last executing test programs:

3.966256504s ago: executing program 4 (id=6142):
r0 = syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000200)='./file0\x00', 0x800, &(0x7f0000000180)=ANY=[@ANYRES8=0x0, @ANYRES16, @ANYRES64, @ANYRES16=0x0], 0x1, 0x36e, &(0x7f0000000c00)="$eJzs3c9rI2UYwPEnaZpMumyTgygK0ge96GVoq2c1yC6IAZfuRtwVhNntREPGpMyESERsPXkVb/4DgsseFzwsqP9AL97WixdP9iIIuog4Mr/SJJ00aTZL0/b7gTZP8r7PzPvmF88byJuD9776uFn3zLrVkayhkhEReSRSlqwkMtFFXlLsycuX/nz4/PWbt96uVKtXtlSvVm68sqmqq2s/fPJZMe72oCD75Q8OxPht/+n9Zw/+u/FRw9OGp612Ry293f61Y912bN1ueE1T9ZpjW56tjZZnu1F7O2qvO+2dnZ5are3LKzuu7XlqtXratHvaaWvH7an1odVoqWmaenklbbjnmDFDTu3u1pZVmfGEd2bMw7z94/v+Mc2uW7GWRMzikZba3Sc6LgAAsJBG6v9vkhqhLNl+QZmJ1wL5MB5eBgT1fxKH9X+wWDis/++98FPn0rv3V+P6/0E+rf5/9Zcof6j+D84+9/r/u5HrRyuiM2/3JJ0fq/7HYlgbfkX+frhijwX1f/Bq6K/ov3j/3noYUP8DAAAAAAAAAAAAAAAAAAAAAHAWPPL9ku/7peQy+Tv8CkF8Pbl23BeNceaMe/wL8Y4C/ecDzqXrN2+JEX5xL7cq4nzZrXVr0WXcnnRcl5L8Gz4fYtGGE3thowbK8qOz260txwlL4f+KiIojtmxIScpD+WF89a3qlQ2NRPnh+Xe7tUxuJcivSyPM35SSPJWev5man5eXXhzIN6UkP9+RtjiyHb+PJfmfb6i++U51JL8Y9kvz+pN9SAAAAAAAmDtT1YiXz+Xh9W+0fjdN1bT2YC0vg+vzo58P9NfX66nr81zpudzpzh0AAAAAgIvCy3/atBzHdr3e2KAok/oU4qONNOVkwpGDIDdFn6HgYRgsH9dnaWCG0x45H/+CxrTDcL2eTD3mJPirIKl3ZrKF61CTkX6vThkk85+is3HSh8D1siefu+16a8F4dKbpDATJx0bj+si1WY88Lkh2zp3U+Zmvv/17tlNk4l17B5teu29MmGkYZEZu2ZvwpP3D9yeOZzn93eL7WX5kBgAAAMCCSIr+opfc8sbpDggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAtortukjQlOe44AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAovg/AAD//5h69bA=")
r1 = fcntl$getown(r0, 0x9)
r2 = syz_open_procfs(r1, &(0x7f0000000000)='net/ip_tables_targets\x00')
r3 = open(&(0x7f0000000300)='./file0\x00', 0x145142, 0x0)
ftruncate(r3, 0x2007ffb)
sendfile(r3, r2, 0x0, 0x800000009)

3.407795541s ago: executing program 1 (id=6147):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x20, 0x0, 0x0, 0x3}, {0x6, 0x0, 0x5, 0x8}]}, 0x10)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000410"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
r6 = socket$caif_stream(0x25, 0x1, 0x0)
sendmmsg$inet(r6, &(0x7f0000000040)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000000)="92", 0x1}], 0x1}, 0x1000000}], 0x2, 0x0)
getsockname$packet(r3, &(0x7f0000000140)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r8}, 0x10)
r9 = mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x0, 0x0)
mq_timedsend(r9, 0x0, 0x0, 0x6, 0x0)
mq_timedreceive(r9, &(0x7f0000004600)=""/102381, 0xfffffceb, 0x0, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000240)=ANY=[@ANYBLOB="bec809a97bf6626ba6544cb2a5121e1310aeea8affca0ff6f9095be99bc3abf6bd287c239709a54e0c46d92fd0248f22e31cc09698b6fa0a52b281efc1ceac212e0d61bfccda5457e77c0c8a767482a03b1c9fe16938a0238bbfcb72c9d1839ede1339f6683885a0438077c2f99be7e3f207ac75151468db0922c380dff7588a3303540ff2e36b85196f9fc6ff0b2e3bff8e8a415d9ac65b4ce8be16bbde0c1d55b9bdc4", @ANYRES32=r7, @ANYBLOB="01980000000000001800128008000100677265000c00028008000700ac141400"], 0x38}}, 0x0)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r10, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000880)=ANY=[@ANYBLOB="1400000010000100eb000000000000000000000a18010000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000002cd4000980080001"], 0x140}, 0x1, 0x0, 0x0, 0x20014010}, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280))
r11 = socket$netlink(0x10, 0x3, 0x400000000000004)
sendmsg$TCPDIAG_GETSOCK(r11, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="540000001200010127bd7000fedbdf25110409054e234e2200100000000000c8af000000000200000800000001000000bf07000000040000", @ANYRES32=0x0, @ANYBLOB="a00100abd60e00000500000018ea00000800010089"], 0x54}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendto$packet(r0, &(0x7f0000000000)='1', 0x1, 0x40, &(0x7f0000000200)={0x11, 0x8100, r7, 0x1, 0x0, 0x6, @local}, 0x14)
setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r3, 0x6, 0x21, &(0x7f00000003c0)="d420829761f21d870d524103baad31e2", 0x10)

3.051206616s ago: executing program 1 (id=6150):
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x68, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, @perf_config_ext={0x7, 0xfffffffffffffffc}, 0x103200, 0x1, 0x840000, 0xc, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800702, &(0x7f0000000300)={[{@grpid}, {@bsdgroups}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x40}}, {@orlov}, {@bsdgroups}, {@oldalloc}, {@resuid}]}, 0x2, 0x462, &(0x7f0000000f80)="$eJzs209sFNUfAPDvzLblx//+EP+AqFVibPzT0oLKwYtGEw8YTfSAx9oWQliooTUBQqQagxcTQ6JejUcTD569eTHqycSr3g0JUS6gpzUzO9vuLruF0mW3dT+fZNv3dt7ue9+deTNv5s0E0LdGsj9JxLaI+C0idlazjQVGqv9uXLsw/fe1C9NJVCpv/pnk5a5fuzBdVzr/6NYiNZpGpB8lRSWN5s+dPzlVLs+eKfLjC6feHZ8/d/6ZE6emjs8enz09efjwoYMTzz83+WxH4sziur73/bl9e159+/Jr00cvv/PTN1ljtxXLm+LoiJEs8L8queZlj3e6sh7bXpdOBnrYEFalFBHZ6hqMiEopyy+vvJ3xyoc9bRxwV2XHpk3tFy9WgP+wJHrdAqA3agf67Py39urS0GNduPpi9QQoi/tG8aouGYi0KDPYdH7bSSMRcXTxny+zV9yl6xAAAPU+mf78SDzdavyXnr6vrtyOYg5lOCL+HxG7IuKeiNgdEfdGRFb2/oh4YJX1N08N3Tz+Sa/cUWC3KRv/vVDMbTWO/2qjvxguFbntefyDybET5dkDxW8yGoObsvzECnV8//Kvn7ZbVj/+y15Z/bWxYNGOKwNNF+hmpham8kFpB1z9IGLvQKv4k6WZgCQi9kTE3tV99Y5a4sSTX+9rV+jW8a+gA/NMla8inqiu/8Voir8mWXl+cvx/UZ49MF7bKm728y+X3mhX/5ri74Bs/W9p3P6biwwn9fO186uv49LvH7c9p7nT7X8oeSvfHw0V752dWlg4MxExlBzJ8w3vTy5/tpY/OzW4FP/o/tb9f1fxmSz+ByMi24gfioiHI+KRou2PRsRjEbF/hfh/fKn9svWw/mda7v+Wtv+m9b/6ROnkD9+1q//21v+hPDVavJPv/27hdhu4lt8OAAAANoo0vwc+SceW0mk6Nla9h393bEnLc/MLTx2be+/0TPVe+eEYTGtXunbWXQ+dSBaLb6zmJ4trxbXlB4vrxp+VNuf5sem58kyPY4d+t7VN/8/8Uep164C7rtU82uRQDxoCdF1z/08bsxdf72ZjgK7yvDb0r1v0/7Rb7QC6z/Ef+tdy//9iKXUx/7v8iHCpQw8cAOuL4z/0L/0f+pf+D/1L/4e+tJbn+iX6ORFpN+pKI2Jt37M51ssvtrESLXYW37oTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2Hj+DQAA//+mYPCN")

2.940609958s ago: executing program 1 (id=6152):
bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb8500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000840)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r0}, 0x10)
syz_io_uring_setup(0x8d2, 0x0, 0x0, 0x0)
openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
renameat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180500000000c800000000004b64ffec850000007d00000085"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
openat(0xffffffffffffff9c, 0x0, 0x82000, 0x23)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0xc, 0x10000000000}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0)
write$binfmt_aout(r4, &(0x7f0000000080)=ANY=[], 0xff2e)
ioctl$TCSETS(r4, 0x5402, &(0x7f0000000100)={0xfffffff7, 0x0, 0x0, 0xffffffff, 0x0, "f937267f0f7ba56f03a6a1ae3f0a6a64c64c56"})

2.619491593s ago: executing program 4 (id=6154):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0xfffffffffffffffd}, 0x18)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0xfffffffc, @empty, 0x2}, 0x1c)
listen(r0, 0x9)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000980)=ANY=[@ANYBLOB="84000000", @ANYRES16=r4, @ANYBLOB="010000000000fbdbdf250100000008000200000000000500050000000000080003000100000048000180050002002000000006000100020000000800060003000000080003"], 0x84}}, 0x20000000)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000003140)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="01002cbd7000ffdbdf25"], 0x14}, 0x1, 0x0, 0x0, 0x20000800}, 0x800)

2.530303184s ago: executing program 2 (id=6155):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
r1 = io_uring_setup(0x4d3f, &(0x7f0000000240)={0x0, 0xca6a, 0x40, 0x1, 0x6})
mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0)
io_uring_register$IORING_REGISTER_RESTRICTIONS(r1, 0xb, &(0x7f0000000480)=[@ioring_restriction_sqe_op={0x1, 0x1c}], 0x1) (fail_nth: 3)

2.237819228s ago: executing program 2 (id=6156):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r0], &(0x7f0000000840)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, 0x0, 0x0)
recvmmsg(r1, &(0x7f0000000000)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)

2.237269818s ago: executing program 3 (id=6157):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000180)='./file0\x00', 0x1000802, &(0x7f00000001c0)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c6e6f6e756d7461696c003130dbbb3121258e322c262b537f5d0000006e695f7804590000000000003d312c696f63686172538c6c90392bc69373686f72746e616d65653ff959f53d6d697865642c636f6465706167653d3821332c696f6368617273650000000031323831e54f1bb0a3d72c007e3db5a829498e2a721ae5804ff8ccb41eff157cfdfcef90a6010100003ceeeac934b3165b4a0ea182cdd0666ab32f2d041a99ac9fc865ba946f1bb7759d02742dfcc68937ff86d7a54d6de8823119c767d45d6047209f4436383e7c37b59a34407d4a0e6a382108ddd52580281f1d8ad71c4ceafb49960f1429b090d1429f519f9c2b0cb88ffa6fc04fa61c275bf560b9eeeb2d0c8b3ddeb56783f9908c21cf9b2ba0b76b9b60c991bb17c7d0accad1cdaf3259b7dc405d72e2bc3abe0cf37bda3dbfc05e2e55f8aa272b5ea736019c3c0a9b34115a445e0c5da1bd7352ec9529f5caa71f1ae71b36b500c79fffb487ed081232b5d93d3162c7f71f4d5756c9e5442fa3692127266a0c15dac9171edda86b148d17a48d4d90470e79620eeab5acf6f78f807298315e2b80fe1874098d75ab47837a96699e2a7db456f2a4368bece813135ed970951c7471ac16703820a799421cb24f32a5f49ab45bec637c38bcbdae4da3a05f96b2162c47d0b1277e1b1bcc981cce8f6f7f3dd8d06352eb387997b498a732d8442115755ff14d508891abd401b3cafcba75a6901fbe08002674d8663b8c40e9cf13fa4c4a092cb8004a1d2a6fe18cd5d702493d52a7110b17e64b9fa22fb3ace98b9ca35cb98c65f0902dd430373f6ae43c4a60c423b6f65b5ecc2093698072abc857ab2d36a261a7fc5776d39c3d5d5fad291c88ff9726d5ee32c6bcac1799ade9459eb39b56d985d29b988c72c9ad7e82b589f454a58d7cd5ace9436cf69acc217737c863d8938cc95767a0c9b14cb79f5b45ea2408d1da65a2ed8cf55ac8953e5b6a2008336707ca72e7211dafa5"], 0x4, 0x251, &(0x7f0000000880)="$eJzs3UFLVGsYB/BndESvcBkXF+RK0In2gxrtlVCQBopiFrVKUikcExKEWqit+ght6ivUJmgbtIi2fYEIwoI22spFMKFndHScqbEaT+Tvt/HB9/3P+54zhzkzi3nmxqmF+ZnFpbnNzfXo68v15Mfi+dBWLgYiojtSawEA/E22qtXYqKay3gsAcDzc/wHg5Knf/3OH7v+5tb33BJePf2cAQKf4/A8AJ8/Va9cvjpdKE1c2kr6IhYfL5eVy+jcdH5+L21GJ2RiOQnyNqO5J60dTpYnhZNvHgSgvrNbyq8vl7oP5kSjEwOH85FRpYiRJHcz3RH8t/64/ZmM0CvFf8/xos3xPRJzdt34xCvH2ZixGJWZiO1vPr4wkyYVLpYb1e3fmAQAAAAAAAAAAAAAAAAAAAABAJxS7dlrnVHuTpGn/nmIx2dUwnub39wf6p0l/oMm9/kCN/X3yMZTP9tgBAAAAAAAAAAAAAAAAAADgT7F07/78dKUye/d7xZ03T1/9aE6bRa627r6hWr+A1elKb0T8+hJtFv+e+fC49ZwHRzk/v7d4efqYF90+7UdNvV6/9f+5pcHzreZEvmN77vqZJ+VzoWOX1rPdYuxLBldLq6K78T+DT8amX6y8/9Tu42T4ogQAAAAAAAAAAAAAAAAAACdU/Uu/We8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALJT//3/FkUuWg61WaxlfYwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAtAAD//2EfqVI=")
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x2}}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0xfffe}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x9}, @NFTA_CT_DIRECTION={0x5}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x80}}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.stat\x00', 0x275a, 0x0)
chdir(&(0x7f00000001c0)='./file0\x00')
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={<r3=>0xffffffffffffffff})
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000005c0)='kfree\x00', r1, 0x0, 0x69}, 0x18)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={0xffffffffffffffff, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)

2.219907848s ago: executing program 4 (id=6158):
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000240)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x4, 0x0, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000340)='kmem_cache_free\x00', r4, 0x0, 0xffffffffffffffff}, 0x18)
mremap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f0000006000/0x4000)=nil)
munmap(&(0x7f0000003000/0x4000)=nil, 0x4000)
r5 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3ffffffffffff16, 0x2, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
syz_extract_tcp_res(&(0x7f0000000000), 0xffffffff, 0xd)
syz_emit_ethernet(0x1162, &(0x7f0000001b00)=ANY=[], 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r7, &(0x7f0000001ac0)={0x0, 0x600, &(0x7f0000000440)={&(0x7f0000001940)=ANY=[@ANYBLOB="14000000", @ANYRES16=r8, @ANYBLOB="01dfffffff9a2600000021"], 0x20}, 0x1, 0x0, 0x0, 0x4000c00}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000ffffffff000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r9 = syz_open_dev$usbfs(&(0x7f0000000080), 0x70, 0x101301)
ioctl$USBDEVFS_IOCTL(r9, 0xc0105512, &(0x7f0000000200))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

2.07455073s ago: executing program 3 (id=6159):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000000a40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x104)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000e8ff00000900000001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r1, &(0x7f0000001040)="39f63a409583582a7e8a2dc2abefe6fddbc70308eb87c90a53284f4b36000d566648b169ec9550b1896c399f326e541701c256992dd76ffb4d6da7c843bc6601b4", &(0x7f00000010c0)=""/154}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
truncate(&(0x7f0000000900)='./file1\x00', 0x3000000)
getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0)
fallocate(r0, 0x8, 0x4000, 0x4000)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000000fc0)={r2, 0x0, &(0x7f0000001000)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xfffffffffffffdd0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000001180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x2c, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffa5, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='svc_xprt_accept\x00', r3, 0x0, 0xf}, 0x18)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x80801c, &(0x7f00000001c0)={[{@quota}, {@jqfmt_vfsv0}, {@data_err_ignore}, {@errors_remount}, {@nobarrier}]}, 0x1, 0x520, &(0x7f0000000740)="$eJzs3c9vI1cdAPDveDeJs02btPQACOhSCgtarbPxtquqB1hOCKEKRI8gbUPijaLYcRQ7pQl7SP8HJCpxgiN/AOdKSNy5ILhxKQckfkSgphIHoxmPs05iN2GTeNL485FG894bx9/vW8vv2c9rvwDG1s2I2I2IyYh4OyJm8/YkP+JB90hv99He46X9vcdLSXQ6b/0zya6nbdH3N6ln8vssR8QPvxPxk+R43Nb2ztpivV7b7Fan59uNjfnW9s6d1cbiSm2ltl6t3l+4f/f1e69Vz62vLzUm89IXP/zD7jd+lqY1k7f09+M8dbs+cRAndT0ivncRwQpwLe/PZNGJ8FRKEfFCRLycPf9n41r2aAIAV1mnMxud2f76IDE3uB0A+DQqZWtgSamSrwXMRKlUqXTX8F6MG6V6s9W+/ai5tb7cXSubi4nSo9V67W6+VjgXE0laX8jKT+rVI/V7EfF8RPx8ajqrV5aa9eUiX/gAwBh75sj8/5+p7vzfb6pX+F0BCQIAF6NcdAIAwMiZ/wFg7PjuBgCMIe//AWD8PJn/HxSaBwAwOt7/A8D4Mf8DwFj5wZtvpkdnP//96+V3trfWmu/cWa611iqNraXKUnNzo7LSbK5kv9nTOOn+6s3mxsKrsfXu3Dc3Wu351vbOw0Zza739MPtd74e1iZH0CgD4JM+/9MGfk4jYfWM6O6Lv+wDmarjaSkUnABTmWtEJAIWx2xeMrzO8x7c8AFfEgC16DylHxPTRxk6n07m4lIALdutz1v9hXPWt//tfwDBmrP/D+LL+D+Or00mG7Pl/TJz2hgDA5WaNHxjy+f8L+fk3+YcDP14+eov3LzIrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuNx6+/9W8r3AZ6JUqlQino2IuZhIHq3Wa3cj4rmI+NPUxFRaXyg4ZwDgrEp/S/L9v27NvjJz9Opk8vFUdo6In/7yrV+8u9hub/4xbf/XQXv7/by9WkT+AMBJevN0du57I//R3uOl3pE3fX8U+fz92xFR7sbf35uM/YP41+N6di7HRETc+HeS17uSvrWLs9h9LyI+O6j/ScxkayDdnU+Pxk9jPzvS+KVD8UvZte45/bf4zDnkAuPmg3T8eTDo+VeKm9l58PO/nI1QZ5ePf+ldLe1nY+CT+L3x79qQ8e/maWO8+vvvdkvTx6+9F/H56xG92Pt9408vfjIk/iunjP+XL3zp5WHXOr+KuBWD4/fHmm83NuZb2zt3VhuLK7WV2nq1en/h/t3X771Wnc/WqOeHzwb/eOP2c1lhwE3S/t8YEr98Qv+/esr+//q/b//oy0OupfG//pVB8Uvx4ifET+fEr50y/uKN35aHXUvjLw/p/0mP/+1Txv/wrzvHtg0HAIrT2t5ZW6zXa5ujLPReSIw0aKGF6cuRxmkKU/mDc1nyOVS4tImtLda/NapYk/F//VWn81SxDg0TfZ8LnseqG3AZHDzpI+LjopMBAAAAAAAAAAAAAAAGutAvKiXdQtF9BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Or6XwAAAP//wlnKBg==")
r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000000313fadabd940b957bf2ba9fa2a310000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa10000ffffffe007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b707000008000000850000006900000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r4, 0x401054d5, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x0, &(0x7f0000000140)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@i_version}, {@user_xattr}, {@lazytime}]}, 0x1, 0x445, &(0x7f0000000200)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==")
fchownat(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0xee00, 0xffffffffffffffff, 0x0)

1.646584097s ago: executing program 3 (id=6163):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="0500000004000000080000000b"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000540), 0x0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r3, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000180)={0x0, 0x18, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xf}, {0xe, 0xd}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0x0, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x0)

1.620775647s ago: executing program 3 (id=6164):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$inet(0x2b, 0x5, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f0000000080)=0x5)
poll(&(0x7f0000000000)=[{r0, 0x6356}], 0x1, 0xff16)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x7, &(0x7f0000000040), 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYRES16=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b704000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000007c0)=ANY=[@ANYBLOB="3c020000190001000000000000000000fc0200000000000000000000000000000000000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=r3, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000084010500ff010000000000000000000000000001400000006c0000000000000000000000000000000000ffff000000000000000000000000000000000000000000000000fc020000000000000000000000000000000000003200000000000000ffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000003c00000002000000ac1414bb0000000000000000000000000000000001000000000000000000000000000000e0000002000000000000000000000000000000003300000002000000fe8000000000000000000000da19ab3300000000000000000000000000000000000000000000000000000000000000000000000000db00"/404], 0x23c}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, &(0x7f0000000040)})
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = openat$cgroup_ro(r1, &(0x7f0000000340)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
fcntl$lock(r5, 0x26, &(0x7f0000000000)={0x0, 0x0, 0x40})
fcntl$lock(r5, 0x25, &(0x7f0000000040)={0x1, 0x0, 0x80, 0x200000007})
fcntl$lock(r5, 0x25, &(0x7f0000000180)={0x0, 0x1, 0x0, 0x80000000})
syz_genetlink_get_family_id$wireguard(&(0x7f0000000080), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$WG_CMD_SET_DEVICE(r6, &(0x7f0000000d00)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000100)=ANY=[@ANYBLOB="a131913f047022179f71954fdadfd6a803a37fc05c97b373cfba0af99585e7c99fc810a8a16eb5777b7eacfde539de45e8c8d7fcca02a7e62b520216d127056d2d67343bc10b974ca0a9", @ANYRES16=r4, @ANYRES64=r2], 0x21c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b00000000000000000000000080000080020000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000080000000ff0f0065000000000000"], 0x50)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sched_switch\x00', r8}, 0x10)
r9 = io_uring_setup(0xad5, &(0x7f0000000040)={0x0, 0x7536, 0x0, 0x100})
close(r9)
clock_nanosleep(0x2, 0x1, &(0x7f0000000000)={0x77359400}, 0xfffffffffffffffe)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="180000f52500db110200000000697cfeb06e41f15571862340f4081fdb00000000110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/zoneinfo\x00', 0x0, 0x0)

1.600320897s ago: executing program 0 (id=6165):
rseq(&(0x7f0000002d80), 0x20, 0x0, 0x0)
r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000140), 0x121880, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000002c0)={0x7ff, <r1=>0x0}, 0x8)
rseq(&(0x7f0000000400)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x0, 0x6, 0x7, 0x1}, 0xb}, 0x20, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[], 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x40f00, 0x3f, '\x00', 0x0, @fallback, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000003c0)=r1, 0x4)
rseq(0x0, 0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x4000, &(0x7f0000000140)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c636865636b3d7374726963742c756d61736b3d30303030303030303030303030303030303133363033302c756e695f786c6174653d312c756e695f786c6174653d302c666d61736b3d30303030303030303030303030303030303030303034302c757466383d302c6e6f6e756d7461696c3d302c73686f72746e616d653d77696e39352c73686f72746e616d653d6c6f7765722c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c74696d655f6f66667365743d3078303030303030303030303030303166622c666c7573682c756e695f786c6174653d302c73686f72746e616d653d77696e39352c00208893fdd4787adad4209069"], 0x6, 0x2ab, &(0x7f0000000a80)="$eJzs3b1rLFUUAPAzyX6pxW5hJYIDWlg9Xl5rs0HyILiVsoVa6MP3Hkh2ERII+IFrKlsbS/8CQbDzn7CxsBdsBTtTBEZmZya7ibObTHATP36/Jjd3zrn3zOQmYYs9+/6L04PHaTw9+eyX6PWS2BrGME6TGMRWVL6IC4ZfBQDwb3aaZfF7VmiSl0REb3NlAQAb1Pj///cbLwkA2LC33n7njd3RaO/NNO3Fw+mXx+P8lX3+tbi++zQ+jEk8ifvRj7OI7Fwxfphl2ayV5gbxynR2PM4zp+/9WK6/+1vEPH8n+jGYT13M3x/t7aSFpfxZXsez5f7DPP9B9OP5mv33R3sPavJj3IlXX16q/17046cP4qOYxON5EYv8z3fS9PXs6z8+fTcvL89PZsfj7jxuIdu+5R8NAAAAAAAAAAAAAAAAAAAAAAD/YffK3jndmPfvyafK/jvbZ/k37Ugrg4v9eYr8pFroUn+gWRbfVP117qdpmpWBi/xWvNCK1t3cNQAAAAAAAAAAAAAAAAAAAPyzHH38ycGjyeTJ4d8yqLoBVG/rv+k6w6WZl6ImZhDnM93FllvltmtWju0qJolYW0a+YqPi21fvvmLwzKqsb79r+uh6V8e0b1Bhw0F1ug4eJfXPsBvVTK86JD8sx3Timnt1Vl3KGh2/Tu2lfuN77zw3H8zWxESyrrDXfi2eXDmTXL6Lzvyp1qa3y0Hxu1B3Nhqd57/+rUh06wAAAAAAAAAAAAAAAAAAgI1avOm35uLJiqSf94sP+Y/BhqsDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNux+Pz/BoNZmXyN4E4cHt3xLQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA/8GcAAAD//wrtYeE=")
mknod$loop(&(0x7f0000000300)='./file0\x00', 0x100000000000600d, 0x1)
creat(&(0x7f00000000c0)='./file0\x00', 0xc9028ba210c11e9b)
madvise(&(0x7f00000ec000/0x800000)=nil, 0xffffffffdff13fff, 0x17)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0x3)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000600)={0x8, &(0x7f0000000440)=[{0x7f, 0x21, 0xff, 0x8}, {0x7, 0x8, 0x5, 0xdc2d}, {0x101, 0xcd, 0x6, 0x8}, {0x401, 0x5, 0x2, 0x100}, {0x3bed, 0x2, 0x8, 0xe}, {0x6, 0x90, 0x6, 0x2}, {0x1, 0x1, 0xd, 0xa}, {0x1, 0xf, 0x1, 0xfffff0c8}]})
ioctl$TCGETS(r2, 0x5401, &(0x7f0000000280))
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000000, &(0x7f00000006c0), 0x1, 0x512, &(0x7f0000000c40)="$eJzs3W1rZFcdAPD/vcmk2d3UTFVkLdgWW9ktujNJY9so0lYQfVVQ6/s1JpMQMsmEzKRuQtEsfgBBRAU/gG8EP4Ag+xFEWND3oqKI7upL3St35kbzMJMMySSzTn4/OJlz7sP5n3PJ3LkPh3sDuLJeioh3ImIsIl6NiOlielqk2OukfLnHjz5YzFMSWfbe35JIimn7deXl8Yi4Uaw2GRFf/0rEt5LjcZs7u2sL9XptqyhXW+ub1ebO7p3V9YWV2kptY25u9o35N+dfn5/JCufqZzki3vrSn370/Z99+a1ffebbv7/7l9vfyZv1hY912h0Ri+cK0EOn7lJ7W+zLt9HWRQQbkrw/pbFhtwIAgH7kx/gfjohPto//p2OsfTQHAAAAjJLs7an4VxKRAQAAACMrjYipSNJKMRZgKtK0UumM4f1oXE/rjWbr08uN7Y2lfF5EOUrp8mq9NlOMFS5HKcnLs8UY2/3ya0fKcxHxXET8cPpau1xZbNSXhn3xAwAAAK6IGy8ePv//53TazgMAAAAjptyzAAAAAIwKp/wAAAAw+pz/AwAAwEj76rvv5inbf4/30vs722uN9+8s1ZprlfXtxcpiY2uzstJorLSf2bd+Wn31RmPzs7Gxfa/aqjVb1ebO7t31xvZG6+7qoVdgAwAAAJfouRcf/C6JiL3PX2unKJ4DCHDIH4fdAGCQxobdAGBoxofdAGBoSqcuYQ8Boy45Zf7xwTuda4Xx64tpDwAAMHi3Pn78/v9EMe/0awPA/zNjfQDg6nF3D66u0llHAN4cdEuAYflQ5+OZXvN7Pryjj/v/nWsMWXamhgEAAAMz1U5JWimO06ciTSuViGfbrwUoJcur9dpMcX7w2+nSM3l5tr1mcuqYYQAAAAAAAAAAAAAAAAAAAAAAAACgI8uSyAAAAICRFpH+OWk/zT/i1vQrU4evDhx569dP3/vxvYVWa2s2YiL5+3Q+aSIiWj8ppr+WeSUAAAAAPAU65+nF5+ywWwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqHn86IPF/XSZcf/6xYgod4s/HpPtz8koRcT1fyQxfmC9JCLGBhB/735E3OwWP4knWZaVi1Z0i3/tguOX25ume/w0Im4MID5cZQ/y/c873b5/abzU/uz+/Rsv0nn13v+l/93/jfXY/zx7pNzL8w9/Ue0Z/37E8+Pd9z/78ZNO/EMh8sLLffbxm9/Y3e0640CV3eIfjFVtrW9Wmzu7d1bXF1ZqK7WNubnZN+bfnH99fqa6vFqvFX+7hvnBJ3755KT+X+8Rv3y4/8e2/yt99T6Lfz+89+gjnUKpW/zbL3f//b3ZI35a/PZ9qsjn82/t5/c6+YNe+PlvXjip/0s9+j95Sv9v99X/+NyrX/veH7rOObY1AIDL0NzZXVuo12tbJ2Qm+1jmkjNvPx3NGGAmno5mDCuTfbfz/3i+es65+rFMdp7Vx2MAzZg49j0di7NWmETs5XX1+Q8JAACMmP8d9J90BwkAAAAAAAAAAAAAAAAAAAC4SGd8LNlkRPS98NGYe8PpKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAif4TAAD//4RX0Xo=")
socket$can_j1939(0x1d, 0x2, 0x7)
mount(0x0, &(0x7f00000001c0)='.\x00', 0x0, 0x401, 0x0)
chown(&(0x7f0000000280)='./file0\x00', 0x0, 0x0)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000380)={&(0x7f0000000300)="6433329efc2a2bcf300f617c0e4bc8b10e735b36a5aaee2b7913b25310efa624b298430a49865c02002ece04eb686dbce815cdd30094c34698debe03e29d91c52dfbbb89847dd254d9b76f813f4abd28e3ebac43270e09e3f81e30200c5bdc19f78c2df020e94aeb4242ee1d5e4476a6f77b", &(0x7f0000000540)=""/183, &(0x7f00000004c0)="a5a2c2d359d7048d27cdc6fcb343aad9e5f28200b171114f0b52b8aef5c3686ecf791c140f522181bffe5604dda707000000000000000a562ab88cde2820b1c4da814eb1045454731e4f9f644583f11ddea7be539af438cebdf7be11aa07a0c5a263b61a70afccc8c2b82c9f6317667210", &(0x7f0000000180)="03fbd9e941ae69ebea08a375be0b7a50f5cfab6544e8ffbfea5e27025d4ee71423ce43f2ab5fc2eaa1e9f8f50a15cf383cea86770d923142", 0x6, 0xffffffffffffffff, 0x4}, 0x38)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x1, 0xd, &(0x7f0000000700)=ANY=[@ANYRESOCT=r2, @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r4, 0x0, 0x2}, 0x18)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000001100)={r3, &(0x7f00000000c0), &(0x7f0000001080)=""/90}, 0x20)
socket$packet(0x11, 0x3, 0x300)

1.480575129s ago: executing program 0 (id=6166):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000014c0)=@newsa={0x154, 0x10, 0x1, 0xa000000, 0x0, {{@in6=@local, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, {@in, 0x0, 0x32}, @in=@empty, {0xfffffffffffffffe}, {0x0, 0x0, 0x0, 0xca75}, {0x0, 0x6}, 0x0, 0x0, 0xa, 0x4, 0x0, 0xaf}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @replay_esn_val={0x1c, 0x17, {0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x2}}]}, 0x154}}, 0x200080c0)

1.461744749s ago: executing program 0 (id=6167):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @lirc_mode2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r1}, &(0x7f0000000340), &(0x7f0000000300)}, 0x20)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xb, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r2 = perf_event_open(&(0x7f0000000380)={0x2, 0x80, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x0, 0x3, 0xfffffffe, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={0xffffffffffffffff, 0x20e, 0x117, 0x0, &(0x7f00000004c0)="b9180bb76003070c009e40f086dd1fff290000003b0020010010ac14142ee0080001c699da153f0ae0e6e380f60115f683317585d7472ce0ab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b333c20c9ec0c222d644bdcb178c1cc53d6960fbb842d6a33dfcde3a1e1848135214baf139753866cadcbe3ce52505e992818cc452bee339d9ab076f484020eaa348a21d7911e4c44905256ec2cc54cca47a198b00c10aff62a4bed43a2ebcad92743fb22c593f28fd4bb7c703cde9cae0569d4c8d9a823f2c12863f7a6c0cf88ed22aae4f6f084508833b61429a25773eedf63dd9f33d430f2a0a30a7761db16fe0f743b95ded898c28aac1256ce27", 0x0, 0x31, 0x6000000000000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f0000000540)='cpu&00\t||')
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="600000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="1546010000000000380012800e000100697036677265746170000000240002800400120014000700ff0200000000000000000000000000010800150015e5040008000a00", @ANYRES32], 0x60}}, 0x0)
socket$netlink(0x10, 0x3, 0x0) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @lirc_mode2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r1}, &(0x7f0000000340), &(0x7f0000000300)}, 0x20) (async)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xb, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) (async)
socketpair$unix(0x1, 0x5, 0x0, 0x0) (async)
perf_event_open(&(0x7f0000000380)={0x2, 0x80, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x0, 0x3, 0xfffffffe, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={0xffffffffffffffff, 0x20e, 0x117, 0x0, &(0x7f00000004c0)="b9180bb76003070c009e40f086dd1fff290000003b0020010010ac14142ee0080001c699da153f0ae0e6e380f60115f683317585d7472ce0ab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b333c20c9ec0c222d644bdcb178c1cc53d6960fbb842d6a33dfcde3a1e1848135214baf139753866cadcbe3ce52505e992818cc452bee339d9ab076f484020eaa348a21d7911e4c44905256ec2cc54cca47a198b00c10aff62a4bed43a2ebcad92743fb22c593f28fd4bb7c703cde9cae0569d4c8d9a823f2c12863f7a6c0cf88ed22aae4f6f084508833b61429a25773eedf63dd9f33d430f2a0a30a7761db16fe0f743b95ded898c28aac1256ce27", 0x0, 0x31, 0x6000000000000000, 0x0, 0x0, 0x0, 0x0}, 0x50) (async)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f0000000540)='cpu&00\t||') (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10) (async)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="600000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="1546010000000000380012800e000100697036677265746170000000240002800400120014000700ff0200000000000000000000000000010800150015e5040008000a00", @ANYRES32], 0x60}}, 0x0) (async)

1.43099455s ago: executing program 1 (id=6168):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0xfffffffffffffffd}, 0x18)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0xfffffffc, @empty, 0x2}, 0x1c)
listen(r0, 0x9)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000980)=ANY=[@ANYBLOB="84000000", @ANYRES16=r4, @ANYBLOB="010000000000fbdbdf250100000008000200000000000500050000000000080003000100000048000180050002002000000006000100020000000800060003000000080003"], 0x84}}, 0x20000000)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000003140)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="01002cbd7000ffdbdf25"], 0x14}, 0x1, 0x0, 0x0, 0x20000800}, 0x800)

1.340455121s ago: executing program 2 (id=6169):
r0 = syz_open_procfs(0x0, &(0x7f00000005c0)='smaps_rollup\x00')
r1 = socket$igmp(0x2, 0x3, 0x2)
getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000340)={{{@in=@empty, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{}, 0x0, @in=@private}}, &(0x7f00000002c0)=0xe8)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1b, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="180000000000000000ab3c000000000000001801", @ANYRES64=r2, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kfree\x00', r3}, 0x18)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x1, 0x803, 0x0)
r7 = fcntl$dupfd(r5, 0x0, r6)
sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB="7800000010000104c900f8050000000005000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000500012800b00010069703667726500004000028006000f004800000008000100", @ANYRES32, @ANYBLOB="060010004e200000060011004e210000060002000400000014000700ff010000000000000000000000000001080003", @ANYRES32], 0x78}}, 0x0)
r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
r9 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r9, &(0x7f0000000240)={0x0, 0xfffffffffffffe82, 0xfa00, {0x3, &(0x7f0000000140), 0x13f, 0xa}}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="b400000000000000791048000000000071004300000000009500000000000000db74589d4b38cc306ac390649f72dea0e50e2317db042855d6c74ff3493c7e31e3f6c643155a8e2e01d50bc3347475750472719cc516fa14b769e7f385ba72c60242263c05ddab05e37efe81b8bffc35cdf2ac0d93263ff755d611c4cca1684b1470af6a83366aa430ad2d700b186da622d6fba70000000000000000000000000200"/173], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
write$RDMA_USER_CM_CMD_CREATE_ID(r9, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000), 0x13f, 0x8}}, 0x20)
close_range(r8, 0xffffffffffffffff, 0x0)
lseek(r0, 0x2000, 0x0)
io_uring_enter(r0, 0x66b0, 0xd3c7, 0x2, &(0x7f0000000080)={[0x9]}, 0x8)
close_range(r4, r4, 0x2)
sendmsg$inet(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000040)="b93befd5f252287b6f771f83400a2401a9934dfc80a5faee8ffc2fadc8116082495a528b2056e84db3330e32356fb7e90b691d3a82889c4f32b18591b8bc1bc87ff9ad3622aa60c037ba3e6a79edbf5ad305f9253bcf59a99eac51e9be460344650704bf4f3e21213f7933e9971b532e6f1caa3fbb4e3ec5d8c0878f212adcfa28be928d41578f60d20766c5f4be8bb86dc648a78ba2feeb18ff074dba025482dd415eaaa233b65d47f3c456642377d2eeccf9942e3c98b5f4cb2a135d728f", 0xbf}, {&(0x7f00000001c0)="cf7ed273bfa39ff27039e851e39a58cb852edcaaa45c968687fdc69a6bd8e20f59acfb6ef61e0ab522e3ddba37905a0da7c79c203f98dc02565ba5d6d9282a", 0x3f}], 0x2}, 0x24048881)

1.333450021s ago: executing program 4 (id=6170):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) (async)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000005"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (async, rerun: 32)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (rerun: 32)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = syz_open_procfs(0x0, &(0x7f0000000240)='net/sctp\x00')
r3 = open_tree(r2, &(0x7f0000000640)='\x00', 0x89901) (async)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0) (async)
getsockname$packet(r5, &(0x7f0000000140)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x38, 0x10, 0x439, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, r6, 0x21801, 0x1103}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @sit={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_LOCAL={0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x2f}}]}}}]}, 0x38}}, 0x4048084)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x9, 0x0, 0x0, 0x4000000}, 0x0)
move_mount(r3, &(0x7f0000000040)='.\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x20) (async)
syz_open_procfs(0x0, &(0x7f0000000040)='net/sctp\x00') (async)
r8 = syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x21881e, &(0x7f0000000300)={[{@grpquota}, {@auto_da_alloc}, {@minixdf}]}, 0x1, 0x514, &(0x7f0000000340)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9sAuJwRoJcQeQeqGxI2i2HEUO8sm9JCeuSJRiRMc+QM4Vxx654LgxqUckPgRgRokDkYznjRuajcWSewo/nyk0cybN5nv9zWd9+rn2i+AkXU9IvYjYiIiPomI2ex8Ltviw/aWXPfk4N7K4cG9lVy0Wh//I5fWJ+ei42cS17J7FiPiB9+O+HHu+biN3b2N5Wq1sp2V55u1rfnG7t6t9dryWmWtslkuLy0uLbx3+93yubX1jdpEdvTlx7/f/8ZPk7RmsjOd7ThP7aYXnsZJjEfE9y4i2BCMZe2ZGHYi/F/yEfFqRLyZPv+zMZb+NgGAq6zVmo3WbGcZALjq8ukcWC5fyuYCZiKfL5Xac3ivxXS+Wm80b96t72yutufK5qKQv7terSxkc4VzUcgl5cX0+LhcPlG+HRGvRMTPJ6fScmmlXl0d5j98AGCEXTsx/v97sj3+AwBXXHHYCQAAA2f8B4DRY/wHgNFj/AeA0dMe/6eGnQYAMEBe/wPA6DH+A8BI+f5HHyVb6zD7/uvVT3d3Nuqf3lqtNDZKtZ2V0kp9e6u0Vq+vpd/ZUzvtftV6fWvxndj5bO6bW43mfGN3706tvrPZvJN+r/edSiG9an8ALQMAennljYd/yiUj8vtT6RYdazkUhpoZcNHyw04AGJqxYScADI3VvmB0neE1vukBuCK6LNH7jGK3Dwi1Wq3WxaUEXLAbXzD/D6OqY/7f/wKGEWP+H0aX+X8YXa1Wrt81/6PfCwGAy80cP9Dj/f9Xs/1vsjcHfrR68ooHXX9uP+tezi9BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuISO1v8tZWuBz0Q+XypFvBQRc1HI3V2vVhYi4uWI+ONkYTIpL0b87tqQ8wYAziL/11y2/teN2bdnnql6/XiUn4iIn/zy4198ttxsbv8hYiL3z8mj880H2fny4LMHAE53NE6n+8Xj808O7q0cbYPM52/fiohiO/7hwUQcPo0/HuPpvhiFiJj+Vy4rt+U65i7OYv9+RHy+W/tzMZPOgbRXPj0ZP4n90kDj55+Jn0/r2vvkz+Jz55ALjJqHSf/zYbfnLx/X033357+Y9lBnl/V/ya1WDtM+8Dj+Uf831qP/u95vjHcefad9NPV83f2IL45HHMU+7Oh/juLnesR/u8/4f/7S62/2qmv9KuJGdI/fGWu+Wduab+zu3VqvLa9V1iqb5fLS4tLCe7ffLc+nc9TzvUeDv79/8+VedUn7p3vEL57S/q/22f5f//eTH37lBfG//la3+Pl47QXxkzHxa33GX57+bbFXXRJ/tUf7T/v93+wz/uO/7D23bDgAMDyN3b2N5Wq1sn3lDgrR58XffRRxSXJ2cMpB8lf2EqTR9eCDQcWaiO5VP3ur/UyfqGq1XnzDD7pX9eoxzmPWDbgMnj70EfGfYScDAAAAAAAAAAAAAAB0NYhPLA27jQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFxd/wsAAP//IsbVnA==")
signalfd4(r8, &(0x7f00000001c0)={[0xb8]}, 0x8, 0x800)

1.285975982s ago: executing program 2 (id=6171):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000680)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
syz_emit_ethernet(0x0, 0x0, 0x0)
syz_clone(0x42164000, 0x0, 0x0, 0x0, 0x0, 0x0)
bind$l2tp(0xffffffffffffffff, 0x0, 0x0)
r6 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_SHORT(r6, 0x82307202, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000001c0)={r4, 0x58, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r7=>0x0}}, 0x10)
recvfrom$packet(r6, &(0x7f0000001200)=""/4096, 0x1000, 0x40, &(0x7f00000004c0)={0x11, 0x7, r7, 0x1, 0x7, 0x6, @remote}, 0x14)
add_key$fscrypt_v1(&(0x7f0000000100), &(0x7f0000000180)={'fscrypt:', @desc3}, &(0x7f0000000280)={0x0, "2c524c1b53a6ec2dd9360e6731e100d1da975c5f0616e2eac846885a7c500067090b86a57eb3183009c96e8f3c27865bfdc70c238ceb01572eb81c88e820802d", 0x2e}, 0x48, 0xfffffffffffffffc)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000c80)=@raw={'raw\x00', 0x3c1, 0x3, 0x3f8, 0x0, 0x940c, 0x3002, 0x0, 0x2c0, 0x328, 0x3d8, 0x3d8, 0x328, 0x3d8, 0x3, 0x0, {[{{@uncond, 0x0, 0x1c8, 0x210, 0x4001, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x1, 0x1, 0x3, 'syz0\x00'}}, @common=@eui64={{0x28}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@loopback, 'virt_wifi0\x00'}}}, {{@uncond, 0x0, 0xd8, 0x118, 0x0, {}, [@common=@frag={{0x30}, {[0x5, 0x2], 0x80000001, 0x29, 0x1}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x1, 0xbe, {0x565159d7}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x458)

956.496247ms ago: executing program 4 (id=6172):
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000480), 0x4)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffebb)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = dup(r2)
write$UHID_INPUT(r3, &(0x7f0000001040)={0xfc, {"a2e3ad09edfc09f91b44090987f70e06d038e7ff7fc6e5539b303d0e8b089b07323068090890e0879b0a0ac6e70a9b3361959b4b9a240d5b0af3988f7ef319520100ffe8d178708c523c921b1b5b35070d074a0936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2d8160f94e35f2d2d12913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc1943cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
recvmmsg(r0, &(0x7f00000063c0)=[{{0x0, 0x0, &(0x7f0000006340)=[{&(0x7f0000001040)=""/184, 0xb8}], 0x1, &(0x7f0000001240)=""/5, 0x5}, 0x7}], 0x1, 0x40002002, 0x0)
sendmsg$tipc(r0, &(0x7f0000000200)={&(0x7f00000002c0)=@id={0x1e, 0x3, 0x2, {0x4e20}}, 0x10, &(0x7f0000000280)=[{&(0x7f0000000340)="e8", 0x1}], 0x1, 0x0, 0x0, 0x10}, 0x840)
openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
syz_mount_image$msdos(&(0x7f00000000c0), &(0x7f0000000080)='./file0\x00', 0x8, &(0x7f0000000700)=ANY=[], 0xdb, 0x1bf, &(0x7f0000000300)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa")
mount$nfs(&(0x7f0000000100)='.5.', 0x0, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='blkio.bfq.sectors\x00', 0x275a, 0x0)

956.282217ms ago: executing program 0 (id=6173):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), 0x0}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0}, 0x18)
set_mempolicy(0x6, &(0x7f00000003c0)=0x8001000000000001, 0xe0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
connect$pppoe(0xffffffffffffffff, 0x0, 0x0)

754.75103ms ago: executing program 3 (id=6174):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), 0x0}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0}, 0x18)
set_mempolicy(0x6, &(0x7f00000003c0)=0x8001000000000001, 0xe0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) (fail_nth: 1)
connect$pppoe(0xffffffffffffffff, 0x0, 0x0)

443.458274ms ago: executing program 1 (id=6175):
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000480), 0x4)
sendmsg$tipc(r0, &(0x7f0000000200)={&(0x7f00000002c0)=@id={0x1e, 0x3, 0x2, {0x4e20}}, 0x10, &(0x7f0000000280)=[{&(0x7f0000000340)="e8", 0x1}], 0x1, 0x0, 0x0, 0x10}, 0x840)

383.929895ms ago: executing program 1 (id=6176):
r0 = perf_event_open(0x0, 0x0, 0x10, 0xffffffffffffffff, 0x19)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
munmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000000)=0x40)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000011c0)=ANY=[@ANYBLOB="16190000000000000400000001001500000000002da967259adb514e6d64d16459c85b2f48a0f59613531dda17bc7f774c7258a1a271c3eac64cff049f7c0a479d4cff3887edb0dc393cba78226b57c05de1e09fe4a910fd7ca17b702f447d95e18cd506d3f7be57d5c460eb251f046c46978360008b542871d0587685566cd6892e4d257a0d1a6617dcf1c9bfd1b84b2c354c67", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0xbc7d, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000001400)='xprt_reserve\x00', r4, 0x0, 0x7}, 0x18)
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x22a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1}}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r5 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x40082406, &(0x7f00000001c0)='(pu&\"\"\t&&')
sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001300)=ANY=[@ANYBLOB="5c000004100003040020abe87c247e848578e5f123f9760000000000000e0000004b5a8ac8abe5868e93911a0fbfeb95a00c000f7a637addc8bf1149c39c1fa88a2c826e00a1a7424e43efd1523dabd940d29c245ef49a8c3360a217a6772d11f4760cd8c6df1b1b952d48981df3", @ANYRES32=r4, @ANYRES8=r0], 0x5c}, 0x1, 0xffffffea, 0x0, 0x8800}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xae, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x77ff, @void, @value}, 0x94)
r6 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r7 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$SMC_PNETID_ADD(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001380)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01000000000000000000020000000900010073797a3200000000142002ff616f6e643000000000000000000000000900030073797a320000d2a4fc1afa941568ad72f07ad78d19ab4f14de453474a72f30dbba7d2a5d65afb23b381749c0a55816852cb3f65cbac46cd0b66a546b140d3361"], 0x40}}, 0xc800)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x3, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r9}, 0x10)
syz_open_dev$usbfs(&(0x7f00000012c0), 0x9, 0x8080)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x10000, &(0x7f0000000080)={[{@nobh}, {@auto_da_alloc}, {@data_err_ignore}]}, 0x3, 0x4cd, &(0x7f0000000c80)="$eJzs3M9vFGUfAPDvbHdpgZfXioiCKAU0Nia2UFA4eMHExIMmRjzIsWkrQRYwtAchREpi8Ezi3Xg03jTxqkfjyT8ADx5MDAkxXABPa2Z3pt3ur+7CtqXs55Ns+zwzz8zzPDPzzD77PDsbwMAaS/8kEf+LiFsR8VQtujLBWO3f/btXZx7cvToTi5XKqX+Sarp7aTyTb7c9i4wXIgpfJg07rJm/fOXcdLk8dymLTy6c/2xy/vKV18+enz4zd2buwtSJE8eOHjn+5tQbvVeqRX5pve7t/eLivj3vnr75/kwxXz6S/a+vR1vF3oox1mHdK73t6rG3oy6cNB+na+taGLo2kl3WpbT9Xy0fPL3RBQLWTaVSqQy3X71YaXS9aQmwaSWx0SUANkb+Rp9+/s1f69T1eCzcOVn7AJTW+372qq0pRiFLU2r4fNtPYxHx8eK/36Sv6DQO8ecaFQAAGDi/nMx7go39v0Lsrkv3/2wOZTQino6InRHxTETsiohnI6ppn4uI5xszSCIqHfLf1RBfzv/HbBahcPuRK9lB2v97K5vbWtn/y3t/MTqUxXZE5B3mucPZMRmP0vAnZ8tzR9rsf8sq+df3/9JXmn/eF8zKcbvYMEA3O70w/XC1bXbnesTeYmP9k2J64vJpnCQi9kTE3h72O1oXPvvad/uWIqWV6Vavf1WlxZRez/NxrVS+jXi1dv4XY8X5X84x6Tw/OTkS5bnDk+lVcLhlHr/9fuODdvmvWv+f/mrc5J3jP5961GovSc//trrrP/L52+X6jyYRydJ87XxEZai3PG788VV1v2OHmtc97PW/JfmoGs7b1+fTCwuXjkRsSd5rXj61vG0ez9On9R8/1Lr978y2SY/ECxGRXsQvRsRLEbE/K/uBiDgYES2qtuTXt1/+tN26Lq//NZPWf7bl/W/F+V+er+8ykG+cLhk6d+DWgzY3j+7O/7FqaDxb0vr+l6y4RXRb0kc7egAAALA5FKL63f/CxFK4UJiYqI0B7YpthfLF+YX9EXFhtvaMwGiUCvlIV208uJTk45+jdfGphvjRbNz466Gt1fjEzMXy7EZXHgbc9mqbT5raf+rvHsd5gU2oD/NowCa1WvvffXOdCgKsO+//MLjq2v9imySLvikDTybv/zC4WrX/a/F9x2cX3DNg86toyzDQtH8YXMX4cClcfey55dO2wJPI+z8MpF6f6+8tUBluvWokWvxiwMjaFGNri7w2JJD2rPq4w1JEdJd468NkkXcB2//CQ6G3HQ5H86qh6LRV0sPvOOSB9KismvjM7r5f/PlvovT7svlhuZ2WujzdfQpsyO0IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg7/4LAAD///QJ1ng=")
r10 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r10, 0x0)
openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000001180), 0x1, 0x0)

383.301625ms ago: executing program 2 (id=6177):
mq_unlink(&(0x7f0000000200)='\xd7p@\xae\vf\xc6/\xfaC;l\xc1\v\xe9\xe5\xfa\xd9\x8aj\x81\x17\x00O\xa2\xcc\x1bm\xe6du\'\x9a\x98,1\xe6\xafFF\xef\xa4\xc6\xe4\x8f\n5\x19H\xdfC\xfc,&\x93\x1et\"\xd8JT`\x05\x8f\xa2f\xff\x03\x8a3\xb3\xab]h1\x03\x1b\xc5\xe1\xe4p\x05b\x12\xc6')
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), 0x0}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
getsockname$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000340)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=@newqdisc={0xf8, 0x24, 0x400, 0x70bd25, 0x25dfdbfb, {0x0, 0x0, 0x0, r1, {0xa, 0x10}, {0xffe0, 0xfff1}, {0x3, 0x1}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0xa}, @TCA_STAB={0xbc, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x4, 0xf3, 0xc, 0xffffffff, 0x1, 0x7f, 0x7ff, 0x2}}, {0x8, 0x2, [0x401, 0x6]}}, {{0x1c, 0x1, {0x57, 0xe5, 0xb2, 0xc620, 0x1, 0x6, 0x2, 0x2}}, {0x8, 0x2, [0x3, 0x4]}}, {{0x1c, 0x1, {0x7, 0x2, 0x2, 0x2, 0x1, 0x6, 0x6, 0x2}}, {0x8, 0x2, [0xf, 0x5]}}, {{0x1c, 0x1, {0x6, 0x7, 0x1, 0x2, 0x2, 0x9, 0x18, 0x2}}, {0x8, 0x2, [0x9, 0xc]}}, {{0x1c, 0x1, {0x25, 0x7, 0x5, 0x7, 0x2, 0x2, 0x4, 0x4}}, {0xc, 0x2, [0x3, 0x0, 0x5, 0x1]}}]}, @TCA_RATE={0x6, 0x5, {0x3, 0x92}}, @TCA_EGRESS_BLOCK={0x8}]}, 0xf8}}, 0x20040014)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
munmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, [@ringbuf_output={{0x18, 0x2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xc}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000031c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf7cf39e3100c8acaa47684f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d7559f3b14820ed58b15627c95aa0b784625704f07372c29184ff7f4a7c0000070015006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e000000000000041201baa80b0b8ed8fb1ec577c377f627daaf787a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bdeda7be586602d985430cea080000000000fb1a26abfb0767192361448279b05d96a703a660587a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aab926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb155481ef836eb0f8c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaed2b25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec0271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761036eafed1fb2b98b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe514283707c70600000000000000b7561301bb997316db01ee601f2c9659db9bc04f7089a660d8dcc3ae83169cf331efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a515d83129cd857c775f9e7d6101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbe3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562e00e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb2214209ed2d5d776e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b55ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f608ce27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e30400000000000000000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a95d32f46ed9bd1f00fb8191bbab2dc599dda61ee2010000294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bfe2777e808fcba821a00e8c5c39609ff854256cb490000000000c1fee30a3f7a85d1b2b458c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd210819203828b202779d386ed295f023c67d867014d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff00004043060000005dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df40600000000000000e9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b0600b805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1202000000b59fed817072a0da60160761fd3dffda0f7c742eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7000000000000000542954c167dd9b4acd946ffffffffffffffff1389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c9e281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b630500163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f700400fa0c61d5fe6d8ff353f631080405547d65375ae04f44f0c2543c772c5ccb137be7dc87746e1785a8214454d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b036e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e010000005a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb3985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1428c0805b4031a667e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a9cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab9100781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c1227c8bed10591958c906321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b863af34bac64c247672a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c39132a0f27080ece2a94c360b002c77f82662675a7713c7067081cac1599a998c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc215a18ca0265400abf38e90000000000000000008faf2cddffbfa66bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942ce18e57bb7f337df5435bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de286553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c03f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c872a4882d21db2046a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265441d513a1294b8439276394945d94a589708e32a1cb30a8b07b391201385e0b92ecbb7b13d7a87284164018ace6ce58a82c5de321452461089cdd69259f5390f5f508646a524490583c30630bedb47e158ad41c0a653e86a4f4f255cd2a6e95f33b586823aef5564d9de1f5bdd8c80e193f0597b8003860302cd243c00bc5a82c52afb115d16258d507937966bb89409d6d47b8b652d0761d7c72875ae1efb9bc7c6807c2d783e31fd9cd7e84d3d50d8fc44ab8ac9ccd2c0d42e3bd4c029241320446bbf47e23d1320de30fbdf7ed13f80c28fb5c13fccc2e3f73509bdcddad8a2fe48cdd61f2f43611704af64eed8b0cbbd08754f93b8f3d6347aad5cde1ccc5cbd5eaa87e52cea257c856a4af5243eeb5e89f0000000000000000f420df5e4c6d856b3d55e455c08110b2ef4255a38f81555e8e1f22d59c0bc3c9013e66a1f5bda1b695e1602c0afb5c35b2f68f3b151b1e869f40ff4d1bef5e926e1ff95f6321131e4cb797f53455a093a95e67605222d6acc29c46e5db1ef3b8b07e2169fb24ced4b3ae87ebeca06df93212e465bbd1a7e41df2e1a0d508f86cfc7a469ac682685c44692877d03c34c23a65d2677acc73b5d276fdebd685c9b7a079eae228d8426188cb19b083548f5f29e493ab079f33d1965dcbb165015c46998ad410d60cc65fcfa73bd65a43fc024455c4bf530d663976cf71490577251780ab6b1cf8d397444b5be575229f687a3d95ea6b2aa62fce8acb3d4a6a130b4fefa55d0c1d6f3fa448ee24e588e2965c9a442f0baf90923dda91a6850fb7b9c7f432b63001423fedcf053fa28024cc9a178a07042dabc07176fc524032c2edb340c9c18a83565c431aeb0c869683507255254430f90f61e4eca9c8fa98c000b35fec357ee1ebd08439bd95c1ab0753dfd2603d1608bd8c589a1e160000a6ee0ad13346e08738c2d7b00b5d121d918f1dc8bceded939fa8605b54b37cdfcea0bf2bc63e655dc04a2e50212ff89d6587d49896ce18916cf3adc12839c345ca91bb232b891fae2fdd68aaa38281c0feb2c107af3e080d6cdd1c6646ec6804d7e9960c02aa0db9eda24bbcb287fd2a890fa7f9d6ae0c0b1f8dd1603c9ea2f66b572276f96a28b5b6dd9f9bf6ad4bdaa2139b90faf1f40b0f141258578bd825daaaf718d21b7ac05fe5d1b699e5422ca341fe1c944f68fe3a6d783dcf30b0e09d7688f696883b61cb64464b04d351a0a69b0733c348049b0430ed40e200f4ff0000000000000000000000996bcc1b721b152c892fab887e7d20466d90c049c0fdf51dcc16d226a2619c6f47bc25b7f5df5c09fed638922ed127ab36aa7b0c58a2ce5894b1b0f5375d340d96b69b966b05daaf585121a9c7605ed8e9964eef1f14b74cbb2ccdadc6d0b77cf0492b75e1cd11bfdcfddde91b20366715ba0cbe1041be2a65c25d7ca15ef8b71bd2ab9a4294899a1964b0152518fc2ac15a728bcb9e2bc4b551dfdf9011a2a607bc39ad2c4d7c64dcf967724e9b63c397d5265ad3f1da4395a5a800d8845257dcbf210d4f00fe0bd3deed05e506736e6bb6d40ee6cb960bcdb33633ee87f82beb665a9a4c2d4d2b06479ade3a4cd6bba765c9f52b52a0bdd0849ab92baae3775570accb5a57ee9f0035fc6d3df4eebec2e7eb4ff863d3979a20f4428ddca471037b49d4fd130743a97faa02c293b721e52bf53d64c6585e138162331ef98792e1e9b21a6a084fb7b42c64062ef1323a8a65a8ed6038f274f28ff4f78136a1ef108efbe8c4f4e347d50dcdbc33bf3ade4c3a39d316061930d7dd39b8acdecc3f27830e3eda40e648328d95a9aee65a9dd09fd4e96d5b852025dc53ec3f30cc753e6a796084b4e34f521dbb230ae0f3b79142073d437e1fd22d3b7503ffa95b1d5c7740b0ecbfd35dc0f8af895583dfcc2689f6e02c2dd4b57f3dcac54f40da013eb221fa3d65de760576031052c25a96ed4b20230b36d46d3d3fd6bb1d77cc8a48a6b10fa0149e55ccde4a2b26cca2d1ca9191c74ab006a602543fc24d1283e353cfb917620000000024bf3eed258c02a591ec4cd295212d9a98d38745f6f6c4530900000000000000f184f239098bf32551c7cf454e2865974f6520112743f73c619c3cab5609e00178f7393e53462f31559220c026bbde09837bf1b3ffe748a3247c9569f0c5e99f4494f93e0fa1badca90c888616eca97bddabd8003fc12a084d4b11d841979e161b998ddda92f194c4ec7947b7b303be11e0962d429a2c542a28c4932e14c123dfe2b8ec47a11cce134fd6e42a9f4e00ab6de6b45"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x57, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
lgetxattr(0x0, &(0x7f0000000280)=ANY=[], 0x0, 0x0)
connect$inet6(r3, &(0x7f0000000080)={0xa, 0x4e20, 0x3, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
sendto$inet6(r3, &(0x7f00000001c0)="a6e2976b5c4383036d32dadd2e144d8645ca8d1b230e105614396838da83c754887e7bea2f35d4ea667817d90d532af065f2e398dd9081ea16f8b371a202a6f9e505bbc964a0d3880bf0104a0a0a2f0d311efee1637e85a0125b38f961918f99bf9c2c146e42327f178dc2b3d4936e7f7f0a79f74ba464d83ab41742d1186776dc1779b5c50ac82d0fa8f9e42074b5b6079207fb21e718080907964669be539791e3e98687ee059853", 0xfffffffffffffcc1, 0x840, 0x0, 0x56)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r3, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000000)=0x40)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYRESHEX=r5, @ANYBLOB="08000100", @ANYRES32=r5], 0x90}}, 0x0)
set_mempolicy(0x6, &(0x7f00000003c0)=0x8001000000000001, 0xe0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r7)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})

317.374986ms ago: executing program 4 (id=6178):
bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb8500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000840)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r0}, 0x10)
syz_io_uring_setup(0x8d2, 0x0, 0x0, 0x0)
openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
renameat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180500000000c800000000004b64ffec850000007d00000085"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
openat(0xffffffffffffff9c, 0x0, 0x82000, 0x23)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0xc, 0x10000000000}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0)
write$binfmt_aout(r4, &(0x7f0000000080)=ANY=[], 0xff2e)
ioctl$TCSETS(r4, 0x5402, &(0x7f0000000100)={0xfffffff7, 0x0, 0x0, 0xffffffff, 0x0, "f937267f0f7ba56f03a6a1ae3f0a6a64c64c56"})

236.657267ms ago: executing program 3 (id=6179):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r0], &(0x7f0000000840)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, 0x0, 0x0)
recvmmsg(r1, &(0x7f0000000000)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)

117.181009ms ago: executing program 0 (id=6180):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000000a40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x104)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000e8ff00000900000001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r1, &(0x7f0000001040)="39f63a409583582a7e8a2dc2abefe6fddbc70308eb87c90a53284f4b36000d566648b169ec9550b1896c399f326e541701c256992dd76ffb4d6da7c843bc6601b4", &(0x7f00000010c0)=""/154}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
truncate(&(0x7f0000000900)='./file1\x00', 0x3000000)
getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0)
fallocate(r0, 0x8, 0x4000, 0x4000)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000000fc0)={r2, 0x0, &(0x7f0000001000)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xfffffffffffffdd0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000001180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x2c, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffa5, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='svc_xprt_accept\x00', r3, 0x0, 0xf}, 0x18)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x80801c, &(0x7f00000001c0)={[{@quota}, {@jqfmt_vfsv0}, {@data_err_ignore}, {@errors_remount}, {@nobarrier}]}, 0x1, 0x520, &(0x7f0000000740)="$eJzs3c9vI1cdAPDveDeJs02btPQACOhSCgtarbPxtquqB1hOCKEKRI8gbUPijaLYcRQ7pQl7SP8HJCpxgiN/AOdKSNy5ILhxKQckfkSgphIHoxmPs05iN2GTeNL485FG894bx9/vW8vv2c9rvwDG1s2I2I2IyYh4OyJm8/YkP+JB90hv99He46X9vcdLSXQ6b/0zya6nbdH3N6ln8vssR8QPvxPxk+R43Nb2ztpivV7b7Fan59uNjfnW9s6d1cbiSm2ltl6t3l+4f/f1e69Vz62vLzUm89IXP/zD7jd+lqY1k7f09+M8dbs+cRAndT0ivncRwQpwLe/PZNGJ8FRKEfFCRLycPf9n41r2aAIAV1mnMxud2f76IDE3uB0A+DQqZWtgSamSrwXMRKlUqXTX8F6MG6V6s9W+/ai5tb7cXSubi4nSo9V67W6+VjgXE0laX8jKT+rVI/V7EfF8RPx8ajqrV5aa9eUiX/gAwBh75sj8/5+p7vzfb6pX+F0BCQIAF6NcdAIAwMiZ/wFg7PjuBgCMIe//AWD8PJn/HxSaBwAwOt7/A8D4Mf8DwFj5wZtvpkdnP//96+V3trfWmu/cWa611iqNraXKUnNzo7LSbK5kv9nTOOn+6s3mxsKrsfXu3Dc3Wu351vbOw0Zza739MPtd74e1iZH0CgD4JM+/9MGfk4jYfWM6O6Lv+wDmarjaSkUnABTmWtEJAIWx2xeMrzO8x7c8AFfEgC16DylHxPTRxk6n07m4lIALdutz1v9hXPWt//tfwDBmrP/D+LL+D+Or00mG7Pl/TJz2hgDA5WaNHxjy+f8L+fk3+YcDP14+eov3LzIrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuNx6+/9W8r3AZ6JUqlQino2IuZhIHq3Wa3cj4rmI+NPUxFRaXyg4ZwDgrEp/S/L9v27NvjJz9Opk8vFUdo6In/7yrV+8u9hub/4xbf/XQXv7/by9WkT+AMBJevN0du57I//R3uOl3pE3fX8U+fz92xFR7sbf35uM/YP41+N6di7HRETc+HeS17uSvrWLs9h9LyI+O6j/ScxkayDdnU+Pxk9jPzvS+KVD8UvZte45/bf4zDnkAuPmg3T8eTDo+VeKm9l58PO/nI1QZ5ePf+ldLe1nY+CT+L3x79qQ8e/maWO8+vvvdkvTx6+9F/H56xG92Pt9408vfjIk/iunjP+XL3zp5WHXOr+KuBWD4/fHmm83NuZb2zt3VhuLK7WV2nq1en/h/t3X771Wnc/WqOeHzwb/eOP2c1lhwE3S/t8YEr98Qv+/esr+//q/b//oy0OupfG//pVB8Uvx4ifET+fEr50y/uKN35aHXUvjLw/p/0mP/+1Txv/wrzvHtg0HAIrT2t5ZW6zXa5ujLPReSIw0aKGF6cuRxmkKU/mDc1nyOVS4tImtLda/NapYk/F//VWn81SxDg0TfZ8LnseqG3AZHDzpI+LjopMBAAAAAAAAAAAAAAAGutAvKiXdQtF9BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Or6XwAAAP//wlnKBg==")
r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000000313fadabd940b957bf2ba9fa2a310000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa10000ffffffe007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b707000008000000850000006900000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r4, 0x401054d5, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r7 = openat$dir(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x103100, 0x0)
fchownat(r7, &(0x7f0000000200)='./file1\x00', 0xee00, 0xffffffffffffffff, 0x0)

32.85219ms ago: executing program 2 (id=6181):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10)
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)

0s ago: executing program 0 (id=6182):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000200)='./file0\x00', 0x800, &(0x7f0000000180)=ANY=[@ANYRES8=0x0, @ANYRES16, @ANYRES64, @ANYRES16=0x0], 0x1, 0x36e, &(0x7f0000000c00)="$eJzs3c9rI2UYwPEnaZpMumyTgygK0ge96GVoq2c1yC6IAZfuRtwVhNntREPGpMyESERsPXkVb/4DgsseFzwsqP9AL97WixdP9iIIuog4Mr/SJJ00aTZL0/b7gTZP8r7PzPvmF88byJuD9776uFn3zLrVkayhkhEReSRSlqwkMtFFXlLsycuX/nz4/PWbt96uVKtXtlSvVm68sqmqq2s/fPJZMe72oCD75Q8OxPht/+n9Zw/+u/FRw9OGp612Ry293f61Y912bN1ueE1T9ZpjW56tjZZnu1F7O2qvO+2dnZ5are3LKzuu7XlqtXratHvaaWvH7an1odVoqWmaenklbbjnmDFDTu3u1pZVmfGEd2bMw7z94/v+Mc2uW7GWRMzikZba3Sc6LgAAsJBG6v9vkhqhLNl+QZmJ1wL5MB5eBgT1fxKH9X+wWDis/++98FPn0rv3V+P6/0E+rf5/9Zcof6j+D84+9/r/u5HrRyuiM2/3JJ0fq/7HYlgbfkX+frhijwX1f/Bq6K/ov3j/3noYUP8DAAAAAAAAAAAAAAAAAAAAAHAWPPL9ku/7peQy+Tv8CkF8Pbl23BeNceaMe/wL8Y4C/ecDzqXrN2+JEX5xL7cq4nzZrXVr0WXcnnRcl5L8Gz4fYtGGE3thowbK8qOz260txwlL4f+KiIojtmxIScpD+WF89a3qlQ2NRPnh+Xe7tUxuJcivSyPM35SSPJWev5man5eXXhzIN6UkP9+RtjiyHb+PJfmfb6i++U51JL8Y9kvz+pN9SAAAAAAAmDtT1YiXz+Xh9W+0fjdN1bT2YC0vg+vzo58P9NfX66nr81zpudzpzh0AAAAAgIvCy3/atBzHdr3e2KAok/oU4qONNOVkwpGDIDdFn6HgYRgsH9dnaWCG0x45H/+CxrTDcL2eTD3mJPirIKl3ZrKF61CTkX6vThkk85+is3HSh8D1siefu+16a8F4dKbpDATJx0bj+si1WY88Lkh2zp3U+Zmvv/17tlNk4l17B5teu29MmGkYZEZu2ZvwpP3D9yeOZzn93eL7WX5kBgAAAMCCSIr+opfc8sbpDggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAtortukjQlOe44AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAovg/AAD//5h69bA=")
r2 = fcntl$getown(r1, 0x9)
r3 = syz_open_procfs(r2, &(0x7f0000000000)='net/ip_tables_targets\x00')
r4 = open(&(0x7f0000000300)='./file0\x00', 0x145142, 0x0)
ftruncate(r4, 0x2007ffb)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r5, 0x84, 0xb, &(0x7f0000000300)={0xfc, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3}, 0xe)
shutdown(r5, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000440)=0x10)
sendfile(r4, r3, 0x0, 0x800000009)

kernel console output (not intermixed with test programs):

73.783677][T18253]  do_syscall_64+0xd0/0x1a0
[  373.783698][T18253]  ? clear_bhb_loop+0x25/0x80
[  373.783759][T18253]  ? clear_bhb_loop+0x25/0x80
[  373.783785][T18253]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  373.783804][T18253] RIP: 0033:0x7fe0527fe969
[  373.783840][T18253] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  373.783975][T18253] RSP: 002b:00007fe050e67038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  373.783998][T18253] RAX: ffffffffffffffda RBX: 00007fe052a25fa0 RCX: 00007fe0527fe969
[  373.784025][T18253] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000006
[  373.784036][T18253] RBP: 00007fe050e67090 R08: 0000000000000000 R09: 0000000000000000
[  373.784048][T18253] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  373.784059][T18253] R13: 0000000000000000 R14: 00007fe052a25fa0 R15: 00007ffcf3df1068
[  373.784078][T18253]  </TASK>
[  374.034159][T18255] netlink: 'syz.4.5650': attribute type 21 has an invalid length.
[  374.042204][T18255] netlink: 'syz.4.5650': attribute type 20 has an invalid length.
[  374.133395][   T29] audit: type=1400 audit(1746964447.718:25730): avc:  denied  { append } for  pid=18260 comm="syz.4.5653" name="ptp0" dev="devtmpfs" ino=245 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  374.200391][T18261] FAULT_INJECTION: forcing a failure.
[  374.200391][T18261] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  374.213588][T18261] CPU: 0 UID: 0 PID: 18261 Comm: syz.4.5653 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(voluntary) 
[  374.213637][T18261] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  374.213651][T18261] Call Trace:
[  374.213658][T18261]  <TASK>
[  374.213665][T18261]  __dump_stack+0x1d/0x30
[  374.213691][T18261]  dump_stack_lvl+0xe8/0x140
[  374.213715][T18261]  dump_stack+0x15/0x1b
[  374.213791][T18261]  should_fail_ex+0x265/0x280
[  374.213822][T18261]  should_fail+0xb/0x20
[  374.213909][T18261]  should_fail_usercopy+0x1a/0x20
[  374.213929][T18261]  _copy_from_user+0x1c/0xb0
[  374.213951][T18261]  __ia32_sys_rt_sigreturn+0x128/0x350
[  374.214005][T18261]  x64_sys_call+0x2e8a/0x2fb0
[  374.214095][T18261]  do_syscall_64+0xd0/0x1a0
[  374.214177][T18261]  ? clear_bhb_loop+0x25/0x80
[  374.214205][T18261]  ? clear_bhb_loop+0x25/0x80
[  374.214232][T18261]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  374.214316][T18261] RIP: 0033:0x7f6d4f63ab39
[  374.214330][T18261] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
[  374.214353][T18261] RSP: 002b:00007f6d4dd06a80 EFLAGS: 00000202 ORIG_RAX: 000000000000000f
[  374.214376][T18261] RAX: ffffffffffffffda RBX: 00007f6d4f8c5fa0 RCX: 00007f6d4f63ab39
[  374.214388][T18261] RDX: 00007f6d4dd06a80 RSI: 00007f6d4dd06bb0 RDI: 0000000000000021
[  374.214400][T18261] RBP: 00007f6d4dd07090 R08: 0000000000000000 R09: 0000000000000000
[  374.214413][T18261] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001
[  374.214424][T18261] R13: 0000000000000000 R14: 00007f6d4f8c5fa0 R15: 00007ffe1c57c208
[  374.214442][T18261]  </TASK>
[  374.329041][   T29] audit: type=1326 audit(1746964447.908:25731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18263 comm="syz.1.5654" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe0527fe969 code=0x0
[  374.581634][T18278] FAULT_INJECTION: forcing a failure.
[  374.581634][T18278] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  374.594979][T18278] CPU: 0 UID: 0 PID: 18278 Comm: syz.4.5659 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(voluntary) 
[  374.595079][T18278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  374.595139][T18278] Call Trace:
[  374.595147][T18278]  <TASK>
[  374.595157][T18278]  __dump_stack+0x1d/0x30
[  374.595184][T18278]  dump_stack_lvl+0xe8/0x140
[  374.595210][T18278]  dump_stack+0x15/0x1b
[  374.595232][T18278]  should_fail_ex+0x265/0x280
[  374.595300][T18278]  should_fail_alloc_page+0xf2/0x100
[  374.595338][T18278]  __alloc_frozen_pages_noprof+0xff/0x360
[  374.595365][T18278]  ? __rcu_read_unlock+0x4f/0x70
[  374.595391][T18278]  alloc_pages_bulk_noprof+0x4b7/0x540
[  374.595458][T18278]  ? __kmalloc_noprof+0x1dd/0x3e0
[  374.595501][T18278]  ? copy_splice_read+0xc2/0x5f0
[  374.595523][T18278]  copy_splice_read+0xf3/0x5f0
[  374.595549][T18278]  ? __pfx_copy_splice_read+0x10/0x10
[  374.595593][T18278]  splice_direct_to_actor+0x26c/0x680
[  374.595688][T18278]  ? __pfx_direct_splice_actor+0x10/0x10
[  374.595721][T18278]  do_splice_direct+0xda/0x150
[  374.595742][T18278]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  374.595870][T18278]  do_sendfile+0x380/0x640
[  374.595953][T18278]  __x64_sys_sendfile64+0x105/0x150
[  374.595992][T18278]  x64_sys_call+0xb39/0x2fb0
[  374.596015][T18278]  do_syscall_64+0xd0/0x1a0
[  374.596051][T18278]  ? clear_bhb_loop+0x25/0x80
[  374.596077][T18278]  ? clear_bhb_loop+0x25/0x80
[  374.596103][T18278]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  374.596167][T18278] RIP: 0033:0x7f6d4f69e969
[  374.596182][T18278] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  374.596204][T18278] RSP: 002b:00007f6d4dd07038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  374.596224][T18278] RAX: ffffffffffffffda RBX: 00007f6d4f8c5fa0 RCX: 00007f6d4f69e969
[  374.596236][T18278] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[  374.596248][T18278] RBP: 00007f6d4dd07090 R08: 0000000000000000 R09: 0000000000000000
[  374.596302][T18278] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001
[  374.596318][T18278] R13: 0000000000000000 R14: 00007f6d4f8c5fa0 R15: 00007ffe1c57c208
[  374.596337][T18278]  </TASK>
[  374.598854][T18274] syzkaller0: entered promiscuous mode
[  374.653965][ T2968] IPVS: starting estimator thread 0...
[  374.657075][T18274] syzkaller0: entered allmulticast mode
[  374.884615][T18289] loop4: detected capacity change from 0 to 164
[  374.891028][T18284] IPVS: using max 2736 ests per chain, 136800 per kthread
[  374.901805][T11829] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  374.910970][T18289] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  374.961305][   T29] audit: type=1400 audit(1746964448.538:25732): avc:  denied  { relabelfrom } for  pid=18295 comm="syz.4.5665" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  374.981584][   T29] audit: type=1400 audit(1746964448.538:25733): avc:  denied  { relabelto } for  pid=18295 comm="syz.4.5665" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  375.003392][T18281] netlink: 'syz.0.5660': attribute type 21 has an invalid length.
[  375.011338][T18281] netlink: 'syz.0.5660': attribute type 20 has an invalid length.
[  375.033897][   T29] audit: type=1400 audit(1746964448.608:25734): avc:  denied  { mount } for  pid=18290 comm="syz.2.5663" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  375.044499][T18302] loop3: detected capacity change from 0 to 1024
[  375.056196][   T29] audit: type=1400 audit(1746964448.608:25735): avc:  denied  { unmount } for  pid=18290 comm="syz.2.5663" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  375.083374][T18302] EXT4-fs: dax option not supported
[  375.091141][T18302] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5666'.
[  375.119798][   T29] audit: type=1326 audit(1746964448.708:25736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18306 comm="syz.3.5668" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc90e3fe969 code=0x0
[  375.121948][T18304] FAULT_INJECTION: forcing a failure.
[  375.121948][T18304] name failslab, interval 1, probability 0, space 0, times 0
[  375.155639][T18304] CPU: 0 UID: 0 PID: 18304 Comm: syz.0.5667 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(voluntary) 
[  375.155724][T18304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  375.155737][T18304] Call Trace:
[  375.155743][T18304]  <TASK>
[  375.155750][T18304]  __dump_stack+0x1d/0x30
[  375.155767][T18304]  dump_stack_lvl+0xe8/0x140
[  375.155841][T18304]  dump_stack+0x15/0x1b
[  375.155859][T18304]  should_fail_ex+0x265/0x280
[  375.155895][T18304]  should_failslab+0x8c/0xb0
[  375.155944][T18304]  __kmalloc_cache_node_noprof+0x54/0x320
[  375.156049][T18304]  ? __get_vm_area_node+0x106/0x1d0
[  375.156074][T18304]  __get_vm_area_node+0x106/0x1d0
[  375.156114][T18304]  __vmalloc_node_range_noprof+0x26a/0xdf0
[  375.156171][T18304]  ? xt_counters_alloc+0x40/0x50
[  375.156204][T18304]  ? __traceiter_kfree+0x2b/0x50
[  375.156234][T18304]  ? kfree+0x26f/0x310
[  375.156264][T18304]  ? xt_check_table_hooks+0xfb/0x5f0
[  375.156370][T18304]  ? translate_table+0xea4/0x1100
[  375.156424][T18304]  ? xt_counters_alloc+0x40/0x50
[  375.156454][T18304]  vzalloc_noprof+0x5e/0x70
[  375.156532][T18304]  ? xt_counters_alloc+0x40/0x50
[  375.156561][T18304]  xt_counters_alloc+0x40/0x50
[  375.156586][T18304]  __do_replace+0x51/0x620
[  375.156687][T18304]  ? should_fail_ex+0xdb/0x280
[  375.156718][T18304]  ? _copy_from_user+0x89/0xb0
[  375.156808][T18304]  do_arpt_set_ctl+0x708/0x9a0
[  375.156838][T18304]  ? kstrtoull+0x111/0x140
[  375.156930][T18304]  ? _raw_spin_unlock_bh+0x36/0x40
[  375.156966][T18304]  nf_setsockopt+0x196/0x1b0
[  375.157144][T18304]  ip_setsockopt+0x102/0x110
[  375.157247][T18304]  udp_setsockopt+0x99/0xb0
[  375.157276][T18304]  sock_common_setsockopt+0x66/0x80
[  375.157301][T18304]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  375.157365][T18304]  __sys_setsockopt+0x181/0x200
[  375.157474][T18304]  __x64_sys_setsockopt+0x64/0x80
[  375.157527][T18304]  x64_sys_call+0x2bd5/0x2fb0
[  375.157617][T18304]  do_syscall_64+0xd0/0x1a0
[  375.157645][T18304]  ? clear_bhb_loop+0x25/0x80
[  375.157671][T18304]  ? clear_bhb_loop+0x25/0x80
[  375.157729][T18304]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  375.157757][T18304] RIP: 0033:0x7fe9a7c6e969
[  375.157775][T18304] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  375.157797][T18304] RSP: 002b:00007fe9a62d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  375.157814][T18304] RAX: ffffffffffffffda RBX: 00007fe9a7e95fa0 RCX: 00007fe9a7c6e969
[  375.157904][T18304] RDX: 0000000000000060 RSI: 0a02000000000000 RDI: 0000000000000006
[  375.157921][T18304] RBP: 00007fe9a62d7090 R08: 0000000000000438 R09: 0000000000000000
[  375.157937][T18304] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  375.157952][T18304] R13: 0000000000000000 R14: 00007fe9a7e95fa0 R15: 00007fffbfe96f18
[  375.157976][T18304]  </TASK>
[  375.969101][   T29] audit: type=1400 audit(1746964449.548:25737): avc:  denied  { create } for  pid=18322 comm="syz.4.5673" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  376.159046][   T29] audit: type=1400 audit(1746964449.578:25738): avc:  denied  { bind } for  pid=18322 comm="syz.4.5673" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  376.243509][T18330] loop4: detected capacity change from 0 to 164
[  376.584103][T18330] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  377.185521][T18337] xt_CT: You must specify a L4 protocol and not use inversions on it
[  377.239547][T18341] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5678'.
[  377.582659][T18373] loop4: detected capacity change from 0 to 256
[  377.602699][T18373] vfat: Unknown parameter ''
[  377.695839][T18345] chnl_net:caif_netlink_parms(): no params data found
[  378.023257][T18345] bridge0: port 1(bridge_slave_0) entered blocking state
[  378.030446][T18345] bridge0: port 1(bridge_slave_0) entered disabled state
[  378.067287][T18345] bridge_slave_0: entered allmulticast mode
[  378.081032][T18345] bridge_slave_0: entered promiscuous mode
[  378.102197][T18345] bridge0: port 2(bridge_slave_1) entered blocking state
[  378.109337][T18345] bridge0: port 2(bridge_slave_1) entered disabled state
[  378.120611][T18345] bridge_slave_1: entered allmulticast mode
[  378.145050][T18345] bridge_slave_1: entered promiscuous mode
[  378.208471][T18345] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  378.396402][   T31] bond0 (unregistering): (slave batadv0): Releasing backup interface
[  378.428203][   T31] batadv0: left promiscuous mode
[  378.499601][   T31] bond0 (unregistering): Released all slaves
[  378.508102][   T31] bond1 (unregistering): Released all slaves
[  378.539372][T18345] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  378.560274][T18388] xt_CT: You must specify a L4 protocol and not use inversions on it
[  378.596532][   T29] kauditd_printk_skb: 12 callbacks suppressed
[  378.596543][   T29] audit: type=1326 audit(1746964452.178:25751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18391 comm="syz.4.5693" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6d4f69e969 code=0x0
[  378.667787][   T31] hsr_slave_0: left promiscuous mode
[  378.688851][   T31] hsr_slave_1: left promiscuous mode
[  378.714639][   T31] batman_adv: batadv0: Removing interface: dummy0
[  378.782314][   T29] audit: type=1326 audit(1746964452.368:25752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18396 comm="syz.3.5695" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc90e3fe969 code=0x0
[  378.929898][T18345] team0: Port device team_slave_0 added
[  378.938201][T18345] team0: Port device team_slave_1 added
[  378.976223][T18345] batman_adv: batadv0: Adding interface: batadv_slave_0
[  378.983313][T18345] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  379.009392][T18345] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  379.072770][T18345] batman_adv: batadv0: Adding interface: batadv_slave_1
[  379.080046][T18345] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  379.106162][T18345] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  379.222750][T18345] hsr_slave_0: entered promiscuous mode
[  379.230381][T18345] hsr_slave_1: entered promiscuous mode
[  379.455252][T18409] loop4: detected capacity change from 0 to 1024
[  379.466647][T18409] EXT4-fs: dax option not supported
[  379.479411][   T29] audit: type=1400 audit(1746964453.058:25753): avc:  denied  { create } for  pid=18410 comm="syz.2.5700" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[  379.505754][T18409] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5699'.
[  379.596085][T18345] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  379.605567][T18345] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  379.621090][   T29] audit: type=1400 audit(1746964453.208:25754): avc:  denied  { create } for  pid=18415 comm="syz.3.5702" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  379.649477][T18345] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  379.675482][T18345] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  379.682265][   T29] audit: type=1400 audit(1746964453.248:25755): avc:  denied  { unlink } for  pid=11829 comm="syz-executor" name="file0" dev="tmpfs" ino=2563 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  379.707946][T18419] loop3: detected capacity change from 0 to 256
[  379.716851][T18419] FAT-fs (loop3): Directory bread(block 1285) failed
[  379.729491][T18419] FAT-fs (loop3): Directory bread(block 1285) failed
[  379.748238][   T29] audit: type=1400 audit(1746964453.308:25756): avc:  denied  { mount } for  pid=18417 comm="syz.3.5703" name="/" dev="loop3" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  379.749205][T18419] FAT-fs (loop3): Directory bread(block 1285) failed
[  379.780188][T18345] 8021q: adding VLAN 0 to HW filter on device bond0
[  379.793071][T18345] 8021q: adding VLAN 0 to HW filter on device team0
[  379.799890][T18419] FAT-fs (loop3): Directory bread(block 1285) failed
[  379.822194][   T31] bridge0: port 1(bridge_slave_0) entered blocking state
[  379.829302][   T31] bridge0: port 1(bridge_slave_0) entered forwarding state
[  379.846278][   T31] bridge0: port 2(bridge_slave_1) entered blocking state
[  379.853384][   T31] bridge0: port 2(bridge_slave_1) entered forwarding state
[  379.861839][   T29] audit: type=1400 audit(1746964453.448:25757): avc:  denied  { egress } for  pid=3390 comm="kworker/1:4" daddr=ff02::16 netif=gretap0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:netif_t tclass=netif permissive=1
[  379.884433][   T29] audit: type=1400 audit(1746964453.448:25758): avc:  denied  { sendto } for  pid=3390 comm="kworker/1:4" daddr=ff02::16 netif=gretap0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:node_t tclass=node permissive=1
[  379.890490][T18419] FAT-fs (loop3): Directory bread(block 1285) failed
[  379.914391][T18424] netlink: 160 bytes leftover after parsing attributes in process `syz.4.5706'.
[  379.928964][   T29] audit: type=1400 audit(1746964453.508:25759): avc:  denied  { kexec_image_load } for  pid=18423 comm="syz.4.5706" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[  379.939110][T18424] program syz.4.5706 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  379.950167][   T29] audit: type=1400 audit(1746964453.518:25760): avc:  denied  { lock } for  pid=18423 comm="syz.4.5706" path="socket:[61157]" dev="sockfs" ino=61157 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1
[  379.968073][T18419] FAT-fs (loop3): Directory bread(block 1285) failed
[  379.986949][T18345] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  380.000475][T18419] FAT-fs (loop3): FAT read failed (blocknr 1281)
[  380.029787][T18419] FAT-fs (loop3): Directory bread(block 1285) failed
[  380.036567][T18419] FAT-fs (loop3): FAT read failed (blocknr 1281)
[  380.075882][T18419] FAT-fs (loop3): Directory bread(block 1285) failed
[  380.102548][T18345] 8021q: adding VLAN 0 to HW filter on device batadv0
[  380.198122][T18444] loop3: detected capacity change from 0 to 1024
[  380.229810][T18444] EXT4-fs: dax option not supported
[  380.256935][T18444] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5710'.
[  380.463426][T18451] program syz.3.5712 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  380.518535][T18451] FAULT_INJECTION: forcing a failure.
[  380.518535][T18451] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  380.531686][T18451] CPU: 0 UID: 0 PID: 18451 Comm: syz.3.5712 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(voluntary) 
[  380.531714][T18451] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  380.531727][T18451] Call Trace:
[  380.531734][T18451]  <TASK>
[  380.531741][T18451]  __dump_stack+0x1d/0x30
[  380.531759][T18451]  dump_stack_lvl+0xe8/0x140
[  380.531844][T18451]  dump_stack+0x15/0x1b
[  380.531867][T18451]  should_fail_ex+0x265/0x280
[  380.531894][T18451]  should_fail+0xb/0x20
[  380.531970][T18451]  should_fail_usercopy+0x1a/0x20
[  380.531990][T18451]  _copy_to_user+0x20/0xa0
[  380.532009][T18451]  scsi_ioctl+0x13f2/0x1500
[  380.532028][T18451]  ? avc_has_perm+0xd3/0x150
[  380.532061][T18451]  ? file_has_perm+0x324/0x370
[  380.532110][T18451]  ? do_vfs_ioctl+0x993/0x15b0
[  380.532132][T18451]  sg_ioctl+0xdf6/0x1360
[  380.532164][T18451]  ? __pfx_sg_ioctl+0x10/0x10
[  380.532195][T18451]  __se_sys_ioctl+0xcb/0x140
[  380.532276][T18451]  __x64_sys_ioctl+0x43/0x50
[  380.532318][T18451]  x64_sys_call+0x19a8/0x2fb0
[  380.532343][T18451]  do_syscall_64+0xd0/0x1a0
[  380.532371][T18451]  ? clear_bhb_loop+0x25/0x80
[  380.532414][T18451]  ? clear_bhb_loop+0x25/0x80
[  380.532434][T18451]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  380.532481][T18451] RIP: 0033:0x7fc90e3fe969
[  380.532498][T18451] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  380.532521][T18451] RSP: 002b:00007fc90ca67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  380.532553][T18451] RAX: ffffffffffffffda RBX: 00007fc90e625fa0 RCX: 00007fc90e3fe969
[  380.532565][T18451] RDX: 0000200000000040 RSI: 0000000000000001 RDI: 0000000000000007
[  380.532577][T18451] RBP: 00007fc90ca67090 R08: 0000000000000000 R09: 0000000000000000
[  380.532652][T18451] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  380.532663][T18451] R13: 0000000000000000 R14: 00007fc90e625fa0 R15: 00007ffc4d99c378
[  380.532684][T18451]  </TASK>
[  381.058608][T18459] netlink: 156 bytes leftover after parsing attributes in process `syz.3.5716'.
[  381.157931][T18345] veth0_vlan: entered promiscuous mode
[  381.220393][T18470] loop3: detected capacity change from 0 to 256
[  381.237090][T18470] vfat: Unknown parameter 'ÿ'
[  381.283796][T18345] veth1_vlan: entered promiscuous mode
[  381.337387][T18472] loop3: detected capacity change from 0 to 1024
[  381.354962][T18345] veth0_macvtap: entered promiscuous mode
[  381.372963][T18472] EXT4-fs: dax option not supported
[  381.380910][T18345] veth1_macvtap: entered promiscuous mode
[  381.409247][T18472] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5722'.
[  381.429932][T18345] batman_adv: batadv0: Interface activated: batadv_slave_0
[  381.474445][T18345] batman_adv: batadv0: Interface activated: batadv_slave_1
[  381.514335][T18345] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  381.523230][T18345] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  381.532046][T18345] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  381.540947][T18345] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  381.583794][T18453] netlink: 'syz.2.5713': attribute type 4 has an invalid length.
[  381.591573][T18453] netlink: 3657 bytes leftover after parsing attributes in process `syz.2.5713'.
[  381.832220][T18493] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5727'.
[  381.847545][T18495] hub 9-0:1.0: USB hub found
[  381.890363][T18495] hub 9-0:1.0: 8 ports detected
[  381.934230][T18502] FAULT_INJECTION: forcing a failure.
[  381.934230][T18502] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  381.947563][T18502] CPU: 0 UID: 0 PID: 18502 Comm: syz.0.5730 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(voluntary) 
[  381.947595][T18502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  381.947658][T18502] Call Trace:
[  381.947666][T18502]  <TASK>
[  381.947675][T18502]  __dump_stack+0x1d/0x30
[  381.947830][T18502]  dump_stack_lvl+0xe8/0x140
[  381.947856][T18502]  dump_stack+0x15/0x1b
[  381.947944][T18502]  should_fail_ex+0x265/0x280
[  381.947986][T18502]  should_fail+0xb/0x20
[  381.948031][T18502]  should_fail_usercopy+0x1a/0x20
[  381.948052][T18502]  _copy_from_iter+0xcf/0xdd0
[  381.948074][T18502]  ? __build_skb_around+0x1a0/0x200
[  381.948154][T18502]  ? __alloc_skb+0x223/0x320
[  381.948197][T18502]  netlink_sendmsg+0x471/0x6b0
[  381.948242][T18502]  ? __pfx_netlink_sendmsg+0x10/0x10
[  381.948274][T18502]  __sock_sendmsg+0x142/0x180
[  381.948329][T18502]  ____sys_sendmsg+0x31e/0x4e0
[  381.948357][T18502]  ___sys_sendmsg+0x17b/0x1d0
[  381.948400][T18502]  __x64_sys_sendmsg+0xd4/0x160
[  381.948431][T18502]  x64_sys_call+0x2999/0x2fb0
[  381.948466][T18502]  do_syscall_64+0xd0/0x1a0
[  381.948559][T18502]  ? clear_bhb_loop+0x25/0x80
[  381.948586][T18502]  ? clear_bhb_loop+0x25/0x80
[  381.948614][T18502]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  381.948635][T18502] RIP: 0033:0x7f60ef86e969
[  381.948649][T18502] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  381.948734][T18502] RSP: 002b:00007f60eded7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  381.948758][T18502] RAX: ffffffffffffffda RBX: 00007f60efa95fa0 RCX: 00007f60ef86e969
[  381.948775][T18502] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000004
[  381.948824][T18502] RBP: 00007f60eded7090 R08: 0000000000000000 R09: 0000000000000000
[  381.948839][T18502] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  381.948861][T18502] R13: 0000000000000000 R14: 00007f60efa95fa0 R15: 00007ffc7cd8a578
[  381.948888][T18502]  </TASK>
[  382.294372][T18509] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5732'.
[  382.484212][T18514] program syz.0.5734 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  382.637190][T18521] program syz.4.5737 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  382.956103][T18532] loop4: detected capacity change from 0 to 1024
[  382.999386][T18532] EXT4-fs: Ignoring removed nomblk_io_submit option
[  383.211877][T18538] xt_CT: You must specify a L4 protocol and not use inversions on it
[  383.314514][T18540] loop3: detected capacity change from 0 to 1024
[  383.335923][T18540] EXT4-fs: dax option not supported
[  383.365868][T18540] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5744'.
[  383.456744][T18542] loop3: detected capacity change from 0 to 1024
[  383.472352][T18532] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  383.518249][T18542] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  383.559065][T18542] ext4 filesystem being mounted at /508/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  383.609218][T18542] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm +}[@: bg 0: block 393: padding at end of block bitmap is not set
[  383.629172][T18542] EXT4-fs (loop3): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 186 with error 117
[  383.641811][T18542] EXT4-fs (loop3): This should not happen!! Data will be lost
[  383.641811][T18542] 
[  383.674158][T12065] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  383.759112][ T3722] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  383.808289][ T3722] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  383.832463][ T3722] bond0 (unregistering): (slave batadv0): Releasing backup interface
[  383.833505][ T3722] bond0 (unregistering): Released all slaves
[  384.040206][T18542] lo speed is unknown, defaulting to 1000
[  384.048635][ T3722] hsr_slave_0: left promiscuous mode
[  384.054459][ T3722] hsr_slave_1: left promiscuous mode
[  384.064357][ T3722] batman_adv: batadv0: Removing interface: dummy0
[  384.083707][ T3722] batman_adv: batadv0: Removing interface: batadv_slave_0
[  384.099041][ T3722] batman_adv: batadv0: Removing interface: batadv_slave_1
[  384.167617][ T3722] team0 (unregistering): Port device team_slave_1 removed
[  384.200328][ T3722] team0 (unregistering): Port device team_slave_0 removed
[  384.305932][T18542] lo speed is unknown, defaulting to 1000
[  384.324641][T18542] lo speed is unknown, defaulting to 1000
[  384.338875][T18542] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  384.367264][T18547] lo speed is unknown, defaulting to 1000
[  384.412421][T18542] lo speed is unknown, defaulting to 1000
[  384.440914][T18542] lo speed is unknown, defaulting to 1000
[  384.475223][T18542] lo speed is unknown, defaulting to 1000
[  384.504832][T18547] chnl_net:caif_netlink_parms(): no params data found
[  384.535584][T18542] lo speed is unknown, defaulting to 1000
[  384.710611][T18547] bridge0: port 1(bridge_slave_0) entered blocking state
[  384.717874][T18547] bridge0: port 1(bridge_slave_0) entered disabled state
[  384.750061][T18547] bridge_slave_0: entered allmulticast mode
[  384.760701][T18547] bridge_slave_0: entered promiscuous mode
[  384.781243][ T3722] IPVS: stop unused estimator thread 0...
[  384.787416][T18547] bridge0: port 2(bridge_slave_1) entered blocking state
[  384.794593][T18547] bridge0: port 2(bridge_slave_1) entered disabled state
[  384.826086][T18547] bridge_slave_1: entered allmulticast mode
[  384.840509][T18547] bridge_slave_1: entered promiscuous mode
[  384.876240][T18547] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  384.900503][T18547] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  384.942035][T18547] team0: Port device team_slave_0 added
[  384.948549][T18547] team0: Port device team_slave_1 added
[  384.993022][T18547] batman_adv: batadv0: Adding interface: batadv_slave_0
[  385.000045][T18547] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  385.025987][T18547] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  385.087202][T18547] batman_adv: batadv0: Adding interface: batadv_slave_1
[  385.094269][T18547] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  385.120325][T18547] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  385.200025][T18547] hsr_slave_0: entered promiscuous mode
[  385.206250][T18547] hsr_slave_1: entered promiscuous mode
[  385.220380][T18547] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  385.228112][T18547] Cannot create hsr debugfs directory
[  385.415676][T18584] xt_CT: You must specify a L4 protocol and not use inversions on it
[  385.527225][   T29] kauditd_printk_skb: 37 callbacks suppressed
[  385.527236][   T29] audit: type=1400 audit(1746964459.108:25798): avc:  denied  { create } for  pid=18585 comm="syz.1.5755" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  385.553240][   T29] audit: type=1326 audit(1746964459.108:25799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18585 comm="syz.1.5755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0527fe969 code=0x7ffc0000
[  385.577000][   T29] audit: type=1326 audit(1746964459.108:25800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18585 comm="syz.1.5755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0527fe969 code=0x7ffc0000
[  385.600614][   T29] audit: type=1326 audit(1746964459.108:25801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18585 comm="syz.1.5755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7fe0527fe969 code=0x7ffc0000
[  385.624288][   T29] audit: type=1326 audit(1746964459.108:25802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18585 comm="syz.1.5755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0527fe969 code=0x7ffc0000
[  385.643033][T18588] loop4: detected capacity change from 0 to 1024
[  385.648205][   T29] audit: type=1326 audit(1746964459.108:25803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18585 comm="syz.1.5755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0527fe969 code=0x7ffc0000
[  385.678055][   T29] audit: type=1326 audit(1746964459.108:25804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18585 comm="syz.1.5755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=209 compat=0 ip=0x7fe0527fe969 code=0x7ffc0000
[  385.701744][   T29] audit: type=1326 audit(1746964459.108:25805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18585 comm="syz.1.5755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0527fe969 code=0x7ffc0000
[  385.725712][   T29] audit: type=1326 audit(1746964459.108:25806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18585 comm="syz.1.5755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0527fe969 code=0x7ffc0000
[  385.759726][T18588] EXT4-fs: dax option not supported
[  385.799182][T18588] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5756'.
[  385.814548][T18547] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  385.854619][T18547] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  385.879777][T18547] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  385.905859][T18547] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  385.989007][   T29] audit: type=1400 audit(1746964459.568:25807): avc:  denied  { validate_trans } for  pid=18599 comm="syz.1.5761" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  386.020945][T18547] 8021q: adding VLAN 0 to HW filter on device bond0
[  386.037934][T18547] 8021q: adding VLAN 0 to HW filter on device team0
[  386.056506][ T3722] bridge0: port 1(bridge_slave_0) entered blocking state
[  386.063652][ T3722] bridge0: port 1(bridge_slave_0) entered forwarding state
[  386.089610][T18547] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  386.100190][T18547] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  386.182301][ T3722] bridge0: port 2(bridge_slave_1) entered blocking state
[  386.189563][ T3722] bridge0: port 2(bridge_slave_1) entered forwarding state
[  386.197500][T18605] FAULT_INJECTION: forcing a failure.
[  386.197500][T18605] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  386.210722][T18605] CPU: 0 UID: 0 PID: 18605 Comm: syz.4.5763 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(voluntary) 
[  386.210747][T18605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  386.210771][T18605] Call Trace:
[  386.210775][T18605]  <TASK>
[  386.210782][T18605]  __dump_stack+0x1d/0x30
[  386.210799][T18605]  dump_stack_lvl+0xe8/0x140
[  386.210856][T18605]  dump_stack+0x15/0x1b
[  386.210874][T18605]  should_fail_ex+0x265/0x280
[  386.210933][T18605]  should_fail+0xb/0x20
[  386.210962][T18605]  should_fail_usercopy+0x1a/0x20
[  386.210981][T18605]  _copy_from_user+0x1c/0xb0
[  386.211050][T18605]  ___sys_sendmsg+0xc1/0x1d0
[  386.211085][T18605]  __x64_sys_sendmsg+0xd4/0x160
[  386.211110][T18605]  x64_sys_call+0x2999/0x2fb0
[  386.211138][T18605]  do_syscall_64+0xd0/0x1a0
[  386.211172][T18605]  ? clear_bhb_loop+0x25/0x80
[  386.211195][T18605]  ? clear_bhb_loop+0x25/0x80
[  386.211217][T18605]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  386.211239][T18605] RIP: 0033:0x7f6d4f69e969
[  386.211304][T18605] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  386.211378][T18605] RSP: 002b:00007f6d4dd07038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  386.211467][T18605] RAX: ffffffffffffffda RBX: 00007f6d4f8c5fa0 RCX: 00007f6d4f69e969
[  386.211603][T18605] RDX: 0000000020008000 RSI: 0000200000000040 RDI: 0000000000000003
[  386.211646][T18605] RBP: 00007f6d4dd07090 R08: 0000000000000000 R09: 0000000000000000
[  386.211658][T18605] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  386.211669][T18605] R13: 0000000000000000 R14: 00007f6d4f8c5fa0 R15: 00007ffe1c57c208
[  386.211687][T18605]  </TASK>
[  386.438075][T18611] xt_CT: You must specify a L4 protocol and not use inversions on it
[  386.447135][T11829] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  386.477435][T18547] 8021q: adding VLAN 0 to HW filter on device batadv0
[  386.538498][T18625] program syz.3.5768 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  386.556902][T18547] veth0_vlan: entered promiscuous mode
[  386.565931][T18547] veth1_vlan: entered promiscuous mode
[  386.583140][T18547] veth0_macvtap: entered promiscuous mode
[  386.593540][T18547] veth1_macvtap: entered promiscuous mode
[  386.604394][T18547] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  386.615094][T18547] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  386.632851][T18547] batman_adv: batadv0: Interface activated: batadv_slave_0
[  386.645108][T18547] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  386.655685][T18547] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  386.667335][T18547] batman_adv: batadv0: Interface activated: batadv_slave_1
[  386.677634][T18547] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  386.686493][T18547] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  386.695289][T18547] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  386.704077][T18547] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  386.728409][T18631] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5770'.
[  386.792837][T18642] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  386.801552][T18642] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  386.810350][T18642] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  386.819773][T18643] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  386.828289][T18643] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  386.837237][T18642] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  386.948425][T18656] xt_CT: You must specify a L4 protocol and not use inversions on it
[  387.102454][T18667] loop3: detected capacity change from 0 to 1024
[  387.109368][T18667] EXT4-fs: dax option not supported
[  387.116693][T18667] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5783'.
[  387.124635][T18658] lo speed is unknown, defaulting to 1000
[  387.215059][T18674] netlink: 'syz.3.5785': attribute type 13 has an invalid length.
[  387.266475][T18677] ipvlan2: entered promiscuous mode
[  387.311438][T18677] bridge0: port 3(ipvlan2) entered blocking state
[  387.318017][T18677] bridge0: port 3(ipvlan2) entered disabled state
[  387.357569][T18677] ipvlan2: entered allmulticast mode
[  387.362950][T18677] bridge0: entered allmulticast mode
[  387.470370][T18677] ipvlan2: left allmulticast mode
[  387.475470][T18677] bridge0: left allmulticast mode
[  387.526456][T18692] xt_CT: You must specify a L4 protocol and not use inversions on it
[  387.605267][T18696] loop3: detected capacity change from 0 to 1024
[  387.628036][T18696] EXT4-fs: Ignoring removed nobh option
[  387.633779][T18696] EXT4-fs: Ignoring removed bh option
[  387.653993][T18698] lo speed is unknown, defaulting to 1000
[  387.673602][T18696] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  387.747749][T11829] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  387.913842][T18719] loop3: detected capacity change from 0 to 1024
[  388.073148][T18700] lo speed is unknown, defaulting to 1000
[  388.102877][T18728] xt_CT: You must specify a L4 protocol and not use inversions on it
[  388.244193][T18735] FAULT_INJECTION: forcing a failure.
[  388.244193][T18735] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  388.257606][T18735] CPU: 0 UID: 0 PID: 18735 Comm: syz.1.5809 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(voluntary) 
[  388.257736][T18735] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  388.257749][T18735] Call Trace:
[  388.257757][T18735]  <TASK>
[  388.257816][T18735]  __dump_stack+0x1d/0x30
[  388.257838][T18735]  dump_stack_lvl+0xe8/0x140
[  388.257857][T18735]  dump_stack+0x15/0x1b
[  388.257872][T18735]  should_fail_ex+0x265/0x280
[  388.257910][T18735]  should_fail_alloc_page+0xf2/0x100
[  388.258066][T18735]  __alloc_frozen_pages_noprof+0xff/0x360
[  388.258098][T18735]  alloc_pages_mpol+0xb3/0x250
[  388.258123][T18735]  folio_alloc_mpol_noprof+0x39/0x80
[  388.258146][T18735]  shmem_get_folio_gfp+0x3cf/0xd40
[  388.258216][T18735]  shmem_fallocate+0x57c/0x840
[  388.258280][T18735]  vfs_fallocate+0x410/0x450
[  388.258308][T18735]  __x64_sys_fallocate+0x7a/0xd0
[  388.258341][T18735]  x64_sys_call+0x2b88/0x2fb0
[  388.258368][T18735]  do_syscall_64+0xd0/0x1a0
[  388.258443][T18735]  ? clear_bhb_loop+0x25/0x80
[  388.258474][T18735]  ? clear_bhb_loop+0x25/0x80
[  388.258494][T18735]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  388.258546][T18735] RIP: 0033:0x7fe0527fe969
[  388.258564][T18735] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  388.258611][T18735] RSP: 002b:00007fe050e67038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[  388.258646][T18735] RAX: ffffffffffffffda RBX: 00007fe052a25fa0 RCX: 00007fe0527fe969
[  388.258658][T18735] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[  388.258669][T18735] RBP: 00007fe050e67090 R08: 0000000000000000 R09: 0000000000000000
[  388.258680][T18735] R10: 0000000008000c62 R11: 0000000000000246 R12: 0000000000000001
[  388.258692][T18735] R13: 0000000000000000 R14: 00007fe052a25fa0 R15: 00007ffcf3df1068
[  388.258779][T18735]  </TASK>
[  388.529158][T18740] FAULT_INJECTION: forcing a failure.
[  388.529158][T18740] name failslab, interval 1, probability 0, space 0, times 0
[  388.542020][T18740] CPU: 1 UID: 0 PID: 18740 Comm: syz.0.5808 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(voluntary) 
[  388.542118][T18740] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  388.542130][T18740] Call Trace:
[  388.542137][T18740]  <TASK>
[  388.542144][T18740]  __dump_stack+0x1d/0x30
[  388.542268][T18740]  dump_stack_lvl+0xe8/0x140
[  388.542288][T18740]  dump_stack+0x15/0x1b
[  388.542302][T18740]  should_fail_ex+0x265/0x280
[  388.542329][T18740]  should_failslab+0x8c/0xb0
[  388.542412][T18740]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  388.542437][T18740]  ? sidtab_sid2str_get+0xa0/0x130
[  388.542471][T18740]  kmemdup_noprof+0x2b/0x70
[  388.542489][T18740]  sidtab_sid2str_get+0xa0/0x130
[  388.542556][T18740]  security_sid_to_context_core+0x1eb/0x2e0
[  388.542607][T18740]  security_sid_to_context_force+0x2a/0x40
[  388.542641][T18740]  selinux_inode_getsecurity+0x2f6/0x320
[  388.542687][T18740]  security_inode_getsecurity+0xcf/0xe0
[  388.542746][T18740]  vfs_getxattr+0x140/0x250
[  388.542770][T18740]  do_getxattr+0x124/0x2a0
[  388.542857][T18740]  path_getxattrat+0x22c/0x2a0
[  388.542905][T18740]  __x64_sys_fgetxattr+0x59/0x70
[  388.542938][T18740]  x64_sys_call+0x2a12/0x2fb0
[  388.543039][T18740]  do_syscall_64+0xd0/0x1a0
[  388.543113][T18740]  ? clear_bhb_loop+0x25/0x80
[  388.543152][T18740]  ? clear_bhb_loop+0x25/0x80
[  388.543248][T18740]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  388.543274][T18740] RIP: 0033:0x7f60ef86e969
[  388.543291][T18740] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  388.543313][T18740] RSP: 002b:00007f60eded7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c1
[  388.543380][T18740] RAX: ffffffffffffffda RBX: 00007f60efa95fa0 RCX: 00007f60ef86e969
[  388.543446][T18740] RDX: 0000000000000000 RSI: 00002000000003c0 RDI: 0000000000000006
[  388.543461][T18740] RBP: 00007f60eded7090 R08: 0000000000000000 R09: 0000000000000000
[  388.543477][T18740] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  388.543488][T18740] R13: 0000000000000000 R14: 00007f60efa95fa0 R15: 00007ffc7cd8a578
[  388.543549][T18740]  </TASK>
[  388.774910][T18746] loop3: detected capacity change from 0 to 1024
[  388.799701][T18746] EXT4-fs: Ignoring removed nobh option
[  388.805336][T18746] EXT4-fs: Ignoring removed bh option
[  388.841434][T18746] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  388.858502][T18746] FAULT_INJECTION: forcing a failure.
[  388.858502][T18746] name failslab, interval 1, probability 0, space 0, times 0
[  388.871180][T18746] CPU: 1 UID: 0 PID: 18746 Comm: syz.3.5813 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(voluntary) 
[  388.871342][T18746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  388.871355][T18746] Call Trace:
[  388.871363][T18746]  <TASK>
[  388.871371][T18746]  __dump_stack+0x1d/0x30
[  388.871393][T18746]  dump_stack_lvl+0xe8/0x140
[  388.871416][T18746]  dump_stack+0x15/0x1b
[  388.871434][T18746]  should_fail_ex+0x265/0x280
[  388.871467][T18746]  ? audit_log_d_path+0x8d/0x150
[  388.871565][T18746]  should_failslab+0x8c/0xb0
[  388.871591][T18746]  __kmalloc_cache_noprof+0x4c/0x320
[  388.871610][T18746]  audit_log_d_path+0x8d/0x150
[  388.871715][T18746]  audit_log_d_path_exe+0x42/0x70
[  388.871806][T18746]  audit_log_task+0x1e9/0x250
[  388.871896][T18746]  audit_seccomp+0x61/0x100
[  388.871971][T18746]  ? __seccomp_filter+0x68c/0x10d0
[  388.871994][T18746]  __seccomp_filter+0x69d/0x10d0
[  388.872015][T18746]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  388.872059][T18746]  ? vfs_write+0x75e/0x8d0
[  388.872128][T18746]  ? __rcu_read_unlock+0x4f/0x70
[  388.872152][T18746]  ? __fget_files+0x184/0x1c0
[  388.872186][T18746]  __secure_computing+0x82/0x150
[  388.872209][T18746]  syscall_trace_enter+0xcf/0x1e0
[  388.872252][T18746]  do_syscall_64+0xaa/0x1a0
[  388.872272][T18746]  ? clear_bhb_loop+0x25/0x80
[  388.872350][T18746]  ? clear_bhb_loop+0x25/0x80
[  388.872369][T18746]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  388.872390][T18746] RIP: 0033:0x7fc90e3fe969
[  388.872438][T18746] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  388.872458][T18746] RSP: 002b:00007fc90ca67038 EFLAGS: 00000246 ORIG_RAX: 000000000000004c
[  388.872475][T18746] RAX: ffffffffffffffda RBX: 00007fc90e625fa0 RCX: 00007fc90e3fe969
[  388.872486][T18746] RDX: 0000000000000000 RSI: 0000000003000000 RDI: 0000200000000900
[  388.872498][T18746] RBP: 00007fc90ca67090 R08: 0000000000000000 R09: 0000000000000000
[  388.872566][T18746] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  388.872579][T18746] R13: 0000000000000000 R14: 00007fc90e625fa0 R15: 00007ffc4d99c378
[  388.872601][T18746]  </TASK>
[  389.148697][T11829] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  389.179478][T18761] xt_CT: You must specify a L4 protocol and not use inversions on it
[  389.208524][T18762] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[  389.324033][T18766] FAULT_INJECTION: forcing a failure.
[  389.324033][T18766] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  389.337164][T18766] CPU: 1 UID: 0 PID: 18766 Comm: syz.4.5819 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(voluntary) 
[  389.337195][T18766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  389.337208][T18766] Call Trace:
[  389.337213][T18766]  <TASK>
[  389.337244][T18766]  __dump_stack+0x1d/0x30
[  389.337278][T18766]  dump_stack_lvl+0xe8/0x140
[  389.337320][T18766]  dump_stack+0x15/0x1b
[  389.337339][T18766]  should_fail_ex+0x265/0x280
[  389.337368][T18766]  should_fail+0xb/0x20
[  389.337416][T18766]  should_fail_usercopy+0x1a/0x20
[  389.337512][T18766]  _copy_from_iter+0xcf/0xdd0
[  389.337530][T18766]  ? __rcu_read_unlock+0x4f/0x70
[  389.337550][T18766]  ? mntput_no_expire+0x6f/0x3d0
[  389.337573][T18766]  copy_page_from_iter+0x15a/0x290
[  389.337600][T18766]  tun_get_user+0x5c7/0x24d0
[  389.337724][T18766]  ? ref_tracker_alloc+0x1f2/0x2f0
[  389.337769][T18766]  tun_chr_write_iter+0x15e/0x210
[  389.337801][T18766]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  389.337897][T18766]  vfs_write+0x49d/0x8d0
[  389.337993][T18766]  ksys_write+0xda/0x1a0
[  389.338024][T18766]  __x64_sys_write+0x40/0x50
[  389.338088][T18766]  x64_sys_call+0x2cdd/0x2fb0
[  389.338113][T18766]  do_syscall_64+0xd0/0x1a0
[  389.338210][T18766]  ? clear_bhb_loop+0x25/0x80
[  389.338233][T18766]  ? clear_bhb_loop+0x25/0x80
[  389.338257][T18766]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  389.338281][T18766] RIP: 0033:0x7f6d4f69d41f
[  389.338296][T18766] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  389.338316][T18766] RSP: 002b:00007f6d4dd07000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  389.338383][T18766] RAX: ffffffffffffffda RBX: 00007f6d4f8c5fa0 RCX: 00007f6d4f69d41f
[  389.338397][T18766] RDX: 0000000000000052 RSI: 00002000000007c0 RDI: 00000000000000c8
[  389.338411][T18766] RBP: 00007f6d4dd07090 R08: 0000000000000000 R09: 0000000000000000
[  389.338425][T18766] R10: 0000000000000052 R11: 0000000000000293 R12: 0000000000000001
[  389.338438][T18766] R13: 0000000000000000 R14: 00007f6d4f8c5fa0 R15: 00007ffe1c57c208
[  389.338459][T18766]  </TASK>
[  389.885948][T18787] netlink: 17279 bytes leftover after parsing attributes in process `syz.1.5827'.
[  390.012690][T18791] xt_CT: You must specify a L4 protocol and not use inversions on it
[  390.112187][T18797] FAULT_INJECTION: forcing a failure.
[  390.112187][T18797] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  390.125333][T18797] CPU: 1 UID: 0 PID: 18797 Comm: syz.1.5832 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(voluntary) 
[  390.125373][T18797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  390.125387][T18797] Call Trace:
[  390.125394][T18797]  <TASK>
[  390.125402][T18797]  __dump_stack+0x1d/0x30
[  390.125489][T18797]  dump_stack_lvl+0xe8/0x140
[  390.125511][T18797]  dump_stack+0x15/0x1b
[  390.125530][T18797]  should_fail_ex+0x265/0x280
[  390.125603][T18797]  should_fail+0xb/0x20
[  390.125627][T18797]  should_fail_usercopy+0x1a/0x20
[  390.125675][T18797]  _copy_to_user+0x20/0xa0
[  390.125700][T18797]  simple_read_from_buffer+0xb5/0x130
[  390.125728][T18797]  proc_fail_nth_read+0x100/0x140
[  390.125756][T18797]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  390.125857][T18797]  vfs_read+0x19d/0x6f0
[  390.125884][T18797]  ? __rcu_read_unlock+0x4f/0x70
[  390.125954][T18797]  ? __fget_files+0x184/0x1c0
[  390.125984][T18797]  ksys_read+0xda/0x1a0
[  390.126008][T18797]  __x64_sys_read+0x40/0x50
[  390.126101][T18797]  x64_sys_call+0x2d77/0x2fb0
[  390.126122][T18797]  do_syscall_64+0xd0/0x1a0
[  390.126188][T18797]  ? clear_bhb_loop+0x25/0x80
[  390.126207][T18797]  ? clear_bhb_loop+0x25/0x80
[  390.126274][T18797]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  390.126292][T18797] RIP: 0033:0x7fe0527fd37c
[  390.126309][T18797] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  390.126369][T18797] RSP: 002b:00007fe050e67030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  390.126386][T18797] RAX: ffffffffffffffda RBX: 00007fe052a25fa0 RCX: 00007fe0527fd37c
[  390.126397][T18797] RDX: 000000000000000f RSI: 00007fe050e670a0 RDI: 0000000000000004
[  390.126407][T18797] RBP: 00007fe050e67090 R08: 0000000000000000 R09: 0000000000000000
[  390.126418][T18797] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  390.126428][T18797] R13: 0000000000000000 R14: 00007fe052a25fa0 R15: 00007ffcf3df1068
[  390.126444][T18797]  </TASK>
[  390.382070][T18805] netlink: 2 bytes leftover after parsing attributes in process `syz.1.5836'.
[  390.397169][T18804] syz_tun: entered allmulticast mode
[  390.423140][T18804] hub 9-0:1.0: USB hub found
[  390.427876][T18804] hub 9-0:1.0: 8 ports detected
[  390.470023][T18802] syz_tun: left allmulticast mode
[  390.542574][T18795] lo speed is unknown, defaulting to 1000
[  390.603220][T18816] xt_CT: You must specify a L4 protocol and not use inversions on it
[  390.806747][T18828] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  390.966097][T18828] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  391.072228][T18828] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  391.158956][   T29] kauditd_printk_skb: 99 callbacks suppressed
[  391.158970][   T29] audit: type=1326 audit(1746964464.708:25907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18844 comm="syz.1.5849" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe0527fe969 code=0x0
[  391.192275][T18828] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  391.288701][T18828] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  391.304557][T18828] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  391.322910][T18828] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  391.335388][T18828] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  391.525798][   T29] audit: type=1400 audit(1746964465.108:25908): avc:  denied  { write } for  pid=18848 comm="syz.0.5850" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  391.559446][   T29] audit: type=1326 audit(1746964465.138:25909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18848 comm="syz.0.5850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60ef86e969 code=0x7ffc0000
[  391.583191][   T29] audit: type=1326 audit(1746964465.138:25910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18848 comm="syz.0.5850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=76 compat=0 ip=0x7f60ef86e969 code=0x7ffc0000
[  391.606734][   T29] audit: type=1326 audit(1746964465.138:25911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18848 comm="syz.0.5850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60ef86e969 code=0x7ffc0000
[  391.630577][   T29] audit: type=1326 audit(1746964465.138:25912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18848 comm="syz.0.5850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7f60ef86e969 code=0x7ffc0000
[  391.654320][   T29] audit: type=1326 audit(1746964465.138:25913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18848 comm="syz.0.5850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60ef86e969 code=0x7ffc0000
[  391.678052][   T29] audit: type=1326 audit(1746964465.138:25914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18848 comm="syz.0.5850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60ef86e969 code=0x7ffc0000
[  391.814353][T18870] lo speed is unknown, defaulting to 1000
[  391.890345][T18875] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  391.904126][T18877] netlink: 'syz.0.5859': attribute type 13 has an invalid length.
[  391.913821][T18875] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  392.020145][T18881] netlink: 'syz.1.5860': attribute type 32 has an invalid length.
[  392.042831][T18881] Invalid ELF header magic: != ELF
[  392.049901][   T29] audit: type=1400 audit(1746964465.628:25915): avc:  denied  { module_load } for  pid=18879 comm="syz.1.5860" path="/sys/kernel/notes" dev="sysfs" ino=210 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=system permissive=1
[  392.248839][T18877] bridge0: port 2(bridge_slave_1) entered disabled state
[  392.256087][T18877] bridge0: port 1(bridge_slave_0) entered disabled state
[  392.341737][T18877] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  392.375536][T18877] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  392.510655][T18877] netdevsim netdevsim0 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  392.519090][T18877] netdevsim netdevsim0 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  392.527564][T18877] netdevsim netdevsim0 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  392.535993][T18877] netdevsim netdevsim0 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  392.590916][T18868] lo speed is unknown, defaulting to 1000
[  392.803205][T18904] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5866'.
[  393.039567][   T29] audit: type=1326 audit(1746964466.628:25916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18913 comm="syz.2.5870" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa8ca2be969 code=0x0
[  393.217259][T18921] netlink: 68 bytes leftover after parsing attributes in process `syz.0.5873'.
[  393.257205][T18926] FAULT_INJECTION: forcing a failure.
[  393.257205][T18926] name failslab, interval 1, probability 0, space 0, times 0
[  393.269944][T18926] CPU: 1 UID: 0 PID: 18926 Comm: syz.0.5874 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(voluntary) 
[  393.269987][T18926] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  393.270005][T18926] Call Trace:
[  393.270010][T18926]  <TASK>
[  393.270017][T18926]  __dump_stack+0x1d/0x30
[  393.270040][T18926]  dump_stack_lvl+0xe8/0x140
[  393.270062][T18926]  dump_stack+0x15/0x1b
[  393.270081][T18926]  should_fail_ex+0x265/0x280
[  393.270135][T18926]  should_failslab+0x8c/0xb0
[  393.270171][T18926]  kmem_cache_alloc_noprof+0x50/0x310
[  393.270202][T18926]  ? vm_area_alloc+0x2c/0xb0
[  393.270229][T18926]  vm_area_alloc+0x2c/0xb0
[  393.270253][T18926]  mmap_region+0x81f/0x1470
[  393.270314][T18926]  do_mmap+0x9de/0xc20
[  393.270348][T18926]  vm_mmap_pgoff+0x17a/0x2e0
[  393.270389][T18926]  ksys_mmap_pgoff+0xc2/0x310
[  393.270410][T18926]  ? __x64_sys_mmap+0x49/0x70
[  393.270428][T18926]  x64_sys_call+0x1602/0x2fb0
[  393.270448][T18926]  do_syscall_64+0xd0/0x1a0
[  393.270473][T18926]  ? clear_bhb_loop+0x25/0x80
[  393.270497][T18926]  ? clear_bhb_loop+0x25/0x80
[  393.270521][T18926]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  393.270543][T18926] RIP: 0033:0x7f60ef86e9a3
[  393.270556][T18926] Code: f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 89 ca 41 f7 c1 ff 0f 00 00 75 14 b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 25 c3 0f 1f 40 00 48 c7 c0 a8 ff ff ff 64 c7
[  393.270572][T18926] RSP: 002b:00007f60eded6d68 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  393.270593][T18926] RAX: ffffffffffffffda RBX: 000000000000060b RCX: 00007f60ef86e9a3
[  393.270603][T18926] RDX: 0000000000000003 RSI: 0000000008400000 RDI: 0000000000000000
[  393.270614][T18926] RBP: 0000200000002202 R08: 00000000ffffffff R09: 0000000000000000
[  393.270645][T18926] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000004
[  393.270660][T18926] R13: 00007f60eded6dec R14: 00007f60eded6df0 R15: 00007ffc7cd8a578
[  393.270683][T18926]  </TASK>
[  394.055095][T18932] lo speed is unknown, defaulting to 1000
[  394.132441][T18935] xt_CT: You must specify a L4 protocol and not use inversions on it
[  394.255573][T18938] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5879'.
[  394.363281][T18946] netlink: 56 bytes leftover after parsing attributes in process `syz.1.5882'.
[  394.402831][T18946] netlink: 92 bytes leftover after parsing attributes in process `syz.1.5882'.
[  395.069031][T18968] FAULT_INJECTION: forcing a failure.
[  395.069031][T18968] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  395.082144][T18968] CPU: 1 UID: 0 PID: 18968 Comm: syz.2.5890 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(voluntary) 
[  395.082170][T18968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  395.082201][T18968] Call Trace:
[  395.082208][T18968]  <TASK>
[  395.082216][T18968]  __dump_stack+0x1d/0x30
[  395.082265][T18968]  dump_stack_lvl+0xe8/0x140
[  395.082299][T18968]  dump_stack+0x15/0x1b
[  395.082316][T18968]  should_fail_ex+0x265/0x280
[  395.082349][T18968]  should_fail+0xb/0x20
[  395.082373][T18968]  should_fail_usercopy+0x1a/0x20
[  395.082460][T18968]  _copy_from_user+0x1c/0xb0
[  395.082482][T18968]  get_sg_io_hdr+0x82/0x360
[  395.082502][T18968]  ? path_openat+0x1bf8/0x2170
[  395.082562][T18968]  ? __rcu_read_unlock+0x4f/0x70
[  395.082583][T18968]  sg_new_write+0xc3/0x890
[  395.082626][T18968]  sg_ioctl+0xb81/0x1360
[  395.082720][T18968]  ? __pfx_sg_ioctl+0x10/0x10
[  395.082816][T18968]  __se_sys_ioctl+0xcb/0x140
[  395.082839][T18968]  __x64_sys_ioctl+0x43/0x50
[  395.082855][T18968]  x64_sys_call+0x19a8/0x2fb0
[  395.082875][T18968]  do_syscall_64+0xd0/0x1a0
[  395.082958][T18968]  ? clear_bhb_loop+0x25/0x80
[  395.082976][T18968]  ? clear_bhb_loop+0x25/0x80
[  395.082994][T18968]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  395.083011][T18968] RIP: 0033:0x7fa8ca2be969
[  395.083024][T18968] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  395.083074][T18968] RSP: 002b:00007fa8c8927038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  395.083089][T18968] RAX: ffffffffffffffda RBX: 00007fa8ca4e5fa0 RCX: 00007fa8ca2be969
[  395.083099][T18968] RDX: 0000200000000040 RSI: 0000000000002285 RDI: 0000000000000007
[  395.083109][T18968] RBP: 00007fa8c8927090 R08: 0000000000000000 R09: 0000000000000000
[  395.083121][T18968] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  395.083134][T18968] R13: 0000000000000000 R14: 00007fa8ca4e5fa0 R15: 00007ffc731081d8
[  395.083155][T18968]  </TASK>
[  395.619829][T18970] netlink: 'syz.2.5891': attribute type 13 has an invalid length.
[  395.629536][T18974] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5893'.
[  395.705351][T18970] bridge0: port 2(bridge_slave_1) entered disabled state
[  395.712561][T18970] bridge0: port 1(bridge_slave_0) entered disabled state
[  395.756374][T18970] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  395.767603][T18970] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  395.813036][T18970] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  395.822151][T18970] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  395.831738][T18970] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  395.840914][T18970] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  395.964933][T18982] macvlan2: entered promiscuous mode
[  395.970303][T18982] bridge0: entered promiscuous mode
[  396.033432][T18982] bridge0: port 3(macvlan2) entered blocking state
[  396.040058][T18982] bridge0: port 3(macvlan2) entered disabled state
[  396.061982][T18982] macvlan2: entered allmulticast mode
[  396.067421][T18982] bridge0: entered allmulticast mode
[  396.109800][T18982] macvlan2: left allmulticast mode
[  396.115109][T18982] bridge0: left allmulticast mode
[  396.164962][T18982] bridge0: left promiscuous mode
[  396.279856][   T29] kauditd_printk_skb: 5 callbacks suppressed
[  396.279873][   T29] audit: type=1326 audit(1746964469.868:25922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19001 comm="syz.1.5902" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe0527fe969 code=0x0
[  396.688714][T18997] lo speed is unknown, defaulting to 1000
[  397.037575][T19010] FAULT_INJECTION: forcing a failure.
[  397.037575][T19010] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  397.050691][T19010] CPU: 1 UID: 0 PID: 19010 Comm: syz.2.5903 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(voluntary) 
[  397.050763][T19010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  397.050790][T19010] Call Trace:
[  397.050797][T19010]  <TASK>
[  397.050805][T19010]  __dump_stack+0x1d/0x30
[  397.050829][T19010]  dump_stack_lvl+0xe8/0x140
[  397.050853][T19010]  dump_stack+0x15/0x1b
[  397.050932][T19010]  should_fail_ex+0x265/0x280
[  397.050964][T19010]  should_fail+0xb/0x20
[  397.050995][T19010]  should_fail_usercopy+0x1a/0x20
[  397.051020][T19010]  _copy_to_iter+0x24b/0xdd0
[  397.051117][T19010]  ? input_devices_seq_show+0x44f/0x470
[  397.051203][T19010]  ? seq_list_next+0x32/0x50
[  397.051232][T19010]  seq_read_iter+0x76a/0x940
[  397.051256][T19010]  seq_read+0x1f7/0x240
[  397.051278][T19010]  ? __pfx_seq_read+0x10/0x10
[  397.051320][T19010]  proc_reg_read+0x125/0x1c0
[  397.051370][T19010]  vfs_readv+0x3e6/0x670
[  397.051399][T19010]  ? __pfx_proc_reg_read+0x10/0x10
[  397.051458][T19010]  __x64_sys_preadv+0xfd/0x1c0
[  397.051541][T19010]  x64_sys_call+0x1503/0x2fb0
[  397.051784][T19010]  do_syscall_64+0xd0/0x1a0
[  397.051804][T19010]  ? clear_bhb_loop+0x25/0x80
[  397.051823][T19010]  ? clear_bhb_loop+0x25/0x80
[  397.051858][T19010]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  397.051896][T19010] RIP: 0033:0x7fa8ca2be969
[  397.051909][T19010] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  397.051926][T19010] RSP: 002b:00007fa8c88e5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  397.051945][T19010] RAX: ffffffffffffffda RBX: 00007fa8ca4e6160 RCX: 00007fa8ca2be969
[  397.051957][T19010] RDX: 0000000000000001 RSI: 00002000000015c0 RDI: 0000000000000008
[  397.052018][T19010] RBP: 00007fa8c88e5090 R08: 0000000000000003 R09: 0000000000000000
[  397.052030][T19010] R10: 00000000000000f0 R11: 0000000000000246 R12: 0000000000000001
[  397.052084][T19010] R13: 0000000000000000 R14: 00007fa8ca4e6160 R15: 00007ffc731081d8
[  397.052153][T19010]  </TASK>
[  397.419752][T19013] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5904'.
[  397.474454][   T29] audit: type=1400 audit(1746964471.058:25923): avc:  denied  { bind } for  pid=19016 comm="syz.0.5906" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  397.785705][T19029] netlink: 'syz.2.5909': attribute type 13 has an invalid length.
[  397.872263][   T29] audit: type=1326 audit(1746964471.458:25924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19034 comm="syz.2.5914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8ca2be969 code=0x7ffc0000
[  397.895952][   T29] audit: type=1326 audit(1746964471.458:25925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19034 comm="syz.2.5914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8ca2be969 code=0x7ffc0000
[  397.919556][   T29] audit: type=1326 audit(1746964471.458:25926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19034 comm="syz.2.5914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7fa8ca2be969 code=0x7ffc0000
[  397.943051][   T29] audit: type=1326 audit(1746964471.458:25927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19034 comm="syz.2.5914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8ca2be969 code=0x7ffc0000
[  397.966722][   T29] audit: type=1326 audit(1746964471.458:25928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19034 comm="syz.2.5914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa8ca2be969 code=0x7ffc0000
[  397.990322][   T29] audit: type=1326 audit(1746964471.458:25929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19034 comm="syz.2.5914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8ca2be969 code=0x7ffc0000
[  398.013883][   T29] audit: type=1326 audit(1746964471.458:25930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19034 comm="syz.2.5914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fa8ca2be969 code=0x7ffc0000
[  398.037497][   T29] audit: type=1326 audit(1746964471.458:25931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19034 comm="syz.2.5914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8ca2be969 code=0x7ffc0000
[  398.106602][T19032] netlink: 60 bytes leftover after parsing attributes in process `syz.0.5913'.
[  398.117831][T19032] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5913'.
[  398.181563][T19032] SELinux: failed to load policy
[  398.197964][T19049] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5917'.
[  398.362427][T19059] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5920'.
[  398.371501][T19059] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5920'.
[  398.419230][T19064] netlink: 'syz.0.5924': attribute type 13 has an invalid length.
[  398.446363][T19068] xt_CT: You must specify a L4 protocol and not use inversions on it
[  398.479013][T19059] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5920'.
[  398.529057][T19077] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5929'.
[  398.542605][T19059] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5920'.
[  398.629824][T19074] syzkaller0: entered promiscuous mode
[  398.635363][T19074] syzkaller0: entered allmulticast mode
[  399.388505][T19103] netlink: 'syz.1.5937': attribute type 13 has an invalid length.
[  399.647327][T19105] xfrm1: entered promiscuous mode
[  399.652445][T19105] xfrm1: entered allmulticast mode
[  399.835755][T19108] xt_CT: You must specify a L4 protocol and not use inversions on it
[  400.060281][T19114] hub 9-0:1.0: USB hub found
[  400.076180][T19114] hub 9-0:1.0: 8 ports detected
[  400.238104][T19125] loop4: detected capacity change from 0 to 1024
[  400.365984][T19115] lo speed is unknown, defaulting to 1000
[  400.612148][T19115] chnl_net:caif_netlink_parms(): no params data found
[  400.669003][T19115] bridge0: port 1(bridge_slave_0) entered blocking state
[  400.676243][T19115] bridge0: port 1(bridge_slave_0) entered disabled state
[  400.685871][T19115] bridge_slave_0: entered allmulticast mode
[  400.696861][T19115] bridge_slave_0: entered promiscuous mode
[  400.703783][T19115] bridge0: port 2(bridge_slave_1) entered blocking state
[  400.711424][T19115] bridge0: port 2(bridge_slave_1) entered disabled state
[  400.718726][T19115] bridge_slave_1: entered allmulticast mode
[  400.725339][T19115] bridge_slave_1: entered promiscuous mode
[  400.745171][T19115] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  400.759585][T19115] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  400.821822][T19115] team0: Port device team_slave_0 added
[  400.828496][T19115] team0: Port device team_slave_1 added
[  400.857307][T19159] xt_CT: You must specify a L4 protocol and not use inversions on it
[  400.870828][T19115] batman_adv: batadv0: Adding interface: batadv_slave_0
[  400.877858][T19115] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  400.903939][T19115] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  400.932342][T19163] FAULT_INJECTION: forcing a failure.
[  400.932342][T19163] name failslab, interval 1, probability 0, space 0, times 0
[  400.945112][T19163] CPU: 1 UID: 0 PID: 19163 Comm: syz.3.5953 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(voluntary) 
[  400.945142][T19163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  400.945156][T19163] Call Trace:
[  400.945163][T19163]  <TASK>
[  400.945171][T19163]  __dump_stack+0x1d/0x30
[  400.945194][T19163]  dump_stack_lvl+0xe8/0x140
[  400.945215][T19163]  dump_stack+0x15/0x1b
[  400.945274][T19163]  should_fail_ex+0x265/0x280
[  400.945323][T19163]  ? audit_log_d_path+0x8d/0x150
[  400.945354][T19163]  should_failslab+0x8c/0xb0
[  400.945402][T19163]  __kmalloc_cache_noprof+0x4c/0x320
[  400.945438][T19163]  audit_log_d_path+0x8d/0x150
[  400.945463][T19163]  audit_log_d_path_exe+0x42/0x70
[  400.945574][T19163]  audit_log_task+0x1e9/0x250
[  400.945657][T19163]  audit_seccomp+0x61/0x100
[  400.945677][T19163]  ? __seccomp_filter+0x68c/0x10d0
[  400.945744][T19163]  __seccomp_filter+0x69d/0x10d0
[  400.945768][T19163]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  400.945798][T19163]  ? vfs_write+0x75e/0x8d0
[  400.945832][T19163]  __secure_computing+0x82/0x150
[  400.945855][T19163]  syscall_trace_enter+0xcf/0x1e0
[  400.945991][T19163]  do_syscall_64+0xaa/0x1a0
[  400.946026][T19163]  ? clear_bhb_loop+0x25/0x80
[  400.946046][T19163]  ? clear_bhb_loop+0x25/0x80
[  400.946150][T19163]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  400.946174][T19163] RIP: 0033:0x7fc90e3fe969
[  400.946192][T19163] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  400.946293][T19163] RSP: 002b:00007fc90ca67038 EFLAGS: 00000246 ORIG_RAX: 000000000000004c
[  400.946345][T19163] RAX: ffffffffffffffda RBX: 00007fc90e625fa0 RCX: 00007fc90e3fe969
[  400.946359][T19163] RDX: 0000000000000000 RSI: 0000000003000000 RDI: 0000200000000900
[  400.946396][T19163] RBP: 00007fc90ca67090 R08: 0000000000000000 R09: 0000000000000000
[  400.946410][T19163] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  400.946424][T19163] R13: 0000000000000000 R14: 00007fc90e625fa0 R15: 00007ffc4d99c378
[  400.946507][T19163]  </TASK>
[  401.154882][T19115] batman_adv: batadv0: Adding interface: batadv_slave_1
[  401.161860][T19115] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  401.187856][T19115] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  401.235979][T19115] hsr_slave_0: entered promiscuous mode
[  401.244281][T19115] hsr_slave_1: entered promiscuous mode
[  401.250272][T19115] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  401.257847][T19115] Cannot create hsr debugfs directory
[  401.297284][T19169] loop4: detected capacity change from 0 to 256
[  401.313218][   T29] kauditd_printk_skb: 85 callbacks suppressed
[  401.313234][   T29] audit: type=1400 audit(1746964474.898:26017): avc:  denied  { connect } for  pid=19174 comm="syz.3.5957" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  401.339379][   T29] audit: type=1400 audit(1746964474.898:26018): avc:  denied  { name_connect } for  pid=19174 comm="syz.3.5957" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1
[  401.469026][T19182] FAULT_INJECTION: forcing a failure.
[  401.469026][T19182] name failslab, interval 1, probability 0, space 0, times 0
[  401.481801][T19182] CPU: 1 UID: 0 PID: 19182 Comm: syz.3.5960 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(voluntary) 
[  401.481832][T19182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  401.481846][T19182] Call Trace:
[  401.481853][T19182]  <TASK>
[  401.481861][T19182]  __dump_stack+0x1d/0x30
[  401.481881][T19182]  dump_stack_lvl+0xe8/0x140
[  401.481901][T19182]  dump_stack+0x15/0x1b
[  401.481919][T19182]  should_fail_ex+0x265/0x280
[  401.481957][T19182]  should_failslab+0x8c/0xb0
[  401.481988][T19182]  kmem_cache_alloc_noprof+0x50/0x310
[  401.482024][T19182]  ? vm_area_alloc+0x2c/0xb0
[  401.482048][T19182]  vm_area_alloc+0x2c/0xb0
[  401.482071][T19182]  mmap_region+0x81f/0x1470
[  401.482117][T19182]  do_mmap+0x9de/0xc20
[  401.482147][T19182]  vm_mmap_pgoff+0x17a/0x2e0
[  401.482174][T19182]  ksys_mmap_pgoff+0xc2/0x310
[  401.482199][T19182]  ? __x64_sys_mmap+0x49/0x70
[  401.482221][T19182]  x64_sys_call+0x1602/0x2fb0
[  401.482245][T19182]  do_syscall_64+0xd0/0x1a0
[  401.482269][T19182]  ? clear_bhb_loop+0x25/0x80
[  401.482290][T19182]  ? clear_bhb_loop+0x25/0x80
[  401.482314][T19182]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  401.482337][T19182] RIP: 0033:0x7fc90e3fe9a3
[  401.482353][T19182] Code: f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 89 ca 41 f7 c1 ff 0f 00 00 75 14 b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 25 c3 0f 1f 40 00 48 c7 c0 a8 ff ff ff 64 c7
[  401.482373][T19182] RSP: 002b:00007fc90ca66e18 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  401.482389][T19182] RAX: ffffffffffffffda RBX: 00000000000005fa RCX: 00007fc90e3fe9a3
[  401.482400][T19182] RDX: 0000000000000003 RSI: 0000000008400000 RDI: 0000000000000000
[  401.482411][T19182] RBP: 0000200000000602 R08: 00000000ffffffff R09: 0000000000000000
[  401.482421][T19182] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000004
[  401.482433][T19182] R13: 00007fc90ca66ef0 R14: 00007fc90ca66eb0 R15: 00002000000002c0
[  401.482453][T19182]  </TASK>
[  401.482693][   T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  401.728005][   T29] audit: type=1400 audit(1746964475.298:26019): avc:  denied  { mounton } for  pid=19186 comm="syz.0.5961" path="/syzcgroup/cpu/syz0/cgroup.procs" dev="cgroup" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=file permissive=1
[  401.894439][   T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  401.927101][   T51] bond0 (unregistering): Released all slaves
[  401.937496][T19198] xt_CT: You must specify a L4 protocol and not use inversions on it
[  402.005140][T19200] FAULT_INJECTION: forcing a failure.
[  402.005140][T19200] name failslab, interval 1, probability 0, space 0, times 0
[  402.017863][T19200] CPU: 0 UID: 0 PID: 19200 Comm: syz.3.5964 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(voluntary) 
[  402.017894][T19200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  402.017909][T19200] Call Trace:
[  402.017915][T19200]  <TASK>
[  402.017922][T19200]  __dump_stack+0x1d/0x30
[  402.017942][T19200]  dump_stack_lvl+0xe8/0x140
[  402.018025][T19200]  dump_stack+0x15/0x1b
[  402.018200][T19200]  should_fail_ex+0x265/0x280
[  402.018232][T19200]  should_failslab+0x8c/0xb0
[  402.018340][T19200]  kmem_cache_alloc_node_noprof+0x57/0x320
[  402.018384][T19200]  ? __alloc_skb+0x101/0x320
[  402.018421][T19200]  __alloc_skb+0x101/0x320
[  402.018515][T19200]  netlink_alloc_large_skb+0xba/0xf0
[  402.018553][T19200]  netlink_sendmsg+0x3cf/0x6b0
[  402.018586][T19200]  ? __pfx_netlink_sendmsg+0x10/0x10
[  402.018652][T19200]  __sock_sendmsg+0x142/0x180
[  402.018685][T19200]  ____sys_sendmsg+0x31e/0x4e0
[  402.018713][T19200]  ___sys_sendmsg+0x17b/0x1d0
[  402.018754][T19200]  __x64_sys_sendmsg+0xd4/0x160
[  402.018819][T19200]  x64_sys_call+0x2999/0x2fb0
[  402.018846][T19200]  do_syscall_64+0xd0/0x1a0
[  402.018874][T19200]  ? clear_bhb_loop+0x25/0x80
[  402.018936][T19200]  ? clear_bhb_loop+0x25/0x80
[  402.019027][T19200]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  402.019054][T19200] RIP: 0033:0x7fc90e3fe969
[  402.019072][T19200] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  402.019093][T19200] RSP: 002b:00007fc90ca67038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  402.019176][T19200] RAX: ffffffffffffffda RBX: 00007fc90e625fa0 RCX: 00007fc90e3fe969
[  402.019189][T19200] RDX: 0000000000040042 RSI: 0000200000000340 RDI: 0000000000000003
[  402.019216][T19200] RBP: 00007fc90ca67090 R08: 0000000000000000 R09: 0000000000000000
[  402.019231][T19200] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  402.019246][T19200] R13: 0000000000000000 R14: 00007fc90e625fa0 R15: 00007ffc4d99c378
[  402.019270][T19200]  </TASK>
[  402.311441][   T51] hsr_slave_0: left promiscuous mode
[  402.322803][   T51] hsr_slave_1: left promiscuous mode
[  402.334825][   T51] batman_adv: batadv0: Removing interface: dummy0
[  402.350072][   T51] batman_adv: batadv0: Removing interface: batadv_slave_0
[  402.365667][   T51] batman_adv: batadv0: Removing interface: batadv_slave_1
[  402.479777][T19206] FAULT_INJECTION: forcing a failure.
[  402.479777][T19206] name failslab, interval 1, probability 0, space 0, times 0
[  402.492523][T19206] CPU: 0 UID: 0 PID: 19206 Comm: syz.3.5967 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(voluntary) 
[  402.492554][T19206] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  402.492578][T19206] Call Trace:
[  402.492584][T19206]  <TASK>
[  402.492592][T19206]  __dump_stack+0x1d/0x30
[  402.492616][T19206]  dump_stack_lvl+0xe8/0x140
[  402.492638][T19206]  dump_stack+0x15/0x1b
[  402.492657][T19206]  should_fail_ex+0x265/0x280
[  402.492758][T19206]  should_failslab+0x8c/0xb0
[  402.492810][T19206]  kmem_cache_alloc_noprof+0x50/0x310
[  402.492925][T19206]  ? dst_alloc+0xbd/0x100
[  402.492966][T19206]  dst_alloc+0xbd/0x100
[  402.492994][T19206]  ip_route_output_key_hash_rcu+0xebb/0x13d0
[  402.493023][T19206]  ip_route_output_flow+0x7b/0x130
[  402.493044][T19206]  udp_sendmsg+0x118b/0x13a0
[  402.493095][T19206]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  402.493115][T19206]  ? avc_has_perm+0xd3/0x150
[  402.493151][T19206]  ? __pfx_udp_sendmsg+0x10/0x10
[  402.493219][T19206]  inet_sendmsg+0xac/0xd0
[  402.493244][T19206]  __sock_sendmsg+0x102/0x180
[  402.493271][T19206]  ____sys_sendmsg+0x345/0x4e0
[  402.493335][T19206]  ___sys_sendmsg+0x17b/0x1d0
[  402.493396][T19206]  __sys_sendmmsg+0x178/0x300
[  402.493441][T19206]  __x64_sys_sendmmsg+0x57/0x70
[  402.493484][T19206]  x64_sys_call+0x2f2f/0x2fb0
[  402.493504][T19206]  do_syscall_64+0xd0/0x1a0
[  402.493528][T19206]  ? clear_bhb_loop+0x25/0x80
[  402.493569][T19206]  ? clear_bhb_loop+0x25/0x80
[  402.493670][T19206]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  402.493693][T19206] RIP: 0033:0x7fc90e3fe969
[  402.493710][T19206] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  402.493732][T19206] RSP: 002b:00007fc90ca67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  402.493753][T19206] RAX: ffffffffffffffda RBX: 00007fc90e625fa0 RCX: 00007fc90e3fe969
[  402.493765][T19206] RDX: 000000000800001d RSI: 0000200000007fc0 RDI: 0000000000000005
[  402.493777][T19206] RBP: 00007fc90ca67090 R08: 0000000000000000 R09: 0000000000000000
[  402.493799][T19206] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  402.493810][T19206] R13: 0000000000000000 R14: 00007fc90e625fa0 R15: 00007ffc4d99c378
[  402.493849][T19206]  </TASK>
[  402.497052][   T51] team0 (unregistering): Port device team_slave_1 removed
[  402.799253][   T51] team0 (unregistering): Port device team_slave_0 removed
[  402.919394][T19219] veth0_vlan: entered allmulticast mode
[  402.939394][T19219] ªªªªªª: renamed from vlan0
[  403.028924][T19115] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  403.048622][T19115] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  403.059426][T19115] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  403.076654][T19115] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  403.159024][T19115] 8021q: adding VLAN 0 to HW filter on device bond0
[  403.200473][T19115] 8021q: adding VLAN 0 to HW filter on device team0
[  403.210592][T19233] xt_CT: You must specify a L4 protocol and not use inversions on it
[  403.229580][   T37] bridge0: port 1(bridge_slave_0) entered blocking state
[  403.236660][   T37] bridge0: port 1(bridge_slave_0) entered forwarding state
[  403.259811][   T37] bridge0: port 2(bridge_slave_1) entered blocking state
[  403.266947][   T37] bridge0: port 2(bridge_slave_1) entered forwarding state
[  403.326237][T19115] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  403.418432][T19246] netlink: 'syz.4.5980': attribute type 13 has an invalid length.
[  403.452290][T19115] 8021q: adding VLAN 0 to HW filter on device batadv0
[  403.518251][T19256] FAULT_INJECTION: forcing a failure.
[  403.518251][T19256] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  403.531582][T19256] CPU: 1 UID: 0 PID: 19256 Comm: syz.3.5982 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(voluntary) 
[  403.531700][T19256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  403.531716][T19256] Call Trace:
[  403.531721][T19256]  <TASK>
[  403.531729][T19256]  __dump_stack+0x1d/0x30
[  403.531784][T19256]  dump_stack_lvl+0xe8/0x140
[  403.531803][T19256]  dump_stack+0x15/0x1b
[  403.531819][T19256]  should_fail_ex+0x265/0x280
[  403.531907][T19256]  should_fail+0xb/0x20
[  403.531933][T19256]  should_fail_usercopy+0x1a/0x20
[  403.532028][T19256]  _copy_from_user+0x1c/0xb0
[  403.532053][T19256]  sg_new_write+0x71a/0x890
[  403.532175][T19256]  sg_ioctl+0xb81/0x1360
[  403.532210][T19256]  ? __pfx_sg_ioctl+0x10/0x10
[  403.532233][T19256]  __se_sys_ioctl+0xcb/0x140
[  403.532254][T19256]  __x64_sys_ioctl+0x43/0x50
[  403.532272][T19256]  x64_sys_call+0x19a8/0x2fb0
[  403.532330][T19256]  do_syscall_64+0xd0/0x1a0
[  403.532351][T19256]  ? clear_bhb_loop+0x25/0x80
[  403.532400][T19256]  ? clear_bhb_loop+0x25/0x80
[  403.532424][T19256]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  403.532444][T19256] RIP: 0033:0x7fc90e3fe969
[  403.532458][T19256] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  403.532479][T19256] RSP: 002b:00007fc90ca67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  403.532535][T19256] RAX: ffffffffffffffda RBX: 00007fc90e625fa0 RCX: 00007fc90e3fe969
[  403.532550][T19256] RDX: 0000200000000040 RSI: 0000000000002285 RDI: 0000000000000008
[  403.532582][T19256] RBP: 00007fc90ca67090 R08: 0000000000000000 R09: 0000000000000000
[  403.532593][T19256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  403.532606][T19256] R13: 0000000000000000 R14: 00007fc90e625fa0 R15: 00007ffc4d99c378
[  403.532627][T19256]  </TASK>
[  403.766532][T19115] veth0_vlan: entered promiscuous mode
[  403.774557][T19115] veth1_vlan: entered promiscuous mode
[  403.798844][T19115] veth0_macvtap: entered promiscuous mode
[  403.805956][T19250] lo speed is unknown, defaulting to 1000
[  403.806474][T19115] veth1_macvtap: entered promiscuous mode
[  403.840072][T19115] batman_adv: batadv0: Interface activated: batadv_slave_0
[  403.854740][T19115] batman_adv: batadv0: Interface activated: batadv_slave_1
[  403.884574][T19115] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  403.893474][T19115] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  403.902234][T19115] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  403.910967][T19115] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  403.984326][T19273] xt_CT: You must specify a L4 protocol and not use inversions on it
[  404.050706][T19276] __nla_validate_parse: 9 callbacks suppressed
[  404.050720][T19276] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5941'.
[  404.104347][T19285] loop4: detected capacity change from 0 to 2048
[  404.429147][T19306] lo speed is unknown, defaulting to 1000
[  404.835976][T19316] xt_CT: You must specify a L4 protocol and not use inversions on it
[  405.193782][T19320] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6002'.
[  405.351664][T19330] loop4: detected capacity change from 0 to 1024
[  405.372059][T19298] lo speed is unknown, defaulting to 1000
[  405.378573][T19330] EXT4-fs: dax option not supported
[  405.393712][T19336] netlink: 36 bytes leftover after parsing attributes in process `syz.0.6007'.
[  405.400109][T19335] netlink: 'syz.1.6008': attribute type 13 has an invalid length.
[  405.402755][T19336] netlink: 16 bytes leftover after parsing attributes in process `syz.0.6007'.
[  405.419511][T19336] netlink: 36 bytes leftover after parsing attributes in process `syz.0.6007'.
[  405.439284][T19330] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6003'.
[  405.499075][T19336] netlink: 36 bytes leftover after parsing attributes in process `syz.0.6007'.
[  405.533255][T19335] bridge0: port 2(bridge_slave_1) entered disabled state
[  405.540551][T19335] bridge0: port 1(bridge_slave_0) entered disabled state
[  405.630777][T19335] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  405.649828][T19335] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  405.707697][T19335] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  405.716902][T19335] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  405.726072][T19335] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  405.735022][T19335] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  405.906398][T19341] batadv1: entered allmulticast mode
[  405.930100][T19341] 8021q: adding VLAN 0 to HW filter on device batadv1
[  405.952313][T19353] FAULT_INJECTION: forcing a failure.
[  405.952313][T19353] name failslab, interval 1, probability 0, space 0, times 0
[  405.965087][T19353] CPU: 1 UID: 0 PID: 19353 Comm: syz.2.6013 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(voluntary) 
[  405.965202][T19353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  405.965262][T19353] Call Trace:
[  405.965270][T19353]  <TASK>
[  405.965278][T19353]  __dump_stack+0x1d/0x30
[  405.965301][T19353]  dump_stack_lvl+0xe8/0x140
[  405.965345][T19353]  dump_stack+0x15/0x1b
[  405.965369][T19353]  should_fail_ex+0x265/0x280
[  405.965407][T19353]  ? getname_flags+0x208/0x3b0
[  405.965467][T19353]  should_failslab+0x8c/0xb0
[  405.965500][T19353]  __kmalloc_cache_noprof+0x4c/0x320
[  405.965527][T19353]  getname_flags+0x208/0x3b0
[  405.965558][T19353]  __x64_sys_unlink+0x21/0x40
[  405.965580][T19353]  x64_sys_call+0x22a6/0x2fb0
[  405.965624][T19353]  do_syscall_64+0xd0/0x1a0
[  405.965673][T19353]  ? clear_bhb_loop+0x25/0x80
[  405.965698][T19353]  ? clear_bhb_loop+0x25/0x80
[  405.965721][T19353]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  405.965754][T19353] RIP: 0033:0x7fa8ca2be969
[  405.965782][T19353] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  405.965802][T19353] RSP: 002b:00007fa8c8927038 EFLAGS: 00000246 ORIG_RAX: 0000000000000057
[  405.965818][T19353] RAX: ffffffffffffffda RBX: 00007fa8ca4e5fa0 RCX: 00007fa8ca2be969
[  405.965829][T19353] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000
[  405.965908][T19353] RBP: 00007fa8c8927090 R08: 0000000000000000 R09: 0000000000000000
[  405.965921][T19353] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  405.965936][T19353] R13: 0000000000000000 R14: 00007fa8ca4e5fa0 R15: 00007ffc731081d8
[  405.965954][T19353]  </TASK>
[  406.228846][T19357] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6014'.
[  406.303671][   T29] audit: type=1326 audit(1746964479.888:26020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19362 comm="syz.0.6018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60ef86e969 code=0x7ffc0000
[  406.327316][   T29] audit: type=1326 audit(1746964479.888:26021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19362 comm="syz.0.6018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60ef86e969 code=0x7ffc0000
[  406.351009][   T29] audit: type=1326 audit(1746964479.888:26022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19362 comm="syz.0.6018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=274 compat=0 ip=0x7f60ef86e969 code=0x7ffc0000
[  406.374871][   T29] audit: type=1326 audit(1746964479.888:26023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19362 comm="syz.0.6018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60ef86e969 code=0x7ffc0000
[  406.420498][   T29] audit: type=1326 audit(1746964479.888:26024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19362 comm="syz.0.6018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60ef86e969 code=0x7ffc0000
[  406.444149][   T29] audit: type=1326 audit(1746964479.888:26025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19362 comm="syz.0.6018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f60ef86e969 code=0x7ffc0000
[  406.467854][   T29] audit: type=1326 audit(1746964479.888:26026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19362 comm="syz.0.6018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60ef86e969 code=0x7ffc0000
[  406.491501][   T29] audit: type=1326 audit(1746964479.888:26027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19362 comm="syz.0.6018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60ef86e969 code=0x7ffc0000
[  406.515162][   T29] audit: type=1326 audit(1746964479.888:26028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19362 comm="syz.0.6018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f60ef86e969 code=0x7ffc0000
[  406.538862][   T29] audit: type=1326 audit(1746964479.888:26029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19362 comm="syz.0.6018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60ef86e969 code=0x7ffc0000
[  406.565919][   T29] audit: type=1326 audit(1746964479.898:26030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19362 comm="syz.0.6018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f60ef86e969 code=0x7ffc0000
[  406.632779][T19366] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6019'.
[  406.643318][T19368] netlink: 'syz.0.6020': attribute type 27 has an invalid length.
[  406.668959][T19368] 8021q: adding VLAN 0 to HW filter on device bond0
[  406.680875][T19368] 8021q: adding VLAN 0 to HW filter on device team0
[  406.691851][T19368] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  406.710405][T19371] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6020'.
[  406.829983][T19388] netlink: 'syz.0.6027': attribute type 13 has an invalid length.
[  407.012757][T19408] SELinux: syz.0.6035 (19408) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  407.055643][T19411] loop4: detected capacity change from 0 to 1024
[  407.092852][T19411] EXT4-fs: dax option not supported
[  407.980671][T19450] FAULT_INJECTION: forcing a failure.
[  407.980671][T19450] name failslab, interval 1, probability 0, space 0, times 0
[  407.980732][T19450] CPU: 1 UID: 0 PID: 19450 Comm: syz.0.6051 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(voluntary) 
[  407.980762][T19450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  407.980777][T19450] Call Trace:
[  407.980854][T19450]  <TASK>
[  407.980862][T19450]  __dump_stack+0x1d/0x30
[  407.980898][T19450]  dump_stack_lvl+0xe8/0x140
[  407.980939][T19450]  dump_stack+0x15/0x1b
[  407.980957][T19450]  should_fail_ex+0x265/0x280
[  407.980992][T19450]  should_failslab+0x8c/0xb0
[  407.981095][T19450]  __kmalloc_noprof+0xa5/0x3e0
[  407.981130][T19450]  ? nla_strdup+0x78/0xc0
[  407.981154][T19450]  nla_strdup+0x78/0xc0
[  407.981176][T19450]  nf_tables_newtable+0x3ba/0xea0
[  407.981261][T19450]  nfnetlink_rcv+0xb96/0x1690
[  407.981393][T19450]  netlink_unicast+0x59e/0x670
[  407.981450][T19450]  netlink_sendmsg+0x58b/0x6b0
[  407.981521][T19450]  ? __pfx_netlink_sendmsg+0x10/0x10
[  407.981558][T19450]  __sock_sendmsg+0x142/0x180
[  407.981594][T19450]  ____sys_sendmsg+0x31e/0x4e0
[  407.981616][T19450]  ___sys_sendmsg+0x17b/0x1d0
[  407.981709][T19450]  __x64_sys_sendmsg+0xd4/0x160
[  407.981728][T19450]  x64_sys_call+0x2999/0x2fb0
[  407.981748][T19450]  do_syscall_64+0xd0/0x1a0
[  407.981771][T19450]  ? clear_bhb_loop+0x25/0x80
[  407.981843][T19450]  ? clear_bhb_loop+0x25/0x80
[  407.981863][T19450]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  407.981887][T19450] RIP: 0033:0x7f60ef86e969
[  407.981902][T19450] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  407.981923][T19450] RSP: 002b:00007f60eded7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  407.981942][T19450] RAX: ffffffffffffffda RBX: 00007f60efa95fa0 RCX: 00007f60ef86e969
[  407.981995][T19450] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  407.982005][T19450] RBP: 00007f60eded7090 R08: 0000000000000000 R09: 0000000000000000
[  407.982064][T19450] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  407.982078][T19450] R13: 0000000000000000 R14: 00007f60efa95fa0 R15: 00007ffc7cd8a578
[  407.982099][T19450]  </TASK>
[  408.776628][T19472] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  408.785269][T19472] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  408.817195][T19476] netlink: 'syz.4.6061': attribute type 13 has an invalid length.
[  408.845759][T19478] loop4: detected capacity change from 0 to 512
[  408.852978][T19478] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  408.878089][T19478] EXT4-fs (loop4): 1 truncate cleaned up
[  408.939309][T19478] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  408.960828][T19478] EXT4-fs (loop4): shut down requested (2)
[  409.004102][T19478] SELinux: syz.4.6062 (19478) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  409.028010][T19478] FAULT_INJECTION: forcing a failure.
[  409.028010][T19478] name failslab, interval 1, probability 0, space 0, times 0
[  409.040880][T19478] CPU: 1 UID: 0 PID: 19478 Comm: syz.4.6062 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(voluntary) 
[  409.040927][T19478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  409.040941][T19478] Call Trace:
[  409.040948][T19478]  <TASK>
[  409.040957][T19478]  __dump_stack+0x1d/0x30
[  409.040975][T19478]  dump_stack_lvl+0xe8/0x140
[  409.040992][T19478]  dump_stack+0x15/0x1b
[  409.041006][T19478]  should_fail_ex+0x265/0x280
[  409.041102][T19478]  should_failslab+0x8c/0xb0
[  409.041198][T19478]  __kmalloc_noprof+0xa5/0x3e0
[  409.041216][T19478]  ? sel_write_user+0x197/0x440
[  409.041234][T19478]  sel_write_user+0x197/0x440
[  409.041274][T19478]  selinux_transaction_write+0xc3/0x110
[  409.041312][T19478]  ? __pfx_selinux_transaction_write+0x10/0x10
[  409.041408][T19478]  vfs_write+0x266/0x8d0
[  409.041435][T19478]  ? kmem_cache_free+0xdd/0x2f0
[  409.041458][T19478]  ? putname+0xda/0x100
[  409.041493][T19478]  ksys_write+0xda/0x1a0
[  409.041519][T19478]  __x64_sys_write+0x40/0x50
[  409.041541][T19478]  x64_sys_call+0x2cdd/0x2fb0
[  409.041566][T19478]  do_syscall_64+0xd0/0x1a0
[  409.041588][T19478]  ? clear_bhb_loop+0x25/0x80
[  409.041612][T19478]  ? clear_bhb_loop+0x25/0x80
[  409.041650][T19478]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  409.041668][T19478] RIP: 0033:0x7f6d4f69e969
[  409.041681][T19478] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  409.041701][T19478] RSP: 002b:00007f6d4dd07038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  409.041718][T19478] RAX: ffffffffffffffda RBX: 00007f6d4f8c5fa0 RCX: 00007f6d4f69e969
[  409.041798][T19478] RDX: 0000000000000027 RSI: 0000200000000040 RDI: 0000000000000007
[  409.041812][T19478] RBP: 00007f6d4dd07090 R08: 0000000000000000 R09: 0000000000000000
[  409.041824][T19478] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  409.041835][T19478] R13: 0000000000000000 R14: 00007f6d4f8c5fa0 R15: 00007ffe1c57c208
[  409.041851][T19478]  </TASK>
[  409.251921][T19486] netlink: 'syz.3.6064': attribute type 13 has an invalid length.
[  409.316622][T19492] __nla_validate_parse: 21 callbacks suppressed
[  409.316643][T19492] netlink: 72 bytes leftover after parsing attributes in process `syz.2.6067'.
[  409.505389][T12065] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  409.591349][T19504] lo speed is unknown, defaulting to 1000
[  409.743097][T19510] netlink: 'syz.1.6074': attribute type 13 has an invalid length.
[  410.167874][T19516] FAULT_INJECTION: forcing a failure.
[  410.167874][T19516] name failslab, interval 1, probability 0, space 0, times 0
[  410.180602][T19516] CPU: 0 UID: 0 PID: 19516 Comm: syz.4.6072 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(voluntary) 
[  410.180631][T19516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  410.180656][T19516] Call Trace:
[  410.180717][T19516]  <TASK>
[  410.180746][T19516]  __dump_stack+0x1d/0x30
[  410.180771][T19516]  dump_stack_lvl+0xe8/0x140
[  410.180795][T19516]  dump_stack+0x15/0x1b
[  410.180816][T19516]  should_fail_ex+0x265/0x280
[  410.180850][T19516]  ? smc_pnet_add+0x2bb/0xd30
[  410.180948][T19516]  should_failslab+0x8c/0xb0
[  410.180976][T19516]  __kmalloc_cache_noprof+0x4c/0x320
[  410.180997][T19516]  smc_pnet_add+0x2bb/0xd30
[  410.181029][T19516]  ? __nla_parse+0x40/0x60
[  410.181099][T19516]  ? genl_family_rcv_msg_attrs_parse+0x150/0x190
[  410.181262][T19516]  genl_family_rcv_msg_doit+0x140/0x1b0
[  410.181345][T19516]  genl_rcv_msg+0x422/0x460
[  410.181378][T19516]  ? __pfx_smc_pnet_add+0x10/0x10
[  410.181408][T19516]  netlink_rcv_skb+0x120/0x220
[  410.181435][T19516]  ? __pfx_genl_rcv_msg+0x10/0x10
[  410.181467][T19516]  genl_rcv+0x28/0x40
[  410.181525][T19516]  netlink_unicast+0x59e/0x670
[  410.181558][T19516]  netlink_sendmsg+0x58b/0x6b0
[  410.181589][T19516]  ? __pfx_netlink_sendmsg+0x10/0x10
[  410.181641][T19516]  __sock_sendmsg+0x142/0x180
[  410.181750][T19516]  ____sys_sendmsg+0x31e/0x4e0
[  410.181775][T19516]  ___sys_sendmsg+0x17b/0x1d0
[  410.181803][T19516]  __x64_sys_sendmsg+0xd4/0x160
[  410.181823][T19516]  x64_sys_call+0x2999/0x2fb0
[  410.181848][T19516]  do_syscall_64+0xd0/0x1a0
[  410.181915][T19516]  ? clear_bhb_loop+0x25/0x80
[  410.181934][T19516]  ? clear_bhb_loop+0x25/0x80
[  410.181952][T19516]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  410.181972][T19516] RIP: 0033:0x7f6d4f69e969
[  410.182062][T19516] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  410.182085][T19516] RSP: 002b:00007f6d4dd07038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  410.182158][T19516] RAX: ffffffffffffffda RBX: 00007f6d4f8c5fa0 RCX: 00007f6d4f69e969
[  410.182168][T19516] RDX: 000000000000c800 RSI: 00002000000001c0 RDI: 0000000000000004
[  410.182180][T19516] RBP: 00007f6d4dd07090 R08: 0000000000000000 R09: 0000000000000000
[  410.182193][T19516] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  410.182207][T19516] R13: 0000000000000000 R14: 00007f6d4f8c5fa0 R15: 00007ffe1c57c208
[  410.182282][T19516]  </TASK>
[  410.603857][T19521] netlink: 36 bytes leftover after parsing attributes in process `syz.2.6077'.
[  410.612877][T19521] netlink: 16 bytes leftover after parsing attributes in process `syz.2.6077'.
[  410.621879][T19521] netlink: 36 bytes leftover after parsing attributes in process `syz.2.6077'.
[  410.651324][T19521] netlink: 36 bytes leftover after parsing attributes in process `syz.2.6077'.
[  410.689135][T19532] xt_CT: You must specify a L4 protocol and not use inversions on it
[  410.735327][T19537] xt_CT: You must specify a L4 protocol and not use inversions on it
[  410.930347][T19548] FAULT_INJECTION: forcing a failure.
[  410.930347][T19548] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  410.943518][T19548] CPU: 0 UID: 0 PID: 19548 Comm: syz.4.6090 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(voluntary) 
[  410.943554][T19548] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  410.943570][T19548] Call Trace:
[  410.943579][T19548]  <TASK>
[  410.943588][T19548]  __dump_stack+0x1d/0x30
[  410.943643][T19548]  dump_stack_lvl+0xe8/0x140
[  410.943666][T19548]  dump_stack+0x15/0x1b
[  410.943686][T19548]  should_fail_ex+0x265/0x280
[  410.943725][T19548]  should_fail+0xb/0x20
[  410.943869][T19548]  should_fail_usercopy+0x1a/0x20
[  410.943892][T19548]  _copy_from_iter+0xcf/0xdd0
[  410.943915][T19548]  ? __build_skb_around+0x1a0/0x200
[  410.943953][T19548]  ? __alloc_skb+0x223/0x320
[  410.944057][T19548]  netlink_sendmsg+0x471/0x6b0
[  410.944102][T19548]  ? __pfx_netlink_sendmsg+0x10/0x10
[  410.944144][T19548]  __sock_sendmsg+0x142/0x180
[  410.944176][T19548]  ____sys_sendmsg+0x31e/0x4e0
[  410.944216][T19548]  ___sys_sendmsg+0x17b/0x1d0
[  410.944257][T19548]  __x64_sys_sendmsg+0xd4/0x160
[  410.944287][T19548]  x64_sys_call+0x2999/0x2fb0
[  410.944423][T19548]  do_syscall_64+0xd0/0x1a0
[  410.944451][T19548]  ? clear_bhb_loop+0x25/0x80
[  410.944501][T19548]  ? clear_bhb_loop+0x25/0x80
[  410.944529][T19548]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  410.944556][T19548] RIP: 0033:0x7f6d4f69e969
[  410.944575][T19548] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  410.944597][T19548] RSP: 002b:00007f6d4dd07038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  410.944665][T19548] RAX: ffffffffffffffda RBX: 00007f6d4f8c5fa0 RCX: 00007f6d4f69e969
[  410.944680][T19548] RDX: 0000000000000000 RSI: 0000200000000780 RDI: 0000000000000006
[  410.944696][T19548] RBP: 00007f6d4dd07090 R08: 0000000000000000 R09: 0000000000000000
[  410.944710][T19548] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  410.944726][T19548] R13: 0000000000000000 R14: 00007f6d4f8c5fa0 R15: 00007ffe1c57c208
[  410.944749][T19548]  </TASK>
[  411.165324][T19550] xt_hashlimit: max too large, truncated to 1048576
[  411.189386][T19550] Cannot find set identified by id 0 to match
[  411.202302][T19554] netlink: 232 bytes leftover after parsing attributes in process `syz.3.6092'.
[  411.291920][T19559] program syz.3.6096 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  411.312868][T19564] xt_CT: You must specify a L4 protocol and not use inversions on it
[  411.395070][T19560] lo speed is unknown, defaulting to 1000
[  411.407359][   T29] kauditd_printk_skb: 122 callbacks suppressed
[  411.407386][   T29] audit: type=1326 audit(1746964484.988:26153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19573 comm="syz.3.6100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc90e3fe969 code=0x7ffc0000
[  411.485689][   T29] audit: type=1326 audit(1746964485.018:26154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19573 comm="syz.3.6100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc90e3fe969 code=0x7ffc0000
[  411.509430][   T29] audit: type=1326 audit(1746964485.018:26155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19573 comm="syz.3.6100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc90e3fe969 code=0x7ffc0000
[  411.533257][   T29] audit: type=1326 audit(1746964485.028:26156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19573 comm="syz.3.6100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc90e3fe969 code=0x7ffc0000
[  411.556944][   T29] audit: type=1326 audit(1746964485.028:26157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19573 comm="syz.3.6100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc90e3fe969 code=0x7ffc0000
[  411.580727][   T29] audit: type=1326 audit(1746964485.028:26158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19573 comm="syz.3.6100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc90e3fe969 code=0x7ffc0000
[  411.604346][   T29] audit: type=1326 audit(1746964485.028:26159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19573 comm="syz.3.6100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc90e3fe969 code=0x7ffc0000
[  411.627939][   T29] audit: type=1326 audit(1746964485.028:26160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19573 comm="syz.3.6100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fc90e3fe969 code=0x7ffc0000
[  411.651450][   T29] audit: type=1326 audit(1746964485.028:26161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19573 comm="syz.3.6100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc90e3fe969 code=0x7ffc0000
[  411.675039][   T29] audit: type=1326 audit(1746964485.028:26162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19573 comm="syz.3.6100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=199 compat=0 ip=0x7fc90e3fe969 code=0x7ffc0000
[  411.739207][T19582] netlink: 14 bytes leftover after parsing attributes in process `syz.3.6100'.
[  411.872365][T19582] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  411.881659][T19582] bond_slave_0: left promiscuous mode
[  411.889147][T19593] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=19593 comm=syz.1.6105
[  411.909840][T19582] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  411.970280][T19582] bond_slave_1: left promiscuous mode
[  411.979978][T19582] bond0 (unregistering): Released all slaves
[  412.001826][T19560] chnl_net:caif_netlink_parms(): no params data found
[  412.083190][T19560] bridge0: port 1(bridge_slave_0) entered blocking state
[  412.090384][T19560] bridge0: port 1(bridge_slave_0) entered disabled state
[  412.097605][T19560] bridge_slave_0: entered allmulticast mode
[  412.104148][T19560] bridge_slave_0: entered promiscuous mode
[  412.111515][T19560] bridge0: port 2(bridge_slave_1) entered blocking state
[  412.118621][T19560] bridge0: port 2(bridge_slave_1) entered disabled state
[  412.126118][T19560] bridge_slave_1: entered allmulticast mode
[  412.132693][T19560] bridge_slave_1: entered promiscuous mode
[  412.151346][T19560] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  412.162308][T19560] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  412.184628][T19560] team0: Port device team_slave_0 added
[  412.192700][T19560] team0: Port device team_slave_1 added
[  412.199748][T19603] xt_CT: You must specify a L4 protocol and not use inversions on it
[  412.215030][T19560] batman_adv: batadv0: Adding interface: batadv_slave_0
[  412.222122][T19560] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  412.248108][T19560] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  412.260037][T19560] batman_adv: batadv0: Adding interface: batadv_slave_1
[  412.267011][T19560] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  412.292982][T19560] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  412.312792][T19606] netlink: 36 bytes leftover after parsing attributes in process `syz.3.6108'.
[  412.321824][T19606] netlink: 16 bytes leftover after parsing attributes in process `syz.3.6108'.
[  412.330795][T19606] netlink: 36 bytes leftover after parsing attributes in process `syz.3.6108'.
[  412.347306][T19560] hsr_slave_0: entered promiscuous mode
[  412.353369][T19560] hsr_slave_1: entered promiscuous mode
[  412.359374][T19560] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  412.367017][T19560] Cannot create hsr debugfs directory
[  412.457494][   T31] bond0 (unregistering): (slave batadv0): Releasing backup interface
[  412.466165][   T31] bond0 (unregistering): Released all slaves
[  412.474756][   T31] bond1 (unregistering): Released all slaves
[  412.483175][   T31] bond2 (unregistering): Released all slaves
[  412.668752][   T31] hsr_slave_0: left promiscuous mode
[  412.675204][   T31] hsr_slave_1: left promiscuous mode
[  412.755549][T19618] geneve0: entered allmulticast mode
[  412.800694][T19620] team0: Port device team_slave_1 removed
[  412.851591][T19629] xt_CT: You must specify a L4 protocol and not use inversions on it
[  412.921175][T19633] xt_CT: You must specify a L4 protocol and not use inversions on it
[  413.035283][T19560] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  413.044335][T19560] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  413.052941][T19560] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  413.063314][T19560] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  413.101483][T19560] 8021q: adding VLAN 0 to HW filter on device bond0
[  413.115553][T19560] 8021q: adding VLAN 0 to HW filter on device team0
[  413.127394][ T3722] bridge0: port 1(bridge_slave_0) entered blocking state
[  413.134577][ T3722] bridge0: port 1(bridge_slave_0) entered forwarding state
[  413.145693][ T3722] bridge0: port 2(bridge_slave_1) entered blocking state
[  413.152794][ T3722] bridge0: port 2(bridge_slave_1) entered forwarding state
[  413.293024][T19560] 8021q: adding VLAN 0 to HW filter on device batadv0
[  413.455262][T19560] veth0_vlan: entered promiscuous mode
[  413.463486][T19560] veth1_vlan: entered promiscuous mode
[  413.479399][T19560] veth0_macvtap: entered promiscuous mode
[  413.486501][T19560] veth1_macvtap: entered promiscuous mode
[  413.497588][T19560] batman_adv: batadv0: Interface activated: batadv_slave_0
[  413.508348][T19560] batman_adv: batadv0: Interface activated: batadv_slave_1
[  413.523635][T19560] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  413.532433][T19560] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  413.541196][T19560] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  413.549945][T19560] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  413.664248][T19674] xt_CT: You must specify a L4 protocol and not use inversions on it
[  414.419862][T19710] netlink: 'syz.3.6140': attribute type 13 has an invalid length.
[  414.435794][T19709] xt_CT: You must specify a L4 protocol and not use inversions on it
[  414.676230][T19717] loop4: detected capacity change from 0 to 128
[  415.350596][T19727] __nla_validate_parse: 7 callbacks suppressed
[  415.350647][T19727] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6147'.
[  415.365790][T19727] netlink: 200 bytes leftover after parsing attributes in process `syz.1.6147'.
[  415.869682][T19743] netlink: 'syz.2.6153': attribute type 13 has an invalid length.
[  415.952647][T19745] netlink: 36 bytes leftover after parsing attributes in process `syz.4.6154'.
[  415.961676][T19745] netlink: 16 bytes leftover after parsing attributes in process `syz.4.6154'.
[  415.970689][T19745] netlink: 36 bytes leftover after parsing attributes in process `syz.4.6154'.
[  415.995462][T19747] FAULT_INJECTION: forcing a failure.
[  415.995462][T19747] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  416.008769][T19747] CPU: 0 UID: 0 PID: 19747 Comm: syz.2.6155 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(voluntary) 
[  416.008841][T19747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  416.008857][T19747] Call Trace:
[  416.008870][T19747]  <TASK>
[  416.008880][T19747]  __dump_stack+0x1d/0x30
[  416.008905][T19747]  dump_stack_lvl+0xe8/0x140
[  416.008930][T19747]  dump_stack+0x15/0x1b
[  416.008949][T19747]  should_fail_ex+0x265/0x280
[  416.009001][T19747]  should_fail+0xb/0x20
[  416.009036][T19747]  should_fail_usercopy+0x1a/0x20
[  416.009055][T19747]  strncpy_from_user+0x25/0x230
[  416.009082][T19747]  strncpy_from_user_nofault+0x68/0xf0
[  416.009192][T19747]  bpf_probe_read_compat_str+0xb4/0x130
[  416.009232][T19747]  bpf_prog_d73d3bb03d5a037f+0x3e/0x40
[  416.009330][T19747]  bpf_trace_run2+0x104/0x1c0
[  416.009396][T19747]  ? memdup_user+0x7d/0xd0
[  416.009472][T19747]  ? memdup_user+0x7d/0xd0
[  416.009491][T19747]  __traceiter_kfree+0x2b/0x50
[  416.009523][T19747]  ? memdup_user+0x7d/0xd0
[  416.009539][T19747]  kfree+0x26f/0x310
[  416.009646][T19747]  memdup_user+0x7d/0xd0
[  416.009667][T19747]  io_parse_restrictions+0x56/0x210
[  416.009856][T19747]  io_register_restrictions+0x81/0xc0
[  416.009970][T19747]  __se_sys_io_uring_register+0xd72/0xeb0
[  416.010000][T19747]  ? fput+0x8f/0xc0
[  416.010019][T19747]  ? ksys_write+0x16e/0x1a0
[  416.010048][T19747]  __x64_sys_io_uring_register+0x55/0x70
[  416.010118][T19747]  x64_sys_call+0xc91/0x2fb0
[  416.010143][T19747]  do_syscall_64+0xd0/0x1a0
[  416.010212][T19747]  ? clear_bhb_loop+0x25/0x80
[  416.010311][T19747]  ? clear_bhb_loop+0x25/0x80
[  416.010336][T19747]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  416.010360][T19747] RIP: 0033:0x7fa8ca2be969
[  416.010376][T19747] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  416.010396][T19747] RSP: 002b:00007fa8c8927038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab
[  416.010416][T19747] RAX: ffffffffffffffda RBX: 00007fa8ca4e5fa0 RCX: 00007fa8ca2be969
[  416.010467][T19747] RDX: 0000200000000480 RSI: 000000000000000b RDI: 0000000000000003
[  416.010479][T19747] RBP: 00007fa8c8927090 R08: 0000000000000000 R09: 0000000000000000
[  416.010492][T19747] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[  416.010506][T19747] R13: 0000000000000000 R14: 00007fa8ca4e5fa0 R15: 00007ffc731081d8
[  416.010596][T19747]  </TASK>
[  416.133097][T19735] lo speed is unknown, defaulting to 1000
[  416.169129][T19745] netlink: 36 bytes leftover after parsing attributes in process `syz.4.6154'.
[  416.505544][   T29] kauditd_printk_skb: 299 callbacks suppressed
[  416.505562][   T29] audit: type=1400 audit(1746964490.088:26460): avc:  denied  { getopt } for  pid=19760 comm="syz.0.6160" lport=48 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  416.559237][   T29] audit: type=1326 audit(1746964490.118:26461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19758 comm="syz.3.6159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc90e3fe969 code=0x7ffc0000
[  416.583018][   T29] audit: type=1326 audit(1746964490.118:26462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19758 comm="syz.3.6159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc90e3fe969 code=0x7ffc0000
[  416.606713][   T29] audit: type=1326 audit(1746964490.128:26463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19758 comm="syz.3.6159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=76 compat=0 ip=0x7fc90e3fe969 code=0x7ffc0000
[  416.630224][   T29] audit: type=1326 audit(1746964490.128:26464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19758 comm="syz.3.6159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc90e3fe969 code=0x7ffc0000
[  416.653880][   T29] audit: type=1326 audit(1746964490.128:26465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19758 comm="syz.3.6159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fc90e3fe969 code=0x7ffc0000
[  416.663163][T19763] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6161'.
[  416.677373][   T29] audit: type=1326 audit(1746964490.128:26466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19758 comm="syz.3.6159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc90e3fe969 code=0x7ffc0000
[  416.709910][   T29] audit: type=1326 audit(1746964490.128:26467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19758 comm="syz.3.6159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7fc90e3fe969 code=0x7ffc0000
[  416.733501][   T29] audit: type=1326 audit(1746964490.128:26468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19758 comm="syz.3.6159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc90e3fe969 code=0x7ffc0000
[  416.757078][   T29] audit: type=1326 audit(1746964490.128:26469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19758 comm="syz.3.6159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc90e3fe969 code=0x7ffc0000
[  416.878265][T19769] netlink: 'syz.3.6163': attribute type 13 has an invalid length.
[  416.947847][T19773] block device autoloading is deprecated and will be removed.
[  417.097125][T19782] ip6gretap1: entered allmulticast mode
[  417.185499][T19790] netlink: 36 bytes leftover after parsing attributes in process `syz.1.6168'.
[  417.194578][T19790] netlink: 16 bytes leftover after parsing attributes in process `syz.1.6168'.
[  417.203656][T19790] netlink: 36 bytes leftover after parsing attributes in process `syz.1.6168'.
[  417.254591][T19792] loop4: detected capacity change from 0 to 512
[  417.342109][T19792] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  417.355153][T19792] ext4 filesystem being mounted at /6/file0 (deleted) supports timestamps until 2038-01-19 (0x7fffffff)
[  417.367385][T19792] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  417.459001][T19801] lo speed is unknown, defaulting to 1000
[  417.692648][T19805] loop4: detected capacity change from 0 to 256
[  417.852142][T19811] FAULT_INJECTION: forcing a failure.
[  417.852142][T19811] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  417.865269][T19811] CPU: 1 UID: 0 PID: 19811 Comm: syz.3.6174 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(voluntary) 
[  417.865298][T19811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  417.865308][T19811] Call Trace:
[  417.865314][T19811]  <TASK>
[  417.865320][T19811]  __dump_stack+0x1d/0x30
[  417.865387][T19811]  dump_stack_lvl+0xe8/0x140
[  417.865431][T19811]  dump_stack+0x15/0x1b
[  417.865448][T19811]  should_fail_ex+0x265/0x280
[  417.865485][T19811]  should_fail+0xb/0x20
[  417.865517][T19811]  should_fail_usercopy+0x1a/0x20
[  417.865538][T19811]  _copy_from_user+0x1c/0xb0
[  417.865562][T19811]  sock_do_ioctl+0xe6/0x220
[  417.865589][T19811]  sock_ioctl+0x41b/0x610
[  417.865612][T19811]  ? __pfx_sock_ioctl+0x10/0x10
[  417.865631][T19811]  __se_sys_ioctl+0xcb/0x140
[  417.865735][T19811]  __x64_sys_ioctl+0x43/0x50
[  417.865757][T19811]  x64_sys_call+0x19a8/0x2fb0
[  417.865776][T19811]  do_syscall_64+0xd0/0x1a0
[  417.865842][T19811]  ? clear_bhb_loop+0x25/0x80
[  417.865866][T19811]  ? clear_bhb_loop+0x25/0x80
[  417.865890][T19811]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  417.865913][T19811] RIP: 0033:0x7fc90e3fe969
[  417.865930][T19811] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  417.865950][T19811] RSP: 002b:00007fc90ca67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  417.865998][T19811] RAX: ffffffffffffffda RBX: 00007fc90e625fa0 RCX: 00007fc90e3fe969
[  417.866085][T19811] RDX: 0000200000002280 RSI: 0000000000008914 RDI: 0000000000000005
[  417.866096][T19811] RBP: 00007fc90ca67090 R08: 0000000000000000 R09: 0000000000000000
[  417.866106][T19811] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  417.866117][T19811] R13: 0000000000000000 R14: 00007fc90e625fa0 R15: 00007ffc4d99c378
[  417.866137][T19811]  </TASK>
[  418.212627][T19817] loop1: detected capacity change from 0 to 512
[  418.225572][T19817] EXT4-fs: Ignoring removed nobh option
[  418.309484][T19817] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.6176: invalid indirect mapped block 256 (level 2)
[  418.329723][T19817] EXT4-fs (loop1): 2 truncates cleaned up
[  418.340380][T19817] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  418.489918][ T3722] ==================================================================
[  418.492429][T19815] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.6176: bg 0: block 5: invalid block bitmap
[  418.498018][ T3722] BUG: KCSAN: data-race in n_tty_receive_char_flow_ctrl / tty_set_termios
[  418.518744][ T3722] 
[  418.521074][ T3722] write to 0xffff8881191b1508 of 44 bytes by task 19829 on cpu 1:
[  418.528885][ T3722]  tty_set_termios+0xc0/0x8c0
[  418.533573][ T3722]  set_termios+0x35b/0x4e0
[  418.538011][ T3722]  tty_mode_ioctl+0x379/0x5c0
[  418.542710][ T3722]  n_tty_ioctl_helper+0x91/0x210
[  418.547661][ T3722]  n_tty_ioctl+0x101/0x200
[  418.552199][ T3722]  tty_ioctl+0x842/0xb80
[  418.556458][ T3722]  __se_sys_ioctl+0xcb/0x140
[  418.561062][ T3722]  __x64_sys_ioctl+0x43/0x50
[  418.565690][ T3722]  x64_sys_call+0x19a8/0x2fb0
[  418.570415][ T3722]  do_syscall_64+0xd0/0x1a0
[  418.574953][ T3722]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  418.580868][ T3722] 
[  418.583212][ T3722] read to 0xffff8881191b1521 of 1 bytes by task 3722 on cpu 0:
[  418.590764][ T3722]  n_tty_receive_char_flow_ctrl+0x23/0x1a0
[  418.596590][ T3722]  n_tty_lookahead_flow_ctrl+0xed/0x130
[  418.602164][ T3722]  tty_port_default_lookahead_buf+0x8e/0xc0
[  418.608085][ T3722]  flush_to_ldisc+0x318/0x410
[  418.612788][ T3722]  process_scheduled_works+0x4cb/0x9d0
[  418.618267][ T3722]  worker_thread+0x582/0x770
[  418.622889][ T3722]  kthread+0x486/0x510
[  418.626966][ T3722]  ret_from_fork+0x4b/0x60
[  418.631419][ T3722]  ret_from_fork_asm+0x1a/0x30
[  418.636204][ T3722] 
[  418.638535][ T3722] value changed: 0x11 -> 0x03
[  418.643241][ T3722] 
[  418.645573][ T3722] Reported by Kernel Concurrency Sanitizer on:
[  418.651721][ T3722] CPU: 0 UID: 0 PID: 3722 Comm: kworker/u8:7 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(voluntary) 
[  418.664317][ T3722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  418.674410][ T3722] Workqueue: events_unbound flush_to_ldisc
[  418.680260][ T3722] ==================================================================
[  418.710794][T19837] FAULT_INJECTION: forcing a failure.
[  418.710794][T19837] name failslab, interval 1, probability 0, space 0, times 0
[  418.723631][T19837] CPU: 1 UID: 0 PID: 19837 Comm: syz.2.6183 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(voluntary) 
[  418.723688][T19837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  418.723703][T19837] Call Trace:
[  418.723709][T19837]  <TASK>
[  418.723717][T19837]  __dump_stack+0x1d/0x30
[  418.723739][T19837]  dump_stack_lvl+0xe8/0x140
[  418.723756][T19837]  dump_stack+0x15/0x1b
[  418.723798][T19837]  should_fail_ex+0x265/0x280
[  418.723833][T19837]  ? __hw_addr_add_ex+0x162/0x440
[  418.723866][T19837]  should_failslab+0x8c/0xb0
[  418.724022][T19837]  __kmalloc_cache_noprof+0x4c/0x320
[  418.724090][T19837]  __hw_addr_add_ex+0x162/0x440
[  418.724116][T19837]  dev_addr_init+0xb1/0x120
[  418.724159][T19837]  alloc_netdev_mqs+0x212/0xab0
[  418.724175][T19837]  ? __pfx_vlan_setup+0x10/0x10
[  418.724274][T19837]  rtnl_create_link+0x239/0x710
[  418.724337][T19837]  rtnl_newlink_create+0x151/0x630
[  418.724365][T19837]  ? security_capable+0x83/0x90
[  418.724402][T19837]  ? netlink_ns_capable+0x86/0xa0
[  418.724490][T19837]  rtnl_newlink+0xf29/0x12d0
[  418.724593][T19837]  ? xas_load+0x413/0x430
[  418.724612][T19837]  ? __rcu_read_unlock+0x4f/0x70
[  418.724631][T19837]  ? xa_load+0xb1/0xe0
[  418.724654][T19837]  ? __rcu_read_unlock+0x4f/0x70
[  418.724676][T19837]  ? avc_has_perm_noaudit+0x1b1/0x200
[  418.724732][T19837]  ? selinux_capable+0x1f9/0x270
[  418.724792][T19837]  ? security_capable+0x83/0x90
[  418.724827][T19837]  ? ns_capable+0x7d/0xb0
[  418.724912][T19837]  ? __pfx_rtnl_newlink+0x10/0x10
[  418.725016][T19837]  rtnetlink_rcv_msg+0x5fb/0x6d0
[  418.725036][T19837]  ? avc_has_perm_noaudit+0x1b1/0x200
[  418.725071][T19837]  netlink_rcv_skb+0x120/0x220
[  418.725158][T19837]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  418.725231][T19837]  rtnetlink_rcv+0x1c/0x30
[  418.725254][T19837]  netlink_unicast+0x59e/0x670
[  418.725344][T19837]  netlink_sendmsg+0x58b/0x6b0
[  418.725374][T19837]  ? __pfx_netlink_sendmsg+0x10/0x10
[  418.725409][T19837]  __sock_sendmsg+0x142/0x180
[  418.725444][T19837]  ____sys_sendmsg+0x31e/0x4e0
[  418.725469][T19837]  ___sys_sendmsg+0x17b/0x1d0
[  418.725517][T19837]  __x64_sys_sendmsg+0xd4/0x160
[  418.725543][T19837]  x64_sys_call+0x2999/0x2fb0
[  418.725575][T19837]  do_syscall_64+0xd0/0x1a0
[  418.725600][T19837]  ? clear_bhb_loop+0x25/0x80
[  418.725625][T19837]  ? clear_bhb_loop+0x25/0x80
[  418.725686][T19837]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  418.725708][T19837] RIP: 0033:0x7fa8ca2be969
[  418.725723][T19837] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  418.725742][T19837] RSP: 002b:00007fa8c8927038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  418.725762][T19837] RAX: ffffffffffffffda RBX: 00007fa8ca4e5fa0 RCX: 00007fa8ca2be969
[  418.725775][T19837] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000004
[  418.725866][T19837] RBP: 00007fa8c8927090 R08: 0000000000000000 R09: 0000000000000000
[  418.725876][T19837] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  418.725887][T19837] R13: 0000000000000000 R14: 00007fa8ca4e5fa0 R15: 00007ffc731081d8
[  418.725906][T19837]  </TASK>
[  419.155252][T19115] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.