last executing test programs:

45.935640363s ago: executing program 3 (id=3682):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r2 = accept4(r1, &(0x7f0000000140)=@nl=@proc, &(0x7f0000000000)=0x80, 0x40800)
getsockopt$X25_QBITINCL(r2, 0x106, 0x1, &(0x7f00000001c0), &(0x7f0000000200)=0x4)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0xca02})
close(r0)
socket$netlink(0x10, 0x3, 0x0)
preadv(r1, &(0x7f00000003c0)=[{&(0x7f00000000c0)=""/124, 0x3}], 0x1, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001000)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70200001400a685b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={<r7=>0xffffffffffffffff})
sendmsg$tipc(r7, &(0x7f0000004440)={&(0x7f0000000ec0)=@name={0x1e, 0x2, 0x0, {{}, 0x4}}, 0x10, 0x0}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)

45.727109713s ago: executing program 3 (id=3688):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kmem_cache_free\x00', r1}, 0x18)
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
pipe2$9p(&(0x7f0000000140)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r4 = dup(r3)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])

45.657693224s ago: executing program 3 (id=3690):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='signal_generate\x00', r2}, 0x10)
r3 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000300), 0x24800)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r4, 0x40a85323, &(0x7f0000000440)={{0x5, 0x5}, 'port0\x00', 0x8, 0x400, 0x4, 0xfffffff8, 0xf, 0x3, 0x200, 0x0, 0x6, 0x2})
add_key(&(0x7f00000003c0)='ceph\x00', 0x0, &(0x7f0000000400)="010000000037a788a11d1f000000000000006923c63a4541062101a59ea9cba39a989ca8c70b3692930208", 0x2b, r3)
r5 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000100)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r5, &(0x7f0000000240)='asymmetric\x00', &(0x7f0000000340)=@keyring)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYBLOB="000400000000000000d904af840f9cbbed8966601daf000000000000caec479f9b68e9ef330efe056e64e5b5054a786d3677b85fa0a145ca42e00105de31bdf5c66c1b2d7c1b610aafd274cbd817e935cd22d8660a236859e78112b3940bb571ac39b89f1b8c2486ebf728d4117bfcc14392b90c6f66d115a4d69161e3e194756317736bb281"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000700)=ANY=[@ANYBLOB, @ANYRES32=r6, @ANYBLOB="0800000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffff5fdfb3575abb6f5353b703000008000000b70400000000000085000000430000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000001640)='kfree\x00', r7}, 0x10)
socket$tipc(0x1e, 0x2, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
r8 = socket(0x1e, 0x1, 0x0)
setsockopt$TIPC_SRC_DROPPABLE(r8, 0x10f, 0x80, 0x0, 0x0)
sendmsg$tipc(r8, &(0x7f0000001b40)={&(0x7f0000000200)=@name={0x1e, 0x2, 0x0, {{0x42, 0x1}, 0x2}}, 0x10, 0x0}, 0x0)
keyctl$unlink(0x9, r5, r5)
r9 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000000)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$unlink(0x9, r5, r9)
keyctl$assume_authority(0x10, r3)
r10 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffb)
keyctl$KEYCTL_MOVE(0x1e, r3, r5, r10, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x8000000000000000}, 0x18)
r11 = perf_event_open(&(0x7f0000001040)={0x2, 0x80, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r11, 0x40082406, &(0x7f00000001c0)='cpu&00\t&&')
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$VT_RESIZEX(r0, 0x560a, &(0x7f0000000140)={0x7ff, 0x8001, 0x12, 0x2, 0x1, 0xff})

45.597238985s ago: executing program 3 (id=3692):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1, 0x7, 0x44, 0x2, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f0000000040)={{0x1, 0x1, 0x7fffffff}})
pread64(r1, &(0x7f0000000440)=""/208, 0xd0, 0x7)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x18d811, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r4, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
ioctl$SNDRV_TIMER_IOCTL_INFO(r3, 0x80e85411, &(0x7f0000001240)=""/4111)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000000080)=<r5=>0x0, &(0x7f0000000100)=0x4)
r6 = open(&(0x7f0000000140)='./file0\x00', 0x2000, 0x4)
fsetxattr$trusted_overlay_origin(r2, &(0x7f00000003c0), &(0x7f0000000400), 0x2, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x17, 0x4, 0x1ff, 0x6, 0x12ce4, r1, 0x7fff, '\x00', r5, 0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0, @void, @value, @value=r6}, 0x50)

45.497977925s ago: executing program 3 (id=3693):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000400)=0x7)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r2, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001500)=ANY=[@ANYBLOB="190000000400000008000000ff"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
connect$unix(r1, &(0x7f0000000640)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
connect$unix(r2, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r5 = fcntl$dupfd(r2, 0x0, r1)
accept4$packet(r5, 0x0, 0x0, 0x80800)

45.349552835s ago: executing program 3 (id=3700):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kmem_cache_free\x00', r1}, 0x18)
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
pipe2$9p(&(0x7f0000000140)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r4 = dup(r3)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])

45.349375865s ago: executing program 32 (id=3700):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kmem_cache_free\x00', r1}, 0x18)
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
pipe2$9p(&(0x7f0000000140)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r4 = dup(r3)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])

1.574502712s ago: executing program 5 (id=4466):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
rt_sigprocmask(0x0, &(0x7f000078b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r1 = gettid()
r2 = getpid()
rt_tgsigqueueinfo(r2, r1, 0xb, &(0x7f0000000280)={0x8, 0x0, 0x4})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
r3 = openat2(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000340)={0x40800, 0x2, 0x4}, 0x18)
ioctl$SNDRV_TIMER_IOCTL_STOP(r3, 0x54a1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00'}, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYRES16=r3], &(0x7f0000000200)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000000)='kmem_cache_free\x00', r5}, 0x10)
openat$vcsa(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0xffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000020900010073797a30000000000900030073797a3200000000240b0000060a010400000000000000000100000008000b4000000000fc0a048028000180080001006c6f67001c0002800e00024073797a6b616c6c65720000000800054000000008d00a01800e000100696d6d656469617465000000bc0a0280640002804c0002800900020073797a32000000000900020073797a310000000008000180fffffffc0900020073797a31000000000800034000009c920900020073797a300000000008000180ffffffff14000280080003400000000808000180fffffffb0800014000000002080001400000000b500002804b000100fa62d7ba9ceeacf9aa4f832b78f35731f355d63e192a72aef5e68a05d1b806151b6bd1e2d74abafd383790ad363fdc1b7766748630b48f9beefdb33c86d5835a470b5ffd20d7e9006c0102805c00028008000180fffffffe0900020073797a30000000000900020073797a320000000008000180ffffffff0900020073797a320000000008000180fffffffd0900020073797a310000000008000180fffffffc0800034000000e5628000280080003400000000608000340000000070900020073797a320000000008000180fffffffe540002800900020073797a320000000008000180fffffffe0800034000000000080003400000000008000340000000090900020073797a310000000008000180fffffffe080003400000800108000180fffffffd8e000100818ce881ff18470752e86442e8b77ddcfc7a4c87f05cd36147be26c85cc854cc117db1906007a5a8c298f4724c8c743d46ec7f3ba478d9dfb10bbe9e4fdfc2188d62db9bb1364fed383fe0b0c3fbbab83959470cb0ffb14765c32f10b54d99531d04caaf264214997543a1c63637d9a3a20b7ce9312e545626eb375c88462c198f35cf8a11616de4fa0c000098020280eb00010099c8e680eb4d0e7f78e1fb62226ae541d997c8cb51c5ebd0bb7e2730b61310dcd7525807288a7ad8c00f6aa230a1d1b876ddb0e188384e7c79cd8af94a02451a04d8f116bde38077da45650d82bdd1767b03e3f35bc4a5769e659d8cdb6d9d9d717c78b50f6b3ac899b07a9eaf2c989654de7d6609299bad01ca1f3fa8b6229a6c69627a07f627880e902231b20368f3ae64fd12fc37afeb95f14a4dc3d0bc5f6e2afd0fc8ef6982054cffa703ee1376654019ad6d2add9052c5d2f2e0ba3318f931b2c5f2dcce5cbca6093c64d23b64e2f2061da3dd5983644280de22d592b63b5d7f6b571beb005400010041bbc64da6bacaad1bebec23352accccbca40d6ba87943f82df945bf4ccc5250a0c2b2cb13793380f424b280bfb960885af6df4afa26efa8fcd7a1243389ef3fcf1d709f775a9cd1dfb2b84fd03e5d70f800010001950b7c0ec30534e476b721ba6e82d03078fe63b683918ecbbb9c339c8cdd63689339ac43acd5973f4aac8720a98d18e13b98e11e291f3f3621ed29c717639f84bdd28810da6ae30538775f15e00133741e9de3f96f69ab363752fa962b3c71041ba1e463a91d782a968d9febb648b66e71a6827c53b3be014b785f61c4fd46fef00658f64cdd465edb61ba4c5f00849b2935c485da99a38489ecc29837433ac5446c3922d73153fd8fb2368a5ce4201760ca6778f570b7fcb38be633a02d57c5884b6bcbaf3bc28ca7686edb5d59e1b823a8f0f5ff788625995d51c16413783c6290a9714bd4dcbd2a388139f3e46f69916f335c0002800900020073797a3000000000080003400000000908000180000000000900020073797a3000000000080003400000000808000180fffffffd080003400000000408000340fffffff908000180fffffffb0800034000000003a80002801c000280080003400000020008000340fffffff508000340000000001400028008000340000000050800034000000007720001001c2cce526d2ee30fb33f426450278cb35ac06b1cef15fefc26b5c17a8c9251bed316fccb5588f2e071fc355537fcf458cf14217f16ce4c12a4b559f3e807c94c6cc4f418baebc6024b74b9dbc5ef66dbbe91812ea247db80670c101ed494f105ad9c09b4eaf8d5c133b46a311c1a00001c0302802000028008000180fffffffc0900020073797a320000000008000340000000035c00028008000180fffffffc08000180fffffffc08000180fffffffb0900020073797a300000000008000340000000060900020073797a30000000000900020073797a31000000000900020073797a310000000008000180fffffffbf6000100330e5af714359ac9da33381a13071148dbe4293800e6be0290efbb549850cda132ca27a55553fd77c3067504c4596086f4001f53d49e8111395ebccb983c6b04735a58ab2617dfc62123b09c8dc5a47154667414dc28e8369829764b2e3cc23303a882890bad6d3a70d9e15701ec8c4c15a46d38c9ed6bc8658f8a45a02083f563324a27c649bab7cbcb485c289bd8df0a040128df6891ab48095977e0463f8e3ed7ba6df976ee30768954dfeb3f08c942b2c9384aa0b78baf92ecf5e4d73788afb1bc5a8f7c4b454897cd8bcac7f19cdd949fac66756da3b9311e13362eee317df853f6bc7e4638eb145a1484d3780e09b50000c8000100d5c1e4159bf770e02e6e1ebe911d7513709588175328d2e11f2ebf3f6967c49bedcb2a5459a45272bb8084e3bb55ea7a80166d97ec16457ed7d2a834d9aafdb2a54110ddc7975eaeda4f897ec7d533c27df0ce5ff92cfedadc67fff850ee5d07822d72b27af229d17ad2f8d802ae40d98f373e348a04b4f0270c71f82319de3a0331f165204896e0e448cf7ea0f8eb32a312fda6716f72f0234742fe6708ad0adf587ea21d94b8c8f5080028dda1e21d3d9ac82d8edd12941631b72b692ecc262d6ae12393000100c56deda494a09379df59bad8f0f17376b307ce49571034af728b1c4bf694e3b91406b976944238ab36ccaf40e3d92952ba87aa27af6353a82868c9508577a1b6a349fce75b3e4952b04b9527f496b5555e6db110dec07430b01446635eff12f136dbcb54fd4dc90b02e1bc6488ed74efd9eeb1b6de6e2a234f6c323df5c28a0352d03b34ee4f64ab614078125aa3cc0048000280080003400000000c08000340000000010900020073797a310000000008000180fffffffd0800034000008000080003400000dc5b08000180fffffffc08000180fffffffb2c0202804b000100cece2d8ff50c68c1060c2e691ddc50c6d87b46b4e5f6695010163d98bac2d9d7693cff0ec1e2107f58d3c305c78e5a596df92f1dbe80793dce5424be9e7951890023db7d0b9b2700e5000100f46e4b21dd4b92221713eece21b0e3bfb3fe995725eca78713a8d11ac82a6aefeeeab4720bd136479523ccafa34771afedeafc55275842bb7adb37ff3c93b19d9d5139f8b67ee81e380faa9506e6c8e5956cf7efc9828438d340aa4bfe771769c6ddb2f8c31049c1fc37e8f28812ea0aadd0caa7e32f6bb4b2b7a4473e5fa876c87bf285a503660ea12a0cfff6863a87c64ea83c31e737e278edcad77cb964828c7049d335e25156fd4d1c2faada6a8363794fe487155fbfd7c2e1b8504d4a744357734f51fca0426ffe929280df27411f8a90a067b285e970fa1e403722ae91dd000000f400010073e22ba6603d1c92836887468b100c2dc430efeb2ef19c66bd0582fe94df7b5a20292fdfbd2009980dbf9651685f7713bfb0f42583e452670f29e2cabf848fcdcb7a2067f0b257efd7dc927e540584b08f026e14be231afa797e36410d8ad6cbced8c5d2cce2f5a8b75713e57b3161b5b4ce78f283bf59a04f90bc1c5a4371abed0124c621ecb51b6166ad39f14216c09456232b7ea8dd7058bbbeae8b1c13df7ffa1515a359309683421d783f4fb00547cb06b3f974e65f28397c2c16675436a414b6e28d61800c35bdc05f9837e14491ce0fa7c0fbf6f61dd8f7eceac62373ed913de212a188ad5fa12d0eab8a0b440900010073797a30"], 0xb98}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10)
r6 = syz_open_procfs$pagemap(0xffffffffffffffff, &(0x7f0000000f40))
ioctl$PAGEMAP_SCAN(r6, 0xc0606610, &(0x7f0000000140)={0x60, 0x2, &(0x7f00001b9000/0x4000)=nil, &(0x7f000075c000/0x1000)=nil, 0x0, 0x0, 0x0, 0x1, 0x5, 0x20, 0x4c, 0x60})

1.483133043s ago: executing program 5 (id=4469):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000"], &(0x7f0000000200)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[], 0x0)

1.438050413s ago: executing program 0 (id=4473):
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r0}, 0x10)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00008, 0x0, 0x50032, 0xffffffffffffffff, 0x0)

1.401844513s ago: executing program 0 (id=4475):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
epoll_create1(0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000000c0)=ANY=[@ANYRES32=r0], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r1 = syz_open_dev$ptys(0xc, 0x3, 0x0)
ioctl$TCSETAF(r1, 0x5408, &(0x7f0000000040)={0x1, 0xfff9, 0x7fff, 0x9, 0xa, "2f75030632c24ebc"})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
r3 = mq_open(&(0x7f0000001140)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xd3\xa7\xd8J\xfd\x94#KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\xd8\x01YZy\xe6!\x89\x9c\xd1\xa6\x167\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa\xe0\x9d\x97Te\x81\x98L\xfe\x97+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xeb\x84\x99\xc6\x0f\xf1\xd5LD\xa87\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xb4\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*@v\xe7\xd1\xee\xb3\xc2\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xf2\x1e\xcd\v\xe5L\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3~$\xc0\xa5n\x9a W\xb1e\xcc<$\xdf\x15\f]\x15\xf5#G\xce\xaf\x88U\xfa\x80\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v\xb9\xdc\xd6\x87\x8f\xcd\xc1\xb05\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe1:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6\x8b\x18/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f:Z\xb8\xee;\xe3;\x8aPV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\t\x11\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\x8a\x82\x19\xb0\t\xac\x10\\\x8c\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\xca\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xad3\x91\xa5\xe6!\xcd\xa2\xa4\x14\x12\xf9\xbf\xa8b\xcec:\xd7\'\f\f\x957\xc9}\r\xa6\xaa\x0f\xca\x96\xeb', 0x42, 0x0, 0x0)
mq_timedsend(r3, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r3, 0x0, 0x0, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r4}, &(0x7f0000000000), &(0x7f00000003c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = eventfd(0x800a6)
write$eventfd(r5, &(0x7f0000000000)=0xfffffffffffffffb, 0x8)
dup(r5)
mq_unlink(&(0x7f0000000000)='eth0\x00')
close(r3)

1.268516464s ago: executing program 4 (id=4477):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000540)={{r0}, &(0x7f00000004c0), &(0x7f0000000500)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000380)='sched_switch\x00', r1}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_open_dev$evdev(&(0x7f0000000180), 0x3, 0x88000)
r2 = memfd_secret(0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000580)=[{0xffff, 0x4, 0x7, 0x7fff}]})
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff010000850000000e000000040000005000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
socket(0x10, 0x2, 0x0)
perf_event_open(&(0x7f00000007c0)={0x2, 0x80, 0x66, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0xe}, 0x0, 0x0, 0x0, 0x6, 0x5, 0x0, 0xe2f2}, 0x0, 0xffffffbfffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000001000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000240)='kmem_cache_free\x00', r4, 0x0, 0x2}, 0x18)
r5 = socket(0x10, 0x3, 0x9)
sendmsg$TIPC_CMD_GET_MAX_PORTS(r5, &(0x7f0000000200)={&(0x7f0000000a00), 0xc, &(0x7f0000000ac0)={&(0x7f0000000280)={0x1c, 0x0, 0x20, 0x70bd26, 0x1}, 0x1c}, 0x1, 0x0, 0x0, 0x40814}, 0x0)

1.215005084s ago: executing program 4 (id=4478):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000003c0)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='mpol=interleave']) (fail_nth: 2)

1.090791805s ago: executing program 2 (id=4479):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000850000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r1, 0x0, 0xc8, &(0x7f0000000500), 0x4)
setsockopt$MRT_ADD_MFC(r1, 0x0, 0x5, &(0x7f00000019c0)={@dev={0xac, 0x14, 0x14, 0x39}, @private=0xa010100, 0x0, "544e6b24af869c8bcb343306faffff1400165fadcc19dc1a4d5b370e4d00", 0x0, 0x0, 0xfffffffd}, 0x3c)

961.219145ms ago: executing program 2 (id=4480):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
fcntl$setpipe(r2, 0x407, 0x100000)

960.942895ms ago: executing program 4 (id=4481):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
r2 = syz_io_uring_setup(0x1725, &(0x7f0000000100)={0x0, 0x7ea5, 0x100, 0x400002, 0x3a6}, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000200)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000240)=0xfffffc04, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000180)=@IORING_OP_SENDMSG={0x9, 0x13, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000004a00)={0x0, 0x0, 0x0}, 0x0, 0x4000})
io_uring_enter(r2, 0x47f6, 0x0, 0x0, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000003c0)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='mpol=interleave'])

960.488985ms ago: executing program 2 (id=4482):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x88040, 0x0)
fcntl$setlease(r0, 0x400, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x300, 0xf5ff)

960.090045ms ago: executing program 2 (id=4483):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={0x0, r1}, 0x18)
pipe2(&(0x7f0000001cc0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x800)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@uname={'uname', 0x3d, '\xd0\xae\xde\xc1\xaa \xff\xd8\x1d\x1b\xf8\x93)!|\xb0X\xa3\x96\xed\xa2\xab@\xa2m\x93\xdd\b<\x00t\xdc\xabl\xab!\xae\x16\xc4\xcd\xf9{\xdc5_;A\xd2{eC\x014\\\xb3\xc4\xce\xc3yS2-\x01\xbe\xaarW\x96O\xd3\x0f\xe2\xd7/\x17\x1d\xa7.8\x9f8-\xea<\x8d\x91\x90j\xea\xd5\xd5\xae\xcc\xc0\x97\xef\x10\x92\xea\x98|+\x00\x00\x00\x00\x00\x00\x00\x00'}}]}})

900.788825ms ago: executing program 4 (id=4484):
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x18)
r1 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r1, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd000000100002000400100008000140040000", 0x57}], 0x1)

900.357806ms ago: executing program 4 (id=4485):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYRES32], 0x44}}, 0x0)

895.822725ms ago: executing program 2 (id=4486):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r1=>r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r3, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000006c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="595300080000000000086b000000174673dac253490999d528cf29e9a0ea70189960c8278e85e341f4c4bf94c7e295f814dd3311b6c689451e850bd29db5d40a34f239eab7ad29ab9b743376df7952a3b2cd01d9b6db76baa8946f62810fb0cdaf4ec11a1b5792e1234907bd1c76fb312f30ad5ef14d2d5f243fdc88911c733f88abc276b6177cebfdbdd5dd7fdc5863836f338fa5ea2430f2a1982a0f14004451a89d95ec434dbfd68ffc7e9702b71c9d3d4e20c93dd5265544c5406cf586ee828c680b20d72c90e7a1eaa6b11b9b77ab1124a1ec74657c5bc7af420a63ad4d59a836d4b95600aab3dc7298c344939b335617266d3c86b36c62ba80c2f40e3fd070cdf62a3bf57eb9e10fd126990b015a427b965daf6e80cb1e021e6e721ef10cb1b4899066db379dfa75aebae94f1eb73b866eb292bdccedef3c415f346bd70d84646024edae4e57f94efadffd7279ef5838ab6e5c979b34410094609fd0541caabb6cf08bad71429f0bf136b0bc19dba6da51f016104bca6d4d6fe4a90299efbc9a1d633c4ff88d49415767b57cb2b560155308b14fdbf8b3c807774ebe9650d994876b2bcb7ce886b5879adabe031b9b05ad74eb17f1578be8f64fab522a4325ea7417b02e02d528a21f0e8186bc44c6df01ce"], 0x14}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
rt_sigsuspend(&(0x7f0000000000)={[0x7]}, 0x8)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)
r6 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_udp_int(r6, 0x11, 0x67, &(0x7f0000000040)=0x91, 0x4)
setsockopt$sock_linger(r6, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000b00)=ANY=[@ANYBLOB="6cb415370000103c526b3b4e29ad115e12705cea3fd997c53599334b7be1cc3529f527ef37625bdf7c1d1a7009d5708aa881b51bdb44b7bff9faaec1c465be5edba30e99bd12ea79e9f1d5f8be859eff28f28a00870eaa2ef1e440f4882fbf83050484fc1673ab5caff6edb1b939a00e5f72e2073562f0be72525846083b61249d25449195bfb596122c10238b9678e3a7618a1b45b4d5a512ac024584c2dd144fb646e03be9472196431e4b8b59ef67696289c1ef7ce4c5b872056cba4450974c2c504f2fff9b2efdf7368237e99bd91f732de6d0bef3d40dcd871a267f59b01b91524a99568cb694f19be2a8ba44fd725b43cafe8ba5793c44ccf8955af4e2f8a3fff7bf621bbd595d6ca40ff5f1c252b334578ed3552257ec66fc32274f458340849fd7312a1f21ce0749d8560122b8d7d84c019097b9921c1bf911761de73276a3f4faca5ca8fc1a6c9b93184c99e55dc45c8a993d5220d2554018f73d0dc11691ac6403e9976e90f4d3fbaf380bf2643ebec7134bc53afa50db0940b6a4e2bbdc7571c6b8272c6ed552aed5f770f7539187dacb0cdbb52f1f2ed03cad0381c3944eee6279ef99eb98b3166acdea389e1ae53efd49", @ANYRES32, @ANYRESHEX=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000100)={r7, 0x0, 0x30, 0x17, @val=@uprobe_multi={&(0x7f00000028c0)='./file0\x00', &(0x7f0000002900)=[0x4], 0x0, 0x9, 0x1}}, 0x40)
socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r6, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @mcast2, 0x2}, 0x1c)
setsockopt$inet6_IPV6_HOPOPTS(r6, 0x29, 0x36, &(0x7f00000001c0)=ANY=[], 0x20)
sendmmsg$inet6(r6, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)
r9 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
listen(r9, 0x0)
accept4$x25(r9, 0x0, 0x0, 0x80000)

873.154756ms ago: executing program 4 (id=4487):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2c41, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
flock(r1, 0x5)
r2 = openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
preadv(r2, 0x0, 0x0, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000002c0)={r1, &(0x7f00000003c0)="e9d20cb45c4dc6f257dda77e340d6d5cecd303613c3f246ebfb30799bd1c08dbc94197b4100f31be9fbd59775a2610a5f9887bfacd0c718e3ef12aa8664ba380c5323a5038060879b8f00e1136", &(0x7f0000000300)=""/142}, 0x77)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r4}, 0x10)
creat(0x0, 0xd931d3864d39dcca)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, &(0x7f0000000c00), 0x1, 0xb80, &(0x7f0000000c40)="$eJzs3MtrXFUYAPDv3jyaNrGTiqgtggGpFcVp2hSFrlrXooIuuuyYTErI9GEmggldpHWvLkRcFKR/guDeunAluKgLrX9BEYsU3bQuInce6dBkktjO9PTx+8GZe86c6XzfN5fOPQfmJoAn1kTxkEfsjYiTWUSp9XweEcON3kjESvN1t2+eny5aFqur7/+VRRYRt26en26/V9Y6jrYGIxFx9a0snv50fdz60vJ8pVarLrTGBxdPnztYX1p+fe505VT1VPXMkak3j0y9MTXVw1qvn/vw6xd+eefli5c/m3z3q90/ZXEsxlpznXX0ykRMrH0mnQYjotLrYIkMtOrprDMbTJgQAACbyjvWcM9GKQbizuKtFD/+mjQ5AAAAoCdWByJWAQAAgMdcZv8PAAAAj7n27wBu3Tw/3W5pf5HwYN04HhHjzfrb9zc3ZwZjpXEciaGI2PV3Fp23tWbNf3bfJopI3/1cLVr06T7kzaxciIjnNzr/WaP+8cZd3OvrzyNisgfxJ+4aP0r1H+tB/NT1A/BkunK8eSFbf/3L19Y/scH1b3CDa9e9SH39a6//bq9b/92pf6DL+u+9bcbY9++rV7vNda7/Tnz++0wRvzjeV1H/w40LEfsGN6o/W6s/61L/yW3GGJ2+fqnbXFF/UW+7Pej6Vy9H7I+N62/LNvv7RAdn52rVyeZjlxj7fzhxoFv8zvNftCJ+ey/wIBTnf1eX+rc6/+e2GWP8uT/3dpvbuv78j+Hsg0ZvuPXMJ5XFxYVDEcPZ2+ufP7x5Lu3XtN+jqP+Vlzb//79R/cV3wkrrcyj2Ahdax2J88a6Yo/sPf3vv9fdXUf/MPZ7/L7YZ45vvL33UbS51/QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GvKIGIssL6/187xcjhiNiGdiV147W198bfbsx2dmirmI8RjKZ+dq1cmIKDXHWTE+1OjfGR++azwVEXsi4svSzsa4PH22NpO6eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaMRsRYZHk5IvKI+KeU5+Vy6qwAAACAnhtPnQAAAADQd/b/AAAA8Piz/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDP9rx45VoWEStHdzZaYbg1N5Q0M6Df8tQJAMkMpE4ASGYwdQJAMvb4QLbF/EjXmR09zwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh9eBvVeuZRGxcnRnoxWGW3NDSTMD+i1PnQCQzEDqBIBkBlMnACRjjw9kW8yPdJ3Z0fNcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHh4jTValpcjIm/087xcjngqIsZjKJudq1UnI2J3RPxWGtpRjA+lThoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICeqy8tz1dqteqCjo6Ozlon9TcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp1JeW5yu1WnWhnjoTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAILX60vJ8pVarLvSxk7pGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADS+S8AAP//szUGGQ==")
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
flock(r5, 0x2)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)

798.865456ms ago: executing program 5 (id=4488):
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000180)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r2}, 0x10)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000000240)='asymmetric\x00', &(0x7f00000000c0)=@chain)
add_key$keyring(&(0x7f0000000340), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, r0)

780.169856ms ago: executing program 5 (id=4489):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000400)=0x7)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r2, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001500)=ANY=[@ANYBLOB="190000000400000008000000ff"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
connect$unix(r1, &(0x7f0000000640)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
connect$unix(r2, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r5 = fcntl$dupfd(r2, 0x0, r1)
accept4$packet(r5, 0x0, 0x0, 0x80800)

709.461036ms ago: executing program 5 (id=4490):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x80de36835f2900af, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50)
syz_io_uring_setup(0x2c0c, &(0x7f0000000400)={0x0, 0x0, 0x4002}, &(0x7f0000000480), &(0x7f00000004c0))

676.156136ms ago: executing program 5 (id=4491):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32=<r0=>0xffffffffffffffff, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r2 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x84, &(0x7f0000000580)=[@in={0x2, 0x0, @multicast1}, @in6={0xa, 0x4e24, 0xd, @mcast2, 0x8}, @in6={0xa, 0x4e22, 0xfffffffe, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x8}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x32}}, @in6={0xa, 0x4e21, 0x8, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x40}, @in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1c}}]}, &(0x7f0000000100)=0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYRESOCT=r0], 0x0, 0x0, 0x0, 0x0, 0x100, 0x2, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffd19, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x779615b0513762e9, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3a, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f00000003c0)={'batadv_slave_1\x00'})
eventfd2(0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.numa_stat\x00', 0x275a, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r7, 0x8004587d, &(0x7f0000000080))
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000580)={0x1b, 0x0, 0x0, 0x40000, 0x0, r7, 0x10000, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
lseek(r8, 0x2, 0x0)
getdents64(r8, 0x0, 0x22)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0xf, 0x19, &(0x7f00000006c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x6}, {}, {}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}}, @call={0x85, 0x0, 0x0, 0xc5}], {{}, {}, {0x85, 0x0, 0x0, 0x1}}}, &(0x7f0000000000)='GPL\x00', 0x1, 0x1, &(0x7f00000002c0)=""/1, 0x41000, 0x20, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000840)={0x1, 0xb, 0x80000001, 0x18000}, 0x10, 0xffffffffffffffff, r6, 0x3, &(0x7f0000000880)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r5, r5, r5, r7, r5, r8], &(0x7f00000008c0)=[{0x4, 0x3, 0x6, 0x4}, {0x2, 0x3, 0x9, 0x1}, {0x3, 0x5, 0x10, 0x9}], 0x10, 0x244, @void, @value}, 0x94)
r9 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r9}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r10 = mq_open(&(0x7f00000004c0)='!\x7f\x00\xca\x00\x00\x00\f\x00\x00\x01E!T\xednux\x02\xc7\x12\xec\xca7\xbc\x1fS\x1c\x05y\x91\xe5\x9aL\xa9u\b\x00\x00\x00\xa0pC\x19\x9b\vY\x186\xa4\xe7\x1eg{`\xfa\xf3n\x8fIj6f\xfb\x13-g\x19(a6\x18\xe24nz\x83w8\xff\xfb\x83\f\x9a\xda\xc5w\x8eo\x02\xa3\xc1\x83\x91\xc6\xfd\x8c\xc4s\x03\x16\xa4+\xce|^\x98K_0\x8a\xb0\xff~\x1e\xd92\xb4r\xd8\xe7', 0x40, 0x0, 0x0)
mq_timedreceive(r10, 0x0, 0xfffffffffffffee3, 0x0, 0x0)

544.863347ms ago: executing program 0 (id=4492):
r0 = syz_io_uring_setup(0x6248, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0xfffffffc, 0x63}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000180)=<r2=>0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000"], 0x48)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
connect$qrtr(0xffffffffffffffff, &(0x7f0000000040)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r4, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r4, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_SEND={0x1a, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

520.400007ms ago: executing program 1 (id=4494):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000540)={{r0}, &(0x7f00000004c0), &(0x7f0000000500)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000380)='sched_switch\x00', r1}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_open_dev$evdev(&(0x7f0000000180), 0x3, 0x88000)
r2 = memfd_secret(0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000580)=[{0xffff, 0x4, 0x7, 0x7fff}]})
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff010000850000000e000000040000005000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
socket(0x10, 0x2, 0x0)
perf_event_open(&(0x7f00000007c0)={0x2, 0x80, 0x66, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0xe}, 0x0, 0x0, 0x0, 0x6, 0x5, 0x0, 0xe2f2}, 0x0, 0xffffffbfffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
r4 = socket(0x10, 0x3, 0x9)
sendmsg$TIPC_CMD_GET_MAX_PORTS(r4, &(0x7f0000000200)={&(0x7f0000000a00), 0xc, &(0x7f0000000ac0)={&(0x7f0000000280)={0x1c, 0x0, 0x20, 0x70bd26, 0x1}, 0x1c}, 0x1, 0x0, 0x0, 0x40814}, 0x0)

520.029317ms ago: executing program 0 (id=4495):
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3e, &(0x7f00000000c0)=0x7, 0x4)
bind$llc(r0, &(0x7f0000000040)={0x1a, 0x0, 0x0, 0x54}, 0x10)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000000), 0xffffff6a)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xffffffff000)

462.377027ms ago: executing program 0 (id=4496):
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000180)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socket$nl_generic(0x10, 0x3, 0x10)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000300), 0x101000, 0x0)
socket$netlink(0x10, 0x3, 0x10)
socket(0xa, 0x2, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
socket$key(0xf, 0x3, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
memfd_create(&(0x7f0000000200)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1d', 0x5)
socket$nl_route(0x10, 0x3, 0x0)
open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
pipe2$9p(&(0x7f0000000140), 0x0)
pipe(&(0x7f0000000100))
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000013c0)=ANY=[@ANYBLOB="640000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009000100766c616e00000000180002800c0002001c0000001f000000060001000000000008000500", @ANYRES32=r5, @ANYBLOB='\b\x00\n\x00', @ANYRES32, @ANYBLOB="0a000100000070"], 0x64}}, 0x0)
r6 = socket(0x2, 0x80805, 0x0)
setsockopt$inet_sctp_SCTP_MAX_BURST(r6, 0x84, 0x23, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r2}, 0x10)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000000240)='asymmetric\x00', &(0x7f00000000c0)=@chain)
add_key$keyring(&(0x7f0000000340), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, r0)

461.917218ms ago: executing program 1 (id=4497):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={0x0, r1}, 0x18)
pipe2(&(0x7f0000001cc0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x800)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@uname={'uname', 0x3d, '\xd0\xae\xde\xc1\xaa \xff\xd8\x1d\x1b\xf8\x93)!|\xb0X\xa3\x96\xed\xa2\xab@\xa2m\x93\xdd\b<\x00t\xdc\xabl\xab!\xae\x16\xc4\xcd\xf9{\xdc5_;A\xd2{eC\x014\\\xb3\xc4\xce\xc3yS2-\x01\xbe\xaarW\x96O\xd3\x0f\xe2\xd7/\x17\x1d\xa7.8\x9f8-\xea<\x8d\x91\x90j\xea\xd5\xd5\xae\xcc\xc0\x97\xef\x10\x92\xea\x98|+\x00\x00\x00\x00\x00\x00\x00\x00'}}]}})

404.129368ms ago: executing program 0 (id=4498):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
flock(0xffffffffffffffff, 0xfb8cbf45da2632e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_open_dev$sg(0x0, 0xc, 0x80080)
timer_create(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180500000000c800000000004b64ffec850000007d000000850000002a0000"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = openat$loop_ctrl(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r4, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)

403.392328ms ago: executing program 1 (id=4499):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="300000001000010000003a194618d96d6d2e8553", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)

370.682168ms ago: executing program 1 (id=4500):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000400)=0x7)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r2, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001500)=ANY=[@ANYBLOB="190000000400000008000000ff"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
connect$unix(r1, &(0x7f0000000640)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
connect$unix(r2, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r5 = fcntl$dupfd(r2, 0x0, r1)
accept4$packet(r5, 0x0, 0x0, 0x80800)

298.495448ms ago: executing program 1 (id=4501):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xffc, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f00000002c0)={&(0x7f0000000000)=""/74, 0x32a000, 0x800}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000084c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020025642532000000000900010073797a30000000000800054000000002"], 0x40c4}}, 0x0)

164.171649ms ago: executing program 1 (id=4502):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYRESOCT=0x0], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x19, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xdc6000, @void, @value}, 0x94)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x1c1541, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYRES64=r0], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xe1, @void, @value}, 0x94)
socket$netlink(0x10, 0x3, 0x400000000000004)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r2, 0x11b, 0x3, &(0x7f00000001c0)=0x100000, 0x4)
writev(r1, &(0x7f00000004c0), 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0)
ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, "ff00f7000000000000000000af88008300"})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB="0000f3ffffffffffffff00"/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
r4 = socket$netlink(0x10, 0x3, 0xe)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000200)={'geneve0\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="3400000010000100"/20, @ANYRES32=r5, @ANYBLOB="00060012808b00010067656e657665000004000280"], 0x34}, 0x1, 0x2}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x15, 0x10, &(0x7f00000004c0)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x2, 0xff3, &(0x7f0000001e00)=""/4083, 0x0, 0x0, '\x00', r5, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x20000, @void, @value}, 0x94)
r6 = syz_open_pts(r3, 0x141601)
r7 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r7}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
write(r6, &(0x7f0000000000)="d5", 0xfffffedf)
ioctl$TCSETSF(r6, 0x5404, &(0x7f0000000080)={0x0, 0xffffffff, 0xfffffffc, 0x0, 0x0, "682341f2fd71a6a76177920ea7e60c0ac7a4a5"})
r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r8, 0xffffffffffffffff, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r9, 0x8914, &(0x7f0000000080))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='ufshcd_command\x00', 0xffffffffffffffff, 0x0, 0x9}, 0x18)
socket$inet_udplite(0x2, 0x2, 0x88)

0s ago: executing program 2 (id=4503):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
epoll_create1(0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000000c0)=ANY=[@ANYRES32=r0], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r1 = syz_open_dev$ptys(0xc, 0x3, 0x0)
ioctl$TCSETAF(r1, 0x5408, &(0x7f0000000040)={0x1, 0xfff9, 0x7fff, 0x9, 0xa, "2f75030632c24ebc"})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
r3 = mq_open(&(0x7f0000001140)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xd3\xa7\xd8J\xfd\x94#KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\xd8\x01YZy\xe6!\x89\x9c\xd1\xa6\x167\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa\xe0\x9d\x97Te\x81\x98L\xfe\x97+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xeb\x84\x99\xc6\x0f\xf1\xd5LD\xa87\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xb4\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*@v\xe7\xd1\xee\xb3\xc2\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xf2\x1e\xcd\v\xe5L\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3~$\xc0\xa5n\x9a W\xb1e\xcc<$\xdf\x15\f]\x15\xf5#G\xce\xaf\x88U\xfa\x80\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v\xb9\xdc\xd6\x87\x8f\xcd\xc1\xb05\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe1:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6\x8b\x18/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f:Z\xb8\xee;\xe3;\x8aPV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\t\x11\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\x8a\x82\x19\xb0\t\xac\x10\\\x8c\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\xca\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xad3\x91\xa5\xe6!\xcd\xa2\xa4\x14\x12\xf9\xbf\xa8b\xcec:\xd7\'\f\f\x957\xc9}\r\xa6\xaa\x0f\xca\x96\xeb', 0x42, 0x0, 0x0)
mq_timedsend(r3, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r3, 0x0, 0x0, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r4}, &(0x7f0000000000), &(0x7f00000003c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = eventfd(0x800a6)
write$eventfd(r5, &(0x7f0000000000)=0xfffffffffffffffb, 0x8)
dup(r5)
mq_unlink(&(0x7f0000000000)='eth0\x00')
close(r3)

kernel console output (not intermixed with test programs):

ogle Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  167.074365][T12418] Call Trace:
[  167.077707][T12418]  <TASK>
[  167.080668][T12418]  dump_stack_lvl+0xf2/0x150
[  167.085320][T12418]  dump_stack+0x15/0x1a
[  167.089621][T12418]  should_fail_ex+0x223/0x230
[  167.094309][T12418]  should_fail_alloc_page+0xfd/0x110
[  167.099615][T12418]  __alloc_pages_noprof+0x109/0x340
[  167.104862][T12418]  alloc_pages_mpol_noprof+0xb1/0x1e0
[  167.110271][T12418]  alloc_pages_noprof+0xe1/0x100
[  167.115267][T12418]  pte_alloc_one+0x31/0x110
[  167.119784][T12418]  ? __rcu_read_unlock+0x4e/0x70
[  167.124733][T12418]  handle_mm_fault+0x10ce/0x2ac0
[  167.129710][T12418]  exc_page_fault+0x296/0x650
[  167.134537][T12418]  ? get_pid_task+0x8e/0xc0
[  167.139045][T12418]  asm_exc_page_fault+0x26/0x30
[  167.143924][T12418] RIP: 0010:strncpy_from_user+0xa8/0x210
[  167.149576][T12418] Code: 66 ff 49 83 fe 07 0f 86 88 00 00 00 31 c0 48 89 04 24 4c 89 6c 24 08 4c 89 e8 4c 89 7c 24 10 4c 89 fd 4c 89 74 24 18 4d 89 f4 <4c> 8b 38 49 89 c5 48 b8 ff fe fe fe fe fe fe fe 49 8d 1c 07 4d 89
[  167.169190][T12418] RSP: 0018:ffffc9000b4c7e60 EFLAGS: 00050246
[  167.175274][T12418] RAX: 0000000020000040 RBX: 0000000020000040 RCX: ffff888119069080
[  167.183252][T12418] RDX: 0000000000000000 RSI: 0000000000000fe0 RDI: 0000000000000007
[  167.191261][T12418] RBP: ffff888101402020 R08: ffffffff81cc8a70 R09: 0000000000000000
[  167.199246][T12418] R10: 0001ffffffffffff R11: ffff888119069080 R12: 0000000000000fe0
[  167.207219][T12418] R13: 0000000020000040 R14: 0000000000000fe0 R15: ffff888101402020
[  167.215238][T12418]  ? strncpy_from_user+0x80/0x210
[  167.220370][T12418]  getname_flags+0xb0/0x3b0
[  167.224939][T12418]  __x64_sys_mknodat+0x50/0x70
[  167.229732][T12418]  x64_sys_call+0x27de/0x2dc0
[  167.234437][T12418]  do_syscall_64+0xc9/0x1c0
[  167.239018][T12418]  ? clear_bhb_loop+0x55/0xb0
[  167.243697][T12418]  ? clear_bhb_loop+0x55/0xb0
[  167.248415][T12418]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.254360][T12418] RIP: 0033:0x7fd38d25ff19
[  167.258849][T12418] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  167.278540][T12418] RSP: 002b:00007fd38b8d7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000103
[  167.287234][T12418] RAX: ffffffffffffffda RBX: 00007fd38d425fa0 RCX: 00007fd38d25ff19
[  167.295224][T12418] RDX: b0a54e68b1cd2fdb RSI: 0000000020000040 RDI: ffffffffffffffff
[  167.303226][T12418] RBP: 00007fd38b8d70a0 R08: 0000000000000000 R09: 0000000000000000
[  167.311211][T12418] R10: 0000000000000103 R11: 0000000000000246 R12: 0000000000000001
[  167.319204][T12418] R13: 0000000000000000 R14: 00007fd38d425fa0 R15: 00007ffd97722de8
[  167.327293][T12418]  </TASK>
[  167.343802][ T1035] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  167.454258][T12439] 9pnet_fd: Insufficient options for proto=fd
[  167.560897][T12449] 9pnet_fd: Insufficient options for proto=fd
[  167.584890][T12451] 9pnet_fd: Insufficient options for proto=fd
[  167.628880][T12455] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3562'.
[  167.640042][T12457] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3563'.
[  167.655443][T12455] netlink: 52 bytes leftover after parsing attributes in process `syz.3.3562'.
[  167.800904][T12472] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3569'.
[  168.360913][T12478] 9pnet_fd: Insufficient options for proto=fd
[  168.456295][T12402] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  168.467404][T12402] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  168.478621][T12402] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  168.489522][T12402] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  168.582033][T12489] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3575'.
[  168.632295][ T1571] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  168.688088][T12497] loop3: detected capacity change from 0 to 1024
[  168.695291][T12497] /dev/loop3: Can't open blockdev
[  168.850530][T12516] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3587'.
[  168.882266][   T29] kauditd_printk_skb: 1299 callbacks suppressed
[  168.882285][   T29] audit: type=1326 audit(1733314549.197:24019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12518 comm="syz.0.3588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b035fff19 code=0x7ffc0000
[  168.912705][   T29] audit: type=1326 audit(1733314549.197:24020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12518 comm="syz.0.3588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b035fff19 code=0x7ffc0000
[  168.936509][   T29] audit: type=1326 audit(1733314549.197:24021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12518 comm="syz.0.3588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5b035fff19 code=0x7ffc0000
[  168.960191][   T29] audit: type=1326 audit(1733314549.197:24022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12518 comm="syz.0.3588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b035fff19 code=0x7ffc0000
[  168.983947][   T29] audit: type=1326 audit(1733314549.197:24023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12518 comm="syz.0.3588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f5b035fff19 code=0x7ffc0000
[  169.007511][   T29] audit: type=1326 audit(1733314549.197:24024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12518 comm="syz.0.3588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b035fff19 code=0x7ffc0000
[  169.031177][   T29] audit: type=1326 audit(1733314549.197:24025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12518 comm="syz.0.3588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f5b035fff19 code=0x7ffc0000
[  169.054811][   T29] audit: type=1326 audit(1733314549.197:24026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12518 comm="syz.0.3588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b035fff19 code=0x7ffc0000
[  169.078409][   T29] audit: type=1326 audit(1733314549.197:24027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12518 comm="syz.0.3588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5b035fff19 code=0x7ffc0000
[  169.102144][   T29] audit: type=1326 audit(1733314549.197:24028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12518 comm="syz.0.3588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b035fff19 code=0x7ffc0000
[  169.234017][T12523] IPv6: Can't replace route, no match found
[  169.249857][T12523] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  169.589526][T12557] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  169.663063][T12557] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  169.743172][T12557] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  169.806928][T12574] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  169.836225][T12576] random: crng reseeded on system resumption
[  169.844489][T12557] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  169.875726][T12574] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  169.919754][T12557] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  169.933771][T12557] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  169.945136][T12557] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  169.954532][T12574] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  169.968110][T12557] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  170.002980][T12574] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  170.003451][T12580] loop3: detected capacity change from 0 to 1024
[  170.019993][T12580] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  170.032813][T12580] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.3613: Invalid block bitmap block 0 in block_group 0
[  170.046540][T12580] EXT4-fs error (device loop3): ext4_acquire_dquot:6938: comm syz.3.3613: Failed to acquire dquot type 0
[  170.058396][T12580] EXT4-fs error (device loop3): ext4_free_blocks:6589: comm syz.3.3613: Freeing blocks not in datazone - block = 0, count = 4096
[  170.072064][T12580] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.3613: Invalid inode bitmap blk 0 in block_group 0
[  170.084948][T12580] EXT4-fs error (device loop3) in ext4_free_inode:361: Corrupt filesystem
[  170.091363][ T1716] EXT4-fs error (device loop3): ext4_release_dquot:6961: comm kworker/u8:6: Failed to release dquot type 0
[  170.095782][T12580] EXT4-fs (loop3): 1 orphan inode deleted
[  170.111151][T12580] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  170.150341][T10757] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.159567][ T1571] EXT4-fs error (device loop3): ext4_release_dquot:6961: comm kworker/u8:5: Failed to release dquot type 0
[  170.667270][T12607] Process accounting resumed
[  170.920078][T12616] bridge0: port 2(bridge_slave_1) entered disabled state
[  170.927407][T12616] bridge0: port 1(bridge_slave_0) entered disabled state
[  171.003107][T12616] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  171.017922][T12616] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  171.055758][T12616] netdevsim netdevsim1 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  171.064270][T12616] netdevsim netdevsim1 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  171.073006][T12616] netdevsim netdevsim1 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  171.081737][T12616] netdevsim netdevsim1 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  171.194728][   T11] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  171.728423][ T3373] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  171.736021][ T3373] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  171.743533][ T3373] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  171.750937][ T3373] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  171.758389][ T3373] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  171.765884][ T3373] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  171.773417][ T3373] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  171.780929][ T3373] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  171.788385][ T3373] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  171.795847][ T3373] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  171.803281][ T3373] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  171.810704][ T3373] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  171.818291][ T3373] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  171.826007][ T3373] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  171.833652][ T3373] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  171.841073][ T3373] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  171.848564][ T3373] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  171.855988][ T3373] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  171.863461][ T3373] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  171.870874][ T3373] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  171.878305][ T3373] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  171.885723][ T3373] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  171.893179][ T3373] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  171.900626][ T3373] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  171.908076][ T3373] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  171.915587][ T3373] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  171.923080][ T3373] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  171.930486][ T3373] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  171.937985][ T3373] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  171.945410][ T3373] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  171.952918][ T3373] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  171.960341][ T3373] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  171.967781][ T3373] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  171.975259][ T3373] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  171.982774][ T3373] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  171.990178][ T3373] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  171.997732][ T3373] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  172.005144][ T3373] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  172.012574][ T3373] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  172.019983][ T3373] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  172.027446][ T3373] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  172.034872][ T3373] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  172.042341][ T3373] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  172.050719][ T3373] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  172.156591][T12656] FAULT_INJECTION: forcing a failure.
[  172.156591][T12656] name failslab, interval 1, probability 0, space 0, times 0
[  172.169381][T12656] CPU: 0 UID: 0 PID: 12656 Comm: syz.4.3632 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[  172.180336][T12656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  172.190487][T12656] Call Trace:
[  172.193781][T12656]  <TASK>
[  172.196753][T12656]  dump_stack_lvl+0xf2/0x150
[  172.201400][T12656]  dump_stack+0x15/0x1a
[  172.205617][T12656]  should_fail_ex+0x223/0x230
[  172.210354][T12656]  should_failslab+0x8f/0xb0
[  172.215041][T12656]  kmem_cache_alloc_noprof+0x52/0x320
[  172.220435][T12656]  ? audit_log_start+0x34c/0x6b0
[  172.225505][T12656]  audit_log_start+0x34c/0x6b0
[  172.230371][T12656]  audit_seccomp+0x4b/0x130
[  172.234940][T12656]  __seccomp_filter+0x6fa/0x1180
[  172.239988][T12656]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  172.245708][T12656]  ? vfs_write+0x596/0x920
[  172.250234][T12656]  ? __schedule+0x6fa/0x930
[  172.254761][T12656]  __secure_computing+0x9f/0x1c0
[  172.259775][T12656]  syscall_trace_enter+0xd1/0x1f0
[  172.264987][T12656]  do_syscall_64+0xaa/0x1c0
[  172.269525][T12656]  ? clear_bhb_loop+0x55/0xb0
[  172.274223][T12656]  ? clear_bhb_loop+0x55/0xb0
[  172.279006][T12656]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  172.284989][T12656] RIP: 0033:0x7f2ae5e6ff19
[  172.289434][T12656] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  172.309074][T12656] RSP: 002b:00007f2ae44e7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000125
[  172.317525][T12656] RAX: ffffffffffffffda RBX: 00007f2ae6035fa0 RCX: 00007f2ae5e6ff19
[  172.325592][T12656] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000140
[  172.333702][T12656] RBP: 00007f2ae44e70a0 R08: 0000000000000000 R09: 0000000000000000
[  172.341697][T12656] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  172.350909][T12656] R13: 0000000000000000 R14: 00007f2ae6035fa0 R15: 00007ffc9934d558
[  172.358910][T12656]  </TASK>
[  172.362476][T12659] __nla_validate_parse: 4 callbacks suppressed
[  172.362494][T12659] netlink: 133492 bytes leftover after parsing attributes in process `syz.1.3634'.
[  172.387929][T12662] 9pnet_fd: Insufficient options for proto=fd
[  172.485256][T12667] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  172.494304][T12667] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  172.783186][T12674] netlink: 133492 bytes leftover after parsing attributes in process `syz.2.3639'.
[  173.129052][T12574] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  173.140339][T12574] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  173.151679][T12574] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  173.163039][T12574] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  173.192009][T12679] block device autoloading is deprecated and will be removed.
[  173.893298][   T29] kauditd_printk_skb: 1267 callbacks suppressed
[  173.893371][   T29] audit: type=1326 audit(1733314554.207:25288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12682 comm="syz.3.3642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f10ef246ee7 code=0x7ffc0000
[  173.923444][   T29] audit: type=1326 audit(1733314554.207:25289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12682 comm="syz.3.3642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f10ef1ec129 code=0x7ffc0000
[  173.947041][   T29] audit: type=1326 audit(1733314554.207:25290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12682 comm="syz.3.3642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=243 compat=0 ip=0x7f10ef24ff19 code=0x7ffc0000
[  173.976005][   T29] audit: type=1326 audit(1733314554.277:25291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12682 comm="syz.3.3642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f10ef246ee7 code=0x7ffc0000
[  173.999818][   T29] audit: type=1326 audit(1733314554.277:25292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12682 comm="syz.3.3642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f10ef1ec129 code=0x7ffc0000
[  174.023349][   T29] audit: type=1326 audit(1733314554.277:25293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12682 comm="syz.3.3642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=243 compat=0 ip=0x7f10ef24ff19 code=0x7ffc0000
[  174.047146][   T29] audit: type=1326 audit(1733314554.287:25294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12682 comm="syz.3.3642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f10ef246ee7 code=0x7ffc0000
[  174.070705][   T29] audit: type=1326 audit(1733314554.287:25295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12682 comm="syz.3.3642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f10ef1ec129 code=0x7ffc0000
[  174.094347][   T29] audit: type=1326 audit(1733314554.287:25296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12682 comm="syz.3.3642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=243 compat=0 ip=0x7f10ef24ff19 code=0x7ffc0000
[  174.161919][   T29] audit: type=1326 audit(1733314554.287:25297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12682 comm="syz.3.3642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f10ef246ee7 code=0x7ffc0000
[  174.222558][T12703] loop3: detected capacity change from 0 to 1024
[  174.248652][T12705] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.266596][T12703] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  174.284264][T12703] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  174.313147][T12703] EXT4-fs error (device loop3): ext4_get_journal_inode:5809: inode #32: comm syz.3.3650: iget: special inode unallocated
[  174.328843][T12705] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.341139][T12703] EXT4-fs (loop3): no journal found
[  174.346459][T12703] EXT4-fs (loop3): can't get journal size
[  174.363388][T12703] EXT4-fs error (device loop3): ext4_protect_reserved_inode:160: inode #32: comm syz.3.3650: iget: special inode unallocated
[  174.382530][   T11] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  174.393691][T12703] EXT4-fs (loop3): failed to initialize system zone (-117)
[  174.401071][T12703] EXT4-fs (loop3): mount failed
[  174.428453][T12703] loop3: detected capacity change from 0 to 512
[  174.436973][T12705] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.453438][T12703] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  174.461670][T12703] EXT4-fs (loop3): orphan cleanup on readonly fs
[  174.478149][T12703] EXT4-fs warning (device loop3): ext4_enable_quotas:7156: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  174.524101][T12705] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.563020][T12703] EXT4-fs (loop3): Cannot turn on quotas: error -117
[  174.570058][T12703] EXT4-fs error (device loop3): ext4_orphan_get:1389: inode #16: comm syz.3.3650: iget: immutable or append flags not allowed on symlinks
[  174.586411][T12703] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.3650: couldn't read orphan inode 16 (err -117)
[  174.600209][T12703] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  174.626020][T12703] random: crng reseeded on system resumption
[  174.760881][T12703] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3650'.
[  175.292651][T10757] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  175.458949][T12740] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.490387][T12742] loop3: detected capacity change from 0 to 1024
[  175.503321][T12742] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  175.517416][T12740] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.544387][T10757] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  175.614821][T12740] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.673087][T12740] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.749671][T12740] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  175.763587][T12740] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  175.774811][T12740] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  175.786824][T12740] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  175.916789][T12754] loop3: detected capacity change from 0 to 256
[  175.927983][T12767] FAULT_INJECTION: forcing a failure.
[  175.927983][T12767] name failslab, interval 1, probability 0, space 0, times 0
[  175.940800][T12767] CPU: 0 UID: 0 PID: 12767 Comm: syz.4.3674 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[  175.951628][T12767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  175.961742][T12767] Call Trace:
[  175.965112][T12767]  <TASK>
[  175.968055][T12767]  dump_stack_lvl+0xf2/0x150
[  175.972757][T12767]  dump_stack+0x15/0x1a
[  175.976972][T12767]  should_fail_ex+0x223/0x230
[  175.981689][T12767]  should_failslab+0x8f/0xb0
[  175.986302][T12767]  kmem_cache_alloc_node_noprof+0x59/0x320
[  175.992168][T12767]  ? __alloc_skb+0x10b/0x310
[  175.996794][T12767]  __alloc_skb+0x10b/0x310
[  176.001240][T12767]  tcp_stream_alloc_skb+0x2f/0x1e0
[  176.006447][T12767]  tcp_sendmsg_locked+0x92f/0x2710
[  176.011665][T12767]  ? __rcu_read_unlock+0x4e/0x70
[  176.016645][T12767]  ? __pfx_tcp_sendmsg+0x10/0x10
[  176.021625][T12767]  tcp_sendmsg+0x30/0x50
[  176.025883][T12767]  inet_sendmsg+0x77/0xd0
[  176.030279][T12767]  __sock_sendmsg+0x102/0x180
[  176.035032][T12767]  __sys_sendto+0x1a8/0x230
[  176.039550][T12767]  __x64_sys_sendto+0x78/0x90
[  176.044297][T12767]  x64_sys_call+0x29fa/0x2dc0
[  176.049012][T12767]  do_syscall_64+0xc9/0x1c0
[  176.053591][T12767]  ? clear_bhb_loop+0x55/0xb0
[  176.058278][T12767]  ? clear_bhb_loop+0x55/0xb0
[  176.063003][T12767]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  176.068967][T12767] RIP: 0033:0x7f2ae5e6ff19
[  176.073394][T12767] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  176.093060][T12767] RSP: 002b:00007f2ae44e7058 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  176.101485][T12767] RAX: ffffffffffffffda RBX: 00007f2ae6035fa0 RCX: 00007f2ae5e6ff19
[  176.109539][T12767] RDX: 00000000000109e8 RSI: 00000000200004c0 RDI: 0000000000000005
[  176.117521][T12767] RBP: 00007f2ae44e70a0 R08: 0000000000000000 R09: 0000000000000006
[  176.125498][T12767] R10: 0000000000000805 R11: 0000000000000246 R12: 0000000000000001
[  176.133479][T12767] R13: 0000000000000000 R14: 00007f2ae6035fa0 R15: 00007ffc9934d558
[  176.141470][T12767]  </TASK>
[  176.150016][T12754] FAT-fs (loop3): Directory bread(block 64) failed
[  176.157339][T12754] FAT-fs (loop3): Directory bread(block 65) failed
[  176.164035][T12754] FAT-fs (loop3): Directory bread(block 66) failed
[  176.171669][T12754] FAT-fs (loop3): Directory bread(block 67) failed
[  176.182720][T12754] FAT-fs (loop3): Directory bread(block 68) failed
[  176.189478][T12754] FAT-fs (loop3): Directory bread(block 69) failed
[  176.196189][T12754] FAT-fs (loop3): Directory bread(block 70) failed
[  176.202933][T12754] FAT-fs (loop3): Directory bread(block 71) failed
[  176.209752][T12754] FAT-fs (loop3): Directory bread(block 72) failed
[  176.216528][T12754] FAT-fs (loop3): Directory bread(block 73) failed
[  176.510017][T12796] 9pnet_fd: Insufficient options for proto=fd
[  176.915581][   T54] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  176.950451][   T11] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  176.996285][   T54] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.071011][   T54] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.148426][T12824] chnl_net:caif_netlink_parms(): no params data found
[  177.159256][   T54] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.207199][T12824] bridge0: port 1(bridge_slave_0) entered blocking state
[  177.214541][T12824] bridge0: port 1(bridge_slave_0) entered disabled state
[  177.223813][T12824] bridge_slave_0: entered allmulticast mode
[  177.230573][T12824] bridge_slave_0: entered promiscuous mode
[  177.237887][T12824] bridge0: port 2(bridge_slave_1) entered blocking state
[  177.245139][T12824] bridge0: port 2(bridge_slave_1) entered disabled state
[  177.255158][T12824] bridge_slave_1: entered allmulticast mode
[  177.261851][T12824] bridge_slave_1: entered promiscuous mode
[  177.291370][   T54] bridge_slave_1: left allmulticast mode
[  177.297091][   T54] bridge_slave_1: left promiscuous mode
[  177.302920][   T54] bridge0: port 2(bridge_slave_1) entered disabled state
[  177.313686][   T54] bridge_slave_0: left allmulticast mode
[  177.319388][   T54] bridge_slave_0: left promiscuous mode
[  177.325270][   T54] bridge0: port 1(bridge_slave_0) entered disabled state
[  177.414799][   T54] @ (unregistering): (slave bond_slave_0): Releasing backup interface
[  177.424506][   T54] @ (unregistering): (slave bond_slave_1): Releasing backup interface
[  177.434074][   T54] @ (unregistering): Released all slaves
[  177.442232][   T54] bond0 (unregistering): Released all slaves
[  177.448934][T12844] random: crng reseeded on system resumption
[  177.450786][   T54] bond1 (unregistering): Released all slaves
[  177.529706][T12824] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  177.545106][   T54] hsr_slave_0: left promiscuous mode
[  177.551306][   T54] hsr_slave_1: left promiscuous mode
[  177.557348][T12843] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3703'.
[  177.557507][   T54] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  177.573936][   T54] batman_adv: batadv0: Removing interface: batadv_slave_0
[  177.582567][   T54] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  177.589987][   T54] batman_adv: batadv0: Removing interface: batadv_slave_1
[  177.599749][   T54] veth1_macvtap: left promiscuous mode
[  177.605413][   T54] veth0_macvtap: left promiscuous mode
[  177.610937][   T54] veth1_vlan: left promiscuous mode
[  177.616208][   T54] veth0_vlan: left promiscuous mode
[  177.687135][   T54] team0 (unregistering): Port device team_slave_1 removed
[  177.696828][   T54] team0 (unregistering): Port device team_slave_0 removed
[  177.730633][T12705] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  177.745121][T12705] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  177.759236][T12824] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  177.776589][T12705] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  177.798800][T12824] team0: Port device team_slave_0 added
[  177.821127][T12852] syzkaller0: entered promiscuous mode
[  177.826828][T12852] syzkaller0: entered allmulticast mode
[  177.835266][T12705] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  177.844361][T12824] team0: Port device team_slave_1 added
[  177.873897][T12824] batman_adv: batadv0: Adding interface: batadv_slave_0
[  177.880945][T12824] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  177.907232][T12824] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  177.930942][T12824] batman_adv: batadv0: Adding interface: batadv_slave_1
[  177.938485][T12824] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  177.964456][T12824] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  177.997770][T12824] hsr_slave_0: entered promiscuous mode
[  178.018088][T12824] hsr_slave_1: entered promiscuous mode
[  178.024102][T12824] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  178.032195][T12824] Cannot create hsr debugfs directory
[  178.127047][T12881] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3714'.
[  178.142474][T12824] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  178.166119][T12824] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  178.180040][T12824] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  178.190228][T12824] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  178.228941][T12824] 8021q: adding VLAN 0 to HW filter on device bond0
[  178.244572][T12824] 8021q: adding VLAN 0 to HW filter on device team0
[  178.256471][   T28] bridge0: port 1(bridge_slave_0) entered blocking state
[  178.263588][   T28] bridge0: port 1(bridge_slave_0) entered forwarding state
[  178.277193][   T28] bridge0: port 2(bridge_slave_1) entered blocking state
[  178.284308][   T28] bridge0: port 2(bridge_slave_1) entered forwarding state
[  178.295028][T12891] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.322770][T12824] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  178.333238][T12824] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  178.379570][T12891] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.422909][T12824] 8021q: adding VLAN 0 to HW filter on device batadv0
[  178.437027][T12891] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.485575][T12891] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.540950][T12891] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  178.555768][T12891] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  178.574259][T12891] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  178.586427][T12925] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3727'.
[  178.594957][T12824] veth0_vlan: entered promiscuous mode
[  178.605787][T12824] veth1_vlan: entered promiscuous mode
[  178.615270][T12891] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  178.643870][T12824] veth0_macvtap: entered promiscuous mode
[  178.658510][T12824] veth1_macvtap: entered promiscuous mode
[  178.681001][T12824] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  178.691640][T12824] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.701586][T12824] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  178.712314][T12824] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.722329][T12824] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  178.732903][T12824] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.742795][T12824] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  178.753356][T12824] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.763981][T12824] batman_adv: batadv0: Interface activated: batadv_slave_0
[  178.772467][T12824] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.783283][T12824] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.793280][T12824] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.803758][T12824] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.813857][T12824] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.824471][T12824] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.834426][T12824] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.844880][T12824] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.856324][T12824] batman_adv: batadv0: Interface activated: batadv_slave_1
[  178.871190][T12824] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  178.880260][T12824] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  178.889089][T12824] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  178.897887][T12824] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  178.909193][   T29] kauditd_printk_skb: 1111 callbacks suppressed
[  178.909209][   T29] audit: type=1326 audit(1733314559.217:26408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12875 comm="syz.4.3713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f2ae5e66ee7 code=0x7ffc0000
[  178.939206][   T29] audit: type=1326 audit(1733314559.217:26409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12875 comm="syz.4.3713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2ae5e0c129 code=0x7ffc0000
[  178.962937][   T29] audit: type=1326 audit(1733314559.217:26410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12875 comm="syz.4.3713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=243 compat=0 ip=0x7f2ae5e6ff19 code=0x7ffc0000
[  178.981837][T12944] block device autoloading is deprecated and will be removed.
[  178.987506][   T29] audit: type=1326 audit(1733314559.257:26411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12875 comm="syz.4.3713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f2ae5e66ee7 code=0x7ffc0000
[  179.000404][T12944] syz.2.3734: attempt to access beyond end of device
[  179.000404][T12944] md34: rw=2048, sector=0, nr_sectors = 8 limit=0
[  179.017703][   T29] audit: type=1326 audit(1733314559.257:26412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12875 comm="syz.4.3713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2ae5e0c129 code=0x7ffc0000
[  179.054583][   T29] audit: type=1326 audit(1733314559.257:26413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12875 comm="syz.4.3713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=243 compat=0 ip=0x7f2ae5e6ff19 code=0x7ffc0000
[  179.078322][   T29] audit: type=1326 audit(1733314559.267:26414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12895 comm="syz.0.3722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5b035f6ee7 code=0x7ffc0000
[  179.101857][   T29] audit: type=1326 audit(1733314559.267:26415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12895 comm="syz.0.3722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5b0359c129 code=0x7ffc0000
[  179.125395][   T29] audit: type=1326 audit(1733314559.267:26416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12895 comm="syz.0.3722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=243 compat=0 ip=0x7f5b035fff19 code=0x7ffc0000
[  179.149055][   T29] audit: type=1326 audit(1733314559.267:26417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12875 comm="syz.4.3713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f2ae5e66ee7 code=0x7ffc0000
[  179.225554][T12953] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  179.247016][T12953] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  179.364480][T12978] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  179.412679][T12978] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  179.463265][T12978] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  179.522887][T12978] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  179.814579][T13000] loop5: detected capacity change from 0 to 1024
[  179.824427][T13000] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  179.837030][T13000] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.3756: Invalid block bitmap block 0 in block_group 0
[  179.850845][T13000] EXT4-fs error (device loop5): ext4_acquire_dquot:6938: comm syz.5.3756: Failed to acquire dquot type 0
[  179.862632][T13000] EXT4-fs error (device loop5): ext4_free_blocks:6589: comm syz.5.3756: Freeing blocks not in datazone - block = 0, count = 4096
[  179.876781][T13000] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm syz.5.3756: Invalid inode bitmap blk 0 in block_group 0
[  179.889730][   T11] EXT4-fs error (device loop5): ext4_release_dquot:6961: comm kworker/u8:0: Failed to release dquot type 0
[  179.890188][T13000] EXT4-fs error (device loop5) in ext4_free_inode:361: Corrupt filesystem
[  179.917322][T13000] EXT4-fs (loop5): 1 orphan inode deleted
[  179.917868][T13009] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3758'.
[  179.923899][T13000] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  179.932267][T13009] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3758'.
[  179.954190][T13009] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3758'.
[  179.990378][T12824] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  180.001883][ T1571] EXT4-fs error (device loop5): ext4_release_dquot:6961: comm kworker/u8:5: Failed to release dquot type 0
[  180.031251][T13020] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3761'.
[  180.075446][T13022] random: crng reseeded on system resumption
[  180.141520][ T1571] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  180.152072][T13022] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3762'.
[  180.185495][T13029] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3764'.
[  180.395390][T13038] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  180.403948][T13038] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  181.142533][T13058] block device autoloading is deprecated and will be removed.
[  181.343468][T13067] loop5: detected capacity change from 0 to 1024
[  181.372958][T13067] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  181.399167][T12824] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  181.565947][T13073] netlink: 133492 bytes leftover after parsing attributes in process `syz.5.3778'.
[  181.675273][T13081] loop5: detected capacity change from 0 to 1024
[  181.682376][T13081] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  181.696440][T13081] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.3781: Invalid block bitmap block 0 in block_group 0
[  181.710274][T13081] EXT4-fs error (device loop5): ext4_acquire_dquot:6938: comm syz.5.3781: Failed to acquire dquot type 0
[  181.723817][T13081] EXT4-fs error (device loop5): ext4_free_blocks:6589: comm syz.5.3781: Freeing blocks not in datazone - block = 0, count = 4096
[  181.739695][T13081] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm syz.5.3781: Invalid inode bitmap blk 0 in block_group 0
[  181.752603][ T1716] EXT4-fs error (device loop5): ext4_release_dquot:6961: comm kworker/u8:6: Failed to release dquot type 0
[  181.766019][T13081] EXT4-fs error (device loop5) in ext4_free_inode:361: Corrupt filesystem
[  181.781171][T13081] EXT4-fs (loop5): 1 orphan inode deleted
[  181.787450][T13081] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  181.845144][T12824] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  181.860529][ T1571] EXT4-fs error (device loop5): ext4_release_dquot:6961: comm kworker/u8:5: Failed to release dquot type 0
[  181.997637][T13111] syz.5.3790[13111] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  181.997738][T13111] syz.5.3790[13111] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  182.009565][T13111] syz.5.3790[13111] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  182.097178][T13114] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=13114 comm=syz.0.3792
[  182.536659][T12978] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  182.548668][T12978] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  182.559779][T12978] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  182.571130][T12978] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  182.704168][ T1571] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  182.797803][T13158] loop5: detected capacity change from 0 to 1024
[  182.805672][T13158] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  182.817355][T13158] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  182.828098][T13158] EXT4-fs error (device loop5): ext4_get_journal_inode:5809: inode #32: comm syz.5.3810: iget: special inode unallocated
[  182.861602][T13158] EXT4-fs (loop5): no journal found
[  182.866877][T13158] EXT4-fs (loop5): can't get journal size
[  182.885089][T13158] EXT4-fs error (device loop5): ext4_protect_reserved_inode:160: inode #32: comm syz.5.3810: iget: special inode unallocated
[  182.904442][T13158] EXT4-fs (loop5): failed to initialize system zone (-117)
[  182.916122][T13158] EXT4-fs (loop5): mount failed
[  182.933056][T13158] loop5: detected capacity change from 0 to 512
[  182.941869][T13158] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  182.949994][T13158] EXT4-fs (loop5): orphan cleanup on readonly fs
[  182.961600][T13158] EXT4-fs warning (device loop5): ext4_enable_quotas:7156: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  182.983619][T13158] EXT4-fs (loop5): Cannot turn on quotas: error -117
[  182.993693][T13158] EXT4-fs error (device loop5): ext4_orphan_get:1389: inode #16: comm syz.5.3810: iget: immutable or append flags not allowed on symlinks
[  183.008518][T13158] EXT4-fs error (device loop5): ext4_orphan_get:1394: comm syz.5.3810: couldn't read orphan inode 16 (err -117)
[  183.021450][T13158] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  183.038468][T13158] random: crng reseeded on system resumption
[  183.118578][T13158] __nla_validate_parse: 5 callbacks suppressed
[  183.118593][T13158] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3810'.
[  183.149102][T13186] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3820'.
[  183.651609][T12824] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.714858][T13244] loop5: detected capacity change from 0 to 2048
[  183.732762][T13244] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  183.764984][T12824] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.789444][T13254] FAULT_INJECTION: forcing a failure.
[  183.789444][T13254] name fail_futex, interval 1, probability 0, space 0, times 1
[  183.802565][T13254] CPU: 1 UID: 0 PID: 13254 Comm: syz.5.3832 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[  183.813369][T13254] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  183.823509][T13254] Call Trace:
[  183.826825][T13254]  <TASK>
[  183.829774][T13254]  dump_stack_lvl+0xf2/0x150
[  183.834453][T13254]  dump_stack+0x15/0x1a
[  183.838722][T13254]  should_fail_ex+0x223/0x230
[  183.843406][T13254]  should_fail+0xb/0x10
[  183.847593][T13254]  get_futex_key+0x4f4/0x740
[  183.852277][T13254]  futex_wait_requeue_pi+0x16d/0x6d0
[  183.857573][T13254]  ? __pfx_futex_wake_mark+0x10/0x10
[  183.862885][T13254]  do_futex+0x146/0x370
[  183.867072][T13254]  __se_sys_futex+0x25d/0x3a0
[  183.871798][T13254]  __x64_sys_futex+0x78/0x90
[  183.876506][T13254]  x64_sys_call+0x2d6a/0x2dc0
[  183.881302][T13254]  do_syscall_64+0xc9/0x1c0
[  183.885877][T13254]  ? clear_bhb_loop+0x55/0xb0
[  183.890555][T13254]  ? clear_bhb_loop+0x55/0xb0
[  183.895252][T13254]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.901278][T13254] RIP: 0033:0x7eff2da3ff19
[  183.905725][T13254] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  183.925464][T13254] RSP: 002b:00007eff2c0b7058 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  183.933966][T13254] RAX: ffffffffffffffda RBX: 00007eff2dc05fa0 RCX: 00007eff2da3ff19
[  183.941974][T13254] RDX: 0000000000000004 RSI: 000000000000010b RDI: 000000002000cffc
[  183.950024][T13254] RBP: 00007eff2c0b70a0 R08: 0000000020048000 R09: 0000000000000000
[  183.958028][T13254] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  183.966008][T13254] R13: 0000000000000000 R14: 00007eff2dc05fa0 R15: 00007ffeffdbdfc8
[  183.974256][T13254]  </TASK>
[  183.978574][   T29] kauditd_printk_skb: 2029 callbacks suppressed
[  183.978612][   T29] audit: type=1326 audit(1733314564.287:28438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13253 comm="syz.5.3832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7eff2da3e92c code=0x7ffc0000
[  184.009168][   T29] audit: type=1326 audit(1733314564.287:28439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13253 comm="syz.5.3832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7eff2da3e9cf code=0x7ffc0000
[  184.033222][   T29] audit: type=1326 audit(1733314564.287:28440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13253 comm="syz.5.3832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7eff2da3eb7a code=0x7ffc0000
[  184.056781][   T29] audit: type=1326 audit(1733314564.287:28441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13253 comm="syz.5.3832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff2da3ff19 code=0x7ffc0000
[  184.080667][   T29] audit: type=1326 audit(1733314564.287:28442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13253 comm="syz.5.3832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff2da3ff19 code=0x7ffc0000
[  184.104408][   T29] audit: type=1326 audit(1733314564.287:28443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13253 comm="syz.5.3832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7eff2da3ff19 code=0x7ffc0000
[  184.128061][   T29] audit: type=1326 audit(1733314564.287:28444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13253 comm="syz.5.3832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff2da3ff19 code=0x7ffc0000
[  184.152362][   T29] audit: type=1326 audit(1733314564.287:28445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13253 comm="syz.5.3832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7eff2da3ff19 code=0x7ffc0000
[  184.175974][   T29] audit: type=1326 audit(1733314564.287:28446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13253 comm="syz.5.3832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff2da3ff19 code=0x7ffc0000
[  184.180245][T13259] syz.5.3834 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  184.199697][   T29] audit: type=1326 audit(1733314564.287:28447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13253 comm="syz.5.3832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=77 compat=0 ip=0x7eff2da3ff19 code=0x7ffc0000
[  184.249427][T13259] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3834'.
[  184.258592][T13259] netlink: 'syz.5.3834': attribute type 7 has an invalid length.
[  184.266384][T13259] netlink: 'syz.5.3834': attribute type 8 has an invalid length.
[  184.274164][T13259] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3834'.
[  184.322431][T13275] @: left allmulticast mode
[  184.326990][T13275] bond_slave_0: left allmulticast mode
[  184.332510][T13275] bond_slave_1: left allmulticast mode
[  184.338089][T13275] @: left promiscuous mode
[  184.342586][T13275] bond_slave_0: left promiscuous mode
[  184.348138][T13275] bond_slave_1: left promiscuous mode
[  184.353818][T13275] bridge0: port 3(@) entered disabled state
[  184.370942][T13282] FAULT_INJECTION: forcing a failure.
[  184.370942][T13282] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  184.384371][T13282] CPU: 1 UID: 0 PID: 13282 Comm: syz.4.3838 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[  184.390385][T13275] bridge_slave_0: left allmulticast mode
[  184.395670][T13282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  184.395693][T13282] Call Trace:
[  184.395702][T13282]  <TASK>
[  184.401404][T13275] bridge_slave_0: left promiscuous mode
[  184.411398][T13282]  dump_stack_lvl+0xf2/0x150
[  184.414953][T13275] bridge0: port 1(bridge_slave_0) entered disabled state
[  184.417667][T13282]  dump_stack+0x15/0x1a
[  184.439123][T13282]  should_fail_ex+0x223/0x230
[  184.443909][T13282]  should_fail+0xb/0x10
[  184.448097][T13282]  should_fail_usercopy+0x1a/0x20
[  184.453183][T13282]  _copy_from_iter+0xd5/0xd00
[  184.457889][T13282]  ? __rcu_read_unlock+0x4e/0x70
[  184.462876][T13282]  ? mntput_no_expire+0x70/0x3c0
[  184.467850][T13282]  copy_page_from_iter+0x14f/0x280
[  184.472985][T13282]  tun_get_user+0x686/0x25b0
[  184.477611][T13282]  ? _parse_integer+0x27/0x30
[  184.482332][T13282]  ? ref_tracker_alloc+0x1f5/0x2f0
[  184.487463][T13282]  tun_chr_write_iter+0x188/0x240
[  184.492537][T13282]  vfs_write+0x77f/0x920
[  184.496797][T13282]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  184.502367][T13282]  ksys_write+0xe8/0x1b0
[  184.506759][T13282]  __x64_sys_write+0x42/0x50
[  184.511367][T13282]  x64_sys_call+0x287e/0x2dc0
[  184.516055][T13282]  do_syscall_64+0xc9/0x1c0
[  184.520597][T13282]  ? clear_bhb_loop+0x55/0xb0
[  184.525288][T13282]  ? clear_bhb_loop+0x55/0xb0
[  184.530057][T13282]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.536052][T13282] RIP: 0033:0x7f2ae5e6e9cf
[  184.540476][T13282] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  184.560199][T13282] RSP: 002b:00007f2ae44c6020 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  184.568626][T13282] RAX: ffffffffffffffda RBX: 00007f2ae6036080 RCX: 00007f2ae5e6e9cf
[  184.576682][T13282] RDX: 0000000000000036 RSI: 00000000200000c0 RDI: 00000000000000c8
[  184.584661][T13282] RBP: 00007f2ae44c60a0 R08: 0000000000000000 R09: 0000000000000000
[  184.592712][T13282] R10: 0000000000000036 R11: 0000000000000293 R12: 0000000000000001
[  184.600827][T13282] R13: 0000000000000000 R14: 00007f2ae6036080 R15: 00007ffc9934d558
[  184.608908][T13282]  </TASK>
[  184.614561][T13284] FAULT_INJECTION: forcing a failure.
[  184.614561][T13284] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  184.627921][T13284] CPU: 1 UID: 0 PID: 13284 Comm: syz.5.3842 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[  184.638849][T13284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  184.648943][T13284] Call Trace:
[  184.652242][T13284]  <TASK>
[  184.655193][T13284]  dump_stack_lvl+0xf2/0x150
[  184.659889][T13284]  dump_stack+0x15/0x1a
[  184.664130][T13284]  should_fail_ex+0x223/0x230
[  184.668919][T13284]  should_fail+0xb/0x10
[  184.673157][T13284]  should_fail_usercopy+0x1a/0x20
[  184.678204][T13284]  strncpy_from_user+0x25/0x210
[  184.683096][T13284]  ? kmem_cache_alloc_noprof+0x18e/0x320
[  184.688781][T13284]  ? getname_flags+0x81/0x3b0
[  184.693481][T13284]  getname_flags+0xb0/0x3b0
[  184.698090][T13284]  user_path_at+0x26/0x120
[  184.702636][T13284]  __se_sys_mount+0x248/0x2d0
[  184.707432][T13284]  ? fput+0x1c4/0x200
[  184.711508][T13284]  __x64_sys_mount+0x67/0x80
[  184.716124][T13284]  x64_sys_call+0x2c84/0x2dc0
[  184.720813][T13284]  do_syscall_64+0xc9/0x1c0
[  184.725336][T13284]  ? clear_bhb_loop+0x55/0xb0
[  184.730037][T13284]  ? clear_bhb_loop+0x55/0xb0
[  184.734746][T13284]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.740729][T13284] RIP: 0033:0x7eff2da3ff19
[  184.745154][T13284] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  184.764777][T13284] RSP: 002b:00007eff2c0b7058 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  184.773199][T13284] RAX: ffffffffffffffda RBX: 00007eff2dc05fa0 RCX: 00007eff2da3ff19
[  184.781244][T13284] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000020000000
[  184.789226][T13284] RBP: 00007eff2c0b70a0 R08: 0000000000000000 R09: 0000000000000000
[  184.797233][T13284] R10: 0000000000001001 R11: 0000000000000246 R12: 0000000000000001
[  184.805281][T13284] R13: 0000000000000000 R14: 00007eff2dc05fa0 R15: 00007ffeffdbdfc8
[  184.813353][T13284]  </TASK>
[  184.823777][T13275] bridge_slave_1: left allmulticast mode
[  184.829492][T13275] bridge_slave_1: left promiscuous mode
[  184.835316][T13275] bridge0: port 2(bridge_slave_1) entered disabled state
[  184.848334][T13275] @: (slave bond_slave_0): Releasing backup interface
[  184.870381][T13275] @: (slave bond_slave_1): Releasing backup interface
[  184.888967][T13275] team0: Port device team_slave_0 removed
[  184.902368][T13275] team0: Port device team_slave_1 removed
[  184.909365][T13275] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  184.916846][T13275] batman_adv: batadv0: Removing interface: batadv_slave_0
[  184.929896][T13275] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  184.937535][T13275] batman_adv: batadv0: Removing interface: batadv_slave_1
[  184.985107][T13288] bridge_slave_0: left allmulticast mode
[  184.990914][T13288] bridge_slave_0: left promiscuous mode
[  184.996724][T13288] bridge0: port 1(bridge_slave_0) entered disabled state
[  185.006993][T13288] bridge_slave_1: left allmulticast mode
[  185.012745][T13288] bridge_slave_1: left promiscuous mode
[  185.018433][T13288] bridge0: port 2(bridge_slave_1) entered disabled state
[  185.027885][T13288] @: (slave bond_slave_0): Releasing backup interface
[  185.037898][T13288] @: (slave bond_slave_1): Releasing backup interface
[  185.057067][T13288] team0: Port device team_slave_0 removed
[  185.076217][T13288] team0: Port device team_slave_1 removed
[  185.090323][T13288] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  185.098025][T13288] batman_adv: batadv0: Removing interface: batadv_slave_0
[  185.110783][T13288] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  185.118472][T13288] batman_adv: batadv0: Removing interface: batadv_slave_1
[  185.178291][T13309] @: renamed from bond0 (while UP)
[  185.179014][T13307] syz.4.3848[13307] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  185.815961][T13341] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3861'.
[  185.902015][T13224] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  186.168175][T13368] hub 5-0:1.0: USB hub found
[  186.172949][T13368] hub 5-0:1.0: 8 ports detected
[  186.379273][T13389] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3881'.
[  186.401299][T13389] 9pnet: Could not find request transport: 0xffffffffffffffff
[  186.538745][T13399] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3884'.
[  186.556861][T13401] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3885'.
[  186.565826][T13401] bridge_slave_0: entered promiscuous mode
[  186.629932][T13414] bridge_slave_0: left allmulticast mode
[  186.635811][T13414] bridge_slave_0: left promiscuous mode
[  186.641581][T13414] bridge0: port 1(bridge_slave_0) entered disabled state
[  186.650963][T13414] bridge_slave_1: left allmulticast mode
[  186.656792][T13414] bridge_slave_1: left promiscuous mode
[  186.662536][T13414] bridge0: port 2(bridge_slave_1) entered disabled state
[  186.678439][T13414] @: (slave bond_slave_0): Releasing backup interface
[  186.686775][T13414] @: (slave bond_slave_1): Releasing backup interface
[  186.694966][T13414] team0: Port device team_slave_0 removed
[  186.702916][T13414] team0: Port device team_slave_1 removed
[  186.708840][T13414] batman_adv: batadv0: Removing interface: batadv_slave_0
[  186.719963][T13414] batman_adv: batadv0: Removing interface: batadv_slave_1
[  186.754426][T13424] wireguard0: entered promiscuous mode
[  186.759920][T13424] wireguard0: entered allmulticast mode
[  186.804514][T13428] netlink: '+}[@': attribute type 4 has an invalid length.
[  186.932536][T13429] netlink: 133492 bytes leftover after parsing attributes in process `syz.2.3895'.
[  187.903966][T13482] 9pnet_fd: Insufficient options for proto=fd
[  188.102293][T13485] netlink: 133492 bytes leftover after parsing attributes in process `syz.4.3919'.
[  188.293221][T13500] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3924'.
[  188.403804][T13513] 9pnet_fd: Insufficient options for proto=fd
[  188.461792][T13226] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  188.494004][T13526] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  188.564483][T13526] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  188.612812][T13526] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  188.664796][T13526] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  188.699661][T13530] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3935'.
[  188.720469][T13526] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  188.733998][T13526] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  188.747684][T13526] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  188.759222][T13526] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  188.892063][T13546] FAULT_INJECTION: forcing a failure.
[  188.892063][T13546] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  188.905249][T13546] CPU: 1 UID: 0 PID: 13546 Comm: syz.1.3943 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[  188.916041][T13546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  188.926146][T13546] Call Trace:
[  188.929437][T13546]  <TASK>
[  188.932381][T13546]  dump_stack_lvl+0xf2/0x150
[  188.937003][T13546]  dump_stack+0x15/0x1a
[  188.941259][T13546]  should_fail_ex+0x223/0x230
[  188.945951][T13546]  should_fail+0xb/0x10
[  188.950194][T13546]  should_fail_usercopy+0x1a/0x20
[  188.955313][T13546]  _copy_from_user+0x1e/0xb0
[  188.959980][T13546]  move_addr_to_kernel+0x82/0x120
[  188.965022][T13546]  __sys_sendto+0x12e/0x230
[  188.969557][T13546]  __x64_sys_sendto+0x78/0x90
[  188.974252][T13546]  x64_sys_call+0x29fa/0x2dc0
[  188.978971][T13546]  do_syscall_64+0xc9/0x1c0
[  188.983526][T13546]  ? clear_bhb_loop+0x55/0xb0
[  188.988220][T13546]  ? clear_bhb_loop+0x55/0xb0
[  188.992908][T13546]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.998906][T13546] RIP: 0033:0x7fd38d25ff19
[  189.003327][T13546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  189.022951][T13546] RSP: 002b:00007fd38b8d7058 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  189.031437][T13546] RAX: ffffffffffffffda RBX: 00007fd38d425fa0 RCX: 00007fd38d25ff19
[  189.039418][T13546] RDX: 0000000000006000 RSI: 0000000000000000 RDI: 0000000000000007
[  189.047406][T13546] RBP: 00007fd38b8d70a0 R08: 0000000020000300 R09: 000000000000001c
[  189.055427][T13546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  189.063406][T13546] R13: 0000000000000000 R14: 00007fd38d425fa0 R15: 00007ffd97722de8
[  189.071470][T13546]  </TASK>
[  189.113263][T13554] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3946'.
[  189.122242][T13554] bridge_slave_0: entered promiscuous mode
[  189.129813][   T29] kauditd_printk_skb: 1334 callbacks suppressed
[  189.129831][   T29] audit: type=1326 audit(1733314569.427:29782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13547 comm="syz.2.3944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f136132ff19 code=0x7ffc0000
[  189.160003][   T29] audit: type=1326 audit(1733314569.427:29783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13547 comm="syz.2.3944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f136132ff19 code=0x7ffc0000
[  189.183597][   T29] audit: type=1326 audit(1733314569.427:29784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13547 comm="syz.2.3944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f136132ff19 code=0x7ffc0000
[  189.207267][   T29] audit: type=1326 audit(1733314569.427:29785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13547 comm="syz.2.3944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f136132ff19 code=0x7ffc0000
[  189.230901][   T29] audit: type=1326 audit(1733314569.427:29786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13547 comm="syz.2.3944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f136132ff19 code=0x7ffc0000
[  189.250848][T13564] loop5: detected capacity change from 0 to 2048
[  189.254547][   T29] audit: type=1326 audit(1733314569.427:29787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13547 comm="syz.2.3944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f136132ff19 code=0x7ffc0000
[  189.284534][   T29] audit: type=1326 audit(1733314569.427:29788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13547 comm="syz.2.3944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f136132ff19 code=0x7ffc0000
[  189.308188][   T29] audit: type=1326 audit(1733314569.427:29789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13547 comm="syz.2.3944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f136132ff19 code=0x7ffc0000
[  189.324302][T13564] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  189.331750][   T29] audit: type=1326 audit(1733314569.427:29790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13547 comm="syz.2.3944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f136132ff19 code=0x7ffc0000
[  189.331789][   T29] audit: type=1326 audit(1733314569.427:29791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13547 comm="syz.2.3944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f136132ff19 code=0x7ffc0000
[  189.368581][T13559] netlink: 133492 bytes leftover after parsing attributes in process `syz.0.3948'.
[  189.417060][T12824] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  189.790596][T13578] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3955'.
[  190.169353][T13588] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3959'.
[  190.329650][T13599] loop5: detected capacity change from 0 to 2048
[  190.344836][T13599] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  190.374439][T12824] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.389765][T13603] syz.4.3963[13603] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  190.389928][T13603] syz.4.3963[13603] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  190.403965][T13603] syz.4.3963[13603] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  190.977415][T13618] netlink: 133492 bytes leftover after parsing attributes in process `syz.1.3968'.
[  191.021677][T13229] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  191.117750][T13620] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3969'.
[  191.260668][T13625] geneve2: entered promiscuous mode
[  191.266033][T13625] geneve2: entered allmulticast mode
[  191.327744][T13632] 9pnet_fd: Insufficient options for proto=fd
[  191.405577][T13640] loop5: detected capacity change from 0 to 512
[  191.423117][T13640] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e01c, mo2=0002]
[  191.435872][T13640] System zones: 1-12
[  191.443627][T13640] EXT4-fs (loop5): orphan cleanup on readonly fs
[  191.452098][T13640] EXT4-fs error (device loop5): __ext4_iget:4984: inode #11: block 393240: comm syz.5.3978: invalid block
[  191.482030][T13640] EXT4-fs error (device loop5): ext4_orphan_get:1394: comm syz.5.3978: couldn't read orphan inode 11 (err -117)
[  191.494691][T13640] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  191.519543][T13640] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3978'.
[  191.600116][T12824] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.623796][T13704] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4006'.
[  192.883378][T13734] block device autoloading is deprecated and will be removed.
[  192.953251][T13740] syz.1.4019[13740] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  192.953385][T13740] syz.1.4019[13740] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  192.970300][T13740] syz.1.4019[13740] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  193.366083][T13767] 9pnet_fd: Insufficient options for proto=fd
[  193.614618][T13782] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13782 comm=syz.2.4038
[  194.221599][T13225] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  194.355053][T13819] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=47 sclass=netlink_route_socket pid=13819 comm=syz.2.4052
[  194.634558][T13827] hub 5-0:1.0: USB hub found
[  194.639636][T13827] hub 5-0:1.0: 8 ports detected
[  194.736555][T13833] loop5: detected capacity change from 0 to 512
[  194.744492][T13833] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e01c, mo2=0002]
[  194.754121][T13833] System zones: 1-12
[  194.758360][T13833] EXT4-fs (loop5): orphan cleanup on readonly fs
[  194.765061][T13833] EXT4-fs error (device loop5): __ext4_iget:4984: inode #11: block 393240: comm syz.5.4058: invalid block
[  194.793422][T13833] EXT4-fs error (device loop5): ext4_orphan_get:1394: comm syz.5.4058: couldn't read orphan inode 11 (err -117)
[  194.807515][T13838] 9pnet_fd: Insufficient options for proto=fd
[  194.820091][T13833] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  194.833283][T13833] __nla_validate_parse: 1 callbacks suppressed
[  194.833299][T13833] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4058'.
[  194.857267][T13841] random: crng reseeded on system resumption
[  194.866122][T13842] syz.0.4059[13842] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  194.866233][T13842] syz.0.4059[13842] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  194.880202][T12824] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.902857][T13842] syz.0.4059[13842] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  194.916620][   T29] kauditd_printk_skb: 3502 callbacks suppressed
[  194.916636][   T29] audit: type=1326 audit(1733314575.227:33294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13843 comm="syz.5.4062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff2da3ff19 code=0x7ffc0000
[  194.958027][   T29] audit: type=1326 audit(1733314575.227:33295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13843 comm="syz.5.4062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7eff2da3ff19 code=0x7ffc0000
[  194.981888][   T29] audit: type=1326 audit(1733314575.227:33296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13843 comm="syz.5.4062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff2da3ff19 code=0x7ffc0000
[  195.005598][   T29] audit: type=1326 audit(1733314575.227:33297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13843 comm="syz.5.4062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7eff2da3ff19 code=0x7ffc0000
[  195.029331][   T29] audit: type=1326 audit(1733314575.227:33298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13843 comm="syz.5.4062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff2da3ff19 code=0x7ffc0000
[  195.052946][   T29] audit: type=1326 audit(1733314575.227:33299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13843 comm="syz.5.4062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7eff2da3ff19 code=0x7ffc0000
[  195.076727][   T29] audit: type=1326 audit(1733314575.227:33300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13843 comm="syz.5.4062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff2da3ff19 code=0x7ffc0000
[  195.100477][   T29] audit: type=1326 audit(1733314575.227:33301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13843 comm="syz.5.4062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7eff2da3ff19 code=0x7ffc0000
[  195.118999][T13841] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4061'.
[  195.124134][   T29] audit: type=1326 audit(1733314575.227:33302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13843 comm="syz.5.4062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff2da3ff19 code=0x7ffc0000
[  195.124169][   T29] audit: type=1326 audit(1733314575.227:33303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13843 comm="syz.5.4062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7eff2da3ff19 code=0x7ffc0000
[  195.187748][T13848] loop5: detected capacity change from 0 to 512
[  195.205763][T13848] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e01c, mo2=0002]
[  195.213778][T13848] System zones: 1-12
[  195.217967][T13848] EXT4-fs (loop5): orphan cleanup on readonly fs
[  195.224524][T13848] EXT4-fs error (device loop5): __ext4_iget:4984: inode #11: block 393240: comm syz.5.4063: invalid block
[  195.237756][T13848] EXT4-fs error (device loop5): ext4_orphan_get:1394: comm syz.5.4063: couldn't read orphan inode 11 (err -117)
[  195.250743][T13848] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  195.267021][T13853] hub 5-0:1.0: USB hub found
[  195.268304][T13848] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4063'.
[  195.271953][T13853] hub 5-0:1.0: 8 ports detected
[  195.299840][T12824] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.315567][T13855] FAULT_INJECTION: forcing a failure.
[  195.315567][T13855] name failslab, interval 1, probability 0, space 0, times 0
[  195.328385][T13855] CPU: 1 UID: 0 PID: 13855 Comm: syz.2.4067 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[  195.339153][T13855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  195.349281][T13855] Call Trace:
[  195.352675][T13855]  <TASK>
[  195.355635][T13855]  dump_stack_lvl+0xf2/0x150
[  195.360303][T13855]  dump_stack+0x15/0x1a
[  195.364550][T13855]  should_fail_ex+0x223/0x230
[  195.369321][T13855]  should_failslab+0x8f/0xb0
[  195.373936][T13855]  __kmalloc_noprof+0xab/0x3f0
[  195.378711][T13855]  ? process_preds+0x304/0x2a60
[  195.383610][T13855]  process_preds+0x304/0x2a60
[  195.388327][T13855]  ? mntput+0x49/0x70
[  195.392328][T13855]  ? path_openat+0x1a5a/0x1fa0
[  195.397186][T13855]  ? _parse_integer_limit+0x167/0x180
[  195.402570][T13855]  ? avc_has_perm_noaudit+0x1cc/0x210
[  195.407961][T13855]  ? should_fail_ex+0xd7/0x230
[  195.412799][T13855]  ? ftrace_profile_set_filter+0xbb/0x180
[  195.418601][T13855]  ? should_failslab+0x8f/0xb0
[  195.423477][T13855]  ? __kmalloc_cache_noprof+0x186/0x320
[  195.429116][T13855]  ftrace_profile_set_filter+0xd9/0x180
[  195.434687][T13855]  perf_ioctl+0xe35/0x1550
[  195.439174][T13855]  ? get_pid_task+0x8e/0xc0
[  195.443766][T13855]  ? ioctl_has_perm+0x2b8/0x2e0
[  195.448646][T13855]  ? do_vfs_ioctl+0x96e/0x1530
[  195.453455][T13855]  ? selinux_file_ioctl+0x2f7/0x380
[  195.458762][T13855]  ? __fget_files+0x17c/0x1c0
[  195.463548][T13855]  ? __pfx_perf_ioctl+0x10/0x10
[  195.468498][T13855]  __se_sys_ioctl+0xc9/0x140
[  195.473110][T13855]  __x64_sys_ioctl+0x43/0x50
[  195.477799][T13855]  x64_sys_call+0x1690/0x2dc0
[  195.482597][T13855]  do_syscall_64+0xc9/0x1c0
[  195.487108][T13855]  ? clear_bhb_loop+0x55/0xb0
[  195.491935][T13855]  ? clear_bhb_loop+0x55/0xb0
[  195.496662][T13855]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  195.502671][T13855] RIP: 0033:0x7f136132ff19
[  195.507093][T13855] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  195.526726][T13855] RSP: 002b:00007f135f9a7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  195.535172][T13855] RAX: ffffffffffffffda RBX: 00007f13614f5fa0 RCX: 00007f136132ff19
[  195.543167][T13855] RDX: 00000000200001c0 RSI: 0000000040082406 RDI: 0000000000000004
[  195.551222][T13855] RBP: 00007f135f9a70a0 R08: 0000000000000000 R09: 0000000000000000
[  195.559354][T13855] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  195.567335][T13855] R13: 0000000000000000 R14: 00007f13614f5fa0 R15: 00007ffda81c56c8
[  195.575438][T13855]  </TASK>
[  195.648942][T13865] 9pnet_fd: Insufficient options for proto=fd
[  196.141816][T13225] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  196.600568][T13896] loop5: detected capacity change from 0 to 1024
[  196.609210][T13896] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  196.614597][T13898] 9pnet_fd: Insufficient options for proto=fd
[  196.621713][T13896] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  196.639495][T13896] EXT4-fs error (device loop5): ext4_get_journal_inode:5809: inode #32: comm syz.5.4081: iget: special inode unallocated
[  196.652470][T13896] EXT4-fs (loop5): no journal found
[  196.657815][T13896] EXT4-fs (loop5): can't get journal size
[  196.664902][T13896] EXT4-fs error (device loop5): ext4_protect_reserved_inode:160: inode #32: comm syz.5.4081: iget: special inode unallocated
[  196.678154][T13896] EXT4-fs (loop5): failed to initialize system zone (-117)
[  196.685479][T13896] EXT4-fs (loop5): mount failed
[  196.697520][T13896] loop5: detected capacity change from 0 to 512
[  196.718515][T13896] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  196.727074][T13896] EXT4-fs (loop5): orphan cleanup on readonly fs
[  196.733865][T13896] EXT4-fs warning (device loop5): ext4_enable_quotas:7156: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  196.763940][T13896] EXT4-fs (loop5): Cannot turn on quotas: error -117
[  196.779758][T13896] EXT4-fs error (device loop5): ext4_orphan_get:1389: inode #16: comm syz.5.4081: iget: immutable or append flags not allowed on symlinks
[  196.784153][T13906] syz.0.4085[13906] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  196.806617][T13896] EXT4-fs error (device loop5): ext4_orphan_get:1394: comm syz.5.4081: couldn't read orphan inode 16 (err -117)
[  196.834641][T13896] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  196.863459][T13896] random: crng reseeded on system resumption
[  196.965164][T13896] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4081'.
[  197.497186][T12824] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.584481][T13929] netlink: 64 bytes leftover after parsing attributes in process `syz.0.4094'.
[  197.970098][T13948] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4100'.
[  198.545515][T13977] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4114'.
[  198.554600][T13977] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4114'.
[  198.638286][T13985] loop5: detected capacity change from 0 to 4096
[  198.647004][T13985] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  198.660724][T13985] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.684856][T13993] hub 5-0:1.0: USB hub found
[  198.689877][T13993] hub 5-0:1.0: 8 ports detected
[  198.690959][T13985] syz.5.4118[13985] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  198.945517][T13999] netlink: 133492 bytes leftover after parsing attributes in process `syz.0.4123'.
[  199.539016][T14028] 9pnet_fd: Insufficient options for proto=fd
[  199.669323][T14044] netlink: 64 bytes leftover after parsing attributes in process `syz.5.4145'.
[  199.741536][T14050] 9pnet_fd: Insufficient options for proto=fd
[  199.840977][T14056] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  199.899089][T14061] loop5: detected capacity change from 0 to 2048
[  199.910324][T14056] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  199.925120][T14061] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  199.937387][   T29] kauditd_printk_skb: 1854 callbacks suppressed
[  199.937404][   T29] audit: type=1326 audit(1733314580.247:35157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14045 comm="syz.0.4146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5b035f6ee7 code=0x7ffc0000
[  199.968014][   T29] audit: type=1326 audit(1733314580.277:35158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14045 comm="syz.0.4146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5b0359c129 code=0x7ffc0000
[  199.991811][   T29] audit: type=1326 audit(1733314580.277:35159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14045 comm="syz.0.4146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5b035f6ee7 code=0x7ffc0000
[  199.991912][T13227] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  200.015355][   T29] audit: type=1326 audit(1733314580.277:35160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14045 comm="syz.0.4146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5b0359c129 code=0x7ffc0000
[  200.049478][   T29] audit: type=1326 audit(1733314580.277:35161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14045 comm="syz.0.4146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=243 compat=0 ip=0x7f5b035fff19 code=0x7ffc0000
[  200.053607][T14066] hub 5-0:1.0: USB hub found
[  200.073417][   T29] audit: type=1326 audit(1733314580.337:35162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14045 comm="syz.0.4146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5b035f6ee7 code=0x7ffc0000
[  200.089703][T14066] hub 5-0:1.0: 8 ports detected
[  200.101407][   T29] audit: type=1326 audit(1733314580.337:35163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14045 comm="syz.0.4146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5b0359c129 code=0x7ffc0000
[  200.129922][   T29] audit: type=1326 audit(1733314580.337:35164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14045 comm="syz.0.4146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=243 compat=0 ip=0x7f5b035fff19 code=0x7ffc0000
[  200.153865][   T29] audit: type=1326 audit(1733314580.337:35165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14045 comm="syz.0.4146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5b035f6ee7 code=0x7ffc0000
[  200.177534][   T29] audit: type=1326 audit(1733314580.337:35166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14045 comm="syz.0.4146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5b0359c129 code=0x7ffc0000
[  200.205265][T14056] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.252556][T14078] 9pnet_fd: Insufficient options for proto=fd
[  200.259934][T14056] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.284282][T14080] hub 5-0:1.0: USB hub found
[  200.289066][T14080] hub 5-0:1.0: 8 ports detected
[  200.342239][T14056] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  200.355387][T14056] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  200.367371][T14056] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  200.380214][T14056] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  200.406084][T12824] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.637165][T14110] syz.0.4172[14110] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  200.637235][T14110] syz.0.4172[14110] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  200.659880][T14112] syz.2.4173[14112] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  201.402273][T14133] loop5: detected capacity change from 0 to 512
[  201.433005][T14133] EXT4-fs error (device loop5): ext4_orphan_get:1394: comm syz.5.4182: couldn't read orphan inode 26 (err -116)
[  201.446207][T14133] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  201.459690][T14133] ext4 filesystem being mounted at /82/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  201.479633][T14143] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  201.489109][T14143] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  201.508342][T14145] hub 5-0:1.0: USB hub found
[  201.515274][T14145] hub 5-0:1.0: 8 ports detected
[  201.533687][T14149] EXT4-fs error (device loop5): ext4_do_update_inode:5153: inode #3: comm syz.5.4182: corrupted inode contents
[  201.547548][T14149] EXT4-fs error (device loop5): ext4_dirty_inode:6041: inode #3: comm syz.5.4182: mark_inode_dirty error
[  201.559417][T14149] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.4182: bg 0: block 64: padding at end of block bitmap is not set
[  201.575627][T14149] EXT4-fs error (device loop5): ext4_acquire_dquot:6938: comm syz.5.4182: Failed to acquire dquot type 0
[  201.610226][T14159] 9pnet_fd: Insufficient options for proto=fd
[  201.902147][T13227] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  204.409793][T14135] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  204.453288][T12824] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  204.509827][T14216] __nla_validate_parse: 1 callbacks suppressed
[  204.509843][T14216] netlink: 32 bytes leftover after parsing attributes in process `syz.5.4212'.
[  204.583700][T14228] hub 5-0:1.0: USB hub found
[  204.589070][T14228] hub 5-0:1.0: 8 ports detected
[  204.668305][T14238] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  204.677494][T14238] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  204.944501][   T29] kauditd_printk_skb: 1304 callbacks suppressed
[  204.944518][   T29] audit: type=1326 audit(1733314585.257:36469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14205 comm="syz.1.4210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd38d256ee7 code=0x7ffc0000
[  204.976457][   T29] audit: type=1326 audit(1733314585.257:36470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14205 comm="syz.1.4210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd38d1fc129 code=0x7ffc0000
[  205.000068][   T29] audit: type=1326 audit(1733314585.257:36471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14205 comm="syz.1.4210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=243 compat=0 ip=0x7fd38d25ff19 code=0x7ffc0000
[  205.024106][   T29] audit: type=1326 audit(1733314585.257:36472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14213 comm="syz.0.4215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5b035f6ee7 code=0x7ffc0000
[  205.047852][   T29] audit: type=1326 audit(1733314585.257:36473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14213 comm="syz.0.4215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5b0359c129 code=0x7ffc0000
[  205.071685][   T29] audit: type=1326 audit(1733314585.257:36474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14213 comm="syz.0.4215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=243 compat=0 ip=0x7f5b035fff19 code=0x7ffc0000
[  205.095290][   T29] audit: type=1326 audit(1733314585.257:36475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14205 comm="syz.1.4210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd38d256ee7 code=0x7ffc0000
[  205.119029][   T29] audit: type=1326 audit(1733314585.257:36476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14205 comm="syz.1.4210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd38d1fc129 code=0x7ffc0000
[  205.142884][   T29] audit: type=1326 audit(1733314585.257:36477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14205 comm="syz.1.4210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=243 compat=0 ip=0x7fd38d25ff19 code=0x7ffc0000
[  205.166629][   T29] audit: type=1326 audit(1733314585.257:36478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14213 comm="syz.0.4215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5b035f6ee7 code=0x7ffc0000
[  205.742401][T13223] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  206.996113][T14318] netlink: 32 bytes leftover after parsing attributes in process `syz.5.4257'.
[  207.048216][T14322] netlink: 32 bytes leftover after parsing attributes in process `syz.5.4259'.
[  207.130638][T14326] netlink: 32 bytes leftover after parsing attributes in process `syz.5.4261'.
[  207.209808][T14330] syz.1.4263[14330] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  207.209864][T14330] syz.1.4263[14330] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  207.596899][T14230] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  207.662836][T13225] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  207.710965][T14342] FAULT_INJECTION: forcing a failure.
[  207.710965][T14342] name failslab, interval 1, probability 0, space 0, times 0
[  207.723786][T14342] CPU: 0 UID: 0 PID: 14342 Comm: syz.4.4268 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[  207.734646][T14342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  207.744809][T14342] Call Trace:
[  207.748195][T14342]  <TASK>
[  207.751149][T14342]  dump_stack_lvl+0xf2/0x150
[  207.755828][T14342]  dump_stack+0x15/0x1a
[  207.760036][T14342]  should_fail_ex+0x223/0x230
[  207.764761][T14342]  should_failslab+0x8f/0xb0
[  207.769447][T14342]  kmem_cache_alloc_noprof+0x52/0x320
[  207.774957][T14342]  ? vm_area_dup+0x2c/0x130
[  207.779582][T14342]  vm_area_dup+0x2c/0x130
[  207.784034][T14342]  __split_vma+0xf7/0x6a0
[  207.787863][T14350] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4272'.
[  207.788415][T14342]  vma_modify+0xd3/0x1e0
[  207.788443][T14342]  vma_modify_policy+0xeb/0x120
[  207.788469][T14342]  mbind_range+0x1d8/0x490
[  207.810886][T14342]  __se_sys_mbind+0x915/0x1160
[  207.815773][T14342]  __x64_sys_mbind+0x78/0x90
[  207.820393][T14342]  x64_sys_call+0x2662/0x2dc0
[  207.825126][T14342]  do_syscall_64+0xc9/0x1c0
[  207.829668][T14342]  ? clear_bhb_loop+0x55/0xb0
[  207.834354][T14342]  ? clear_bhb_loop+0x55/0xb0
[  207.839041][T14342]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  207.845017][T14342] RIP: 0033:0x7f2ae5e6ff19
[  207.849479][T14342] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  207.869130][T14342] RSP: 002b:00007f2ae44e7058 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[  207.877577][T14342] RAX: ffffffffffffffda RBX: 00007f2ae6035fa0 RCX: 00007f2ae5e6ff19
[  207.885597][T14342] RDX: 0000000000000000 RSI: 0000000000800000 RDI: 0000000020001000
[  207.893663][T14342] RBP: 00007f2ae44e70a0 R08: 0000000000000000 R09: 0000000000000000
[  207.901642][T14342] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  207.909727][T14342] R13: 0000000000000000 R14: 00007f2ae6035fa0 R15: 00007ffc9934d558
[  207.917741][T14342]  </TASK>
[  207.983589][T14356] 9pnet_fd: Insufficient options for proto=fd
[  208.072866][T14365] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.112689][T14365] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.189850][T14378] syz.2.4284[14378] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  208.189954][T14378] syz.2.4284[14378] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  208.204573][T14365] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.284209][T14383] 9pnet_fd: Insufficient options for proto=fd
[  208.314366][T14365] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.349986][T14365] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  208.373111][T14365] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  208.396204][T14365] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  208.411904][T14365] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  208.508743][T14398] FAULT_INJECTION: forcing a failure.
[  208.508743][T14398] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  208.521922][T14398] CPU: 0 UID: 0 PID: 14398 Comm: syz.4.4291 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[  208.532769][T14398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  208.543024][T14398] Call Trace:
[  208.546322][T14398]  <TASK>
[  208.549287][T14398]  dump_stack_lvl+0xf2/0x150
[  208.553906][T14398]  dump_stack+0x15/0x1a
[  208.558112][T14398]  should_fail_ex+0x223/0x230
[  208.562870][T14398]  should_fail+0xb/0x10
[  208.567124][T14398]  should_fail_usercopy+0x1a/0x20
[  208.572169][T14398]  _copy_from_user+0x1e/0xb0
[  208.576858][T14398]  do_ipv6_setsockopt+0x1ef/0x2250
[  208.582199][T14398]  ? _parse_integer+0x27/0x30
[  208.586897][T14398]  ? kstrtouint+0x77/0xc0
[  208.591343][T14398]  ? avc_has_perm_noaudit+0x1cc/0x210
[  208.596835][T14398]  ? selinux_netlbl_socket_setsockopt+0xe5/0x2d0
[  208.603253][T14398]  ipv6_setsockopt+0x57/0x130
[  208.607971][T14398]  tcp_setsockopt+0x93/0xb0
[  208.612503][T14398]  sock_common_setsockopt+0x64/0x80
[  208.617959][T14398]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  208.623993][T14398]  __sys_setsockopt+0x187/0x200
[  208.629057][T14398]  __x64_sys_setsockopt+0x66/0x80
[  208.634180][T14398]  x64_sys_call+0x282e/0x2dc0
[  208.638885][T14398]  do_syscall_64+0xc9/0x1c0
[  208.643457][T14398]  ? clear_bhb_loop+0x55/0xb0
[  208.648212][T14398]  ? clear_bhb_loop+0x55/0xb0
[  208.652900][T14398]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.658901][T14398] RIP: 0033:0x7f2ae5e6ff19
[  208.663413][T14398] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  208.683111][T14398] RSP: 002b:00007f2ae44e7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  208.691623][T14398] RAX: ffffffffffffffda RBX: 00007f2ae6035fa0 RCX: 00007f2ae5e6ff19
[  208.699607][T14398] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[  208.707589][T14398] RBP: 00007f2ae44e70a0 R08: 0000000000000338 R09: 0000000000000000
[  208.715759][T14398] R10: 0000000020000f80 R11: 0000000000000246 R12: 0000000000000001
[  208.723747][T14398] R13: 0000000000000000 R14: 00007f2ae6035fa0 R15: 00007ffc9934d558
[  208.732001][T14398]  </TASK>
[  208.933179][T14428] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  208.952911][T14428] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  209.954919][   T29] kauditd_printk_skb: 1464 callbacks suppressed
[  209.954940][   T29] audit: type=1326 audit(1733314590.267:37943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14456 comm="syz.2.4315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1361326ee7 code=0x7ffc0000
[  209.985185][   T29] audit: type=1326 audit(1733314590.267:37944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14456 comm="syz.2.4315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f13612cc129 code=0x7ffc0000
[  210.008715][   T29] audit: type=1326 audit(1733314590.267:37945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14456 comm="syz.2.4315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=243 compat=0 ip=0x7f136132ff19 code=0x7ffc0000
[  210.032849][   T29] audit: type=1326 audit(1733314590.267:37946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14477 comm="syz.5.4325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7eff2da36ee7 code=0x7ffc0000
[  210.044855][T14482] hub 5-0:1.0: USB hub found
[  210.056836][   T29] audit: type=1326 audit(1733314590.267:37947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14477 comm="syz.5.4325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7eff2d9dc129 code=0x7ffc0000
[  210.062045][T14482] hub 5-0:1.0: 8 ports detected
[  210.085311][   T29] audit: type=1326 audit(1733314590.267:37948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14477 comm="syz.5.4325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=243 compat=0 ip=0x7eff2da3ff19 code=0x7ffc0000
[  210.113648][   T29] audit: type=1326 audit(1733314590.277:37949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14477 comm="syz.5.4325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7eff2da36ee7 code=0x7ffc0000
[  210.137180][   T29] audit: type=1326 audit(1733314590.277:37950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14477 comm="syz.5.4325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7eff2d9dc129 code=0x7ffc0000
[  210.161069][   T29] audit: type=1326 audit(1733314590.277:37951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14477 comm="syz.5.4325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=243 compat=0 ip=0x7eff2da3ff19 code=0x7ffc0000
[  210.184818][   T29] audit: type=1326 audit(1733314590.277:37952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14477 comm="syz.5.4325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7eff2da36ee7 code=0x7ffc0000
[  210.807870][T14496] syz.5.4330[14496] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  210.807943][T14496] syz.5.4330[14496] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  210.819627][T14496] syz.5.4330[14496] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  210.834025][T14496] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4330'.
[  210.854594][T14496] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4330'.
[  211.501939][T13226] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  211.866606][T14418] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  212.069796][T14527] FAULT_INJECTION: forcing a failure.
[  212.069796][T14527] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  212.083139][T14527] CPU: 1 UID: 0 PID: 14527 Comm: syz.1.4345 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[  212.094019][T14527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  212.104145][T14527] Call Trace:
[  212.107466][T14527]  <TASK>
[  212.110417][T14527]  dump_stack_lvl+0xf2/0x150
[  212.115046][T14527]  dump_stack+0x15/0x1a
[  212.119258][T14527]  should_fail_ex+0x223/0x230
[  212.123956][T14527]  should_fail+0xb/0x10
[  212.128128][T14527]  should_fail_usercopy+0x1a/0x20
[  212.133209][T14527]  _copy_from_user+0x1e/0xb0
[  212.137914][T14527]  move_addr_to_kernel+0x82/0x120
[  212.143038][T14527]  copy_msghdr_from_user+0x271/0x2a0
[  212.148523][T14527]  __sys_sendmsg+0x13e/0x230
[  212.153146][T14527]  __x64_sys_sendmsg+0x46/0x50
[  212.157996][T14527]  x64_sys_call+0x2734/0x2dc0
[  212.162765][T14527]  do_syscall_64+0xc9/0x1c0
[  212.167276][T14527]  ? clear_bhb_loop+0x55/0xb0
[  212.172022][T14527]  ? clear_bhb_loop+0x55/0xb0
[  212.176751][T14527]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  212.182699][T14527] RIP: 0033:0x7fd38d25ff19
[  212.187199][T14527] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  212.206883][T14527] RSP: 002b:00007fd38b8d7058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  212.215379][T14527] RAX: ffffffffffffffda RBX: 00007fd38d425fa0 RCX: 00007fd38d25ff19
[  212.223363][T14527] RDX: 0000000000000000 RSI: 0000000020001180 RDI: 0000000000000003
[  212.231410][T14527] RBP: 00007fd38b8d70a0 R08: 0000000000000000 R09: 0000000000000000
[  212.239401][T14527] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  212.247994][T14527] R13: 0000000000000000 R14: 00007fd38d425fa0 R15: 00007ffd97722de8
[  212.255983][T14527]  </TASK>
[  212.786297][T13225] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  212.845907][T14557] syz.5.4358[14557] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  212.846004][T14557] syz.5.4358[14557] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  213.393879][T14571] netlink: 48 bytes leftover after parsing attributes in process `syz.0.4364'.
[  213.467261][T14572] FAULT_INJECTION: forcing a failure.
[  213.467261][T14572] name failslab, interval 1, probability 0, space 0, times 0
[  213.480036][T14572] CPU: 0 UID: 0 PID: 14572 Comm: syz.0.4364 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[  213.490827][T14572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  213.500899][T14572] Call Trace:
[  213.504185][T14572]  <TASK>
[  213.507213][T14572]  dump_stack_lvl+0xf2/0x150
[  213.511953][T14572]  dump_stack+0x15/0x1a
[  213.516233][T14572]  should_fail_ex+0x223/0x230
[  213.521134][T14572]  should_failslab+0x8f/0xb0
[  213.525778][T14572]  kmem_cache_alloc_node_noprof+0x59/0x320
[  213.531661][T14572]  ? dup_task_struct+0x6c/0x710
[  213.536546][T14572]  dup_task_struct+0x6c/0x710
[  213.541262][T14572]  ? kstrtoull+0x110/0x140
[  213.545702][T14572]  copy_process+0x3a9/0x1f90
[  213.550483][T14572]  ? 0xffffffff81000000
[  213.554651][T14572]  ? selinux_file_permission+0x22a/0x360
[  213.560374][T14572]  ? __rcu_read_unlock+0x4e/0x70
[  213.565411][T14572]  kernel_clone+0x167/0x5e0
[  213.569979][T14572]  ? vfs_write+0x596/0x920
[  213.574445][T14572]  __x64_sys_clone+0xe8/0x120
[  213.579144][T14572]  x64_sys_call+0x2d7e/0x2dc0
[  213.583834][T14572]  do_syscall_64+0xc9/0x1c0
[  213.588705][T14572]  ? clear_bhb_loop+0x55/0xb0
[  213.593556][T14572]  ? clear_bhb_loop+0x55/0xb0
[  213.598271][T14572]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.604247][T14572] RIP: 0033:0x7f5b035fff19
[  213.608816][T14572] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  213.628529][T14572] RSP: 002b:00007f5b01c56008 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  213.636959][T14572] RAX: ffffffffffffffda RBX: 00007f5b037c6080 RCX: 00007f5b035fff19
[  213.644942][T14572] RDX: 0000000000000000 RSI: 00000000fffffeb0 RDI: 0000000002000400
[  213.653048][T14572] RBP: 00007f5b01c560a0 R08: 0000000000000000 R09: 0000000000000000
[  213.661035][T14572] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[  213.669184][T14572] R13: 0000000000000000 R14: 00007f5b037c6080 R15: 00007ffe6edf4fa8
[  213.677174][T14572]  </TASK>
[  213.740560][T14578] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=14578 comm=syz.5.4367
[  213.792723][T14583] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  213.842934][T14583] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  213.892808][T14583] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  213.944012][T14583] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  213.947406][T14593] 9pnet_fd: Insufficient options for proto=fd
[  214.018571][T14583] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  214.030841][T14583] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  214.042814][T14583] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  214.066869][T14583] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  214.184975][T14618] netlink: 32 bytes leftover after parsing attributes in process `syz.5.4384'.
[  214.253425][T14629] netdevsim netdevsim0 eth0: set [1, 1] type 2 family 0 port 20000 - 0
[  214.261888][T14629] netdevsim netdevsim0 eth1: set [1, 1] type 2 family 0 port 20000 - 0
[  214.270212][T14629] netdevsim netdevsim0 eth2: set [1, 1] type 2 family 0 port 20000 - 0
[  214.278597][T14629] netdevsim netdevsim0 eth3: set [1, 1] type 2 family 0 port 20000 - 0
[  214.288298][T14629] geneve2: entered promiscuous mode
[  214.293844][T14629] geneve2: entered allmulticast mode
[  214.306159][T14629] netdevsim netdevsim0 eth0: unset [1, 1] type 2 family 0 port 20000 - 0
[  214.314816][T14629] netdevsim netdevsim0 eth1: unset [1, 1] type 2 family 0 port 20000 - 0
[  214.323673][T14629] netdevsim netdevsim0 eth2: unset [1, 1] type 2 family 0 port 20000 - 0
[  214.332255][T14629] netdevsim netdevsim0 eth3: unset [1, 1] type 2 family 0 port 20000 - 0
[  214.341862][T14639] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  214.350331][T14639] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  214.793921][T14646] random: crng reseeded on system resumption
[  215.359854][T14687] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=14687 comm=syz.2.4405
[  215.410014][T14691] 9pnet_fd: Insufficient options for proto=fd
[  215.526201][T14704] FAULT_INJECTION: forcing a failure.
[  215.526201][T14704] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  215.539479][T14704] CPU: 1 UID: 0 PID: 14704 Comm: syz.2.4412 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[  215.550322][T14704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  215.560522][T14704] Call Trace:
[  215.563802][T14704]  <TASK>
[  215.566812][T14704]  dump_stack_lvl+0xf2/0x150
[  215.571498][T14704]  dump_stack+0x15/0x1a
[  215.575837][T14704]  should_fail_ex+0x223/0x230
[  215.580622][T14704]  should_fail+0xb/0x10
[  215.585033][T14704]  should_fail_usercopy+0x1a/0x20
[  215.590138][T14704]  _copy_from_user+0x1e/0xb0
[  215.594902][T14704]  copy_msghdr_from_user+0x54/0x2a0
[  215.600125][T14704]  ? __fget_files+0x17c/0x1c0
[  215.604881][T14704]  __sys_recvmsg+0x140/0x260
[  215.609627][T14704]  __x64_sys_recvmsg+0x46/0x50
[  215.614430][T14704]  x64_sys_call+0xc64/0x2dc0
[  215.619029][T14704]  do_syscall_64+0xc9/0x1c0
[  215.623552][T14704]  ? clear_bhb_loop+0x55/0xb0
[  215.628235][T14704]  ? clear_bhb_loop+0x55/0xb0
[  215.633055][T14704]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.639050][T14704] RIP: 0033:0x7f136132ff19
[  215.643498][T14704] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  215.663209][T14704] RSP: 002b:00007f135f9a7058 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  215.671668][T14704] RAX: ffffffffffffffda RBX: 00007f13614f5fa0 RCX: 00007f136132ff19
[  215.679684][T14704] RDX: 0000000000000020 RSI: 0000000020000100 RDI: 0000000000000006
[  215.687724][T14704] RBP: 00007f135f9a70a0 R08: 0000000000000000 R09: 0000000000000000
[  215.695848][T14704] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  215.703898][T14704] R13: 0000000000000000 R14: 00007f13614f5fa0 R15: 00007ffda81c56c8
[  215.711885][T14704]  </TASK>
[  215.807782][T14710] batadv_slave_1: entered promiscuous mode
[  215.814090][T14710] batadv_slave_1: left promiscuous mode
[  215.839692][T14712] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4416'.
[  215.867945][T14714] netlink: 76 bytes leftover after parsing attributes in process `syz.2.4417'.
[  215.877257][T14714] netlink: 76 bytes leftover after parsing attributes in process `syz.2.4417'.
[  215.895159][T14714] netlink: 76 bytes leftover after parsing attributes in process `syz.2.4417'.
[  215.904465][T14714] netlink: 76 bytes leftover after parsing attributes in process `syz.2.4417'.
[  215.929668][T14714] netlink: 76 bytes leftover after parsing attributes in process `syz.2.4417'.
[  215.938799][T14714] netlink: 76 bytes leftover after parsing attributes in process `syz.2.4417'.
[  215.966285][T14719] FAULT_INJECTION: forcing a failure.
[  215.966285][T14719] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  215.979442][T14719] CPU: 0 UID: 0 PID: 14719 Comm: syz.2.4418 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[  215.990381][T14719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  216.000464][T14719] Call Trace:
[  216.003747][T14719]  <TASK>
[  216.006695][T14719]  dump_stack_lvl+0xf2/0x150
[  216.011310][T14719]  dump_stack+0x15/0x1a
[  216.015487][T14719]  should_fail_ex+0x223/0x230
[  216.020295][T14719]  should_fail+0xb/0x10
[  216.024458][T14719]  should_fail_usercopy+0x1a/0x20
[  216.029499][T14719]  _copy_from_user+0x1e/0xb0
[  216.034125][T14719]  copy_msghdr_from_user+0x54/0x2a0
[  216.039407][T14719]  ? __fget_files+0x17c/0x1c0
[  216.044236][T14719]  __sys_sendmsg+0x13e/0x230
[  216.048847][T14719]  __x64_sys_sendmsg+0x46/0x50
[  216.053648][T14719]  x64_sys_call+0x2734/0x2dc0
[  216.058380][T14719]  do_syscall_64+0xc9/0x1c0
[  216.062905][T14719]  ? clear_bhb_loop+0x55/0xb0
[  216.067719][T14719]  ? clear_bhb_loop+0x55/0xb0
[  216.072416][T14719]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.078424][T14719] RIP: 0033:0x7f136132ff19
[  216.082927][T14719] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  216.102638][T14719] RSP: 002b:00007f135f9a7058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  216.111079][T14719] RAX: ffffffffffffffda RBX: 00007f13614f5fa0 RCX: 00007f136132ff19
[  216.119238][T14719] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003
[  216.127399][T14719] RBP: 00007f135f9a70a0 R08: 0000000000000000 R09: 0000000000000000
[  216.135376][T14719] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  216.143572][T14719] R13: 0000000000000000 R14: 00007f13614f5fa0 R15: 00007ffda81c56c8
[  216.151617][T14719]  </TASK>
[  216.192549][T14723] 9pnet_fd: Insufficient options for proto=fd
[  216.631620][T13227] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  217.243071][T14626] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  217.305281][T14742] block device autoloading is deprecated and will be removed.
[  217.325027][T14745] FAULT_INJECTION: forcing a failure.
[  217.325027][T14745] name failslab, interval 1, probability 0, space 0, times 0
[  217.337748][T14745] CPU: 1 UID: 0 PID: 14745 Comm: syz.5.4430 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[  217.348631][T14745] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  217.358706][T14745] Call Trace:
[  217.361997][T14745]  <TASK>
[  217.364937][T14745]  dump_stack_lvl+0xf2/0x150
[  217.369635][T14745]  dump_stack+0x15/0x1a
[  217.373902][T14745]  should_fail_ex+0x223/0x230
[  217.378750][T14745]  should_failslab+0x8f/0xb0
[  217.383382][T14745]  kmem_cache_alloc_node_noprof+0x59/0x320
[  217.389350][T14745]  ? __alloc_skb+0x10b/0x310
[  217.394053][T14745]  __alloc_skb+0x10b/0x310
[  217.398498][T14745]  netlink_alloc_large_skb+0xad/0xe0
[  217.403849][T14745]  netlink_sendmsg+0x3b4/0x6e0
[  217.408695][T14745]  ? __pfx_netlink_sendmsg+0x10/0x10
[  217.414017][T14745]  __sock_sendmsg+0x140/0x180
[  217.418713][T14745]  sock_write_iter+0x15e/0x1a0
[  217.423526][T14745]  do_iter_readv_writev+0x394/0x450
[  217.428791][T14745]  vfs_writev+0x2d4/0x880
[  217.433196][T14745]  ? proc_fail_nth_write+0x12a/0x150
[  217.438530][T14745]  do_writev+0xf4/0x220
[  217.442758][T14745]  __x64_sys_writev+0x45/0x50
[  217.447547][T14745]  x64_sys_call+0x1fab/0x2dc0
[  217.452244][T14745]  do_syscall_64+0xc9/0x1c0
[  217.456761][T14745]  ? clear_bhb_loop+0x55/0xb0
[  217.461455][T14745]  ? clear_bhb_loop+0x55/0xb0
[  217.466142][T14745]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.472132][T14745] RIP: 0033:0x7eff2da3ff19
[  217.476563][T14745] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  217.496187][T14745] RSP: 002b:00007eff2c0b7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  217.504656][T14745] RAX: ffffffffffffffda RBX: 00007eff2dc05fa0 RCX: 00007eff2da3ff19
[  217.512736][T14745] RDX: 0000000000000001 RSI: 0000000020000140 RDI: 0000000000000006
[  217.520718][T14745] RBP: 00007eff2c0b70a0 R08: 0000000000000000 R09: 0000000000000000
[  217.528733][T14745] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  217.536935][T14745] R13: 0000000000000000 R14: 00007eff2dc05fa0 R15: 00007ffeffdbdfc8
[  217.544930][T14745]  </TASK>
[  217.572348][T14749] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  217.613394][   T29] kauditd_printk_skb: 1105 callbacks suppressed
[  217.613413][   T29] audit: type=1326 audit(1733314597.927:39058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14756 comm="syz.0.4435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b035fff19 code=0x7ffc0000
[  217.645717][   T29] audit: type=1326 audit(1733314597.927:39059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14756 comm="syz.0.4435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b035fff19 code=0x7ffc0000
[  217.669440][   T29] audit: type=1326 audit(1733314597.927:39060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14756 comm="syz.0.4435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5b035fff19 code=0x7ffc0000
[  217.693065][   T29] audit: type=1326 audit(1733314597.927:39061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14756 comm="syz.0.4435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b035fff19 code=0x7ffc0000
[  217.716835][   T29] audit: type=1326 audit(1733314597.927:39062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14756 comm="syz.0.4435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b035fff19 code=0x7ffc0000
[  217.740622][   T29] audit: type=1326 audit(1733314597.927:39063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14756 comm="syz.0.4435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5b035fff19 code=0x7ffc0000
[  217.764299][   T29] audit: type=1326 audit(1733314597.927:39064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14756 comm="syz.0.4435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b035fff19 code=0x7ffc0000
[  217.788032][   T29] audit: type=1326 audit(1733314597.927:39065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14756 comm="syz.0.4435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b035fff19 code=0x7ffc0000
[  217.811811][   T29] audit: type=1326 audit(1733314597.927:39066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14756 comm="syz.0.4435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5b035fff19 code=0x7ffc0000
[  217.835365][   T29] audit: type=1326 audit(1733314597.927:39067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14756 comm="syz.0.4435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b035fff19 code=0x7ffc0000
[  217.860652][T14749] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  217.954491][T14749] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  218.003100][T14749] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  218.129413][T14749] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  218.174146][T14749] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  218.204747][T14749] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  218.218957][T14749] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  218.268070][T14778] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  218.281908][T14771] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  218.300647][T14771] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  218.357248][T14778] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  218.433003][T14778] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  218.494876][T14778] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  218.541883][T13227] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  218.553613][T14778] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  218.565162][T14778] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  218.576540][T14778] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  218.587893][T14778] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  218.640440][T14792] FAULT_INJECTION: forcing a failure.
[  218.640440][T14792] name failslab, interval 1, probability 0, space 0, times 0
[  218.653219][T14792] CPU: 0 UID: 0 PID: 14792 Comm: syz.4.4444 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[  218.664124][T14792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  218.674247][T14792] Call Trace:
[  218.677536][T14792]  <TASK>
[  218.680506][T14792]  dump_stack_lvl+0xf2/0x150
[  218.685216][T14792]  dump_stack+0x15/0x1a
[  218.689408][T14792]  should_fail_ex+0x223/0x230
[  218.694164][T14792]  should_failslab+0x8f/0xb0
[  218.698773][T14792]  kmem_cache_alloc_node_noprof+0x59/0x320
[  218.704592][T14792]  ? __alloc_skb+0x10b/0x310
[  218.709230][T14792]  __alloc_skb+0x10b/0x310
[  218.713705][T14792]  netlink_alloc_large_skb+0xad/0xe0
[  218.719508][T14792]  netlink_sendmsg+0x3b4/0x6e0
[  218.724297][T14792]  ? __pfx_netlink_sendmsg+0x10/0x10
[  218.729605][T14792]  __sock_sendmsg+0x140/0x180
[  218.734308][T14792]  ____sys_sendmsg+0x312/0x410
[  218.739100][T14792]  __sys_sendmsg+0x19d/0x230
[  218.743723][T14792]  __x64_sys_sendmsg+0x46/0x50
[  218.748583][T14792]  x64_sys_call+0x2734/0x2dc0
[  218.753332][T14792]  do_syscall_64+0xc9/0x1c0
[  218.757937][T14792]  ? clear_bhb_loop+0x55/0xb0
[  218.762622][T14792]  ? clear_bhb_loop+0x55/0xb0
[  218.767381][T14792]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.773452][T14792] RIP: 0033:0x7f2ae5e6ff19
[  218.777966][T14792] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  218.797592][T14792] RSP: 002b:00007f2ae44e7058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  218.806042][T14792] RAX: ffffffffffffffda RBX: 00007f2ae6035fa0 RCX: 00007f2ae5e6ff19
[  218.814103][T14792] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003
[  218.822090][T14792] RBP: 00007f2ae44e70a0 R08: 0000000000000000 R09: 0000000000000000
[  218.830106][T14792] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  218.838084][T14792] R13: 0000000000000000 R14: 00007f2ae6035fa0 R15: 00007ffc9934d558
[  218.846200][T14792]  </TASK>
[  218.905834][T14796] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  218.942780][T14796] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.002971][T14796] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.052826][T14796] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.120652][T14796] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  219.134645][T14796] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  219.148324][T14796] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  219.160619][T14796] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  219.220510][T14804] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=14804 comm=syz.5.4448
[  219.269857][T14808] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=14808 comm=syz.5.4450
[  219.825998][T14823] netlink: 36 bytes leftover after parsing attributes in process `syz.4.4456'.
[  220.407682][T14834] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4461'.
[  220.784796][T14849] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4468'.
[  221.035106][T14870] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=14870 comm=syz.4.4477
[  221.080378][T14872] FAULT_INJECTION: forcing a failure.
[  221.080378][T14872] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  221.093645][T14872] CPU: 1 UID: 0 PID: 14872 Comm: syz.4.4478 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[  221.104520][T14872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  221.114607][T14872] Call Trace:
[  221.117942][T14872]  <TASK>
[  221.120896][T14872]  dump_stack_lvl+0xf2/0x150
[  221.125541][T14872]  dump_stack+0x15/0x1a
[  221.129778][T14872]  should_fail_ex+0x223/0x230
[  221.134553][T14872]  should_fail+0xb/0x10
[  221.138739][T14872]  should_fail_usercopy+0x1a/0x20
[  221.143852][T14872]  _copy_from_user+0x1e/0xb0
[  221.148564][T14872]  memdup_user+0x64/0xc0
[  221.152910][T14872]  strndup_user+0x68/0xa0
[  221.157323][T14872]  __se_sys_mount+0x4e/0x2d0
[  221.162168][T14872]  ? fput+0x1c4/0x200
[  221.166182][T14872]  ? ksys_write+0x176/0x1b0
[  221.170734][T14872]  __x64_sys_mount+0x67/0x80
[  221.175371][T14872]  x64_sys_call+0x2c84/0x2dc0
[  221.180299][T14872]  do_syscall_64+0xc9/0x1c0
[  221.184861][T14872]  ? clear_bhb_loop+0x55/0xb0
[  221.189571][T14872]  ? clear_bhb_loop+0x55/0xb0
[  221.194333][T14872]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  221.200364][T14872] RIP: 0033:0x7f2ae5e6ff19
[  221.204804][T14872] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  221.224432][T14872] RSP: 002b:00007f2ae44e7058 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  221.232957][T14872] RAX: ffffffffffffffda RBX: 00007f2ae6035fa0 RCX: 00007f2ae5e6ff19
[  221.241102][T14872] RDX: 0000000020000400 RSI: 00000000200003c0 RDI: 0000000000000000
[  221.249097][T14872] RBP: 00007f2ae44e70a0 R08: 0000000020000440 R09: 0000000000000000
[  221.257215][T14872] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  221.265304][T14872] R13: 0000000000000000 R14: 00007f2ae6035fa0 R15: 00007ffc9934d558
[  221.273421][T14872]  </TASK>
[  221.396372][T14887] netlink: 36 bytes leftover after parsing attributes in process `syz.4.4485'.
[  221.776267][T14908] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=14908 comm=syz.1.4494
[  221.799626][T14912] vlan2: entered promiscuous mode
[  221.804797][T14912] @: entered promiscuous mode
[  221.811410][T14912] @: left promiscuous mode
[  221.894751][T14919] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4499'.
[  222.301349][    C0] ==================================================================
[  222.309491][    C0] BUG: KCSAN: data-race in kick_pool / wq_worker_running
[  222.316539][    C0] 
[  222.318854][    C0] read-write to 0xffff888237d2e8a4 of 4 bytes by task 24 on cpu 1:
[  222.326762][    C0]  wq_worker_running+0x98/0x130
[  222.331629][    C0]  schedule_timeout+0xb8/0x160
[  222.336390][    C0]  msleep+0x4b/0x70
[  222.340205][    C0]  nsim_fib_event_work+0x1fd8/0x2270
[  222.345498][    C0]  process_scheduled_works+0x483/0x9a0
[  222.350962][    C0]  worker_thread+0x51d/0x6f0
[  222.355565][    C0]  kthread+0x1d1/0x210
[  222.359626][    C0]  ret_from_fork+0x4b/0x60
[  222.364145][    C0]  ret_from_fork_asm+0x1a/0x30
[  222.368939][    C0] 
[  222.371256][    C0] read to 0xffff888237d2e8a4 of 4 bytes by interrupt on cpu 0:
[  222.378811][    C0]  kick_pool+0x4d/0x2c0
[  222.382978][    C0]  __queue_work+0x8bb/0xb40
[  222.387567][    C0]  queue_work_on+0xd3/0x180
[  222.392133][    C0]  wg_packet_send_staged_packets+0x83c/0xac0
[  222.398134][    C0]  wg_packet_send_keepalive+0xe5/0x100
[  222.403604][    C0]  wg_expired_send_persistent_keepalive+0x3c/0x50
[  222.410136][    C0]  call_timer_fn+0x3a/0x300
[  222.415253][    C0]  __run_timer_base+0x417/0x640
[  222.420108][    C0]  run_timer_softirq+0x31/0x70
[  222.424874][    C0]  handle_softirqs+0xbf/0x280
[  222.429673][    C0]  __irq_exit_rcu+0x3a/0xc0
[  222.434202][    C0]  sysvec_apic_timer_interrupt+0x73/0x80
[  222.439841][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  222.445837][    C0]  __sanitizer_cov_trace_pc+0x46/0x70
[  222.451220][    C0]  do_recvmmsg+0x276/0x6d0
[  222.455641][    C0]  __x64_sys_recvmmsg+0xe2/0x170
[  222.460579][    C0]  x64_sys_call+0x2a9a/0x2dc0
[  222.465272][    C0]  do_syscall_64+0xc9/0x1c0
[  222.469774][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.475695][    C0] 
[  222.478013][    C0] value changed: 0x00000000 -> 0x00000001
[  222.483725][    C0] 
[  222.486046][    C0] Reported by Kernel Concurrency Sanitizer on:
[  222.492294][    C0] CPU: 0 UID: 0 PID: 14922 Comm: syz.0.4498 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[  222.503054][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  222.513127][    C0] ==================================================================
[  222.522137][T13225] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  224.301896][T13223] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  228.142305][T13223] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  230.061608][T13223] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration