last executing test programs:

2.185351396s ago: executing program 3 (id=4439):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f00000002c0)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{}, &(0x7f00000002c0), &(0x7f0000000300)}, 0x20)
poll(&(0x7f0000000980)=[{0xffffffffffffffff, 0x1008}, {0xffffffffffffffff, 0x400}, {0xffffffffffffffff, 0xe723}], 0x3, 0xc000000)
r1 = syz_open_dev$sg(&(0x7f0000000080), 0xffff0000, 0x40)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f0000000600)={0x0, 0x7, 0x8})

1.308478232s ago: executing program 3 (id=4476):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="400000001435010026bd0c333c84df250a4022fe", @ANYRES32, @ANYBLOB="140006000000000005"], 0x40}, 0x1, 0x0, 0x0, 0x811}, 0x0)
r0 = socket$inet6(0x10, 0x3, 0x0)
close_range(r0, 0xffffffffffffffff, 0x2)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x2}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x801, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}]}, @NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @xfrm={{0x9}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_XFRM_DREG={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_XFRM_DIR={0x5}, @NFTA_XFRM_KEY={0x8, 0x2, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xcc}, 0x1, 0x0, 0x0, 0x4}, 0x40050)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000c80)={'batadv_slave_1\x00', <r3=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000d40)={&(0x7f0000000000)=ANY=[@ANYBLOB="400000001400090527bd7000fddbdf25022000cb", @ANYRES32=r3, @ANYBLOB="0800040064010102080500000000000000000200ac14143a080002007fc900000000090007010000"], 0x40}, 0x1, 0x0, 0x0, 0x4040014}, 0x24040840)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB="180000"], 0x18}}, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r4, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r4, 0x6, 0x1f, &(0x7f0000000540), 0x4)
setsockopt$inet6_tcp_TLS_TX(r4, 0x11a, 0x1, &(0x7f00000000c0)=@gcm_128={{0x303, 0x37}, "4755f01100", "bd14060000000000000092f94413582b", "00001000", "4e67cb72f328ac2f"}, 0x28)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000200)={{r5}, &(0x7f0000000140), &(0x7f0000000040)='%+9llu \x00'}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)

1.110898033s ago: executing program 0 (id=4494):
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c0000000206010100000000000000000000000005000100070000000900020073797a300000000014000780050015000000000008001240000000000d000300686173683a6e657400000000050005000a00"], 0x5c}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000b00)=ANY=[@ANYBLOB="1c000000030605000000000000050000000000060500010007"], 0x1c}, 0x1, 0x0, 0x0, 0x24040800}, 0x8d0)

1.110641723s ago: executing program 0 (id=4495):
socket$inet6(0xa, 0xa, 0x5)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x8, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0x4, 0x8, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x40000)

1.104503073s ago: executing program 0 (id=4496):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r2=>0x0})
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, &(0x7f00000000c0)={@local, @rand_addr, <r3=>0x0}, &(0x7f0000000100)=0xc)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r4=>0x0})
r5 = socket(0x10, 0x3, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000005000000005e002200850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r6}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
r8 = syz_io_uring_setup(0x497, 0x0, &(0x7f00000004c0)=<r9=>0x0, &(0x7f0000000480)=<r10=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r9, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r9, r10, &(0x7f0000000340)=@IORING_OP_POLL_ADD={0x6, 0x4, 0x0, @fd_index=0x8, 0x0, 0x0, 0x0, {0x2000}, 0x1})
io_uring_enter(r8, 0x3498, 0x969, 0xffff000000000000, 0x0, 0x0)
r11 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r12=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r11, 0x0, 0x20040840)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, 0x0, &(0x7f0000000200))
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000240)={@dev, <r13=>0x0}, &(0x7f0000000280)=0x14)
umount2(&(0x7f00000005c0)='./file0\x00', 0xf)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r1, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000480)={0x128, 0x0, 0x400, 0x70bd26, 0x25dfdbff, {}, [@HEADER={0x60, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6tnl0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gretap0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_team\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x6}]}, @HEADER={0x4}, @HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r12}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'nicvf0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r13}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg2\x00'}]}]}, 0x128}, 0x1, 0x0, 0x0, 0x4004090}, 0x4000000)
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)={0x114, 0x29, 0x1, 0x0, 0x25dfdbfc, "", [@nested={0x104, 0xf2, 0x0, 0x1, [@typed={0xc, 0x18, 0x0, 0x0, @u64=0xfac0b}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @loopback}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a6", @typed={0x8, 0x145, 0x0, 0x0, @ipv4=@remote}]}]}, 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)

1.088116833s ago: executing program 0 (id=4497):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="07000000040000000800000006"], 0x50)
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x40040000)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={0xffffffffffffffff, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4}, 0x50)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000000)='./file2\x00', 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='nodots,dmask=00000000000000000000003,usefree,nodots,flush,dots,dots,gid=', @ANYRESHEX=r1, @ANYBLOB="5e8a31d96911b8ef9e37f50e0fc1bd6aa8390c118c01e72d71bfdf5bd9d0d78d05fb72d10a6a0321990d6e43fa792e78f8056f46917ec9f10345f180f7e637a1f56b38f24c8992ab3de9b6505bc3b1ee629557fa3597068856fbcf4be6b529aa19e03d1f72aa4d0000000000000000"], 0x1, 0x214, &(0x7f0000000840)="$eJzs3D1rW1cYB/AjWa6tlhZPhXbpoV3a5bb10qVDS3GhVNCSRCEv0zWWEyFFAl8NksmgOVM+RwhkCWQL+QL+DFmymYDx5Ck3OJKs2NixE0dy4vx+ix6e/z1X5+jARVy9bP5+91ZjNUtW004ozRdC8Y/QDzuFsBCKYaQffnpwZfvOxavX/v2zUlm6MDvsx/jVd4+v377//ZPOF5cf7nYKIYStxWcbX298s/ni0s16FutZbLU7MY3L7XYnXW7W4ko9ayQx/t+spVkt1ltZbW1fvtpsj5861LIspq1ebNR6sdOOnbVeTG+k9VZMkiTOB06lem8nz8NWnuf5XD/kef62JyhMZl5Myyn3n4/c3kU97l5Nn/e71W518DjI//6nsvRLfGVhPGq7263O7OW/DvK4P58Nnw/zxUPzz8KPPwzy3eyv/yoH8nJYmfzyAQAAAADgXErinkPv7yfJUfmgeu3zgQP370vh29K4MzP5pQAAAABHyHrrjbS5Mrs2KJq1Myvmwv7Ob4+GUzxu+M9Pjz9mQsWXwyK843nKIYSjjymGM9+U6RSj75EPO6PfF5xseOl9TaP8gbwao2I+HBaVw3pjbjqbAgAAnC/jN/0nHlKc6IQAAAAAAAAAAAAAAAAAAADgEzSNPzM76zUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALzJywAAAP//ixdW4w==")
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f00000004c0), 0x208e24b)

710.760655ms ago: executing program 4 (id=4508):
ioprio_set$pid(0x2, 0x0, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001480), 0x42002, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x3, &(0x7f0000001300)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x94)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0xe)
bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0)
r0 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r0, &(0x7f00000000c0)={&(0x7f0000000500)=@hci={0x1f, 0x0, 0x2}, 0x80, &(0x7f00000001c0)}, 0x40000)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x2, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
pipe2(&(0x7f0000001cc0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80000)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}})

700.515445ms ago: executing program 4 (id=4509):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="400000001435010026bd0c333c84df250a4022fe", @ANYRES32, @ANYBLOB="140006000000000005"], 0x40}, 0x1, 0x0, 0x0, 0x811}, 0x0)
r0 = socket$inet6(0x10, 0x3, 0x0)
close_range(r0, 0xffffffffffffffff, 0x2)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x2}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x801, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}]}, @NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @xfrm={{0x9}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_XFRM_DREG={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_XFRM_DIR={0x5}, @NFTA_XFRM_KEY={0x8, 0x2, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xcc}, 0x1, 0x0, 0x0, 0x4}, 0x40050)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000c80)={'batadv_slave_1\x00', <r3=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000d40)={&(0x7f0000000000)=ANY=[@ANYBLOB="400000001400090527bd7000fddbdf25022000cb", @ANYRES32=r3, @ANYBLOB="0800040064010102080500000000000000000200ac14143a080002007fc900000000090007010000"], 0x40}, 0x1, 0x0, 0x0, 0x4040014}, 0x24040840)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB="180000"], 0x18}}, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x13, &(0x7f0000000080)=0x100000001, 0x4)
connect$inet6(r4, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r4, 0x6, 0x1f, &(0x7f0000000540), 0x4)
setsockopt$inet6_tcp_TLS_TX(r4, 0x11a, 0x1, &(0x7f00000000c0)=@gcm_128={{0x303, 0x37}, "4755f01100", "bd14060000000000000092f94413582b", "00001000", "4e67cb72f328ac2f"}, 0x28)
setsockopt$inet6_IPV6_DSTOPTS(r4, 0x29, 0x3b, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x48)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)={<r5=>0xffffffffffffffff})
setsockopt$sock_int(r5, 0x1, 0x20, &(0x7f0000001740)=0x7ffffffd, 0x4)
write$binfmt_script(r5, 0x0, 0x6f4000)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)

683.742635ms ago: executing program 4 (id=4510):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a0000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)
sendto$inet6(0xffffffffffffffff, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x20, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000580)={r1, 0x0, 0x14, 0x0, &(0x7f0000000080)="f6f4e9a10000502468da5eb1c6b2feff8833c000", 0x0, 0x86, 0x0, 0x31, 0x0, &(0x7f0000000000)="daf9e846ab156efc71b59652333536dbfd26a6d0546366e36eb77dd0aaa2dbe567d168904cf0d5bce1771889c98ffc0abf", 0x0}, 0x50)

668.442246ms ago: executing program 4 (id=4511):
accept4$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee1"], &(0x7f0000000100)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r1 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000000c0)={'ip6tnl0\x00', &(0x7f0000000000)={'syztnl1\x00', <r2=>0x0, 0x4, 0x6, 0x4, 0x1, 0x47, @mcast1, @mcast1, 0x1, 0x8, 0x0, 0x66}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000080)={'syztnl1\x00', &(0x7f0000000180)={'ip6tnl0\x00', r2, 0x0, 0x0, 0x0, 0x0, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}, @remote, 0x0, 0x8, 0x2}})

651.490995ms ago: executing program 4 (id=4512):
socket$can_bcm(0x1d, 0x2, 0x2)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000840), 0x81, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
r4 = socket$packet(0x11, 0x3, 0x300)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0xb, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0xd07, 0x40}, 0x80, 0x6, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000000c0)={'geneve0\x00', <r6=>0x0})
sendto$packet(r5, &(0x7f0000000180)="0b036800e0ff64000200475486dd", 0xe, 0x0, &(0x7f0000000140)={0x11, 0x0, r6}, 0x14)
r7 = syz_open_dev$sg(&(0x7f0000000140), 0xa, 0x101201)
close_range(r3, r7, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000000206030000000000008000000000000005000100070000000900020073797a30000000001400078008001240000000000500150004000000050005000000000005000400000000000d000300686173683a6d6163"], 0x5c}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=ANY=[@ANYBLOB="280000000306050000000000000000000000000005000100"], 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x20000010)

595.520875ms ago: executing program 4 (id=4513):
socket$packet(0x11, 0xa, 0x300)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x22000406, &(0x7f00000004c0)={[{@dioread_lock}, {@noblock_validity}, {@abort}, {@dioread_lock}, {@stripe={'stripe', 0x3d, 0x1f5}}, {@grpjquota, 0x2e}, {@barrier}, {@nolazytime}, {@jqfmt_vfsv1}, {@grpid}], [], 0x2c}, 0x84, 0x4bc, &(0x7f0000000c00)="$eJzs3MtvG8UfAPDvbl59J+2vP6APqKEgIgpJkxbogUNBIPWChAQS5RhSU5WmLWqCRKuIFoTKEfEXAEckJE5cOIGEEHACcYU7QqpQLy0cUNDau4md2KnjPAz15yPZmdmd9cx3d8c73okdQNcqZU9JxLaI+CUiBqvZ+gKl6p9bN2Yn/7wxO5nE3NyLfySVcjdvzE4WRYvttuaZ4TQifS+JfQ3qnb50+ezE1FT5Yp4fnTn3xuj0pcuPnTk3cbp8unx+/Nixo0fGnnxi/PE1iTOL6+bety/s33PilQ+fn5yLV7//LGvvtnx9bRxVQ6uusxSlmMstLO2vPD+06lf/d9lek056O9gQVqQnIrLD1Vfp/4PREwsHbzCee3c+802HGgism+zatHPJ0p78bzp//QLuRIk+Dl2quOJnn3+LR7OxwpV1GoN00vWns+dyJf5b+aO6pjfS7LPsUPUTe0+T7Y+vsv5tEXHy6l8fZY9oeB8CAGBtfZWNfx6dH/+9XI7Ixx9p3FVTbkc+hzIUEYciYldE/C8idkfE/yMqZe+OiHtWWH9pUX7p+OenzW0F1qJs/PdUPrdVP/5L8xLJfG57Jf6+5LUzU+XD+T4Zjr6BLD+2TB1fP/vzB83WlWrGf9kjq78YC+bt+L13oH6bUxMzE6sIuc71dyL29jaKP5mfCcj2wJ6I2NvG62f77Mwjn+7P0ju2Ll1/+/iXsQbzTHOfRDycHf+B2auxKP5CUq2p2fzk6KaYKh8eLc6KpX748doLtfm+mnRd/Jtai2lTu8E2kB3/LQ3P/zz+ohsU87XTK6/j2q/vN/1Ms/T4J3GybgK6ev6nNUuy878/eamS7s+XvTUxM3NxLKI/X1C3fHxh2yJflM/iHz7YuP/vivj743y7fRGRncT3RsR9EXEgb/v9EfFARBxcJv7vnnnw9eX3UJvn/xrI4j+13PGPGEpq5+vbSPSc/fbLZvW39v53tJIazpe08v7XagNXs+8AAADgvyKtzEEn6UiRrrk5tTu2pFMXpmcOleLN86eqc9VD0ZcWd7oGa+6HjuX3hov8+KL8kYjYWflPo82V/MjkhantnQwcqHxXp67/R5qOjFTX/dbsn16AO8eK5tFqJ2c+/2LtGwNsKN/XhO6l/0P30v+he+n/0L0a9f8rEbc60BRgg7n+Q/fS/6F7Ler//Z1qB7DxXP+hKy39SnzxcyvtfNN/IbHrxKo2X/fE3OC6vPLVlW/Vs06RRu2PdjRNJBHRXhWRLl+mv4XaO5ZIb1vmeJu7ZQWJA3liICJa3erKhu3Vzr4vAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAArJV/AgAA//9hU9oG")
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r0}, 0x18)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x80, 0x112)
getdents(r1, 0x0, 0x54)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000240)={0x4, &(0x7f0000000200)=[{0xf, 0xf, 0x0, 0xcdd}, {0xfff3, 0x7f, 0x2, 0x3}, {0x9, 0x9, 0x9, 0xd227}, {0x5, 0x2, 0xc5, 0x8}]})

452.284176ms ago: executing program 3 (id=4516):
getdents64(0xffffffffffffffff, &(0x7f0000000000)=""/36, 0x24)
getdents64(0xffffffffffffffff, 0x0, 0x18)

451.691437ms ago: executing program 1 (id=4517):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000a00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000080)='sched_switch\x00', r1, 0x0, 0xffffffffffff8001}, 0x18)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000180)={'wpan1\x00', <r4=>0x0})
r5 = getpid()
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x24, r3, 0x1, 0x70bd27, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_PID={0x8, 0x1c, r5}]}, 0x24}}, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000000c0))

426.258617ms ago: executing program 3 (id=4518):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000100)={0x0, 0x204000, 0x1000, 0x8000000}, 0x20)

425.711537ms ago: executing program 1 (id=4519):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x1018e58, &(0x7f00000000c0)={[{@nodioread_nolock}, {@noblock_validity}, {@data_err_ignore}, {@max_batch_time={'max_batch_time', 0x3d, 0x8c9}}, {@nodioread_nolock}, {@noload}, {@noauto_da_alloc}]}, 0x6, 0x61f, &(0x7f0000000b00)="$eJzs3c9rXNUeAPDvncmkSZv30j4ej9fyHi/wFi1I00wtVt3Y1oVdFCzYhYiLhiapodMfNCmYWGgKLhQURNyKdOM/4F66dyeCunMtVJGKikpH7syddDKZSdIkM9Pmfj5wM/ece2fO+c6dM/fce3PmBpBbY+mfQsT+iAfnk4jRpmUjUV84lq13/6ebF9IpiWr1lR+TSLK8xvpJ9rgnSwxFxJenIv5RXF3u3MLipclKte5WxJH5y9eOzC0sHp69PHlx+uL0lfLRZ48dn3iufKy8LXHuyR5Pn3n5P++//cYzM19VDidxIs6V3pqKlji2y1iMxYMsxOb8gYg4ns60eV+eNDsghFwrZp/HUkT8K0ajWEvVjcbse32tHNBV1WJEFcipRPuHnGr0AxrH9hs7Dj7X5V5J79w7WT8AWh3/QP3cSAzVjo1230+ajowGauc29m5D+WkZf9488HE6xYrzEL8ub52BbSink6XbEfHvdvEntbrtrUWaxl9YUY8kIiYiYjCr34tbqEPSNN+N8zBr2Wz8hYg4kT2m+ac2Wf5YS7rX8QOQT3dPZjvypTT1cP+X9j0a/Z9Y1f+pXxtq3XdtRr/3f537f439/VDtHHmhpR+W9lnOtn/JUmvGd++e/rBT+c39v3RKy2/0BXvh3u2IAy3xv5MGm/V/0viTNts/XeX8iY2V8dLXP5zutKzf8VfvRBxse/zzsFeazrVenxzOlpWPlY/MzFamJ+p/25bx+Revf9qp/H7Hn27/3R3ib9r+hdbnpe/JtQ2W8dnZO5c7LRtZN/7C94NJ/XhzMMt5c3J+/no5YjA5k61Sv5BVyz+6dl0a6zReI43/0P/bt/8Vn//bK19nuPGVuQHXXr10v9OyzWz/povJD6obrEMnafxT62//Ve0/zftgOXVrzTJ+ee3GfzstWyv+4S3GBgAAAAAAAHlTqF2DTQrjy/OFwvh4fbzsP2N3oXJ1bv6pmas3rkxFHKr9P2Sp0LjSPVpPJ2m6nP0/bCN9tCX9dETsi4iPisO19PiFq5WpfgcPAAAAAAAAAAAAAAAAAAAAj4k92fj/xn2qfy7Wx/8DOdHNG8wBjzftH/Kr1v5X3eIJyAP7f8gv7R/yS/uH/NL+Ib+0f8gv7R/yS/uH/NL+AQAAAGBH2ve/u98mEbH0/HBtSg1my4wIgp2t1O8KAH1T7HcFgL5ZvvSvsw+5s6H+/+/ZjwN2vzpAHyTtMmudg+rajf9u22cCAAAAAAAAAAAAAF1wcH/78f+JscGw4xn2B/m1hfH/fjoAnnB++h/yyzE+sN4o/qFOC4z/BwAAAAAAAAAAAICeGalNSWE8Gws8EoXC+HjE3yJib5SSmdnK9ERE/D0ivimWdqXpcr8rDQAAAAAAAAAAAAAAAAAAADvM3MLipclKZfp688wfq3J29kzjLqg9KOuFeMRnRdL7t2U4IpZzShGPWufuzezKPrZbeZ2BuYXF5LdqTRKxFI9PgFuKa5tn1v3qGOzqFxMAAAAAAAAAAAAAAAAAAORQ09jj9g580uMaAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDvPbz/f/dm+h0jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBk+isAAP//GjM9YA==")
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000000140), 0x10)
sendmsg$can_bcm(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="050000000300000000000000", @ANYRES64=0x0, @ANYBLOB="0000000001"], 0x48}}, 0x0)
read(r0, &(0x7f0000001480)=""/4096, 0x38)
r1 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0xc0a85320, &(0x7f00000003c0)={{0x80}, 'port0\x00', 0x511e36599023629, 0x100040, 0x1b35, 0x2, 0x2, 0x2, 0x0, 0x0, 0x5, 0x1})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1200000009f7b400040000000200000000000000825ea22e2f24d9e6adfa2e0c9395f94344d4ee544fe5403576e7f087c495fa48b93d1f26ca7c49a38c807203e507ee2ee7ff185346b66f1aa147ddeddfd6b78718", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000002c0)={r2, &(0x7f00000001c0), 0x0}, 0x20)
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000400)='./file0/file0\x00', 0x8a, &(0x7f00000001c0)={[{@usrjquota}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}, {@stripe={'stripe', 0x3d, 0xf8}}, {@minixdf}, {@nombcache}, {@noinit_itable}]}, 0x1, 0x463, &(0x7f0000001040)="$eJzs3MtvG8UfAPCv17Gbvn7Jr5RHSwuBgqh4JE36oAcuRSBxAAkJDkWcQpJWpW6DmiDRqoLCoRxRJe6IIxJ/ARfKBQEnJK5wR0gV6oXCyWjtXedR24ldJy715yM5ntkZZ+a7u2OPZ20HMLDG0j+FiB0R8WtEjNSzKyuM1e9u3bw88/fNyzOFqFbf+LNQq/fXzcszedX8cdvrmWq1TbtX346YrlTmLmT5icVz700sXLz03Jlz06fnTs+dnzq+cOTw/vKxqaM9iXNn2te9H87v2/PKW9demzl57Z0fv077uyMrXx5Hr4zV925TT/a6sT7buSxdGOpjR+hIMSLSw1Wqjf+RKMbWRtlIvPxJXzsHbKhqNaluaV18pQrcw9KJOjCI8hf69P1vftukqcdd4caJaKxj3Mpu9ZKhSLI6pew90kYYi4iTV/754uRwPT9o+x8A2HzXT0TEs83mf0k8sKze/7JrQ6MR8f+I2BUR90XE7oi4P6JW98GIeKjD9ldfIbl9/lMd6SqwdUrnfy9k17ZWzv/y2V+MFrPczlr8pcKpM5W5Q9k+ORilLWl+sk0b3730y2etyhrzv+yWtp/eL9VI/hhatUA3O704Hauv03XpxscRe4eW4h9uxF9ozHnTdvZExN4u2zjz9Ff7WpWtHX8bPZiUV7+MeKp+/K/EiuO/tHcLza9PHj9yePL5Y1NHJ4ajMndoIj8rbvfTz1dfb9X+HcXfAzeuV2Nb0/O/Ef9oYThi4eKls7XrtQudt3H1t09bvqfp9vwvF96spcvZtg+mFxcvTEaUC6/evn1q6bF5Pq+fnv8HDzQf/7tiaU88HBHpSbw/Ih6JiEezvj8WEY9HxIE28f/w4hPvdh5/m1X5Hkrjn13r+Mfy479m4lJErNhSPPv9N53Hn0uP/5Fa6mC2JX/+a2ddPe3qbAYAAID/nqT2GfhCMt5IJ8n4eP0z/LtjW1KZX1h85tT8++dn65+VH41SsnylK18PnczWhvP81Kr84Wzd+PPi1lp+fGa+Mtvn2GHQbW8x/lO/F/vdO2DD+b4WDC7jHwAGj9d/GFzGPwyuZuP/oz70A9h8a7z+b92sfgCbz/wfBpfxD4PL+IeB1PK78UlalNZY5xfpJe4gUe7ZP/y23NFvNdxBIpK7YtfdQ4lSNC0aWvePWXSZ2NK0qN/PTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL3xbwAAAP//gELc7A==")
syz_mount_image$msdos(&(0x7f0000000300), &(0x7f0000000040)='.\x00', 0xe0, &(0x7f00000001c0)=ANY=[], 0xfd, 0x0, &(0x7f0000000000))

386.235127ms ago: executing program 3 (id=4520):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50) (async)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48) (async)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='mm_page_free\x00', r3, 0x0, 0x4}, 0x18)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000003, 0x20000000ec072, 0xffffffffffffffff, 0x0) (async, rerun: 64)
mbind(&(0x7f00005b4000/0x4000)=nil, 0x100000000004000, 0x0, 0x0, 0x0, 0x2) (rerun: 64)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r4}, 0x10)
getrusage(0x0, &(0x7f0000000900)) (async)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10) (async)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000a00000008"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10) (async)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50) (async)
r9 = open$dir(&(0x7f00000012c0)='./file0\x00', 0x2a00, 0x3)
readlinkat(r9, &(0x7f0000001300)='./file0\x00', &(0x7f0000001340)=""/120, 0x78) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async, rerun: 64)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000200)='signal_deliver\x00', r5}, 0xfffffffffffffccb) (rerun: 64)
r10 = socket$nl_route(0x10, 0x3, 0x0)
r11 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000380)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x81, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x1}, 0x50)
bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000000400)=r11, 0x4) (async, rerun: 64)
sendmsg$nl_route_sched(r10, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000440)=@newtaction={0xe68, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {0xb9}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x8}, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}], [{}, {}, {}, {}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0) (async, rerun: 64)
unshare(0x22020400)
syz_clone(0x26801000, 0x0, 0x0, 0x0, 0x0, 0x0) (async, rerun: 64)
r12 = socket$key(0xf, 0x3, 0x2) (rerun: 64)
sendmsg$key(r12, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000100)=ANY=[@ANYBLOB="020300030f0000002cbd7000fbdbdf2503000900800000001cdc0dca1d9f68846960e56de42944af030006000000000002004e22ac1414bb000000000000000002000100000000000000070c01000000030005000000000002004e21ac1e010100000000000000000200130003000000283b010000350000"], 0x78}, 0x1, 0x7}, 0x0)

385.552197ms ago: executing program 1 (id=4521):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0600000004000000ff0f0000"], 0x39)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f00000003c0)=@raw={'raw\x00', 0x4008, 0x3, 0x218, 0xf0, 0x32, 0x148, 0xf0, 0x148, 0x180, 0x240, 0x240, 0xf0, 0x240, 0x7fffffe, 0x0, {[{{@ip={@private=0xa010100, @rand_addr=0x64010102, 0xff, 0xff0000ff, 'syz_tun\x00', 'nicvf0\x00', {0xff}, {0xff}, 0x2e, 0x2, 0x14}, 0x0, 0xc8, 0xf0, 0x0, {}, [@common=@addrtype={{0x30}, {0x1040, 0x224, 0x0, 0x1}}, @common=@unspec=@addrtype1={{0x28}, {0x0, 0x0, 0x334}}]}, @common=@unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x1, {0x2, 0x94}}}, {{@ip={@broadcast, @initdev={0xac, 0x1e, 0x1, 0x0}, 0xffffff00, 0x0, 'vlan0\x00', 'caif0\x00', {0xff}, {}, 0x2, 0x3, 0x19}, 0x0, 0x70, 0x90}, @unspec=@TRACE={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x278)

323.255847ms ago: executing program 1 (id=4522):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000001300)=@newtfilter={0xc90, 0x2c, 0xd27, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x0, 0x7}, {}, {0xa, 0x1}}, [@filter_kind_options=@f_bpf={{0x8}, {0xc64, 0x2, [@TCA_BPF_FD={0x8}, @TCA_BPF_POLICE={0xc58, 0x2, [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x4, 0x1, 0xe, 0x5, 0x3, 0xda, 0x1, 0x7, 0x0, 0x1000, 0x0, 0xfffffffc, 0x3e8d, 0x80000000, 0xd7b, 0x7, 0x8, 0xffff, 0xfffffffc, 0x401, 0x5, 0x5, 0x7ff, 0xe, 0xfff, 0xf, 0xfffff001, 0x7, 0xe11, 0x3, 0x1, 0xfffffffc, 0x80000001, 0xd, 0x1, 0x7, 0x2, 0x9, 0xffffcc0b, 0x5, 0x2, 0xc5, 0x2, 0x5, 0x1, 0x1, 0xfa, 0x4, 0xfff, 0x0, 0x59c, 0xfffffffa, 0x7, 0x7, 0xfa4a, 0x1bd, 0x470c, 0x4, 0xb, 0x6, 0x10001, 0x7fff, 0x3, 0x9, 0x96, 0x0, 0x5, 0xffffffff, 0x1, 0xe, 0x6, 0x7, 0xfffff000, 0x80c5, 0x7, 0x2, 0x3, 0x8, 0x10000, 0x0, 0x1, 0x9, 0x5e39, 0x4, 0x4, 0x1, 0x291b, 0x4, 0x0, 0x9, 0xc, 0x8001, 0x0, 0x1ff, 0x3, 0xfffffffd, 0xfff, 0x80, 0x4, 0x2000000, 0x2, 0x28c, 0x5, 0x5, 0x3, 0x2, 0x206, 0xce5, 0x5, 0x9, 0x34, 0x5, 0x3, 0x14, 0xfffffffe, 0xb, 0x1, 0x3, 0x7, 0x2bc, 0x8, 0x4, 0x7fffffff, 0xfb, 0x1, 0xf0ca, 0xcf, 0xc8, 0x5, 0x7, 0x10, 0x3ff, 0xc, 0x5f, 0x3, 0x3, 0x5, 0x2, 0x9, 0x7fffffff, 0x83, 0x8, 0x9, 0x1, 0x12, 0x81, 0xb, 0x5, 0x1, 0x1ff, 0x100, 0x4, 0x1, 0x4, 0x10, 0x2, 0xe, 0x4, 0x101, 0x2, 0x20, 0x101, 0x7, 0x1, 0x2, 0x0, 0x1, 0x2, 0x1, 0x80000001, 0x3, 0x4, 0x2, 0x8000, 0x2, 0x4, 0x1000, 0x8, 0xffffff9d, 0x7, 0x6, 0x401, 0xffffc000, 0x4, 0x8, 0x8, 0x21, 0x3, 0x6, 0x3, 0xb87c, 0x0, 0xae0, 0x2, 0x8, 0x9, 0xdf0, 0x7, 0x3a2a, 0x2, 0x4, 0x8000, 0x9, 0x7, 0x2, 0xfffffffb, 0x7, 0x8, 0x90b4, 0x5, 0xfff, 0x9, 0x81, 0x3, 0x3c8, 0x7d, 0x5, 0x2, 0x6, 0x5, 0xb2f3, 0x0, 0x9, 0x1, 0x7, 0x63, 0xfffffffc, 0x8001, 0x3a, 0xe6, 0x2, 0x3ff, 0x4, 0x1ff, 0x5, 0x2, 0x8000, 0x80000001, 0xf0, 0x7, 0x28, 0x3, 0x2, 0x7, 0x2, 0x0, 0x9, 0x8, 0xfff, 0xfffffc21, 0x0, 0x5, 0x6, 0xc9, 0x0, 0x101]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x1673, 0x20000000, 0xffffffe8, 0x5, 0x5, {0x7, 0x1, 0x2, 0x3, 0x81, 0x6}, {0xc, 0x1, 0x8000, 0x3, 0x100, 0x8}, 0x7, 0x5, 0x4}}, @TCA_POLICE_RATE={0x404, 0x2, [0x1f60, 0x16, 0x621a, 0x0, 0xc, 0x8, 0x7, 0x6, 0x2, 0x200, 0x3, 0xffffff01, 0x0, 0x100, 0xfffffffa, 0x1, 0x2, 0x8, 0x2, 0xffffafbe, 0x3, 0x6, 0x2, 0x31, 0x7d, 0x19f, 0x0, 0x5, 0x46e, 0x1, 0x9, 0x1000, 0x4, 0x8001, 0xa, 0xf, 0x7f2, 0x893, 0x80a8, 0x9, 0x4, 0x2, 0x1000, 0x0, 0x8, 0x0, 0x8, 0x8, 0xd72, 0xfff, 0x5, 0xe0000, 0x5, 0x100, 0x0, 0x0, 0x6, 0xef, 0xbde7, 0x1a4, 0x7, 0x400, 0x8, 0x2, 0x200, 0x9, 0x5606, 0x333969c9, 0x8, 0x8f0, 0x200, 0x4b7d, 0x9, 0x8, 0xffffff7f, 0x81, 0x2, 0x1, 0x3, 0xd, 0x1, 0x7fff, 0x7, 0xfffffff7, 0x5, 0x729e, 0x7ff, 0x2, 0x5ff, 0x2, 0x0, 0x4, 0xfffffff9, 0x8, 0x6, 0x1010, 0x4, 0x0, 0x1ff, 0x6, 0x4, 0x5, 0x3, 0x6, 0xa5, 0x1, 0x2, 0x19, 0xf18, 0x864, 0x0, 0x8, 0x45, 0x7, 0x1, 0x80000000, 0x2, 0x3, 0x7fffffff, 0x6, 0x1ff, 0x7, 0x3, 0x1, 0x4, 0x9, 0x7, 0x0, 0x2, 0x4, 0x7ff, 0x6, 0x1, 0x3, 0x6c6b, 0x200, 0x4, 0x80000000, 0x5b4, 0x9, 0x3, 0x7, 0xffffffff, 0x3, 0x3, 0x4, 0x8, 0x3, 0x7b5, 0x6e8, 0x80, 0x8, 0x1, 0x3, 0x4, 0x1ff, 0x9, 0x2, 0x8000, 0x6, 0x8c2b3531, 0x2, 0xa7, 0x0, 0x200, 0x8ca4, 0x4, 0x7, 0x4, 0x8001, 0x22c, 0x400, 0x5, 0x9, 0x5, 0x9, 0x399e, 0x0, 0x81, 0x100, 0x200, 0x4, 0x101, 0x9, 0xfffff0a9, 0x81, 0x3, 0x4, 0x200, 0x3, 0xe7e, 0x103, 0x9, 0x40, 0x80000001, 0x1, 0x2, 0x5, 0x8, 0x8e1f, 0x7, 0x4, 0x3, 0xa, 0x3f, 0x5, 0x6, 0x1, 0xfffffffb, 0x8, 0x5, 0x2, 0xffff, 0x4, 0x296, 0xe9, 0xdb, 0x9, 0x2, 0x2856, 0x662, 0xe, 0x8, 0x4, 0x0, 0x9, 0x1, 0xd9a0333f, 0x3ff, 0xfffffffd, 0x72c6, 0xfffffffd, 0x1, 0x0, 0x3, 0xc, 0x4, 0x1fe0000, 0x40, 0x8000, 0x9, 0x2, 0xfffffff7, 0x401, 0x2, 0x2, 0x0, 0x6, 0x94, 0x3, 0x7f, 0x7fff, 0x9, 0x8, 0x8, 0x7]}, @TCA_POLICE_RATE={0x404, 0x2, [0xc71e, 0x0, 0x9, 0x9, 0xc03, 0xfffffffe, 0xa, 0x1, 0x800, 0x8, 0x28, 0x9, 0x6, 0xb8f0, 0xcd, 0x9, 0x7, 0x1, 0x5, 0x1, 0x9, 0x6, 0xff, 0x4, 0x80000000, 0x7, 0x3, 0x9, 0x2, 0x7, 0x0, 0x3dc, 0x8001, 0xff, 0x759, 0x80000001, 0x14, 0xfffffff7, 0xfffffff9, 0x3, 0x3, 0x3, 0x3, 0x6, 0x2, 0x80000001, 0x0, 0x400, 0x4, 0x5, 0x3c9, 0x9, 0x400, 0x6, 0x8, 0x800, 0x1, 0x1, 0xa, 0x0, 0x3, 0xd5, 0x4, 0x7, 0x4, 0x401, 0xb277, 0xd, 0x3, 0x2, 0x4, 0x2, 0xdb4a, 0x8, 0xde68, 0x7f, 0xff, 0x4, 0x5, 0xf, 0xf, 0x9, 0x80000001, 0x4, 0xffffffc0, 0x8, 0x2, 0x409, 0x7, 0x200, 0x2, 0x2, 0xff, 0xa88, 0xd9c, 0x3ff, 0x5c53, 0x9, 0xc36b, 0x1, 0x5, 0x2, 0x7, 0x8, 0x2, 0x100, 0x80, 0x4, 0x5, 0x7, 0x4, 0x1, 0x4, 0x5, 0x8, 0x0, 0x5, 0x7fffffff, 0x0, 0x7, 0x0, 0x1, 0x1, 0x8, 0x7ff, 0x6, 0x6e19, 0x7ff, 0xd19a, 0x5, 0x4, 0x3, 0x9, 0x1c, 0xffffffff, 0x8, 0x6, 0x8, 0x9f, 0x1, 0x80, 0x2223, 0x5, 0x7, 0x4, 0x5, 0x8000, 0xfff, 0xfffffff9, 0x9, 0x8, 0xf7b, 0x3e, 0x6, 0x6, 0xffff, 0x3, 0x1ff, 0xc68, 0x3ff, 0x9, 0x2, 0x1, 0x9, 0x1, 0x5, 0xfffffff9, 0x6, 0x3, 0x8000, 0x4, 0xb21f, 0x2, 0x3, 0x9, 0x8, 0x0, 0xaa5c, 0x0, 0x3, 0x1, 0x1, 0x10001, 0x8b, 0x2, 0x4, 0x6, 0x4, 0x4, 0x9, 0xffff, 0xffffffff, 0xaf7, 0x4, 0x8, 0x8, 0xe, 0x2, 0xffffffff, 0x3, 0xffffffbe, 0x6, 0xff, 0x101, 0x400, 0x1, 0x6, 0x0, 0x10, 0x80, 0x9, 0x72, 0x1, 0x2, 0x6, 0x8001, 0x3, 0x3, 0x52c, 0x7ff, 0x6, 0x5, 0xa1, 0xe742, 0x8, 0xfffffff7, 0x3, 0x4, 0xc8cd, 0x0, 0x2, 0x2, 0xfffffda0, 0x7, 0x7, 0x7ff, 0x26, 0x8, 0x3ff, 0x3, 0x1, 0x3, 0x100, 0xfffffff7, 0x3, 0x8, 0x2, 0x9, 0x8, 0x0, 0x7, 0x7fffffff, 0xfff, 0x61, 0xe, 0xfff]}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x5}]}]}}]}, 0xc90}, 0x1, 0x0, 0x0, 0x80}, 0x40010)

322.768517ms ago: executing program 2 (id=4523):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'batadv_slave_0\x00', <r0=>0x0})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a0000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r1}, 0x10)
sendto$inet6(0xffffffffffffffff, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'veth0\x00', <r4=>0x0})
setsockopt$packet_add_memb(r3, 0x107, 0x1, &(0x7f00000004c0)={r4, 0x3, 0x6}, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x2, 0x300)
setitimer(0x2, &(0x7f0000000200)={{}, {0x0, 0xea60}}, 0x0)
clock_gettime(0x2, &(0x7f0000000140))
setsockopt$packet_add_memb(r6, 0x107, 0x1, &(0x7f0000000100)={r4, 0x1, 0x6, @remote}, 0x10)
sendmsg$nl_route_sched(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000440)=@getchain={0x24, 0x11, 0x1, 0xfffffffe, 0x2000001, {0x0, 0x0, 0x20, r4, {0x7, 0xa}, {0xd, 0xc}, {0x8}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x20048054)
sendmsg$nl_route(r2, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000300)={&(0x7f0000000480)=@newlink={0x4c, 0x10, 0x400, 0x70bd2c, 0x25dfdbfc, {0x0, 0x0, 0x0, r4, 0x6b806, 0x180}, [@IFLA_IFALIASn={0x4}, @IFLA_PORT_SELF={0x4}, @IFLA_PHYS_SWITCH_ID={0x22, 0x24, "dc422de4ef80faa070f97352687b6ebf722a80c0c0cd5f0ceebae40e89ba"}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4048001}, 0x24000000)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSIGACCEPT(r7, 0x4b62, 0x8000000000008)
ioctl$TIOCGDEV(r7, 0x80045432, &(0x7f0000000500))
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x20, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x4, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000004100000071028000000000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x4, 0xb, &(0x7f0000000080)=""/11, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xb}, 0x94)

322.356687ms ago: executing program 3 (id=4524):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}, 0x6037}], 0x1, 0x1822b, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='mountinfo\x00')
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x4, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x100, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1fb}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)
sendfile(r1, r1, &(0x7f0000000000)=0x2eb4, 0x2000007ff)
syz_emit_ethernet(0x4e, &(0x7f0000000080)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x9, 0x6, '\x00', 0x18, 0x6, 0x0, @private0, @local, {[], {{0x4e24, 0x4e24, 0x41424344, 0x41424344, 0x1, 0x0, 0x6, 0xc2, 0x3, 0x0, 0x3, {[@generic={0xfe, 0x2}, @nop]}}}}}}}}, 0x0)

283.387108ms ago: executing program 1 (id=4525):
fsopen(0x0, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, 0x0, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[], 0x10}}, 0x0)
bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r1, &(0x7f0000000200)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000002c0)={{{@in=@broadcast, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x3}, {}, 0x0, 0x0, 0x1}, {{@in=@empty, 0x0, 0x33}, 0x0, @in=@private=0xa010100, 0x0, 0x0, 0x0, 0xb7, 0xffffffff}}, 0xe8)
sendmmsg(r1, &(0x7f0000007fc0), 0x800001d, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
unshare(0xa000200)
r4 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r5 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x100000a, 0x12, r5, 0x0)
write$selinux_load(r4, &(0x7f0000000000)=ANY=[], 0x603f)
semget$private(0x0, 0x4000, 0x0)
semtimedop(0x0, &(0x7f0000000000)=[{0x2, 0x40, 0x1800}], 0x1, 0x0)
unshare(0x20060400)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000000)={0x1, &(0x7f0000000400)=[{0x6, 0x1, 0x2, 0x7fff7ffc}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="700200001300290a000000000000000007000000", @ANYRES32, @ANYBLOB="000000000000000010010c8013000c800ca3488008000000000000000800038064001d80050006000000000014000500714abbd2547de97cbbf6efb226f19bf90d0002003a288e5e5b5b5a40000000006000078014000400293a02149f3b75a67093c28fd6f55a2314000400e48f01e49713f0c2d839f940d9f088d8050006000000003bd00002006272696467655f736c6176655f30000007000200293a00000500060000000000080001000000000018002580140004004d2906d0880fc8acc30fe2020f9849675000028004000500a1085e7df341b9dc3d8008a2fe5bdaad140004009c7e472c916020fe41bcc5aa8f56c9471400050080ab8be51421cfa3c9e5cbfe8217e0af0800010000000000080001000000000060001a803f0003"], 0x270}, 0x1, 0x0, 0x0, 0x20008014}, 0x4)
sendto$packet(r1, &(0x7f0000000440), 0x0, 0x46880, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
close_range(r6, 0xffffffffffffffff, 0x0)

280.521988ms ago: executing program 2 (id=4526):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r0, 0x6, 0x1, &(0x7f0000001240), 0x4)
r1 = creat(&(0x7f00000000c0)='./file0\x00', 0xdafbe5d6891b6e4)
inotify_init1(0x0)
write$binfmt_elf32(r1, &(0x7f0000005640)=ANY=[@ANYRES16], 0x69)
close(r1)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001780)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=<r5=>r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x100b28, 0x6, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x400c84, &(0x7f0000000000)={[{@acl}]}, 0x1, 0x79a, &(0x7f0000001480)="$eJzs3c1rHGUYAPBnNtmkTauJIGi9GBA0UJqYGlsFCxUPIlgo6Nl2SbahZpMt2U1pQkCLCF4EFQ+CXnry4Ee9efXjqv+FB7FUTYsVDxKZzWy7aXbTfG9sfj+Y5H3n3dlnnvl8d2eYDWDP6k//5CIORcQHSURvNj6JiHyt1Blxcul1txbmR9MhicXF1/5Iaq+5uTA/Gg3TpA5klUcj4od3Iw7nVsatzM5NFEql4nRWH6pOXhiqzM4dOT9ZGC+OF6eODY+MHD3+7PFjW5frXz/PHbz24ctPfX3yn3ceufr+j0mcjINZW2MeG3ZiebU/+rNlkk8X4TIvbTrY7pK0ewbYkHTX7Fjay+NQ9EZHrQQA3M/eiohFAGCPSZz/AWCPqX8PcHNhfrQ+tPcbiZ11/cWI2LeUf/365lJLZ3bNbl/tOmjPzWTZlZEkIvq2IH5/RHz27RtfpkNs1XVIgDV4+3JEnO3rX3n8T1bcs7BeT6/S1pX9779rfBrfFWjYGd+l/Z/nmvX/crf7P9Gk/9PdZN/diGb7/7IR+1ed/MRm41//POKFhnvbbjXkn+nryGoP1Pp8+eTc+VIxPbY9GBEDke9O68OrxBi48e+NFSMb8qr3//786M0v0vjp/zutud86u5dPOlaoFjaTc6PrlyMe60ya5J/cXv9Ji/7v6TXGeOX59z5t1Zau/zTf+rAy/8juTtoei1cinmy6/u/c0Zasen/iUG1zGKpvFE1888snPa3iN/b/0yGNX/8ssBPS9d+zev59SeP9mpWWb9XVquGnK73ft2q7d/7Nt/+u5PVlQS8VqtXp4Yiu5NWV44/emfZS4fGstPT6NP+BJ5rv/6tt/+lnwrMtF8Vyndd+/2rj+W+vNP+xda3/9Reu3proaBV/bet/pFYayMas5fi31hnczLIDAAAAAAAAAAAAAAAAAAAAAAAAgLXKRcTBSHKDt8u53ODg0m94Pxw9uVK5Uj18rjwzNRa138rui3yu/qjL3obnoQ5nz8Ov149mT+2s15+JiIci4uPu/Un9OYpjbc4dAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOoOtPj9/9Sv3e2eOwBg2+xr9wwAADvO+R8A9h7nfwDYe9Z2/u/Y9vkAAHaOz/8AsPc4/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDNTp86lQ6Lfy/Mj6b1sYuzMxPli0fGipWJwcmZ0cHR8vSFwfFyebxUHBwtT97r/Url8oWRmJq5NFQtVqpDldm5M5PlmanqmfOThfHimWJ+R7ICAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgPWpzM5NFEql4vR9X+jKMt7E++TvHrO4C/JqLOQjoi3RO7KFuxsWwo4Xkt0xG1tcaONBCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB/5L8AAAD//5NXHCA=")
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffed3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
r6 = socket(0x15, 0x1, 0x8)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000c40)=0x14)
syz_io_uring_setup(0x635, &(0x7f0000003080)={0x0, 0x73d2, 0x2, 0x3, 0xc6}, &(0x7f0000003100), &(0x7f0000003140))
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB], 0x24}}, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e00000008000000000018000380140003801000018004000300080001"], 0x44}}, 0x0)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="0700000000000000000005000000180001801400020073797a5f74756e0000000000000000001800038008000400000000000800020009000000040001"], 0x44}}, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/vlan/vlan1\x00')
r9 = socket(0x28, 0x800, 0x10001)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYRESHEX=r5, @ANYRES32=r2, @ANYBLOB='\x00'/15, @ANYRES32=r9, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0d00000003000000040000000700000001000000", @ANYRES32=r10, @ANYBLOB="0000000000000000f9ed890200"/29, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000001380)={0xffffffffffffffff, <r11=>0xffffffffffffffff})
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
sendmsg$inet(r11, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000ac0)="75c1cc54649640be1983f79c5bfe88cd6a6a000070ab59578db363f49fcfec3197381b13892559f334d436138406b699de69db13fd42d5737428808940bcd0840dc930c81a8bd8b665cd232c5831977dd63ce2c88d43b17760a6e0df533940a702485bb198e47be60c4fe6987e7a0dc395ab72756496f2e0616a18998c294c8e674758ffa13b00bab2df9ca37a0bd8f0bb843fe86124390c62f05d76038a6e1610780f0310692de128832c32940a6e848b17d1b5a0c20f7ff5a7a2e353f9363a037d054cf0409c89cd80165cf27bf7904a0d47cfd06acc1e4606bb5a8d26ace7578e8f5d151eb60e63969461a96e66f9cf4203d5bb7af3f62bc02693a1d5af09c6d1f5c7d27e991ce5c388b925aacf29f77ff12a5589aa7174c130ba477e86188d1ce5168925ebc3e4f071c368fe7e71b209acca43bdc42a1fe0171c4096fe8ddf08e081554bac2dc0d3a4f80cd57aae7305aec6c9d8853e8f80be85b921c951a9fff4a9ff33a348926af5d91fd19bb2d930eeb546444189e76b0cd05a72f52bc74d285d6b6d84680770f88f82474b6c3fc5b641822516eb35fe2ecd17d378b283c2ea4c2295f2d42beebad7b75da375764520e9fc68683118adf1ce73e1c7635161df1cfa4f73fd4ed9811c1c2366472122d7900d073f75e6e5a3104d6a258772b840dcf0a16246ee6ef516a66a0c70283875bdfb0cb3b8fd5f76e8b481193d1ca7310b74f6b2fe4e03b3d67e560784a28a508e302634ada79a9d543a4b6ac9dab6f335cd207d7c4d46ef6922bde6c66b85817d1d9cf191a7573773fc9125b1c9282acae0cc3f381b36a009592d16df4d74de496b1a38a857671eec326ba6d6762d21066de663280c7283629799", 0x26e}, {&(0x7f0000000680)="b0fef28adda62f55a0000000000000001abe0a88f67472c3cd975c9884ae01084df2b71b56e2a043b74efe85a30267fae395e8a051934cefd1a1f19f89180ab1fe20a7e4088d8a3f4304feafe592c403cb5d1991683fcbda9a1404998bc92cb28946223165c906e2bed23ad07caa", 0x6e}], 0x2}, 0x8000)

171.800148ms ago: executing program 0 (id=4527):
syz_open_dev$ttys(0xc, 0x2, 0x1)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f0000"], 0x48)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/201, 0xc9}], 0x1, 0x0, 0x1})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7dc470d00281f324, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x7fff}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000980)={{r0}, &(0x7f0000000900), &(0x7f0000000940)=r1}, 0x20)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r3 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x802)
writev(r3, &(0x7f0000000300)=[{&(0x7f0000000080)="aefdda9d240103005a90f57f02703aeff0f64eb9ee07962c220852f426072a00"/42, 0x2a}], 0x1)
readv(r3, &(0x7f0000000340)=[{&(0x7f0000000180)=""/58, 0x3a}, {0x0}], 0x2)

59.355189ms ago: executing program 2 (id=4528):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000072"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r0)
socket$kcm(0xa, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r1}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x39)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000001c0)={r1, &(0x7f0000000180)}, 0x20)

58.229519ms ago: executing program 1 (id=4529):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="02000000040000000800000001", @ANYRES32=0x0, @ANYBLOB, @ANYRES32=0x0, @ANYBLOB], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x9, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$TOKEN_CREATE(0x24, &(0x7f00000000c0)={0x0, r0}, 0x8)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
r6 = syz_open_dev$usbmon(&(0x7f0000000000), 0x6, 0x200)
readv(r6, &(0x7f0000000040)=[{&(0x7f0000000280)=""/243, 0xf3}], 0x1)
syz_open_dev$usbfs(&(0x7f0000000240), 0x10, 0x80100)
unshare(0x64000680)

29.955189ms ago: executing program 2 (id=4530):
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x500, &(0x7f0000000380)={[{@errors_remount}, {@discard}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5e}}, {@noauto_da_alloc}, {@bsdgroups}, {@jqfmt_vfsv1}, {@abort}, {@data_err_ignore}]}, 0x1, 0x476, &(0x7f0000000540)="$eJzs3M1vFOUfAPDvzLblx2v7Q3wBUavE2PjS0oLKwYtGEw8YTfSAN2tbCKFQQ2sihEg1Bi8mhkTP6tHEv8CbF6OeTLzq3ZAQ5QJ6qpnZmbK7dLctLLuF/XySZZ9n5pl9nm9nnp1n5pklgJ41nP2TRGyLiN8jYrCarS8wXH27duXc1D9Xzk0lsbT05l9JXu7qlXNTZdFyu61FZiSNSD9JikrqzZ85e2JydnbmdJEfWzj53tj8mbPPHD85eWzm2MypiUOHDh4Yf/65iWfbEmcW19U9H87t3f3q2xdfmzpy8d2fv8vau61YXxtHg00N72s2nAX+91JueWFafXt83RFsbNtr0klfFxvCulQiIttd/Xn/H4xKXN95g/HKx11tHHBbZeemFie2xSXgLpZEt1sAdEd5os+uf8tXh4YeG8LlF6sXQFnc14pXdU1feameXxttv031D0fEkcV/v8pe0fo+BABAW3w29eXheHql8V8a99WU21HMoQxFxP8jYmdE3BMRuyLi3oi87P0R8cDqVaa1mcapoRvHP+mlmw5uDbLx3wvF3Fb9+G+5mUOVIrc9j78/OXp8dmZ/8TcZif5NWX68RR0/vPzb583W1Y7/sldWfzkWLNpxqa/hBt305MJkPihtg8sfRezpWyn+ZHkmIImI3RGxZ30fvaNMHH/y273NCq0efwttmGda+ibiier+X4yG+EtJ6/nJsf/F7Mz+sfKouNEvv154o1n9txR/G2T7f0v98d9YZCipna+dX38dF/74tOk1zc0e/wPJW/m2A8WyDyYXFk6PRwwkh/N83fKJ69uW+bJ8Fv/IvpX7/85imyz+ByMiO4gfioiHI+KRou2PRsRjEbGvRfw/vdR8XX38m7d1Y/9PN3z/bc7XLB//Dft//YnKiR+/X7n2r99Z2/4/mKdGiiX5998q1trAW/zzAQAAwB0hzZ+BT9LR5XSajo5Wn+HfFVvS2bn5haeOzr1/arr6rPxQ9Kflna7Bmvuh48li8YnV/ERxr7hcf6C4b/xFZXOeH52am53ucuzQ67Y26f+ZPyvdbh1w2600jzYx0IWGAB3X2P/T+uz51zvZGKCjmj5Hs6Wz7QA6b5Xn6NJOtQPoPP9fC/Sulfr/+Ya8uQC4Ozn/Q+/S/6F36f/Qu/R/6Emr/Ui+cou//Ze44xLJ2gpH2v2mboxEf0S05QMHNkQ4RaLb30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADt8V8AAAD//5qI6jE=")
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$dir(0xffffffffffffff9c, 0x0, 0x42800, 0x0)
getdents64(r0, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000005c0)={{r2}, &(0x7f0000000540), &(0x7f0000000580)='%pS    \x00'}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
sendmsg$NFT_BATCH(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x9, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x9}]}], {0x14}}, 0x64}}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="0c0100001000130428bd700000000000e0000001000000000000000000000000000000000000000000000000000000014e2100004e2400000200202000000000", @ANYRES32=r4, @ANYRES32, @ANYRESHEX=r5], 0x10c}}, 0x804)
write$binfmt_aout(r5, &(0x7f00000000c0)=ANY=[], 0x20)
syz_genetlink_get_family_id$gtp(&(0x7f0000000440), r5)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0x29, r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='kfree\x00', r7}, 0x10)
r8 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$inet6_opts(r5, 0x29, 0x39, &(0x7f00000009c0)=""/211, &(0x7f0000000180)=0xd3)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="240000002100010000000000000000000a000000000000000000000005001e"], 0x24}}, 0x0)
sendmmsg(r8, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r9 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r9, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000000)={<r10=>0xffffffffffffffff}, 0x111, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_DESTROY_ID(r9, &(0x7f0000000f80)={0x1, 0xe, 0xfa00, {&(0x7f0000000300), r10}}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

29.137749ms ago: executing program 0 (id=4531):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000008600000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4b, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = gettid()
process_vm_writev(r2, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESHEX=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000002"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
request_key(&(0x7f00000002c0)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x3}, 0x0, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000001040)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffefc}, 0x94)
prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='gtp\x00')
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r7, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r7, &(0x7f0000000280)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r8, @ANYBLOB="01000000020000001c0012000c000100626f6e6400"], 0x3c}}, 0x0)
sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000002000)=ANY=[@ANYRES8, @ANYBLOB="c6b35a23d2137fde0359b542aabe924f7630e732fccb5eec3857a7ca170f3f3c8f8a8876f8de52745848f6173439543986cacca4255752d5d5e5988d7ea1d1565d699f7599ebd43a8f4e51fe5360119628810842770abe97cca7579b2a9921ff832854745f8eba2e92fbf212655293d631ea4c56d60f7ba37ed8075afeedb32c1ced40970f41e3f450c1495df9ecf22e6751c1071448969a221bebc9b4cbbd448bb843bc63e9116eb97bc284c11215123706b0e0472bcf542c70cb9c7a3ed15eb7ced05d17c19630b7dffcd5b72e29b211106ae8d27b663b222e05251fa4a5c27c932fd775122c1f7b2da01d8d53d2c735f7eb2c760c2dd090bcc073130cf1b5543cc87f636b4053ccdfd4d82247c38ffa1d2bd9346ef9df69992add85ce6d1b30575d9f8b2d4b067220381399904b3649a1a80178e9179cdfb79f97b7392de57958a1ba252236658f1126e3809c0acf7fdaa36dfaf04bf3f01fc2c55e959bccf62fd9f82334baa93602872ebbdfb2a599f63399c0b355c2eff195901f5c6731f960bfe32595f8971bd7268b16893a8802285f5161657477b9738f65b7738a54cdbd47dc523983791493616784db4c8dab1cc4b5490c2e1ce642d067c66c4307a4f8432b3524a79a9304ea8f021ec82f25762db8558f4f1c4a559650aa04b3c09a1086c58cacb3635e5c7919b0e861e7072fc43060f425f473ee650d7827affa0e7b749f8c428bb72f2be2f94ff409a39849936fe87c8f55f9fbc185456b39bedfec80541bcd12e0ec67467a02ab35477256ed0f02a917505745cce0203b3f1bfea5eccd43a9c6efc8b008a824357d8dd4ec87f128af0b9b563e6974473d60d183d9fd76817acf4e4ca6626d84f1e412fddd62d6c48121f300decd9f3efa1b4130226d2c771228ae0be509caca7396b668f9ba4d05795067be8107faedfcc604e53b776ace7db464a42ce7df97f1a29df83d36a003c50b72e2c5c90ab3d5d5ffbfe611d150216c2e8b01a6dbd0b6ff902443043bc117d85536ba594375f2f04f193ab1c826729a5fe97cb64be41d660e3cf93983a0dd93b2903c9c321b125c189b0d2346d57e49262de56e2deca04beb271a7163df70367327208d39e700be5bbbca5b97b727fac75d382053c07269a7aa307fac4734f5d178b36e1e4bcf4ad453cf8109340ff18d661ea76eb1daa22e62212ec9927df7625a34f3027412e9d263d9717a56ab89241cb515ebd2c99c6beb5d6802d77b2b168cbb0bcc5aeeafb332e47b5a38e87784e73bf10c156a5b7ced030f88931339f166308a3165e3d824e6158fae0865aa7cc003f75810469e802a0771dcfae0a398e54136b65f72951098e98829902388d0d178619601e3afce22f4a1ba0853a89be96bb34b75c7e99851d798c62ab2ac697493218b3cd5b2d374ae3348e4fe99267572b73e4e0d7cb86fa26eb03d136df96a04c7f100d85a386bd4919d5b68e0b1aa0931fbd80964003434488d4922409d39936395dedf43ea90e072f52abc118aca7b004f79379f22fd3a7f9bf79ccb467b7d662fb95c560f61ff83e56891880b3e4e7f8f75e19fd28e5646223d81e205db81e3ed11f086885ea66528a9818d837311bfb9841c5c0b5467edbdfcd33cb05cf7f5c9ac466f03ce00f65b469f2ff1869371387f6c576a7f971a5fdfd9e01912a16fa52f0acfa6678fdc7e77b96e53a1f580852dfcce8fa8d9120c33384918e022a1083a386f0b9113b8d7753785f555c25d7393df458593a41594bae62047d9e486f47c98341510640046d10fbb7633e7290f8802da970eeb1901c699633d525c524f30f0ab75f5a5427176498650bf330f7ac7d5d8191e7ca6e1bec8966cb350e501b1d89a894438700aa52277775793d7d888ce2f5d2441a89968c51bfb0780c7e56ddf45dc1c37bd1f798b4f5b8217af82421674f11d84465863b2b7b6f0ac7c6c2fc0ccc7ecffba269273f50a2568bacaeed04b4153b93d1d4fa449eabb93647f2bedc4073bd41434f2f1a4b564ca164198f61bc3d350092b6b382d95102d012313219ab98bad60acddd73b3a4e05a4e4b719dc3380d909322900dd8a09b7e0534ec967b9ed10dcea875e4ed5d4ebeffcf6e9eca2f00d6df0c0edbb6d3146ce73ddef5c3288a32ca9a8f4d886776315ebd754bc1b2b9f1308ac7c8c7b7a2b4039562683049f80c713e26a31487f8913b1c1c600445f7eced395fe1a57c821ca105d76a3fb0dbf36ae34666380d7669c5ac89a71eb61ddff9abc528beb0a791f13ae3aa2a30b588a8d9701eb906dbebf15f2e998b57e8ae8fb33e685b9604a09af5a9c4edfc6ae21a2c1446361c022a7557594c100fb358d0348d3102e9d88fe99aa31badc22c6af67d9612f1366bbe3ddb7cb10c141bb6f0cd1bd381f32cbfad09dee067cc2563571bcf3446be490bd7604b2f42810d2d09d2ec0dc17bb31f2b5d43da23ad9e502b3b4b783509bc870646fabd5bc21daced8bdc40eaacdcab59b4266edbaa2e669b490efde4100a27f4edf3459dbc9a2030c82880eea27e70844f6a7fa24aa071d8ac11ad02d71fab06d3524b62bdeb28dfa4b2b82116b20914dea31d292571856440a1bf36f1926945ef0a2fb379f2354f19455ae3d645e5b18f2fdb0814f6124d1aa78c9bfd33389a71688d2b08f255a5126fa3f3eecc00df0059e5f8e5bc0fb5e44b93644ed6fc4d08532b66d5b6c8fdf6a58b017b2a524592d0f1d06396b3f3225c04a68c275618667d98fdf1eca5f172df45c36932da050bdfda72cf9ffdbe9982019bb37e24d3ce612e0230009af992373aa351760fcec37d079e128caf8621123ca017f76fce085207ff5f416025158fda23fe4ff489c5233b31190360fc0ca617a7375e40b4e915e29c00bab12d4ecbe84ef6f01c6936f79eee4892a4fe0e3bec25cefcbcbc05dd3da7afdb439478b9fa5d9e5514eff379ddea33cba9c15589a0156fd5a1c8837d6d3c29fc4081631c58824b5e899724d4cd583daccccfce56ddb25a17a49336dae18db20626ad04d37f343eb146ddfce9a8c713156383cbb5743bec7ff71cfb606e2be0c2a94915c5e11ff65b7802247292dc42d921ac446ced9887e4fffecf49efa7ee33806fc84b1ac54e2e2880fc1097d9a37a958f7191885caf55342933a56b225b6e1fb0fd01dda79054091a8d935f2a6d222ac71dd87d56a57bfb57280f9d17516b6cd4136225267897e0fa6123ffca1bca37edbb3871008fac7ddff6863f5f5cd0042e07d0281ac3e6fb4a83c98daec17401dcec73029697f2c78ca4564a2feb759c87da0c0d57d8de281a0fdff0eb360ff68eefe0fef40a256b6bdab0d59ff7e0a935ad96745cf21b2f55fef259175a908789905100789c7353678a7a6289f26ddd84f85f357030caabe40da68d3c3e33ded2ceb1d65643e9b82a30484c66b23be5184673d69aede594d5c00899939d6636e9eac50cd2a25fa1571c54260cde78183af1af40b3de6d968f1eaa5204adf0709b0744d717f886b899f9793ba0cc091fa7ef15856718a024348319ae40ee6b23f3fc90662c7e9ca1117da8fa24d12620217ca8e9f870f7b19e3819eff0be156e8f301808b14dceb057780a11e1b6c1bbbabd010bea4369b189bfc0f8feef4a8e9da0196bdb88e8bac9bbb1dbcdbf6c7da4141726641c97c19af9bbf45cbc8afbcd9a16ac155f489c306c07cf502ca6251c0eba14ed340eaf309f15e1eea358dca5dbc53dabab32c0087bd18e69d21bbdc65578aff768b8dc8a6f2968bb2c975bdbc0e475047cfd86a1c13b5e2d1781d8578cb90f74ab68c9bba40e2280225c0d3aa1e69946608fbe28533d34b38fedf79a06435758313bf6d63be9ac63a9ab47e681cf51aacb7300cd5a0038040ad4ad757e868905c94f64b58392405ec63f8cdb5d634161e71fcd1fa4f1358f1387a439c9eda06c77f6aec58400853cfdf2c2648e5a3161dd70f680d827c1ce243e7526da5add56df665fac780fd3c56c4c412d4c455dab3f8792e53f1af3545d0f0b8b9f7dc0fc3f9203385d0adc38efda238b7c917dcbd017fee99a96d355c8196f1f2fbf3d24bd40330d646bd1eb1a5493e0448fcaa499b1eea5b6ce754ebea786e48603d00182a68d53d1f9805fddd3e8aa49681f37ea303580e0a9594420c92f35d7ce3c5de295079671c226943d0e00b8487bad199a06d4a46c79ae2a60db81bad116438b518fd5bd1aac449f54177797fb06bbe3cb84a37150ae63aec187304035c73f926577670e73d73c7647e9a76c3754dcdcef816994fddff8f29aab57d35f33fe3f577bf59d283e84d2f54a718f0ed6c052cc295dbb19aa1d63a5063dc403cf1e0fcf63f0153b2a2c6fcea4d98c7ba162d5ed88005915b3b0afce7bf43042c1ac765b63bc260edd6bd1bf7103081c059a4f98d0a380e1472fbd5f0ffb90245689eec391a636f38a87816b26a8af2738708af36d97ab07865d98bcd61f50e1406a1e0e4b4b9e66afcd64994d4536fde1ef58fa4d603905adc74fbc5b87fcc16fcc3bdfabcb3f3ce4f615df2c86b95c73e39b968ed573ae4122434a522a1f725d68e128493773ca5e6841833d816d701ec1eece2198519ea90616ab01edcd10ab0e149ca81f02aab95990462d530124aacbac8ffc192849d20443f81031241546c97845b93d1d9320502b4ea7e5f9c9e87a6ebf15a448ca5ce214b0fce477c2562f018eb30f8994c60dc71efcfcbf836569e982c0314a25633e37346c2a5802f4b73c15524d93fb560276ef5b4741939433838618835127446c7f6963badce5bc7212363796278176742db0217489fa55b8575fca128e5eb558bbcfe05d730a049f4ff1530a0fbaeb4bb9d4fdf35b963efba995a1308aa96a041a7394c8e4a4ceee1eeb0d75bd33d1d6a729efe6f49e3f3bac43de9565c6003ace2f4e3bb67889a890dbd98c39ef703c3ca7de327e9f3cf1f2a306eeee423f9d16f90a120761501054954b756a5b2ef8e3fa83bc27352fe2e844d228ffbbf40d8a5965632acf6108ae4197829afa6066315208c879afc250638f1a5da987415ab0f6d052b7100d73dbfe94c2bee51eec463c2884ef8e8e49fa96323450280874df4e4f3d2286c307df50f9ceb52151e97610dbd851acefc1a6bd8ee73b63f448ad22372ea68591c39b0f8ba5ab8fbc1761c9daf2c9a3b60f3e4b93e2bfd1aeea2933edf57859086587cb5fdf4db88b251750997cd9247cda7cd801ac2fb37b9b1a25d93e362d42b5470d41c74f68054bb39b769cd4fa4f0e86ef9e8e6704638f35a725800b5b181e0f3dfa0588e04d81a5f4c7fd62fee9049c0e638493b03d18e912b72f23cf095b004dfe95559e0fa426643e311ff940a91a9205847b08126eb53f82807d96f15bc294000165d4b209ecb6d01ebfaeb2fcaf2d171b20ec1cb3a0938c184ad708b388acc69e17f7ef82ddfe784dd2c5e1fc31fd86e66167fb25874819f5a58a8c92e692a544df198198bafc914061cd427f97db6a22188735a5e196520ffd987668076ffa9c8a6bb41f97450830f88f0ff072a0a3c4600871d0c86eae52c51fd2b79de15b2d7775ef65f926209d88edc2e1f847fca9f4b0f6b269837af17fcdeba8ffdf1595a785c5f28a757d1ac1da50d63b6f90a2ee83d484a527564382816c6144be75c60fdd88814f671baf7a61136f7dc94088544e39095186524af7778e3905ef18733f8f0be6fde70612c562bab2e0a18e794ecf922a17bb2d22e5eed75f941817c2c85ceeb9889516871eacd29daf912965c7661f70392", @ANYBLOB="00000000003f0000440012800b00010067656e6576650000340002800500030003000000060005004e20000005000400ab000000050009000100000005000a0001000000050009000100000008000a00", @ANYRES32=r7], 0x6c}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
r10 = socket(0x10, 0x803, 0x4)
getsockname$packet(r10, &(0x7f0000000100)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route_sched(r9, &(0x7f0000000280)={0x0, 0x7400, &(0x7f00000001c0)={&(0x7f0000000200)=@delchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r11}}, 0x24}}, 0x0)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020732600000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000180)='kfree\x00', r12, 0x0, 0x2}, 0x18)
mmap$IORING_OFF_SQ_RING(&(0x7f0000c85000/0x3000)=nil, 0x3000, 0xb, 0x10, 0xffffffffffffffff, 0x0)
getpid()

27.39304ms ago: executing program 2 (id=4532):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="020000000400000008000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2e, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x7)
flistxattr(0xffffffffffffffff, 0x0, 0x0)

0s ago: executing program 2 (id=4533):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), r0)
sendmsg$BATADV_CMD_TP_METER(r0, &(0x7f00000004c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000480)={&(0x7f0000000700)=ANY=[@ANYBLOB='$', @ANYRES16=r1, @ANYBLOB="000126bd7000fddbdf25020a0007000000000000e5898a4cbdcd38a4de00002c4f00f17f00009bcc"], 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000340)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x42, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x64, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r3, 0x0, 0x2}, 0x18)
io_uring_enter(0xffffffffffffffff, 0x847ba, 0x0, 0xe, 0x0, 0x0)
mount(0x0, &(0x7f0000000500)='./file0/../file0\x00', &(0x7f0000000040)='sysfs\x00', 0x5, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/mnt\x00')
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x2, &(0x7f0000000440)=[{0x200000000006, 0x40, 0x0, 0x7ffc1ffb}, {0x4, 0x80, 0x4, 0xfffffff8}]})
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x2, 0x3000)
get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000a88000/0x2000)=nil, 0x3)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, &(0x7f0000000100), 0x0, 0xfe, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'sit0\x00'})
syz_io_uring_submit(0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x89f2, &(0x7f0000000080))
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r4=>0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=@newtfilter={0x24, 0x11, 0x1, 0x691522eb, 0x0, {0x0, 0x0, 0x74, r4, {0x10, 0x4}, {}, {0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x4000010) (fail_nth: 8)

0s ago: executing program 0 (id=4534):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x318}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x26801000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
syz_clone(0x26801000, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)=@generic={&(0x7f00000000c0)='./file0\x00', 0x0, 0x28}, 0x18) (async)
r1 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)=@generic={&(0x7f00000000c0)='./file0\x00', 0x0, 0x28}, 0x18)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000001700)=0x4) (async)
sched_setscheduler(r2, 0x2, &(0x7f0000001700)=0x4)
sched_setparam(r2, &(0x7f0000000200)=0x515adf87) (async)
sched_setparam(r2, &(0x7f0000000200)=0x515adf87)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x18, 0x12, &(0x7f0000000000)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffffffe}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@map_idx={0x18, 0x8, 0x5, 0x0, 0xa}, @alu={0x4, 0x0, 0xa, 0x2, 0x2, 0x1, 0xfffffffffffffff0}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r4, 0x10e, 0x8, &(0x7f0000000240)=0x4, 0x4)

kernel console output (not intermixed with test programs):

81e5fa0 R15: 00007ffe6d6e32b8
[  205.677607][T14282]  </TASK>
[  206.002495][T14278] loop4: detected capacity change from 0 to 512
[  206.058513][T14278] ext4 filesystem being mounted at /118/wÅü5ÔTÕÔ)­`)Y�Fæ¾nA­½@T<Ÿ3»Ú‚$¢ó×rçcnH³<¿pƒrèñ¹“>ÅwC¾" žð-ùËòöè€Ó8 supports timestamps until 2038-01-19 (0x7fffffff)
[  206.307309][T14297] netlink: 19 bytes leftover after parsing attributes in process `syz.3.3559'.
[  206.486877][T14310] netlink: 'syz.3.3562': attribute type 13 has an invalid length.
[  206.911091][T14342] FAULT_INJECTION: forcing a failure.
[  206.911091][T14342] name failslab, interval 1, probability 0, space 0, times 0
[  206.923785][T14342] CPU: 0 UID: 0 PID: 14342 Comm: +}[@ Not tainted syzkaller #0 PREEMPT(voluntary) 
[  206.923817][T14342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  206.923833][T14342] Call Trace:
[  206.923839][T14342]  <TASK>
[  206.923846][T14342]  __dump_stack+0x1d/0x30
[  206.923902][T14342]  dump_stack_lvl+0xe8/0x140
[  206.923977][T14342]  dump_stack+0x15/0x1b
[  206.923998][T14342]  should_fail_ex+0x265/0x280
[  206.924025][T14342]  should_failslab+0x8c/0xb0
[  206.924191][T14342]  kmem_cache_alloc_noprof+0x50/0x480
[  206.924230][T14342]  ? skb_clone+0x151/0x1f0
[  206.924297][T14342]  skb_clone+0x151/0x1f0
[  206.924322][T14342]  __netlink_deliver_tap+0x2c9/0x500
[  206.924377][T14342]  ? netlink_attachskb+0x2cc/0x650
[  206.924473][T14342]  netlink_sendskb+0x126/0x150
[  206.924504][T14342]  netlink_unicast+0x2a2/0x690
[  206.924547][T14342]  netlink_ack+0x4c8/0x500
[  206.924624][T14342]  netlink_rcv_skb+0x192/0x220
[  206.924783][T14342]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  206.924823][T14342]  rtnetlink_rcv+0x1c/0x30
[  206.924845][T14342]  netlink_unicast+0x5c0/0x690
[  206.924933][T14342]  netlink_sendmsg+0x58b/0x6b0
[  206.925031][T14342]  ? __pfx_netlink_sendmsg+0x10/0x10
[  206.925053][T14342]  __sock_sendmsg+0x145/0x180
[  206.925086][T14342]  ____sys_sendmsg+0x31e/0x4e0
[  206.925108][T14342]  ___sys_sendmsg+0x17b/0x1d0
[  206.925179][T14342]  __x64_sys_sendmsg+0xd4/0x160
[  206.925228][T14342]  x64_sys_call+0x191e/0x3000
[  206.925330][T14342]  do_syscall_64+0xd2/0x200
[  206.925358][T14342]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  206.925397][T14342]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  206.925498][T14342]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  206.925519][T14342] RIP: 0033:0x7f2a17f8f6c9
[  206.925538][T14342] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  206.925563][T14342] RSP: 002b:00007f2a169ef038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  206.925584][T14342] RAX: ffffffffffffffda RBX: 00007f2a181e5fa0 RCX: 00007f2a17f8f6c9
[  206.925602][T14342] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000006
[  206.925619][T14342] RBP: 00007f2a169ef090 R08: 0000000000000000 R09: 0000000000000000
[  206.925636][T14342] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  206.925653][T14342] R13: 00007f2a181e6038 R14: 00007f2a181e5fa0 R15: 00007ffe6d6e32b8
[  206.925718][T14342]  </TASK>
[  207.766192][T14422] loop1: detected capacity change from 0 to 1024
[  207.793548][T14422] EXT4-fs: Ignoring removed orlov option
[  207.853216][T14307] loop4: detected capacity change from 0 to 512
[  207.885179][T14307] ext4 filesystem being mounted at /120/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  207.916079][   T29] kauditd_printk_skb: 109 callbacks suppressed
[  207.916100][   T29] audit: type=1400 audit(1762495298.685:9223): avc:  denied  { read } for  pid=14468 comm="syz.2.3575" path="socket:[43652]" dev="sockfs" ino=43652 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  207.965768][T14477] loop2: detected capacity change from 0 to 1024
[  207.977439][T14477] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  207.994872][   T29] audit: type=1400 audit(1762495298.775:9224): avc:  denied  { ioctl } for  pid=14479 comm="syz.3.3577" path="/dev/input/event2" dev="devtmpfs" ino=245 ioctlcmd=0x4590 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  208.021738][T14480] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3577'.
[  208.039167][T14482] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3577'.
[  208.051121][T14477] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 2: comm syz.2.3576: lblock 2 mapped to illegal pblock 2 (length 1)
[  208.074750][T14477] Quota error (device loop2): qtree_write_dquot: dquota write failed
[  208.088520][T14477] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 48: comm syz.2.3576: lblock 0 mapped to illegal pblock 48 (length 1)
[  208.118282][T14477] Quota error (device loop2): v2_write_file_info: Can't write info structure
[  208.127358][T14477] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.3576: Failed to acquire dquot type 0
[  208.176004][T14486] loop3: detected capacity change from 0 to 1024
[  208.182681][T14477] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  208.198711][T14486] EXT4-fs: Ignoring removed orlov option
[  208.211407][T14477] EXT4-fs error (device loop2): ext4_evict_inode:254: inode #11: comm syz.2.3576: mark_inode_dirty error
[  208.228352][T14477] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  208.238650][T14477] EXT4-fs (loop2): 1 orphan inode deleted
[  208.249500][T14489] 9pnet_fd: Insufficient options for proto=fd
[  208.258433][ T6820] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:16: lblock 1 mapped to illegal pblock 1 (length 1)
[  208.302895][ T6820] Quota error (device loop2): remove_tree: Can't read quota data block 1
[  208.311489][ T6820] EXT4-fs error (device loop2): ext4_release_dquot:6981: comm kworker/u8:16: Failed to release dquot type 0
[  208.344006][T14494] loop1: detected capacity change from 0 to 512
[  208.362916][T14494] ext4 filesystem being mounted at /67/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  208.378512][T14497] EXT4-fs (loop2): stripe (248) is not aligned with cluster size (4096), stripe is disabled
[  208.390721][T14497] EXT4-fs (loop2): can't enable nombcache during remount
[  208.407823][   T29] audit: type=1326 audit(1762495299.185:9225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14499 comm="syz.4.3583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62edb0f6c9 code=0x7ffc0000
[  208.463601][   T29] audit: type=1326 audit(1762495299.195:9226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14499 comm="syz.4.3583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62edb0f6c9 code=0x7ffc0000
[  208.471493][T14502] loop1: detected capacity change from 0 to 1024
[  208.487263][   T29] audit: type=1326 audit(1762495299.195:9227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14499 comm="syz.4.3583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f62edb0f6c9 code=0x7ffc0000
[  208.496400][T14503] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3583'.
[  208.517105][   T29] audit: type=1326 audit(1762495299.195:9228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14499 comm="syz.4.3583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62edb0f6c9 code=0x7ffc0000
[  208.517214][   T29] audit: type=1326 audit(1762495299.195:9229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14499 comm="syz.4.3583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f62edb0f6c9 code=0x7ffc0000
[  208.526184][T14503] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3583'.
[  208.588596][T14502] EXT4-fs: Ignoring removed orlov option
[  208.820291][T14511] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3586'.
[  208.832367][T12221] EXT4-fs error (device loop2): __ext4_get_inode_loc:4832: comm syz-executor: Invalid inode table block 1 in block_group 0
[  208.845698][T12221] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  208.868036][T14517] loop0: detected capacity change from 0 to 128
[  208.875446][T12221] EXT4-fs error (device loop2): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[  208.911130][T14511] vlan2: entered allmulticast mode
[  208.921145][T14519] vhci_hcd: invalid port number 96
[  208.926368][T14519] vhci_hcd: default hub control req: 2000 vfffc i0060 l7
[  208.973489][T14521] loop3: detected capacity change from 0 to 1024
[  209.008463][T14521] EXT4-fs: Ignoring removed orlov option
[  209.011096][T14525] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  209.026111][T14525] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  209.037696][T14525] loop9: detected capacity change from 0 to 7
[  209.070010][T14528] lo speed is unknown, defaulting to 1000
[  209.191904][T14538] loop9: detected capacity change from 0 to 7
[  209.198295][T14538] Buffer I/O error on dev loop9, logical block 0, async page read
[  209.206207][T14538] Buffer I/O error on dev loop9, logical block 0, async page read
[  209.214142][T14538]  loop9: unable to read partition table
[  209.245178][T14546] loop2: detected capacity change from 0 to 128
[  209.273402][T14538] loop_reread_partitions: partition scan of loop9 (þ被xüŸÑø éÚ¬§½dG¤´à–ƒÝ¡¯ �â·û
[  209.273402][T14538] 
) failed (rc=-5)
[  209.516698][T14561] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3599'.
[  209.569138][T14564] netlink: 'syz.2.3603': attribute type 1 has an invalid length.
[  209.577061][T14564] netlink: 224 bytes leftover after parsing attributes in process `syz.2.3603'.
[  209.832624][T14593] netlink: 'syz.0.3614': attribute type 1 has an invalid length.
[  209.840455][T14593] netlink: 224 bytes leftover after parsing attributes in process `syz.0.3614'.
[  210.069652][T14602] program syz.0.3617 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  210.152054][T14606] loop0: detected capacity change from 0 to 512
[  210.182734][T14606] ext4 filesystem being mounted at /67/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  210.190613][T14612] loop3: detected capacity change from 0 to 128
[  210.217523][T14612] EXT4-fs: Ignoring removed nobh option
[  210.246653][T14612] ext4 filesystem being mounted at /110/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  210.270348][T14617] netlink: 'syz.1.3622': attribute type 46 has an invalid length.
[  210.278237][T14617] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3622'.
[  210.344750][T14626] netlink: 'syz.0.3625': attribute type 1 has an invalid length.
[  210.352782][T14626] netlink: 224 bytes leftover after parsing attributes in process `syz.0.3625'.
[  210.369431][T14623] bridge: RTM_NEWNEIGH with invalid ether address
[  210.393665][T14621] IPVS: set_ctl: invalid protocol: 44 224.0.0.2:20001
[  210.453991][T14638] loop0: detected capacity change from 0 to 1024
[  210.485241][T14638] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  210.573784][T14638] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #3: block 2: comm syz.0.3628: lblock 2 mapped to illegal pblock 2 (length 1)
[  210.596224][T14638] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #3: block 48: comm syz.0.3628: lblock 0 mapped to illegal pblock 48 (length 1)
[  210.625536][T14638] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.3628: Failed to acquire dquot type 0
[  210.645509][T14638] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  210.660131][T14638] EXT4-fs error (device loop0): ext4_evict_inode:254: inode #11: comm syz.0.3628: mark_inode_dirty error
[  210.671713][T14638] EXT4-fs warning (device loop0): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  210.682028][T14638] EXT4-fs (loop0): 1 orphan inode deleted
[  210.694278][T14658] loop4: detected capacity change from 0 to 1024
[  210.708917][ T6809] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:13: lblock 1 mapped to illegal pblock 1 (length 1)
[  210.727646][T14658] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  210.737191][ T6809] EXT4-fs error (device loop0): ext4_release_dquot:6981: comm kworker/u8:13: Failed to release dquot type 0
[  210.752576][T14638] EXT4-fs (loop0): stripe (248) is not aligned with cluster size (4096), stripe is disabled
[  210.764256][T14658] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 2: comm syz.4.3629: lblock 2 mapped to illegal pblock 2 (length 1)
[  210.778741][T14638] EXT4-fs (loop0): can't enable nombcache during remount
[  210.789135][T14658] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 48: comm syz.4.3629: lblock 0 mapped to illegal pblock 48 (length 1)
[  210.830862][T13219] EXT4-fs error (device loop0): __ext4_get_inode_loc:4832: comm syz-executor: Invalid inode table block 1 in block_group 0
[  210.843890][T14658] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.3629: Failed to acquire dquot type 0
[  210.858796][T13219] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  210.868531][T14658] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  210.878127][T14658] EXT4-fs error (device loop4): ext4_evict_inode:254: inode #11: comm syz.4.3629: mark_inode_dirty error
[  210.889569][T13219] EXT4-fs error (device loop0): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[  210.901517][T14658] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  210.926364][T14658] EXT4-fs (loop4): 1 orphan inode deleted
[  210.934463][T14674] loop0: detected capacity change from 0 to 128
[  210.948352][ T6805] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:11: lblock 1 mapped to illegal pblock 1 (length 1)
[  210.983181][ T6805] EXT4-fs error (device loop4): ext4_release_dquot:6981: comm kworker/u8:11: Failed to release dquot type 0
[  211.005891][T14658] EXT4-fs (loop4): stripe (248) is not aligned with cluster size (4096), stripe is disabled
[  211.029448][T14658] EXT4-fs (loop4): can't enable nombcache during remount
[  211.138288][T12516] EXT4-fs error (device loop4): __ext4_get_inode_loc:4832: comm syz-executor: Invalid inode table block 1 in block_group 0
[  211.153351][T12516] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  211.164176][T12516] EXT4-fs error (device loop4): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[  211.166218][T14701] vlan2: entered allmulticast mode
[  211.200413][T14704] loop4: detected capacity change from 0 to 1024
[  211.215594][T14704] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  211.220212][T14706] loop0: detected capacity change from 0 to 128
[  211.239332][T14704] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 2: comm syz.4.3650: lblock 2 mapped to illegal pblock 2 (length 1)
[  211.253849][T14709] loop1: detected capacity change from 0 to 2048
[  211.254198][T14704] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 48: comm syz.4.3650: lblock 0 mapped to illegal pblock 48 (length 1)
[  211.274844][T14704] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.3650: Failed to acquire dquot type 0
[  211.286415][T14704] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  211.296188][T14704] EXT4-fs error (device loop4): ext4_evict_inode:254: inode #11: comm syz.4.3650: mark_inode_dirty error
[  211.310466][T14704] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  211.320890][T14704] EXT4-fs (loop4): 1 orphan inode deleted
[  211.336312][T14709] EXT4-fs error (device loop1): ext4_ext_precache:632: inode #2: comm syz.1.3653: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5)
[  211.367615][   T12] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:0: lblock 1 mapped to illegal pblock 1 (length 1)
[  211.382141][T14713] loop0: detected capacity change from 0 to 512
[  211.408062][   T12] EXT4-fs error (device loop4): ext4_release_dquot:6981: comm kworker/u8:0: Failed to release dquot type 0
[  211.439294][T14713] ext4 filesystem being mounted at /74/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  211.587705][T14727] loop2: detected capacity change from 0 to 1024
[  211.614985][T14727] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  211.638964][T14727] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 2: comm syz.2.3659: lblock 2 mapped to illegal pblock 2 (length 1)
[  211.658149][T14727] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 48: comm syz.2.3659: lblock 0 mapped to illegal pblock 48 (length 1)
[  211.659428][T14704] EXT4-fs (loop4): stripe (248) is not aligned with cluster size (4096), stripe is disabled
[  211.683082][T14727] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.3659: Failed to acquire dquot type 0
[  211.715250][T14704] EXT4-fs (loop4): can't enable nombcache during remount
[  211.718275][T14727] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  211.749959][T14727] EXT4-fs error (device loop2): ext4_evict_inode:254: inode #11: comm syz.2.3659: mark_inode_dirty error
[  211.778609][T14727] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  211.805305][T14727] EXT4-fs (loop2): 1 orphan inode deleted
[  211.821403][   T12] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:0: lblock 1 mapped to illegal pblock 1 (length 1)
[  211.851133][T14735] bond1: option all_slaves_active: invalid value (5)
[  211.861942][T14735] bond1 (unregistering): Released all slaves
[  211.868318][   T12] EXT4-fs error (device loop2): ext4_release_dquot:6981: comm kworker/u8:0: Failed to release dquot type 0
[  211.903950][T14737] bond1: option all_slaves_active: invalid value (5)
[  211.910926][T14740] loop0: detected capacity change from 0 to 2048
[  211.912873][T12516] EXT4-fs error (device loop4): __ext4_get_inode_loc:4832: comm syz-executor: Invalid inode table block 1 in block_group 0
[  211.931268][T12516] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  211.941897][T14737] bond1 (unregistering): Released all slaves
[  211.952581][T12516] EXT4-fs error (device loop4): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[  211.970451][T14727] EXT4-fs (loop2): stripe (248) is not aligned with cluster size (4096), stripe is disabled
[  211.980734][T14740] EXT4-fs error (device loop0): ext4_ext_precache:632: inode #2: comm syz.0.3662: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5)
[  211.998680][T14727] EXT4-fs (loop2): can't enable nombcache during remount
[  212.039674][T14748] loop1: detected capacity change from 0 to 512
[  212.039906][T12221] EXT4-fs error (device loop2): __ext4_get_inode_loc:4832: comm syz-executor: Invalid inode table block 1 in block_group 0
[  212.059396][T12221] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  212.069236][T12221] EXT4-fs error (device loop2): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[  212.091055][T14748] ext4 filesystem being mounted at /84/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  212.094244][T14751] loop3: detected capacity change from 0 to 1024
[  212.147737][T14751] EXT4-fs: Ignoring removed orlov option
[  212.178754][T14766] loop2: detected capacity change from 0 to 128
[  212.319544][T14782] loop2: detected capacity change from 0 to 128
[  212.465294][T14787] loop4: detected capacity change from 0 to 512
[  212.469040][T14771] lo speed is unknown, defaulting to 1000
[  212.489998][T14787] ext4 filesystem being mounted at /132/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  212.568148][T14794] loop0: detected capacity change from 0 to 512
[  212.591876][T14794] ext4 filesystem being mounted at /82/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  212.892929][T14809] loop4: detected capacity change from 0 to 128
[  212.962449][T14826] loop4: detected capacity change from 0 to 512
[  212.995990][T14826] ext4 filesystem being mounted at /135/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  213.022549][   T29] kauditd_printk_skb: 211 callbacks suppressed
[  213.022567][   T29] audit: type=1400 audit(1762495303.806:9429): avc:  denied  { listen } for  pid=14836 comm="syz.0.3696" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  213.050153][T14837] __nla_validate_parse: 3 callbacks suppressed
[  213.050185][T14837] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3696'.
[  213.079935][   T29] audit: type=1326 audit(1762495303.816:9430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14834 comm="syz.1.3695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f761fa5f6c9 code=0x7ffc0000
[  213.103572][   T29] audit: type=1326 audit(1762495303.816:9431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14834 comm="syz.1.3695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f761fa5f6c9 code=0x7ffc0000
[  213.127239][   T29] audit: type=1326 audit(1762495303.816:9432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14834 comm="syz.1.3695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f761fa5f6c9 code=0x7ffc0000
[  213.151239][   T29] audit: type=1326 audit(1762495303.816:9433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14834 comm="syz.1.3695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f761fa5f6c9 code=0x7ffc0000
[  213.174785][   T29] audit: type=1326 audit(1762495303.816:9434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14834 comm="syz.1.3695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f761fa5f6c9 code=0x7ffc0000
[  213.198440][   T29] audit: type=1326 audit(1762495303.816:9435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14834 comm="syz.1.3695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f761fa5f6c9 code=0x7ffc0000
[  213.222101][   T29] audit: type=1326 audit(1762495303.816:9436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14834 comm="syz.1.3695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=193 compat=0 ip=0x7f761fa5f6c9 code=0x7ffc0000
[  213.245802][   T29] audit: type=1326 audit(1762495303.816:9437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14834 comm="syz.1.3695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f761fa5f6c9 code=0x7ffc0000
[  213.269336][   T29] audit: type=1326 audit(1762495303.816:9438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14834 comm="syz.1.3695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f761fa615e7 code=0x7ffc0000
[  213.281169][T14846] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3699'.
[  213.308487][T14849] bridge0: port 3(macsec1) entered blocking state
[  213.314990][T14849] bridge0: port 3(macsec1) entered disabled state
[  213.321778][T14849] macsec1: entered allmulticast mode
[  213.348570][T14854] loop0: detected capacity change from 0 to 128
[  213.355190][T14849] macsec1: left allmulticast mode
[  213.363029][T14855] loop1: detected capacity change from 0 to 256
[  213.369715][T14855] vfat: Unknown parameter '@'
[  213.446858][T14847] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3697'.
[  213.455949][T14847] hsr_slave_0: left promiscuous mode
[  213.462015][T14847] hsr_slave_1: left promiscuous mode
[  213.470054][T14865] loop2: detected capacity change from 0 to 2048
[  213.502625][T14868] loop0: detected capacity change from 0 to 512
[  213.513353][T14865] EXT4-fs error (device loop2): ext4_ext_precache:632: inode #2: comm syz.2.3706: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5)
[  213.545917][T14868] ext4 filesystem being mounted at /89/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  213.638265][T14877] loop2: detected capacity change from 0 to 128
[  213.645171][T14877] FAT-fs (loop2): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  213.674343][T14879] netlink: 64 bytes leftover after parsing attributes in process `syz.0.3710'.
[  213.807232][T14886] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3709'.
[  214.763271][  T416] bio_check_eod: 256 callbacks suppressed
[  214.763287][  T416] kworker/u8:6: attempt to access beyond end of device
[  214.763287][  T416] loop2: rw=1, sector=193, nr_sectors = 8 limit=128
[  214.832395][  T416] kworker/u8:6: attempt to access beyond end of device
[  214.832395][  T416] loop2: rw=1, sector=209, nr_sectors = 8 limit=128
[  214.919294][  T416] kworker/u8:6: attempt to access beyond end of device
[  214.919294][  T416] loop2: rw=1, sector=225, nr_sectors = 8 limit=128
[  214.957786][  T416] kworker/u8:6: attempt to access beyond end of device
[  214.957786][  T416] loop2: rw=1, sector=241, nr_sectors = 8 limit=128
[  214.971369][  T416] kworker/u8:6: attempt to access beyond end of device
[  214.971369][  T416] loop2: rw=1, sector=257, nr_sectors = 8 limit=128
[  214.984960][  T416] kworker/u8:6: attempt to access beyond end of device
[  214.984960][  T416] loop2: rw=1, sector=273, nr_sectors = 8 limit=128
[  214.998495][  T416] kworker/u8:6: attempt to access beyond end of device
[  214.998495][  T416] loop2: rw=1, sector=289, nr_sectors = 8 limit=128
[  215.012267][  T416] kworker/u8:6: attempt to access beyond end of device
[  215.012267][  T416] loop2: rw=1, sector=305, nr_sectors = 8 limit=128
[  215.025761][  T416] kworker/u8:6: attempt to access beyond end of device
[  215.025761][  T416] loop2: rw=1, sector=321, nr_sectors = 8 limit=128
[  215.039642][  T416] kworker/u8:6: attempt to access beyond end of device
[  215.039642][  T416] loop2: rw=1, sector=337, nr_sectors = 8 limit=128
[  215.055231][  T416] FAT-fs (loop2): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  215.071143][T14909] loop1: detected capacity change from 0 to 512
[  215.077910][T14909] msdos: Unknown parameter 'd0000000000000000010'
[  215.134177][T14917] loop9: detected capacity change from 0 to 7
[  215.142072][T14917] Buffer I/O error on dev loop9, logical block 0, async page read
[  215.158095][T14917] Buffer I/O error on dev loop9, logical block 0, async page read
[  215.165980][T14917]  loop9: unable to read partition table
[  215.173103][T14917] loop_reread_partitions: partition scan of loop9 (þ被xüŸÑø éÚ¬§½dG¤´à–ƒÝ¡¯ �â·û
[  215.173103][T14917] 
) failed (rc=-5)
[  215.267913][T14925] loop9: detected capacity change from 0 to 7
[  215.274205][T14925] Buffer I/O error on dev loop9, logical block 0, async page read
[  215.288289][T14925] Buffer I/O error on dev loop9, logical block 0, async page read
[  215.296283][T14925]  loop9: unable to read partition table
[  215.324877][T14925] loop_reread_partitions: partition scan of loop9 (þ被xüŸÑø éÚ¬§½dG¤´à–ƒÝ¡¯ �â·û
[  215.324877][T14925] 
) failed (rc=-5)
[  215.362518][T14942] loop2: detected capacity change from 0 to 512
[  215.374151][T14942] EXT4-fs warning (device loop2): ext4_xattr_inode_get:560: inode #11: comm syz.2.3730: EA inode hash validation failed
[  215.412942][T14942] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #15: comm syz.2.3730: corrupted inode contents
[  215.436182][T14942] EXT4-fs error (device loop2): ext4_dirty_inode:6517: inode #15: comm syz.2.3730: mark_inode_dirty error
[  215.467403][T14942] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #15: comm syz.2.3730: corrupted inode contents
[  215.528722][T14942] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2996: inode #15: comm syz.2.3730: mark_inode_dirty error
[  215.551924][T14942] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2999: inode #15: comm syz.2.3730: mark inode dirty (error -117)
[  215.567235][T14963] netlink: 96 bytes leftover after parsing attributes in process `syz.1.3734'.
[  215.578863][T14929] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3726'.
[  215.593437][T14942] EXT4-fs warning (device loop2): ext4_evict_inode:274: xattr delete (err -117)
[  215.593523][T14942] EXT4-fs (loop2): 1 orphan inode deleted
[  215.644703][T14969] loop0: detected capacity change from 0 to 512
[  215.659847][T14969] ext4 filesystem being mounted at /99/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  215.967425][T14977] loop9: detected capacity change from 0 to 7
[  215.989885][T14977] Buffer I/O error on dev loop9, logical block 0, async page read
[  216.010963][T14977] Buffer I/O error on dev loop9, logical block 0, async page read
[  216.011049][T14977]  loop9: unable to read partition table
[  216.011077][T14977] loop_reread_partitions: partition scan of loop9 (þ被xüŸÑø éÚ¬§½dG¤´à–ƒÝ¡¯ �â·û
[  216.011077][T14977] 
) failed (rc=-5)
[  216.204126][T14986] loop3: detected capacity change from 0 to 1024
[  216.204374][T14986] EXT4-fs: Ignoring removed orlov option
[  216.399387][T15004] netlink: 'syz.0.3747': attribute type 1 has an invalid length.
[  216.399403][T15004] netlink: 224 bytes leftover after parsing attributes in process `syz.0.3747'.
[  216.454189][T15010] loop0: detected capacity change from 0 to 512
[  216.485744][T15010] ext4 filesystem being mounted at /105/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  216.585307][T15016] loop4: detected capacity change from 0 to 2048
[  216.857079][T15032] loop1: detected capacity change from 0 to 2048
[  216.881874][T15037] loop3: detected capacity change from 0 to 512
[  216.894274][T15029] loop4: detected capacity change from 0 to 128
[  216.895482][T15037] EXT4-fs: Ignoring removed i_version option
[  216.906852][T15037] EXT4-fs: Ignoring removed bh option
[  216.910629][T15029] Buffer I/O error on dev loop4, logical block 79, lost async page write
[  216.921085][T15029] Buffer I/O error on dev loop4, logical block 80, lost async page write
[  216.930602][T15029] Buffer I/O error on dev loop4, logical block 83, lost async page write
[  216.939150][T15029] Buffer I/O error on dev loop4, logical block 84, lost async page write
[  216.940264][T15039] loop0: detected capacity change from 0 to 128
[  216.954483][T15032] EXT4-fs error (device loop1): ext4_ext_precache:632: inode #2: comm syz.1.3756: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5)
[  216.972980][T15043] hub 2-0:1.0: USB hub found
[  216.977833][T15043] hub 2-0:1.0: 8 ports detected
[  216.984442][T15037] ext4 filesystem being mounted at /133/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  217.052018][T15051] loop0: detected capacity change from 0 to 512
[  217.065370][T15051] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  217.077916][T15051] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a84ee01c, mo2=0002]
[  217.090919][T15051] System zones: 1-12
[  217.094934][T15051] EXT4-fs (loop0): orphan cleanup on readonly fs
[  217.101638][T15051] EXT4-fs error (device loop0): __ext4_iget:5443: inode #11: block 1296: comm syz.0.3761: invalid block
[  217.113897][T15051] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.3761: couldn't read orphan inode 11 (err -117)
[  217.137724][T15051] netlink: 176 bytes leftover after parsing attributes in process `syz.0.3761'.
[  217.180346][T15059] loop1: detected capacity change from 0 to 2048
[  217.421956][T15092] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  217.549380][T15098] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  217.599951][T15106] loop4: detected capacity change from 0 to 512
[  217.617731][T15106] EXT4-fs (loop4): orphan cleanup on readonly fs
[  217.631562][T15106] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.3782: Failed to acquire dquot type 1
[  217.658284][T15106] EXT4-fs (loop4): 1 truncate cleaned up
[  217.812490][T15142] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3795'.
[  217.830430][T15129] netlink: 'syz.1.3792': attribute type 1 has an invalid length.
[  217.903399][T15156] FAULT_INJECTION: forcing a failure.
[  217.903399][T15156] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  217.916520][T15156] CPU: 0 UID: 0 PID: 15156 Comm: syz.1.3802 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  217.916552][T15156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  217.916616][T15156] Call Trace:
[  217.916623][T15156]  <TASK>
[  217.916630][T15156]  __dump_stack+0x1d/0x30
[  217.916660][T15156]  dump_stack_lvl+0xe8/0x140
[  217.916685][T15156]  dump_stack+0x15/0x1b
[  217.916706][T15156]  should_fail_ex+0x265/0x280
[  217.916731][T15156]  should_fail+0xb/0x20
[  217.916765][T15156]  should_fail_usercopy+0x1a/0x20
[  217.916790][T15156]  _copy_from_user+0x1c/0xb0
[  217.916821][T15156]  do_fcntl+0x5f9/0xdf0
[  217.916844][T15156]  ? selinux_file_fcntl+0x1cb/0x1e0
[  217.916884][T15156]  __se_sys_fcntl+0xb1/0x120
[  217.916984][T15156]  __x64_sys_fcntl+0x43/0x50
[  217.917005][T15156]  x64_sys_call+0x29a4/0x3000
[  217.917107][T15156]  do_syscall_64+0xd2/0x200
[  217.917135][T15156]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  217.917214][T15156]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  217.917298][T15156]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.917326][T15156] RIP: 0033:0x7f761fa5f6c9
[  217.917345][T15156] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  217.917369][T15156] RSP: 002b:00007f761e4c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000048
[  217.917415][T15156] RAX: ffffffffffffffda RBX: 00007f761fcb5fa0 RCX: 00007f761fa5f6c9
[  217.917432][T15156] RDX: 00002000000001c0 RSI: 0000000000000005 RDI: 0000000000000003
[  217.917449][T15156] RBP: 00007f761e4c7090 R08: 0000000000000000 R09: 0000000000000000
[  217.917531][T15156] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  217.917551][T15156] R13: 00007f761fcb6038 R14: 00007f761fcb5fa0 R15: 00007ffd9c052608
[  217.917577][T15156]  </TASK>
[  218.096005][   T29] kauditd_printk_skb: 336 callbacks suppressed
[  218.096097][   T29] audit: type=1400 audit(1762495308.676:9773): avc:  denied  { lock } for  pid=15155 comm="syz.1.3802" path="socket:[44872]" dev="sockfs" ino=44872 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  218.142431][T15159] loop4: detected capacity change from 0 to 2048
[  218.184592][T15169] serio: Serial port ptm0
[  218.254458][   T29] audit: type=1400 audit(1762495309.016:9774): avc:  denied  { write } for  pid=15175 comm="syz.4.3809" path="socket:[45637]" dev="sockfs" ino=45637 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  218.333052][   T29] audit: type=1400 audit(1762495309.076:9775): avc:  denied  { ioctl } for  pid=15179 comm="syz.3.3810" path="socket:[45652]" dev="sockfs" ino=45652 ioctlcmd=0x8935 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  218.407638][   T29] audit: type=1326 audit(1762495309.176:9776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15189 comm="syz.3.3812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a17f8f6c9 code=0x7ffc0000
[  218.431260][   T29] audit: type=1326 audit(1762495309.176:9777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15189 comm="syz.3.3812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a17f8f6c9 code=0x7ffc0000
[  218.455468][   T29] audit: type=1326 audit(1762495309.176:9778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15189 comm="syz.3.3812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=26 compat=0 ip=0x7f2a17f8f6c9 code=0x7ffc0000
[  218.478947][   T29] audit: type=1326 audit(1762495309.176:9779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15189 comm="syz.3.3812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a17f8f6c9 code=0x7ffc0000
[  218.503647][   T29] audit: type=1326 audit(1762495309.176:9780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15189 comm="syz.3.3812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a17f8f6c9 code=0x7ffc0000
[  218.529846][T15194] FAULT_INJECTION: forcing a failure.
[  218.529846][T15194] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  218.543078][T15194] CPU: 0 UID: 0 PID: 15194 Comm: syz.4.3811 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  218.543112][T15194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  218.543129][T15194] Call Trace:
[  218.543137][T15194]  <TASK>
[  218.543146][T15194]  __dump_stack+0x1d/0x30
[  218.543171][T15194]  dump_stack_lvl+0xe8/0x140
[  218.543191][T15194]  dump_stack+0x15/0x1b
[  218.543211][T15194]  should_fail_ex+0x265/0x280
[  218.543307][T15194]  should_fail+0xb/0x20
[  218.543323][T15194]  should_fail_usercopy+0x1a/0x20
[  218.543376][T15194]  _copy_to_user+0x20/0xa0
[  218.543404][T15194]  simple_read_from_buffer+0xb5/0x130
[  218.543429][T15194]  proc_fail_nth_read+0x10e/0x150
[  218.543465][T15194]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  218.543548][T15194]  vfs_read+0x1a8/0x770
[  218.543571][T15194]  ? __rcu_read_unlock+0x4f/0x70
[  218.543663][T15194]  ? __fget_files+0x184/0x1c0
[  218.543714][T15194]  ksys_read+0xda/0x1a0
[  218.543739][T15194]  __x64_sys_read+0x40/0x50
[  218.543763][T15194]  x64_sys_call+0x27c0/0x3000
[  218.543797][T15194]  do_syscall_64+0xd2/0x200
[  218.543853][T15194]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  218.543962][T15194]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  218.544001][T15194]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.544029][T15194] RIP: 0033:0x7f62edb0e0dc
[  218.544050][T15194] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  218.544116][T15194] RSP: 002b:00007f62ec556030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  218.544135][T15194] RAX: ffffffffffffffda RBX: 00007f62edd66090 RCX: 00007f62edb0e0dc
[  218.544147][T15194] RDX: 000000000000000f RSI: 00007f62ec5560a0 RDI: 0000000000000007
[  218.544180][T15194] RBP: 00007f62ec556090 R08: 0000000000000000 R09: 0000000000000000
[  218.544197][T15194] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  218.544285][T15194] R13: 00007f62edd66128 R14: 00007f62edd66090 R15: 00007ffecd37d8b8
[  218.544305][T15194]  </TASK>
[  218.567572][   T29] audit: type=1326 audit(1762495309.186:9781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15189 comm="syz.3.3812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f2a17f8f6c9 code=0x7ffc0000
[  218.584683][T15198] loop0: detected capacity change from 0 to 512
[  218.586782][   T29] audit: type=1326 audit(1762495309.186:9782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15189 comm=FF exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a17f8f6c9 code=0x7ffc0000
[  218.599704][T15198] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  218.839487][T15198] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.3813: Invalid block bitmap block 0 in block_group 0
[  218.947462][T15198] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  219.057602][T15198] EXT4-fs error (device loop0): ext4_clear_blocks:876: inode #11: comm syz.0.3813: attempt to clear invalid blocks 983261 len 1
[  219.131842][T15198] EXT4-fs error (device loop0): __ext4_get_inode_loc:4832: comm syz.0.3813: Invalid inode table block 0 in block_group 0
[  219.132405][T15211] loop3: detected capacity change from 0 to 2048
[  219.196547][T15211] EXT4-fs mount: 93 callbacks suppressed
[  219.196563][T15211] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  219.268162][T15198] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  219.319853][T12770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  219.357831][T15198] EXT4-fs error (device loop0) in ext4_orphan_del:301: Corrupt filesystem
[  219.400872][T15198] EXT4-fs error (device loop0): __ext4_get_inode_loc:4832: comm syz.0.3813: Invalid inode table block 0 in block_group 0
[  219.410565][T15218] loop3: detected capacity change from 0 to 512
[  219.454924][T15218] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3821: bg 0: block 248: padding at end of block bitmap is not set
[  219.507907][T15218] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.3821: Failed to acquire dquot type 1
[  219.537554][T15198] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  219.557695][T15198] EXT4-fs error (device loop0): ext4_truncate:4637: inode #11: comm syz.0.3813: mark_inode_dirty error
[  219.577887][T15218] EXT4-fs (loop3): 1 truncate cleaned up
[  219.583972][T15218] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  219.624770][T15218] ext4 filesystem being mounted at /154/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  219.637498][T15198] EXT4-fs error (device loop0) in ext4_process_orphan:343: Corrupt filesystem
[  219.647752][T15198] EXT4-fs error (device loop0): __ext4_get_inode_loc:4832: comm syz.0.3813: Invalid inode table block 0 in block_group 0
[  219.673235][T15218] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.3821: Failed to acquire dquot type 1
[  219.694743][T15198] EXT4-fs (loop0): 1 truncate cleaned up
[  219.701031][T15218] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  219.708191][T15198] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  219.709383][T15218] tipc: Enabled bearer <udp:½>, priority 10
[  219.723176][T15198] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  219.740188][T15227] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.754210][T12770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  219.763737][   T12] EXT4-fs error (device loop3): ext4_release_dquot:6981: comm kworker/u8:0: Failed to release dquot type 1
[  219.792286][T15227] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.811374][T15233] loop3: detected capacity change from 0 to 1024
[  219.822000][T15197] loop0: detected capacity change from 0 to 512
[  219.828961][T15233] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  219.839677][T15197] ext4: Unknown parameter 'nouser_xattr'
[  219.849660][T15227] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.861434][T15233] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 2: comm syz.3.3824: lblock 2 mapped to illegal pblock 2 (length 1)
[  219.889624][T15227] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.899734][T15233] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 48: comm syz.3.3824: lblock 0 mapped to illegal pblock 48 (length 1)
[  219.923680][T15233] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.3824: Failed to acquire dquot type 0
[  219.936168][T15233] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  219.946721][T15233] EXT4-fs error (device loop3): ext4_evict_inode:254: inode #11: comm syz.3.3824: mark_inode_dirty error
[  219.959744][T15233] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  219.974351][T15233] EXT4-fs (loop3): 1 orphan inode deleted
[  219.980230][   T12] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  219.988595][  T416] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:6: lblock 1 mapped to illegal pblock 1 (length 1)
[  220.008917][T15233] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  220.012914][   T12] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  220.040350][   T12] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  220.050673][  T416] EXT4-fs error (device loop3): ext4_release_dquot:6981: comm kworker/u8:6: Failed to release dquot type 0
[  220.060510][   T12] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  220.108423][T15246] EXT4-fs (loop3): stripe (248) is not aligned with cluster size (4096), stripe is disabled
[  220.116228][T15247] loop2: detected capacity change from 0 to 1024
[  220.125497][T15246] EXT4-fs (loop3): can't enable nombcache during remount
[  220.125888][T15247] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  220.154042][  T416] bridge_slave_1: left allmulticast mode
[  220.159740][  T416] bridge_slave_1: left promiscuous mode
[  220.165443][  T416] bridge0: port 2(bridge_slave_1) entered disabled state
[  220.177624][T15250] loop0: detected capacity change from 0 to 512
[  220.183969][T15247] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 2: comm syz.2.3828: lblock 2 mapped to illegal pblock 2 (length 1)
[  220.184267][T15250] EXT4-fs: Ignoring removed i_version option
[  220.202843][T15247] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 48: comm syz.2.3828: lblock 0 mapped to illegal pblock 48 (length 1)
[  220.204076][T15250] EXT4-fs: Ignoring removed bh option
[  220.218531][T15247] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.3828: Failed to acquire dquot type 0
[  220.235724][T15247] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  220.237485][  T416] bridge_slave_0: left allmulticast mode
[  220.245894][T15247] EXT4-fs error (device loop2): ext4_evict_inode:254: inode #11: comm syz.2.3828: mark_inode_dirty error
[  220.250824][  T416] bridge_slave_0: left promiscuous mode
[  220.250949][  T416] bridge0: port 1(bridge_slave_0) entered disabled state
[  220.275152][T15247] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  220.285794][T15247] EXT4-fs (loop2): 1 orphan inode deleted
[  220.292329][T15247] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  220.293348][T15250] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  220.304560][ T6820] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:16: lblock 1 mapped to illegal pblock 1 (length 1)
[  220.317105][T15250] ext4 filesystem being mounted at /120/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  220.331810][T15254] loop1: detected capacity change from 0 to 2048
[  220.342118][ T6820] EXT4-fs error (device loop2): ext4_release_dquot:6981: comm kworker/u8:16: Failed to release dquot type 0
[  220.385824][T13219] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  220.422065][T15254] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  220.498624][T13009] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  220.558653][T15262] EXT4-fs (loop2): stripe (248) is not aligned with cluster size (4096), stripe is disabled
[  220.569303][T15262] EXT4-fs (loop2): can't enable nombcache during remount
[  220.596733][T15274] 9pnet_fd: Insufficient options for proto=fd
[  220.627794][T15279] loop4: detected capacity change from 0 to 512
[  220.634643][T15279] EXT4-fs: Ignoring removed i_version option
[  220.640805][T15279] EXT4-fs: Ignoring removed bh option
[  220.661595][T12770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  220.665673][T15279] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  220.683499][T15279] ext4 filesystem being mounted at /160/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  220.683553][T12770] EXT4-fs error (device loop3): __ext4_get_inode_loc:4832: comm syz-executor: Invalid inode table block 1 in block_group 0
[  220.713599][T12770] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  220.723404][T12770] EXT4-fs error (device loop3): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[  220.754889][T15285] loop3: detected capacity change from 0 to 512
[  220.763181][T15285] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  220.774795][T15285] EXT4-fs (loop3): 1 truncate cleaned up
[  220.782535][T15285] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  220.903212][T12770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  220.937996][T15293] loop3: detected capacity change from 0 to 512
[  220.961872][T15293] EXT4-fs error (device loop3): ext4_orphan_get:1418: comm syz.3.3841: bad orphan inode 11862016
[  220.973111][T15293] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  220.985797][T15293] ext4 filesystem being mounted at /158/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  220.998120][T12221] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.007617][T12221] EXT4-fs error (device loop2): __ext4_get_inode_loc:4832: comm syz-executor: Invalid inode table block 1 in block_group 0
[  221.020670][T12221] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  221.030229][T12221] EXT4-fs error (device loop2): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[  221.103125][T15300] netlink: 'syz.2.3842': attribute type 2 has an invalid length.
[  221.259648][  T416] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  221.269743][  T416] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  221.279674][  T416] bond0 (unregistering): Released all slaves
[  221.288115][T15283] netlink: 'syz.0.3839': attribute type 1 has an invalid length.
[  221.295881][T15283] __nla_validate_parse: 1 callbacks suppressed
[  221.295899][T15283] netlink: 224 bytes leftover after parsing attributes in process `syz.0.3839'.
[  221.333380][  T416] tipc: Left network mode
[  221.376699][T12516] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.394052][  T416] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  221.401589][  T416] batman_adv: batadv0: Removing interface: batadv_slave_0
[  221.417868][  T416] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  221.425310][  T416] batman_adv: batadv0: Removing interface: batadv_slave_1
[  221.434406][T15316] 9pnet_fd: Insufficient options for proto=fd
[  221.446251][  T416] veth0_macvtap: left promiscuous mode
[  221.452003][  T416] veth1_vlan: left promiscuous mode
[  221.454296][T15305] netlink: 'syz.2.3843': attribute type 1 has an invalid length.
[  221.457701][  T416] veth0_vlan: left promiscuous mode
[  221.465149][T15305] netlink: 224 bytes leftover after parsing attributes in process `syz.2.3843'.
[  221.479746][T15319] loop1: detected capacity change from 0 to 512
[  221.526820][T15319] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  221.542618][T15319] ext4 filesystem being mounted at /122/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  221.574532][T15328] netlink: 'syz.0.3851': attribute type 1 has an invalid length.
[  221.582388][T15328] netlink: 224 bytes leftover after parsing attributes in process `syz.0.3851'.
[  221.592468][T15329] program syz.2.3848 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  221.614489][T15326] loop4: detected capacity change from 0 to 2048
[  221.632742][T15326] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  221.658544][T15326] EXT4-fs error (device loop4): ext4_ext_precache:632: inode #2: comm syz.4.3850: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5)
[  221.695766][ T3395] lo speed is unknown, defaulting to 1000
[  221.701725][ T3395] infiniband syz2: ib_query_port failed (-19)
[  221.714130][T15334] vlan1: entered promiscuous mode
[  221.719361][T15334] vlan1: entered allmulticast mode
[  221.724567][T15334] veth0_vlan: entered allmulticast mode
[  221.747970][T12516] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.799539][T15339] loop0: detected capacity change from 0 to 1024
[  221.819186][T12770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  221.828343][T15339] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  221.842178][T15339] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #3: block 2: comm syz.0.3852: lblock 2 mapped to illegal pblock 2 (length 1)
[  221.856490][T15339] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #3: block 48: comm syz.0.3852: lblock 0 mapped to illegal pblock 48 (length 1)
[  221.881431][T15339] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.3852: Failed to acquire dquot type 0
[  221.893465][T15339] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  221.905345][T15339] EXT4-fs error (device loop0): ext4_evict_inode:254: inode #11: comm syz.0.3852: mark_inode_dirty error
[  221.921224][T15339] EXT4-fs warning (device loop0): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  221.931527][T15339] EXT4-fs (loop0): 1 orphan inode deleted
[  221.937829][T15339] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  221.950092][ T6820] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:16: lblock 1 mapped to illegal pblock 1 (length 1)
[  221.975549][ T6820] EXT4-fs error (device loop0): ext4_release_dquot:6981: comm kworker/u8:16: Failed to release dquot type 0
[  222.016651][T13009] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.051143][T15359] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  222.068795][T15355] netlink: 'syz.3.3859': attribute type 1 has an invalid length.
[  222.076551][T15359] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  222.076653][T15355] netlink: 224 bytes leftover after parsing attributes in process `syz.3.3859'.
[  222.186325][T15364] EXT4-fs (loop0): stripe (248) is not aligned with cluster size (4096), stripe is disabled
[  222.200819][T15364] EXT4-fs (loop0): can't enable nombcache during remount
[  222.376519][T15381] loop2: detected capacity change from 0 to 1024
[  222.383354][T15381] EXT4-fs: Ignoring removed orlov option
[  222.391410][T15381] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  222.584092][T12221] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.621305][T15392] loop2: detected capacity change from 0 to 128
[  222.643334][T15393] loop3: detected capacity change from 0 to 1024
[  222.677517][T15393] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  222.703301][T15393] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.3869: Invalid block bitmap block 0 in block_group 0
[  222.727751][T15393] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.3869: Failed to acquire dquot type 0
[  222.783971][T15393] EXT4-fs error (device loop3): ext4_free_blocks:6706: comm syz.3.3869: Freeing blocks not in datazone - block = 0, count = 4096
[  222.820868][T13219] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.848080][T15393] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.3869: Invalid inode bitmap blk 0 in block_group 0
[  222.875822][ T6820] EXT4-fs error (device loop3): ext4_release_dquot:6981: comm kworker/u8:16: Failed to release dquot type 0
[  222.900030][T15393] EXT4-fs error (device loop3) in ext4_free_inode:361: Corrupt filesystem
[  222.929503][T13219] EXT4-fs error (device loop0): __ext4_get_inode_loc:4832: comm syz-executor: Invalid inode table block 1 in block_group 0
[  222.949636][T15393] EXT4-fs (loop3): 1 orphan inode deleted
[  222.967612][T13219] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  222.977544][T15393] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  222.992553][T13219] EXT4-fs error (device loop0): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[  223.038666][T12770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.096524][T15427] loop2: detected capacity change from 0 to 128
[  223.139114][T15431] netlink: 'syz.3.3885': attribute type 1 has an invalid length.
[  223.146886][T15431] netlink: 224 bytes leftover after parsing attributes in process `syz.3.3885'.
[  223.185719][T15442] loop0: detected capacity change from 0 to 1024
[  223.264016][T15447] loop3: detected capacity change from 0 to 2048
[  223.289122][T15442] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  223.309731][T15448] loop2: detected capacity change from 0 to 2048
[  223.321892][T15448] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  223.334749][T15447] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  223.348605][T15442] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #3: block 2: comm syz.0.3888: lblock 2 mapped to illegal pblock 2 (length 1)
[  223.373168][T15442] __quota_error: 226 callbacks suppressed
[  223.373187][T15442] Quota error (device loop0): qtree_write_dquot: dquota write failed
[  223.389758][T15442] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #3: block 48: comm syz.0.3888: lblock 0 mapped to illegal pblock 48 (length 1)
[  223.397245][T15448] EXT4-fs error (device loop2): ext4_ext_precache:632: inode #2: comm syz.2.3889: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5)
[  223.404806][T15442] Quota error (device loop0): v2_write_file_info: Can't write info structure
[  223.430327][T15442] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.3888: Failed to acquire dquot type 0
[  223.455106][T15442] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  223.464988][T15442] EXT4-fs error (device loop0): ext4_evict_inode:254: inode #11: comm syz.0.3888: mark_inode_dirty error
[  223.477222][T15442] EXT4-fs warning (device loop0): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  223.487588][T15442] EXT4-fs (loop0): 1 orphan inode deleted
[  223.487943][T12770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.493790][T15442] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  223.519089][  T416] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:6: lblock 1 mapped to illegal pblock 1 (length 1)
[  223.540991][  T416] Quota error (device loop0): remove_tree: Can't read quota data block 1
[  223.549610][  T416] EXT4-fs error (device loop0): ext4_release_dquot:6981: comm kworker/u8:6: Failed to release dquot type 0
[  223.563770][T12221] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.621160][T15462] loop4: detected capacity change from 0 to 512
[  223.654812][T15462] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  223.669590][T15462] ext4 filesystem being mounted at /172/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  223.821042][T15472] loop3: detected capacity change from 0 to 1024
[  223.828562][T15472] EXT4-fs: inline encryption not supported
[  223.856963][T15472] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  223.877667][T15475] netlink: 'syz.2.3898': attribute type 1 has an invalid length.
[  223.885438][T15475] netlink: 224 bytes leftover after parsing attributes in process `syz.2.3898'.
[  223.922889][T15474] EXT4-fs (loop0): stripe (248) is not aligned with cluster size (4096), stripe is disabled
[  223.936250][T12770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.947321][T15483] loop1: detected capacity change from 0 to 128
[  223.953790][T15474] EXT4-fs (loop0): can't enable nombcache during remount
[  223.985078][T12516] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.997672][T15483] tipc: Started in network mode
[  224.002556][T15483] tipc: Node identity 4, cluster identity 4711
[  224.008736][T15483] tipc: Node number set to 4
[  224.055319][   T29] audit: type=1326 audit(1762495315.833:9992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15487 comm="syz.2.3902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11d2e5f6c9 code=0x7ffc0000
[  224.079049][   T29] audit: type=1326 audit(1762495315.833:9993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15487 comm="syz.2.3902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f11d2e5f6c9 code=0x7ffc0000
[  224.119041][T15493] loop4: detected capacity change from 0 to 2048
[  224.127072][T15490] loop9: detected capacity change from 0 to 7
[  224.133395][T15490] buffer_io_error: 24 callbacks suppressed
[  224.133411][T15490] Buffer I/O error on dev loop9, logical block 0, async page read
[  224.147779][   T29] audit: type=1326 audit(1762495315.833:9994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15487 comm="syz.2.3902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11d2e5f6c9 code=0x7ffc0000
[  224.171312][   T29] audit: type=1326 audit(1762495315.833:9995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15487 comm="syz.2.3902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f11d2e5f6c9 code=0x7ffc0000
[  224.194756][   T29] audit: type=1326 audit(1762495315.833:9996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15487 comm="syz.2.3902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11d2e5f6c9 code=0x7ffc0000
[  224.218367][   T29] audit: type=1326 audit(1762495315.833:9997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15487 comm="syz.2.3902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f11d2e5f6c9 code=0x7ffc0000
[  224.241929][   T29] audit: type=1326 audit(1762495315.833:9998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15487 comm="syz.2.3902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11d2e5f6c9 code=0x7ffc0000
[  224.266550][T15490] Buffer I/O error on dev loop9, logical block 0, async page read
[  224.274508][T15490]  loop9: unable to read partition table
[  224.286333][T15490] loop_reread_partitions: partition scan of loop9 (þ被xüŸÑø éÚ¬§½dG¤´à–ƒÝ¡¯ �â·û
[  224.286333][T15490] 
) failed (rc=-5)
[  224.367282][T13219] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.387782][T15493] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  224.403405][T13219] EXT4-fs error (device loop0): __ext4_get_inode_loc:4832: comm syz-executor: Invalid inode table block 1 in block_group 0
[  224.419740][T15493] EXT4-fs error (device loop4): ext4_ext_precache:632: inode #2: comm syz.4.3904: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5)
[  224.459397][T13219] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  224.490624][T13219] EXT4-fs error (device loop0): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[  224.528528][T12516] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.592345][T15513] loop0: detected capacity change from 0 to 1024
[  224.622579][T15513] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  224.624052][T15513] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #3: block 2: comm syz.0.3911: lblock 2 mapped to illegal pblock 2 (length 1)
[  224.624160][T15513] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #3: block 48: comm syz.0.3911: lblock 0 mapped to illegal pblock 48 (length 1)
[  224.624294][T15513] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.3911: Failed to acquire dquot type 0
[  224.624431][T15513] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  224.624515][T15513] EXT4-fs error (device loop0): ext4_evict_inode:254: inode #11: comm syz.0.3911: mark_inode_dirty error
[  224.624587][T15513] EXT4-fs warning (device loop0): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  224.624616][T15513] EXT4-fs (loop0): 1 orphan inode deleted
[  224.625003][T15513] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  224.679080][ T6809] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:13: lblock 1 mapped to illegal pblock 1 (length 1)
[  224.679321][ T6809] EXT4-fs error (device loop0): ext4_release_dquot:6981: comm kworker/u8:13: Failed to release dquot type 0
[  224.737881][T15520] EXT4-fs (loop0): stripe (248) is not aligned with cluster size (4096), stripe is disabled
[  224.789276][T15526] netlink: 'syz.1.3913': attribute type 1 has an invalid length.
[  224.797123][T15526] netlink: 224 bytes leftover after parsing attributes in process `syz.1.3913'.
[  224.830834][T15520] EXT4-fs (loop0): can't enable nombcache during remount
[  224.915298][T15510] netlink: 'syz.4.3909': attribute type 1 has an invalid length.
[  224.923153][T15510] netlink: 224 bytes leftover after parsing attributes in process `syz.4.3909'.
[  225.006991][T15531] netlink: 'syz.2.3914': attribute type 1 has an invalid length.
[  225.014873][T15531] netlink: 224 bytes leftover after parsing attributes in process `syz.2.3914'.
[  225.235278][T15572] loop2: detected capacity change from 0 to 128
[  225.326639][T15574] netlink: 'syz.4.3927': attribute type 1 has an invalid length.
[  225.334475][T15574] netlink: 224 bytes leftover after parsing attributes in process `syz.4.3927'.
[  225.436603][T13219] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  225.457197][T13219] EXT4-fs error (device loop0): __ext4_get_inode_loc:4832: comm syz-executor: Invalid inode table block 1 in block_group 0
[  225.480833][T13219] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  225.495232][T13219] EXT4-fs error (device loop0): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[  225.620899][T15618] loop0: detected capacity change from 0 to 128
[  225.623677][T15623] loop3: detected capacity change from 0 to 512
[  225.649284][T15623] EXT4-fs: Ignoring removed bh option
[  225.749731][T15638] loop0: detected capacity change from 0 to 1024
[  225.756868][T15638] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  225.768884][T15623] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-008c-000000000000 r/w without journal. Quota mode: writeback.
[  225.808875][T15638] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #3: block 2: comm syz.0.3953: lblock 2 mapped to illegal pblock 2 (length 1)
[  225.845184][T15623] ext4 filesystem being mounted at /182/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  225.857996][T15638] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #3: block 48: comm syz.0.3953: lblock 0 mapped to illegal pblock 48 (length 1)
[  225.919825][   T10] IPVS: starting estimator thread 0...
[  225.928713][T15623] EXT4-fs (loop3): re-mounted 00000000-0000-0000-008c-000000000000.
[  225.944103][T15638] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.3953: Failed to acquire dquot type 0
[  225.980446][T15638] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  226.021785][T12770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-008c-000000000000.
[  226.033201][T15638] EXT4-fs error (device loop0): ext4_evict_inode:254: inode #11: comm syz.0.3953: mark_inode_dirty error
[  226.044611][T15647] IPVS: using max 2352 ests per chain, 117600 per kthread
[  226.073613][T15638] EXT4-fs warning (device loop0): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  226.106036][T15638] EXT4-fs (loop0): 1 orphan inode deleted
[  226.127535][ T6809] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:13: lblock 1 mapped to illegal pblock 1 (length 1)
[  226.129202][T15638] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  226.158473][ T6809] EXT4-fs error (device loop0): ext4_release_dquot:6981: comm kworker/u8:13: Failed to release dquot type 0
[  226.234536][T15655] EXT4-fs (loop0): stripe (248) is not aligned with cluster size (4096), stripe is disabled
[  226.244816][T15655] EXT4-fs (loop0): can't enable nombcache during remount
[  226.332711][T15661] __nla_validate_parse: 1 callbacks suppressed
[  226.332756][T15661] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3959'.
[  226.441196][T15668] loop4: detected capacity change from 0 to 128
[  226.466050][T15670] loop2: detected capacity change from 0 to 2048
[  226.600722][T13219] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  226.612463][T15670] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  226.625089][T13219] EXT4-fs error (device loop0): __ext4_get_inode_loc:4832: comm syz-executor: Invalid inode table block 1 in block_group 0
[  226.638683][T13219] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  226.648637][T13219] EXT4-fs error (device loop0): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[  226.743111][T12221] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  226.828537][T15679] FAULT_INJECTION: forcing a failure.
[  226.828537][T15679] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  226.841688][T15679] CPU: 0 UID: 0 PID: 15679 Comm: syz.1.3968 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  226.841774][T15679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  226.841791][T15679] Call Trace:
[  226.841799][T15679]  <TASK>
[  226.841809][T15679]  __dump_stack+0x1d/0x30
[  226.841877][T15679]  dump_stack_lvl+0xe8/0x140
[  226.841901][T15679]  dump_stack+0x15/0x1b
[  226.841918][T15679]  should_fail_ex+0x265/0x280
[  226.841952][T15679]  should_fail+0xb/0x20
[  226.841971][T15679]  should_fail_usercopy+0x1a/0x20
[  226.841998][T15679]  _copy_from_user+0x1c/0xb0
[  226.842082][T15679]  memdup_user+0x5e/0xd0
[  226.842117][T15679]  strndup_user+0x68/0xb0
[  226.842152][T15679]  keyctl_keyring_search+0xee/0x2e0
[  226.842242][T15679]  ? copy_from_kernel_nofault_allowed+0x9c/0xc0
[  226.842294][T15679]  __se_sys_keyctl+0x2d4/0xb80
[  226.842317][T15679]  ? __rcu_read_unlock+0x4f/0x70
[  226.842343][T15679]  ? bpf_trace_run2+0x124/0x1c0
[  226.842399][T15679]  ? __bpf_trace_sys_enter+0x10/0x30
[  226.842428][T15679]  __x64_sys_keyctl+0x67/0x80
[  226.842447][T15679]  x64_sys_call+0x2f7c/0x3000
[  226.842469][T15679]  do_syscall_64+0xd2/0x200
[  226.842495][T15679]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  226.842567][T15679]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  226.842608][T15679]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.842628][T15679] RIP: 0033:0x7f761fa5f6c9
[  226.842692][T15679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  226.842746][T15679] RSP: 002b:00007f761e4c7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa
[  226.842772][T15679] RAX: ffffffffffffffda RBX: 00007f761fcb5fa0 RCX: 00007f761fa5f6c9
[  226.842784][T15679] RDX: 0000200000000300 RSI: 000000002ef25365 RDI: 000000000000000a
[  226.842797][T15679] RBP: 00007f761e4c7090 R08: 0000000000000000 R09: 0000000000000000
[  226.842840][T15679] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  226.842856][T15679] R13: 00007f761fcb6038 R14: 00007f761fcb5fa0 R15: 00007ffd9c052608
[  226.842882][T15679]  </TASK>
[  227.091816][T15683] loop2: detected capacity change from 0 to 2048
[  227.105478][T15687] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3970'.
[  227.119595][T15683] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  227.219995][T15700] netlink: 'syz.3.3975': attribute type 4 has an invalid length.
[  227.235068][T15700] netlink: 'syz.3.3975': attribute type 4 has an invalid length.
[  227.253588][T12221] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  227.310740][T15705] FAULT_INJECTION: forcing a failure.
[  227.310740][T15705] name failslab, interval 1, probability 0, space 0, times 0
[  227.323458][T15705] CPU: 0 UID: 0 PID: 15705 Comm: syz.0.3977 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  227.323492][T15705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  227.323553][T15705] Call Trace:
[  227.323565][T15705]  <TASK>
[  227.323572][T15705]  __dump_stack+0x1d/0x30
[  227.323642][T15705]  dump_stack_lvl+0xe8/0x140
[  227.323669][T15705]  dump_stack+0x15/0x1b
[  227.323746][T15705]  should_fail_ex+0x265/0x280
[  227.323772][T15705]  should_failslab+0x8c/0xb0
[  227.323808][T15705]  kmem_cache_alloc_lru_noprof+0x55/0x490
[  227.323964][T15705]  ? __d_alloc+0x3d/0x340
[  227.324005][T15705]  __d_alloc+0x3d/0x340
[  227.324041][T15705]  d_alloc_parallel+0x58/0xc70
[  227.324130][T15705]  ? pcpu_block_update+0x24e/0x3b0
[  227.324159][T15705]  ? _find_next_zero_bit+0x64/0xa0
[  227.324198][T15705]  ? pcpu_block_refresh_hint+0x157/0x170
[  227.324300][T15705]  ? __rcu_read_unlock+0x4f/0x70
[  227.324328][T15705]  ? __d_lookup+0x316/0x340
[  227.324346][T15705]  ? pcpu_block_update_hint_alloc+0x63d/0x660
[  227.324372][T15705]  __lookup_slow+0x8c/0x250
[  227.324394][T15705]  lookup_noperm+0xc9/0x180
[  227.324461][T15705]  simple_start_creating+0x97/0x120
[  227.324492][T15705]  debugfs_start_creating+0xe9/0x160
[  227.324514][T15705]  __debugfs_create_file+0x6b/0x330
[  227.324536][T15705]  debugfs_create_file_full+0x3f/0x60
[  227.324563][T15705]  do_blk_trace_setup+0x2c8/0x4d0
[  227.324597][T15705]  blk_trace_setup+0xa5/0x140
[  227.324619][T15705]  ? __pfx_blkdev_ioctl+0x10/0x10
[  227.324638][T15705]  blk_trace_ioctl+0xf5/0x300
[  227.324660][T15705]  ? do_vfs_ioctl+0x866/0xe10
[  227.324721][T15705]  ? selinux_file_ioctl+0x308/0x3a0
[  227.324753][T15705]  ? __pfx_blkdev_ioctl+0x10/0x10
[  227.324772][T15705]  blkdev_ioctl+0x25f/0x440
[  227.324814][T15705]  ? __pfx_blkdev_ioctl+0x10/0x10
[  227.324833][T15705]  __se_sys_ioctl+0xce/0x140
[  227.324855][T15705]  __x64_sys_ioctl+0x43/0x50
[  227.324888][T15705]  x64_sys_call+0x1816/0x3000
[  227.324947][T15705]  do_syscall_64+0xd2/0x200
[  227.324969][T15705]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  227.324998][T15705]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  227.325042][T15705]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  227.325127][T15705] RIP: 0033:0x7f65942ff6c9
[  227.325142][T15705] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  227.325171][T15705] RSP: 002b:00007f6592d5f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  227.325189][T15705] RAX: ffffffffffffffda RBX: 00007f6594555fa0 RCX: 00007f65942ff6c9
[  227.325255][T15705] RDX: 0000200000000000 RSI: 00000000c0481273 RDI: 0000000000000006
[  227.325267][T15705] RBP: 00007f6592d5f090 R08: 0000000000000000 R09: 0000000000000000
[  227.325305][T15705] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  227.325317][T15705] R13: 00007f6594556038 R14: 00007f6594555fa0 R15: 00007ffef1be4bd8
[  227.325335][T15705]  </TASK>
[  227.626789][T15707] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3978'.
[  227.880557][T15732] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3989'.
[  227.889619][T15732] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3989'.
[  227.916068][T15732] bridge0: port 3(batadv1) entered blocking state
[  227.922573][T15732] bridge0: port 3(batadv1) entered disabled state
[  227.922851][T15738] loop0: detected capacity change from 0 to 1024
[  227.929097][T15732] batadv1: entered allmulticast mode
[  227.937138][T15738] EXT4-fs: Ignoring removed orlov option
[  227.947105][T15732] batadv1: entered promiscuous mode
[  227.951085][T15738] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  228.417455][ T6820] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[  228.426718][ T6820] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[  228.602872][T13219] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  228.681630][T15763] syzkaller0: entered allmulticast mode
[  228.710051][T15763] syzkaller0: entered promiscuous mode
[  228.710272][T15769] netlink: 'syz.1.4003': attribute type 1 has an invalid length.
[  228.717067][   T29] kauditd_printk_skb: 148 callbacks suppressed
[  228.717086][   T29] audit: type=1404 audit(1762495320.493:10141): enforcing=1 old_enforcing=0 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=selinux res=1
[  228.723444][T15769] netlink: 224 bytes leftover after parsing attributes in process `syz.1.4003'.
[  228.754860][   T29] audit: type=1404 audit(1762495320.533:10142): enforcing=0 old_enforcing=1 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=selinux res=1
[  228.783173][   T29] audit: type=1400 audit(1762495320.563:10143): avc:  denied  { read write } for  pid=13009 comm="syz-executor" name="loop1" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  228.794431][T15763] dvmrp1: entered allmulticast mode
[  228.807588][   T29] audit: type=1400 audit(1762495320.563:10144): avc:  denied  { open } for  pid=13009 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  228.825215][T15762] syzkaller0: left promiscuous mode
[  228.837316][   T29] audit: type=1400 audit(1762495320.563:10145): avc:  denied  { prog_load } for  pid=15762 comm="syz.3.4000" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  228.842422][T15762] syzkaller0: left allmulticast mode
[  228.861453][   T29] audit: type=1400 audit(1762495320.563:10146): avc:  denied  { bpf } for  pid=15762 comm="syz.3.4000" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  228.861483][   T29] audit: type=1400 audit(1762495320.563:10147): avc:  denied  { create } for  pid=15762 comm="syz.3.4000" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  228.861566][   T29] audit: type=1400 audit(1762495320.563:10148): avc:  denied  { setopt } for  pid=15762 comm="syz.3.4000" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  228.928248][   T29] audit: type=1400 audit(1762495320.593:10149): avc:  denied  { ioctl } for  pid=12221 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=102 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  228.954237][   T29] audit: type=1400 audit(1762495320.593:10150): avc:  denied  { map_create } for  pid=15762 comm="syz.3.4000" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  228.983166][T15779] loop2: detected capacity change from 0 to 128
[  229.118353][T15795] netlink: 'syz.1.4013': attribute type 1 has an invalid length.
[  229.126150][T15795] netlink: 224 bytes leftover after parsing attributes in process `syz.1.4013'.
[  229.505661][T15818] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4022'.
[  229.577113][T15829] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5 sclass=netlink_route_socket pid=15829 comm=syz.1.4022
[  229.758566][T15852] xt_hashlimit: max too large, truncated to 1048576
[  229.789553][T15856] FAULT_INJECTION: forcing a failure.
[  229.789553][T15856] name failslab, interval 1, probability 0, space 0, times 0
[  229.802280][T15856] CPU: 0 UID: 0 PID: 15856 Comm: syz.1.4036 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  229.802308][T15856] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  229.802320][T15856] Call Trace:
[  229.802326][T15856]  <TASK>
[  229.802380][T15856]  __dump_stack+0x1d/0x30
[  229.802404][T15856]  dump_stack_lvl+0xe8/0x140
[  229.802429][T15856]  dump_stack+0x15/0x1b
[  229.802447][T15856]  should_fail_ex+0x265/0x280
[  229.802467][T15856]  ? asymmetric_lookup_restriction+0x303/0x370
[  229.802589][T15856]  should_failslab+0x8c/0xb0
[  229.802625][T15856]  __kmalloc_cache_noprof+0x4c/0x4a0
[  229.802670][T15856]  ? __pfx_restrict_link_by_key_or_keyring_chain+0x10/0x10
[  229.802713][T15856]  asymmetric_lookup_restriction+0x303/0x370
[  229.802881][T15856]  ? __pfx_asymmetric_lookup_restriction+0x10/0x10
[  229.802967][T15856]  keyring_restrict+0xf7/0x280
[  229.803032][T15856]  keyctl_restrict_keyring+0x107/0x1b0
[  229.803134][T15856]  __se_sys_keyctl+0x1ed/0xb80
[  229.803160][T15856]  ? __rcu_read_unlock+0x4f/0x70
[  229.803189][T15856]  ? __fget_files+0x184/0x1c0
[  229.803221][T15856]  ? fput+0x8f/0xc0
[  229.803293][T15856]  __x64_sys_keyctl+0x67/0x80
[  229.803319][T15856]  x64_sys_call+0x2f7c/0x3000
[  229.803346][T15856]  do_syscall_64+0xd2/0x200
[  229.803373][T15856]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  229.803547][T15856]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  229.803591][T15856]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.803612][T15856] RIP: 0033:0x7f761fa5f6c9
[  229.803627][T15856] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  229.803707][T15856] RSP: 002b:00007f761e4c7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa
[  229.803731][T15856] RAX: ffffffffffffffda RBX: 00007f761fcb5fa0 RCX: 00007f761fa5f6c9
[  229.803745][T15856] RDX: 0000200000000240 RSI: 00000000316120b5 RDI: 000000000000001d
[  229.803757][T15856] RBP: 00007f761e4c7090 R08: 0000000000000000 R09: 0000000000000000
[  229.803769][T15856] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000001
[  229.803781][T15856] R13: 00007f761fcb6038 R14: 00007f761fcb5fa0 R15: 00007ffd9c052608
[  229.803868][T15856]  </TASK>
[  230.355704][T15871] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4041'.
[  230.708585][T15928] FAULT_INJECTION: forcing a failure.
[  230.708585][T15928] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  230.721739][T15928] CPU: 0 UID: 0 PID: 15928 Comm: syz.0.4066 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  230.721775][T15928] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  230.721790][T15928] Call Trace:
[  230.721798][T15928]  <TASK>
[  230.721807][T15928]  __dump_stack+0x1d/0x30
[  230.721907][T15928]  dump_stack_lvl+0xe8/0x140
[  230.721994][T15928]  dump_stack+0x15/0x1b
[  230.722034][T15928]  should_fail_ex+0x265/0x280
[  230.722061][T15928]  should_fail+0xb/0x20
[  230.722084][T15928]  should_fail_usercopy+0x1a/0x20
[  230.722107][T15928]  _copy_to_user+0x20/0xa0
[  230.722141][T15928]  simple_read_from_buffer+0xb5/0x130
[  230.722233][T15928]  proc_fail_nth_read+0x10e/0x150
[  230.722355][T15928]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  230.722387][T15928]  vfs_read+0x1a8/0x770
[  230.722415][T15928]  ? __rcu_read_unlock+0x4f/0x70
[  230.722442][T15928]  ? __fget_files+0x184/0x1c0
[  230.722552][T15928]  ? finish_task_switch+0xad/0x2b0
[  230.722579][T15928]  ksys_read+0xda/0x1a0
[  230.722604][T15928]  __x64_sys_read+0x40/0x50
[  230.722707][T15928]  x64_sys_call+0x27c0/0x3000
[  230.722738][T15928]  do_syscall_64+0xd2/0x200
[  230.722765][T15928]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  230.722798][T15928]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  230.722872][T15928]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  230.722900][T15928] RIP: 0033:0x7f65942fe0dc
[  230.722914][T15928] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  230.723059][T15928] RSP: 002b:00007f6592d5f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  230.723081][T15928] RAX: ffffffffffffffda RBX: 00007f6594555fa0 RCX: 00007f65942fe0dc
[  230.723097][T15928] RDX: 000000000000000f RSI: 00007f6592d5f0a0 RDI: 0000000000000003
[  230.723113][T15928] RBP: 00007f6592d5f090 R08: 0000000000000000 R09: 0000000000000000
[  230.723130][T15928] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  230.723146][T15928] R13: 00007f6594556038 R14: 00007f6594555fa0 R15: 00007ffef1be4bd8
[  230.723176][T15928]  </TASK>
[  231.470598][T15998] ip6t_srh: unknown srh match flags  4000
[  231.658479][T16020] netlink: 32 bytes leftover after parsing attributes in process `syz.3.4098'.
[  231.687449][T16020] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4098'.
[  231.876439][T16024] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4104'.
[  231.983759][T16057] netlink: 'syz.4.4121': attribute type 7 has an invalid length.
[  232.117921][T16073] IPVS: wrr: UDP 224.0.0.2:0 - no destination available
[  232.125068][ T1028] IPVS: starting estimator thread 0...
[  232.204009][T16085] FAULT_INJECTION: forcing a failure.
[  232.204009][T16085] name failslab, interval 1, probability 0, space 0, times 0
[  232.216755][T16085] CPU: 0 UID: 0 PID: 16085 Comm: syz.1.4133 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  232.216790][T16085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  232.216866][T16085] Call Trace:
[  232.216874][T16085]  <TASK>
[  232.216884][T16085]  __dump_stack+0x1d/0x30
[  232.216913][T16085]  dump_stack_lvl+0xe8/0x140
[  232.216940][T16085]  dump_stack+0x15/0x1b
[  232.216965][T16085]  should_fail_ex+0x265/0x280
[  232.216991][T16085]  should_failslab+0x8c/0xb0
[  232.217108][T16085]  kmem_cache_alloc_noprof+0x50/0x480
[  232.217139][T16085]  ? audit_log_start+0x342/0x720
[  232.217165][T16085]  audit_log_start+0x342/0x720
[  232.217194][T16085]  ? kstrtouint+0x76/0xc0
[  232.217251][T16085]  audit_seccomp+0x48/0x100
[  232.217292][T16085]  ? __seccomp_filter+0x82d/0x1250
[  232.217323][T16085]  __seccomp_filter+0x83e/0x1250
[  232.217394][T16085]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  232.217436][T16085]  ? vfs_write+0x7e8/0x960
[  232.217497][T16085]  ? __rcu_read_unlock+0x4f/0x70
[  232.217530][T16085]  ? __fget_files+0x184/0x1c0
[  232.217587][T16085]  __secure_computing+0x82/0x150
[  232.217621][T16085]  syscall_trace_enter+0xcf/0x1e0
[  232.217651][T16085]  do_syscall_64+0xac/0x200
[  232.217750][T16085]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  232.217779][T16085]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  232.217817][T16085]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  232.217839][T16085] RIP: 0033:0x7f761fa5f6c9
[  232.217854][T16085] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  232.217904][T16085] RSP: 002b:00007f761e4c7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e6
[  232.217930][T16085] RAX: ffffffffffffffda RBX: 00007f761fcb5fa0 RCX: 00007f761fa5f6c9
[  232.217947][T16085] RDX: 0000200000000080 RSI: 0000000000000000 RDI: 0000000000000009
[  232.218035][T16085] RBP: 00007f761e4c7090 R08: 0000000000000000 R09: 0000000000000000
[  232.218047][T16085] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  232.218059][T16085] R13: 00007f761fcb6038 R14: 00007f761fcb5fa0 R15: 00007ffd9c052608
[  232.218085][T16085]  </TASK>
[  232.428241][T16076] IPVS: using max 2352 ests per chain, 117600 per kthread
[  232.516848][T16095] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4138'.
[  232.530230][T16071] xt_TCPMSS: Only works on TCP SYN packets
[  232.587725][T16098] serio: Serial port ttyS3
[  232.938828][T16137] netlink: 'syz.4.4154': attribute type 4 has an invalid length.
[  233.108186][T16133] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4151'.
[  233.385363][T16211] netlink: 96 bytes leftover after parsing attributes in process `syz.2.4187'.
[  233.403133][T16211] netlink: 96 bytes leftover after parsing attributes in process `syz.2.4187'.
[  233.431661][T16219] FAULT_INJECTION: forcing a failure.
[  233.431661][T16219] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  233.444861][T16219] CPU: 1 UID: 0 PID: 16219 Comm: syz.2.4190 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  233.444894][T16219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  233.444931][T16219] Call Trace:
[  233.444976][T16219]  <TASK>
[  233.444984][T16219]  __dump_stack+0x1d/0x30
[  233.445006][T16219]  dump_stack_lvl+0xe8/0x140
[  233.445025][T16219]  dump_stack+0x15/0x1b
[  233.445044][T16219]  should_fail_ex+0x265/0x280
[  233.445069][T16219]  should_fail+0xb/0x20
[  233.445158][T16219]  should_fail_usercopy+0x1a/0x20
[  233.445185][T16219]  _copy_to_user+0x20/0xa0
[  233.445227][T16219]  simple_read_from_buffer+0xb5/0x130
[  233.445293][T16219]  proc_fail_nth_read+0x10e/0x150
[  233.445349][T16219]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  233.445390][T16219]  vfs_read+0x1a8/0x770
[  233.445433][T16219]  ? __rcu_read_unlock+0x4f/0x70
[  233.445465][T16219]  ? __fget_files+0x184/0x1c0
[  233.445502][T16219]  ksys_read+0xda/0x1a0
[  233.445576][T16219]  __x64_sys_read+0x40/0x50
[  233.445600][T16219]  x64_sys_call+0x27c0/0x3000
[  233.445622][T16219]  do_syscall_64+0xd2/0x200
[  233.445647][T16219]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  233.445683][T16219]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  233.445752][T16219]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.445801][T16219] RIP: 0033:0x7f11d2e5e0dc
[  233.445874][T16219] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  233.445899][T16219] RSP: 002b:00007f11d18c7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  233.445992][T16219] RAX: ffffffffffffffda RBX: 00007f11d30b5fa0 RCX: 00007f11d2e5e0dc
[  233.446008][T16219] RDX: 000000000000000f RSI: 00007f11d18c70a0 RDI: 0000000000000005
[  233.446024][T16219] RBP: 00007f11d18c7090 R08: 0000000000000000 R09: 0000000000000000
[  233.446040][T16219] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  233.446056][T16219] R13: 00007f11d30b6038 R14: 00007f11d30b5fa0 R15: 00007ffedb27d6d8
[  233.446079][T16219]  </TASK>
[  233.652729][T16224] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16224 comm=syz.3.4191
[  233.718200][   T29] kauditd_printk_skb: 1943 callbacks suppressed
[  233.718219][   T29] audit: type=1400 audit(1762495325.503:12092): avc:  denied  { read write } for  pid=12221 comm="syz-executor" name="loop2" dev="devtmpfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  233.726944][T16236] FAULT_INJECTION: forcing a failure.
[  233.726944][T16236] name fail_futex, interval 1, probability 0, space 0, times 1
[  233.761997][T16236] CPU: 1 UID: 0 PID: 16236 Comm: syz.2.4198 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  233.762030][T16236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  233.762043][T16236] Call Trace:
[  233.762051][T16236]  <TASK>
[  233.762059][T16236]  __dump_stack+0x1d/0x30
[  233.762128][T16236]  dump_stack_lvl+0xe8/0x140
[  233.762161][T16236]  dump_stack+0x15/0x1b
[  233.762204][T16236]  should_fail_ex+0x265/0x280
[  233.762294][T16236]  should_fail+0xb/0x20
[  233.762378][T16236]  get_futex_key+0x130/0xbd0
[  233.762417][T16236]  futex_wait_setup+0x4a/0x3e0
[  233.762569][T16236]  futex_wait_requeue_pi+0x1ac/0x640
[  233.762599][T16236]  ? __pfx_futex_wake_mark+0x10/0x10
[  233.762634][T16236]  do_futex+0x136/0x380
[  233.762711][T16236]  __se_sys_futex+0x2ed/0x360
[  233.762778][T16236]  __x64_sys_futex+0x78/0x90
[  233.762887][T16236]  x64_sys_call+0x2e48/0x3000
[  233.762951][T16236]  do_syscall_64+0xd2/0x200
[  233.762972][T16236]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  233.763000][T16236]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  233.763041][T16236]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.763150][T16236] RIP: 0033:0x7f11d2e5f6c9
[  233.763170][T16236] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  233.763193][T16236] RSP: 002b:00007f11d18c7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  233.763247][T16236] RAX: ffffffffffffffda RBX: 00007f11d30b5fa0 RCX: 00007f11d2e5f6c9
[  233.763263][T16236] RDX: 0000000000000000 RSI: 000080000000000b RDI: 000020000000cffc
[  233.763279][T16236] RBP: 00007f11d18c7090 R08: 0000200000048000 R09: 0000000000000300
[  233.763295][T16236] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  233.763311][T16236] R13: 00007f11d30b6038 R14: 00007f11d30b5fa0 R15: 00007ffedb27d6d8
[  233.763361][T16236]  </TASK>
[  233.763747][   T29] audit: type=1400 audit(1762495325.543:12093): avc:  denied  { map_create } for  pid=16233 comm="syz.0.4197" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  233.925292][T16250] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4201'.
[  233.929384][   T29] audit: type=1400 audit(1762495325.543:12094): avc:  denied  { map_create } for  pid=16233 comm="syz.0.4197" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  233.996127][   T29] audit: type=1400 audit(1762495325.543:12095): avc:  denied  { prog_load } for  pid=16233 comm="syz.0.4197" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  234.015403][   T29] audit: type=1400 audit(1762495325.543:12096): avc:  denied  { prog_load } for  pid=16233 comm="syz.0.4197" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  234.034879][   T29] audit: type=1400 audit(1762495325.563:12097): avc:  denied  { read write } for  pid=13219 comm="syz-executor" name="loop0" dev="devtmpfs" ino=1183 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=0
[  234.058496][   T29] audit: type=1400 audit(1762495325.573:12098): avc:  denied  { create } for  pid=16239 comm="syz.0.4200" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=0
[  234.078369][   T29] audit: type=1400 audit(1762495325.573:12099): avc:  denied  { create } for  pid=16239 comm="syz.0.4200" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=0
[  234.098138][   T29] audit: type=1400 audit(1762495325.573:12100): avc:  denied  { prog_load } for  pid=16239 comm="syz.0.4200" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  234.117417][   T29] audit: type=1400 audit(1762495325.573:12101): avc:  denied  { prog_load } for  pid=16239 comm="syz.0.4200" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  234.322357][T16289] netlink: 188 bytes leftover after parsing attributes in process `syz.3.4223'.
[  234.552566][T16331] bridge_slave_0: left allmulticast mode
[  234.558332][T16331] bridge_slave_0: left promiscuous mode
[  234.564409][T16331] bridge0: port 1(bridge_slave_0) entered disabled state
[  234.574967][T16331] bridge_slave_1: left allmulticast mode
[  234.580680][T16331] bridge_slave_1: left promiscuous mode
[  234.586452][T16331] bridge0: port 2(bridge_slave_1) entered disabled state
[  234.600317][T16331] bond0: (slave bond_slave_0): Releasing backup interface
[  234.600980][T16336] netlink: 'syz.0.4241': attribute type 10 has an invalid length.
[  234.615551][T16336] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4241'.
[  234.627084][T16331] bond0: (slave bond_slave_1): Releasing backup interface
[  234.647994][T16331] team0: Port device team_slave_0 removed
[  234.667939][T16331] team0: Port device team_slave_1 removed
[  234.675056][T16331] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  234.682690][T16331] batman_adv: batadv0: Removing interface: batadv_slave_0
[  234.691771][T16331] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  234.699309][T16331] batman_adv: batadv0: Removing interface: batadv_slave_1
[  234.708973][T16331] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  234.838134][T16350] FAULT_INJECTION: forcing a failure.
[  234.838134][T16350] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  234.851322][T16350] CPU: 0 UID: 0 PID: 16350 Comm: syz.0.4250 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  234.851372][T16350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  234.851389][T16350] Call Trace:
[  234.851398][T16350]  <TASK>
[  234.851407][T16350]  __dump_stack+0x1d/0x30
[  234.851436][T16350]  dump_stack_lvl+0xe8/0x140
[  234.851505][T16350]  dump_stack+0x15/0x1b
[  234.851571][T16350]  should_fail_ex+0x265/0x280
[  234.851640][T16350]  should_fail+0xb/0x20
[  234.851662][T16350]  should_fail_usercopy+0x1a/0x20
[  234.851690][T16350]  _copy_from_iter+0xd2/0xe80
[  234.851713][T16350]  ? __build_skb_around+0x1ab/0x200
[  234.851750][T16350]  ? __alloc_skb+0x223/0x320
[  234.851845][T16350]  netlink_sendmsg+0x471/0x6b0
[  234.851876][T16350]  ? __pfx_netlink_sendmsg+0x10/0x10
[  234.851900][T16350]  __sock_sendmsg+0x145/0x180
[  234.851925][T16350]  sock_write_iter+0x1a7/0x1f0
[  234.851956][T16350]  ? __pfx_sock_write_iter+0x10/0x10
[  234.852064][T16350]  vfs_write+0x52a/0x960
[  234.852098][T16350]  ksys_write+0xda/0x1a0
[  234.852129][T16350]  __x64_sys_write+0x40/0x50
[  234.852179][T16350]  x64_sys_call+0x2802/0x3000
[  234.852240][T16350]  do_syscall_64+0xd2/0x200
[  234.852266][T16350]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  234.852303][T16350]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  234.852356][T16350]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.852377][T16350] RIP: 0033:0x7f65942ff6c9
[  234.852391][T16350] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  234.852413][T16350] RSP: 002b:00007f6592d5f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  234.852467][T16350] RAX: ffffffffffffffda RBX: 00007f6594555fa0 RCX: 00007f65942ff6c9
[  234.852561][T16350] RDX: 00000000000000fc RSI: 00002000000002c0 RDI: 0000000000000003
[  234.852576][T16350] RBP: 00007f6592d5f090 R08: 0000000000000000 R09: 0000000000000000
[  234.852587][T16350] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  234.852599][T16350] R13: 00007f6594556038 R14: 00007f6594555fa0 R15: 00007ffef1be4bd8
[  234.852619][T16350]  </TASK>
[  235.229596][T16367] netlink: 'syz.0.4253': attribute type 12 has an invalid length.
[  235.428841][T16389] FAULT_INJECTION: forcing a failure.
[  235.428841][T16389] name failslab, interval 1, probability 0, space 0, times 0
[  235.441507][T16389] CPU: 0 UID: 0 PID: 16389 Comm: syz.1.4262 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  235.441583][T16389] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  235.441622][T16389] Call Trace:
[  235.441630][T16389]  <TASK>
[  235.441639][T16389]  __dump_stack+0x1d/0x30
[  235.441677][T16389]  dump_stack_lvl+0xe8/0x140
[  235.441701][T16389]  dump_stack+0x15/0x1b
[  235.441718][T16389]  should_fail_ex+0x265/0x280
[  235.441766][T16389]  should_failslab+0x8c/0xb0
[  235.441809][T16389]  kmem_cache_alloc_noprof+0x50/0x480
[  235.441896][T16389]  ? audit_log_start+0x342/0x720
[  235.441924][T16389]  audit_log_start+0x342/0x720
[  235.441947][T16389]  audit_seccomp+0x48/0x100
[  235.441985][T16389]  ? __seccomp_filter+0x82d/0x1250
[  235.442103][T16389]  __seccomp_filter+0x83e/0x1250
[  235.442135][T16389]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  235.442177][T16389]  ? vfs_write+0x7e8/0x960
[  235.442255][T16389]  ? __rcu_read_unlock+0x4f/0x70
[  235.442286][T16389]  ? __rcu_read_unlock+0x4f/0x70
[  235.442360][T16389]  __secure_computing+0x82/0x150
[  235.442464][T16389]  syscall_trace_enter+0xcf/0x1e0
[  235.442542][T16389]  do_syscall_64+0xac/0x200
[  235.442679][T16389]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  235.442715][T16389]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  235.442759][T16389]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  235.442864][T16389] RIP: 0033:0x7f761fa5e0dc
[  235.442882][T16389] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  235.442907][T16389] RSP: 002b:00007f761e4c7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  235.442929][T16389] RAX: ffffffffffffffda RBX: 00007f761fcb5fa0 RCX: 00007f761fa5e0dc
[  235.442941][T16389] RDX: 000000000000000f RSI: 00007f761e4c70a0 RDI: 0000000000000003
[  235.442954][T16389] RBP: 00007f761e4c7090 R08: 0000000000000000 R09: 0000000000000000
[  235.442970][T16389] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  235.443020][T16389] R13: 00007f761fcb6038 R14: 00007f761fcb5fa0 R15: 00007ffd9c052608
[  235.443038][T16389]  </TASK>
[  235.837508][T16409] xt_CT: You must specify a L4 protocol and not use inversions on it
[  235.887360][T16415] FAULT_INJECTION: forcing a failure.
[  235.887360][T16415] name failslab, interval 1, probability 0, space 0, times 0
[  235.900112][T16415] CPU: 0 UID: 0 PID: 16415 Comm: syz.1.4273 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  235.900150][T16415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  235.900166][T16415] Call Trace:
[  235.900173][T16415]  <TASK>
[  235.900182][T16415]  __dump_stack+0x1d/0x30
[  235.900210][T16415]  dump_stack_lvl+0xe8/0x140
[  235.900236][T16415]  dump_stack+0x15/0x1b
[  235.900308][T16415]  should_fail_ex+0x265/0x280
[  235.900334][T16415]  should_failslab+0x8c/0xb0
[  235.900451][T16415]  __kmalloc_noprof+0xa5/0x570
[  235.900490][T16415]  ? kernfs_fop_write_iter+0xe2/0x300
[  235.900517][T16415]  ? selinux_file_permission+0x1e4/0x320
[  235.900597][T16415]  kernfs_fop_write_iter+0xe2/0x300
[  235.900619][T16415]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  235.900640][T16415]  vfs_write+0x52a/0x960
[  235.900671][T16415]  ksys_write+0xda/0x1a0
[  235.900757][T16415]  __x64_sys_write+0x40/0x50
[  235.900783][T16415]  x64_sys_call+0x2802/0x3000
[  235.900879][T16415]  do_syscall_64+0xd2/0x200
[  235.900901][T16415]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  235.900930][T16415]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  235.901035][T16415]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  235.901057][T16415] RIP: 0033:0x7f761fa5f6c9
[  235.901076][T16415] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  235.901095][T16415] RSP: 002b:00007f761e4c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  235.901133][T16415] RAX: ffffffffffffffda RBX: 00007f761fcb5fa0 RCX: 00007f761fa5f6c9
[  235.901146][T16415] RDX: 000000000000000a RSI: 0000200000000080 RDI: 0000000000000004
[  235.901158][T16415] RBP: 00007f761e4c7090 R08: 0000000000000000 R09: 0000000000000000
[  235.901251][T16415] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  235.901277][T16415] R13: 00007f761fcb6038 R14: 00007f761fcb5fa0 R15: 00007ffd9c052608
[  235.901296][T16415]  </TASK>
[  236.099743][T16412] FAULT_INJECTION: forcing a failure.
[  236.099743][T16412] name failslab, interval 1, probability 0, space 0, times 0
[  236.112504][T16412] CPU: 1 UID: 0 PID: 16412 Comm: syz.2.4271 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  236.112533][T16412] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  236.112546][T16412] Call Trace:
[  236.112553][T16412]  <TASK>
[  236.112561][T16412]  __dump_stack+0x1d/0x30
[  236.112636][T16412]  dump_stack_lvl+0xe8/0x140
[  236.112683][T16412]  dump_stack+0x15/0x1b
[  236.112701][T16412]  should_fail_ex+0x265/0x280
[  236.112722][T16412]  should_failslab+0x8c/0xb0
[  236.112753][T16412]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[  236.112864][T16412]  ? set_task_ioprio+0x174/0x270
[  236.112886][T16412]  set_task_ioprio+0x174/0x270
[  236.112907][T16412]  __se_sys_ioprio_set+0x465/0x5a0
[  236.112989][T16412]  ? ksys_write+0x192/0x1a0
[  236.113029][T16412]  __x64_sys_ioprio_set+0x43/0x50
[  236.113057][T16412]  x64_sys_call+0x2fbe/0x3000
[  236.113081][T16412]  do_syscall_64+0xd2/0x200
[  236.113102][T16412]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  236.113150][T16412]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  236.113185][T16412]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  236.113207][T16412] RIP: 0033:0x7f11d2e5f6c9
[  236.113223][T16412] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  236.113313][T16412] RSP: 002b:00007f11d18a6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fb
[  236.113333][T16412] RAX: ffffffffffffffda RBX: 00007f11d30b6090 RCX: 00007f11d2e5f6c9
[  236.113346][T16412] RDX: 0000000000004007 RSI: 0000000000000000 RDI: 0000000000000002
[  236.113404][T16412] RBP: 00007f11d18a6090 R08: 0000000000000000 R09: 0000000000000000
[  236.113416][T16412] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  236.113429][T16412] R13: 00007f11d30b6128 R14: 00007f11d30b6090 R15: 00007ffedb27d6d8
[  236.113450][T16412]  </TASK>
[  236.259810][T16403] ipip0: entered promiscuous mode
[  236.933105][T16477] xt_TCPMSS: Only works on TCP SYN packets
[  237.169183][T16501] bridge0: port 1(syz_tun) entered blocking state
[  237.175765][T16501] bridge0: port 1(syz_tun) entered disabled state
[  237.216085][T16501] syz_tun: entered allmulticast mode
[  237.235218][T16501] syz_tun: entered promiscuous mode
[  237.247977][T16501] bridge0: port 1(syz_tun) entered blocking state
[  237.254545][T16501] bridge0: port 1(syz_tun) entered forwarding state
[  237.277496][T16505] netlink: 'syz.3.4310': attribute type 3 has an invalid length.
[  237.285268][T16505] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4310'.
[  237.326139][T16507] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  237.332697][T16507] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  237.340268][T16507] vhci_hcd vhci_hcd.0: Device attached
[  237.379581][T16508] vhci_hcd: connection closed
[  237.380154][ T6820] vhci_hcd: stop threads
[  237.389351][ T6820] vhci_hcd: release socket
[  237.393781][ T6820] vhci_hcd: disconnect device
[  237.630125][T16520] xt_TCPMSS: Only works on TCP SYN packets
[  237.636927][T16520] FAULT_INJECTION: forcing a failure.
[  237.636927][T16520] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  237.650210][T16520] CPU: 0 UID: 0 PID: 16520 Comm: syz.2.4315 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  237.650235][T16520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  237.650248][T16520] Call Trace:
[  237.650254][T16520]  <TASK>
[  237.650261][T16520]  __dump_stack+0x1d/0x30
[  237.650287][T16520]  dump_stack_lvl+0xe8/0x140
[  237.650307][T16520]  dump_stack+0x15/0x1b
[  237.650328][T16520]  should_fail_ex+0x265/0x280
[  237.650353][T16520]  should_fail_alloc_page+0xf2/0x100
[  237.650387][T16520]  __alloc_frozen_pages_noprof+0xff/0x360
[  237.650410][T16520]  alloc_pages_mpol+0xb3/0x260
[  237.650437][T16520]  alloc_pages_noprof+0x90/0x130
[  237.650465][T16520]  __pmd_alloc+0x47/0x420
[  237.650496][T16520]  copy_page_range+0x38a3/0x3be0
[  237.650535][T16520]  ? should_failslab+0x8c/0xb0
[  237.650570][T16520]  ? __account_obj_stock+0x211/0x350
[  237.650606][T16520]  ? mas_wr_walk_descend+0x36e/0x470
[  237.650660][T16520]  ? mas_prealloc_calc+0x253/0x2a0
[  237.650687][T16520]  ? mas_store+0x3ef/0x5a0
[  237.650716][T16520]  dup_mmap+0x885/0xf20
[  237.650754][T16520]  copy_mm+0x11a/0x370
[  237.650793][T16520]  copy_process+0xd08/0x2000
[  237.650837][T16520]  kernel_clone+0x16c/0x5c0
[  237.650876][T16520]  ? vfs_write+0x7e8/0x960
[  237.650911][T16520]  __x64_sys_clone+0xe6/0x120
[  237.650960][T16520]  x64_sys_call+0x119c/0x3000
[  237.650991][T16520]  do_syscall_64+0xd2/0x200
[  237.651018][T16520]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  237.651055][T16520]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  237.651091][T16520]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.651113][T16520] RIP: 0033:0x7f11d2e5f6c9
[  237.651128][T16520] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  237.651146][T16520] RSP: 002b:00007f11d18c6fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  237.651168][T16520] RAX: ffffffffffffffda RBX: 00007f11d30b5fa0 RCX: 00007f11d2e5f6c9
[  237.651185][T16520] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000630c1000
[  237.651201][T16520] RBP: 00007f11d18c7090 R08: 0000000000000000 R09: 0000000000000000
[  237.651217][T16520] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  237.651234][T16520] R13: 00007f11d30b6038 R14: 00007f11d30b5fa0 R15: 00007ffedb27d6d8
[  237.651259][T16520]  </TASK>
[  237.952410][T16529] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4320'.
[  237.966331][T16533] FAULT_INJECTION: forcing a failure.
[  237.966331][T16533] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  237.979477][T16533] CPU: 0 UID: 0 PID: 16533 Comm: syz.4.4322 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  237.979510][T16533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  237.979523][T16533] Call Trace:
[  237.979530][T16533]  <TASK>
[  237.979539][T16533]  __dump_stack+0x1d/0x30
[  237.979566][T16533]  dump_stack_lvl+0xe8/0x140
[  237.979645][T16533]  dump_stack+0x15/0x1b
[  237.979665][T16533]  should_fail_ex+0x265/0x280
[  237.979688][T16533]  should_fail+0xb/0x20
[  237.979704][T16533]  should_fail_usercopy+0x1a/0x20
[  237.979724][T16533]  _copy_to_user+0x20/0xa0
[  237.979813][T16533]  simple_read_from_buffer+0xb5/0x130
[  237.979845][T16533]  proc_fail_nth_read+0x10e/0x150
[  237.979884][T16533]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  237.979973][T16533]  vfs_read+0x1a8/0x770
[  237.980004][T16533]  ? __rcu_read_unlock+0x4f/0x70
[  237.980035][T16533]  ? __fget_files+0x184/0x1c0
[  237.980092][T16533]  ksys_read+0xda/0x1a0
[  237.980126][T16533]  __x64_sys_read+0x40/0x50
[  237.980156][T16533]  x64_sys_call+0x27c0/0x3000
[  237.980179][T16533]  do_syscall_64+0xd2/0x200
[  237.980201][T16533]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  237.980238][T16533]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  237.980279][T16533]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.980300][T16533] RIP: 0033:0x7f62edb0e0dc
[  237.980315][T16533] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  237.980371][T16533] RSP: 002b:00007f62ec577030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  237.980390][T16533] RAX: ffffffffffffffda RBX: 00007f62edd65fa0 RCX: 00007f62edb0e0dc
[  237.980405][T16533] RDX: 000000000000000f RSI: 00007f62ec5770a0 RDI: 0000000000000004
[  237.980421][T16533] RBP: 00007f62ec577090 R08: 0000000000000000 R09: 0000000000000000
[  237.980438][T16533] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  237.980453][T16533] R13: 00007f62edd66038 R14: 00007f62edd65fa0 R15: 00007ffecd37d8b8
[  237.980539][T16533]  </TASK>
[  238.728153][   T29] kauditd_printk_skb: 1235 callbacks suppressed
[  238.728172][   T29] audit: type=1400 audit(1762495330.513:13335): avc:  denied  { read write } for  pid=12770 comm="syz-executor" name="loop3" dev="devtmpfs" ino=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  238.777832][   T29] audit: type=1400 audit(1762495330.543:13336): avc:  denied  { prog_load } for  pid=16584 comm="syz.4.4344" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  238.797154][   T29] audit: type=1400 audit(1762495330.543:13337): avc:  denied  { create } for  pid=16584 comm="syz.4.4344" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=0
[  238.817797][   T29] audit: type=1400 audit(1762495330.543:13338): avc:  denied  { create } for  pid=16584 comm="syz.4.4344" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=0
[  238.838497][   T29] audit: type=1400 audit(1762495330.553:13339): avc:  denied  { prog_load } for  pid=16586 comm="syz.3.4345" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  238.857920][   T29] audit: type=1400 audit(1762495330.553:13340): avc:  denied  { prog_load } for  pid=16586 comm="syz.3.4345" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  238.860912][T16589] netlink: 52 bytes leftover after parsing attributes in process `syz.4.4347'.
[  238.877247][   T29] audit: type=1400 audit(1762495330.553:13341): avc:  denied  { prog_load } for  pid=16586 comm="syz.3.4345" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  238.905443][   T29] audit: type=1400 audit(1762495330.553:13342): avc:  denied  { prog_load } for  pid=16586 comm="syz.3.4345" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  238.924689][   T29] audit: type=1326 audit(1762495330.553:13343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16586 comm="syz.3.4345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a17f8f6c9 code=0x7ffc0000
[  238.948404][   T29] audit: type=1326 audit(1762495330.553:13344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16586 comm="syz.3.4345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a17f8f6c9 code=0x7ffc0000
[  239.125095][T16615] netlink: 47 bytes leftover after parsing attributes in process `syz.2.4358'.
[  240.025025][T16661] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16661 comm=syz.4.4377
[  241.063661][T16721] FAULT_INJECTION: forcing a failure.
[  241.063661][T16721] name failslab, interval 1, probability 0, space 0, times 0
[  241.076652][T16721] CPU: 1 UID: 0 PID: 16721 Comm: syz.4.4403 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  241.076684][T16721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  241.076701][T16721] Call Trace:
[  241.076709][T16721]  <TASK>
[  241.076718][T16721]  __dump_stack+0x1d/0x30
[  241.076746][T16721]  dump_stack_lvl+0xe8/0x140
[  241.076766][T16721]  dump_stack+0x15/0x1b
[  241.076839][T16721]  should_fail_ex+0x265/0x280
[  241.076858][T16721]  should_failslab+0x8c/0xb0
[  241.076889][T16721]  __kmalloc_node_noprof+0xaa/0x580
[  241.076928][T16721]  ? qdisc_alloc+0x65/0x440
[  241.077025][T16721]  qdisc_alloc+0x65/0x440
[  241.077084][T16721]  qdisc_create_dflt+0x7f/0x2d0
[  241.077125][T16721]  taprio_init+0x286/0x5f0
[  241.077215][T16721]  ? __pfx_taprio_init+0x10/0x10
[  241.077264][T16721]  qdisc_create+0x591/0x9e0
[  241.077298][T16721]  tc_modify_qdisc+0xf2e/0x1420
[  241.077410][T16721]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  241.077440][T16721]  rtnetlink_rcv_msg+0x65a/0x6d0
[  241.077543][T16721]  ? avc_has_perm_noaudit+0x1b1/0x200
[  241.077571][T16721]  netlink_rcv_skb+0x123/0x220
[  241.077609][T16721]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  241.077643][T16721]  rtnetlink_rcv+0x1c/0x30
[  241.077677][T16721]  netlink_unicast+0x5c0/0x690
[  241.077710][T16721]  netlink_sendmsg+0x58b/0x6b0
[  241.077730][T16721]  ? __pfx_netlink_sendmsg+0x10/0x10
[  241.077750][T16721]  __sock_sendmsg+0x145/0x180
[  241.077807][T16721]  ____sys_sendmsg+0x31e/0x4e0
[  241.077829][T16721]  ___sys_sendmsg+0x17b/0x1d0
[  241.077866][T16721]  __x64_sys_sendmsg+0xd4/0x160
[  241.077895][T16721]  x64_sys_call+0x191e/0x3000
[  241.077924][T16721]  do_syscall_64+0xd2/0x200
[  241.077984][T16721]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  241.078016][T16721]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  241.078104][T16721]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  241.078156][T16721] RIP: 0033:0x7f62edb0f6c9
[  241.078176][T16721] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  241.078198][T16721] RSP: 002b:00007f62ec577038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  241.078222][T16721] RAX: ffffffffffffffda RBX: 00007f62edd65fa0 RCX: 00007f62edb0f6c9
[  241.078254][T16721] RDX: 0000000000000000 RSI: 00002000000007c0 RDI: 0000000000000004
[  241.078272][T16721] RBP: 00007f62ec577090 R08: 0000000000000000 R09: 0000000000000000
[  241.078311][T16721] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  241.078326][T16721] R13: 00007f62edd66038 R14: 00007f62edd65fa0 R15: 00007ffecd37d8b8
[  241.078348][T16721]  </TASK>
[  242.097695][T16833] FAULT_INJECTION: forcing a failure.
[  242.097695][T16833] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  242.110952][T16833] CPU: 1 UID: 0 PID: 16833 Comm: syz.0.4449 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  242.110986][T16833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  242.111080][T16833] Call Trace:
[  242.111088][T16833]  <TASK>
[  242.111097][T16833]  __dump_stack+0x1d/0x30
[  242.111134][T16833]  dump_stack_lvl+0xe8/0x140
[  242.111179][T16833]  dump_stack+0x15/0x1b
[  242.111199][T16833]  should_fail_ex+0x265/0x280
[  242.111219][T16833]  should_fail+0xb/0x20
[  242.111235][T16833]  should_fail_usercopy+0x1a/0x20
[  242.111262][T16833]  _copy_from_user+0x1c/0xb0
[  242.111295][T16833]  __sys_bpf+0x183/0x7c0
[  242.111375][T16833]  __x64_sys_bpf+0x41/0x50
[  242.111407][T16833]  x64_sys_call+0x2aee/0x3000
[  242.111432][T16833]  do_syscall_64+0xd2/0x200
[  242.111468][T16833]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  242.111504][T16833]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  242.111556][T16833]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  242.111579][T16833] RIP: 0033:0x7f65942ff6c9
[  242.111598][T16833] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  242.111623][T16833] RSP: 002b:00007f6592d5f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  242.111642][T16833] RAX: ffffffffffffffda RBX: 00007f6594555fa0 RCX: 00007f65942ff6c9
[  242.111655][T16833] RDX: 0000000000000018 RSI: 00002000000000c0 RDI: 0000000000000006
[  242.111741][T16833] RBP: 00007f6592d5f090 R08: 0000000000000000 R09: 0000000000000000
[  242.111757][T16833] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  242.111769][T16833] R13: 00007f6594556038 R14: 00007f6594555fa0 R15: 00007ffef1be4bd8
[  242.111786][T16833]  </TASK>
[  242.595581][T16862] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4460'.
[  242.933732][T16929] pim6reg1: entered promiscuous mode
[  242.939150][T16929] pim6reg1: entered allmulticast mode
[  243.741434][   T29] kauditd_printk_skb: 1400 callbacks suppressed
[  243.741451][   T29] audit: type=1400 audit(1762495335.523:14745): avc:  denied  { prog_load } for  pid=16996 comm="syz.2.4523" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  243.767258][   T29] audit: type=1400 audit(1762495335.533:14746): avc:  denied  { read write } for  pid=12770 comm="syz-executor" name="loop3" dev="devtmpfs" ino=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  243.801475][   T29] audit: type=1400 audit(1762495335.553:14747): avc:  denied  { name_bind } for  pid=16998 comm="syz.3.4524" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=0
[  243.823421][   T29] audit: type=1400 audit(1762495335.553:14748): avc:  denied  { prog_load } for  pid=16996 comm="syz.2.4523" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  243.829478][T17004] IPVS: wrr: UDP 224.0.0.2:0 - no destination available
[  243.842727][   T29] audit: type=1400 audit(1762495335.553:14749): avc:  denied  { create } for  pid=16996 comm="syz.2.4523" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=0
[  243.842756][   T29] audit: type=1400 audit(1762495335.553:14750): avc:  denied  { create } for  pid=16996 comm="syz.2.4523" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=0
[  243.842777][   T29] audit: type=1400 audit(1762495335.573:14751): avc:  denied  { prog_load } for  pid=16996 comm="syz.2.4523" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  243.842862][   T29] audit: type=1400 audit(1762495335.573:14752): avc:  denied  { prog_load } for  pid=16996 comm="syz.2.4523" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  243.922957][T17007] IPVS: wrr: UDP 224.0.0.2:0 - no destination available
[  243.928584][   T29] audit: type=1400 audit(1762495335.583:14753): avc:  denied  { read write } for  pid=13009 comm="syz-executor" name="loop1" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  243.959280][   T29] audit: type=1400 audit(1762495335.583:14754): avc:  denied  { read write } for  pid=12221 comm="syz-executor" name="loop2" dev="devtmpfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  244.066895][T17018] netlink: 12 bytes leftover after parsing attributes in process `gtp'.
[  244.095161][T17024] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4533'.
[  244.102637][T17018] netlink: 4 bytes leftover after parsing attributes in process `gtp'.
[  244.104308][T17024] FAULT_INJECTION: forcing a failure.
[  244.104308][T17024] name failslab, interval 1, probability 0, space 0, times 0
[  244.125061][T17024] CPU: 0 UID: 0 PID: 17024 Comm: syz.2.4533 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  244.125095][T17024] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  244.125177][T17024] Call Trace:
[  244.125184][T17024]  <TASK>
[  244.125191][T17024]  __dump_stack+0x1d/0x30
[  244.125218][T17024]  dump_stack_lvl+0xe8/0x140
[  244.125245][T17024]  dump_stack+0x15/0x1b
[  244.125274][T17024]  should_fail_ex+0x265/0x280
[  244.125299][T17024]  should_failslab+0x8c/0xb0
[  244.125410][T17024]  kmem_cache_alloc_noprof+0x50/0x480
[  244.125448][T17024]  ? skb_clone+0x151/0x1f0
[  244.125470][T17024]  skb_clone+0x151/0x1f0
[  244.125494][T17024]  __netlink_deliver_tap+0x2c9/0x500
[  244.125653][T17024]  ? netlink_attachskb+0x2cc/0x650
[  244.125693][T17024]  netlink_sendskb+0x126/0x150
[  244.125787][T17024]  netlink_unicast+0x2a2/0x690
[  244.125819][T17024]  netlink_ack+0x4c8/0x500
[  244.125921][T17024]  netlink_rcv_skb+0x192/0x220
[  244.125961][T17024]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  244.125991][T17024]  rtnetlink_rcv+0x1c/0x30
[  244.126017][T17024]  netlink_unicast+0x5c0/0x690
[  244.126128][T17024]  netlink_sendmsg+0x58b/0x6b0
[  244.126209][T17024]  ? __pfx_netlink_sendmsg+0x10/0x10
[  244.126231][T17024]  __sock_sendmsg+0x145/0x180
[  244.126338][T17024]  ____sys_sendmsg+0x31e/0x4e0
[  244.126372][T17024]  ___sys_sendmsg+0x17b/0x1d0
[  244.126406][T17024]  __x64_sys_sendmsg+0xd4/0x160
[  244.126428][T17024]  x64_sys_call+0x191e/0x3000
[  244.126450][T17024]  do_syscall_64+0xd2/0x200
[  244.126473][T17024]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  244.126534][T17024]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  244.126569][T17024]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.126631][T17024] RIP: 0033:0x7f11d2e5f6c9
[  244.126647][T17024] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  244.126665][T17024] RSP: 002b:00007f11d18c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  244.126684][T17024] RAX: ffffffffffffffda RBX: 00007f11d30b5fa0 RCX: 00007f11d2e5f6c9
[  244.126754][T17024] RDX: 0000000004000010 RSI: 0000200000000280 RDI: 0000000000000003
[  244.126845][T17024] RBP: 00007f11d18c7090 R08: 0000000000000000 R09: 0000000000000000
[  244.126858][T17024] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  244.126894][T17024] R13: 00007f11d30b6038 R14: 00007f11d30b5fa0 R15: 00007ffedb27d6d8
[  244.126917][T17024]  </TASK>
[  244.377149][T17027] ==================================================================
[  244.385261][T17027] BUG: KCSAN: data-race in copy_mm / copy_page_range
[  244.391956][T17027] 
[  244.394289][T17027] read-write to 0xffff88810cb99e60 of 4 bytes by task 17026 on cpu 0:
[  244.402440][T17027]  copy_page_range+0x25e/0x3be0
[  244.407306][T17027]  dup_mmap+0x885/0xf20
[  244.411477][T17027]  copy_mm+0x11a/0x370
[  244.415557][T17027]  copy_process+0xd08/0x2000
[  244.420164][T17027]  kernel_clone+0x16c/0x5c0
[  244.424707][T17027]  __x64_sys_clone+0xe6/0x120
[  244.429411][T17027]  x64_sys_call+0x119c/0x3000
[  244.434135][T17027]  do_syscall_64+0xd2/0x200
[  244.438660][T17027]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.444552][T17027] 
[  244.446874][T17027] read to 0xffff88810cb99cc0 of 1408 bytes by task 17027 on cpu 1:
[  244.454766][T17027]  copy_mm+0xe2/0x370
[  244.458762][T17027]  copy_process+0xd08/0x2000
[  244.463360][T17027]  kernel_clone+0x16c/0x5c0
[  244.467874][T17027]  __x64_sys_clone+0xe6/0x120
[  244.472569][T17027]  x64_sys_call+0x119c/0x3000
[  244.477256][T17027]  do_syscall_64+0xd2/0x200
[  244.481764][T17027]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.487660][T17027] 
[  244.489999][T17027] Reported by Kernel Concurrency Sanitizer on:
[  244.496154][T17027] CPU: 1 UID: 0 PID: 17027 Comm: syz.0.4534 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  244.505958][T17027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  244.516020][T17027] ==================================================================