last executing test programs:

6.110031847s ago: executing program 4 (id=592):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0xc9d7, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
sendmsg$IPCTNL_MSG_CT_DELETE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)={0xac, 0x2, 0x1, 0x5, 0x0, 0x0, {0x3, 0x0, 0x4}, [@CTA_TUPLE_ORIG={0x2c, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2f}}, @CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x11}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}]}, @CTA_ID={0x8}, @CTA_TUPLE_REPLY={0x10, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}]}, @CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0x10}]}, @CTA_TUPLE_ORIG={0x4}, @CTA_MARK={0x8, 0x8, 0x1, 0x0, 0x6}, @CTA_FILTER={0x3c, 0x19, 0x0, 0x1, [@CTA_FILTER_ORIG_FLAGS={0x8}, @CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x4}, @CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x400}, @CTA_FILTER_ORIG_FLAGS={0x8}, @CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x2}, @CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x40}, @CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0xa00}]}]}, 0xac}}, 0x4)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB="0107000000000000000020"], 0x1c}, 0x1, 0x0, 0x0, 0x8041}, 0x0)
r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$selinux_load(r3, &(0x7f0000000340)={0xf97cff8c, 0x8}, 0x2000)

6.082068036s ago: executing program 4 (id=593):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$kcm(0xa, 0x2, 0x11)
sendmsg$sock(r0, &(0x7f0000000200)={&(0x7f0000000140)=@in={0x2, 0x4e23, @rand_addr=0x64010102}, 0x80, 0x0, 0x0, &(0x7f0000000080)=[@txtime={{0x18, 0x1, 0x25}}], 0x18}, 0x4004000)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
iopl(0x3)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x3, 0xc, &(0x7f0000000240)=ANY=[@ANYRESDEC=r1, @ANYRESDEC=r2, @ANYRES8=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
ioprio_set$pid(0x2, 0x0, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="e8000000000000000b210000ff3f7c081e0f315b91fcaec7bf495d5c618332756cbb1bb9ce6d12b9d976d1f33aca41e50a3342bcd67c311f7885a05c3fcf2ae21f1498ec481e7ca2c3ca4c7b3bf94448f62e111e5a79929b9182cc977ba6ae766ce37bdaac6da997fbc15f0c79f42155b99a280667b51fdc7902d7be5ef41f953fedb32aceeada13250626957eff13d5b12cc916541ccbeb0d4060a4dd89664eaba2f6b4ede0c9e3dc1c9446d9284ebe0e46eee7bc145ff0a2779c025553298812978ea53a8c60f254f23344a80a0aac7b141787bad6b0ba090000005f2f3158f0d200000000000070000000000000000701000040000000afbb30c2946e41ef3167d1f6ed47aa1f52bad114a89dbed741f74a23cd8d915e2dcc74a4932646b90f90a9d3956d5cadb642ac79fcb0aae3654482188263abd27e9d57cc28032453dc75f333e1f367ab38b7e7719805a454e79802d07ec60c00b0000000000000000100000001"], 0x208}, 0x0)
socketpair(0x28, 0x5, 0x2, &(0x7f0000000280)={<r3=>0xffffffffffffffff})
sendmsg(r3, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[], 0x208}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000008, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="1ef41215b60684ecc58bf8eda1ede2307816d66c3b89c3a0b9a9cc161758715ab364efc44cc3918de9017ab618699015e36ddf0c4cc5b58b92ba160da95cc95c43080b824b9ac4d211c627ef2d5f6e3c1ce686b3a6ad8bae2351c5e03a7c65e1003fbc8b62e0f9eb1121f558a7e9f767cbf300d493942646b3ddb0d1a1167c77ddd2afbfdc1aedb2060de995c5ce552883b7380b8aa67967f649b230c6c2c9a4a7b325aa770895c1220f1ed22925508f94cd558474d3f9482bcfc73c7e8abe86acdf1a9e927feb3b43f0c7cc413f8adbe56cc2fd7083cab52c2484"], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
request_key(&(0x7f0000000340)='user\x00', &(0x7f0000000380)={'syz', 0x3}, &(0x7f00000003c0)=')\x00', 0x0)
socket$inet6(0xa, 0x6, 0x1ff)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1018e58, &(0x7f00000002c0)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1}}, {@noblock_validity}, {@user_xattr}, {@max_batch_time={'max_batch_time', 0x3d, 0x8cc}}, {@block_validity}, {@inlinecrypt}]}, 0x6, 0x5fc, &(0x7f0000000600)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHTQq2FkzBg4KCiFeRXvwHvEvv3kRQb56FKlJRUOnK7M62m2Q3XdPsTpr5fGCzz/PM7D7PdydP5pmZPDsBlNZ49iON2BVx51QSMdaybDQaC8fz9W7/du109kiiVnv91ySSvKy5fpI/b88zwxHx7dGIRyur6124cvXsdLXW8F7E/sVzF/cvXLm6b/7c9JnZM7Pnpw68cPDQ5ItTB6c2JM7t+fOx4689+fH7bz8/9111XxKH4+TguzOxIo6NMh7jcScPsbV8ICIOZYk2n8vDZguEUGqV/PdxMCIej7Go1HMNYzH/UaGNA3qqVomoASWV6P9QUs1xQPPYvrvj4JM9HpX0z60jjQOg1fEPNM6NxHD92Gjb7aTlyKhxbmPHBtSf1fHPtd2fZ49Ydh7iz7tbZ2AD6ulk6XpEPNEu/qTeth31SLP402XtSCJiMiKG8va98gBtSFrSvTgPs5b1xp9GxOH8OSs/us76x1fk+x0/AOV080i+I1/Kcvf2f9nYozn+iTbjn9E2+671KHr/13n819zfD9fPkacrxmHZmOVE+7ccXFnw04fHPu1Uf+v4L3tk9TfHgv1w63rE7hXxf5AFm49/sviTNts/W+XU4e7qePX7X451WlZ0/LUbEXvaHv/cG5VmqTWuT+6fm6/OTjZ+tq3j62/e+rJT/UXHn23/bR3ib9n+6crXZZ/JxS7r+OrEjXOdlo3eN/7056Gkcbw5lJe8M724eGkqYig5nq/SUn5g7bY012m+Rxb/3mfa9/9lv//Xl7/PSPNPZhcuvnH2dqdl69n+LReT79S6bEMnWfwz99/+q/p/VvZJl3X88eblpzotWyv+kQcJDAAAAAAAAEoorV+DTdKJu+k0nZhozJd9LLal1QsLi8/OXbh8fiZib/3/IQfT5pXusUY+yfJT+f/DNvMHVuSfi4idEfFZZaSenzh9oTpTdPAAAAAAAAAAAAAAAAAAAACwSWzP5/8371P9e6Ux/x8oiV7eYA7Y3PR/KK96/191iyegDOz/obz0fygv/R/KS/+H8tL/obz0fygv/R/KS/8HAAAAgC1p59M3f0wiYumlkfojM5QvMyMItrbBohsAFKZSdAOAwty99G+wD6XT1fj/r/zLAXvfHKAASbvC+uCgtnbnv9n2lQAAAAAAAAAAAABAD+zZ1Xn+v7nBsLWZ9gfl9QDz/311ADzkfPU/lJdjfOB+s/iHOy0w/x8AAAAAAAAAAAAA+ma0/kjSiXwu8Gik6cRExP8jYkcMJnPz1dnJiHgkIn6oDP4vy08V3WgAAAAAAAAAAAAAAAAAAADYYhauXD07Xa3OXmpN/L2qZGsnmndB7UNdL8d/fFUk/f9YRiKi8I3Ss8RAS0kSsZRt+U3RsEsLsTmaUU8U/IcJAAAAAAAAAAAAAAAAAABKqGXucXu7v+hziwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg/+7d/793iaJjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTv8GAAD//7V5QCw=")
syz_mount_image$msdos(&(0x7f00000003c0), &(0x7f0000000340)='.\x00', 0x126a4b5, &(0x7f0000001280)=ANY=[], 0x6, 0x0, &(0x7f0000000000))
r5 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x40df42, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x80044940, &(0x7f0000001980))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mount(0x0, 0x0, 0x0, 0x0, 0x0)
memfd_create(0x0, 0x1)
socketpair(0x27, 0x4, 0xfc9, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[], 0x48)
openat$autofs(0xffffffffffffff9c, 0x0, 0x121c41, 0x0)

5.848866406s ago: executing program 4 (id=596):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x3f, &(0x7f0000000080)=0x1, 0x4) (async)
bind$inet(r0, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10) (async)
sendto$inet(r0, 0x0, 0x0, 0x24040fb8, &(0x7f0000000340)={0x2, 0x24e23, @dev={0xac, 0x14, 0x14, 0x30}}, 0x10) (async, rerun: 64)
sendmsg$inet(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000180)='/', 0x1}], 0x1}, 0x4001) (async, rerun: 64)
recvmmsg(r0, &(0x7f00000005c0), 0x40000000000026c, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x7, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r1, 0x0, 0x4}, 0x18)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000002140)={0x1, &(0x7f0000000880)=[{0x6, 0x0, 0x0, 0x7fff0200}]}) (async)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000570000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async, rerun: 32)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (rerun: 32)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10) (async)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
dup(r4) (async)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000007000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f0800034000000004640000000e0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000380003803400008028000180230001"], 0xf0}}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x2, &(0x7f00000002c0)=[{0x2, 0x5, 0x9, 0x5}, {0xfc12, 0x8, 0xc, 0x7fffffff}]})
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async)
sendmsg$NFT_BATCH(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001000)={{0x14}, [@NFT_MSG_NEWRULE={0x14, 0x6, 0xa, 0x409, 0x0, 0x0, {0x3}}, @NFT_MSG_DELRULE={0x14, 0x8, 0xa, 0x5, 0x0, 0x0, {0x2, 0x0, 0x6}}], {0x14, 0x11, 0x1, 0x0, 0x0, {0xa}}}, 0x50}}, 0x20008000) (async)
socket$inet_sctp(0x2, 0x1, 0x84)
r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='cpuacct.stat\x00', 0x0, 0x0)
sendmsg$NFT_MSG_GETTABLE(r7, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000240)={&(0x7f0000000100)={0xec, 0x1, 0xa, 0x201, 0x0, 0x0, {0x7, 0x0, 0xa}, [@NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0xb4cc6e4bcd10b5ba}, @NFTA_TABLE_USERDATA={0xd0, 0x6, "40b2a1768d5b35da0b7ee6b113a7f82df1a2ecc5e2c367409e2ae64d839c2decc9edde36b338e651b062a606c53e50fba83a40bbcf4af421dcd941eebabb8e52339b8569a19465311342c9fc718f924ad8dbdfd8d03360270e09ea7d639d320fbbecb4087748653928079b1e12683fb0f34acc89f8d8b60d673f1346d6a84fd00ddd0e3b7ce8a5d01dda431144320e889b9bed2fbc84aa2a7780f0c18ae7fd9d972a8749a2aedd52700136f4e76e656376a2f4c004a4324e95917fd2531a38b4d1d5fb1d5af840bdc8527542"}]}, 0xec}}, 0x5)

5.828972836s ago: executing program 4 (id=597):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYRESHEX=0x0], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xffffffffffffffc3)
r1 = getpid()
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r3, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r1}}]}, 0x3c}}, 0x4000084)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000000)='sched_switch\x00', r4, 0x0, 0xfffffffffffffffe}, 0x18)
socket$inet_udp(0x2, 0x2, 0x0)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000e8ff0000000000ff000044850000000e0000003f0000000000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000340)='kfree\x00', r5, 0x0, 0x200}, 0x18)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r6 = getpid()
process_vm_readv(r6, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
connect$phonet_pipe(0xffffffffffffffff, 0x0, 0x0)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r7 = open(&(0x7f0000000200)='./file0\x00', 0x109100, 0x2)
r8 = openat$cgroup_subtree(r7, &(0x7f00000001c0), 0x2, 0x0)
syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r9, @ANYBLOB="01000000010000001c00"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0xf, 0x0, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}}}]}, 0x78}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=@newtfilter={0x48, 0x2c, 0xd27, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r9, {}, {}, {0xd}}, [@filter_kind_options=@f_flower={{0xb}, {0x18, 0x2, [@TCA_FLOWER_KEY_ENC_IPV6_SRC={0x14, 0x1f, @mcast1}]}}]}, 0x48}}, 0x0)
write$cgroup_subtree(r8, &(0x7f0000000840)=ANY=[@ANYBLOB="2b6370757365742031e0e71471178630ad6fe7200d561c2977799d1364c25d2dbbf404e038b7c0f79eb4e45e0c870aa04c1ae757a952f640d906b9e7b0498d596f64ce59e181251c0b41ad9d2209d6878fc56deacaa54a61a5425db1653af3ae97e6c59454a28a15d65e4b8bfc8f2eb16a360580cbf90e8fe7cc25ac15f82dc41a7491e6667ce55965e3ba8fb7df94443339a520b226de1c4a52c1a4faf0219828ea391610a814e585aae39df5a153c5c8475432d2e6f026defa24e637f9a2247a2c35f11cda23394980f0ae92a517b9e703c93a4da8e748040d784ac73f3775d4648cb7092bc16b80efb82b1064ea3553b5"], 0x8)

3.436093239s ago: executing program 0 (id=628):
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0xfffd, 0x0, @mcast1, 0x9}, 0x1c)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000840)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fcae68da850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={0x0, r2}, 0x18)
sendmsg(r0, &(0x7f00000000c0)={0x0, 0x9506, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0x5dc}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)

3.435634959s ago: executing program 0 (id=629):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x4, 0x12011, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000003000/0x1000)=nil, 0x1000, 0x3, 0x0, 0x6, 0x1)
msgget$private(0x0, 0x10)
ioprio_set$pid(0x2, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e85"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0}, &(0x7f0000000380), &(0x7f00000003c0)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$inet6(0xa, 0x2, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r4, &(0x7f0000000180)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="3c0000001000370400000000ffffffff00000000", @ANYRES32=r5, @ANYBLOB="0b120500000000001c0012800b00010069703667726500000c00028008000100", @ANYRES32=r5], 0x3c}}, 0x0)
sendmmsg$inet(r3, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @empty, @multicast1}}}], 0x20}}], 0x1, 0x0)

3.356919979s ago: executing program 0 (id=630):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
splice(r0, 0x0, r1, 0x0, 0x39000, 0x0)
memfd_create(&(0x7f0000000080), 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2, 0x0, 0x200000000200}, 0x18)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000008c0)={r3, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

2.653070937s ago: executing program 2 (id=635):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x3, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000010000000000000000000085000000190000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)={0x50, r1, 0x1, 0x4, 0x0, {}, [@WGDEVICE_A_PEERS={0x4}, @WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @a}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}]}, 0x50}, 0x1, 0x0, 0x0, 0x40080d0}, 0x40000)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="280000002100010002000000000000000a00000000000001016200000c00148008"], 0x28}], 0x1}, 0x0)

2.612803097s ago: executing program 2 (id=636):
socket$inet(0x10, 0x3, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x3d, 0x1, 0x0, 0x0, 0x0, 0x6, 0x62000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100040, 0x0, 0x0, 0x2, 0x2, 0x15, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0xe419, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000500)='9p_client_req\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000500)='9p_client_req\x00', r2}, 0x10)
perf_event_open(&(0x7f00000004c0)={0x2, 0x80, 0xfe, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x3}, 0x40df, 0x0, 0x4, 0x8, 0xa, 0x100, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x17, 0x0, 0x8400, 0x1, 0x0, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x3d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x66010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x8da}, 0x100000, 0x0, 0x0, 0x6, 0x3, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000013c0)=ANY=[@ANYBLOB="640000001000030400"/18, @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009000100766c616e00000000180002800c000200200000001f000000060001000000000008000500", @ANYRES32=r6, @ANYBLOB='\b\x00\n\x00', @ANYRES32, @ANYBLOB="0a000100000070"], 0x64}}, 0x0)

2.547610047s ago: executing program 2 (id=637):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x14, 0x4, 0x4, 0x22, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000), 0x8)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000), 0x8)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000640)={[{@utf8no}, {@utf8no}, {@utf8no}, {@fat=@check_strict}, {@iocharset={'iocharset', 0x3d, 'koi8-u'}}, {@numtail}, {@uni_xlate}, {@uni_xlateno}, {@numtail}, {@iocharset={'iocharset', 0x3d, 'maciceland'}}, {@shortname_mixed}, {@shortname_winnt}, {@utf8no}, {@uni_xlate}]}, 0x26, 0x336, &(0x7f00000001c0)="$eJzs3T1sW9UXAPDjviROI/VvD3+pgsmwIaGqCWKAKVFVpIoMUGTxtWDRlI/YVIqFpTDE9QJiBLEgwcTWAcbOiAEhNgZWioQKiIVulVrxkP1e7OeP0BThlI/fb4iOzj3H976Xq/glSm5eWo/tC4tx8caN67G8XIqF9TPrcbMU1TgWSWQuBwDwb3IzTePXNHPn6vdX9qOlOa8LAJifwfv/KydGifK9XA0AcBQO+f3/UzOzl+a2LABgjqbe/x8cG574Mf/C8HcCAIB/rmeef+HJjc2I87XackTrnU69U4/HR+MbF+O1aMZWnI5K3I7IHhSyp4X+xyfObZ49Xev7sRr1fkenHtHqdurZk8JGMugvx2pUopr3p8P+pN+/OuivRcTl7mD+aJU69cVYyef/biW2Yi0q8f+p/ohzm2fXavkL1Fv7/d2IXizvX0R//aeiEt+8HJeiGRei3zta/95qrXYm3Rzr71wpD+oAAAAAAAAAAAAAAAAAAAAAAGAeTtWGqsPzb9JWt/P2+cmC6tj5OPVsOD8fqJedD5SW90/neTeZPB9o/HyeTn0hjt3TKwcAAAAAAAAAAAAAAAAAAIC/j/buUjSaza2d9u5b28WgW8i88dWnXxyPyZrXk1EmFrKXG6vJc1HoSmLYng7b02SsJg+SiFHxlavDFRdrysOrmGrvB+WpoVK+pkazeeKBHz6a1fXbKJPE1G0ZD0r5/IWh1v+y1B90HRys3aHmWpqmB7XvfTjdFaWIhalP3F8RfHn91fseaZ98dJD5PD/04aGHK89e++CTn7cbzchvTbO5tNO+nf7puZLC/inl97k0YyfMDnqjTG+nvdtIvv3lufvf+3qiOJm9f9Ji5s2D5/psMrOUBf1lHuZKF2ds/tnBi7eGu/fub+bJj9cbV/e+/+mwXYUvEg7qAAAAAAAAAAAAAAAAAACAI1H4W/G78NjT81sRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABy90f//LwS9qcxhglvdmB4qb+20D5z8+JFeKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2G/BwAA//9pxHjs")
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_clone(0xc0008100, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$msdos(&(0x7f00000000c0), &(0x7f0000000200)='./file0\x00', 0x10814, &(0x7f0000000700)=ANY=[@ANYBLOB='umask=00000000000000000000000,flush,nodots,dots,gid=', @ANYRESHEX, @ANYBLOB="00006b746769643d0092", @ANYRESDEC, @ANYBLOB="1500bba7d41fabba4332de3ca642acf6f8de847e3f21783608008708a887d30aaf0a14b0691d48445fe3b4d1ddde1b81337b2c3b5f88535d7f6fa931b84783704494cebe49ca9f6269b05edde0246c360d0566b4056f0f02ccab035d3d0a5cde0b31bd424949fe23c0a0a25691738006c5c6acdf101fecdb4f79abdfb95c6afaea03dd5903b5240565f31504c207a9a2aa6c8108fb973081e90412a3c6cfa3b2513693727fad9acd8108acb8b90fab033c9dac0dc3e5a61c513e7b5edc5d76320f0e54045ea2b7b8fb1f78d3d346e26ee5ed6926cea1ffe0a1"], 0x1, 0x1fa, &(0x7f0000000500)="$eJzs2zFrE2EYB/Dn2rRe7GAHJ1E4cHEK6icwSAUxIEQy6GSgurQipEsUxH4eZz+EX8alg2SLXO5om2sLjWdyEn8/ON6H/O/guSF53uHN27sfDvY/Hr3f+nISaZLFRsSTmETs5lUpKdd0Vm/HnCTq+FXraQDgj/T7w27TPbBco1F3eDsidi4kg2+NNAQAAAAAAAAAAEBti5z/34j4Wj3/f7zifgGA+pz/X1/tch2NusN7xf6twvl/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDmT6fTWNL/Sci2vGxGRRkQ7Im5GRCsi8s+b7hcAqG8ynZ/7V83/iEgiwvwHgDXw6vWbF91eb6+fZWnEz+PxYDwo1iJ/9ry39zCb2T176mQ8Hmye5o+KPJvPt2b7hjx/fGm+HQ/uF3mePX3Zq+Q7sb/81weA/1InO3Vuvm+WV0Snc1mez+eiOrc/qMzvVtxprew1AIAFHH36fDA8PHw3+utFsthT7bKhq+/53lpWq4prFT+Sf6INRd0ivc7NDf8wAUt39qWvJmkzDQEAAAAAAAAAAAAAABes4i9HTb8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADr53cAAAD//8h6UUs=")

1.610941164s ago: executing program 2 (id=643):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
fcntl$notify(r1, 0x402, 0x2)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000003c0)='mm_page_free\x00', r2}, 0x18)
syz_open_dev$usbmon(&(0x7f00000005c0), 0x1, 0x84800)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000a1080000000000007b8af4ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000480)=@raw={'raw\x00', 0x41, 0x3, 0x3c8, 0x258, 0x19, 0x0, 0x0, 0x0, 0x330, 0x1f0, 0x1f0, 0x330, 0x1f0, 0x3, 0x0, {[{{@ip={@private, @dev, 0x0, 0x0, 'ip6erspan0\x00', 'veth0_vlan\x00'}, 0x0, 0x1f8, 0x258, 0x0, {0x0, 0xffffffffa0028000}, [@common=@unspec=@quota={{0x38}}, @common=@inet=@hashlimit2={{0x150}, {'dvmrp0\x00', {0x0, 0x3d40, 0x0, 0x0, 0x0, 0x687c, 0x1}}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0xffffffffffffffff}, {0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}}}}, {{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'pptp\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x428)

1.460348714s ago: executing program 3 (id=649):
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe028010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000200850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000002600)=@newlink={0x34, 0x10, 0x0, 0x0, 0x0, {0x0, 0x0, 0xffff}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0x4}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
sendmsg$unix(r3, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000080)="03", 0x1}, {&(0x7f0000000000)="438d94d73d60b9609a5f44279cdb2abd0c2eecd6b07e3497ad53fe9d55119b4d4888fbb1cf8122", 0x27}], 0x2, &(0x7f0000000280)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18, 0x20000000}, 0x2000810)
recvmmsg(r4, &(0x7f0000001140), 0x700, 0x2, 0x0)

1.427608714s ago: executing program 3 (id=650):
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe028010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000200850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000002600)=@newlink={0x34, 0x10, 0x0, 0x0, 0x0, {0x0, 0x0, 0xffff}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0x4}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
sendmsg$unix(r3, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000080)="03", 0x1}, {&(0x7f0000000000)="438d94d73d60b9609a5f44279cdb2abd0c2eecd6b07e3497ad53fe9d55119b4d4888fbb1cf8122", 0x27}], 0x2, &(0x7f0000000280)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18, 0x20000000}, 0x2000810)
recvmmsg(r4, &(0x7f0000001140), 0x700, 0x2, 0x0)

1.377915444s ago: executing program 3 (id=651):
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0xfffd, 0x0, @mcast1, 0x9}, 0x1c)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000840)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fcae68da850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
sendmsg(r0, 0x0, 0x44004)

1.316870334s ago: executing program 3 (id=652):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='kfree\x00'}, 0x10)
r0 = getpid()
madvise(&(0x7f0000a5e000/0x1000)=nil, 0x1000, 0x16)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x200002, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000180)={0x0, @in={{0x2, 0x4e20, @private=0xa010102}}, 0x81, 0x0, 0x1faa, 0x8000, 0x400}, &(0x7f0000000040)=0x98)
setsockopt$inet6_opts(r1, 0x29, 0x39, &(0x7f0000000400)=@fragment={0x33, 0x0, 0x2, 0x0, 0x0, 0x9, 0x65}, 0x8)
r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x4000, 0x0)
ioctl$EVIOCGVERSION(r2, 0x80044501, &(0x7f0000000340)=""/101)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0)
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r4)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
ptrace$setregs(0xd, r4, 0x0, &(0x7f00000003c0)="18607651149d7b10b4024fbbdc08899b8f589df2dbb5d7a8d1b36cfab675cb3976ee8100e2878c9cfa178cac130eb046eda93df39ed4b41924dc225ad4028dd63defb87d698be5c749450b350a789dcfc6b2d6a696b5026d1e52f19274566d1da0f353dd65e330ebf71c5e823f2753c5fd76724828ef31b353e71805205c3dceb44cc4c7b3664e29fb")
sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)="7800000018001f05b9409b0dffff000d0203be040205060506014007430008003f000000fac8388827a685a168d9a4c6040045653600648dcaaf6c26c291214549932fde4a460c89b6ec0cff3959547f509058ba86c902003a03004a32000400160012000a", 0x65, 0x0, 0x0, 0x0)
ptrace$getregset(0x4205, r4, 0x2, &(0x7f0000000080)={&(0x7f0000000000)=""/120, 0x78})
ptrace$getregset(0x4204, r4, 0x2, &(0x7f0000000740)={0x0})
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
socket$nl_sock_diag(0x10, 0x3, 0x4)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
lstat(0x0, 0x0)

1.294972344s ago: executing program 3 (id=653):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000240), 0xc0802, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='net/rt_acct\x00')
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xfff1}, {0xe, 0x1}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0xfffffffc}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x91, 0x3}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}}, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
setuid(0xee00)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
renameat2(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', r2, &(0x7f0000000200)='./file1\x00', 0x2)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0)=0x1)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f00000000c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r4}, 0x10)
r5 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r5, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @local, 'geneve0\x00'}}, 0x1e)
socket$pppoe(0x18, 0x1, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00', r6}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r7, 0x29, 0x36, &(0x7f0000000180)={0x32}, 0x8)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r7, 0x29, 0x20, &(0x7f00000000c0)={@mcast1, 0x800, 0x0, 0x103, 0x1}, 0x20)
setsockopt$inet6_int(r7, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f0000000040)=0x2)
readv(r8, &(0x7f0000000000)=[{&(0x7f0000001300)=""/241, 0xf1}], 0x1)
readv(r8, &(0x7f0000000d40)=[{&(0x7f0000000e00)=""/113, 0x71}], 0x1)
sendmsg$inet6(r7, &(0x7f0000000100)={&(0x7f0000000cc0)={0xa, 0x4625, 0x1000000080000, @loopback, 0x9}, 0x1c, 0x0}, 0x8001)
syz_usb_connect$hid(0x5, 0x3f, &(0x7f00000001c0)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0x8, 0x6cb, 0x2968, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0xe, 0x50, 0x4, [{{0x9, 0x4, 0x0, 0xdd, 0x2, 0x3, 0x1, 0x1, 0x7, {0x9, 0x21, 0x100, 0x0, 0x1, {0x22, 0x1ab}}, {{{0x9, 0x5, 0x81, 0x3, 0x20, 0x9, 0x8, 0x2}}, [{{0x9, 0x5, 0x2, 0x3, 0x10, 0x8, 0x5, 0x80}}]}}}]}}]}}, &(0x7f0000000600)={0xa, &(0x7f0000000300)={0xa, 0x6, 0x110, 0x96, 0xc, 0x7, 0x7c61e508b7577e5b, 0x3}, 0x34, &(0x7f0000000380)={0x5, 0xf, 0x34, 0x4, [@ss_container_id={0x14, 0x10, 0x4, 0x9, "aa8f3aafaf316ed7b1f7e84f52576ac8"}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0x8, 0x7, 0x0, 0x7}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x3, 0x52, 0x9, 0xfffc}, @ext_cap={0x7, 0x10, 0x2, 0x14, 0x3, 0x8, 0x5}]}, 0x5, [{0x4, &(0x7f0000000400)=@lang_id={0x4, 0x3, 0x40b}}, {0x50, &(0x7f00000004c0)=@string={0x50, 0x3, "f665ec17a3f338b9eca0c4a563ad6ff4b9ede5b5acb312192f49c2d2d229a4a7cff37b97dfd1811dc5f24fec7eafa253e83eaf0cb78e4f02659108b4948824e8adb596c76c3d0d6897a10ec56323"}}, {0x4, &(0x7f0000000540)=@lang_id={0x4, 0x3, 0x300a}}, {0x4, &(0x7f0000000580)=@lang_id={0x4, 0x3, 0x6c6f}}, {0x4, &(0x7f00000005c0)=@lang_id={0x4, 0x3, 0x42a}}]})

1.022340483s ago: executing program 1 (id=654):
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000000)={0x1, {{0xa, 0x0, 0x0, @mcast2}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(0xffffffffffffffff, 0x29, 0x30, 0x0, 0x90)
mq_open(0x0, 0x42, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000c80)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @void, @value}, 0x94)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x4000)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r2, 0x0, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x20000800, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
r3 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x8, 0x3, 0x460, 0xf0, 0xffffffff, 0xffffffff, 0xf0, 0xffffffff, 0x390, 0xffffffff, 0xffffffff, 0x390, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00', {}, {}, 0x2f, 0x0, 0x3}, 0x0, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@local, 'nicvf0\x00', {0x3f66}}}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x3d}}, [0xffffffff], [], 'wg1\x00', 'gre0\x00', {}, {0xff}}, 0x0, 0x258, 0x2a0, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x563e4515, 0x0, 0x7, 0x3fc, 0x20}}}, @common=@inet=@hashlimit3={{0x158}, {'veth0_vlan\x00', {0x3, 0x0, 0x48, 0x0, 0x15ab, 0x1000, 0x6, 0x5}}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00', 0x2, 0x5, {0x6}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x4c0)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x12, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$SO_TIMESTAMP(r5, 0x1, 0x1d, 0x0, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f00000001c0)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)=ANY=[@ANYBLOB="58000000100003040000000000000000000000c8", @ANYRES32=0x0, @ANYBLOB="42420000000000002800128009000100766c616e00000000180002800c0002001f0000001f000000060001000100000008000500", @ANYRES32=r8, @ANYBLOB="08000a0021d831677e6d17255c6b1c99d6a668fa8a3b438ab1665efd5c227ce3db92165bb1210199e876fb4ae50effa420cc163d42c8043ef8031d37cdc7dddf0eb3181079fc9180cec5e1acf5dd8cfc365f9209a92ecc5c8d232775fcf36d645deaf1aa536fc295d8dc5585204532faa31e7e7f068677f8fdbe39f91d5a01f7decaa4ef42de05f1ea8d91c124815e96c15c6fede6a31e3c5c154d23b109c496f7aa0395a9dbd1850ce70dfd1cef1cfde6c49d2138fd0ed23e66c0536123b3cf6153d3e7", @ANYRES16=r4], 0x58}, 0x1, 0x0, 0x0, 0x600}, 0x0)

840.885112ms ago: executing program 1 (id=655):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='mm_page_free\x00', r1, 0x0, 0xffffffffdd0eac61}, 0x18)
r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r2, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x8, 0x3, 0x520, 0x340, 0x25, 0x148, 0x0, 0x60, 0x488, 0x2a8, 0x2a8, 0x488, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x0, 0x0, 0x9, 0x0, 0x80ffffff, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@empty, @empty, 0x0, 0x0, 'syzkaller0\x00', 'veth0_to_team\x00'}, 0x0, 0xe8, 0x148, 0x0, {}, [@common=@set={{0x40}}, @common=@unspec=@statistic={{0x38}}]}, @common=@SET={0x60}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x580)

840.642812ms ago: executing program 1 (id=656):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0xc9d7, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
sendmsg$IPCTNL_MSG_CT_DELETE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)={0xac, 0x2, 0x1, 0x5, 0x0, 0x0, {0x3, 0x0, 0x4}, [@CTA_TUPLE_ORIG={0x2c, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2f}}, @CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x11}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}]}, @CTA_ID={0x8}, @CTA_TUPLE_REPLY={0x10, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}]}, @CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0x10}]}, @CTA_TUPLE_ORIG={0x4}, @CTA_MARK={0x8, 0x8, 0x1, 0x0, 0x6}, @CTA_FILTER={0x3c, 0x19, 0x0, 0x1, [@CTA_FILTER_ORIG_FLAGS={0x8}, @CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x4}, @CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x400}, @CTA_FILTER_ORIG_FLAGS={0x8}, @CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x2}, @CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x40}, @CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0xa00}]}]}, 0xac}}, 0x4)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB="0107000000000000000020"], 0x1c}, 0x1, 0x0, 0x0, 0x8041}, 0x0)
r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$selinux_load(r3, &(0x7f0000000340)={0xf97cff8c, 0x8}, 0x2000)

831.893472ms ago: executing program 1 (id=657):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x4, 0x12011, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000003000/0x1000)=nil, 0x1000, 0x3, 0x0, 0x6, 0x1)
msgget$private(0x0, 0x10)
ioprio_set$pid(0x2, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e85000000010000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0}, &(0x7f0000000380), &(0x7f00000003c0)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$inet6(0xa, 0x2, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r4, &(0x7f0000000180)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="3c0000001000370400000000ffffffff00000000", @ANYRES32=r5, @ANYBLOB="0b120500000000001c0012800b00010069703667726500000c00028008000100", @ANYRES32=r5], 0x3c}}, 0x0)
sendmmsg$inet(r3, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @empty, @multicast1}}}], 0x20}}], 0x1, 0x0)

756.138152ms ago: executing program 1 (id=658):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000002540), 0x2, 0x0)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000002840), 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0xfffffffc, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kfree\x00', r4}, 0x10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000c80)=@raw={'raw\x00', 0x3c1, 0x3, 0x4c0, 0x2e0, 0x940c, 0x3002, 0x2e0, 0x2c0, 0x3f0, 0x3d8, 0x3d8, 0x3f0, 0x3d8, 0x3, 0x0, {[{{@uncond, 0x0, 0x298, 0x2e0, 0x4001, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x4001, 0x1, 0x3, 'syz0\x00'}}, @common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x2, 0x0, 'syz0\x00'}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@loopback, 'virt_wifi0\x00'}}}, {{@uncond, 0x0, 0xd0, 0x110, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x1, 0xbe, {0x565159d7}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x565)
close_range(r1, r2, 0x200000000000000)

704.819672ms ago: executing program 3 (id=659):
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
socket$key(0xf, 0x3, 0x2)
perf_event_open(&(0x7f0000001700)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3b4f9a605a710919, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x0, 0x1}, 0x8806, 0x3, 0x81, 0x0, 0x576, 0x1, 0xfff6, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x70bd2a, 0x8000000, {0x0, 0x0, 0x0, r2, {0x1f, 0x3}}}, 0x24}, 0x1, 0x0, 0x0, 0x20008040}, 0x4000000)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r4 = socket$xdp(0x2c, 0x3, 0x0)
r5 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000140)={'batadv_slave_1\x00', <r6=>0x0})
r7 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r4, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000280)=""/82, 0x328000, 0x2800}, 0x20)
setsockopt$XDP_UMEM_COMPLETION_RING(r7, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r8 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r7, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r7, 0x11b, 0x5, &(0x7f0000000340)=0x8000, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r8, 0x8933, &(0x7f0000000200)={'batadv_slave_1\x00', <r9=>0x0})
setsockopt$XDP_TX_RING(r4, 0x11b, 0x3, &(0x7f0000001780)=0x100000, 0x4)
bind$xdp(r7, &(0x7f0000000100)={0x2c, 0x0, r9}, 0x10)
bind$xdp(r4, &(0x7f0000000240)={0x2c, 0x1, r6, 0x2e, r7}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, 0x0})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
lsm_set_self_attr(0x64, 0x0, 0xe3, 0x0)
r10 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
finit_module(r10, &(0x7f0000000300)='/selinux/load\x00', 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r10, 0x0)
write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x2000)

639.683942ms ago: executing program 4 (id=660):
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe028010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000200850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000002600)=@newlink={0x34, 0x10, 0x0, 0x0, 0x0, {0x0, 0x0, 0xffff}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0x4}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
sendmsg$unix(r2, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000080)="03", 0x1}, {&(0x7f0000000000)="438d94d73d60b9609a5f44279cdb2abd0c2eecd6b07e3497ad53fe9d55119b4d4888fbb1cf8122", 0x27}], 0x2, &(0x7f0000000280)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18, 0x20000000}, 0x2000810)
recvmmsg(r3, &(0x7f0000001140), 0x700, 0x2, 0x0)

599.531051ms ago: executing program 4 (id=661):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
prlimit64(r0, 0xb, &(0x7f0000000000)={0x9, 0x8}, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
ioprio_set$pid(0x2, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000000, &(0x7f00000006c0), 0x1, 0x512, &(0x7f0000000c40)="$eJzs3W1rZFcdAPD/vcmk2d3UTFVkLdgWW9ktujNJY9so0lYQfVVQ6/s1JpMQMsmEzKRuQtEsfgBBRAU/gG8EP4Ag+xFEWND3oqKI7upL3St35kbzMJMMySSzTn4/OJlz7sP5n3PJ3LkPh3sDuLJeioh3ImIsIl6NiOlielqk2OukfLnHjz5YzFMSWfbe35JIimn7deXl8Yi4Uaw2GRFf/0rEt5LjcZs7u2sL9XptqyhXW+ub1ebO7p3V9YWV2kptY25u9o35N+dfn5/JCufqZzki3vrSn370/Z99+a1ffebbv7/7l9vfyZv1hY912h0Ri+cK0EOn7lJ7W+zLt9HWRQQbkrw/pbFhtwIAgH7kx/gfjohPto//p2OsfTQHAAAAjJLs7an4VxKRAQAAACMrjYipSNJKMRZgKtK0UumM4f1oXE/rjWbr08uN7Y2lfF5EOUrp8mq9NlOMFS5HKcnLs8UY2/3ya0fKcxHxXET8cPpau1xZbNSXhn3xAwAAAK6IGy8ePv//53TazgMAAAAjptyzAAAAAIwKp/wAAAAw+pz/AwAAwEj76rvv5inbf4/30vs722uN9+8s1ZprlfXtxcpiY2uzstJorLSf2bd+Wn31RmPzs7Gxfa/aqjVb1ebO7t31xvZG6+7qoVdgAwAAAJfouRcf/C6JiL3PX2unKJ4DCHDIH4fdAGCQxobdAGBoxofdAGBoSqcuYQ8Boy45Zf7xwTuda4Xx64tpDwAAMHi3Pn78/v9EMe/0awPA/zNjfQDg6nF3D66u0llHAN4cdEuAYflQ5+OZXvN7Pryjj/v/nWsMWXamhgEAAAMz1U5JWimO06ciTSuViGfbrwUoJcur9dpMcX7w2+nSM3l5tr1mcuqYYQAAAAAAAAAAAAAAAAAAAAAAAACgI8uSyAAAAICRFpH+OWk/zT/i1vQrU4evDhx569dP3/vxvYVWa2s2YiL5+3Q+aSIiWj8ppr+WeSUAAAAAPAU65+nF5+ywWwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqHn86IPF/XSZcf/6xYgod4s/HpPtz8koRcT1fyQxfmC9JCLGBhB/735E3OwWP4knWZaVi1Z0i3/tguOX25ume/w0Im4MID5cZQ/y/c873b5/abzU/uz+/Rsv0nn13v+l/93/jfXY/zx7pNzL8w9/Ue0Z/37E8+Pd9z/78ZNO/EMh8sLLffbxm9/Y3e0640CV3eIfjFVtrW9Wmzu7d1bXF1ZqK7WNubnZN+bfnH99fqa6vFqvFX+7hvnBJ3755KT+X+8Rv3y4/8e2/yt99T6Lfz+89+gjnUKpW/zbL3f//b3ZI35a/PZ9qsjn82/t5/c6+YNe+PlvXjip/0s9+j95Sv9v99X/+NyrX/veH7rOObY1AIDL0NzZXVuo12tbJ2Qm+1jmkjNvPx3NGGAmno5mDCuTfbfz/3i+es65+rFMdp7Vx2MAzZg49j0di7NWmETs5XX1+Q8JAACMmP8d9J90BwkAAAAAAAAAAAAAAAAAAAC4SGd8LNlkRPS98NGYe8PpKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAif4TAAD//4RX0Xo=")

544.858031ms ago: executing program 1 (id=662):
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
getsockopt$inet_mreq(r0, 0x0, 0x20, &(0x7f0000000140)={@loopback, @remote}, &(0x7f0000000440)=0x8)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f0000000880)=ANY=[@ANYBLOB="18e60000010000000000000000030000850000007b000000957635690f79992993a174ef74e67069855ae6b60a07aa6cde3f372431f77854d4d8732350e60000000cd81e1e57f78d2b7484dea27fad9d4b010f66ed421e6343f51709f438a0bee617f20027cdc0778a29bc0ec09d49888be781f07ab6c391fbdb9a313b8c39c7105e8521d31be7539aa97a3f9836c773dd358583a58636e1f1f8d1fca81583759b3b06542aa1a34d5da372769b74930ecd1ec76a52d20a8b4b862863cc34f5f9c7e4617c9b01e2a0084acdae44cccd889648e03b00000000000000000000000000326d4bf9d239aae3187a4c6b0496e5ce2b0e12bffdc053bb7623a4942ca13317dc2605f255b1941beb318f540e6ac815c73d1cc03e1d4636c2b03001d92bc7b9475977701dc9fe8de57e57dbf818c7d3830469632ba2a23389aca47f75c02144c1f635a1adcc33a5d08bc71b4f2d6c"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
perf_event_open(0x0, 0x0, 0xfffffffffffffffe, 0xffffffffffffffff, 0x8)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000080050005000200000011000300686173683a69702c706f7274"], 0x4c}}, 0x2)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="54000000090601020000000000000000020000000900020073797a310000000005000100070000002c0007800c00018008000140ffffffff0500070084000000060004404e2200000c004280080001407f000001"], 0x54}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r4 = fsopen(&(0x7f0000000400)='autofs\x00', 0x0)
r5 = socket(0x10, 0x3, 0x0)
r6 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r6, 0x0, &(0x7f00000000c0)=<r7=>0x0)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newtfilter={0x88, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0xf}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x5c, 0x2, [@TCA_U32_SEL={0x44, 0x5, {0xe, 0x1, 0x3, 0x1, 0x4, 0x2, 0x6, 0xfffffffa, [{0x200, 0x500, 0x3, 0x6}, {0x6783, 0x2, 0x8001, 0x10}, {0x0, 0x53, 0xa9, 0x1}]}}, @TCA_U32_INDEV={0x14, 0x8, 'netdevsim0\x00'}]}}]}, 0x88}}, 0x24040084)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000500)={'team0\x00', <r9=>0x0})
sendmsg$ETHTOOL_MSG_FEATURES_GET(r1, &(0x7f0000000640)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000600)={&(0x7f0000000680)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="020026bd7000fbdbdf250b00000030000180a8afc0d208000100", @ANYRES32=0x0, @ANYBLOB="14000200767863616e310000000000000000000008000100", @ANYRES32=r9, @ANYBLOB="080003000200000004000180"], 0x48}, 0x1, 0x0, 0x0, 0x8080}, 0x20000002)
r10 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r8)
sendmsg$NFC_CMD_DEV_UP(r8, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000004c0)={0x1c, r10, 0x1, 0x70bd28, 0x25dfdbfe, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r7}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4040}, 0x8000)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000700)=<r11=>0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000740)=<r12=>0x0)
sendmsg$NFC_CMD_DEV_DOWN(0xffffffffffffffff, &(0x7f0000000840)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000800)={&(0x7f0000000780)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="10022cbd7000ffdbdf250300000008000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=r12, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=r7, @ANYBLOB="7eba8c2e", @ANYRES32=r11, @ANYBLOB="08000100", @ANYRES32=r12, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB], 0x5c}, 0x1, 0x0, 0x0, 0x15}, 0x40)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)
r13 = creat(&(0x7f00000000c0)='./file0\x00', 0xc9028ba210c11f48)
ioctl$BLKTRACESETUP(r13, 0xc0481273, &(0x7f0000000000)={'\x00', 0x8, 0x2, 0x80400, 0x2004, 0x800})
getsockopt$inet_sctp6_SCTP_MAXSEG(r5, 0x84, 0xd, 0x0, &(0x7f0000000280))
getgid()
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000240)=',-\x10*\x00', &(0x7f0000000380)='$\x00', 0x0)
close(r4)

334.029741ms ago: executing program 0 (id=663):
ioperm(0x2, 0x7ff, 0x8)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f000010e000/0x4000)=nil, 0x4000, 0x0)
r0 = socket$unix(0x1, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0, <r2=>0x0}, &(0x7f0000cab000)=0x40)
semctl$IPC_SET(0x0, 0x0, 0x1, &(0x7f0000000100)={{0x0, r1, r2, r1, r2, 0x124, 0x84b1}, 0x3, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x1})
setresuid(0xee01, r1, 0xffffffffffffffff)
semctl$IPC_SET(0x0, 0x0, 0x1, &(0x7f0000000380)={{0x3, 0x0, 0x0, r1, 0x0, 0x80, 0x80}, 0x7, 0x7, 0x0, 0x0, 0x0, 0x0, 0x1})
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2200410, &(0x7f00000001c0)={[], [{@uid_gt={'uid>', r1}}]}, 0x81, 0x7a5, &(0x7f0000000f80)="$eJzs3c9rXNUeAPDvnfxq0r6XPHjwXl0FBA2UTkyNrYKLigsRLBR0bRsm01AzyZTMpDQh0BYR3AgqLgTddO2PunPrj63+Fy6kpWparLiQkTuZSSbNTJq0mZlgPh+4uefcc2/O+c65P87MvcwEcGCNpn8yEUcj4v0kYri2PImIvmqqN+L02nr3V1dy6ZREpfL6r0l1nXurK7lo2CZ1uJb5f0R8907EsczWektLy7NThUJ+oZYfL89dGi8tLR+/ODc1k5/Jz5+cmJw8ceq5Uyf3Ltbff1w+cvuDV57+8vSfb//v5nvfJ3E6jtTKGuPYK6MxWntN+tKXcJOX97qyLku63QAeSXpo9qwd5XE0hqOnmmphsJMtAwDa5WpEVACAAyZx/QeAA6b+OcC91ZVcferuJxKddeeliDi0Fn/9/uZaSW/tnt2h6n3QoXvJpjsjSUSM7EH9oxHx6ddvfp5O0ab7kADNXLseEedHRree/5Mtzyzs1jPbFVYGqrPRBxY7/0HnfJOOf55vNv7LrI9/osn4Z6DJsfsoHn78Z27tQTUtpeO/FxuebbvfEH/NSE8t96/qmK8vuXCxkE/Pbf+OiLHoG0jzE9VVmz8FNXb3r7ut6m8c//324VufpfWn8401Mrd6BzZvMz1VnnrcuOvuXI94ordZ/Ml6/yctxr9nd1jHqy+8+0mrsjT+NN76tDX+9qrciHiqaf9v9GWy7fOJ49XdYby+UzTx1U8fD7Wqf6P/B6rztP76e4FOSPt/aPv4R5LG5zVLu6/jhxvD37Yqa9z/m8fffP/vT96opvtry65MlcsLExH9yWtbl5/Y2Laer6+fxj/2ZPPjv9X+n6k9G3t+Pbe93tu/fFH7V03jr7rWKv72SuOf3lX/b5Oo1LZ5oOjm/dmeVvXvrP8nq6mx2pKdnP8e0tLH2JsBAAAAAAAAAAAAAAAAAAAAAAAAYPcyEXEkkkx2PZ3JZLNrv+H93xjKFIql8rELxcX56aj+VvZI9GXqX3U53PB9qBO178Ov5088kH82Iv4TER8NDFbz2VyxMN3t4AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5vDm3/+/ms6y2bWynwe63ToAoG0OdbsBAEDHuf4DwMGzu+v/YNvaAQB0zq7f/1eS9jQEAOiYHV//z7e3HQBA57j/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJudPXMmnSp/rK7k0vz05aXF2eLl49P50mx2bjGXzRUXLmVnisWZQj6bK861/EfX1maFYvHSZMwvXhkv50vl8dLS8rm54uJ8+dzFuamZ/Ll8X8ciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICdKy0tz04VCvkFiW0Tg/ujGfsm0Rv7ohn/+ER/12pvPEsMdu8EBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDP/R0AAP//aHclQg==")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0)
pwritev2(r3, &(0x7f0000000180)=[{&(0x7f00000000c0)="1ad918ee80392d2ac9", 0x9}], 0x1, 0x5405, 0x3, 0x6)
r4 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r4, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)

298.45255ms ago: executing program 0 (id=664):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$EXT4_IOC_SWAP_BOOT(r1, 0x6611)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r2}, 0x10)
linkat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0xc00)

228.92798ms ago: executing program 0 (id=665):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
splice(r0, 0x0, r1, 0x0, 0x39000, 0x0)
memfd_create(&(0x7f0000000080), 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2, 0x0, 0x200000000200}, 0x18)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000008c0)={r3, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

84.31187ms ago: executing program 2 (id=666):
r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file2\x00', 0x200801f, &(0x7f00000006c0), 0x1, 0x509, &(0x7f0000001500)="$eJzs3U1vG3kZAPBnJnY3abM4CxyWldhdsYuSiq2TbOhuxGFZJASnlYDlXkLiRlGcuCRO20QVpOIDICEESFzgxAXBB0BC/QgIqRK9I0AgBC0cOBQG2R6HNLXz0jp2G/9+0r/z4pl5nqeRx/OfGXsCGFqvR8RURGRZll2MiFI+P81b7LZaY7kH928tNloSWfbh35NI8nntbb2QDy/kq41GxNe+HPHN5PG4m9s7qwvVamUjn56uryUPs2zn0srawnJlubI+Nzf7zvy785fnZ3pS50REvPfFP//wez//0nu/eevGH678derbrQJb9tfRVVY6cdxW6cXm/0VbISI2TrylZ1ehWWHL5QHnAgDA4RpHtB+NiE9FxMUoxUjzaA4AAAA4S7LPj8fDpHX9DwAAADib0ogYjyQt5/f7jkealsute3g/HufTam2z/pl9971ORDG9ulKtzOT3DkxEMWlMv5/fY9uefvvA9FxEvBQRPyiNNafLi7Xq0kDPfAAAAMDwuHCg//+vUqv/DwAAAJwxE4NOAAAAADh1B/v/IwPKAwAAADg9rv8DAADAmfaVDz5otKz9/Oul69tbq7Xrl5Yqm6vlta3F8mJt41p5uVZbbv5m39pR26vWatc+G+tbN6frlc369Ob2zpW12tZ6/crKI4/ABgAAAPropdfu3EsiYvdzY2lEZMm+14oR2SNfBSj0Pz/g9KQnWfhPp5cH0H++6gfDyyE9DK/ioBMABu6o/UDXm3d+2/tcAACA0zH5ib3r/80GDI/8+n+SPNnqv/xWT7MB+sn1fxhe5wadADAwxcOOAJ6wUwA8P9JjvNWf/vp/lp0oKQAAoOfGmy1Jy3k/YDzStFyOeLH5WIBicnWlWpmJiI9ExO9LxRca07PNNROnBwAAAAAAAAAAAAAAAAAAAAAAAADgmLIsiayLsb1lAAAAgOdZRPqXJH/+12TpzfGD5wfOJf8uRf6c0Bs/+fBHNxfq9Y3Zxvx/7M2v/zif/3a/z14AAAAAnbT76e1+PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD00oP7txbbrZ9x//aFiJjoFL8Qo83haBQj4vw/kyjsWy+JiJEexN+9HREvd4qfNNKKiTyLg/HTiBgbcPwLPYgPw+xOY//zfqf3XxqvN4ed33+FvD2t7vu/dG//N9Jl//dipw2mj8965e6vprvGvx3xSqHz/qcR/1yMNmN1iv/GMWv8xtd3drq9lv0sYrLj50/ySKzppHBtenN759LK2sJyZbmyPjc3+878u/OX52emr65UK/m/HWN8/5O//u9h9Z/vEn+iOexe/5vHrP8/d2/e/1hrtHjgpWL8NMum3uj893+5S/z2Z9+n8z93Y3qyPb7bGt/v1V/87tXXDql/qUv9o0fUP3XM+i9+9bt/POaiAEAfbG7vrC5Uq5UNI2dmpHFs9gyksW9krJ/5LMRhy7QPYvuQz3fyUKdf8r23Inq95QHulAAAgFPx/4P+QWcCAAAAAAAAAAAAAAAAAAAAw+uonwGLHvyc2MGYu4MpFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgUP8LAAD//1c4yxQ=")
fsetxattr$system_posix_acl(r0, &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000008"], 0xfe44, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_enter\x00', r1, 0x0, 0x8}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x3, '\x00', 0x0, @fallback=0x22, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r2}, 0x38)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
r4 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000001440), 0x0, 0x0)
ioctl$IMADDTIMER(r4, 0x80044940, &(0x7f0000000080)=0x14)
close(r4)

0s ago: executing program 2 (id=667):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0xc9d7, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
sendmsg$IPCTNL_MSG_CT_DELETE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)={0xac, 0x2, 0x1, 0x5, 0x0, 0x0, {0x3, 0x0, 0x4}, [@CTA_TUPLE_ORIG={0x2c, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2f}}, @CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x11}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}]}, @CTA_ID={0x8}, @CTA_TUPLE_REPLY={0x10, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}]}, @CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0x10}]}, @CTA_TUPLE_ORIG={0x4}, @CTA_MARK={0x8, 0x8, 0x1, 0x0, 0x6}, @CTA_FILTER={0x3c, 0x19, 0x0, 0x1, [@CTA_FILTER_ORIG_FLAGS={0x8}, @CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x4}, @CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x400}, @CTA_FILTER_ORIG_FLAGS={0x8}, @CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x2}, @CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x40}, @CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0xa00}]}]}, 0xac}}, 0x4)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB="0107000000000000000020"], 0x1c}, 0x1, 0x0, 0x0, 0x8041}, 0x0)
r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$selinux_load(r3, &(0x7f0000000340)={0xf97cff8c, 0x8}, 0x2000)

kernel console output (not intermixed with test programs):

9][ T3717] active_anon:4401 inactive_anon:0 isolated_anon:0
[   33.674459][ T3717]  active_file:4892 inactive_file:2021 isolated_file:0
[   33.674459][ T3717]  unevictable:0 dirty:1704 writeback:0
[   33.674459][ T3717]  slab_reclaimable:2716 slab_unreclaimable:13476
[   33.674459][ T3717]  mapped:28772 shmem:252 pagetables:916
[   33.674459][ T3717]  sec_pagetables:0 bounce:0
[   33.674459][ T3717]  kernel_misc_reclaimable:0
[   33.674459][ T3717]  free:1907493 free_pcp:4361 free_cma:0
[   33.719175][ T3717] Node 0 active_anon:17720kB inactive_anon:0kB active_file:19568kB inactive_file:8084kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:115204kB dirty:6816kB writeback:0kB shmem:1008kB writeback_tmp:0kB kernel_stack:2880kB pagetables:3664kB sec_pagetables:0kB all_unreclaimable? no
[   33.746981][ T3717] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   33.773878][ T3717] lowmem_reserve[]: 0 2885 7863 0
[   33.778970][ T3717] Node 0 DMA32 free:2950848kB boost:0kB min:4136kB low:7068kB high:10000kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2954380kB mlocked:0kB bounce:0kB free_pcp:3532kB local_pcp:0kB free_cma:0kB
[   33.807435][ T3717] lowmem_reserve[]: 0 0 4978 0
[   33.812254][ T3717] Node 0 Normal free:4663764kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB active_anon:17720kB inactive_anon:0kB active_file:19568kB inactive_file:8084kB unevictable:0kB writepending:6816kB present:5242880kB managed:5098208kB mlocked:0kB bounce:0kB free_pcp:13404kB local_pcp:11408kB free_cma:0kB
[   33.842589][ T3717] lowmem_reserve[]: 0 0 0 0
[   33.847230][ T3717] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   33.860051][ T3717] Node 0 DMA32: 4*4kB (M) 2*8kB (M) 2*16kB (M) 4*32kB (M) 4*64kB (M) 2*128kB (M) 2*256kB (M) 3*512kB (M) 3*1024kB (M) 2*2048kB (M) 718*4096kB (M) = 2950848kB
[   33.876148][ T3717] Node 0 Normal: 75*4kB (UME) 75*8kB (M) 33*16kB (UME) 32*32kB (UME) 18*64kB (UME) 9*128kB (UME) 18*256kB (UME) 14*512kB (UM) 12*1024kB (ME) 3*2048kB (ME) 1130*4096kB (UME) = 4663444kB
[   33.894775][ T3717] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[   33.904118][ T3717] 7170 total pagecache pages
[   33.908832][ T3717] 5 pages in swap cache
[   33.912999][ T3717] Free swap  = 124864kB
[   33.917167][ T3717] Total swap = 124996kB
[   33.921323][ T3717] 2097051 pages RAM
[   33.925242][ T3717] 0 pages HighMem/MovableOnly
[   33.929925][ T3717] 80064 pages reserved
[   33.984791][ T3705] can0 (unregistered): slcan off ptm0.
[   34.072206][ T3752] SELinux: ebitmap: empty map
[   34.077308][ T3752] SELinux: failed to load policy
[   34.084841][ T3754] loop2: detected capacity change from 0 to 164
[   34.102462][ T3749] vlan2: entered allmulticast mode
[   34.120184][ T3754] FAULT_INJECTION: forcing a failure.
[   34.120184][ T3754] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   34.134734][ T3754] CPU: 0 UID: 0 PID: 3754 Comm: syz.2.107 Not tainted 6.14.0-rc4-syzkaller-00073-g5394eea10651 #0
[   34.134785][ T3754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   34.134798][ T3754] Call Trace:
[   34.134803][ T3754]  <TASK>
[   34.134809][ T3754]  dump_stack_lvl+0xf2/0x150
[   34.134873][ T3754]  dump_stack+0x15/0x1a
[   34.134895][ T3754]  should_fail_ex+0x24a/0x260
[   34.134927][ T3754]  should_fail+0xb/0x10
[   34.134954][ T3754]  should_fail_usercopy+0x1a/0x20
[   34.135022][ T3754]  _copy_from_user+0x1c/0xa0
[   34.135105][ T3754]  do_handle_open+0x38b/0x630
[   34.135146][ T3754]  __x64_sys_open_by_handle_at+0x46/0x50
[   34.135179][ T3754]  x64_sys_call+0x2cca/0x2dc0
[   34.135220][ T3754]  do_syscall_64+0xc9/0x1c0
[   34.135250][ T3754]  ? clear_bhb_loop+0x55/0xb0
[   34.135272][ T3754]  ? clear_bhb_loop+0x55/0xb0
[   34.135296][ T3754]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   34.135448][ T3754] RIP: 0033:0x7fb2b865d169
[   34.135460][ T3754] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   34.135478][ T3754] RSP: 002b:00007fb2b6cc7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[   34.135572][ T3754] RAX: ffffffffffffffda RBX: 00007fb2b8875fa0 RCX: 00007fb2b865d169
[   34.135582][ T3754] RDX: 0000000000000000 RSI: 0000400000000080 RDI: ffffffffffffff9c
[   34.135592][ T3754] RBP: 00007fb2b6cc7090 R08: 0000000000000000 R09: 0000000000000000
[   34.135601][ T3754] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   34.135688][ T3754] R13: 0000000000000000 R14: 00007fb2b8875fa0 R15: 00007ffe44e6f428
[   34.135729][ T3754]  </TASK>
[   34.470273][ T3769] vlan2: entered promiscuous mode
[   34.595455][ T3779] loop2: detected capacity change from 0 to 764
[   34.800999][ T3783] loop3: detected capacity change from 0 to 2048
[   34.885699][ T3783] Alternate GPT is invalid, using primary GPT.
[   34.892068][ T3783]  loop3: p1 p2 p3
[   34.968488][ T2998] Alternate GPT is invalid, using primary GPT.
[   34.974848][ T2998]  loop3: p1 p2 p3
[   34.998488][ T3795] loop2: detected capacity change from 0 to 1024
[   35.036877][ T3795] EXT4-fs: Ignoring removed orlov option
[   35.042948][ T3801] netlink: 76 bytes leftover after parsing attributes in process `syz.0.122'.
[   35.047654][ T3611] udevd[3611]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[   35.072744][ T3800] FAULT_INJECTION: forcing a failure.
[   35.072744][ T3800] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   35.085837][ T3800] CPU: 1 UID: 0 PID: 3800 Comm: syz.3.120 Not tainted 6.14.0-rc4-syzkaller-00073-g5394eea10651 #0
[   35.085858][ T3800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   35.085921][ T3800] Call Trace:
[   35.085928][ T3800]  <TASK>
[   35.085936][ T3800]  dump_stack_lvl+0xf2/0x150
[   35.085967][ T3800]  dump_stack+0x15/0x1a
[   35.085989][ T3800]  should_fail_ex+0x24a/0x260
[   35.086089][ T3800]  should_fail+0xb/0x10
[   35.086116][ T3800]  should_fail_usercopy+0x1a/0x20
[   35.086145][ T3800]  _copy_to_user+0x20/0xa0
[   35.086174][ T3800]  rng_dev_read+0x3e8/0x700
[   35.086287][ T3800]  vfs_readv+0x3e2/0x660
[   35.086447][ T3800]  ? __pfx_rng_dev_read+0x10/0x10
[   35.086487][ T3800]  __x64_sys_preadv+0xf4/0x1c0
[   35.086551][ T3800]  x64_sys_call+0x2680/0x2dc0
[   35.086585][ T3800]  do_syscall_64+0xc9/0x1c0
[   35.086638][ T3800]  ? clear_bhb_loop+0x55/0xb0
[   35.086663][ T3800]  ? clear_bhb_loop+0x55/0xb0
[   35.086718][ T3800]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   35.086742][ T3800] RIP: 0033:0x7f9de971d169
[   35.086758][ T3800] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   35.086779][ T3800] RSP: 002b:00007f9de7d81038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[   35.086863][ T3800] RAX: ffffffffffffffda RBX: 00007f9de9935fa0 RCX: 00007f9de971d169
[   35.086878][ T3800] RDX: 0000000000000001 RSI: 0000400000000240 RDI: 0000000000000003
[   35.086954][ T3800] RBP: 00007f9de7d81090 R08: 0000000000000000 R09: 0000000000000000
[   35.086965][ T3800] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   35.086975][ T3800] R13: 0000000000000000 R14: 00007f9de9935fa0 R15: 00007ffc4b8c1298
[   35.086995][ T3800]  </TASK>
[   35.088955][ T3284] udevd[3284]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[   35.145936][ T3287] udevd[3287]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[   35.224936][ T3795] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   35.354259][ T3805] udevd[3805]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[   35.354376][ T3284] udevd[3284]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[   35.372727][ T3611] udevd[3611]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[   35.399813][ T3813] netlink: 24 bytes leftover after parsing attributes in process `syz.0.126'.
[   35.408853][ T3813] netlink: 24 bytes leftover after parsing attributes in process `syz.0.126'.
[   35.425252][ T3813] netlink: 24 bytes leftover after parsing attributes in process `syz.0.126'.
[   35.434132][ T3813] netlink: 24 bytes leftover after parsing attributes in process `syz.0.126'.
[   35.453361][ T3813] Zero length message leads to an empty skb
[   35.463463][ T3795] wireguard0: entered promiscuous mode
[   35.468969][ T3795] wireguard0: entered allmulticast mode
[   35.537254][ T3824] loop3: detected capacity change from 0 to 512
[   35.558132][ T3827] vlan2: entered allmulticast mode
[   35.612427][ T3824] EXT4-fs: inline encryption not supported
[   35.673533][ T3834] SELinux: ebitmap: empty map
[   35.674553][ T3824] EXT4-fs: test_dummy_encryption option not supported
[   35.698224][ T3834] SELinux: failed to load policy
[   35.727320][ T3838] 9pnet_fd: Insufficient options for proto=fd
[   35.738828][ T3840] vlan2: entered promiscuous mode
[   35.743945][ T3840] vlan2: entered allmulticast mode
[   35.786590][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.838940][ T3848] ip6t_REJECT: TCP_RESET illegal for non-tcp
[   36.001865][ T3868] vlan2: entered promiscuous mode
[   36.007024][ T3868] vlan2: entered allmulticast mode
[   36.014989][ T3867] netlink: 28 bytes leftover after parsing attributes in process `syz.2.140'.
[   36.023921][ T3867] netlink: 28 bytes leftover after parsing attributes in process `syz.2.140'.
[   36.105468][ T3872] netlink: 8 bytes leftover after parsing attributes in process `syz.2.140'.
[   36.159195][ T3874] loop4: detected capacity change from 0 to 8192
[   36.384790][   T29] kauditd_printk_skb: 339 callbacks suppressed
[   36.384806][   T29] audit: type=1400 audit(1740647813.518:1061): avc:  denied  { execute } for  pid=3878 comm="syz.4.146" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=6365 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[   36.427312][ T3879] netlink: 24 bytes leftover after parsing attributes in process `syz.4.146'.
[   36.486694][   T29] audit: type=1400 audit(1740647813.628:1062): avc:  denied  { mount } for  pid=3880 comm="syz.4.147" name="/" dev="ramfs" ino=6381 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[   36.511258][ T3881] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   36.542190][ T3883] loop1: detected capacity change from 0 to 8192
[   36.552850][ T3881] loop4: detected capacity change from 0 to 1024
[   36.575122][   T29] audit: type=1400 audit(1740647813.718:1063): avc:  denied  { mounton } for  pid=3880 comm="syz.4.147" path="/bus" dev="ramfs" ino=5459 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=file permissive=1
[   36.601092][ T3881] EXT4-fs: Ignoring removed nobh option
[   36.625457][ T3881] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[   36.635287][ T3881] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (29254!=20869)
[   36.655781][   T29] audit: type=1326 audit(1740647813.798:1064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3888 comm="syz.0.151" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f085043d169 code=0x0
[   36.707594][ T3881] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[   36.736154][   T29] audit: type=1400 audit(1740647813.848:1065): avc:  denied  { wake_alarm } for  pid=3888 comm="syz.0.151" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   36.744487][ T3881] EXT4-fs (loop4): journal inode is deleted
[   36.763292][ T3893] loop0: detected capacity change from 0 to 1024
[   36.773706][ T3893] EXT4-fs: Ignoring removed bh option
[   36.779622][ T3893] ext2: Unknown parameter 'euid>00000000004294967295'
[   36.856361][   T29] audit: type=1326 audit(1740647813.998:1066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3896 comm="syz.1.153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d97f9d169 code=0x7ffc0000
[   36.974733][ T3301] audit: audit_backlog=65 > audit_backlog_limit=64
[   36.981401][ T3301] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64
[   36.989149][ T3301] audit: backlog limit exceeded
[   36.994458][   T29] audit: type=1326 audit(1740647814.028:1067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3888 comm="syz.0.151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f085043d169 code=0x7ffc0000
[   37.009712][ T3905] atomic_op ffff88811d265528 conn xmit_atomic 0000000000000000
[   37.067879][ T3909] vlan2: entered allmulticast mode
[   37.081365][ T3910] FAULT_INJECTION: forcing a failure.
[   37.081365][ T3910] name failslab, interval 1, probability 0, space 0, times 0
[   37.093995][ T3910] CPU: 0 UID: 0 PID: 3910 Comm: syz.1.157 Not tainted 6.14.0-rc4-syzkaller-00073-g5394eea10651 #0
[   37.094086][ T3910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   37.094098][ T3910] Call Trace:
[   37.094104][ T3910]  <TASK>
[   37.094112][ T3910]  dump_stack_lvl+0xf2/0x150
[   37.094163][ T3910]  dump_stack+0x15/0x1a
[   37.094210][ T3910]  should_fail_ex+0x24a/0x260
[   37.094242][ T3910]  ? nsim_fib_event_nb+0x1ae/0xd40
[   37.094267][ T3910]  should_failslab+0x8f/0xb0
[   37.094380][ T3910]  __kmalloc_cache_noprof+0x4e/0x320
[   37.094405][ T3910]  ? dev_map_hash_lookup_elem+0xa2/0xd0
[   37.094450][ T3910]  nsim_fib_event_nb+0x1ae/0xd40
[   37.094472][ T3910]  ? __rcu_read_unlock+0x4e/0x70
[   37.094493][ T3910]  ? __pfx_nsim_fib_event_nb+0x10/0x10
[   37.094526][ T3910]  atomic_notifier_call_chain+0x76/0x1d0
[   37.094587][ T3910]  call_fib_notifiers+0x66/0xa0
[   37.094611][ T3910]  call_fib6_notifiers+0x32/0x40
[   37.094644][ T3910]  fib6_del+0x73b/0x8a0
[   37.094678][ T3910]  __ip6_del_rt+0x5e/0x120
[   37.094730][ T3910]  ip6_del_rt+0x50/0x80
[   37.094751][ T3910]  __ipv6_ifa_notify+0x57f/0x840
[   37.094809][ T3910]  ? timer_delete+0x17/0x20
[   37.094840][ T3910]  ? work_grab_pending+0x219/0x480
[   37.094865][ T3910]  ? mutex_spin_on_owner+0xb9/0x170
[   37.094886][ T3910]  ? __rcu_read_unlock+0x4e/0x70
[   37.094928][ T3910]  ipv6_del_addr+0x44d/0x5e0
[   37.094956][ T3910]  inet6_addr_del+0x2f6/0x400
[   37.094980][ T3910]  addrconf_del_ifaddr+0xaa/0xe0
[   37.095003][ T3910]  inet6_ioctl+0x85/0x190
[   37.095100][ T3910]  ? ioctl_has_perm+0x28d/0x2e0
[   37.095141][ T3910]  sock_do_ioctl+0x81/0x260
[   37.095169][ T3910]  sock_ioctl+0x40f/0x600
[   37.095193][ T3910]  ? __pfx_sock_ioctl+0x10/0x10
[   37.095219][ T3910]  __se_sys_ioctl+0xc9/0x140
[   37.095325][ T3910]  __x64_sys_ioctl+0x43/0x50
[   37.095351][ T3910]  x64_sys_call+0x1690/0x2dc0
[   37.095398][ T3910]  do_syscall_64+0xc9/0x1c0
[   37.095432][ T3910]  ? clear_bhb_loop+0x55/0xb0
[   37.095463][ T3910]  ? clear_bhb_loop+0x55/0xb0
[   37.095504][ T3910]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   37.095535][ T3910] RIP: 0033:0x7f9d97f9d169
[   37.095551][ T3910] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   37.095571][ T3910] RSP: 002b:00007f9d96601038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   37.095590][ T3910] RAX: ffffffffffffffda RBX: 00007f9d981b5fa0 RCX: 00007f9d97f9d169
[   37.095604][ T3910] RDX: 0000400000000000 RSI: 0000000000008936 RDI: 0000000000000006
[   37.095633][ T3910] RBP: 00007f9d96601090 R08: 0000000000000000 R09: 0000000000000000
[   37.095647][ T3910] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   37.095661][ T3910] R13: 0000000000000000 R14: 00007f9d981b5fa0 R15: 00007fff0d880028
[   37.095681][ T3910]  </TASK>
[   37.433097][ T3909] 9pnet_fd: Insufficient options for proto=fd
[   37.446038][ T3915] netlink: 180900 bytes leftover after parsing attributes in process `syz.3.159'.
[   37.455711][ T3915] netlink: zone id is out of range
[   37.460831][ T3915] netlink: zone id is out of range
[   37.471103][ T3915] netlink: zone id is out of range
[   37.477083][ T3915] netlink: zone id is out of range
[   37.482206][ T3915] netlink: zone id is out of range
[   37.493263][ T3915] netlink: zone id is out of range
[   37.505944][ T3915] netlink: zone id is out of range
[   37.511099][ T3915] netlink: zone id is out of range
[   37.516254][ T3915] netlink: zone id is out of range
[   37.521364][ T3915] netlink: zone id is out of range
[   37.530154][ T3924] pim6reg1: entered promiscuous mode
[   37.535555][ T3924] pim6reg1: entered allmulticast mode
[   37.611482][ T3933] vlan2: entered promiscuous mode
[   37.860539][ T3954] loop4: detected capacity change from 0 to 1024
[   37.926137][ T3954] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   38.006143][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.023574][ T3966] SELinux: ebitmap: empty map
[   38.028360][ T3966] SELinux: failed to load policy
[   38.102650][ T3970] SELinux: ebitmap: empty map
[   38.128325][ T3970] SELinux: failed to load policy
[   38.145331][ T3972] FAULT_INJECTION: forcing a failure.
[   38.145331][ T3972] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   38.158412][ T3972] CPU: 0 UID: 0 PID: 3972 Comm: syz.2.183 Not tainted 6.14.0-rc4-syzkaller-00073-g5394eea10651 #0
[   38.158440][ T3972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   38.158453][ T3972] Call Trace:
[   38.158459][ T3972]  <TASK>
[   38.158537][ T3972]  dump_stack_lvl+0xf2/0x150
[   38.158570][ T3972]  dump_stack+0x15/0x1a
[   38.158595][ T3972]  should_fail_ex+0x24a/0x260
[   38.158629][ T3972]  should_fail+0xb/0x10
[   38.158661][ T3972]  should_fail_usercopy+0x1a/0x20
[   38.158701][ T3972]  _copy_to_user+0x20/0xa0
[   38.158721][ T3972]  simple_read_from_buffer+0xa0/0x110
[   38.158782][ T3972]  proc_fail_nth_read+0xf9/0x140
[   38.158860][ T3972]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   38.158886][ T3972]  vfs_read+0x19b/0x6f0
[   38.158912][ T3972]  ? __rcu_read_unlock+0x4e/0x70
[   38.158967][ T3972]  ? __fget_files+0x17c/0x1c0
[   38.159003][ T3972]  ksys_read+0xe8/0x1b0
[   38.159038][ T3972]  __x64_sys_read+0x42/0x50
[   38.159075][ T3972]  x64_sys_call+0x2874/0x2dc0
[   38.159104][ T3972]  do_syscall_64+0xc9/0x1c0
[   38.159204][ T3972]  ? clear_bhb_loop+0x55/0xb0
[   38.159234][ T3972]  ? clear_bhb_loop+0x55/0xb0
[   38.159264][ T3972]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   38.159330][ T3972] RIP: 0033:0x7fb2b865bb7c
[   38.159346][ T3972] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   38.159366][ T3972] RSP: 002b:00007fb2b6cc7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   38.159386][ T3972] RAX: ffffffffffffffda RBX: 00007fb2b8875fa0 RCX: 00007fb2b865bb7c
[   38.159400][ T3972] RDX: 000000000000000f RSI: 00007fb2b6cc70a0 RDI: 0000000000000003
[   38.159413][ T3972] RBP: 00007fb2b6cc7090 R08: 0000000000000000 R09: 0000000000000000
[   38.159426][ T3972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   38.159438][ T3972] R13: 0000000000000001 R14: 00007fb2b8875fa0 R15: 00007ffe44e6f428
[   38.159525][ T3972]  </TASK>
[   38.433405][ T3974] ip6gre1: entered allmulticast mode
[   38.540824][ T3984] loop4: detected capacity change from 0 to 2048
[   38.564669][ T3984] EXT4-fs: Ignoring removed oldalloc option
[   38.585043][ T3984] EXT4-fs (loop4): stripe (257) is not aligned with cluster size (16), stripe is disabled
[   38.603417][ T3985] vlan2: entered allmulticast mode
[   38.632601][ T3984] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   38.652093][ T3991] 9pnet_fd: Insufficient options for proto=fd
[   38.772190][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.859858][ T4005] SELinux: syz.4.194 (4005) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[   38.930983][ T4010] SELinux: ebitmap: empty map
[   38.951967][ T4011] vlan2: entered promiscuous mode
[   38.952246][ T4010] SELinux: failed to load policy
[   38.992828][ T4012] ip6gre1: entered allmulticast mode
[   39.056873][ T4021] netfs: Couldn't get user pages (rc=-14)
[   39.079805][ T4023] netlink: '+}[@': attribute type 39 has an invalid length.
[   39.120160][ T4027] loop4: detected capacity change from 0 to 2048
[   39.173111][ T4027] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   39.259253][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.299858][ T4043] SELinux: ebitmap: empty map
[   39.322697][ T4043] SELinux: failed to load policy
[   39.389936][ T4052] bridge_slave_1: left allmulticast mode
[   39.395987][ T4052] bridge_slave_1: left promiscuous mode
[   39.401655][ T4052] bridge0: port 2(bridge_slave_1) entered disabled state
[   39.420323][ T4051] syz.3.210(4051): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored.
[   39.440471][ T4052] bridge_slave_0: left allmulticast mode
[   39.446154][ T4052] bridge_slave_0: left promiscuous mode
[   39.451786][ T4052] bridge0: port 1(bridge_slave_0) entered disabled state
[   39.505863][ T4054] 9pnet_fd: Insufficient options for proto=fd
[   82.717580][   T29] kauditd_printk_skb: 489 callbacks suppressed
[   82.717607][   T29] audit: type=1400 audit(1740647859.858:1530): avc:  denied  { setopt } for  pid=4078 comm="syz.4.223" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   82.724208][ T4082] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=4082 comm=syz.4.223
[   82.762533][ T4084] loop1: detected capacity change from 0 to 512
[   82.769835][ T4084] EXT4-fs: Ignoring removed nomblk_io_submit option
[   82.781290][   T29] audit: type=1326 audit(1740647859.888:1531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4079 comm="syz.0.219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f085043d169 code=0x7ffc0000
[   82.804673][   T29] audit: type=1326 audit(1740647859.888:1532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4079 comm="syz.0.219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f085043d169 code=0x7ffc0000
[   82.806963][ T4084] EXT4-fs: Ignoring removed i_version option
[   82.827982][   T29] audit: type=1326 audit(1740647859.888:1533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4079 comm="syz.0.219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f085043d169 code=0x7ffc0000
[   82.828013][   T29] audit: type=1326 audit(1740647859.888:1534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4079 comm="syz.0.219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f085043d169 code=0x7ffc0000
[   82.880639][   T29] audit: type=1326 audit(1740647859.888:1535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4079 comm="syz.0.219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f085043d169 code=0x7ffc0000
[   82.903999][   T29] audit: type=1400 audit(1740647859.898:1536): avc:  denied  { mount } for  pid=4080 comm="syz.1.220" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[   82.925833][   T29] audit: type=1400 audit(1740647859.898:1537): avc:  denied  { relabelfrom } for  pid=4080 comm="syz.1.220" name="" dev="pipefs" ino=6819 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[   82.948097][   T29] audit: type=1400 audit(1740647859.918:1538): avc:  denied  { mounton } for  pid=4081 comm="syz.2.221" path="mnt:[4026532391]" dev="nsfs" ino=4026532391 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   82.971504][   T29] audit: type=1400 audit(1740647859.918:1539): avc:  denied  { create } for  pid=4081 comm="syz.2.221" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   83.019551][ T4083] wireguard0: entered promiscuous mode
[   83.025081][ T4083] wireguard0: entered allmulticast mode
[   83.034770][ T4084] EXT4-fs (loop1): 1 orphan inode deleted
[   83.041009][ T4084] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   83.076089][ T4100] loop4: detected capacity change from 0 to 1024
[   83.095481][ T4100] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[   83.112391][ T4100] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[   83.122879][ T4100] EXT4-fs error (device loop4): ext4_get_journal_inode:5798: comm syz.4.226: inode #1: comm syz.4.226: iget: illegal inode #
[   83.137737][ T4100] EXT4-fs (loop4): no journal found
[   83.141839][ T4101] loop2: detected capacity change from 0 to 512
[   83.142929][ T4100] EXT4-fs (loop4): can't get journal size
[   83.158187][ T4100] EXT4-fs (loop4): failed to initialize system zone (-22)
[   83.160765][ T4101] SELinux: security_context_str_to_sid (root) failed with errno=-22
[   83.173460][ T4105] loop0: detected capacity change from 0 to 512
[   83.179438][ T4100] EXT4-fs (loop4): mount failed
[   83.185845][ T4105] SELinux: security_context_str_to_sid (root) failed with errno=-22
[   83.271931][ T4114] vlan2: entered promiscuous mode
[   83.277190][ T4114] ip6gretap0: entered promiscuous mode
[   83.294458][ T4114] sg_write: data in/out 9180/14 bytes for SCSI command 0x0-- guessing data in;
[   83.294458][ T4114]    program syz.4.231 not setting count and/or reply_len properly
[   83.332489][ T4115] loop2: detected capacity change from 0 to 8192
[   83.355561][ T4120] __nla_validate_parse: 8 callbacks suppressed
[   83.355645][ T4120] netlink: 28 bytes leftover after parsing attributes in process `syz.0.232'.
[   83.370994][ T4120] netlink: 28 bytes leftover after parsing attributes in process `syz.0.232'.
[   83.387276][ T4115] syz.2.230: attempt to access beyond end of device
[   83.387276][ T4115] loop2: rw=0, sector=57847, nr_sectors = 1 limit=8192
[   83.434053][ T4115] FAT-fs (loop2): error, invalid access to FAT (entry 0x0000e1b1)
[   83.442149][ T4115] FAT-fs (loop2): Filesystem has been set read-only
[   83.455548][ T4115] FAT-fs (loop2): error, invalid access to FAT (entry 0x0000e1b1)
[   83.473610][ T4115] FAT-fs (loop2): error, invalid access to FAT (entry 0x0000e1b1)
[   83.500544][ T4128] loop3: detected capacity change from 0 to 512
[   83.515306][ T4128] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   83.571631][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.594765][ T4132] loop2: detected capacity change from 0 to 512
[   83.601679][ T4122] loop4: detected capacity change from 0 to 512
[   83.621278][ T4132] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2863: Unable to expand inode 17. Delete some EAs or run e2fsck.
[   83.635242][ T4122] EXT4-fs error (device loop4): ext4_orphan_get:1389: inode #15: comm syz.4.234: casefold flag without casefold feature
[   83.642143][ T4132] EXT4-fs (loop2): 1 truncate cleaned up
[   83.653904][ T4132] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   83.665595][ T4122] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.234: couldn't read orphan inode 15 (err -117)
[   83.684009][ T4132] mmap: syz.2.237 (4132) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   83.694051][ T4122] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   83.723067][ T4122] devtmpfs: Unknown parameter 'ûr_blbcuhì¿s'
[   83.744221][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.753289][ T4144] loop1: detected capacity change from 0 to 512
[   83.763927][ T4144] SELinux: security_context_str_to_sid (root) failed with errno=-22
[   83.889380][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.932307][ T4156] netlink: 28 bytes leftover after parsing attributes in process `syz.1.243'.
[   83.941248][ T4156] netlink: 28 bytes leftover after parsing attributes in process `syz.1.243'.
[   83.942045][ T4152] netlink: 24 bytes leftover after parsing attributes in process `syz.4.244'.
[   83.997055][ T4152] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4152 comm=syz.4.244
[   84.089752][ T4171] tipc: Started in network mode
[   84.094686][ T4171] tipc: Node identity ac14140f, cluster identity 4711
[   84.102724][ T4171] tipc: New replicast peer: 255.255.255.255
[   84.108892][ T4171] tipc: Enabled bearer <udp:syz2>, priority 10
[   84.119048][ T4173] loop2: detected capacity change from 0 to 1024
[   84.127652][ T4173] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[   84.144158][ T4173] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[   84.162503][ T4173] EXT4-fs error (device loop2): ext4_get_journal_inode:5798: comm syz.2.250: inode #1: comm syz.2.250: iget: illegal inode #
[   84.171265][ T4175] loop4: detected capacity change from 0 to 1024
[   84.178360][ T4173] EXT4-fs (loop2): no journal found
[   84.184905][ T4175] EXT4-fs: Ignoring removed orlov option
[   84.187111][ T4173] EXT4-fs (loop2): can't get journal size
[   84.192755][ T4175] EXT4-fs: Ignoring removed nomblk_io_submit option
[   84.219625][ T4180] loop0: detected capacity change from 0 to 512
[   84.220731][ T4173] EXT4-fs (loop2): failed to initialize system zone (-22)
[   84.233490][ T4173] EXT4-fs (loop2): mount failed
[   84.238737][ T4180] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   84.246933][ T4180] EXT4-fs (loop0): orphan cleanup on readonly fs
[   84.253717][ T4180] EXT4-fs error (device loop0): ext4_acquire_dquot:6927: comm syz.0.253: Failed to acquire dquot type 1
[   84.256051][ T4175] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   84.286412][ T4180] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.253: bg 0: block 40: padding at end of block bitmap is not set
[   84.302922][ T4180] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6550: Corrupt filesystem
[   84.321476][ T4180] EXT4-fs (loop0): 1 truncate cleaned up
[   84.336741][ T4185] netlink: 4 bytes leftover after parsing attributes in process `syz.2.254'.
[   84.339880][ T3296] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.345872][ T4185] netlink: 32 bytes leftover after parsing attributes in process `syz.2.254'.
[   84.356045][ T4180] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   84.380015][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.457753][ T3295] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.494783][ T4197] ip6gre1: entered allmulticast mode
[   84.533248][ T4201] capability: warning: `syz.2.262' uses deprecated v2 capabilities in a way that may be insecure
[   84.546694][ T4201] loop2: detected capacity change from 0 to 512
[   84.573340][ T4201] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   84.586237][ T4201] ext4 filesystem being mounted at /67/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   84.607602][    C1] hrtimer: interrupt took 36417 ns
[   84.759973][ T4224] loop4: detected capacity change from 0 to 512
[   84.767690][ T4224] SELinux: security_context_str_to_sid (root) failed with errno=-22
[   84.804619][ T4224] loop4: detected capacity change from 0 to 512
[   84.812657][ T4224] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   84.829780][ T4224] EXT4-fs (loop4): orphan cleanup on readonly fs
[   84.836901][ T4233] SELinux:  Context system_u:object_r:semanage_exec_t:s0 is not valid (left unmapped).
[   84.848648][ T4224] EXT4-fs warning (device loop4): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[   84.877094][ T4237] tipc: Started in network mode
[   84.882051][ T4237] tipc: Node identity ac14140f, cluster identity 4711
[   84.891010][ T4237] tipc: New replicast peer: 255.255.255.255
[   84.897383][ T4237] tipc: Enabled bearer <udp:syz2>, priority 10
[   84.903897][ T4224] EXT4-fs (loop4): Cannot turn on quotas: error -22
[   84.912546][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.921844][ T4224] ------------[ cut here ]------------
[   84.927378][ T4224] bad length passed for symlink [
[   84.927378][ T4224] ó
] (got 9000, expected 3)
[   84.927629][ T4224] WARNING: CPU: 1 PID: 4224 at ./include/linux/fs.h:803 inode_set_cached_link+0xc4/0xd0
[   84.946914][ T4224] Modules linked in:
[   84.947705][ T4239] loop1: detected capacity change from 0 to 8192
[   84.950819][ T4224] CPU: 1 UID: 0 PID: 4224 Comm: syz.4.269 Not tainted 6.14.0-rc4-syzkaller-00073-g5394eea10651 #0
[   84.967794][ T4224] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   84.977911][ T4224] RIP: 0010:inode_set_cached_link+0xc4/0xd0
[   84.978057][ T4233] loop3: detected capacity change from 0 to 512
[   84.983835][ T4224] Code: ff 48 c7 c7 1d f5 b2 86 e8 99 61 c4 ff c6 05 ef 71 0b 05 01 90 48 c7 c7 a8 31 1b 86 4c 89 f6 89 ea 44 89 f9 e8 4d b6 8c ff 90 <0f> 0b 90 90 eb 84 66 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90
[   85.009816][ T4224] RSP: 0018:ffffc90014a77a00 EFLAGS: 00010246
[   85.015920][ T4224] RAX: e6c2e312926e4b00 RBX: ffff888116a4d328 RCX: 0000000000080000
[   85.016801][ T4233] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   85.023921][ T4224] RDX: ffffc90004a38000 RSI: 0000000000006872 RDI: 0000000000006873
[   85.023943][ T4224] RBP: 0000000000002328 R08: ffffffff81343af7 R09: 0000000000000000
[   85.048600][ T4224] R10: 0001ffffffffffff R11: ffff888104914200 R12: ffff888116a4d328
[   85.056607][ T4224] R13: ffff888116a4d350 R14: ffff888116a4d200 R15: 0000000000000003
[   85.064613][ T4224] FS:  00007f0681c716c0(0000) GS:ffff888237d00000(0000) knlGS:0000000000000000
[   85.069275][ T4241] ip6gre2: entered allmulticast mode
[   85.073542][ T4224] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   85.073560][ T4224] CR2: 00007f08506262d8 CR3: 000000011cac2000 CR4: 00000000003506f0
[   85.093492][ T4224] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   85.101581][ T4224] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[   85.109622][ T4224] Call Trace:
[   85.112907][ T4224]  <TASK>
[   85.115883][ T4224]  ? __warn+0x141/0x350
[   85.120082][ T4224]  ? report_bug+0x315/0x420
[   85.124749][ T4224]  ? inode_set_cached_link+0xc4/0xd0
[   85.130071][ T4224]  ? handle_bug+0x60/0x90
[   85.134597][ T4224]  ? exc_invalid_op+0x1a/0x50
[   85.139372][ T4224]  ? asm_exc_invalid_op+0x1a/0x20
[   85.144443][ T4224]  ? __warn_printk+0x167/0x1b0
[   85.149240][ T4224]  ? inode_set_cached_link+0xc4/0xd0
[   85.154630][ T4224]  __ext4_iget+0x1bb5/0x1e20
[   85.159338][ T4224]  ext4_orphan_get+0x140/0x3e0
[   85.164113][ T4224]  ext4_orphan_cleanup+0x5df/0x9e0
[   85.169314][ T4224]  ? ext4_register_li_request+0xf2/0x660
[   85.175146][ T4224]  ext4_fill_super+0x32ec/0x3630
[   85.180106][ T4224]  ? set_blocksize+0x196/0x270
[   85.184915][ T4224]  ? sb_set_blocksize+0x95/0xb0
[   85.189831][ T4224]  ? setup_bdev_super+0x318/0x370
[   85.194895][ T4224]  ? __pfx_ext4_fill_super+0x10/0x10
[   85.200255][ T4224]  get_tree_bdev_flags+0x29f/0x310
[   85.205430][ T4224]  ? __pfx_ext4_fill_super+0x10/0x10
[   85.210776][ T4224]  get_tree_bdev+0x1f/0x30
[   85.215267][ T4224]  ext4_get_tree+0x1c/0x30
[   85.219684][ T4224]  vfs_get_tree+0x56/0x1e0
[   85.224124][ T4224]  do_new_mount+0x227/0x690
[   85.224424][ T3373] tipc: Node number set to 2886997007
[   85.228754][ T4224]  path_mount+0x49b/0xb30
[   85.235828][ T4233] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   85.238436][ T4224]  __se_sys_mount+0x27f/0x2d0
[   85.253924][ T4233] ext4 filesystem being mounted at /47/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   85.255929][ T4224]  ? do_mkdirat+0x27f/0x2c0
[   85.268850][ T4233] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.270411][ T4224]  __x64_sys_mount+0x67/0x80
[   85.283976][ T4224]  x64_sys_call+0x2c84/0x2dc0
[   85.288737][ T4224]  do_syscall_64+0xc9/0x1c0
[   85.293276][ T4224]  ? clear_bhb_loop+0x55/0xb0
[   85.297971][ T4224]  ? clear_bhb_loop+0x55/0xb0
[   85.302660][ T4224]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.308568][ T4224] RIP: 0033:0x7f068360e90a
[   85.313074][ T4224] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   85.332814][ T4224] RSP: 002b:00007f0681c70e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   85.341282][ T4224] RAX: ffffffffffffffda RBX: 00007f0681c70ef0 RCX: 00007f068360e90a
[   85.349255][ T4224] RDX: 0000400000000080 RSI: 0000400000000000 RDI: 00007f0681c70eb0
[   85.357252][ T4224] RBP: 0000400000000080 R08: 00007f0681c70ef0 R09: 000000000200801f
[   85.365313][ T4224] R10: 000000000200801f R11: 0000000000000246 R12: 0000400000000000
[   85.373361][ T4224] R13: 00007f0681c70eb0 R14: 00000000000004fb R15: 00004000000002c0
[   85.381364][ T4224]  </TASK>
[   85.384471][ T4224] ---[ end trace 0000000000000000 ]---
[   85.390997][ T4224] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2977: inode #16: comm syz.4.269: corrupted xattr block 31: invalid header
[   85.416886][ T4239]  loop1: p1 p3 p4
[   85.420765][ T4239] loop1: p1 start 4294967295 is beyond EOD, truncated
[   85.428623][ T4224] EXT4-fs warning (device loop4): ext4_evict_inode:276: xattr delete (err -117)
[   85.449562][ T4239] loop1: p4 size 3590325120 extends beyond EOD, truncated
[   85.458309][ T4224] EXT4-fs (loop4): 1 orphan inode deleted
[   85.465437][ T4251] loop2: detected capacity change from 0 to 1024
[   85.472591][ T4251] EXT4-fs: Ignoring removed orlov option
[   85.478321][ T4251] EXT4-fs: Ignoring removed nomblk_io_submit option
[   85.497940][ T4224] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   85.515496][ T4109] udevd[4109]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[   85.535780][ T4089] udevd[4089]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[   85.559960][ T4089] udevd[4089]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[   85.570510][ T4109] udevd[4109]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[   85.572966][ T4251] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   85.640923][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.661809][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.708618][ T4263] netlink: 1036 bytes leftover after parsing attributes in process `syz.0.285'.
[   85.717806][ T4263] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[   85.731368][ T4267] loop3: detected capacity change from 0 to 512
[   85.781783][ T4267] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   85.800957][ T4267] ext4 filesystem being mounted at /48/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   85.840339][ T4282] loop2: detected capacity change from 0 to 8192
[   85.894412][ T3377] tipc: Node number set to 2886997007
[   85.925671][ T4282]  loop2: p1 p3 p4
[   85.929671][ T4282] loop2: p1 start 4294967295 is beyond EOD, truncated
[   85.944946][ T4291] netlink: 28 bytes leftover after parsing attributes in process `syz.4.293'.
[   85.949225][ T4293] loop0: detected capacity change from 0 to 512
[   85.953977][ T4291] netlink: 28 bytes leftover after parsing attributes in process `syz.4.293'.
[   85.961750][ T4282] loop2: p4 size 3590325120 extends beyond EOD, truncated
[   86.005961][ T4293] SELinux: security_context_str_to_sid (root) failed with errno=-22
[   86.016035][ T2998]  loop2: p1 p3 p4
[   86.019864][ T2998] loop2: p1 start 4294967295 is beyond EOD, truncated
[   86.027120][ T2998] loop2: p4 size 3590325120 extends beyond EOD, truncated
[   86.096521][ T4289] loop0: detected capacity change from 0 to 512
[   86.102993][ T4269] loop1: detected capacity change from 0 to 512
[   86.117763][ T3296] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.127439][ T4109] udevd[4109]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[   86.127976][ T4289] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   86.142729][ T4090] udevd[4090]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[   86.161446][ T4289] EXT4-fs (loop0): orphan cleanup on readonly fs
[   86.164978][ T4269] EXT4-fs error (device loop1): ext4_orphan_get:1389: inode #15: comm syz.1.288: casefold flag without casefold feature
[   86.177430][ T4289] EXT4-fs warning (device loop0): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[   86.194913][ T4300] loop2: detected capacity change from 0 to 256
[   86.201314][ T4269] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.288: couldn't read orphan inode 15 (err -117)
[   86.208488][ T4289] EXT4-fs (loop0): Cannot turn on quotas: error -22
[   86.216327][ T4269] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   86.238924][ T4300] FAT-fs (loop2): IO charset maciceland not found
[   86.251174][ T4289] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2977: inode #16: comm syz.0.294: corrupted xattr block 31: invalid header
[   86.266861][ T4289] EXT4-fs warning (device loop0): ext4_evict_inode:276: xattr delete (err -117)
[   86.276172][ T4289] EXT4-fs (loop0): 1 orphan inode deleted
[   86.280859][ T4303] ip6gre1: entered allmulticast mode
[   86.288086][ T4269] devtmpfs: Unknown parameter 'ûr_blbcuhì¿s'
[   86.294652][ T4289] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   86.333502][ T3295] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.422030][ T4300] netlink: 'syz.2.296': attribute type 2 has an invalid length.
[   86.454352][ T4313] ip6gre3: entered allmulticast mode
[   86.477532][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.516747][ T4317] vlan2: entered allmulticast mode
[   86.601081][ T4327] xt_l2tp: wrong L2TP version: 0
[   86.736579][ T4330] loop5: detected capacity change from 0 to 7
[   86.742973][ T4330] Buffer I/O error on dev loop5, logical block 0, async page read
[   86.751068][ T4330] Buffer I/O error on dev loop5, logical block 0, async page read
[   86.759005][ T4330]  loop5: unable to read partition table
[   86.764938][ T4330] loop_reread_partitions: partition scan of loop5 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨�â·û
[   86.764938][ T4330] 
Uªÿÿÿÿÿÿ) failed (rc=-5)
[   86.782476][ T4330] loop4: detected capacity change from 0 to 512
[   86.785905][ T4332] netlink: '+}[@': attribute type 39 has an invalid length.
[   86.797219][ T4330] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities
[   86.841850][ T4335] ip6gre2: entered allmulticast mode
[   86.941471][ T4341] SELinux: ebitmap: empty map
[   86.946429][ T4339] FAULT_INJECTION: forcing a failure.
[   86.946429][ T4339] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   86.946563][ T4341] SELinux: failed to load policy
[   86.959663][ T4339] CPU: 0 UID: 0 PID: 4339 Comm: syz.0.312 Tainted: G        W          6.14.0-rc4-syzkaller-00073-g5394eea10651 #0
[   86.959696][ T4339] Tainted: [W]=WARN
[   86.959704][ T4339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   86.959718][ T4339] Call Trace:
[   86.959763][ T4339]  <TASK>
[   86.959770][ T4339]  dump_stack_lvl+0xf2/0x150
[   86.959800][ T4339]  dump_stack+0x15/0x1a
[   86.959884][ T4339]  should_fail_ex+0x24a/0x260
[   86.959916][ T4339]  should_fail+0xb/0x10
[   86.959943][ T4339]  should_fail_usercopy+0x1a/0x20
[   86.960027][ T4339]  _copy_to_user+0x20/0xa0
[   86.960047][ T4339]  simple_read_from_buffer+0xa0/0x110
[   86.960151][ T4339]  proc_fail_nth_read+0xf9/0x140
[   86.960184][ T4339]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   86.960214][ T4339]  vfs_read+0x19b/0x6f0
[   86.960239][ T4339]  ? __rcu_read_unlock+0x4e/0x70
[   86.960263][ T4339]  ? __fget_files+0x17c/0x1c0
[   86.960331][ T4339]  ksys_read+0xe8/0x1b0
[   86.960360][ T4339]  __x64_sys_read+0x42/0x50
[   86.960386][ T4339]  x64_sys_call+0x2874/0x2dc0
[   86.960414][ T4339]  do_syscall_64+0xc9/0x1c0
[   86.960530][ T4339]  ? clear_bhb_loop+0x55/0xb0
[   86.960561][ T4339]  ? clear_bhb_loop+0x55/0xb0
[   86.960592][ T4339]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.960621][ T4339] RIP: 0033:0x7f085043bb7c
[   86.960747][ T4339] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   86.960766][ T4339] RSP: 002b:00007f084eaa7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   86.960842][ T4339] RAX: ffffffffffffffda RBX: 00007f0850655fa0 RCX: 00007f085043bb7c
[   86.960856][ T4339] RDX: 000000000000000f RSI: 00007f084eaa70a0 RDI: 0000000000000005
[   86.960869][ T4339] RBP: 00007f084eaa7090 R08: 0000000000000000 R09: 0000000000000000
[   86.960883][ T4339] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   86.960926][ T4339] R13: 0000000000000000 R14: 00007f0850655fa0 R15: 00007ffcf6c0d138
[   86.960944][ T4339]  </TASK>
[   87.164311][ T4346] netlink: 'syz.0.314': attribute type 10 has an invalid length.
[   87.176714][ T4346] team0: Device hsr_slave_0 failed to register rx_handler
[   87.262159][ T4353] syz.4.318 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   87.276933][ T4353] xt_CT: You must specify a L4 protocol and not use inversions on it
[   87.341025][ T4367] xt_l2tp: wrong L2TP version: 0
[   87.381717][ T4372] xt_l2tp: wrong L2TP version: 0
[   87.404944][ T4376] netlink: 'syz.3.324': attribute type 9 has an invalid length.
[   87.433537][ T4378] loop1: detected capacity change from 0 to 512
[   87.440995][ T4378] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   87.451138][ T4378] EXT4-fs (loop1): orphan cleanup on readonly fs
[   87.457615][ T4376] loop3: detected capacity change from 0 to 8192
[   87.457933][ T4378] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm syz.1.325: Failed to acquire dquot type 1
[   87.475642][ T4378] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.325: bg 0: block 40: padding at end of block bitmap is not set
[   87.490087][ T4378] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6550: Corrupt filesystem
[   87.496487][ T4376]  loop3: p1 < > p3 < > p4
[   87.501424][ T4378] EXT4-fs (loop1): 1 truncate cleaned up
[   87.509368][ T4378] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   87.515342][ T4376] loop3: p4 start 4294967295 is beyond EOD, truncated
[   87.558051][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.622161][ T4376] bridge_slave_0: left allmulticast mode
[   87.627886][ T4376] bridge_slave_0: left promiscuous mode
[   87.633540][ T4376] bridge0: port 1(bridge_slave_0) entered disabled state
[   87.646763][ T4376] bridge_slave_1: left allmulticast mode
[   87.652559][ T4376] bridge_slave_1: left promiscuous mode
[   87.652642][ T4376] bridge0: port 2(bridge_slave_1) entered disabled state
[   87.656726][ T4376] bond0: (slave bond_slave_0): Releasing backup interface
[   87.659478][ T4393] FAULT_INJECTION: forcing a failure.
[   87.659478][ T4393] name failslab, interval 1, probability 0, space 0, times 0
[   87.659523][ T4393] CPU: 0 UID: 0 PID: 4393 Comm: syz.0.331 Tainted: G        W          6.14.0-rc4-syzkaller-00073-g5394eea10651 #0
[   87.659550][ T4393] Tainted: [W]=WARN
[   87.659557][ T4393] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   87.659569][ T4393] Call Trace:
[   87.659575][ T4393]  <TASK>
[   87.659603][ T4393]  dump_stack_lvl+0xf2/0x150
[   87.659685][ T4393]  dump_stack+0x15/0x1a
[   87.659707][ T4393]  should_fail_ex+0x24a/0x260
[   87.659807][ T4393]  should_failslab+0x8f/0xb0
[   87.659832][ T4393]  kmem_cache_alloc_node_noprof+0x59/0x320
[   87.659854][ T4393]  ? __alloc_skb+0x10b/0x310
[   87.659890][ T4393]  __alloc_skb+0x10b/0x310
[   87.659910][ T4393]  netlink_alloc_large_skb+0xad/0xe0
[   87.659940][ T4393]  netlink_sendmsg+0x3b4/0x6e0
[   87.660016][ T4393]  ? __pfx_netlink_sendmsg+0x10/0x10
[   87.660046][ T4393]  __sock_sendmsg+0x140/0x180
[   87.660075][ T4393]  ____sys_sendmsg+0x326/0x4b0
[   87.660104][ T4393]  __sys_sendmsg+0x19d/0x230
[   87.660187][ T4393]  __x64_sys_sendmsg+0x46/0x50
[   87.660260][ T4393]  x64_sys_call+0x2734/0x2dc0
[   87.660282][ T4393]  do_syscall_64+0xc9/0x1c0
[   87.660348][ T4393]  ? clear_bhb_loop+0x55/0xb0
[   87.660374][ T4393]  ? clear_bhb_loop+0x55/0xb0
[   87.660502][ T4393]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.660530][ T4393] RIP: 0033:0x7f085043d169
[   87.660545][ T4393] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   87.660565][ T4393] RSP: 002b:00007f084eaa7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   87.660584][ T4393] RAX: ffffffffffffffda RBX: 00007f0850655fa0 RCX: 00007f085043d169
[   87.660594][ T4393] RDX: 0000000004000054 RSI: 0000400000000480 RDI: 0000000000000004
[   87.660604][ T4393] RBP: 00007f084eaa7090 R08: 0000000000000000 R09: 0000000000000000
[   87.660613][ T4393] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   87.660686][ T4393] R13: 0000000000000000 R14: 00007f0850655fa0 R15: 00007ffcf6c0d138
[   87.660706][ T4393]  </TASK>
[   87.673486][ T4376] bond0: (slave bond_slave_1): Releasing backup interface
[   87.693392][ T4396] loop0: detected capacity change from 0 to 512
[   87.700082][ T4376] team0: Port device team_slave_0 removed
[   87.743315][ T4396] EXT4-fs (loop0): too many log groups per flexible block group
[   87.936191][ T4396] EXT4-fs (loop0): failed to initialize mballoc (-12)
[   87.943001][ T4396] EXT4-fs (loop0): mount failed
[   87.945231][ T4376] team0: Port device team_slave_1 removed
[   87.955204][ T4376] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   87.962629][ T4376] batman_adv: batadv0: Removing interface: batadv_slave_0
[   87.971859][   T29] kauditd_printk_skb: 589 callbacks suppressed
[   87.971873][   T29] audit: type=1326 audit(1740647865.108:2125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4386 comm="syz.1.328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d97f9d169 code=0x7ffc0000
[   88.001477][   T29] audit: type=1326 audit(1740647865.108:2126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4386 comm="syz.1.328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d97f9d169 code=0x7ffc0000
[   88.032852][ T4376] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   88.040281][ T4376] batman_adv: batadv0: Removing interface: batadv_slave_1
[   88.062871][ T4376] bond0: (slave netdevsim1): Releasing backup interface
[   88.080401][ T4401] tipc: New replicast peer: 10.1.1.2
[   88.085835][ T4401] tipc: Enabled bearer <udp:syz$>, priority 10
[   88.147648][ T4407] FAULT_INJECTION: forcing a failure.
[   88.147648][ T4407] name failslab, interval 1, probability 0, space 0, times 0
[   88.160328][ T4407] CPU: 0 UID: 0 PID: 4407 Comm: syz.0.336 Tainted: G        W          6.14.0-rc4-syzkaller-00073-g5394eea10651 #0
[   88.160388][ T4407] Tainted: [W]=WARN
[   88.160393][ T4407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   88.160421][ T4407] Call Trace:
[   88.160427][ T4407]  <TASK>
[   88.160434][ T4407]  dump_stack_lvl+0xf2/0x150
[   88.160461][ T4407]  dump_stack+0x15/0x1a
[   88.160501][ T4407]  should_fail_ex+0x24a/0x260
[   88.160542][ T4407]  should_failslab+0x8f/0xb0
[   88.160575][ T4407]  __kmalloc_node_noprof+0xad/0x410
[   88.160663][ T4407]  ? vmemdup_user+0x42/0x1b0
[   88.160689][ T4407]  vmemdup_user+0x42/0x1b0
[   88.160723][ T4407]  path_setxattrat+0x1c9/0x310
[   88.160764][ T4407]  __x64_sys_fsetxattr+0x6d/0x80
[   88.160797][ T4407]  x64_sys_call+0x29d2/0x2dc0
[   88.160952][ T4407]  do_syscall_64+0xc9/0x1c0
[   88.161083][ T4407]  ? clear_bhb_loop+0x55/0xb0
[   88.161105][ T4407]  ? clear_bhb_loop+0x55/0xb0
[   88.161216][ T4407]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.161241][ T4407] RIP: 0033:0x7f085043d169
[   88.161255][ T4407] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   88.161274][ T4407] RSP: 002b:00007f084eaa7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000be
[   88.161294][ T4407] RAX: ffffffffffffffda RBX: 00007f0850655fa0 RCX: 00007f085043d169
[   88.161307][ T4407] RDX: 0000400000000040 RSI: 0000400000000000 RDI: 0000000000000006
[   88.161320][ T4407] RBP: 00007f084eaa7090 R08: 0000000000000000 R09: 0000000000000000
[   88.161416][ T4407] R10: 0000000000000020 R11: 0000000000000246 R12: 0000000000000001
[   88.161428][ T4407] R13: 0000000000000000 R14: 00007f0850655fa0 R15: 00007ffcf6c0d138
[   88.161443][ T4407]  </TASK>
[   88.347899][ T4409] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[   88.356428][   T29] audit: type=1400 audit(1740647865.488:2127): avc:  denied  { create } for  pid=4408 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   88.375894][   T29] audit: type=1400 audit(1740647865.488:2128): avc:  denied  { bind } for  pid=4408 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   88.383764][ T4414] 9pnet_fd: Insufficient options for proto=fd
[   88.395167][   T29] audit: type=1400 audit(1740647865.488:2129): avc:  denied  { setopt } for  pid=4408 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   88.423516][ T4414] __nla_validate_parse: 4 callbacks suppressed
[   88.423587][   T29] audit: type=1400 audit(1740647865.518:2130): avc:  denied  { getopt } for  pid=4413 comm="syz.3.337" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   88.423530][ T4414] netlink: 8 bytes leftover after parsing attributes in process `syz.3.337'.
[   88.423614][   T29] audit: type=1400 audit(1740647865.518:2131): avc:  denied  { create } for  pid=4413 comm="syz.3.337" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[   88.453585][   T29] audit: type=1400 audit(1740647865.588:2132): avc:  denied  { write } for  pid=4408 comm="+}[@" path="socket:[7442]" dev="sockfs" ino=7442 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   88.458317][ T4414] netlink: 16 bytes leftover after parsing attributes in process `syz.3.337'.
[   88.577815][ T4417] xt_l2tp: wrong L2TP version: 0
[   88.629749][ T4424] netlink: 8 bytes leftover after parsing attributes in process `syz.4.341'.
[   88.679344][ T4422] netlink: '+}[@': attribute type 39 has an invalid length.
[   88.771754][ T4435] loop4: detected capacity change from 0 to 512
[   88.781182][ T4435] EXT4-fs (loop4): orphan cleanup on readonly fs
[   88.791851][ T4435] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.347: bg 0: block 248: padding at end of block bitmap is not set
[   88.810451][ T4438] netlink: 4 bytes leftover after parsing attributes in process `syz.0.348'.
[   88.819717][   T29] audit: type=1400 audit(1740647865.948:2133): avc:  denied  { getopt } for  pid=4437 comm="syz.0.348" lport=51 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   88.840042][   T29] audit: type=1326 audit(1740647865.948:2134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4437 comm="syz.0.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f085043d169 code=0x7ffc0000
[   88.841436][ T4435] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.347: Failed to acquire dquot type 1
[   88.892534][ T4435] EXT4-fs (loop4): 1 truncate cleaned up
[   88.899847][ T4435] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   88.915625][ T4445] SELinux: ebitmap: empty map
[   88.920502][ T4445] SELinux: failed to load policy
[   88.948832][ T4452] ip6gre2: entered allmulticast mode
[   88.972510][ T4435] syz.4.347 (4435) used greatest stack depth: 9280 bytes left
[   88.990525][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.000112][ T4457] netlink: 8 bytes leftover after parsing attributes in process `syz.1.355'.
[   89.041841][ T4465] netlink: 12 bytes leftover after parsing attributes in process `syz.0.357'.
[   89.050998][ T4464] netlink: 4 bytes leftover after parsing attributes in process `syz.1.358'.
[   89.061280][ T4464] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   89.068712][ T4464] batman_adv: batadv0: Removing interface: batadv_slave_0
[   89.084641][ T4464] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   89.092063][ T4464] batman_adv: batadv0: Removing interface: batadv_slave_1
[   89.099740][ T4468] xt_l2tp: wrong L2TP version: 0
[   89.128055][ T4475] loop3: detected capacity change from 0 to 512
[   89.135851][ T4475] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   89.148938][ T4475] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   89.163916][ T4475] EXT4-fs (loop3): 1 truncate cleaned up
[   89.171996][ T4475] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   89.190139][ T4475] netlink: 'syz.3.361': attribute type 21 has an invalid length.
[   89.198005][ T4475] netlink: 132 bytes leftover after parsing attributes in process `syz.3.361'.
[   89.208350][ T4475] xt_NFQUEUE: number of total queues is 0
[   89.241207][ T3296] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.243356][ T4482] SELinux: ebitmap: empty map
[   89.255970][ T4482] SELinux: failed to load policy
[   89.311174][ T4487] netlink: 68 bytes leftover after parsing attributes in process `syz.3.364'.
[   89.412281][ T4500] loop0: detected capacity change from 0 to 256
[   89.427298][ T4500] FAT-fs (loop0): IO charset maciceland not found
[   89.847138][ T4507] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.897871][ T4507] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.947442][ T4507] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.997111][ T4507] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.039652][ T4507] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   90.050701][ T4507] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   90.061607][ T4507] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   90.072503][ T4507] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   90.108410][ T4512] loop1: detected capacity change from 0 to 512
[   90.115031][ T4512] EXT4-fs: Ignoring removed bh option
[   90.125815][ T4512] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   90.155762][ T4512] EXT4-fs (loop1): 1 truncate cleaned up
[   90.162291][ T4512] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   90.176047][ T4520] SELinux: ebitmap: empty map
[   90.180795][ T4520] SELinux: failed to load policy
[   90.201244][ T4524] loop4: detected capacity change from 0 to 128
[   90.210198][ T4526] netlink: 28 bytes leftover after parsing attributes in process `syz.3.378'.
[   90.266244][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.407305][ T4555] FAULT_INJECTION: forcing a failure.
[   90.407305][ T4555] name failslab, interval 1, probability 0, space 0, times 0
[   90.420141][ T4555] CPU: 1 UID: 0 PID: 4555 Comm: syz.2.388 Tainted: G        W          6.14.0-rc4-syzkaller-00073-g5394eea10651 #0
[   90.420166][ T4555] Tainted: [W]=WARN
[   90.420172][ T4555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   90.420245][ T4555] Call Trace:
[   90.420249][ T4555]  <TASK>
[   90.420254][ T4555]  dump_stack_lvl+0xf2/0x150
[   90.420276][ T4555]  dump_stack+0x15/0x1a
[   90.420321][ T4555]  should_fail_ex+0x24a/0x260
[   90.420360][ T4555]  should_failslab+0x8f/0xb0
[   90.420390][ T4555]  __kmalloc_node_noprof+0xad/0x410
[   90.420419][ T4555]  ? should_fail_ex+0xd7/0x260
[   90.420441][ T4555]  ? __kvmalloc_node_noprof+0x72/0x170
[   90.420467][ T4555]  __kvmalloc_node_noprof+0x72/0x170
[   90.420493][ T4555]  io_pin_pages+0x9a/0x170
[   90.420586][ T4555]  io_sqe_buffer_register+0x115/0xf90
[   90.420653][ T4555]  ? ___kmalloc_large_node+0xba/0x120
[   90.420688][ T4555]  io_sqe_buffers_register+0x2d8/0x4e0
[   90.420714][ T4555]  io_register_rsrc+0x1b9/0x1f0
[   90.420792][ T4555]  __se_sys_io_uring_register+0x8a6/0x1ef0
[   90.420813][ T4555]  ? kstrtouint_from_user+0xb0/0xe0
[   90.420836][ T4555]  ? 0xffffffff81000000
[   90.420845][ T4555]  ? selinux_file_permission+0x22a/0x360
[   90.420870][ T4555]  ? __seccomp_filter+0x28a/0x1180
[   90.420947][ T4555]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   90.420970][ T4555]  ? vfs_write+0x644/0x920
[   90.420990][ T4555]  ? putname+0xcf/0xf0
[   90.421065][ T4555]  ? __secure_computing+0x9f/0x1c0
[   90.421084][ T4555]  __x64_sys_io_uring_register+0x55/0x70
[   90.421116][ T4555]  x64_sys_call+0x2c52/0x2dc0
[   90.421217][ T4555]  do_syscall_64+0xc9/0x1c0
[   90.421318][ T4555]  ? clear_bhb_loop+0x55/0xb0
[   90.421340][ T4555]  ? clear_bhb_loop+0x55/0xb0
[   90.421362][ T4555]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.421385][ T4555] RIP: 0033:0x7fb2b865d169
[   90.421463][ T4555] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   90.421499][ T4555] RSP: 002b:00007fb2b6cc7038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab
[   90.421514][ T4555] RAX: ffffffffffffffda RBX: 00007fb2b8875fa0 RCX: 00007fb2b865d169
[   90.421523][ T4555] RDX: 0000400000002700 RSI: 000000000000000f RDI: 0000000000000008
[   90.421609][ T4555] RBP: 00007fb2b6cc7090 R08: 0000000000000000 R09: 0000000000000000
[   90.421618][ T4555] R10: 0000000000000020 R11: 0000000000000246 R12: 0000000000000001
[   90.421627][ T4555] R13: 0000000000000000 R14: 00007fb2b8875fa0 R15: 00007ffe44e6f428
[   90.421645][ T4555]  </TASK>
[   90.699579][ T4558] loop3: detected capacity change from 0 to 256
[   90.718711][ T4558] FAT-fs (loop3): IO charset maciceland not found
[   91.178955][ T4572] netlink: 'syz.0.393': attribute type 13 has an invalid length.
[   91.237352][ T4574] ref_tracker: memory allocation failure, unreliable refcount tracker.
[   91.302776][ T4572] loop0: detected capacity change from 0 to 2048
[   91.367923][ T4572] Alternate GPT is invalid, using primary GPT.
[   91.374378][ T4572]  loop0: p2 p3 p7
[   91.682379][ T4585] vlan2: entered allmulticast mode
[   91.687569][ T4585] bridge_slave_0: entered allmulticast mode
[   91.696671][ T4585] bridge_slave_0: left allmulticast mode
[   92.071707][ T4592] bond0: entered allmulticast mode
[   92.136344][ T4592] loop4: detected capacity change from 0 to 1024
[   92.167566][ T4592] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   92.184653][ T4592] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4115: comm syz.4.401: Allocating blocks 497-513 which overlap fs metadata
[   92.200913][ T4592] EXT4-fs (loop4): pa ffff88810656c070: logic 7808, phys. 129, len 24
[   92.209140][ T4592] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5366: group 0, free 23, pa_free 24
[   92.363241][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.778829][ T4625] loop3: detected capacity change from 0 to 256
[   92.814159][ T4625] FAT-fs (loop3): IO charset maciceland not found
[   93.318231][ T4666] netlink: '+}[@': attribute type 39 has an invalid length.
[   93.547412][ T4672] net_ratelimit: 4 callbacks suppressed
[   93.547435][ T4672] dccp_invalid_packet: P.Data Offset(172) too large
[   93.565357][ T4672] loop1: detected capacity change from 0 to 512
[   93.634000][ T4672] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   93.646647][ T4672] ext4 filesystem being mounted at /86/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   93.660007][ T4672] EXT4-fs error (device loop1): ext4_do_update_inode:5154: inode #2: comm syz.1.413: corrupted inode contents
[   93.672500][ T4672] EXT4-fs error (device loop1): ext4_dirty_inode:6042: inode #2: comm syz.1.413: mark_inode_dirty error
[   93.684230][ T4672] EXT4-fs error (device loop1): ext4_do_update_inode:5154: inode #2: comm syz.1.413: corrupted inode contents
[   93.696397][ T4672] EXT4-fs error (device loop1): __ext4_ext_dirty:207: inode #2: comm syz.1.413: mark_inode_dirty error
[   93.717005][ T4671] SELinux: ebitmap: empty map
[   93.755289][ T4671] SELinux: failed to load policy
[   93.763638][ T4672] __nla_validate_parse: 5 callbacks suppressed
[   93.763650][ T4672] netlink: 8 bytes leftover after parsing attributes in process `syz.1.413'.
[   93.780304][ T4672] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[   93.834436][   T29] kauditd_printk_skb: 239 callbacks suppressed
[   93.834453][   T29] audit: type=1400 audit(1740647870.948:2372): avc:  denied  { read } for  pid=4679 comm="syz.3.415" laddr=fe80::e lport=255 faddr=ff01::1 fport=19489 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   93.879547][   T29] audit: type=1326 audit(1740647871.018:2373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4681 comm="syz.3.416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9de971d169 code=0x7ffc0000
[   93.903588][   T29] audit: type=1326 audit(1740647871.048:2374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4681 comm="syz.3.416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9de971d169 code=0x7ffc0000
[   93.918220][ T4682] loop3: detected capacity change from 0 to 128
[   93.927102][   T29] audit: type=1326 audit(1740647871.048:2375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4681 comm="syz.3.416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9de971d169 code=0x7ffc0000
[   93.956670][   T29] audit: type=1326 audit(1740647871.048:2376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4681 comm="syz.3.416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9de971d169 code=0x7ffc0000
[   93.969990][ T4682] syz.3.416: attempt to access beyond end of device
[   93.969990][ T4682] loop3: rw=2049, sector=145, nr_sectors = 896 limit=128
[   93.980023][   T29] audit: type=1326 audit(1740647871.048:2377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4681 comm="syz.3.416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9de971d169 code=0x7ffc0000
[   94.025600][   T29] audit: type=1326 audit(1740647871.048:2378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4681 comm="syz.3.416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9de971d169 code=0x7ffc0000
[   94.049016][   T29] audit: type=1326 audit(1740647871.048:2379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4681 comm="syz.3.416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9de971d169 code=0x7ffc0000
[   94.072302][   T29] audit: type=1326 audit(1740647871.048:2380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4681 comm="syz.3.416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9de971d169 code=0x7ffc0000
[   94.095603][   T29] audit: type=1326 audit(1740647871.048:2381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4681 comm="syz.3.416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9de971d169 code=0x7ffc0000
[   94.113254][ T4682] syz.3.416: attempt to access beyond end of device
[   94.113254][ T4682] loop3: rw=524288, sector=145, nr_sectors = 224 limit=128
[   94.135195][ T4682] syz.3.416: attempt to access beyond end of device
[   94.135195][ T4682] loop3: rw=0, sector=145, nr_sectors = 8 limit=128
[   94.148576][ T4682] syz.3.416: attempt to access beyond end of device
[   94.148576][ T4682] loop3: rw=0, sector=145, nr_sectors = 8 limit=128
[   94.163492][ T4682] syz.3.416: attempt to access beyond end of device
[   94.163492][ T4682] loop3: rw=0, sector=145, nr_sectors = 8 limit=128
[   94.177719][ T4693] ieee802154 phy0 wpan0: encryption failed: -22
[   94.180031][ T4692] netlink: '+}[@': attribute type 39 has an invalid length.
[   94.184177][ T4682] syz.3.416: attempt to access beyond end of device
[   94.184177][ T4682] loop3: rw=0, sector=145, nr_sectors = 8 limit=128
[   94.207660][ T4682] syz.3.416: attempt to access beyond end of device
[   94.207660][ T4682] loop3: rw=0, sector=145, nr_sectors = 8 limit=128
[   94.221301][ T4682] syz.3.416: attempt to access beyond end of device
[   94.221301][ T4682] loop3: rw=0, sector=145, nr_sectors = 8 limit=128
[   94.235613][ T4682] syz.3.416: attempt to access beyond end of device
[   94.235613][ T4682] loop3: rw=0, sector=145, nr_sectors = 8 limit=128
[   94.249141][ T4682] syz.3.416: attempt to access beyond end of device
[   94.249141][ T4682] loop3: rw=0, sector=145, nr_sectors = 8 limit=128
[   94.252941][ T4689] bond0: entered promiscuous mode
[   94.267263][ T4689] bond_slave_0: entered promiscuous mode
[   94.272956][ T4689] bond_slave_1: entered promiscuous mode
[   94.289632][ T4689] bond0: left promiscuous mode
[   94.294503][ T4689] bond_slave_0: left promiscuous mode
[   94.299982][ T4689] bond_slave_1: left promiscuous mode
[   94.353374][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   94.383296][ T4699] loop1: detected capacity change from 0 to 512
[   94.400467][ T4699] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   94.421768][ T4699] ext4 filesystem being mounted at /87/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   94.445738][ T4699] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   94.453175][ T4705] loop0: detected capacity change from 0 to 256
[   94.475075][ T4705] FAT-fs (loop0): IO charset maciceland not found
[   94.532139][ T4710] vlan2: entered allmulticast mode
[   94.619269][ T4715] loop2: detected capacity change from 0 to 512
[   94.636058][ T4715] ext2: Unknown parameter 'fsuuid'
[   94.643790][ T4705] netlink: 8 bytes leftover after parsing attributes in process `syz.0.425'.
[   94.667571][ T4718] netlink: 28 bytes leftover after parsing attributes in process `syz.4.429'.
[   94.676482][ T4718] netlink: 28 bytes leftover after parsing attributes in process `syz.4.429'.
[   94.743930][ T4721] netlink: 24 bytes leftover after parsing attributes in process `syz.3.430'.
[   94.818459][ T4719] netlink: 20 bytes leftover after parsing attributes in process `syz.2.428'.
[   94.832937][ T4729] netlink: '+}[@': attribute type 39 has an invalid length.
[   94.877625][ T4735] SELinux: ebitmap: empty map
[   94.882386][ T4735] SELinux: failed to load policy
[   94.903660][ T4739] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=4739 comm=syz.2.437
[   95.012157][ T4746] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.036022][ T4748] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   95.043223][ T4748] IPv6: NLM_F_CREATE should be set when creating new route
[   95.057939][ T4746] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.118644][ T4746] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.188513][ T4746] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.230822][ T4746] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   95.241737][ T4746] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   95.252623][ T4746] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   95.263416][ T4746] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   95.301245][ T4763] netlink: 8 bytes leftover after parsing attributes in process `syz.0.445'.
[   95.314300][ T4763] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.357580][ T4763] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.385714][ T4766] pim6reg: entered allmulticast mode
[   95.391497][ T4766] pim6reg: left allmulticast mode
[   95.417612][ T4770] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=4770 comm=syz.1.448
[   95.433494][ T4763] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.472613][ T4775] dccp_invalid_packet: P.Data Offset(172) too large
[   95.489158][ T4763] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.564439][ T4763] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   95.588234][ T4787] loop4: detected capacity change from 0 to 256
[   95.594953][ T4763] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   95.607387][ T4763] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   95.610648][ T4787] FAT-fs (loop4): IO charset maciceland not found
[   95.626984][ T4763] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   95.638687][ T4792] xt_hashlimit: overflow, try lower: 18446744073709551615/7
[   95.646839][ T4792] netlink: 12 bytes leftover after parsing attributes in process `syz.1.458'.
[   95.678200][ T4794] netlink: 'syz.1.459': attribute type 10 has an invalid length.
[   95.691299][ T4794] 8021q: adding VLAN 0 to HW filter on device team0
[   95.701771][ T4794] bond0: (slave team0): Enslaving as an active interface with an up link
[   95.705421][ T4797] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=4797 comm=syz.0.460
[   95.712800][ T4794] __ib_cache_gid_add: unable to add gid fe80:0000:0000:0000:ccfb:d8ff:fe1f:1baa error=-28
[   95.776160][ T4794] infiniband syz1: set active
[   95.781068][ T4794] infiniband syz1: added team_slave_0
[   95.791759][ T4787] netlink: 8 bytes leftover after parsing attributes in process `syz.4.456'.
[   95.811285][ T4794] RDS/IB: syz1: added
[   95.815952][ T4794] smc: adding ib device syz1 with port count 1
[   95.822795][ T4794] smc:    ib device syz1 port 1 has pnetid 
[   95.829064][ T4809] vlan2: entered allmulticast mode
[   95.964906][ T4812] netlink: 4 bytes leftover after parsing attributes in process `syz.2.465'.
[   96.067462][ T4826] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=4826 comm=syz.1.471
[   96.091944][ T4827] xt_l2tp: wrong L2TP version: 0
[   96.130721][ T4833] ip6gre1: entered allmulticast mode
[   96.238881][ T4851] usb usb1: usbfs: process 4851 (syz.3.479) did not claim interface 0 before use
[   96.264924][ T4854] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=4854 comm=syz.3.482
[   96.390962][ T4868] xt_l2tp: wrong L2TP version: 0
[   96.438075][ T4863] sd 0:0:1:0: device reset
[   96.597383][ T4889] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   96.621399][ T4893] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=4893 comm=syz.1.494
[   96.636216][ T4889] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   96.711714][ T4900] loop0: detected capacity change from 0 to 256
[   96.721223][ T4889] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   96.744903][ T4900] FAT-fs (loop0): IO charset maciceland not found
[   96.806552][ T4889] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   97.021516][ T4917] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=4917 comm=syz.1.502
[   97.107827][ T4920] loop1: detected capacity change from 0 to 512
[   97.116683][ T4920] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   97.126469][ T4920] EXT4-fs (loop1): orphan cleanup on readonly fs
[   97.133263][ T4920] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.503: bg 0: block 248: padding at end of block bitmap is not set
[   97.147833][ T4920] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm syz.1.503: Failed to acquire dquot type 1
[   97.159502][ T4920] EXT4-fs (loop1): 1 truncate cleaned up
[   97.165889][ T4920] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   97.282294][ T4925] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=4925 comm=syz.4.505
[   97.581414][ T4941] xt_hashlimit: max too large, truncated to 1048576
[   97.588849][ T4941] Cannot find set identified by id 0 to match
[   97.620336][ T4946] FAULT_INJECTION: forcing a failure.
[   97.620336][ T4946] name failslab, interval 1, probability 0, space 0, times 0
[   97.633144][ T4946] CPU: 0 UID: 0 PID: 4946 Comm: syz.0.513 Tainted: G        W          6.14.0-rc4-syzkaller-00073-g5394eea10651 #0
[   97.633220][ T4946] Tainted: [W]=WARN
[   97.633226][ T4946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   97.633281][ T4946] Call Trace:
[   97.633361][ T4946]  <TASK>
[   97.633368][ T4946]  dump_stack_lvl+0xf2/0x150
[   97.633397][ T4946]  dump_stack+0x15/0x1a
[   97.633418][ T4946]  should_fail_ex+0x24a/0x260
[   97.633447][ T4946]  should_failslab+0x8f/0xb0
[   97.633482][ T4946]  kmem_cache_alloc_noprof+0x52/0x320
[   97.633542][ T4946]  ? key_alloc+0x2a6/0xa40
[   97.633697][ T4946]  key_alloc+0x2a6/0xa40
[   97.633723][ T4946]  keyring_alloc+0x44/0xb0
[   97.633752][ T4946]  join_session_keyring+0xea/0x2a0
[   97.633776][ T4946]  lookup_user_key+0x3ef/0xdf0
[   97.633798][ T4946]  ? should_fail_ex+0xd7/0x260
[   97.633860][ T4946]  ? __pfx_lookup_user_key_possessed+0x10/0x10
[   97.633889][ T4946]  __se_sys_add_key+0x24b/0x320
[   97.633969][ T4946]  __x64_sys_add_key+0x67/0x80
[   97.634077][ T4946]  x64_sys_call+0x2964/0x2dc0
[   97.634105][ T4946]  do_syscall_64+0xc9/0x1c0
[   97.634141][ T4946]  ? clear_bhb_loop+0x55/0xb0
[   97.634165][ T4946]  ? clear_bhb_loop+0x55/0xb0
[   97.634262][ T4946]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.634290][ T4946] RIP: 0033:0x7f085043d169
[   97.634306][ T4946] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.634345][ T4946] RSP: 002b:00007f084eaa7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8
[   97.634368][ T4946] RAX: ffffffffffffffda RBX: 00007f0850655fa0 RCX: 00007f085043d169
[   97.634380][ T4946] RDX: 00004000000000c0 RSI: 0000000000000000 RDI: 0000400000000040
[   97.634393][ T4946] RBP: 00007f084eaa7090 R08: fffffffffffffffd R09: 0000000000000000
[   97.634405][ T4946] R10: 000000000000001c R11: 0000000000000246 R12: 0000000000000001
[   97.634417][ T4946] R13: 0000000000000001 R14: 00007f0850655fa0 R15: 00007ffcf6c0d138
[   97.634435][ T4946]  </TASK>
[   97.897320][ T4953] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=4953 comm=syz.0.516
[   97.910883][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.939780][ T4958] xt_l2tp: wrong L2TP version: 0
[   97.949389][ T4955] loop2: detected capacity change from 0 to 512
[   97.956225][ T4955] EXT4-fs: inline encryption not supported
[   97.962211][ T4955] EXT4-fs: dax option not supported
[   97.979241][ T4962] loop1: detected capacity change from 0 to 256
[   98.015644][ T4962] FAT-fs (loop1): IO charset maciceland not found
[   98.131704][ T4976] vlan3: entered allmulticast mode
[   98.136989][ T4976] bridge_slave_0: entered allmulticast mode
[   98.144588][ T4976] bridge_slave_0: left allmulticast mode
[   98.177790][ T4962] netlink: 'syz.1.520': attribute type 2 has an invalid length.
[   98.276529][ T4980] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.342857][ T4980] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.409905][ T4980] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.468221][ T4980] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.572180][ T4980] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   98.583584][ T4980] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   98.594901][ T4980] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   98.606778][ T4980] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   98.827084][ T4984] program syz.1.525 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   98.843157][ T4984] loop1: detected capacity change from 0 to 512
[   98.851228][ T4984] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   98.870613][ T4984] EXT4-fs (loop1): 1 truncate cleaned up
[   98.877836][ T4984] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   98.890687][ T4984] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.983351][   T29] kauditd_printk_skb: 463 callbacks suppressed
[   98.983369][   T29] audit: type=1326 audit(1740647876.118:2843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4993 comm="syz.4.527" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f068360d169 code=0x7ffc0000
[   99.012888][   T29] audit: type=1326 audit(1740647876.118:2844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4993 comm="syz.4.527" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f068360d169 code=0x7ffc0000
[   99.047840][   T29] audit: type=1326 audit(1740647876.178:2845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4993 comm="syz.4.527" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f068360d169 code=0x7ffc0000
[   99.071364][   T29] audit: type=1326 audit(1740647876.178:2846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4993 comm="syz.4.527" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f068360d169 code=0x7ffc0000
[   99.094998][   T29] audit: type=1326 audit(1740647876.178:2847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4993 comm="syz.4.527" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f068360d169 code=0x7ffc0000
[   99.118339][   T29] audit: type=1326 audit(1740647876.178:2848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4993 comm="syz.4.527" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f068360d169 code=0x7ffc0000
[   99.141750][   T29] audit: type=1326 audit(1740647876.178:2849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4993 comm="syz.4.527" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f068360d169 code=0x7ffc0000
[   99.165158][   T29] audit: type=1326 audit(1740647876.178:2850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4993 comm="syz.4.527" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f068360d169 code=0x7ffc0000
[   99.188469][   T29] audit: type=1326 audit(1740647876.178:2851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4993 comm="syz.4.527" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f068360d169 code=0x7ffc0000
[   99.211814][   T29] audit: type=1326 audit(1740647876.178:2852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4993 comm="syz.4.527" exe="/root/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7f068360d169 code=0x7ffc0000
[   99.235802][ T4996] FAULT_INJECTION: forcing a failure.
[   99.235802][ T4996] name failslab, interval 1, probability 0, space 0, times 0
[   99.248528][ T4996] CPU: 0 UID: 0 PID: 4996 Comm: syz.1.528 Tainted: G        W          6.14.0-rc4-syzkaller-00073-g5394eea10651 #0
[   99.248610][ T4996] Tainted: [W]=WARN
[   99.248618][ T4996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   99.248633][ T4996] Call Trace:
[   99.248641][ T4996]  <TASK>
[   99.248650][ T4996]  dump_stack_lvl+0xf2/0x150
[   99.248681][ T4996]  dump_stack+0x15/0x1a
[   99.248711][ T4996]  should_fail_ex+0x24a/0x260
[   99.248808][ T4996]  should_failslab+0x8f/0xb0
[   99.248845][ T4996]  __kmalloc_node_track_caller_noprof+0xa8/0x410
[   99.248876][ T4996]  ? trace_probe_init+0x1af/0x280
[   99.248903][ T4996]  kstrdup+0x3d/0xd0
[   99.248944][ T4996]  trace_probe_init+0x1af/0x280
[   99.248965][ T4996]  alloc_trace_uprobe+0x9b/0x1f0
[   99.249071][ T4996]  create_local_trace_uprobe+0xb7/0x2d0
[   99.249103][ T4996]  perf_uprobe_init+0xc2/0x140
[   99.249164][ T4996]  perf_uprobe_event_init+0xe2/0x140
[   99.249193][ T4996]  perf_try_init_event+0xcb/0x4f0
[   99.249230][ T4996]  ? perf_event_alloc+0xac6/0x12d0
[   99.249254][ T4996]  perf_event_alloc+0xad1/0x12d0
[   99.249322][ T4996]  __se_sys_perf_event_open+0x5ac/0x2230
[   99.249342][ T4996]  ? proc_fail_nth_write+0x12a/0x150
[   99.249391][ T4996]  ? vfs_write+0x5e1/0x920
[   99.249431][ T4996]  __x64_sys_perf_event_open+0x67/0x80
[   99.249456][ T4996]  x64_sys_call+0x1deb/0x2dc0
[   99.249553][ T4996]  do_syscall_64+0xc9/0x1c0
[   99.249605][ T4996]  ? clear_bhb_loop+0x55/0xb0
[   99.249635][ T4996]  ? clear_bhb_loop+0x55/0xb0
[   99.249668][ T4996]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.249709][ T4996] RIP: 0033:0x7f9d97f9d169
[   99.249724][ T4996] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   99.249743][ T4996] RSP: 002b:00007f9d96601038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[   99.249764][ T4996] RAX: ffffffffffffffda RBX: 00007f9d981b5fa0 RCX: 00007f9d97f9d169
[   99.249780][ T4996] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000400000000000
[   99.249795][ T4996] RBP: 00007f9d96601090 R08: 0000000000000000 R09: 0000000000000000
[   99.249810][ T4996] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[   99.249825][ T4996] R13: 0000000000000000 R14: 00007f9d981b5fa0 R15: 00007fff0d880028
[   99.249847][ T4996]  </TASK>
[   99.249893][ T4996] trace_uprobe: Failed to allocate trace_uprobe.(-12)
[   99.316400][ T4998] SELinux:  Context system_u:object_r:dhcp_state_t:s0 is not valid (left unmapped).
[   99.416667][ T4999] __nla_validate_parse: 5 callbacks suppressed
[   99.416683][ T4999] netlink: 28 bytes leftover after parsing attributes in process `syz.4.529'.
[   99.447258][ T4979] syz.2.524 (4979) used greatest stack depth: 6376 bytes left
[   99.450109][ T4999] netlink: 28 bytes leftover after parsing attributes in process `syz.4.529'.
[   99.527716][ T5001] loop1: detected capacity change from 0 to 512
[   99.562334][ T5001] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   99.571370][ T5001] EXT4-fs (loop1): orphan cleanup on readonly fs
[   99.578129][ T5001] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm syz.1.530: Failed to acquire dquot type 1
[   99.590468][ T5001] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.530: bg 0: block 40: padding at end of block bitmap is not set
[   99.605297][ T5001] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6550: Corrupt filesystem
[   99.614314][ T5001] EXT4-fs (loop1): 1 truncate cleaned up
[   99.620566][ T5001] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   99.652181][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.682022][ T5018] FAULT_INJECTION: forcing a failure.
[   99.682022][ T5018] name failslab, interval 1, probability 0, space 0, times 0
[   99.694709][ T5018] CPU: 1 UID: 0 PID: 5018 Comm: syz.4.537 Tainted: G        W          6.14.0-rc4-syzkaller-00073-g5394eea10651 #0
[   99.694741][ T5018] Tainted: [W]=WARN
[   99.694747][ T5018] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   99.694759][ T5018] Call Trace:
[   99.694765][ T5018]  <TASK>
[   99.694773][ T5018]  dump_stack_lvl+0xf2/0x150
[   99.694806][ T5018]  dump_stack+0x15/0x1a
[   99.694832][ T5018]  should_fail_ex+0x24a/0x260
[   99.694861][ T5018]  should_failslab+0x8f/0xb0
[   99.694897][ T5018]  kmem_cache_alloc_noprof+0x52/0x320
[   99.694923][ T5018]  ? vm_area_alloc+0x2c/0x130
[   99.694948][ T5018]  vm_area_alloc+0x2c/0x130
[   99.694969][ T5018]  mmap_region+0x819/0x1620
[   99.694988][ T5018]  ? __rcu_read_unlock+0x4e/0x70
[   99.695013][ T5018]  ? mntput_no_expire+0x70/0x3d0
[   99.695060][ T5018]  do_mmap+0x98a/0xc30
[   99.695096][ T5018]  vm_mmap_pgoff+0x16d/0x2d0
[   99.695132][ T5018]  ksys_mmap_pgoff+0xd0/0x330
[   99.695168][ T5018]  ? fpregs_assert_state_consistent+0x83/0xa0
[   99.695195][ T5018]  x64_sys_call+0x1940/0x2dc0
[   99.695225][ T5018]  do_syscall_64+0xc9/0x1c0
[   99.695253][ T5018]  ? clear_bhb_loop+0x55/0xb0
[   99.695285][ T5018]  ? clear_bhb_loop+0x55/0xb0
[   99.695318][ T5018]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.695350][ T5018] RIP: 0033:0x7f068360d169
[   99.695365][ T5018] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   99.695382][ T5018] RSP: 002b:00007f0681c71038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[   99.695400][ T5018] RAX: ffffffffffffffda RBX: 00007f0683825fa0 RCX: 00007f068360d169
[   99.695411][ T5018] RDX: 0000000000000002 RSI: 0000000000fbe000 RDI: 0000400000000000
[   99.695424][ T5018] RBP: 00007f0681c71090 R08: ffffffffffffffff R09: 0000000000000000
[   99.695436][ T5018] R10: 0000000000000031 R11: 0000000000000246 R12: 0000000000000001
[   99.695450][ T5018] R13: 0000000000000000 R14: 00007f0683825fa0 R15: 00007ffdf3ec5a68
[   99.695471][ T5018]  </TASK>
[   99.929797][ T5020] netlink: 68 bytes leftover after parsing attributes in process `syz.1.538'.
[   99.964725][ T5030] netlink: 'syz.4.542': attribute type 1 has an invalid length.
[   99.972474][ T5030] netlink: 224 bytes leftover after parsing attributes in process `syz.4.542'.
[   99.982524][ T5030] netlink: 36 bytes leftover after parsing attributes in process `syz.4.542'.
[   99.991434][ T5030] netlink: 16 bytes leftover after parsing attributes in process `syz.4.542'.
[  100.000424][ T5030] netlink: 36 bytes leftover after parsing attributes in process `syz.4.542'.
[  100.009581][ T5030] netlink: 36 bytes leftover after parsing attributes in process `syz.4.542'.
[  100.021549][ T5030] loop4: detected capacity change from 0 to 256
[  100.049992][ T5033] netlink: 28 bytes leftover after parsing attributes in process `syz.1.543'.
[  100.058897][ T5033] netlink: 28 bytes leftover after parsing attributes in process `syz.1.543'.
[  100.069123][ T5033] FAULT_INJECTION: forcing a failure.
[  100.069123][ T5033] name failslab, interval 1, probability 0, space 0, times 0
[  100.081797][ T5033] CPU: 1 UID: 0 PID: 5033 Comm: syz.1.543 Tainted: G        W          6.14.0-rc4-syzkaller-00073-g5394eea10651 #0
[  100.081872][ T5033] Tainted: [W]=WARN
[  100.081960][ T5033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  100.081986][ T5033] Call Trace:
[  100.081993][ T5033]  <TASK>
[  100.082000][ T5033]  dump_stack_lvl+0xf2/0x150
[  100.082027][ T5033]  dump_stack+0x15/0x1a
[  100.082046][ T5033]  should_fail_ex+0x24a/0x260
[  100.082082][ T5033]  ? __add_metainfo+0x5c/0x210
[  100.082111][ T5033]  should_failslab+0x8f/0xb0
[  100.082219][ T5033]  __kmalloc_cache_noprof+0x4e/0x320
[  100.082245][ T5033]  __add_metainfo+0x5c/0x210
[  100.082270][ T5033]  use_all_metadata+0x98/0x150
[  100.082359][ T5033]  tcf_ife_init+0x6e6/0x870
[  100.082390][ T5033]  tcf_action_init_1+0x339/0x490
[  100.082424][ T5033]  ? tc_action_load_ops+0x18c/0x3b0
[  100.082454][ T5033]  tcf_action_init+0x1cc/0x610
[  100.082502][ T5033]  tc_ctl_action+0x292/0x840
[  100.082605][ T5033]  ? __pfx_tc_ctl_action+0x10/0x10
[  100.082773][ T5033]  rtnetlink_rcv_msg+0x6aa/0x710
[  100.082801][ T5033]  ? ref_tracker_free+0x3a5/0x410
[  100.082828][ T5033]  netlink_rcv_skb+0x12c/0x230
[  100.082862][ T5033]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  100.082973][ T5033]  rtnetlink_rcv+0x1c/0x30
[  100.082990][ T5031] xt_l2tp: wrong L2TP version: 0
[  100.082999][ T5033]  netlink_unicast+0x599/0x670
[  100.083028][ T5033]  netlink_sendmsg+0x5cc/0x6e0
[  100.083067][ T5033]  ? __pfx_netlink_sendmsg+0x10/0x10
[  100.083200][ T5033]  __sock_sendmsg+0x140/0x180
[  100.083235][ T5033]  ____sys_sendmsg+0x326/0x4b0
[  100.083267][ T5033]  __sys_sendmsg+0x19d/0x230
[  100.083308][ T5033]  __x64_sys_sendmsg+0x46/0x50
[  100.083400][ T5033]  x64_sys_call+0x2734/0x2dc0
[  100.083471][ T5033]  do_syscall_64+0xc9/0x1c0
[  100.083504][ T5033]  ? clear_bhb_loop+0x55/0xb0
[  100.083533][ T5033]  ? clear_bhb_loop+0x55/0xb0
[  100.083642][ T5033]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.083671][ T5033] RIP: 0033:0x7f9d97f9d169
[  100.083707][ T5033] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.083727][ T5033] RSP: 002b:00007f9d96601038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  100.083743][ T5033] RAX: ffffffffffffffda RBX: 00007f9d981b5fa0 RCX: 00007f9d97f9d169
[  100.083755][ T5033] RDX: 0000000000000000 RSI: 0000400000000000 RDI: 0000000000000008
[  100.083767][ T5033] RBP: 00007f9d96601090 R08: 0000000000000000 R09: 0000000000000000
[  100.083780][ T5033] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  100.083835][ T5033] R13: 0000000000000000 R14: 00007f9d981b5fa0 R15: 00007fff0d880028
[  100.083855][ T5033]  </TASK>
[  100.406537][ T5040] dummy0: entered promiscuous mode
[  100.413224][ T5040] dummy0: left promiscuous mode
[  100.435017][ T5042] loop1: detected capacity change from 0 to 512
[  100.442446][ T5042] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  100.450698][ T5042] EXT4-fs (loop1): orphan cleanup on readonly fs
[  100.462794][ T5042] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm syz.1.546: Failed to acquire dquot type 1
[  100.474844][ T5042] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.546: bg 0: block 40: padding at end of block bitmap is not set
[  100.489990][ T5042] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  100.499659][ T5042] EXT4-fs (loop1): 1 truncate cleaned up
[  100.506534][ T5042] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  100.535356][ T5049] SELinux:  policydb table sizes (0,0) do not match mine (6,7)
[  100.543377][ T5049] SELinux: failed to load policy
[  100.543746][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.593277][ T5057] ip6gre2: entered allmulticast mode
[  100.635952][ T5059] xt_l2tp: wrong L2TP version: 0
[  101.003428][ T5071] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  101.020292][ T4889] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  101.032176][ T4889] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  101.041022][ T5073] FAULT_INJECTION: forcing a failure.
[  101.041022][ T5073] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  101.045080][ T4889] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  101.054177][ T5073] CPU: 1 UID: 0 PID: 5073 Comm: syz.0.557 Tainted: G        W          6.14.0-rc4-syzkaller-00073-g5394eea10651 #0
[  101.054214][ T5073] Tainted: [W]=WARN
[  101.054222][ T5073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  101.054313][ T5073] Call Trace:
[  101.054319][ T5073]  <TASK>
[  101.054355][ T5073]  dump_stack_lvl+0xf2/0x150
[  101.054537][ T5073]  dump_stack+0x15/0x1a
[  101.054568][ T5073]  should_fail_ex+0x24a/0x260
[  101.054599][ T5073]  should_fail+0xb/0x10
[  101.054623][ T5073]  should_fail_usercopy+0x1a/0x20
[  101.054666][ T5073]  _copy_to_user+0x20/0xa0
[  101.054688][ T5073]  simple_read_from_buffer+0xa0/0x110
[  101.054737][ T5073]  proc_fail_nth_read+0xf9/0x140
[  101.054774][ T5073]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  101.054808][ T5073]  vfs_read+0x19b/0x6f0
[  101.054890][ T5073]  ? __rcu_read_unlock+0x4e/0x70
[  101.054918][ T5073]  ? __fget_files+0x17c/0x1c0
[  101.054959][ T5073]  ksys_read+0xe8/0x1b0
[  101.054991][ T5073]  __x64_sys_read+0x42/0x50
[  101.055048][ T5073]  x64_sys_call+0x2874/0x2dc0
[  101.055080][ T5073]  do_syscall_64+0xc9/0x1c0
[  101.055116][ T5073]  ? clear_bhb_loop+0x55/0xb0
[  101.055149][ T5073]  ? clear_bhb_loop+0x55/0xb0
[  101.055182][ T5073]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.055214][ T5073] RIP: 0033:0x7f085043bb7c
[  101.055270][ T5073] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  101.055292][ T5073] RSP: 002b:00007f084eaa7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  101.055314][ T5073] RAX: ffffffffffffffda RBX: 00007f0850655fa0 RCX: 00007f085043bb7c
[  101.055329][ T5073] RDX: 000000000000000f RSI: 00007f084eaa70a0 RDI: 0000000000000006
[  101.055343][ T5073] RBP: 00007f084eaa7090 R08: 0000000000000000 R09: 0000000000000000
[  101.055403][ T5073] R10: 0000400000000000 R11: 0000000000000246 R12: 0000000000000001
[  101.055416][ T5073] R13: 0000000000000000 R14: 00007f0850655fa0 R15: 00007ffcf6c0d138
[  101.055438][ T5073]  </TASK>
[  101.262835][ T4889] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  101.305382][ T5079] loop0: detected capacity change from 0 to 512
[  101.306326][ T5077] loop3: detected capacity change from 0 to 512
[  101.321874][ T5079] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.335174][ T5077] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  101.335294][ T5079] ext4 filesystem being mounted at /107/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  101.346255][ T5077] EXT4-fs (loop3): orphan cleanup on readonly fs
[  101.361542][ T5077] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.559: Failed to acquire dquot type 1
[  101.373657][ T5077] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.559: bg 0: block 40: padding at end of block bitmap is not set
[  101.374475][ T3295] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.389146][ T5077] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  101.406751][ T5077] EXT4-fs (loop3): 1 truncate cleaned up
[  101.417565][ T5077] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  101.455547][ T3296] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.626903][ T5105] x_tables: duplicate underflow at hook 1
[  101.641945][ T5099] xt_l2tp: wrong L2TP version: 0
[  101.655360][ T5110] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.725401][ T5119] loop1: detected capacity change from 0 to 512
[  101.736455][ T5110] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.747006][ T5112] FAULT_INJECTION: forcing a failure.
[  101.747006][ T5112] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  101.760136][ T5112] CPU: 0 UID: 0 PID: 5112 Comm: syz.2.571 Tainted: G        W          6.14.0-rc4-syzkaller-00073-g5394eea10651 #0
[  101.760166][ T5112] Tainted: [W]=WARN
[  101.760173][ T5112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  101.760186][ T5112] Call Trace:
[  101.760193][ T5112]  <TASK>
[  101.760201][ T5112]  dump_stack_lvl+0xf2/0x150
[  101.760231][ T5112]  dump_stack+0x15/0x1a
[  101.760301][ T5112]  should_fail_ex+0x24a/0x260
[  101.760335][ T5112]  should_fail+0xb/0x10
[  101.760400][ T5112]  should_fail_usercopy+0x1a/0x20
[  101.760433][ T5112]  _copy_from_user+0x1c/0xa0
[  101.760464][ T5112]  restore_sigcontext+0x64/0x220
[  101.760510][ T5112]  __do_sys_rt_sigreturn+0xfd/0x160
[  101.760629][ T5112]  x64_sys_call+0x2982/0x2dc0
[  101.760671][ T5112]  do_syscall_64+0xc9/0x1c0
[  101.760705][ T5112]  ? clear_bhb_loop+0x55/0xb0
[  101.760730][ T5112]  ? clear_bhb_loop+0x55/0xb0
[  101.760786][ T5112]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.760881][ T5112] RIP: 0033:0x7fb2b85f9359
[  101.760898][ T5112] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
[  101.760917][ T5112] RSP: 002b:00007fb2b6cc6a80 EFLAGS: 00000202 ORIG_RAX: 000000000000000f
[  101.760937][ T5112] RAX: ffffffffffffffda RBX: 00007fb2b8875fa0 RCX: 00007fb2b85f9359
[  101.760951][ T5112] RDX: 00007fb2b6cc6a80 RSI: 00007fb2b6cc6bb0 RDI: 0000000000000021
[  101.761013][ T5112] RBP: 00007fb2b6cc7090 R08: 0000000000000000 R09: 0000000000000000
[  101.761023][ T5112] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001
[  101.761033][ T5112] R13: 0000000000000000 R14: 00007fb2b8875fa0 R15: 00007ffe44e6f428
[  101.761049][ T5112]  </TASK>
[  101.787923][ T5119] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  101.945945][ T5119] EXT4-fs (loop1): orphan cleanup on readonly fs
[  101.952935][ T5119] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm syz.1.573: Failed to acquire dquot type 1
[  101.970047][ T5119] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.573: bg 0: block 40: padding at end of block bitmap is not set
[  101.973115][ T5110] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.998026][ T5119] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  102.007238][ T5119] EXT4-fs (loop1): 1 truncate cleaned up
[  102.013388][ T5119] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  102.042824][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.086269][ T5110] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.087320][ T5133] FAULT_INJECTION: forcing a failure.
[  102.087320][ T5133] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  102.109736][ T5133] CPU: 0 UID: 0 PID: 5133 Comm: syz.1.577 Tainted: G        W          6.14.0-rc4-syzkaller-00073-g5394eea10651 #0
[  102.109811][ T5133] Tainted: [W]=WARN
[  102.109816][ T5133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  102.109858][ T5133] Call Trace:
[  102.109863][ T5133]  <TASK>
[  102.109869][ T5133]  dump_stack_lvl+0xf2/0x150
[  102.109892][ T5133]  dump_stack+0x15/0x1a
[  102.109910][ T5133]  should_fail_ex+0x24a/0x260
[  102.109965][ T5133]  should_fail+0xb/0x10
[  102.109987][ T5133]  should_fail_usercopy+0x1a/0x20
[  102.110057][ T5133]  _copy_from_user+0x1c/0xa0
[  102.110087][ T5133]  sctp_getsockopt_enable_strreset+0x71/0x350
[  102.110106][ T5133]  ? selinux_socket_getsockopt+0x185/0x1c0
[  102.110194][ T5133]  sctp_getsockopt+0x7cb/0xab0
[  102.110214][ T5133]  sock_common_getsockopt+0x5b/0x70
[  102.110243][ T5133]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  102.110270][ T5133]  do_sock_getsockopt+0x1ca/0x260
[  102.110314][ T5133]  __x64_sys_getsockopt+0x18c/0x200
[  102.110336][ T5133]  x64_sys_call+0x1288/0x2dc0
[  102.110358][ T5133]  do_syscall_64+0xc9/0x1c0
[  102.110403][ T5133]  ? clear_bhb_loop+0x55/0xb0
[  102.110463][ T5133]  ? clear_bhb_loop+0x55/0xb0
[  102.110485][ T5133]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.110572][ T5133] RIP: 0033:0x7f9d97f9d169
[  102.110615][ T5133] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  102.110630][ T5133] RSP: 002b:00007f9d96601038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  102.110707][ T5133] RAX: ffffffffffffffda RBX: 00007f9d981b5fa0 RCX: 00007f9d97f9d169
[  102.110717][ T5133] RDX: 0000000000000076 RSI: 0000000000000084 RDI: 0000000000000003
[  102.110727][ T5133] RBP: 00007f9d96601090 R08: 0000400000000200 R09: 0000000000000000
[  102.110738][ T5133] R10: 00004000000001c0 R11: 0000000000000246 R12: 0000000000000001
[  102.110748][ T5133] R13: 0000000000000000 R14: 00007f9d981b5fa0 R15: 00007fff0d880028
[  102.110764][ T5133]  </TASK>
[  102.401222][ T5110] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  102.415525][ T5150] vlan2: entered allmulticast mode
[  102.430147][ T5110] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  102.441008][ T5152] vlan2: entered allmulticast mode
[  102.446170][ T5152] bridge_slave_0: entered allmulticast mode
[  102.453548][ T5154] netlink: 'syz.1.581': attribute type 15 has an invalid length.
[  102.455102][ T5152] bridge_slave_0: left allmulticast mode
[  102.472167][ T5110] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  102.481097][ T5156] xt_l2tp: wrong L2TP version: 0
[  102.484180][ T5110] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  102.520575][ T5158] loop4: detected capacity change from 0 to 512
[  102.531421][ T5158] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  102.539783][ T5158] EXT4-fs (loop4): orphan cleanup on readonly fs
[  102.547893][ T5158] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.587: Failed to acquire dquot type 1
[  102.559542][ T5158] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.587: bg 0: block 40: padding at end of block bitmap is not set
[  102.574097][ T5158] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  102.583111][ T5158] EXT4-fs (loop4): 1 truncate cleaned up
[  102.589259][ T5158] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  102.618235][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.696213][ T5165] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=5165 comm=syz.2.590
[  102.739115][ T5170] SELinux: ebitmap: empty map
[  102.743931][ T5170] SELinux: failed to load policy
[  102.777868][ T5175] loop4: detected capacity change from 0 to 1024
[  102.785945][ T5175] EXT4-fs: inline encryption not supported
[  102.792663][ T5175] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  102.814505][ T5175] EXT4-fs error (device loop4): ext4_map_blocks:705: inode #3: block 1: comm syz.4.593: lblock 1 mapped to illegal pblock 1 (length 1)
[  102.829374][ T5175] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.593: Failed to acquire dquot type 0
[  102.840658][ T5175] EXT4-fs error (device loop4): ext4_free_blocks:6589: comm syz.4.593: Freeing blocks not in datazone - block = 0, count = 4096
[  102.854157][ T5175] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.593: Invalid inode bitmap blk 0 in block_group 0
[  102.866799][ T4587] EXT4-fs error (device loop4): ext4_map_blocks:671: inode #3: block 1: comm kworker/u8:8: lblock 1 mapped to illegal pblock 1 (length 1)
[  102.866844][ T5175] EXT4-fs error (device loop4) in ext4_free_inode:361: Corrupt filesystem
[  102.881425][ T4587] EXT4-fs error (device loop4): ext4_release_dquot:6950: comm kworker/u8:8: Failed to release dquot type 0
[  102.890253][ T5175] EXT4-fs (loop4): 1 orphan inode deleted
[  102.907324][ T5175] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.927910][ T5175] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback.
[  102.949697][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.021325][ T5189] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.056613][ T5189] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.070382][ T5193] loop2: detected capacity change from 0 to 512
[  103.090754][ T5193] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  103.099905][ T5193] EXT4-fs (loop2): orphan cleanup on readonly fs
[  103.106945][ T5193] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.599: Failed to acquire dquot type 1
[  103.119484][ T5193] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.599: bg 0: block 40: padding at end of block bitmap is not set
[  103.133998][ T5193] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  103.143084][ T5193] EXT4-fs (loop2): 1 truncate cleaned up
[  103.149327][ T5193] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  103.152115][ T5189] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.189034][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.217443][ T5189] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.526988][ T5219] SELinux: ebitmap: empty map
[  103.532002][ T5219] SELinux: failed to load policy
[  103.570802][ T5223] loop0: detected capacity change from 0 to 512
[  103.578187][ T5221] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.620341][ T5223] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  103.629584][ T5223] EXT4-fs (loop0): orphan cleanup on readonly fs
[  103.636830][ T5223] EXT4-fs error (device loop0): ext4_acquire_dquot:6927: comm syz.0.611: Failed to acquire dquot type 1
[  103.648481][ T5223] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.611: bg 0: block 40: padding at end of block bitmap is not set
[  103.671409][ T5226] SELinux: ebitmap: truncated map
[  103.681521][ T5221] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.693824][ T5226] SELinux: failed to load policy
[  103.699924][ T5223] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  103.711330][ T5223] EXT4-fs (loop0): 1 truncate cleaned up
[  103.736191][ T5223] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  103.793115][ T5221] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.858918][ T5221] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.871619][ T3295] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.904035][ T5233] vlan2: entered allmulticast mode
[  103.907951][ T5231] FAULT_INJECTION: forcing a failure.
[  103.907951][ T5231] name failslab, interval 1, probability 0, space 0, times 0
[  103.921848][ T5231] CPU: 0 UID: 0 PID: 5231 Comm: syz.2.613 Tainted: G        W          6.14.0-rc4-syzkaller-00073-g5394eea10651 #0
[  103.921945][ T5231] Tainted: [W]=WARN
[  103.921953][ T5231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  103.922038][ T5231] Call Trace:
[  103.922043][ T5231]  <TASK>
[  103.922054][ T5231]  dump_stack_lvl+0xf2/0x150
[  103.922086][ T5231]  dump_stack+0x15/0x1a
[  103.922111][ T5231]  should_fail_ex+0x24a/0x260
[  103.922210][ T5231]  should_failslab+0x8f/0xb0
[  103.922245][ T5231]  kmem_cache_alloc_noprof+0x52/0x320
[  103.922271][ T5231]  ? copy_net_ns+0x115/0x6f0
[  103.922344][ T5231]  copy_net_ns+0x115/0x6f0
[  103.922514][ T5231]  ? copy_cgroup_ns+0x2e0/0x370
[  103.922546][ T5231]  create_new_namespaces+0x228/0x430
[  103.922570][ T5231]  unshare_nsproxy_namespaces+0xe6/0x120
[  103.922605][ T5231]  ksys_unshare+0x3c9/0x6e0
[  103.922637][ T5231]  __x64_sys_unshare+0x1f/0x30
[  103.922696][ T5231]  x64_sys_call+0x1a3e/0x2dc0
[  103.922727][ T5231]  do_syscall_64+0xc9/0x1c0
[  103.922761][ T5231]  ? clear_bhb_loop+0x55/0xb0
[  103.922792][ T5231]  ? clear_bhb_loop+0x55/0xb0
[  103.922836][ T5231]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.922918][ T5231] RIP: 0033:0x7fb2b865d169
[  103.922931][ T5231] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  103.922951][ T5231] RSP: 002b:00007fb2b6cc7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  103.922972][ T5231] RAX: ffffffffffffffda RBX: 00007fb2b8875fa0 RCX: 00007fb2b865d169
[  103.922986][ T5231] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000062040200
[  103.923000][ T5231] RBP: 00007fb2b6cc7090 R08: 0000000000000000 R09: 0000000000000000
[  103.923013][ T5231] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  103.923058][ T5231] R13: 0000000000000000 R14: 00007fb2b8875fa0 R15: 00007ffe44e6f428
[  103.923079][ T5231]  </TASK>
[  104.140318][   T29] kauditd_printk_skb: 196 callbacks suppressed
[  104.140346][   T29] audit: type=1326 audit(1740647881.278:3032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5232 comm="syz.0.614" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f085043d169 code=0x0
[  104.195759][ T5237] SELinux: ebitmap: truncated map
[  104.207000][ T5237] SELinux: failed to load policy
[  104.325960][ T5240] loop2: detected capacity change from 0 to 512
[  104.340970][ T5240] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  104.350129][ T5240] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  104.365697][ T5240] EXT4-fs (loop2): warning: checktime reached, running e2fsck is recommended
[  104.375533][ T5240] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  104.383591][ T5240] System zones: 0-2, 18-18, 34-34
[  104.397109][ T5240] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1145: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  104.399752][ T5246] FAULT_INJECTION: forcing a failure.
[  104.399752][ T5246] name failslab, interval 1, probability 0, space 0, times 0
[  104.424120][ T5246] CPU: 0 UID: 0 PID: 5246 Comm: syz.1.618 Tainted: G        W          6.14.0-rc4-syzkaller-00073-g5394eea10651 #0
[  104.424148][ T5246] Tainted: [W]=WARN
[  104.424154][ T5246] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  104.424164][ T5246] Call Trace:
[  104.424168][ T5246]  <TASK>
[  104.424174][ T5246]  dump_stack_lvl+0xf2/0x150
[  104.424197][ T5246]  dump_stack+0x15/0x1a
[  104.424216][ T5246]  should_fail_ex+0x24a/0x260
[  104.424247][ T5246]  should_failslab+0x8f/0xb0
[  104.424277][ T5246]  kmem_cache_alloc_noprof+0x52/0x320
[  104.424296][ T5246]  ? vm_area_alloc+0xac/0x130
[  104.424315][ T5246]  vm_area_alloc+0xac/0x130
[  104.424333][ T5246]  mmap_region+0x819/0x1620
[  104.424373][ T5246]  do_mmap+0x98a/0xc30
[  104.424405][ T5246]  vm_mmap_pgoff+0x16d/0x2d0
[  104.424433][ T5246]  ksys_mmap_pgoff+0xd0/0x330
[  104.424456][ T5246]  ? fpregs_assert_state_consistent+0x83/0xa0
[  104.424474][ T5246]  x64_sys_call+0x1940/0x2dc0
[  104.424498][ T5246]  do_syscall_64+0xc9/0x1c0
[  104.424529][ T5246]  ? clear_bhb_loop+0x55/0xb0
[  104.424556][ T5246]  ? clear_bhb_loop+0x55/0xb0
[  104.424584][ T5246]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.424606][ T5246] RIP: 0033:0x7f9d97f9d1a3
[  104.424619][ T5246] Code: f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 89 ca 41 f7 c1 ff 0f 00 00 75 14 b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 25 c3 0f 1f 40 00 48 c7 c0 a8 ff ff ff 64 c7
[  104.424637][ T5246] RSP: 002b:00007f9d96600e18 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  104.424655][ T5246] RAX: ffffffffffffffda RBX: 0000000000000444 RCX: 00007f9d97f9d1a3
[  104.424668][ T5246] RDX: 0000000000000003 RSI: 0000000008400000 RDI: 0000000000000000
[  104.424679][ T5246] RBP: 0000400000000d42 R08: 00000000ffffffff R09: 0000000000000000
[  104.424691][ T5246] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000004
[  104.424700][ T5246] R13: 00007f9d96600ef0 R14: 00007f9d96600eb0 R15: 0000400000000200
[  104.424716][ T5246]  </TASK>
[  104.615940][ T5240] EXT4-fs (loop2): 1 truncate cleaned up
[  104.621941][ T5240] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.635585][   T29] audit: type=1400 audit(1740647881.778:3033): avc:  denied  { write } for  pid=5239 comm="syz.2.616" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  104.658780][   T29] audit: type=1400 audit(1740647881.808:3034): avc:  denied  { add_name } for  pid=5239 comm="syz.2.616" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  104.679509][   T29] audit: type=1400 audit(1740647881.808:3035): avc:  denied  { create } for  pid=5239 comm="syz.2.616" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  104.699727][   T29] audit: type=1400 audit(1740647881.808:3036): avc:  denied  { read write } for  pid=5239 comm="syz.2.616" name="file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  104.722282][   T29] audit: type=1400 audit(1740647881.808:3037): avc:  denied  { open } for  pid=5239 comm="syz.2.616" path="/132/file1/file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  104.786361][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.805716][   T29] audit: type=1326 audit(1740647881.948:3038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5254 comm="syz.0.622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f085043d169 code=0x7ffc0000
[  104.829205][   T29] audit: type=1326 audit(1740647881.948:3039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5254 comm="syz.0.622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f085043d169 code=0x7ffc0000
[  104.855880][ T5257] SELinux: ebitmap: empty map
[  104.860652][ T5257] SELinux: failed to load policy
[  104.871530][ T5255] ip6gre4: entered allmulticast mode
[  104.894452][   T29] audit: type=1326 audit(1740647881.948:3040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5254 comm="syz.0.622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f085043d169 code=0x7ffc0000
[  104.917719][   T29] audit: type=1326 audit(1740647881.948:3041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5254 comm="syz.0.622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f085043d169 code=0x7ffc0000
[  104.945834][ T5259] loop2: detected capacity change from 0 to 512
[  104.952483][ T5259] EXT4-fs: Ignoring removed i_version option
[  104.958608][ T5259] EXT4-fs: Ignoring removed mblk_io_submit option
[  104.972990][ T5259] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  104.990515][ T5259] EXT4-fs (loop2): 1 truncate cleaned up
[  105.008361][ T5253] __nla_validate_parse: 9 callbacks suppressed
[  105.008379][ T5253] netlink: 68 bytes leftover after parsing attributes in process `syz.1.621'.
[  105.022778][ T5263] loop0: detected capacity change from 0 to 1024
[  105.240290][ T5272] loop0: detected capacity change from 0 to 4096
[  105.291190][ T5277] loop2: detected capacity change from 0 to 256
[  105.300111][ T5277] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  105.345262][ T5277] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  105.353817][ T5277] FAT-fs (loop2): Filesystem has been set read-only
[  105.421036][ T5285] ip6gre5: entered allmulticast mode
[  105.980383][ T5290] vlan2: entered allmulticast mode
[  106.115971][ T5295] SELinux: ebitmap: empty map
[  106.120700][ T5295] SELinux: failed to load policy
[  106.143530][ T5297] ip6gre2: entered allmulticast mode
[  106.219031][ T5301] netlink: 68 bytes leftover after parsing attributes in process `syz.2.636'.
[  106.299733][ T5303] loop2: detected capacity change from 0 to 256
[  106.312118][ T5303] FAT-fs (loop2): IO charset maciceland not found
[  106.609136][ T5306] loop2: detected capacity change from 0 to 256
[  106.615741][ T5306] msdos: Bad value for 'gid'
[  106.620391][ T5306] msdos: Bad value for 'gid'
[  106.889597][ T5317] loop1: detected capacity change from 0 to 512
[  106.907509][ T5317] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  106.915686][ T5317] EXT4-fs (loop1): orphan cleanup on readonly fs
[  106.922361][ T5317] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm syz.1.640: Failed to acquire dquot type 1
[  106.934119][ T5317] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.640: bg 0: block 40: padding at end of block bitmap is not set
[  106.948583][ T5317] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  106.957745][ T5317] EXT4-fs (loop1): 1 truncate cleaned up
[  106.990627][ T5320] loop1: detected capacity change from 0 to 512
[  106.997126][ T5320] EXT4-fs: Ignoring removed i_version option
[  107.003224][ T5320] EXT4-fs: Ignoring removed mblk_io_submit option
[  107.010659][ T5320] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  107.022356][ T5320] EXT4-fs (loop1): 1 truncate cleaned up
[  107.110723][ T5221] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  107.122038][ T5221] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  107.141939][ T5221] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  107.161314][ T5221] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  107.202856][ T5325] SELinux: ebitmap: empty map
[  107.210906][ T5325] SELinux: failed to load policy
[  107.223583][ T5329] ip6gre3: entered allmulticast mode
[  107.265432][ T5333] Cannot find del_set index 0 as target
[  107.551748][ T5350] lo: entered promiscuous mode
[  107.556625][ T5350] lo: entered allmulticast mode
[  107.827961][ T5353] xt_hashlimit: size too large, truncated to 1048576
[  107.988002][ T5359] SELinux: ebitmap: empty map
[  107.992827][ T5359] SELinux: failed to load policy
[  108.026136][ T5361] ip6gre4: entered allmulticast mode
[  108.104479][ T5365] netlink: 4 bytes leftover after parsing attributes in process `syz.3.659'.
[  108.133323][ T5189] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  108.145389][ T5189] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  108.156869][ T5189] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  108.168930][ T5189] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  108.185244][ T5369] kernel read not supported for file /policy (pid: 5369 comm: syz.3.659)
[  108.211045][ T5369] SELinux: ebitmap: truncated map
[  108.222870][ T5369] SELinux: failed to load policy
[  108.299378][ T5379] loop4: detected capacity change from 0 to 512
[  108.317719][ T5379] EXT4-fs (loop4): 1 orphan inode deleted
[  108.324091][ T5379] ext4 filesystem being mounted at /124/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  108.336271][ T4587] EXT4-fs error (device loop4): ext4_release_dquot:6950: comm kworker/u8:8: Failed to release dquot type 1
[  108.764054][ T5391] loop2: detected capacity change from 0 to 512
[  108.772078][ T5391] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  108.780240][ T5391] EXT4-fs (loop2): orphan cleanup on readonly fs
[  108.787207][ T5391] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.666: Failed to acquire dquot type 1
[  108.798761][ T5391] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.666: bg 0: block 40: padding at end of block bitmap is not set
[  108.813074][ T5391] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  108.822076][ T5391] EXT4-fs (loop2): 1 truncate cleaned up
[  108.841933][ T2998] ==================================================================
[  108.850023][ T2998] BUG: KCSAN: data-race in block_uevent / inc_diskseq
[  108.856803][ T2998] 
[  108.859124][ T2998] write to 0xffff8881021cfa20 of 8 bytes by task 3304 on cpu 1:
[  108.866748][ T2998]  inc_diskseq+0x2c/0x40
[  108.870992][ T2998]  disk_force_media_change+0x9f/0xf0
[  108.876276][ T2998]  lo_release+0x2c7/0x400
[  108.880630][ T2998]  bdev_release+0x3c6/0x420
[  108.885151][ T2998]  blkdev_release+0x15/0x20
[  108.889658][ T2998]  __fput+0x2ac/0x640
[  108.893655][ T2998]  __fput_sync+0x96/0xc0
[  108.897915][ T2998]  __x64_sys_close+0x55/0xe0
[  108.902504][ T2998]  x64_sys_call+0x266c/0x2dc0
[  108.907194][ T2998]  do_syscall_64+0xc9/0x1c0
[  108.911719][ T2998]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.917633][ T2998] 
[  108.919953][ T2998] read to 0xffff8881021cfa20 of 8 bytes by task 2998 on cpu 0:
[  108.927487][ T2998]  block_uevent+0x31/0x50
[  108.931814][ T2998]  dev_uevent+0x2f3/0x380
[  108.936149][ T2998]  uevent_show+0x11e/0x210
[  108.940602][ T2998]  dev_attr_show+0x3a/0xa0
[  108.945026][ T2998]  sysfs_kf_seq_show+0x17c/0x250
[  108.950010][ T2998]  kernfs_seq_show+0x7c/0x90
[  108.954615][ T2998]  seq_read_iter+0x2d1/0x930
[  108.959207][ T2998]  kernfs_fop_read_iter+0xc0/0x310
[  108.964323][ T2998]  vfs_read+0x5cc/0x6f0
[  108.968479][ T2998]  ksys_read+0xe8/0x1b0
[  108.972631][ T2998]  __x64_sys_read+0x42/0x50
[  108.977132][ T2998]  x64_sys_call+0x2874/0x2dc0
[  108.981808][ T2998]  do_syscall_64+0xc9/0x1c0
[  108.986314][ T2998]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.992204][ T2998] 
[  108.994519][ T2998] value changed: 0x00000000000000e3 -> 0x00000000000000e4
[  109.001615][ T2998] 
[  109.003927][ T2998] Reported by Kernel Concurrency Sanitizer on:
[  109.010068][ T2998] CPU: 0 UID: 0 PID: 2998 Comm: udevd Tainted: G        W          6.14.0-rc4-syzkaller-00073-g5394eea10651 #0
[  109.021781][ T2998] Tainted: [W]=WARN
[  109.025573][ T2998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  109.035623][ T2998] ==================================================================
[  109.046357][ T5394] SELinux: ebitmap: empty map
[  109.051133][ T5394] SELinux: failed to load policy