[   61.525148][ T4399]  strncpy_from_user+0x25/0x210
[   61.525172][ T4399]  ? kmem_cache_alloc_noprof+0x18e/0x320
[   61.525219][ T4399]  ? getname_flags+0x81/0x3b0
[   61.525324][ T4399]  getname_flags+0xb0/0x3b0
[   61.525401][ T4399]  getname+0x17/0x20
[   61.525449][ T4399]  do_sys_openat2+0x67/0x120
[   61.525533][ T4399]  __x64_sys_openat+0xf3/0x120
[   61.525561][ T4399]  x64_sys_call+0x2b30/0x2dc0
[   61.525591][ T4399]  do_syscall_64+0xc9/0x1c0
[   61.525630][ T4399]  ? clear_bhb_loop+0x55/0xb0
[   61.525738][ T4399]  ? clear_bhb_loop+0x55/0xb0
[   61.525765][ T4399]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   61.525871][ T4399] RIP: 0033:0x7f651135d169
[   61.525930][ T4399] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   61.525948][ T4399] RSP: 002b:00007f650f9c1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   61.525970][ T4399] RAX: ffffffffffffffda RBX: 00007f6511575fa0 RCX: 00007f651135d169
[   61.525985][ T4399] RDX: 0000000000002101 RSI: 0000400000000040 RDI: ffffffffffffff9c
[   61.526000][ T4399] RBP: 00007f650f9c1090 R08: 0000000000000000 R09: 0000000000000000
[   61.526013][ T4399] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   61.526024][ T4399] R13: 0000000000000000 R14: 00007f6511575fa0 R15: 00007ffe81fef778
[   61.526045][ T4399]  </TASK>
[   61.715447][ T4406] vhci_hcd vhci_hcd.0: pdev(2) rhport(1) sockfd(5)
[   61.722006][ T4406] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   61.729771][ T4406] vhci_hcd vhci_hcd.0: Device attached
[   61.740610][ T4414] vhci_hcd: connection closed
[   61.740731][ T4407] vhci_hcd: connection closed
[   61.746034][   T28] vhci_hcd: stop threads
[   61.754990][   T28] vhci_hcd: release socket
[   61.759603][   T28] vhci_hcd: disconnect device
[   61.766300][   T28] vhci_hcd: stop threads
[   61.770567][   T28] vhci_hcd: release socket
[   61.774999][   T28] vhci_hcd: disconnect device
[   61.789048][ T4420] xt_hashlimit: max too large, truncated to 1048576
[   61.809480][ T4420] xt_limit: Overflow, try lower: 0/0
[   61.817814][ T4422] syz.0.335 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   61.832102][ T4420] ref_ctr_offset mismatch. inode: 0x165 offset: 0x7 ref_ctr_offset(old): 0x2 ref_ctr_offset(new): 0x388000003a8
[   61.877757][ T4426] netlink: 24 bytes leftover after parsing attributes in process `syz.0.337'.
[   61.901271][ T4426] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=4426 comm=syz.0.337
[   61.956328][ T4434] xt_hashlimit: max too large, truncated to 1048576
[   61.963592][ T4434] xt_limit: Overflow, try lower: 0/0
[   61.975947][ T4434] ref_ctr_offset mismatch. inode: 0x170 offset: 0x7 ref_ctr_offset(old): 0x2 ref_ctr_offset(new): 0x388000003a8
[   61.996765][ T4436] FAULT_INJECTION: forcing a failure.
[   61.996765][ T4436] name failslab, interval 1, probability 0, space 0, times 0
[   62.009438][ T4436] CPU: 1 UID: 0 PID: 4436 Comm: syz.0.341 Tainted: G        W          6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[   62.009474][ T4436] Tainted: [W]=WARN
[   62.009481][ T4436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   62.009495][ T4436] Call Trace:
[   62.009502][ T4436]  <TASK>
[   62.009509][ T4436]  dump_stack_lvl+0xf2/0x150
[   62.009536][ T4436]  dump_stack+0x15/0x1a
[   62.009557][ T4436]  should_fail_ex+0x24a/0x260
[   62.009593][ T4436]  should_failslab+0x8f/0xb0
[   62.009629][ T4436]  kmem_cache_alloc_noprof+0x52/0x320
[   62.009654][ T4436]  ? vm_area_dup+0x98/0x130
[   62.009684][ T4436]  vm_area_dup+0x98/0x130
[   62.009709][ T4436]  __split_vma+0xf7/0x6a0
[   62.009738][ T4436]  vms_gather_munmap_vmas+0x2a5/0x7a0
[   62.009784][ T4436]  mmap_region+0x464/0x1620
[   62.009806][ T4436]  ? __rcu_read_unlock+0x4e/0x70
[   62.009832][ T4436]  ? mntput_no_expire+0x70/0x3d0
[   62.009863][ T4436]  ? mntput+0x49/0x70
[   62.009889][ T4436]  ? terminate_walk+0x260/0x280
[   62.009940][ T4436]  do_mmap+0x98a/0xc30
[   62.009973][ T4436]  vm_mmap_pgoff+0x16d/0x2d0
[   62.010008][ T4436]  ksys_mmap_pgoff+0x286/0x330
[   62.010039][ T4436]  x64_sys_call+0x1940/0x2dc0
[   62.010067][ T4436]  do_syscall_64+0xc9/0x1c0
[   62.010101][ T4436]  ? clear_bhb_loop+0x55/0xb0
[   62.010132][ T4436]  ? clear_bhb_loop+0x55/0xb0
[   62.010165][ T4436]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   62.010191][ T4436] RIP: 0033:0x7f9f736ed169
[   62.010207][ T4436] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   62.010225][ T4436] RSP: 002b:00007f9f71d51038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[   62.010244][ T4436] RAX: ffffffffffffffda RBX: 00007f9f73905fa0 RCX: 00007f9f736ed169
[   62.010257][ T4436] RDX: 00000000027ffff7 RSI: 0000000000600000 RDI: 0000400000000000
[   62.010271][ T4436] RBP: 00007f9f71d51090 R08: 0000000000000003 R09: 0000000000000000
[   62.010283][ T4436] R10: 0000000004012011 R11: 0000000000000246 R12: 0000000000000001
[   62.010297][ T4436] R13: 0000000000000000 R14: 00007f9f73905fa0 R15: 00007fff08870478
[   62.010320][ T4436]  </TASK>
[   62.325883][ T4451] loop3: detected capacity change from 0 to 2048
[   62.340491][ T4455] xt_hashlimit: max too large, truncated to 1048576
[   62.348283][ T4455] xt_limit: Overflow, try lower: 0/0
[   62.357328][ T4455] ref_ctr_offset mismatch. inode: 0x1cb offset: 0x7 ref_ctr_offset(old): 0x2 ref_ctr_offset(new): 0x388000003a8
[   62.365901][ T4451]  loop3: p1 < > p4
[   62.373824][ T4451] loop3: p4 size 8388608 extends beyond EOD, truncated
[   62.460898][ T4461] FAULT_INJECTION: forcing a failure.
[   62.460898][ T4461] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   62.474161][ T4461] CPU: 1 UID: 0 PID: 4461 Comm: syz.3.351 Tainted: G        W          6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[   62.474198][ T4461] Tainted: [W]=WARN
[   62.474205][ T4461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   62.474220][ T4461] Call Trace:
[   62.474229][ T4461]  <TASK>
[   62.474237][ T4461]  dump_stack_lvl+0xf2/0x150
[   62.474271][ T4461]  dump_stack+0x15/0x1a
[   62.474369][ T4461]  should_fail_ex+0x24a/0x260
[   62.474403][ T4461]  should_fail+0xb/0x10
[   62.474443][ T4461]  should_fail_usercopy+0x1a/0x20
[   62.474509][ T4461]  _copy_to_user+0x20/0xa0
[   62.474533][ T4461]  simple_read_from_buffer+0xa0/0x110
[   62.474600][ T4461]  proc_fail_nth_read+0xf9/0x140
[   62.474630][ T4461]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   62.474698][ T4461]  vfs_read+0x19b/0x6f0
[   62.474725][ T4461]  ? __rcu_read_unlock+0x4e/0x70
[   62.474747][ T4461]  ? __fget_files+0x17c/0x1c0
[   62.474783][ T4461]  ksys_read+0xe8/0x1b0
[   62.474861][ T4461]  __x64_sys_read+0x42/0x50
[   62.474892][ T4461]  x64_sys_call+0x2874/0x2dc0
[   62.475000][ T4461]  do_syscall_64+0xc9/0x1c0
[   62.475038][ T4461]  ? clear_bhb_loop+0x55/0xb0
[   62.475070][ T4461]  ? clear_bhb_loop+0x55/0xb0
[   62.475097][ T4461]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   62.475242][ T4461] RIP: 0033:0x7f67068fbb7c
[   62.475259][ T4461] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   62.475283][ T4461] RSP: 002b:00007f6704f67030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   62.475301][ T4461] RAX: ffffffffffffffda RBX: 00007f6706b15fa0 RCX: 00007f67068fbb7c
[   62.475316][ T4461] RDX: 000000000000000f RSI: 00007f6704f670a0 RDI: 0000000000000003
[   62.475335][ T4461] RBP: 00007f6704f67090 R08: 0000000000000000 R09: 0000000000000000
[   62.475385][ T4461] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   62.475396][ T4461] R13: 0000000000000001 R14: 00007f6706b15fa0 R15: 00007ffcc1712298
[   62.475413][ T4461]  </TASK>
[   62.811797][ T4478] loop3: detected capacity change from 0 to 256
[   62.818408][ T4478] vfat: Unknown parameter '°00000000000000000176°'
[   63.026428][ T4487] loop3: detected capacity change from 0 to 512
[   63.078621][ T4487] ext4 filesystem being mounted at /72/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   63.258148][ T4493] xt_hashlimit: max too large, truncated to 1048576
[   63.266504][ T4493] xt_limit: Overflow, try lower: 0/0
[   63.273475][ T4495] FAULT_INJECTION: forcing a failure.
[   63.273475][ T4495] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   63.286823][ T4495] CPU: 0 UID: 0 PID: 4495 Comm: syz.4.362 Tainted: G        W          6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[   63.286894][ T4495] Tainted: [W]=WARN
[   63.286902][ T4495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   63.286914][ T4495] Call Trace:
[   63.286921][ T4495]  <TASK>
[   63.286928][ T4495]  dump_stack_lvl+0xf2/0x150
[   63.286956][ T4495]  dump_stack+0x15/0x1a
[   63.286981][ T4495]  should_fail_ex+0x24a/0x260
[   63.287059][ T4495]  should_fail+0xb/0x10
[   63.287171][ T4495]  should_fail_usercopy+0x1a/0x20
[   63.287263][ T4495]  strncpy_from_user+0x25/0x210
[   63.287286][ T4495]  ? __kmalloc_cache_noprof+0x186/0x320
[   63.287359][ T4495]  __se_sys_memfd_create+0x218/0x5a0
[   63.287388][ T4495]  __x64_sys_memfd_create+0x31/0x40
[   63.287419][ T4495]  x64_sys_call+0x2d4c/0x2dc0
[   63.287447][ T4495]  do_syscall_64+0xc9/0x1c0
[   63.287482][ T4495]  ? clear_bhb_loop+0x55/0xb0
[   63.287510][ T4495]  ? clear_bhb_loop+0x55/0xb0
[   63.287539][ T4495]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   63.287670][ T4495] RIP: 0033:0x7f6db1dfd169
[   63.287684][ T4495] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   63.287724][ T4495] RSP: 002b:00007f6db0466e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   63.287747][ T4495] RAX: ffffffffffffffda RBX: 0000000000000501 RCX: 00007f6db1dfd169
[   63.287762][ T4495] RDX: 00007f6db0466ef0 RSI: 0000000000000000 RDI: 00007f6db1e7ec3c
[   63.287776][ T4495] RBP: 0000400000000dc0 R08: 00007f6db0466bb7 R09: 00007f6db0466e40
[   63.287789][ T4495] R10: 000000000000000a R11: 0000000000000202 R12: 0000400000000000
[   63.287800][ T4495] R13: 00007f6db0466ef0 R14: 00007f6db0466eb0 R15: 00004000000001c0
[   63.287817][ T4495]  </TASK>
[   63.486980][ T4497] FAULT_INJECTION: forcing a failure.
[   63.486980][ T4497] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   63.500178][ T4497] CPU: 0 UID: 0 PID: 4497 Comm: syz.2.363 Tainted: G        W          6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[   63.500213][ T4497] Tainted: [W]=WARN
[   63.500220][ T4497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   63.500233][ T4497] Call Trace:
[   63.500242][ T4497]  <TASK>
[   63.500251][ T4497]  dump_stack_lvl+0xf2/0x150
[   63.500357][ T4497]  dump_stack+0x15/0x1a
[   63.500432][ T4497]  should_fail_ex+0x24a/0x260
[   63.500470][ T4497]  should_fail+0xb/0x10
[   63.500502][ T4497]  should_fail_usercopy+0x1a/0x20
[   63.500533][ T4497]  _copy_to_user+0x20/0xa0
[   63.500624][ T4497]  simple_read_from_buffer+0xa0/0x110
[   63.500661][ T4497]  proc_fail_nth_read+0xf9/0x140
[   63.500722][ T4497]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   63.500749][ T4497]  vfs_read+0x19b/0x6f0
[   63.500775][ T4497]  ? __rcu_read_unlock+0x4e/0x70
[   63.500835][ T4497]  ? __fget_files+0x17c/0x1c0
[   63.500875][ T4497]  ksys_read+0xe8/0x1b0
[   63.500905][ T4497]  __x64_sys_read+0x42/0x50
[   63.500941][ T4497]  x64_sys_call+0x2874/0x2dc0
[   63.500973][ T4497]  do_syscall_64+0xc9/0x1c0
[   63.501071][ T4497]  ? clear_bhb_loop+0x55/0xb0
[   63.501105][ T4497]  ? clear_bhb_loop+0x55/0xb0
[   63.501138][ T4497]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   63.501170][ T4497] RIP: 0033:0x7f118984bb7c
[   63.501189][ T4497] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   63.501229][ T4497] RSP: 002b:00007f1187eb7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   63.501322][ T4497] RAX: ffffffffffffffda RBX: 00007f1189a65fa0 RCX: 00007f118984bb7c
[   63.501340][ T4497] RDX: 000000000000000f RSI: 00007f1187eb70a0 RDI: 0000000000000006
[   63.501352][ T4497] RBP: 00007f1187eb7090 R08: 0000000000000000 R09: 0000000000000000
[   63.501366][ T4497] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   63.501379][ T4497] R13: 0000000000000000 R14: 00007f1189a65fa0 R15: 00007ffd8b9ba8e8
[   63.501479][ T4497]  </TASK>
[   63.788454][ T4511] netlink: 36 bytes leftover after parsing attributes in process `syz.4.370'.
[   63.822660][ T4514] vlan2: entered allmulticast mode
[   63.888580][ T4503] FAULT_INJECTION: forcing a failure.
[   63.888580][ T4503] name failslab, interval 1, probability 0, space 0, times 0
[   63.901408][ T4503] CPU: 0 UID: 0 PID: 4503 Comm: syz.2.366 Tainted: G        W          6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[   63.901438][ T4503] Tainted: [W]=WARN
[   63.901444][ T4503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   63.901455][ T4503] Call Trace:
[   63.901463][ T4503]  <TASK>
[   63.901473][ T4503]  dump_stack_lvl+0xf2/0x150
[   63.901583][ T4503]  dump_stack+0x15/0x1a
[   63.901605][ T4503]  should_fail_ex+0x24a/0x260
[   63.901641][ T4503]  should_failslab+0x8f/0xb0
[   63.901720][ T4503]  kmem_cache_alloc_node_noprof+0x59/0x320
[   63.901749][ T4503]  ? __alloc_skb+0x10b/0x310
[   63.901776][ T4503]  __alloc_skb+0x10b/0x310
[   63.901874][ T4503]  netlink_alloc_large_skb+0xad/0xe0
[   63.901911][ T4503]  netlink_sendmsg+0x3b4/0x6e0
[   63.902034][ T4503]  ? __pfx_netlink_sendmsg+0x10/0x10
[   63.902143][ T4503]  __sock_sendmsg+0x140/0x180
[   63.902200][ T4503]  ____sys_sendmsg+0x326/0x4b0
[   63.902235][ T4503]  __sys_sendmsg+0x19d/0x230
[   63.902314][ T4503]  __x64_sys_sendmsg+0x46/0x50
[   63.902339][ T4503]  x64_sys_call+0x2734/0x2dc0
[   63.902430][ T4503]  do_syscall_64+0xc9/0x1c0
[   63.902468][ T4503]  ? clear_bhb_loop+0x55/0xb0
[   63.902495][ T4503]  ? clear_bhb_loop+0x55/0xb0
[   63.902584][ T4503]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   63.902618][ T4503] RIP: 0033:0x7f118984d169
[   63.902636][ T4503] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   63.902698][ T4503] RSP: 002b:00007f1187eb7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   63.902716][ T4503] RAX: ffffffffffffffda RBX: 00007f1189a65fa0 RCX: 00007f118984d169
[   63.902753][ T4503] RDX: 0000000000000000 RSI: 0000400000000040 RDI: 000000000000000b
[   63.902768][ T4503] RBP: 00007f1187eb7090 R08: 0000000000000000 R09: 0000000000000000
[   63.902782][ T4503] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   63.902796][ T4503] R13: 0000000000000000 R14: 00007f1189a65fa0 R15: 00007ffd8b9ba8e8
[   63.902817][ T4503]  </TASK>
[   64.939691][ T4541] FAULT_INJECTION: forcing a failure.
[   64.939691][ T4541] name failslab, interval 1, probability 0, space 0, times 0
[   64.952481][ T4541] CPU: 1 UID: 0 PID: 4541 Comm: syz.3.377 Tainted: G        W          6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[   64.952519][ T4541] Tainted: [W]=WARN
[   64.952527][ T4541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   64.952614][ T4541] Call Trace:
[   64.952621][ T4541]  <TASK>
[   64.952630][ T4541]  dump_stack_lvl+0xf2/0x150
[   64.952658][ T4541]  dump_stack+0x15/0x1a
[   64.952731][ T4541]  should_fail_ex+0x24a/0x260
[   64.952764][ T4541]  ? l2tp_tunnel_create+0x67/0x1d0
[   64.952792][ T4541]  should_failslab+0x8f/0xb0
[   64.952826][ T4541]  __kmalloc_cache_noprof+0x4e/0x320
[   64.952863][ T4541]  l2tp_tunnel_create+0x67/0x1d0
[   64.952942][ T4541]  pppol2tp_connect+0x3af/0xa50
[   64.952988][ T4541]  ? __pfx_pppol2tp_connect+0x10/0x10
[   64.953028][ T4541]  __sys_connect+0x18f/0x1b0
[   64.953056][ T4541]  __x64_sys_connect+0x41/0x50
[   64.953099][ T4541]  x64_sys_call+0x22a7/0x2dc0
[   64.953132][ T4541]  do_syscall_64+0xc9/0x1c0
[   64.953162][ T4541]  ? clear_bhb_loop+0x55/0xb0
[   64.953201][ T4541]  ? clear_bhb_loop+0x55/0xb0
[   64.953242][ T4541]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   64.953271][ T4541] RIP: 0033:0x7f67068fd169
[   64.953316][ T4541] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   64.953337][ T4541] RSP: 002b:00007f6704f25038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[   64.953357][ T4541] RAX: ffffffffffffffda RBX: 00007f6706b16160 RCX: 00007f67068fd169
[   64.953369][ T4541] RDX: 0000000000000026 RSI: 0000400000000040 RDI: 0000000000000008
[   64.953384][ T4541] RBP: 00007f6704f25090 R08: 0000000000000000 R09: 0000000000000000
[   64.953395][ T4541] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   64.953406][ T4541] R13: 0000000000000000 R14: 00007f6706b16160 R15: 00007ffcc1712298
[   64.953426][ T4541]  </TASK>
[   66.063108][ T4556] netlink: 8 bytes leftover after parsing attributes in process `syz.3.382'.
[   66.093664][ T4556] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   66.325654][   T29] kauditd_printk_skb: 149 callbacks suppressed
[   66.325668][   T29] audit: type=1400 audit(1741337008.056:1074): avc:  denied  { name_bind } for  pid=4562 comm="syz.1.385" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[   66.364362][ T4565] SELinux:  Context system_u:object_r:semanage_exec_t:s0 is not valid (left unmapped).
[   66.420140][   T29] audit: type=1400 audit(1741337008.096:1075): avc:  denied  { relabelto } for  pid=4562 comm="syz.1.385" name="file1" dev="tmpfs" ino=405 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:semanage_exec_t:s0"
[   66.446905][   T29] audit: type=1400 audit(1741337008.096:1076): avc:  denied  { associate } for  pid=4562 comm="syz.1.385" name="file1" dev="tmpfs" ino=405 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:semanage_exec_t:s0"
[   67.301242][   T29] audit: type=1400 audit(1741337009.026:1077): avc:  denied  { wake_alarm } for  pid=4555 comm="syz.2.383" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   67.486806][   T29] audit: type=1400 audit(1741337009.216:1078): avc:  denied  { create } for  pid=4579 comm="syz.3.388" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[   68.213314][ T4591] block device autoloading is deprecated and will be removed.
[   68.577910][ T4599] xt_hashlimit: max too large, truncated to 1048576
[   68.606226][ T4599] xt_limit: Overflow, try lower: 0/0
[   68.876951][ T4609] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[   68.883526][ T4609] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   68.891236][ T4609] vhci_hcd vhci_hcd.0: Device attached
[   68.947752][ T4610] vhci_hcd: connection closed
[   68.955559][ T1624] vhci_hcd: stop threads
[   68.964571][ T1624] vhci_hcd: release socket
[   68.969045][ T1624] vhci_hcd: disconnect device
[   69.009718][   T29] audit: type=1326 audit(1741337010.736:1079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4617 comm="syz.4.400" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6db1dfd169 code=0x0
[   69.062473][ T4621] netlink: 'syz.4.400': attribute type 8 has an invalid length.
[   69.086786][   T29] audit: type=1326 audit(1741337010.816:1080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4617 comm="syz.4.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6db1dfd169 code=0x7ffc0000
[   69.110280][   T29] audit: type=1326 audit(1741337010.816:1081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4617 comm="syz.4.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6db1dfd169 code=0x7ffc0000
[   69.165241][   T29] audit: type=1326 audit(1741337010.816:1082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4617 comm="syz.4.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6db1dfd169 code=0x7ffc0000
[   69.188669][   T29] audit: type=1326 audit(1741337010.816:1083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4617 comm="syz.4.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6db1dfd169 code=0x7ffc0000
[   69.906297][ T4631] netlink: 'syz.4.405': attribute type 2 has an invalid length.
[   69.914192][ T4631] netlink: 'syz.4.405': attribute type 3 has an invalid length.
[   69.921971][ T4631] netlink: 132 bytes leftover after parsing attributes in process `syz.4.405'.
[   70.118687][ T4639] FAULT_INJECTION: forcing a failure.
[   70.118687][ T4639] name failslab, interval 1, probability 0, space 0, times 0
[   70.131432][ T4639] CPU: 0 UID: 0 PID: 4639 Comm: syz.4.408 Tainted: G        W          6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[   70.131466][ T4639] Tainted: [W]=WARN
[   70.131474][ T4639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   70.131489][ T4639] Call Trace:
[   70.131498][ T4639]  <TASK>
[   70.131508][ T4639]  dump_stack_lvl+0xf2/0x150
[   70.131598][ T4639]  dump_stack+0x15/0x1a
[   70.131626][ T4639]  should_fail_ex+0x24a/0x260
[   70.131664][ T4639]  should_failslab+0x8f/0xb0
[   70.131703][ T4639]  kmem_cache_alloc_node_noprof+0x59/0x320
[   70.131729][ T4639]  ? __alloc_skb+0x10b/0x310
[   70.131807][ T4639]  __alloc_skb+0x10b/0x310
[   70.131834][ T4639]  netlink_alloc_large_skb+0xad/0xe0
[   70.131872][ T4639]  netlink_sendmsg+0x3b4/0x6e0
[   70.131968][ T4639]  ? __pfx_netlink_sendmsg+0x10/0x10
[   70.132011][ T4639]  __sock_sendmsg+0x140/0x180
[   70.132069][ T4639]  ____sys_sendmsg+0x326/0x4b0
[   70.132097][ T4639]  __sys_sendmsg+0x19d/0x230
[   70.132144][ T4639]  __x64_sys_sendmsg+0x46/0x50
[   70.132176][ T4639]  x64_sys_call+0x2734/0x2dc0
[   70.132213][ T4639]  do_syscall_64+0xc9/0x1c0
[   70.132257][ T4639]  ? clear_bhb_loop+0x55/0xb0
[   70.132284][ T4639]  ? clear_bhb_loop+0x55/0xb0
[   70.132313][ T4639]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.132416][ T4639] RIP: 0033:0x7f6db1dfd169
[   70.132436][ T4639] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   70.132458][ T4639] RSP: 002b:00007f6db0467038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   70.132482][ T4639] RAX: ffffffffffffffda RBX: 00007f6db2015fa0 RCX: 00007f6db1dfd169
[   70.132498][ T4639] RDX: 0000000000000000 RSI: 0000400000000480 RDI: 0000000000000003
[   70.132513][ T4639] RBP: 00007f6db0467090 R08: 0000000000000000 R09: 0000000000000000
[   70.132528][ T4639] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   70.132545][ T4639] R13: 0000000000000000 R14: 00007f6db2015fa0 R15: 00007ffe44992e78
[   70.132562][ T4639]  </TASK>
[   70.382648][ T4644] netlink: 12 bytes leftover after parsing attributes in process `syz.4.410'.
[   71.391041][   T29] kauditd_printk_skb: 11 callbacks suppressed
[   71.391058][   T29] audit: type=1326 audit(1741337013.116:1095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4663 comm="syz.2.415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f118984d169 code=0x7ffc0000
[   71.420712][   T29] audit: type=1326 audit(1741337013.116:1096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4663 comm="syz.2.415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f118984d169 code=0x7ffc0000
[   71.444163][   T29] audit: type=1326 audit(1741337013.116:1097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4663 comm="syz.2.415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f118984d169 code=0x7ffc0000
[   71.467547][   T29] audit: type=1326 audit(1741337013.116:1098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4663 comm="syz.2.415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f118984d169 code=0x7ffc0000
[   71.490960][   T29] audit: type=1326 audit(1741337013.116:1099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4663 comm="syz.2.415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f118984d169 code=0x7ffc0000
[   71.515252][   T29] audit: type=1326 audit(1741337013.166:1100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4663 comm="syz.2.415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f118984d169 code=0x7ffc0000
[   71.538641][   T29] audit: type=1326 audit(1741337013.166:1101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4663 comm="syz.2.415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f118984d1a3 code=0x7ffc0000
[   71.561991][   T29] audit: type=1326 audit(1741337013.166:1102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4663 comm="syz.2.415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f118984bc1f code=0x7ffc0000
[   71.585245][   T29] audit: type=1326 audit(1741337013.166:1103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4663 comm="syz.2.415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f118984d1f7 code=0x7ffc0000
[   71.608637][   T29] audit: type=1326 audit(1741337013.166:1104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4663 comm="syz.2.415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f118984bad0 code=0x7ffc0000
[   71.634621][ T4662] IPVS: Unknown mcast interface: pimreg
[   71.635124][ T4674] netlink: 'syz.2.419': attribute type 30 has an invalid length.
[   71.677433][ T4669] IPVS: Unknown mcast interface: pimreg
[   71.702999][ T4679] FAULT_INJECTION: forcing a failure.
[   71.702999][ T4679] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   71.716193][ T4679] CPU: 1 UID: 0 PID: 4679 Comm: syz.0.421 Tainted: G        W          6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[   71.716299][ T4679] Tainted: [W]=WARN
[   71.716308][ T4679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   71.716323][ T4679] Call Trace:
[   71.716331][ T4679]  <TASK>
[   71.716340][ T4679]  dump_stack_lvl+0xf2/0x150
[   71.716375][ T4679]  dump_stack+0x15/0x1a
[   71.716398][ T4679]  should_fail_ex+0x24a/0x260
[   71.716498][ T4679]  should_fail+0xb/0x10
[   71.716525][ T4679]  should_fail_usercopy+0x1a/0x20
[   71.716556][ T4679]  _copy_from_user+0x1c/0xa0
[   71.716579][ T4679]  copy_msghdr_from_user+0x54/0x2a0
[   71.716749][ T4679]  ? __fget_files+0x17c/0x1c0
[   71.716785][ T4679]  __sys_sendmsg+0x13e/0x230
[   71.716833][ T4679]  __x64_sys_sendmsg+0x46/0x50
[   71.716866][ T4679]  x64_sys_call+0x2734/0x2dc0
[   71.716932][ T4679]  do_syscall_64+0xc9/0x1c0
[   71.717015][ T4679]  ? clear_bhb_loop+0x55/0xb0
[   71.717058][ T4679]  ? clear_bhb_loop+0x55/0xb0
[   71.717084][ T4679]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.717110][ T4679] RIP: 0033:0x7f9f736ed169
[   71.717127][ T4679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   71.717207][ T4679] RSP: 002b:00007f9f71d51038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   71.717285][ T4679] RAX: ffffffffffffffda RBX: 00007f9f73905fa0 RCX: 00007f9f736ed169
[   71.717322][ T4679] RDX: 0000000004008840 RSI: 0000400000000000 RDI: 0000000000000004
[   71.717338][ T4679] RBP: 00007f9f71d51090 R08: 0000000000000000 R09: 0000000000000000
[   71.717353][ T4679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   71.717400][ T4679] R13: 0000000000000000 R14: 00007f9f73905fa0 R15: 00007fff08870478
[   71.717417][ T4679]  </TASK>
[   72.094289][ T4686] netlink: 8 bytes leftover after parsing attributes in process `syz.2.422'.
[   72.103216][ T4686] netlink: 'syz.2.422': attribute type 30 has an invalid length.
[   72.595128][ T4695] binfmt_misc: register: failed to install interpreter file ./file2
[   72.727628][ T4705] loop1: detected capacity change from 0 to 128
[   72.816314][ T4711] loop1: detected capacity change from 0 to 512
[   72.840409][ T4711] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   72.850621][ T4711] EXT4-fs (loop1): orphan cleanup on readonly fs
[   72.852164][ T4707] IPVS: Unknown mcast interface: pimreg
[   72.868247][ T4711] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm syz.1.432: Failed to acquire dquot type 1
[   72.884802][ T4711] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.432: bg 0: block 40: padding at end of block bitmap is not set
[   72.902329][ T4711] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6550: Corrupt filesystem
[   72.914577][ T4711] EXT4-fs (loop1): 1 truncate cleaned up
[   72.921303][ T4717] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[   72.927898][ T4717] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   72.935628][ T4717] vhci_hcd vhci_hcd.0: Device attached
[   72.946616][ T4711] EXT4-fs mount: 2 callbacks suppressed
[   72.946767][ T4711] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   73.018692][ T4718] vhci_hcd: connection closed
[   73.026917][ T1895] vhci_hcd: stop threads
[   73.036013][ T1895] vhci_hcd: release socket
[   73.036025][ T1895] vhci_hcd: disconnect device
[   73.167835][ T4725] xt_time: unknown flags 0xc
[   73.281332][ T3298] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.346462][ T4733] netlink: 12 bytes leftover after parsing attributes in process `syz.1.439'.
[   73.462973][ T4740] loop1: detected capacity change from 0 to 1024
[   73.483418][ T4740] EXT4-fs: Ignoring removed orlov option
[   73.508728][ T4740] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.559988][ T3298] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.992060][ T4753] IPVS: Unknown mcast interface: pimreg
[   74.982056][ T4769] loop1: detected capacity change from 0 to 512
[   75.015669][ T4769] EXT4-fs: Ignoring removed i_version option
[   75.021763][ T4769] EXT4-fs: Ignoring removed mblk_io_submit option
[   75.047342][ T4769] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   75.086986][ T4769] EXT4-fs (loop1): 1 truncate cleaned up
[   75.093298][ T4769] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   75.140040][ T3298] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.189763][ T4773] SELinux: syz.1.451 (4773) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[   75.229773][ T4773] net_ratelimit: 24 callbacks suppressed
[   75.229795][ T4773] do_dccp_getsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app
[   75.323411][ T4776] gretap0: entered promiscuous mode
[   75.345499][ T4776] macsec1: entered allmulticast mode
[   75.350858][ T4776] gretap0: entered allmulticast mode
[   75.377258][ T4776] gretap0: left allmulticast mode
[   75.382389][ T4776] gretap0: left promiscuous mode
[   75.409079][ T4777] netlink: 132 bytes leftover after parsing attributes in process `syz.1.451'.
[   75.483420][ T4779] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[   75.489998][ T4779] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   75.497683][ T4779] vhci_hcd vhci_hcd.0: Device attached
[   75.527939][ T4781] vhci_hcd: connection closed
[   75.528555][   T36] vhci_hcd: stop threads
[   75.537564][   T36] vhci_hcd: release socket
[   75.542049][   T36] vhci_hcd: disconnect device
[   75.785633][ T4785] FAULT_INJECTION: forcing a failure.
[   75.785633][ T4785] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   75.798903][ T4785] CPU: 1 UID: 0 PID: 4785 Comm: syz.2.454 Tainted: G        W          6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[   75.798940][ T4785] Tainted: [W]=WARN
[   75.798949][ T4785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   75.799018][ T4785] Call Trace:
[   75.799027][ T4785]  <TASK>
[   75.799036][ T4785]  dump_stack_lvl+0xf2/0x150
[   75.799068][ T4785]  dump_stack+0x15/0x1a
[   75.799089][ T4785]  should_fail_ex+0x24a/0x260
[   75.799127][ T4785]  should_fail_alloc_page+0xfd/0x110
[   75.799219][ T4785]  __alloc_frozen_pages_noprof+0x109/0x340
[   75.799258][ T4785]  alloc_pages_mpol+0xb4/0x260
[   75.799333][ T4785]  alloc_pages_noprof+0xe8/0x130
[   75.799365][ T4785]  pte_alloc_one+0x31/0x110
[   75.799394][ T4785]  __do_fault+0x79/0x200
[   75.799421][ T4785]  handle_mm_fault+0xc7d/0x2ac0
[   75.799461][ T4785]  ? mt_find+0x72a/0x890
[   75.799489][ T4785]  __get_user_pages+0xf6a/0x2350
[   75.799604][ T4785]  __gup_longterm_locked+0x932/0xf90
[   75.799682][ T4785]  ? selinux_ptrace_access_check+0x100/0x110
[   75.799715][ T4785]  ? security_ptrace_access_check+0x67/0x80
[   75.799760][ T4785]  ? down_read+0x171/0x4b0
[   75.799803][ T4785]  ? __ptrace_may_access+0x2cb/0x350
[   75.799909][ T4785]  pin_user_pages_remote+0x7f/0xb0
[   75.799943][ T4785]  process_vm_rw+0x4bc/0x890
[   75.799996][ T4785]  ? ksys_write+0x176/0x1b0
[   75.800102][ T4785]  __x64_sys_process_vm_writev+0x7a/0x90
[   75.800152][ T4785]  x64_sys_call+0x2c48/0x2dc0
[   75.800185][ T4785]  do_syscall_64+0xc9/0x1c0
[   75.800224][ T4785]  ? clear_bhb_loop+0x55/0xb0
[   75.800305][ T4785]  ? clear_bhb_loop+0x55/0xb0
[   75.800331][ T4785]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.800381][ T4785] RIP: 0033:0x7f118984d169
[   75.800399][ T4785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.800420][ T4785] RSP: 002b:00007f1187e96038 EFLAGS: 00000246 ORIG_RAX: 0000000000000137
[   75.800455][ T4785] RAX: ffffffffffffffda RBX: 00007f1189a66080 RCX: 00007f118984d169
[   75.800471][ T4785] RDX: 0000000000000001 RSI: 0000400000001c80 RDI: 00000000000000d7
[   75.800486][ T4785] RBP: 00007f1187e96090 R08: 0000000000000001 R09: 0000000000000000
[   75.800501][ T4785] R10: 0000400000001d80 R11: 0000000000000246 R12: 0000000000000001
[   75.800577][ T4785] R13: 0000000000000000 R14: 00007f1189a66080 R15: 00007ffd8b9ba8e8
[   75.800598][ T4785]  </TASK>
[   76.068314][ T4788] bridge: RTM_NEWNEIGH with invalid ether address
[   76.294382][ T4793] netlink: 24 bytes leftover after parsing attributes in process `syz.4.457'.
[   76.325222][ T4795] netlink: 16 bytes leftover after parsing attributes in process `syz.1.458'.
[   76.334266][ T4795] netlink: 52 bytes leftover after parsing attributes in process `syz.1.458'.
[   76.343260][ T4795] netlink: 36 bytes leftover after parsing attributes in process `syz.1.458'.
[   76.471441][ T4805] FAULT_INJECTION: forcing a failure.
[   76.471441][ T4805] name failslab, interval 1, probability 0, space 0, times 0
[   76.484161][ T4805] CPU: 1 UID: 0 PID: 4805 Comm: syz.2.461 Tainted: G        W          6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[   76.484199][ T4805] Tainted: [W]=WARN
[   76.484207][ T4805] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   76.484219][ T4805] Call Trace:
[   76.484226][ T4805]  <TASK>
[   76.484234][ T4805]  dump_stack_lvl+0xf2/0x150
[   76.484314][ T4805]  dump_stack+0x15/0x1a
[   76.484406][ T4805]  should_fail_ex+0x24a/0x260
[   76.484446][ T4805]  should_failslab+0x8f/0xb0
[   76.484478][ T4805]  kmem_cache_alloc_node_noprof+0x59/0x320
[   76.484501][ T4805]  ? __alloc_skb+0x10b/0x310
[   76.484586][ T4805]  __alloc_skb+0x10b/0x310
[   76.484680][ T4805]  netlink_alloc_large_skb+0xad/0xe0
[   76.484719][ T4805]  netlink_sendmsg+0x3b4/0x6e0
[   76.484772][ T4805]  ? __pfx_netlink_sendmsg+0x10/0x10
[   76.484911][ T4805]  __sock_sendmsg+0x140/0x180
[   76.485094][ T4805]  ____sys_sendmsg+0x326/0x4b0
[   76.485132][ T4805]  __sys_sendmsg+0x19d/0x230
[   76.485182][ T4805]  __x64_sys_sendmsg+0x46/0x50
[   76.485294][ T4805]  x64_sys_call+0x2734/0x2dc0
[   76.485400][ T4805]  do_syscall_64+0xc9/0x1c0
[   76.485481][ T4805]  ? clear_bhb_loop+0x55/0xb0
[   76.485512][ T4805]  ? clear_bhb_loop+0x55/0xb0
[   76.485544][ T4805]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.485574][ T4805] RIP: 0033:0x7f118984d169
[   76.485654][ T4805] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.485675][ T4805] RSP: 002b:00007f1187eb7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   76.485697][ T4805] RAX: ffffffffffffffda RBX: 00007f1189a65fa0 RCX: 00007f118984d169
[   76.485712][ T4805] RDX: 0000000000000000 RSI: 0000400000000280 RDI: 0000000000000006
[   76.485734][ T4805] RBP: 00007f1187eb7090 R08: 0000000000000000 R09: 0000000000000000
[   76.485748][ T4805] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   76.485770][ T4805] R13: 0000000000000000 R14: 00007f1189a65fa0 R15: 00007ffd8b9ba8e8
[   76.485838][ T4805]  </TASK>
[   76.699403][ T4807] loop4: detected capacity change from 0 to 512
[   76.706101][ T4807] EXT4-fs: Ignoring removed i_version option
[   76.712155][ T4807] EXT4-fs: Ignoring removed mblk_io_submit option
[   76.728951][ T4807] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   76.743415][   T29] kauditd_printk_skb: 301 callbacks suppressed
[   76.743429][   T29] audit: type=1400 audit(1741337018.466:1404): avc:  denied  { ioctl } for  pid=4811 comm="syz.2.464" path="socket:[9040]" dev="sockfs" ino=9040 ioctlcmd=0x48d2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   76.797063][ T4807] EXT4-fs (loop4): 1 truncate cleaned up
[   76.823487][ T4807] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.846675][ T4816] xt_hashlimit: max too large, truncated to 1048576
[   76.896994][ T4818] FAULT_INJECTION: forcing a failure.
[   76.896994][ T4818] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   76.905245][   T29] audit: type=1400 audit(1741337018.516:1405): avc:  denied  { setopt } for  pid=4811 comm="syz.2.464" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   76.910156][ T4818] CPU: 0 UID: 0 PID: 4818 Comm: syz.1.467 Tainted: G        W          6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[   76.910195][ T4818] Tainted: [W]=WARN
[   76.910204][ T4818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   76.910220][ T4818] Call Trace:
[   76.910228][ T4818]  <TASK>
[   76.910237][ T4818]  dump_stack_lvl+0xf2/0x150
[   76.910342][ T4818]  dump_stack+0x15/0x1a
[   76.910369][ T4818]  should_fail_ex+0x24a/0x260
[   76.910407][ T4818]  should_fail+0xb/0x10
[   76.910440][ T4818]  should_fail_usercopy+0x1a/0x20
[   76.910524][ T4818]  _copy_from_user+0x1c/0xa0
[   76.910548][ T4818]  do_ipt_set_ctl+0x423/0x8b0
[   76.910586][ T4818]  nf_setsockopt+0x195/0x1b0
[   76.910629][ T4818]  ip_setsockopt+0xea/0x100
[   76.910662][ T4818]  udp_setsockopt+0x95/0xb0
[   76.910724][ T4818]  sock_common_setsockopt+0x64/0x80
[   76.910766][ T4818]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   76.910864][ T4818]  __sys_setsockopt+0x187/0x200
[   76.910895][ T4818]  __x64_sys_setsockopt+0x66/0x80
[   76.910977][ T4818]  x64_sys_call+0x282e/0x2dc0
[   76.911011][ T4818]  do_syscall_64+0xc9/0x1c0
[   76.911050][ T4818]  ? clear_bhb_loop+0x55/0xb0
[   76.911151][ T4818]  ? clear_bhb_loop+0x55/0xb0
[   76.911184][ T4818]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.911218][ T4818] RIP: 0033:0x7f651135d169
[   76.911238][ T4818] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.911260][ T4818] RSP: 002b:00007f650f9c1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   76.911292][ T4818] RAX: ffffffffffffffda RBX: 00007f6511575fa0 RCX: 00007f651135d169
[   76.911308][ T4818] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000007
[   76.911322][ T4818] RBP: 00007f650f9c1090 R08: 0000000000000538 R09: 0000000000000000
[   76.911337][ T4818] R10: 0000400000000540 R11: 0000000000000246 R12: 0000000000000001
[   76.911352][ T4818] R13: 0000000000000000 R14: 00007f6511575fa0 R15: 00007ffe81fef778
[   76.911438][ T4818]  </TASK>
[   77.128663][   T29] audit: type=1400 audit(1741337018.536:1406): avc:  denied  { create } for  pid=4813 comm="syz.1.465" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   77.148066][   T29] audit: type=1400 audit(1741337018.536:1407): avc:  denied  { map } for  pid=4813 comm="syz.1.465" path="socket:[9061]" dev="sockfs" ino=9061 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[   77.171870][   T29] audit: type=1400 audit(1741337018.536:1408): avc:  denied  { accept } for  pid=4813 comm="syz.1.465" path="socket:[9061]" dev="sockfs" ino=9061 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[   77.195822][   T29] audit: type=1400 audit(1741337018.536:1409): avc:  denied  { write } for  pid=4813 comm="syz.1.465" name="hwrng" dev="devtmpfs" ino=82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[   77.199867][ T4823] xt_hashlimit: max too large, truncated to 1048576
[   77.236846][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.292104][ T4825] netlink: 24 bytes leftover after parsing attributes in process `syz.4.470'.
[   77.353712][ T4829] bridge: RTM_NEWNEIGH with invalid ether address
[   77.416542][ T4831] bond1: entered promiscuous mode
[   77.421818][ T4831] bond1: entered allmulticast mode
[   77.440539][ T4831] 8021q: adding VLAN 0 to HW filter on device bond1
[   77.651770][ T4831] bond1 (unregistering): Released all slaves
[   77.722259][   T29] audit: type=1326 audit(1741337019.436:1410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4820 comm="syz.1.469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f651135d169 code=0x7ffc0000
[   77.745891][   T29] audit: type=1326 audit(1741337019.436:1411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4820 comm="syz.1.469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7f651135d169 code=0x7ffc0000
[   77.769261][   T29] audit: type=1326 audit(1741337019.436:1412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4820 comm="syz.1.469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f651135d169 code=0x7ffc0000
[   77.792659][   T29] audit: type=1326 audit(1741337019.436:1413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4820 comm="syz.1.469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f651135d169 code=0x7ffc0000
[   77.940421][ T4838] loop4: detected capacity change from 0 to 1024
[   77.958066][ T4840] FAULT_INJECTION: forcing a failure.
[   77.958066][ T4840] name failslab, interval 1, probability 0, space 0, times 0
[   77.970821][ T4840] CPU: 0 UID: 0 PID: 4840 Comm: syz.1.476 Tainted: G        W          6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[   77.970852][ T4840] Tainted: [W]=WARN
[   77.970858][ T4840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   77.970873][ T4840] Call Trace:
[   77.970881][ T4840]  <TASK>
[   77.970891][ T4840]  dump_stack_lvl+0xf2/0x150
[   77.970979][ T4840]  dump_stack+0x15/0x1a
[   77.971002][ T4840]  should_fail_ex+0x24a/0x260
[   77.971040][ T4840]  should_failslab+0x8f/0xb0
[   77.971123][ T4840]  kmem_cache_alloc_noprof+0x52/0x320
[   77.971150][ T4840]  ? prepare_creds+0x37/0x480
[   77.971203][ T4840]  prepare_creds+0x37/0x480
[   77.971240][ T4840]  copy_creds+0x90/0x3f0
[   77.971270][ T4840]  copy_process+0x64b/0x1f50
[   77.971331][ T4840]  ? 0xffffffff81000000
[   77.971344][ T4840]  ? selinux_file_permission+0x22a/0x360
[   77.971393][ T4840]  kernel_clone+0x167/0x5e0
[   77.971428][ T4840]  ? vfs_write+0x644/0x920
[   77.971456][ T4840]  __x64_sys_clone+0xe7/0x120
[   77.971509][ T4840]  x64_sys_call+0x2d7e/0x2dc0
[   77.971543][ T4840]  do_syscall_64+0xc9/0x1c0
[   77.971666][ T4840]  ? clear_bhb_loop+0x55/0xb0
[   77.971693][ T4840]  ? clear_bhb_loop+0x55/0xb0
[   77.971777][ T4840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   77.971810][ T4840] RIP: 0033:0x7f651135d169
[   77.971862][ T4840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   77.971884][ T4840] RSP: 002b:00007f650f9c0fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[   77.971953][ T4840] RAX: ffffffffffffffda RBX: 00007f6511575fa0 RCX: 00007f651135d169
[   77.971966][ T4840] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000400
[   77.971981][ T4840] RBP: 00007f650f9c1090 R08: 0000000000000000 R09: 0000000000000000
[   77.971996][ T4840] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[   77.972010][ T4840] R13: 0000000000000000 R14: 00007f6511575fa0 R15: 00007ffe81fef778
[   77.972034][ T4840]  </TASK>
[   77.987434][ T4838] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   78.188763][ T4838] FAULT_INJECTION: forcing a failure.
[   78.188763][ T4838] name failslab, interval 1, probability 0, space 0, times 0
[   78.201708][ T4838] CPU: 0 UID: 0 PID: 4838 Comm: syz.4.475 Tainted: G        W          6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[   78.201738][ T4838] Tainted: [W]=WARN
[   78.201745][ T4838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   78.201836][ T4838] Call Trace:
[   78.201845][ T4838]  <TASK>
[   78.201873][ T4838]  dump_stack_lvl+0xf2/0x150
[   78.201907][ T4838]  dump_stack+0x15/0x1a
[   78.201936][ T4838]  should_fail_ex+0x24a/0x260
[   78.201976][ T4838]  should_failslab+0x8f/0xb0
[   78.202052][ T4838]  __kmalloc_noprof+0xab/0x3f0
[   78.202076][ T4838]  ? alloc_pipe_info+0x1cb/0x360
[   78.202118][ T4838]  alloc_pipe_info+0x1cb/0x360
[   78.202159][ T4838]  splice_direct_to_actor+0x60f/0x670
[   78.202268][ T4838]  ? __pfx_direct_splice_actor+0x10/0x10
[   78.202297][ T4838]  ? 0xffffffff81000000
[   78.202314][ T4838]  ? selinux_file_permission+0x22a/0x360
[   78.202386][ T4838]  ? __rcu_read_unlock+0x4e/0x70
[   78.202415][ T4838]  ? avc_policy_seqno+0x15/0x20
[   78.202439][ T4838]  ? selinux_file_permission+0x22a/0x360
[   78.202564][ T4838]  do_splice_direct+0xd7/0x150
[   78.202598][ T4838]  ? __pfx_direct_file_splice_eof+0x10/0x10
[   78.202641][ T4838]  do_sendfile+0x398/0x660
[   78.202687][ T4838]  __x64_sys_sendfile64+0x110/0x150
[   78.202723][ T4838]  x64_sys_call+0xfbd/0x2dc0
[   78.202755][ T4838]  do_syscall_64+0xc9/0x1c0
[   78.202851][ T4838]  ? clear_bhb_loop+0x55/0xb0
[   78.202884][ T4838]  ? clear_bhb_loop+0x55/0xb0
[   78.202920][ T4838]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.202955][ T4838] RIP: 0033:0x7f6db1dfd169
[   78.202973][ T4838] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   78.203030][ T4838] RSP: 002b:00007f6db0467038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   78.203049][ T4838] RAX: ffffffffffffffda RBX: 00007f6db2015fa0 RCX: 00007f6db1dfd169
[   78.203062][ T4838] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000005
[   78.203074][ T4838] RBP: 00007f6db0467090 R08: 0000000000000000 R09: 0000000000000000
[   78.203090][ T4838] R10: 000000000003ffff R11: 0000000000000246 R12: 0000000000000001
[   78.203105][ T4838] R13: 0000000000000000 R14: 00007f6db2015fa0 R15: 00007ffe44992e78
[   78.203129][ T4838]  </TASK>
[   78.492843][ T4848] FAULT_INJECTION: forcing a failure.
[   78.492843][ T4848] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   78.506089][ T4848] CPU: 0 UID: 0 PID: 4848 Comm: syz.2.478 Tainted: G        W          6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[   78.506127][ T4848] Tainted: [W]=WARN
[   78.506136][ T4848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   78.506152][ T4848] Call Trace:
[   78.506159][ T4848]  <TASK>
[   78.506168][ T4848]  dump_stack_lvl+0xf2/0x150
[   78.506196][ T4848]  dump_stack+0x15/0x1a
[   78.506222][ T4848]  should_fail_ex+0x24a/0x260
[   78.506276][ T4848]  should_fail+0xb/0x10
[   78.506302][ T4848]  should_fail_usercopy+0x1a/0x20
[   78.506383][ T4848]  _copy_to_user+0x20/0xa0
[   78.506448][ T4848]  simple_read_from_buffer+0xa0/0x110
[   78.506558][ T4848]  proc_fail_nth_read+0xf9/0x140
[   78.506597][ T4848]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   78.506667][ T4848]  vfs_read+0x19b/0x6f0
[   78.506697][ T4848]  ? __rcu_read_unlock+0x4e/0x70
[   78.506726][ T4848]  ? __fget_files+0x17c/0x1c0
[   78.506824][ T4848]  ksys_read+0xe8/0x1b0
[   78.506858][ T4848]  __x64_sys_read+0x42/0x50
[   78.506885][ T4848]  x64_sys_call+0x2874/0x2dc0
[   78.506911][ T4848]  do_syscall_64+0xc9/0x1c0
[   78.507054][ T4848]  ? clear_bhb_loop+0x55/0xb0
[   78.507088][ T4848]  ? clear_bhb_loop+0x55/0xb0
[   78.507179][ T4848]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.507213][ T4848] RIP: 0033:0x7f118984bb7c
[   78.507233][ T4848] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   78.507256][ T4848] RSP: 002b:00007f1187e96030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   78.507279][ T4848] RAX: ffffffffffffffda RBX: 00007f1189a66080 RCX: 00007f118984bb7c
[   78.507295][ T4848] RDX: 000000000000000f RSI: 00007f1187e960a0 RDI: 0000000000000004
[   78.507367][ T4848] RBP: 00007f1187e96090 R08: 0000000000000000 R09: 0000000000000000
[   78.507379][ T4848] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   78.507474][ T4848] R13: 0000000000000000 R14: 00007f1189a66080 R15: 00007ffd8b9ba8e8
[   78.507496][ T4848]  </TASK>
[   78.792035][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.855543][ T4853] FAULT_INJECTION: forcing a failure.
[   78.855543][ T4853] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   78.868758][ T4853] CPU: 0 UID: 0 PID: 4853 Comm: syz.1.480 Tainted: G        W          6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[   78.868793][ T4853] Tainted: [W]=WARN
[   78.868801][ T4853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   78.868815][ T4853] Call Trace:
[   78.868824][ T4853]  <TASK>
[   78.868833][ T4853]  dump_stack_lvl+0xf2/0x150
[   78.868890][ T4853]  dump_stack+0x15/0x1a
[   78.868935][ T4853]  should_fail_ex+0x24a/0x260
[   78.868974][ T4853]  should_fail+0xb/0x10
[   78.869007][ T4853]  should_fail_usercopy+0x1a/0x20
[   78.869050][ T4853]  strncpy_from_user+0x25/0x210
[   78.869073][ T4853]  ? __kmalloc_cache_noprof+0x186/0x320
[   78.869098][ T4853]  __se_sys_memfd_create+0x218/0x5a0
[   78.869124][ T4853]  __x64_sys_memfd_create+0x31/0x40
[   78.869171][ T4853]  x64_sys_call+0x2d4c/0x2dc0
[   78.869201][ T4853]  do_syscall_64+0xc9/0x1c0
[   78.869231][ T4853]  ? clear_bhb_loop+0x55/0xb0
[   78.869258][ T4853]  ? clear_bhb_loop+0x55/0xb0
[   78.869318][ T4853]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.869345][ T4853] RIP: 0033:0x7f651135d169
[   78.869361][ T4853] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   78.869444][ T4853] RSP: 002b:00007f650f9c0e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   78.869490][ T4853] RAX: ffffffffffffffda RBX: 000000000000050a RCX: 00007f651135d169
[   78.869502][ T4853] RDX: 00007f650f9c0ef0 RSI: 0000000000000000 RDI: 00007f65113dec3c
[   78.869515][ T4853] RBP: 0000400000000200 R08: 00007f650f9c0bb7 R09: 00007f650f9c0e40
[   78.869529][ T4853] R10: 000000000000000a R11: 0000000000000202 R12: 00004000000001c0
[   78.869544][ T4853] R13: 00007f650f9c0ef0 R14: 00007f650f9c0eb0 R15: 00004000000008c0
[   78.869566][ T4853]  </TASK>
[   79.245679][ T4865] netlink: 24 bytes leftover after parsing attributes in process `syz.1.483'.
[   79.449115][ T4872] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[   79.455686][ T4872] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   79.463369][ T4872] vhci_hcd vhci_hcd.0: Device attached
[   79.599898][ T4873] vhci_hcd: connection closed
[   79.600209][   T28] vhci_hcd: stop threads
[   79.609280][   T28] vhci_hcd: release socket
[   79.613718][   T28] vhci_hcd: disconnect device
[   79.645396][ T3911] vhci_hcd: vhci_device speed not set
[   80.024311][ T4879] bond1: entered promiscuous mode
[   80.029453][ T4879] bond1: entered allmulticast mode
[   80.055044][ T4879] 8021q: adding VLAN 0 to HW filter on device bond1
[   80.075518][ T4879] bond1 (unregistering): Released all slaves
[   80.150229][ T4883] loop1: detected capacity change from 0 to 512
[   80.175976][ T4883] EXT4-fs: Ignoring removed i_version option
[   80.184792][ T4883] EXT4-fs: Ignoring removed mblk_io_submit option
[   80.214340][ T4883] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   80.266021][ T4883] EXT4-fs (loop1): 1 truncate cleaned up
[   80.271996][ T4883] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   80.316184][ T3298] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.583777][ T4900] FAULT_INJECTION: forcing a failure.
[   80.583777][ T4900] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   80.597033][ T4900] CPU: 0 UID: 0 PID: 4900 Comm: syz.2.492 Tainted: G        W          6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[   80.597063][ T4900] Tainted: [W]=WARN
[   80.597070][ T4900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   80.597082][ T4900] Call Trace:
[   80.597099][ T4900]  <TASK>
[   80.597109][ T4900]  dump_stack_lvl+0xf2/0x150
[   80.597146][ T4900]  dump_stack+0x15/0x1a
[   80.597169][ T4900]  should_fail_ex+0x24a/0x260
[   80.597242][ T4900]  should_fail+0xb/0x10
[   80.597277][ T4900]  should_fail_usercopy+0x1a/0x20
[   80.597396][ T4900]  _copy_from_user+0x1c/0xa0
[   80.597422][ T4900]  copy_msghdr_from_user+0x54/0x2a0
[   80.597464][ T4900]  ? __fget_files+0x17c/0x1c0
[   80.597506][ T4900]  __sys_sendmsg+0x13e/0x230
[   80.597626][ T4900]  __x64_sys_sendmsg+0x46/0x50
[   80.597666][ T4900]  x64_sys_call+0x2734/0x2dc0
[   80.597772][ T4900]  do_syscall_64+0xc9/0x1c0
[   80.597872][ T4900]  ? clear_bhb_loop+0x55/0xb0
[   80.597903][ T4900]  ? clear_bhb_loop+0x55/0xb0
[   80.598001][ T4900]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.598049][ T4900] RIP: 0033:0x7f118984d169
[   80.598074][ T4900] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   80.598094][ T4900] RSP: 002b:00007f1187eb7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   80.598112][ T4900] RAX: ffffffffffffffda RBX: 00007f1189a65fa0 RCX: 00007f118984d169
[   80.598125][ T4900] RDX: 0000000000000000 RSI: 0000400000000280 RDI: 0000000000000003
[   80.598140][ T4900] RBP: 00007f1187eb7090 R08: 0000000000000000 R09: 0000000000000000
[   80.598156][ T4900] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   80.598243][ T4900] R13: 0000000000000000 R14: 00007f1189a65fa0 R15: 00007ffd8b9ba8e8
[   80.598262][ T4900]  </TASK>
[   81.096040][ T4903] IPVS: Unknown mcast interface: pimreg
[   81.148742][ T4909] netlink: 20 bytes leftover after parsing attributes in process `syz.4.494'.
[   81.157702][ T4909] netlink: 24 bytes leftover after parsing attributes in process `syz.4.494'.
[   81.189929][ T4912] gretap0: entered promiscuous mode
[   81.198937][ T4912] macsec1: entered allmulticast mode
[   81.204369][ T4912] gretap0: entered allmulticast mode
[   81.228899][ T4912] gretap0: left allmulticast mode
[   81.234008][ T4912] gretap0: left promiscuous mode
[   81.339199][ T4917] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[   81.345853][ T4917] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   81.353686][ T4917] vhci_hcd vhci_hcd.0: Device attached
[   81.392191][ T4918] vhci_hcd: connection closed
[   81.411757][   T28] vhci_hcd: stop threads
[   81.420817][   T28] vhci_hcd: release socket
[   81.425288][   T28] vhci_hcd: disconnect device
[   81.927238][ T4945] FAULT_INJECTION: forcing a failure.
[   81.927238][ T4945] name failslab, interval 1, probability 0, space 0, times 0
[   81.939960][ T4945] CPU: 0 UID: 0 PID: 4945 Comm: syz.4.506 Tainted: G        W          6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[   81.939995][ T4945] Tainted: [W]=WARN
[   81.940002][ T4945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   81.940078][ T4945] Call Trace:
[   81.940085][ T4945]  <TASK>
[   81.940093][ T4945]  dump_stack_lvl+0xf2/0x150
[   81.940121][ T4945]  dump_stack+0x15/0x1a
[   81.940212][ T4945]  should_fail_ex+0x24a/0x260
[   81.940246][ T4945]  should_failslab+0x8f/0xb0
[   81.940285][ T4945]  kmem_cache_alloc_node_noprof+0x59/0x320
[   81.940368][ T4945]  ? __alloc_skb+0x10b/0x310
[   81.940393][ T4945]  __alloc_skb+0x10b/0x310
[   81.940428][ T4945]  tcp_stream_alloc_skb+0x2f/0x1e0
[   81.940522][ T4945]  tcp_sendmsg_locked+0x96d/0x26a0
[   81.940566][ T4945]  ? __pfx_tcp_sendmsg+0x10/0x10
[   81.940597][ T4945]  tcp_sendmsg+0x30/0x50
[   81.940626][ T4945]  inet_sendmsg+0x77/0xd0
[   81.940660][ T4945]  __sock_sendmsg+0x102/0x180
[   81.940738][ T4945]  __sys_sendto+0x1a8/0x230
[   81.940775][ T4945]  __x64_sys_sendto+0x78/0x90
[   81.940802][ T4945]  x64_sys_call+0x29fa/0x2dc0
[   81.940834][ T4945]  do_syscall_64+0xc9/0x1c0
[   81.940885][ T4945]  ? clear_bhb_loop+0x55/0xb0
[   81.940979][ T4945]  ? clear_bhb_loop+0x55/0xb0
[   81.941010][ T4945]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   81.941043][ T4945] RIP: 0033:0x7f6db1dfd169
[   81.941061][ T4945] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   81.941081][ T4945] RSP: 002b:00007f6db0467038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   81.941116][ T4945] RAX: ffffffffffffffda RBX: 00007f6db2015fa0 RCX: 00007f6db1dfd169
[   81.941128][ T4945] RDX: 00000000000020c8 RSI: 00004000000012c0 RDI: 0000000000000003
[   81.941141][ T4945] RBP: 00007f6db0467090 R08: 0000000000000000 R09: 0000000000000027
[   81.941154][ T4945] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000001
[   81.941167][ T4945] R13: 0000000000000000 R14: 00007f6db2015fa0 R15: 00007ffe44992e78
[   81.941188][ T4945]  </TASK>
[   82.230891][ T4949] FAULT_INJECTION: forcing a failure.
[   82.230891][ T4949] name failslab, interval 1, probability 0, space 0, times 0
[   82.243639][ T4949] CPU: 0 UID: 0 PID: 4949 Comm: syz.4.508 Tainted: G        W          6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[   82.243726][ T4949] Tainted: [W]=WARN
[   82.243804][ T4949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   82.243816][ T4949] Call Trace:
[   82.243823][ T4949]  <TASK>
[   82.243831][ T4949]  dump_stack_lvl+0xf2/0x150
[   82.243866][ T4949]  dump_stack+0x15/0x1a
[   82.243970][ T4949]  should_fail_ex+0x24a/0x260
[   82.244009][ T4949]  should_failslab+0x8f/0xb0
[   82.244043][ T4949]  kmem_cache_alloc_node_noprof+0x59/0x320
[   82.244092][ T4949]  ? __alloc_skb+0x10b/0x310
[   82.244120][ T4949]  __alloc_skb+0x10b/0x310
[   82.244147][ T4949]  netlink_alloc_large_skb+0xad/0xe0
[   82.244194][ T4949]  netlink_sendmsg+0x3b4/0x6e0
[   82.244242][ T4949]  ? __pfx_netlink_sendmsg+0x10/0x10
[   82.244274][ T4949]  __sock_sendmsg+0x140/0x180
[   82.244359][ T4949]  ____sys_sendmsg+0x326/0x4b0
[   82.244395][ T4949]  __sys_sendmsg+0x19d/0x230
[   82.244550][ T4949]  __x64_sys_sendmsg+0x46/0x50
[   82.244582][ T4949]  x64_sys_call+0x2734/0x2dc0
[   82.244617][ T4949]  do_syscall_64+0xc9/0x1c0
[   82.244657][ T4949]  ? clear_bhb_loop+0x55/0xb0
[   82.244795][ T4949]  ? clear_bhb_loop+0x55/0xb0
[   82.244886][ T4949]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.244951][ T4949] RIP: 0033:0x7f6db1dfd169
[   82.244966][ T4949] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   82.245040][ T4949] RSP: 002b:00007f6db0467038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   82.245064][ T4949] RAX: ffffffffffffffda RBX: 00007f6db2015fa0 RCX: 00007f6db1dfd169
[   82.245081][ T4949] RDX: 0000000000008084 RSI: 0000400000001180 RDI: 0000000000000003
[   82.245096][ T4949] RBP: 00007f6db0467090 R08: 0000000000000000 R09: 0000000000000000
[   82.245111][ T4949] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   82.245123][ T4949] R13: 0000000000000000 R14: 00007f6db2015fa0 R15: 00007ffe44992e78
[   82.245173][ T4949]  </TASK>
[   82.463393][   T29] kauditd_printk_skb: 80 callbacks suppressed
[   82.463413][   T29] audit: type=1400 audit(1741337024.186:1494): avc:  denied  { read } for  pid=4946 comm="syz.2.507" path="socket:[9616]" dev="sockfs" ino=9616 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   82.532448][ T4952] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=5123 sclass=netlink_xfrm_socket pid=4952 comm=syz.4.509
[   82.565776][ T4958] netlink: 4 bytes leftover after parsing attributes in process `syz.2.507'.
[   82.587053][ T4958] team0 (unregistering): Port device team_slave_0 removed
[   82.636478][ T4958] team0 (unregistering): Port device team_slave_1 removed
[   82.880535][   T29] audit: type=1326 audit(1741337024.606:1495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4972 comm="syz.1.515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6511354127 code=0x7ffc0000
[   82.938488][   T29] audit: type=1326 audit(1741337024.606:1496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4972 comm="syz.1.515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f65112f9359 code=0x7ffc0000
[   82.961897][   T29] audit: type=1326 audit(1741337024.606:1497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4972 comm="syz.1.515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6511354127 code=0x7ffc0000
[   82.985364][   T29] audit: type=1326 audit(1741337024.606:1498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4972 comm="syz.1.515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f65112f9359 code=0x7ffc0000
[   83.008737][   T29] audit: type=1326 audit(1741337024.606:1499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4972 comm="syz.1.515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f651135d169 code=0x7ffc0000
[   83.032305][   T29] audit: type=1326 audit(1741337024.606:1500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4972 comm="syz.1.515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f651135d169 code=0x7ffc0000
[   83.055768][   T29] audit: type=1326 audit(1741337024.636:1501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4972 comm="syz.1.515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f651135d169 code=0x7ffc0000
[   83.079210][   T29] audit: type=1326 audit(1741337024.636:1502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4972 comm="syz.1.515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f651135d169 code=0x7ffc0000
[   83.102603][   T29] audit: type=1326 audit(1741337024.636:1503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4972 comm="syz.1.515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f651135d169 code=0x7ffc0000
[   83.346145][ T4986] netlink: 24 bytes leftover after parsing attributes in process `syz.1.518'.
[   83.361211][ T4977] IPVS: Unknown mcast interface: pimreg
[   83.459366][ T4986] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=4986 comm=syz.1.518
[   83.591884][ T1836] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   83.739962][ T1836] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   83.853447][ T1836] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   83.969340][ T1836] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   84.006470][ T4979] chnl_net:caif_netlink_parms(): no params data found
[   84.114800][ T1836] bridge_slave_1: left allmulticast mode
[   84.120734][ T1836] bridge_slave_1: left promiscuous mode
[   84.126551][ T1836] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.140518][ T1836] bridge_slave_0: left allmulticast mode
[   84.146356][ T1836] bridge_slave_0: left promiscuous mode
[   84.152002][ T1836] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.363473][ T1836] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   84.407675][ T1836] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   84.431766][ T1836] bond0 (unregistering): Released all slaves
[   84.633413][ T4979] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.640712][ T4979] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.648169][ T4979] bridge_slave_0: entered allmulticast mode
[   84.654822][ T4979] bridge_slave_0: entered promiscuous mode
[   84.859607][ T5041] gretap0: entered promiscuous mode
[   84.884971][ T5041] macsec1: entered allmulticast mode
[   84.890366][ T5041] gretap0: entered allmulticast mode
[   85.045682][ T5041] gretap0: left allmulticast mode
[   85.050927][ T5041] gretap0: left promiscuous mode
[   85.070997][ T4979] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.078175][ T4979] bridge0: port 2(bridge_slave_1) entered disabled state
[   85.111732][ T4979] bridge_slave_1: entered allmulticast mode
[   85.125946][ T4979] bridge_slave_1: entered promiscuous mode
[   85.142777][ T1836] hsr_slave_0: left promiscuous mode
[   85.153732][ T1836] hsr_slave_1: left promiscuous mode
[   85.172156][ T1836] veth1_macvtap: left promiscuous mode
[   85.179401][ T1836] veth0_macvtap: left promiscuous mode
[   85.185047][ T1836] veth1_vlan: left promiscuous mode
[   85.190756][ T1836] veth0_vlan: left promiscuous mode
[   85.279708][ T1836] team0 (unregistering): Port device team_slave_1 removed
[   85.291400][ T1836] team0 (unregistering): Port device team_slave_0 removed
[   85.405822][ T4979] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   85.447021][ T5063] bond1: entered promiscuous mode
[   85.452307][ T5063] bond1: entered allmulticast mode
[   85.486186][ T5063] 8021q: adding VLAN 0 to HW filter on device bond1
[   85.509957][ T5063] bond1 (unregistering): Released all slaves
[   85.546236][ T4979] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   85.581274][ T5062] bond1: entered promiscuous mode
[   85.586555][ T5062] bond1: entered allmulticast mode
[   85.601818][ T5062] 8021q: adding VLAN 0 to HW filter on device bond1
[   85.611742][ T5062] bond1 (unregistering): Released all slaves
[   85.649160][ T4979] team0: Port device team_slave_0 added
[   85.656145][ T4979] team0: Port device team_slave_1 added
[   85.679229][ T4979] batman_adv: batadv0: Adding interface: batadv_slave_0
[   85.686307][ T4979] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   85.712405][ T4979] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   85.796801][ T4979] batman_adv: batadv0: Adding interface: batadv_slave_1
[   85.803856][ T4979] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   85.829919][ T4979] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   85.863658][ T5084] FAULT_INJECTION: forcing a failure.
[   85.863658][ T5084] name failslab, interval 1, probability 0, space 0, times 0
[   85.876392][ T5084] CPU: 0 UID: 0 PID: 5084 Comm: syz.4.535 Tainted: G        W          6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[   85.876428][ T5084] Tainted: [W]=WARN
[   85.876435][ T5084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   85.876447][ T5084] Call Trace:
[   85.876509][ T5084]  <TASK>
[   85.876519][ T5084]  dump_stack_lvl+0xf2/0x150
[   85.876554][ T5084]  dump_stack+0x15/0x1a
[   85.876579][ T5084]  should_fail_ex+0x24a/0x260
[   85.876609][ T5084]  should_failslab+0x8f/0xb0
[   85.876693][ T5084]  kmem_cache_alloc_node_noprof+0x59/0x320
[   85.876722][ T5084]  ? __alloc_skb+0x10b/0x310
[   85.876749][ T5084]  __alloc_skb+0x10b/0x310
[   85.876776][ T5084]  netlink_alloc_large_skb+0xad/0xe0
[   85.876813][ T5084]  netlink_sendmsg+0x3b4/0x6e0
[   85.876956][ T5084]  ? __pfx_netlink_sendmsg+0x10/0x10
[   85.877044][ T5084]  __sock_sendmsg+0x140/0x180
[   85.877132][ T5084]  ____sys_sendmsg+0x326/0x4b0
[   85.877264][ T5084]  __sys_sendmsg+0x19d/0x230
[   85.877311][ T5084]  __x64_sys_sendmsg+0x46/0x50
[   85.877342][ T5084]  x64_sys_call+0x2734/0x2dc0
[   85.877371][ T5084]  do_syscall_64+0xc9/0x1c0
[   85.877428][ T5084]  ? clear_bhb_loop+0x55/0xb0
[   85.877513][ T5084]  ? clear_bhb_loop+0x55/0xb0
[   85.877540][ T5084]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.877571][ T5084] RIP: 0033:0x7f6db1dfd169
[   85.877589][ T5084] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   85.877694][ T5084] RSP: 002b:00007f6db0467038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   85.877712][ T5084] RAX: ffffffffffffffda RBX: 00007f6db2015fa0 RCX: 00007f6db1dfd169
[   85.877725][ T5084] RDX: 0000000000000000 RSI: 0000400000000000 RDI: 0000000000000006
[   85.877736][ T5084] RBP: 00007f6db0467090 R08: 0000000000000000 R09: 0000000000000000
[   85.877748][ T5084] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   85.877760][ T5084] R13: 0000000000000000 R14: 00007f6db2015fa0 R15: 00007ffe44992e78
[   85.877778][ T5084]  </TASK>
[   86.162594][ T4979] hsr_slave_0: entered promiscuous mode
[   86.182783][ T4979] hsr_slave_1: entered promiscuous mode
[   86.203723][ T4979] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   86.231576][ T4979] Cannot create hsr debugfs directory
[   86.363515][ T5103] tmpfs: Bad value for 'nr_inodes'
[   86.490575][ T4979] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   86.519350][ T4979] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   86.542471][ T5120] gretap0: entered promiscuous mode
[   86.552212][ T5120] macsec1: entered allmulticast mode
[   86.557747][ T5120] gretap0: entered allmulticast mode
[   86.586791][ T5120] gretap0: left allmulticast mode
[   86.591949][ T5120] gretap0: left promiscuous mode
[   86.613026][ T4979] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   86.629768][ T4979] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   86.666157][ T5089] netlink: 8 bytes leftover after parsing attributes in process `syz.4.536'.
[   86.747653][ T5126] netlink: 32 bytes leftover after parsing attributes in process `syz.1.543'.
[   86.765405][ T5129] FAULT_INJECTION: forcing a failure.
[   86.765405][ T5129] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   86.778488][ T5129] CPU: 0 UID: 0 PID: 5129 Comm: syz.2.538 Tainted: G        W          6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[   86.778515][ T5129] Tainted: [W]=WARN
[   86.778601][ T5129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   86.778612][ T5129] Call Trace:
[   86.778618][ T5129]  <TASK>
[   86.778624][ T5129]  dump_stack_lvl+0xf2/0x150
[   86.778649][ T5129]  dump_stack+0x15/0x1a
[   86.778667][ T5129]  should_fail_ex+0x24a/0x260
[   86.778760][ T5129]  should_fail+0xb/0x10
[   86.778824][ T5129]  should_fail_usercopy+0x1a/0x20
[   86.778852][ T5129]  strncpy_from_user+0x25/0x210
[   86.778873][ T5129]  ? __check_object_size+0x74/0x520
[   86.778895][ T5129]  ? strncpy_from_user+0x178/0x210
[   86.778946][ T5129]  strncpy_from_user_nofault+0x66/0xe0
[   86.778969][ T5129]  bpf_probe_read_user_str+0x2a/0x70
[   86.778999][ T5129]  bpf_prog_bc7c5c6b9645592f+0x3e/0x40
[   86.779014][ T5129]  bpf_trace_run4+0x114/0x1e0
[   86.779085][ T5129]  ? update_load_avg+0x1f7/0x7c0
[   86.779104][ T5129]  __traceiter_sched_switch+0x3b/0x60
[   86.779134][ T5129]  __schedule+0x877/0x990
[   86.779154][ T5129]  __cond_resched+0x4f/0x90
[   86.779247][ T5129]  madvise_cold_or_pageout_pte_range+0xe39/0xf30
[   86.779275][ T5129]  walk_pgd_range+0x7e4/0x1110
[   86.779306][ T5129]  __walk_page_range+0xed/0x350
[   86.779332][ T5129]  walk_page_range_mm+0x395/0x4e0
[   86.779486][ T5129]  walk_page_range+0x56/0x70
[   86.779509][ T5129]  do_madvise+0x1dc5/0x2ad0
[   86.779547][ T5129]  ? __fget_files+0x17c/0x1c0
[   86.779651][ T5129]  __x64_sys_madvise+0x61/0x70
[   86.779668][ T5129]  x64_sys_call+0x23ab/0x2dc0
[   86.779692][ T5129]  do_syscall_64+0xc9/0x1c0
[   86.779732][ T5129]  ? clear_bhb_loop+0x55/0xb0
[   86.779816][ T5129]  ? clear_bhb_loop+0x55/0xb0
[   86.779882][ T5129]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.779921][ T5129] RIP: 0033:0x7f118984d169
[   86.779934][ T5129] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   86.779986][ T5129] RSP: 002b:00007f1187e75038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[   86.780002][ T5129] RAX: ffffffffffffffda RBX: 00007f1189a66160 RCX: 00007f118984d169
[   86.780012][ T5129] RDX: 0000000000000015 RSI: 0000000000600000 RDI: 0000400000000000
[   86.780023][ T5129] RBP: 00007f1187e75090 R08: 0000000000000000 R09: 0000000000000000
[   86.780108][ T5129] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   86.780118][ T5129] R13: 0000000000000000 R14: 00007f1189a66160 R15: 00007ffd8b9ba8e8
[   86.780133][ T5129]  </TASK>
[   87.035607][ T5126] netlink: 32 bytes leftover after parsing attributes in process `syz.1.543'.
[   87.063272][ T5126] vlan2: entered allmulticast mode
[   87.083159][ T4979] 8021q: adding VLAN 0 to HW filter on device bond0
[   87.105676][ T4979] 8021q: adding VLAN 0 to HW filter on device team0
[   87.197107][ T1624] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.204219][ T1624] bridge0: port 1(bridge_slave_0) entered forwarding state
[   87.226615][ T1624] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.233721][ T1624] bridge0: port 2(bridge_slave_1) entered forwarding state
[   87.241894][ T5126] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   87.266615][ T4979] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   87.277040][ T4979] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   87.428080][ T4979] 8021q: adding VLAN 0 to HW filter on device batadv0
[   87.488773][ T5155] netlink: 12 bytes leftover after parsing attributes in process `syz.4.536'.
[   87.649084][ T4979] veth0_vlan: entered promiscuous mode
[   87.676250][ T4979] veth1_vlan: entered promiscuous mode
[   87.702945][ T4979] veth0_macvtap: entered promiscuous mode
[   87.747080][ T4979] veth1_macvtap: entered promiscuous mode
[   87.778845][ T4979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   87.789578][ T4979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   87.799429][ T4979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   87.809922][ T4979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   87.819810][ T4979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   87.830275][ T4979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   87.840455][ T4979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   87.850913][ T4979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   87.895200][ T5182] netlink: 92 bytes leftover after parsing attributes in process `syz.4.544'.
[   87.896301][ T4979] batman_adv: batadv0: Interface activated: batadv_slave_0
[   87.920895][ T4979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   87.931524][ T4979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   87.941405][ T4979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   87.952082][ T4979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   87.962008][ T4979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   87.972576][ T4979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   87.982434][ T4979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   87.992893][ T4979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   88.003531][ T4979] batman_adv: batadv0: Interface activated: batadv_slave_1
[   88.012120][ T4979] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   88.020972][ T4979] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   88.029707][ T4979] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   88.038425][ T4979] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   88.070210][   T29] kauditd_printk_skb: 49 callbacks suppressed
[   88.070286][   T29] audit: type=1400 audit(1741337029.796:1553): avc:  denied  { mounton } for  pid=4979 comm="syz-executor" path="/root/syzkaller.C98Uw0/syz-tmp" dev="sda1" ino=1950 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[   88.449613][   T29] audit: type=1400 audit(1741337029.796:1554): avc:  denied  { mount } for  pid=4979 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   88.471833][   T29] audit: type=1400 audit(1741337029.796:1555): avc:  denied  { mount } for  pid=4979 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[   88.493788][   T29] audit: type=1400 audit(1741337029.796:1556): avc:  denied  { mounton } for  pid=4979 comm="syz-executor" path="/root/syzkaller.C98Uw0/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[   88.520762][   T29] audit: type=1400 audit(1741337029.796:1557): avc:  denied  { mounton } for  pid=4979 comm="syz-executor" path="/root/syzkaller.C98Uw0/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=11063 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[   88.548551][   T29] audit: type=1400 audit(1741337029.836:1558): avc:  denied  { mounton } for  pid=4979 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=502 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[   88.571664][   T29] audit: type=1400 audit(1741337029.846:1559): avc:  denied  { mount } for  pid=4979 comm="syz-executor" name="/" dev="gadgetfs" ino=3742 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[   88.655983][ T5195] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(6)
[   88.662577][ T5195] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   88.670312][ T5195] vhci_hcd vhci_hcd.0: Device attached
[   88.717163][ T5196] vhci_hcd: connection closed
[   88.717523][ T1836] vhci_hcd: stop threads
[   88.726551][ T1836] vhci_hcd: release socket
[   88.731017][ T1836] vhci_hcd: disconnect device
[   88.815372][   T29] audit: type=1400 audit(1741337030.536:1560): avc:  denied  { sys_chroot } for  pid=5214 comm="dhcpcd" capability=18  scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1
[   88.836697][   T29] audit: type=1400 audit(1741337030.536:1561): avc:  denied  { setgid } for  pid=5214 comm="dhcpcd" capability=6  scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1
[   88.857613][   T29] audit: type=1400 audit(1741337030.536:1562): avc:  denied  { setuid } for  pid=5214 comm="dhcpcd" capability=7  scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1
[   88.892831][ T1895] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.944911][ T5222] bridge: RTM_NEWNEIGH with invalid ether address
[   88.971016][ T1895] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.002349][ T5239] netlink: 4 bytes leftover after parsing attributes in process `syz.4.551'.
[   89.027276][ T1895] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.087601][ T1895] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.176514][ T1895] bridge_slave_1: left allmulticast mode
[   89.182280][ T1895] bridge_slave_1: left promiscuous mode
[   89.188020][ T1895] bridge0: port 2(bridge_slave_1) entered disabled state
[   89.202804][ T1895] bridge_slave_0: left allmulticast mode
[   89.208564][ T1895] bridge_slave_0: left promiscuous mode
[   89.214224][ T1895] bridge0: port 1(bridge_slave_0) entered disabled state
[   89.244112][ T5256] block device autoloading is deprecated and will be removed.
[   89.375808][ T1895] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   89.387441][ T1895] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   89.402852][ T5264] netlink: 24 bytes leftover after parsing attributes in process `syz.1.560'.
[   89.441749][ T1895] bond0 (unregistering): Released all slaves
[   89.463689][ T5259] tipc: Started in network mode
[   89.468701][ T5259] tipc: Node identity aaaaaaaaaa32, cluster identity 4711
[   89.475959][ T5259] tipc: Enabled bearer <eth:vlan0>, priority 10
[   89.482583][ T5260] tipc: Resetting bearer <eth:vlan0>
[   89.490925][ T5260] tipc: Disabling bearer <eth:vlan0>
[   89.506167][ T5266] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=5266 comm=syz.1.560
[   89.581748][ T1895] hsr_slave_0: left promiscuous mode
[   89.587533][ T1895] hsr_slave_1: left promiscuous mode
[   89.593335][ T1895] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   89.600830][ T1895] batman_adv: batadv0: Removing interface: batadv_slave_0
[   89.612653][ T1895] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   89.620145][ T1895] batman_adv: batadv0: Removing interface: batadv_slave_1
[   89.629560][ T1895] veth1_macvtap: left promiscuous mode
[   89.635102][ T1895] veth0_macvtap: left promiscuous mode
[   89.640762][ T1895] veth1_vlan: left promiscuous mode
[   89.646278][ T1895] veth0_vlan: left promiscuous mode
[   89.730516][ T1895] team0 (unregistering): Port device team_slave_1 removed
[   89.743784][ T1895] team0 (unregistering): Port device team_slave_0 removed
[   89.751646][   T11] smc: removing ib device syz!
[   89.798695][ T3365] infiniband syz2: ib_query_port failed (-19)
[   89.816387][ T5198] chnl_net:caif_netlink_parms(): no params data found
[   89.916166][ T5198] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.923324][ T5198] bridge0: port 1(bridge_slave_0) entered disabled state
[   89.962512][ T5198] bridge_slave_0: entered allmulticast mode
[   89.963198][ T5280] netfs: Couldn't get user pages (rc=-14)
[   89.976442][ T5198] bridge_slave_0: entered promiscuous mode
[   89.995815][ T5198] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.002932][ T5198] bridge0: port 2(bridge_slave_1) entered disabled state
[   90.033209][ T5198] bridge_slave_1: entered allmulticast mode
[   90.061593][ T5198] bridge_slave_1: entered promiscuous mode
[   90.091200][ T5198] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   90.129393][ T5198] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   90.138733][ T5284] tipc: Started in network mode
[   90.143619][ T5284] tipc: Node identity aaaaaaaaaa32, cluster identity 4711
[   90.151158][ T5284] tipc: Enabled bearer <eth:vlan0>, priority 10
[   90.170040][ T5198] team0: Port device team_slave_0 added
[   90.176710][ T5198] team0: Port device team_slave_1 added
[   90.193500][ T5198] batman_adv: batadv0: Adding interface: batadv_slave_0
[   90.200585][ T5198] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   90.226555][ T5198] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   90.238369][ T5198] batman_adv: batadv0: Adding interface: batadv_slave_1
[   90.245475][ T5198] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   90.271473][ T5198] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   90.282510][ T5284] tipc: Resetting bearer <eth:vlan0>
[   90.307923][ T5284] tipc: Disabling bearer <eth:vlan0>
[   90.325488][ T5286] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(6)
[   90.332090][ T5286] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   90.339751][ T5286] vhci_hcd vhci_hcd.0: Device attached
[   90.347925][ T1895] IPVS: stop unused estimator thread 0...
[   90.361749][ T5288] vhci_hcd: connection closed
[   90.362157][ T1836] vhci_hcd: stop threads
[   90.371397][ T1836] vhci_hcd: release socket
[   90.375849][ T1836] vhci_hcd: disconnect device
[   90.384928][ T5198] hsr_slave_0: entered promiscuous mode
[   90.397218][ T5198] hsr_slave_1: entered promiscuous mode
[   90.403207][ T5198] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   90.431159][ T5198] Cannot create hsr debugfs directory
[   90.444450][ T5293] geneve0: entered allmulticast mode
[   90.499726][ T5300] geneve0: left allmulticast mode
[   90.592208][ T5312] netlink: 'syz.1.570': attribute type 3 has an invalid length.
[   90.628182][ T5312] sch_tbf: burst 25 is lower than device lo mtu (65550) !
[   90.637098][ T5312] netlink: 4 bytes leftover after parsing attributes in process `syz.1.570'.
[   90.646869][ T5198] netdevsim netdevsim6 netdevsim0: renamed from eth0
[   90.657203][ T5312] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   90.664660][ T5312] batman_adv: batadv0: Removing interface: batadv_slave_0
[   90.672878][ T5312] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   90.680395][ T5312] batman_adv: batadv0: Removing interface: batadv_slave_1
[   90.711112][ T5320] FAULT_INJECTION: forcing a failure.
[   90.711112][ T5320] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   90.724862][ T5320] CPU: 1 UID: 0 PID: 5320 Comm: syz.2.571 Tainted: G        W          6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[   90.724909][ T5320] Tainted: [W]=WARN
[   90.724917][ T5320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   90.724933][ T5320] Call Trace:
[   90.724941][ T5320]  <TASK>
[   90.724951][ T5320]  dump_stack_lvl+0xf2/0x150
[   90.724985][ T5320]  dump_stack+0x15/0x1a
[   90.725020][ T5320]  should_fail_ex+0x24a/0x260
[   90.725061][ T5320]  should_fail_alloc_page+0xfd/0x110
[   90.725102][ T5320]  __alloc_frozen_pages_noprof+0x109/0x340
[   90.725207][ T5320]  alloc_pages_mpol+0xb4/0x260
[   90.725233][ T5320]  vma_alloc_folio_noprof+0x1a0/0x310
[   90.725278][ T5320]  handle_mm_fault+0xdd7/0x2ac0
[   90.725300][ T5320]  ? __rcu_read_unlock+0x4e/0x70
[   90.725410][ T5320]  ? __rcu_read_lock+0x36/0x50
[   90.725480][ T5320]  ? __pte_offset_map_lock+0x1ce/0x280
[   90.725522][ T5320]  __get_user_pages+0xf6a/0x2350
[   90.725593][ T5320]  __gup_longterm_locked+0x932/0xf90
[   90.725620][ T5320]  ? selinux_ptrace_access_check+0x100/0x110
[   90.725652][ T5320]  ? security_ptrace_access_check+0x67/0x80
[   90.725768][ T5320]  ? down_read+0x171/0x4b0
[   90.725802][ T5320]  ? __ptrace_may_access+0x2cb/0x350
[   90.725836][ T5320]  pin_user_pages_remote+0x7f/0xb0
[   90.725869][ T5320]  process_vm_rw+0x4bc/0x890
[   90.725937][ T5320]  ? ksys_write+0x176/0x1b0
[   90.726037][ T5320]  __x64_sys_process_vm_writev+0x7a/0x90
[   90.726069][ T5320]  x64_sys_call+0x2c48/0x2dc0
[   90.726102][ T5320]  do_syscall_64+0xc9/0x1c0
[   90.726219][ T5320]  ? clear_bhb_loop+0x55/0xb0
[   90.726373][ T5320]  ? clear_bhb_loop+0x55/0xb0
[   90.726418][ T5320]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.726524][ T5320] RIP: 0033:0x7f118984d169
[   90.726594][ T5320] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   90.726620][ T5320] RSP: 002b:00007f1187eb7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000137
[   90.726642][ T5320] RAX: ffffffffffffffda RBX: 00007f1189a65fa0 RCX: 00007f118984d169
[   90.726657][ T5320] RDX: 0000000000000001 RSI: 0000400000001c80 RDI: 0000000000000121
[   90.726725][ T5320] RBP: 00007f1187eb7090 R08: 0000000000000001 R09: 0000000000000000
[   90.726738][ T5320] R10: 0000400000001d80 R11: 0000000000000246 R12: 0000000000000001
[   90.726750][ T5320] R13: 0000000000000000 R14: 00007f1189a65fa0 R15: 00007ffd8b9ba8e8
[   90.726766][ T5320]  </TASK>
[   90.967642][ T5198] netdevsim netdevsim6 netdevsim1: renamed from eth1
[   90.986060][ T5198] netdevsim netdevsim6 netdevsim2: renamed from eth2
[   91.009383][ T5198] netdevsim netdevsim6 netdevsim3: renamed from eth3
[   91.025728][ T5336] netlink: 4 bytes leftover after parsing attributes in process `syz.2.572'.
[   91.129279][ T5198] 8021q: adding VLAN 0 to HW filter on device bond0
[   91.194412][ T5198] 8021q: adding VLAN 0 to HW filter on device team0
[   91.216935][ T1895] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.224112][ T1895] bridge0: port 1(bridge_slave_0) entered forwarding state
[   91.255429][ T5360] netlink: 'syz.5.580': attribute type 1 has an invalid length.
[   91.278143][ T1895] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.285310][ T1895] bridge0: port 2(bridge_slave_1) entered forwarding state
[   92.240113][ T5368] 8021q: adding VLAN 0 to HW filter on device bond1
[   92.258134][ T5368] bond0: (slave bond1): Enslaving as an active interface with an up link
[   92.308189][ T5198] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   92.554571][ T5378] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[   92.561173][ T5378] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   92.568765][ T5378] vhci_hcd vhci_hcd.0: Device attached
[   92.591583][ T5389] netlink: 4 bytes leftover after parsing attributes in process `syz.2.583'.
[   92.608926][ T5198] 8021q: adding VLAN 0 to HW filter on device batadv0
[   92.621001][ T5380] vhci_hcd: connection closed
[   92.621428][ T1624] vhci_hcd: stop threads
[   92.630473][ T1624] vhci_hcd: release socket
[   92.634899][ T1624] vhci_hcd: disconnect device
[   92.644494][ T5395] netlink: 12 bytes leftover after parsing attributes in process `syz.2.585'.
[   92.658952][ T5385] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(6)
[   92.665584][ T5385] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   92.673350][ T5385] vhci_hcd vhci_hcd.0: Device attached
[   92.684446][ T5393] vhci_hcd: connection closed
[   92.689734][ T1624] vhci_hcd: stop threads
[   92.699053][ T1624] vhci_hcd: release socket
[   92.703488][ T1624] vhci_hcd: disconnect device
[   92.708832][ T5398] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=256 sclass=netlink_route_socket pid=5398 comm=syz.2.585
[   92.723045][ T5398] sch_tbf: burst 65536 is lower than device lo mtu (65550) !
[   92.845741][ T5423] FAULT_INJECTION: forcing a failure.
[   92.845741][ T5423] name failslab, interval 1, probability 0, space 0, times 0
[   92.858504][ T5423] CPU: 0 UID: 0 PID: 5423 Comm: syz.2.588 Tainted: G        W          6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[   92.858601][ T5423] Tainted: [W]=WARN
[   92.858610][ T5423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   92.858625][ T5423] Call Trace:
[   92.858632][ T5423]  <TASK>
[   92.858640][ T5423]  dump_stack_lvl+0xf2/0x150
[   92.858675][ T5423]  dump_stack+0x15/0x1a
[   92.858758][ T5423]  should_fail_ex+0x24a/0x260
[   92.858868][ T5423]  should_failslab+0x8f/0xb0
[   92.858905][ T5423]  __kmalloc_node_track_caller_noprof+0xa8/0x410
[   92.858938][ T5423]  ? kstrdup_const+0x3e/0x50
[   92.858973][ T5423]  kstrdup+0x3d/0xd0
[   92.859074][ T5423]  kstrdup_const+0x3e/0x50
[   92.859103][ T5423]  __kernfs_new_node+0x41/0x380
[   92.859192][ T5423]  ? down_read+0x171/0x4b0
[   92.859274][ T5423]  kernfs_new_node+0xc8/0x140
[   92.859301][ T5423]  kernfs_create_link+0x6c/0x120
[   92.859325][ T5423]  sysfs_do_create_link_sd+0x6b/0xf0
[   92.859358][ T5423]  sysfs_create_link+0x51/0x70
[   92.859421][ T5423]  driver_sysfs_add+0x54/0x160
[   92.859452][ T5423]  device_bind_driver+0x17/0x60
[   92.859478][ T5423]  usb_driver_claim_interface+0x19a/0x270
[   92.859543][ T5423]  usbdev_ioctl+0x3247/0x3f20
[   92.859596][ T5423]  ? ioctl_has_perm+0x28d/0x2e0
[   92.859658][ T5423]  ? do_vfs_ioctl+0x98b/0x1590
[   92.859690][ T5423]  ? selinux_file_ioctl+0x2f7/0x380
[   92.859720][ T5423]  ? __fget_files+0x17c/0x1c0
[   92.859783][ T5423]  ? __pfx_usbdev_ioctl+0x10/0x10
[   92.859819][ T5423]  __se_sys_ioctl+0xc9/0x140
[   92.859843][ T5423]  __x64_sys_ioctl+0x43/0x50
[   92.859866][ T5423]  x64_sys_call+0x1690/0x2dc0
[   92.859902][ T5423]  do_syscall_64+0xc9/0x1c0
[   92.859956][ T5423]  ? clear_bhb_loop+0x55/0xb0
[   92.859991][ T5423]  ? clear_bhb_loop+0x55/0xb0
[   92.860026][ T5423]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.860063][ T5423] RIP: 0033:0x7f118984d169
[   92.860082][ T5423] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   92.860099][ T5423] RSP: 002b:00007f1187eb7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   92.860118][ T5423] RAX: ffffffffffffffda RBX: 00007f1189a65fa0 RCX: 00007f118984d169
[   92.860212][ T5423] RDX: 0000400000002a40 RSI: 000000008004550f RDI: 0000000000000003
[   92.860230][ T5423] RBP: 00007f1187eb7090 R08: 0000000000000000 R09: 0000000000000000
[   92.860246][ T5423] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   92.860261][ T5423] R13: 0000000000000000 R14: 00007f1189a65fa0 R15: 00007ffd8b9ba8e8
[   92.860283][ T5423]  </TASK>
[   93.159488][ T5198] veth0_vlan: entered promiscuous mode
[   93.167903][ T5198] veth1_vlan: entered promiscuous mode
[   93.186880][ T5198] veth0_macvtap: entered promiscuous mode
[   93.198991][ T5198] veth1_macvtap: entered promiscuous mode
[   93.205930][ T5430] capability: warning: `syz.2.589' uses deprecated v2 capabilities in a way that may be insecure
[   93.252458][ T5434] bond1: entered promiscuous mode
[   93.257746][ T5434] bond1: entered allmulticast mode
[   93.263601][ T5434] 8021q: adding VLAN 0 to HW filter on device bond1
[   93.274669][ T5434] bond1 (unregistering): Released all slaves
[   93.300467][ T5198] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   93.311035][ T5198] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   93.320997][ T5198] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   93.331460][ T5198] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   93.341323][ T5198] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   93.351896][ T5198] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   93.378537][ T5198] batman_adv: batadv0: Interface activated: batadv_slave_0
[   93.398895][ T5198] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   93.409461][ T5198] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   93.419396][ T5198] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   93.429873][ T5198] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   93.439749][ T5198] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   93.450250][ T5198] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   93.895723][ T5198] batman_adv: batadv0: Interface activated: batadv_slave_1
[   93.905541][ T5198] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   93.914338][ T5198] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   93.923160][ T5198] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   93.931953][ T5198] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   93.997165][   T29] kauditd_printk_skb: 55 callbacks suppressed
[   93.997182][   T29] audit: type=1326 audit(1741337035.726:1618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5455 comm="syz.5.594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0b2cdd169 code=0x7ffc0000
[   94.026936][   T29] audit: type=1326 audit(1741337035.726:1619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5455 comm="syz.5.594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd0b2cdd169 code=0x7ffc0000
[   94.050349][   T29] audit: type=1326 audit(1741337035.726:1620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5455 comm="syz.5.594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0b2cdd169 code=0x7ffc0000
[   94.073730][   T29] audit: type=1326 audit(1741337035.726:1621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5455 comm="syz.5.594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0b2cdd169 code=0x7ffc0000
[   94.097122][   T29] audit: type=1326 audit(1741337035.726:1622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5455 comm="syz.5.594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd0b2cdd169 code=0x7ffc0000
[   94.120670][   T29] audit: type=1326 audit(1741337035.726:1623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5455 comm="syz.5.594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0b2cdd169 code=0x7ffc0000
[   94.144051][   T29] audit: type=1326 audit(1741337035.726:1624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5455 comm="syz.5.594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0b2cdd169 code=0x7ffc0000
[   94.167568][   T29] audit: type=1326 audit(1741337035.726:1625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5455 comm="syz.5.594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd0b2cdd169 code=0x7ffc0000
[   94.191053][   T29] audit: type=1326 audit(1741337035.726:1626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5455 comm="syz.5.594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0b2cdd169 code=0x7ffc0000
[   94.214439][   T29] audit: type=1326 audit(1741337035.726:1627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5455 comm="syz.5.594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=12 compat=0 ip=0x7fd0b2cdd169 code=0x7ffc0000
[   94.335098][ T5475] netlink: 4 bytes leftover after parsing attributes in process `syz.5.597'.
[   94.347754][ T5472] block device autoloading is deprecated and will be removed.
[   94.407067][ T5480] ==================================================================
[   94.415208][ T5480] BUG: KCSAN: data-race in mas_wr_store_entry / mtree_range_walk
[   94.422965][ T5480] 
[   94.425293][ T5480] write to 0xffff88811e7b2008 of 8 bytes by task 5474 on cpu 0:
[   94.433384][ T5480]  mas_wr_store_entry+0x1222/0x23f0
[   94.438601][ T5480]  mas_store_prealloc+0x6bf/0x960
[   94.443641][ T5480]  commit_merge+0x441/0x740
[   94.448160][ T5480]  vma_expand+0x211/0x360
[   94.452507][ T5480]  vma_merge_new_range+0x2da/0x340
[   94.457633][ T5480]  mmap_region+0x7e0/0x1620
[   94.462143][ T5480]  do_mmap+0x98a/0xc30
[   94.466419][ T5480]  vm_mmap_pgoff+0x16d/0x2d0
[   94.471024][ T5480]  ksys_mmap_pgoff+0xd0/0x330
[   94.475718][ T5480]  x64_sys_call+0x1940/0x2dc0
[   94.480406][ T5480]  do_syscall_64+0xc9/0x1c0
[   94.485010][ T5480]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.490937][ T5480] 
[   94.493268][ T5480] read to 0xffff88811e7b2008 of 8 bytes by task 5480 on cpu 1:
[   94.500813][ T5480]  mtree_range_walk+0x140/0x460
[   94.505686][ T5480]  mas_walk+0x16e/0x320
[   94.509854][ T5480]  lock_vma_under_rcu+0x95/0x270
[   94.514816][ T5480]  exc_page_fault+0x150/0x650
[   94.519509][ T5480]  asm_exc_page_fault+0x26/0x30
[   94.524388][ T5480] 
[   94.526714][ T5480] value changed: 0x00007fd0b12defff -> 0x00007fd0b12bdfff
[   94.533824][ T5480] 
[   94.536152][ T5480] Reported by Kernel Concurrency Sanitizer on:
[   94.542308][ T5480] CPU: 1 UID: 0 PID: 5480 Comm: syz.5.597 Tainted: G        W          6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[   94.554384][ T5480] Tainted: [W]=WARN
[   94.558200][ T5480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   94.568299][ T5480] ==================================================================